I actually had the almost same situation by building an offline voice dictation app for macOS and iOS, and in macOS I was confronted with the exact same situation.
However, I would like to point out that Apple isn't totally wrong here because the accessibility API unfortunately is way too broadly scoped, and because of that you literally get access to everything on the computer like you you can screenshot listen and and move the cursor... This is completely ridiculous and the proper engineering solution would actually be to phase out the accessibility API and replace it with something that is narrowly scoped so you can grant specific permissions individually.
However, Apple, being Apple, is obviously not doing anything, and instead says no accessibility permission for anything that isn't demonstrable accessible. Now, there are obviously some exceptions because Apple is not particularly well known for applying its rule consistently and granting big exceptions for itself. However, they do have a valid point on privacy and data protection. And I say that as somebody who ended up distributing my MacOS app outside the App Store because I only got approval for iOS.
That said, I would definitely appreciate if Apple would gradually improve its developer program experience, because compared to its hardware lineup, the developer program is nothing short of abysmal.
Thanks for sharing this. The "phase out the broadly-scoped Accessibility API and replace with narrower permissions" point is exactly the right structural fix. Right now developers have to declare a permission far broader than they actually need, and from the outside the criteria for what counts as legitimate use isn't clearly defined. Interesting that your iOS app got through but macOS didn't. WhisperPad is Mac-only and I haven't gone through the iOS path, so your experience there is useful data. The "demonstrable accessibility" criterion seems to be where everything bottlenecks.
SpaceGremlin (mac alternative to WinDirStat) has a similar thing, where some features only work in the independent "SpaceGremlinPro" version downloaded from their site. However, they do some cool stuff with licensing - you can point it to the app store paid/installed version, and it detects the license and unlocks.
If you're worried about people not trusting payment to you, might be worth seeing if you could implement this, so anyone who bought on the app store can still access the full feature set. Cuts you out 30% like, but better than nothing maybe.
There is something amusing about the fact that WinDirStat, as far as I know, was based on KDirStat (now QDirStat), yet this doesn't even get mentioned on their Wikipedia page, and by and large a lot of people don't even know QDirStat exists. One time someone even asked me if they knew of a good alternative for Linux; good news!
Okay, I stand corrected, but I also stand by that it is interesting that it is pointed out that "The project was inspired by SequoiaView" in the lead section, but not that it was a direct port of KDirStat. It feels odd but also intentional, so I never bothered to change it. I'll leave it up to if anyone else feels similarly enough to do so, because then at least that means there are two of us.
Same. My experience with the “concept” of Wikipedia was very high until I had the “direct experience” of Wikipedia, and I realized that the encyclopedia of the commons may not have planned for me to be in the commons.
Not absolutely everything I've ever contributed was kept, but definitely a lot of it. I genuinely get the feeling that the modern Wikipedia hatred comes from somewhere other than a few unfortunate edit wars, but I'm not in-tune enough to know.
Everything I ever added was kept, and I was permanently banned. I created [ciation needed], started the admins noticeboard, reworked the USA Patriot Act article, wrote numerous articles for WiR with extensive referencing, contributed to peer review and good article reviews, and a shitload more, but nope. Not good enough.
Why anyone would contribute to that cesspool is anyone’s guess.
Were you Chris.sherlock/Aussie Article Writer on Wikipedia? Sounds like pot calling the kettle black re: toxic. You had an interaction ban against her FFS.
You're missing the point. We know that countless developers, including the author of the blog post, have received App Store rejections of submissions. On the other hand, to my knowledge, exactly zero developers have ever been banned from the App Store for doing what the commenter claimed would instantly get you banned.
> If you're worried about people not trusting payment to you, might be worth seeing if you could implement this, so anyone who bought on the app store can still access the full feature set. Cuts you out 30% like, but better than nothing maybe.
In other words, Apple is abusing their position by defining overly broad permissions so that they can deny them and pressure people to fork over more cash to them.
Offer a "trial" version on App Store, and ask them to download the "pro" version and buy the license directly from you. (Offer a "30%" discount and point out that's the "Apple Tax" savings they get for not paying through the App Store).
Space Gremlin isn't even available on the App Store anymore, presumably because it hasn't been updated to newer versions of macOS. Meanwhile, GrandPerspective is free and uses the exact same visualization as WinDirStat (although the UX is a bit weird for me)
I don't mean to offend, but entrusting every input to a company literally called MITM LLC has a level of absurdity that either greatly entertains or else greatly frightens me.
I recently built a similar app, and so hit the same limitations – I wasn't too upset on Mac, happy to distribute without the App Store (though it's a shame).
Where I was more frustrated was how much this limited the potential usability of the iPhone app. Because of app store restrictions it is a far worse app ... though like in your example, still useful to a degree.
I can only hope they use the new CEO as an opportunity to seriously re-evaluate their entire approach to how they work with developers, though I'm not actually expecting them to. If anything, with the increase in apps being created via AI tools I worry they will go the other way.
I really do understand the desires people have for iOS to be a more open platform, but I'm just gonna say very clearly: I do not want third party apps being able to do what OP's app does. My iPhone is the one computing platform I have where I get the assurance that no third party app can be spying on anything else I do on the device.
Locking down your phone to block anything you don't want is doable at your own level. Opening up the ecosystem for those who care about better third party apps can only done by Apple.
Yea, Accessibility features are kind of OS super-powers and you really, REALLY need to thoroughly vet apps that you grant those powers to. These apps need to be actually using Accessibility to provide assistive technology for users with disabilities. I'm usually uneasy about Apple anointing itself the gatekeeper for this, but someone has to do it.
Lots of shady and well-known developers (like Dropbox) are notorious for trying to weasel their way into getting Accessibility permissions, so they can do god knows what with them to your system.
iOS generally lets you reject any permission an app asks for. This would certainly be "risky" enough that iOS would require explicit user permission, and you would be able to say no.
On top of that, the app is completely optional: if you aren't comfortable giving it those permissions, don't install it?
The Accessibility permission is not granted automatically to apps on the Mac. You have to specifically allow it for an app. So you retain control and assurance even without Apple lockdown.
If you emulate command+V, make sure to check the keyboard layout. You may need to translate the keycode V for the current keyboard layout like DVORAK etc
As someone who also experience pains in their hands after a couple of hours of typing... I started to use the great open source app called ghost-pepper [1] that i found on github and has been my daily driver (its like superwhisrp but oss/free and local)
the maintainer is really nice and replies to DMs really quickly too.
I am big fan of VoiceInk which is also local and open-source. I also maintain this list of all the best open-source ones in this awesome-style GitHub repo. People looking for open-source dictation tools, hope you find something that works for you here: https://github.com/primaprashant/awesome-voice-typing
As someone that have tried a few of these apps, I really like this one. I dictated this one just now with ghost pepper. Thanks Matt and thanks orliesaurus for sharing it here!
This is what happens when you run an OS controlled by some random big corporation. I dont mean that it's the person's fault, but just that you should not rely on Apple. they allow you to use your computer, but on their terms.
Install some GNU/Linux distro and you can do whatever you want.
Maybe more like “Learn how to replace an AC filter by yourself instead of calling an AC repair company”
I just installed PopOS on a laptop recently, and… it just worked. There’s an app store for noobs that I think installs flatpaks. GPU drivers just work. Whole disk encryption. Everything just works.
I don’t see what else my grandma that just uses Facebook would need. Maybe automatic updates?
No. Changing one's primary operating system takes time, dedication, and is a lifestyle change, similar to moving somewhere remote. Changing ones AC filter is none of those things.
If you and your grandma only rely on the computer for its web browser, then good for you. You have flexibility that is not afforded to most people. But that's not how a person's phone works; phones dig a lot deeper into one's lifestyle, intentionally so. The walled garden was constructed to keep outsiders out, but now it seems the primary purpose is keeping those inside hostage.
Nobody in my life even notices when they change their 'primary operating system.' They buy a phone based on what looks cool at the time, sometimes it's android, sometimes it's iphone. They move freely between chromebooks, windows, and mac os, because everything is online anyway. It's only 'experts' who have trouble with this.
Partly agree. I once installed Firefox with uBlock Origin for someone who was Chrome user on an old PC and complained it was slow when browsing, and they told me that they didn't even know that there were different browsers available.
I'm the IT guy to most of the elderly people in my life, and steadily switching them over to Linux Mint over the years. Fact of the matter is, most of them use their OS as a gateway to their web browser, and don't care to do anything else with it. For many non-technical users, switching OSes is literally a non-thing. The only difference vs Windows is that they call me for assistance way less frequently.
If a 15 years old can do so (me) then other people can do so as well. I did not feel uncomfortable at all when i first installed ElementaryOS and then moved to Fedora. everything just works, i never ever had to worry about drivers or stuff like that
Sure. Can you go down my well to replace the pump? Can you figure out what shots my cat needs? Can verify my companies books balances via GAAP? Can you tell me what the correct slump we need to make sure this bridge stands? The list of things I can ask goes on much much longer. In all cases you can learn to do that, but you cannot live long enough to learn to do all of the above.
I've been using Linux for about 27 years now and yet there are still some things I begrudgingly use Windows for (can also rephrase: one machine that does certain things).
I own more (and have them running right now) machines with linux than anything else and yet I'm not saying people can just switch. The problem is usually not "can do at all costs" but "can do with a reasonable addition of extra steps/relearning/tool does not exist/etc". There's some nuance and when I have some spare time I will (again) try to switch that one machine, but "it just works" maybe can also mean you're not using it for a diverse enough set of things.
In my case the reasons are actually quite boring: some hardware I couldn't get running and some (maybe minor) things that drive me nuts. The hardware is kind of a deal breaker atm. And yes, some people do a lot more weird things at home, my work machines were running Linux for 90% of the time since 2010ish.
As a 15 year old your mind is flexible in ways that most people's are not. As you get older you will realize the cost of changing the way you are used to doing things. Take advantage of your young brain and try all the things
I run Linux across a dozen thin clients and a server class desktop in my home lab. It's rock solid for home assistant, proxmox, routing, etc etc. Set it (hours and hours of work) and forget it exists.
I couldln't imagine having the time to set it up as a daily driver that handles my daily workflows, hardware needs, etc. Terminal in OS X is a close enough approximation out of the box and goes beyond it in DX (IMO) with very little additional setup.
PopOS completely shit the bed for me on a major version upgrade, left the system is a completely inconsistent state. Luckily I was only trying it out on one (multi-boot) laptop and could easily switch, but it's put me off Pop OS.
> If you don't like being oppressed, just move to Antarctica
No - moving to far away areas is not the right analogy. After
all you need to have use cases where those huge companies
do not control your business. So the alternative is to avoid
becoming dependent on them; or cut off the dependency when
possible.
Centralized package repositories like the one provided by canonical have similar limitations to the Mac App Store, you need to get your app reviewed, you need to push updates to each platform where you distribute your app and in exchange you get visibility.
I'd argue that installing and updating apps on MacOS is simpler than on Linux distros because most apps have built-in auto-updates (or you can just drag the app to the applications folder) instead of having to rely on snap / apt / insert your package manager which may a lot of outdated and unmaintained packages and apps.
Unless... you have a personal or professional need to use apps that don't work on Linux.
I tried very hard to switch to Linux full time some months ago, but I couldn't find a way of getting Microsoft Office to work satisfactorily. There are clever packaged versions of Outlook and Teams, but I need full native installed versions of Word/Excel/Powerpoint, and there just wasn't a good solution. That was a deal breaker, sadly, so I'm back on Mac for the time being.
Other examples would be some of the popular games with anti-cheat that requires Windows.
Fair. I run Nobara on my gaming computer and built a similar dictation tool there with no API restrictions, so the trade-off is real. For this project I chose both: App Store reach for the compliant version, direct distribution for the full one. But I know other people wouldnt be comfortable with running something like that so I built this somewhere my mom could use it
You're missing the point: it isn't about the OS. The direct distribution version of the app has full functionality. The problem is with the Mac App Store.
>This is what happens when you run an OS controlled by some random big corporation
You get a channel for installing apps, where someone vetoes random apps that want to have access to control your whole computer and potentially steal sensitive data?
>Install some GNU/Linux distro and you can do whatever you want.
And any random app can get total control and steal your data, unless you know how to enable restrictions. I'd rather have restrictions as the default, and for the most naive users who'd follow every app prompt, and then cry about their lost work/private documents/money, no way to bypass them.
It's not true that any app can get total control of your system. If you install them via flatpak, the apps are sandboxed. Also, unless you log in as root, the apps can't do much. Wonder why the most important systems in the world and big tech's servers run GNU/Linux? There's a reason
I dont wanna start a war over this btw, even though it may not seem :)
Apple is hardly a random big company. Apple's customers specifically chose to purchase the product. Most of their customers don't realize the significance of the exposure to copy and paste between Apps. Apple has taken the position that monitoring this exposure is part of their duty to the customer. Anyone that is aware of this shortcoming in Apple's product is free to purchase a different device.
There's a reason I don't write mobile apps, and it's all the flaming hoops you have to jump through: both in the build system and from the random whims of reviewers.
I’ve been doing it for a decade now. I have a list of everything I’ve been rejected for. New apps must satisfy the list before I put them up for first review. New apps pass first try now.
Build system woes are almost always solved by deleting build cache & artifacts and trying again. Often necessary after messing around with deeper dependencies.
The acronym is unfortunate, you're not wrong. MITM here is "Moogle In The Machine" (the Final Fantasy moogle + machine learning), but the security-context joke is fair and I hear it constantly.
This is well documented by them which is why a majority of the apps doing this are released outside of the App Store. I built something similar, and I just publish it separately https://github.com/moxiebytescode/speakeasy.
Some non apple apps get access to accessibility APIs. What gives?
This API is sensitive. I imagine Apple is particularly stringent as to how the access is justified. Not how it uses it but how the reason for using it is explained.
It's not like someone tests the app and all api calls to deem them reasonable or not.
I’ve had lots of inconsistent app reviews from Apple. Just appeal and/or re-word your language and you’ll be ok. Plan on it taking a few weeks to fully sort out.
What API are you using? I have a sandboxed app on the Mac Store that synthesizes CGEvents to simulate arbitrary keyboard actions on behalf of the user. It needs accessibility permission, of course.
Same approach: CGEventPost with Accessibility permission. The wrinkle was that my App Store reviewer wasn't comfortable with how I was using AX permission for auto-paste, even though the mechanism is the same as other apps already in the store. The clipboard-only version of WhisperPad needs no AX permission and that's what got through. Interesting that your sandboxed app with similar mechanics is approved.
Quick question, I assume you're getting caught by the CGEvent(PostEvent)...but I want to be sure. AX API has been gimped for over a decade so you'd have never made it into the app store that way. Just making certain, in case you have another path. It doesn't appear CGEvent is a universal approval anymore either though.
Have fought similar demons lately, feel your pain.
The direct version uses CGEventPost to synthesize the paste, which requires Accessibility permission. The App Store version writes to the clipboard only, so no AX permission needed and the user presses Cmd+V manually. The 2.4.5 rejection was specifically about the Accessibility permission use case. Your read sounds right that this path has been gimped for a long time.
From what I understand Wispr Flow distributes directly from their website and doesn't ship through the Mac App Store, so they don't go through Apple's App Store review at all. They use the Accessibility API the same way the direct version of WhisperPad does. The 2.4.5 limitation really only kicks in if you want App Store presence.
Them you are free to not install them? Why ban them outright?
I'm using https://github.com/cjpais/Handy whichseems to be doing exactly what this app does, and has a very similar background story (author couldn't type die to injury).
In this case it feels like it's a feature that the operating system should be providing or something that could be marked as an accessibility tool, which would allow it to use that API.
The problem from Apples perspective could be that there is a ton of tools that require access to the accessibility API because they want to do stuff that Apple have deemed a security risk and the only way to do it is by abusing the API. Some of these are also because macOS simply lacks certain APIs.
I think Apple overreacting due to previous API misuse by other apps.
"In their defense, the OS is even more insane with mandatory forced application updates that you have no control of". I hope I won't ever happen to have you representing me as a defense attourney!
I see, that's a really fair point. And I can understand that banking field example. So I can see why they're guarding against it. My disagreement was less with the rule itself and whether Whisperpad's specific use case for users with mobility needs falls on the right side of it.
Apple's built-in dictation works for casual use, but in my own daily use the typo rate was high enough that I was constantly going back to fix things, which defeated the point (with a hand injury, those corrections cost me). WhisperPad uses Whisper models instead, doesn't cut off after 30-60 seconds like Apple's does, supports 99 languages offline, and pastes into any active field via hotkey. There's a 120-minute monthly free tier so you can see if it fits your use case. If Apple's built-in dictation handles what you need, that's a fair answer.
This is another reason why one shouldn't become dependent on those giant companies. Just as Microsoft recently stated, you'll have to pay for GitHub CoPilot soon on a token basis. Apple controls access to its software ecosystem too.
Eh. I think it’s fair if Apple doesn’t want to publish something on their app store.
I just wish they weren’t so obstinate about people installing from other sources without signing/notarization. I understand it from a security standpoint but it’s also nakedly self-serving.
I’m glad that they’re fine with signing in this case.
Fair points. The notarization-but-not-App-Store path was actually a workable middle ground in my case. Apple still gates security via notarization, but doesn't gatekeep the use case. The warnings users see when installing non-App-Store apps could be lighter without compromising security.
Accessibility things should be more useful than to just narrow accessibility uses only. Wheelchair ramps help move heavy objects. The accessibility API makes it possible to introspect all of the keyboard shortcuts an app provides for another app to list them.
Screw Apple and their persnickety, controlling myopia.
Microsoft was almost broken up over not allowing third party programs to use certain APIs. Apple abuses their dominant position to suppress competition.
The direct version is fully signed and notarized by Apple, just not distributed through the App Store. Anyone can install it from mitmllc.com/whisperpad without workarounds. The 2.4.5 rejection was an App Store rule, not a general restriction on the app.
I am still not certain I understand exactly what Apple's reviewer meant by 2.4.5 in my case. My working assumption is that the concern is about an app reaching into every other app on the system to inject text, but I never got a perfectly clear explanation. (Or maybe I'm too dense to understand it.)
If anyone here has more direct experience with this guideline, especially from the App Store review side, I would like to hear it. I would rather understand the policy than just guess at it.
I actually had the almost same situation by building an offline voice dictation app for macOS and iOS, and in macOS I was confronted with the exact same situation.
However, I would like to point out that Apple isn't totally wrong here because the accessibility API unfortunately is way too broadly scoped, and because of that you literally get access to everything on the computer like you you can screenshot listen and and move the cursor... This is completely ridiculous and the proper engineering solution would actually be to phase out the accessibility API and replace it with something that is narrowly scoped so you can grant specific permissions individually.
However, Apple, being Apple, is obviously not doing anything, and instead says no accessibility permission for anything that isn't demonstrable accessible. Now, there are obviously some exceptions because Apple is not particularly well known for applying its rule consistently and granting big exceptions for itself. However, they do have a valid point on privacy and data protection. And I say that as somebody who ended up distributing my MacOS app outside the App Store because I only got approval for iOS.
That said, I would definitely appreciate if Apple would gradually improve its developer program experience, because compared to its hardware lineup, the developer program is nothing short of abysmal.
Gradually improve? How many more decades is reasonable to wait? They are what they are and hoping for change makes no sense to me.
Thanks for sharing this. The "phase out the broadly-scoped Accessibility API and replace with narrower permissions" point is exactly the right structural fix. Right now developers have to declare a permission far broader than they actually need, and from the outside the criteria for what counts as legitimate use isn't clearly defined. Interesting that your iOS app got through but macOS didn't. WhisperPad is Mac-only and I haven't gone through the iOS path, so your experience there is useful data. The "demonstrable accessibility" criterion seems to be where everything bottlenecks.
SpaceGremlin (mac alternative to WinDirStat) has a similar thing, where some features only work in the independent "SpaceGremlinPro" version downloaded from their site. However, they do some cool stuff with licensing - you can point it to the app store paid/installed version, and it detects the license and unlocks.
If you're worried about people not trusting payment to you, might be worth seeing if you could implement this, so anyone who bought on the app store can still access the full feature set. Cuts you out 30% like, but better than nothing maybe.
There is something amusing about the fact that WinDirStat, as far as I know, was based on KDirStat (now QDirStat), yet this doesn't even get mentioned on their Wikipedia page, and by and large a lot of people don't even know QDirStat exists. One time someone even asked me if they knew of a good alternative for Linux; good news!
SpaceSniffer is an even better version of WinDirStat but I rarely see people talk about it, too.
It is actually mentioned on the Wikipedia page [1] - and of course, you could add it yourself if that's not enough.
https://en.wikipedia.org/wiki/WinDirStat#Version_history[10]
Okay, I stand corrected, but I also stand by that it is interesting that it is pointed out that "The project was inspired by SequoiaView" in the lead section, but not that it was a direct port of KDirStat. It feels odd but also intentional, so I never bothered to change it. I'll leave it up to if anyone else feels similarly enough to do so, because then at least that means there are two of us.
Everything I ever added to Wikipedia was removed, within the day, by a very diligent and hard-working Wikipedia person.
Same. My experience with the “concept” of Wikipedia was very high until I had the “direct experience” of Wikipedia, and I realized that the encyclopedia of the commons may not have planned for me to be in the commons.
Same. Even a single sentence with an easily verifiable fact. Reverted in seconds.
Everything I've ever added was kept.
Not absolutely everything I've ever contributed was kept, but definitely a lot of it. I genuinely get the feeling that the modern Wikipedia hatred comes from somewhere other than a few unfortunate edit wars, but I'm not in-tune enough to know.
Good for you I guess.
Everything I ever added was kept, and I was permanently banned. I created [ciation needed], started the admins noticeboard, reworked the USA Patriot Act article, wrote numerous articles for WiR with extensive referencing, contributed to peer review and good article reviews, and a shitload more, but nope. Not good enough.
Why anyone would contribute to that cesspool is anyone’s guess.
This comment is a little light on the reasoning for why you were permabanned.
Someone did the research-digging a while back about this, if you want a third-party view: https://news.ycombinator.com/item?id=45136376
I commented on BrownHairedGirl’s RFA. The most toxic user ever on Wikipedia.
I can assure you, there are those on Wikipedia who committed far worse offenses and they remain.
Like I say - a cesspool that doesn’t respect article writers.
Were you Chris.sherlock/Aussie Article Writer on Wikipedia? Sounds like pot calling the kettle black re: toxic. You had an interaction ban against her FFS.
https://en.wikipedia.org/wiki/Wikipedia:Administrators%27_no...
Sounds like something that would instantly get you banned from the app store if it got noticed.
No, it isn't. A number of developers have done this.
Good thing Apple is well-known for consistently and fairly applying its own App Store rules across multiple, similar apps...
You're missing the point. We know that countless developers, including the author of the blog post, have received App Store rejections of submissions. On the other hand, to my knowledge, exactly zero developers have ever been banned from the App Store for doing what the commenter claimed would instantly get you banned.
> If you're worried about people not trusting payment to you, might be worth seeing if you could implement this, so anyone who bought on the app store can still access the full feature set. Cuts you out 30% like, but better than nothing maybe.
In other words, Apple is abusing their position by defining overly broad permissions so that they can deny them and pressure people to fork over more cash to them.
Interesting idea. It would basically turn the App Store version into both a discoverability channel and a license anchor for the direct version
Offer a "trial" version on App Store, and ask them to download the "pro" version and buy the license directly from you. (Offer a "30%" discount and point out that's the "Apple Tax" savings they get for not paying through the App Store).
Space Gremlin isn't even available on the App Store anymore, presumably because it hasn't been updated to newer versions of macOS. Meanwhile, GrandPerspective is free and uses the exact same visualization as WinDirStat (although the UX is a bit weird for me)
Isn’t it like 15% up to the first or second million in sales?
I don't mean to offend, but entrusting every input to a company literally called MITM LLC has a level of absurdity that either greatly entertains or else greatly frightens me.
I recently built a similar app, and so hit the same limitations – I wasn't too upset on Mac, happy to distribute without the App Store (though it's a shame).
Where I was more frustrated was how much this limited the potential usability of the iPhone app. Because of app store restrictions it is a far worse app ... though like in your example, still useful to a degree.
I can only hope they use the new CEO as an opportunity to seriously re-evaluate their entire approach to how they work with developers, though I'm not actually expecting them to. If anything, with the increase in apps being created via AI tools I worry they will go the other way.
I really do understand the desires people have for iOS to be a more open platform, but I'm just gonna say very clearly: I do not want third party apps being able to do what OP's app does. My iPhone is the one computing platform I have where I get the assurance that no third party app can be spying on anything else I do on the device.
Locking down your phone to block anything you don't want is doable at your own level. Opening up the ecosystem for those who care about better third party apps can only done by Apple.
Those two desires should both be fulfilled.
Yea, Accessibility features are kind of OS super-powers and you really, REALLY need to thoroughly vet apps that you grant those powers to. These apps need to be actually using Accessibility to provide assistive technology for users with disabilities. I'm usually uneasy about Apple anointing itself the gatekeeper for this, but someone has to do it.
Lots of shady and well-known developers (like Dropbox) are notorious for trying to weasel their way into getting Accessibility permissions, so they can do god knows what with them to your system.
iOS generally lets you reject any permission an app asks for. This would certainly be "risky" enough that iOS would require explicit user permission, and you would be able to say no.
On top of that, the app is completely optional: if you aren't comfortable giving it those permissions, don't install it?
The Accessibility permission is not granted automatically to apps on the Mac. You have to specifically allow it for an app. So you retain control and assurance even without Apple lockdown.
Exactly. On iOS, it completely limits the market for a good dictation app with your keyboard, because iOS just doesn't allow you to.
If you're in the EU, consider publishing on an alternative App Store and pointing users that way.
If you're not, ask your representatives why you don't get the same rights.
[dead]
[dead]
If you emulate command+V, make sure to check the keyboard layout. You may need to translate the keycode V for the current keyboard layout like DVORAK etc
As someone who also experience pains in their hands after a couple of hours of typing... I started to use the great open source app called ghost-pepper [1] that i found on github and has been my daily driver (its like superwhisrp but oss/free and local) the maintainer is really nice and replies to DMs really quickly too.
[1] https://github.com/matthartman/ghost-pepper
I am big fan of VoiceInk which is also local and open-source. I also maintain this list of all the best open-source ones in this awesome-style GitHub repo. People looking for open-source dictation tools, hope you find something that works for you here: https://github.com/primaprashant/awesome-voice-typing
As someone that have tried a few of these apps, I really like this one. I dictated this one just now with ghost pepper. Thanks Matt and thanks orliesaurus for sharing it here!
This is what happens when you run an OS controlled by some random big corporation. I dont mean that it's the person's fault, but just that you should not rely on Apple. they allow you to use your computer, but on their terms.
Install some GNU/Linux distro and you can do whatever you want.
for most people this is like saying "If you don't like being oppressed, just move to Antarctica!"
Maybe more like “Learn how to replace an AC filter by yourself instead of calling an AC repair company”
I just installed PopOS on a laptop recently, and… it just worked. There’s an app store for noobs that I think installs flatpaks. GPU drivers just work. Whole disk encryption. Everything just works.
I don’t see what else my grandma that just uses Facebook would need. Maybe automatic updates?
No. Changing one's primary operating system takes time, dedication, and is a lifestyle change, similar to moving somewhere remote. Changing ones AC filter is none of those things.
If you and your grandma only rely on the computer for its web browser, then good for you. You have flexibility that is not afforded to most people. But that's not how a person's phone works; phones dig a lot deeper into one's lifestyle, intentionally so. The walled garden was constructed to keep outsiders out, but now it seems the primary purpose is keeping those inside hostage.
My mother-in-law recently became fed up with Windows and asked me to install Linux for her. I gave her Debian with a Mate desktop.
She loves it. Zero problems. It's been a week and she's using it just fine. No lifestyle upheaval.
Your mother in law asked specifically for Linux?
Nobody in my life even notices when they change their 'primary operating system.' They buy a phone based on what looks cool at the time, sometimes it's android, sometimes it's iphone. They move freely between chromebooks, windows, and mac os, because everything is online anyway. It's only 'experts' who have trouble with this.
Partly agree. I once installed Firefox with uBlock Origin for someone who was Chrome user on an old PC and complained it was slow when browsing, and they told me that they didn't even know that there were different browsers available.
I'm the IT guy to most of the elderly people in my life, and steadily switching them over to Linux Mint over the years. Fact of the matter is, most of them use their OS as a gateway to their web browser, and don't care to do anything else with it. For many non-technical users, switching OSes is literally a non-thing. The only difference vs Windows is that they call me for assistance way less frequently.
you are telling me that everyone in your life freely swaps between windows and mac without even noticing a difference? no problems?
i call bullshit. i have worked in very big orgs. changing a single icon can cause a deluge of support tickets.
Congrats on your enormous org. The conversation was about families, indicating a non-enterprise environment. Try to keep up.
You make people sound like they are semi-automatons?
If a 15 years old can do so (me) then other people can do so as well. I did not feel uncomfortable at all when i first installed ElementaryOS and then moved to Fedora. everything just works, i never ever had to worry about drivers or stuff like that
Sure. Can you go down my well to replace the pump? Can you figure out what shots my cat needs? Can verify my companies books balances via GAAP? Can you tell me what the correct slump we need to make sure this bridge stands? The list of things I can ask goes on much much longer. In all cases you can learn to do that, but you cannot live long enough to learn to do all of the above.
I've been using Linux for about 27 years now and yet there are still some things I begrudgingly use Windows for (can also rephrase: one machine that does certain things).
I own more (and have them running right now) machines with linux than anything else and yet I'm not saying people can just switch. The problem is usually not "can do at all costs" but "can do with a reasonable addition of extra steps/relearning/tool does not exist/etc". There's some nuance and when I have some spare time I will (again) try to switch that one machine, but "it just works" maybe can also mean you're not using it for a diverse enough set of things.
In my case the reasons are actually quite boring: some hardware I couldn't get running and some (maybe minor) things that drive me nuts. The hardware is kind of a deal breaker atm. And yes, some people do a lot more weird things at home, my work machines were running Linux for 90% of the time since 2010ish.
As a 15 year old your mind is flexible in ways that most people's are not. As you get older you will realize the cost of changing the way you are used to doing things. Take advantage of your young brain and try all the things
Also, infinite free time to learn, and no real cost to ongoing work by fucking things up
Personal ability cannot be the universal baseline, sadly
I run Linux across a dozen thin clients and a server class desktop in my home lab. It's rock solid for home assistant, proxmox, routing, etc etc. Set it (hours and hours of work) and forget it exists.
I couldln't imagine having the time to set it up as a daily driver that handles my daily workflows, hardware needs, etc. Terminal in OS X is a close enough approximation out of the box and goes beyond it in DX (IMO) with very little additional setup.
I know this will be an unpopular opinion.
I'mm exactly the same. Fluent in Linux, but you'll pry my MacBook out of my cold dead hands.
PopOS completely shit the bed for me on a major version upgrade, left the system is a completely inconsistent state. Luckily I was only trying it out on one (multi-boot) laptop and could easily switch, but it's put me off Pop OS.
> If you don't like being oppressed, just move to Antarctica
No - moving to far away areas is not the right analogy. After all you need to have use cases where those huge companies do not control your business. So the alternative is to avoid becoming dependent on them; or cut off the dependency when possible.
[dead]
Centralized package repositories like the one provided by canonical have similar limitations to the Mac App Store, you need to get your app reviewed, you need to push updates to each platform where you distribute your app and in exchange you get visibility.
I'd argue that installing and updating apps on MacOS is simpler than on Linux distros because most apps have built-in auto-updates (or you can just drag the app to the applications folder) instead of having to rely on snap / apt / insert your package manager which may a lot of outdated and unmaintained packages and apps.
Unless... you have a personal or professional need to use apps that don't work on Linux.
I tried very hard to switch to Linux full time some months ago, but I couldn't find a way of getting Microsoft Office to work satisfactorily. There are clever packaged versions of Outlook and Teams, but I need full native installed versions of Word/Excel/Powerpoint, and there just wasn't a good solution. That was a deal breaker, sadly, so I'm back on Mac for the time being.
Other examples would be some of the popular games with anti-cheat that requires Windows.
Fair. I run Nobara on my gaming computer and built a similar dictation tool there with no API restrictions, so the trade-off is real. For this project I chose both: App Store reach for the compliant version, direct distribution for the full one. But I know other people wouldnt be comfortable with running something like that so I built this somewhere my mom could use it
You're missing the point: it isn't about the OS. The direct distribution version of the app has full functionality. The problem is with the Mac App Store.
>This is what happens when you run an OS controlled by some random big corporation
You get a channel for installing apps, where someone vetoes random apps that want to have access to control your whole computer and potentially steal sensitive data?
>Install some GNU/Linux distro and you can do whatever you want.
And any random app can get total control and steal your data, unless you know how to enable restrictions. I'd rather have restrictions as the default, and for the most naive users who'd follow every app prompt, and then cry about their lost work/private documents/money, no way to bypass them.
It's not true that any app can get total control of your system. If you install them via flatpak, the apps are sandboxed. Also, unless you log in as root, the apps can't do much. Wonder why the most important systems in the world and big tech's servers run GNU/Linux? There's a reason
I dont wanna start a war over this btw, even though it may not seem :)
> unless you log in as root, the apps can't do much.
https://xkcd.com/1200/
> I'd rather have restrictions as the default
Then don't install apps and use the web, mobile sandboxing is much weaker compared to any modern browser.
Wrong answer...
How so? The accessibility API which is causing data exfiltration here doesn't even exist on the web.
Apple is hardly a random big company. Apple's customers specifically chose to purchase the product. Most of their customers don't realize the significance of the exposure to copy and paste between Apps. Apple has taken the position that monitoring this exposure is part of their duty to the customer. Anyone that is aware of this shortcoming in Apple's product is free to purchase a different device.
There's a reason I don't write mobile apps, and it's all the flaming hoops you have to jump through: both in the build system and from the random whims of reviewers.
I’ve been doing it for a decade now. I have a list of everything I’ve been rejected for. New apps must satisfy the list before I put them up for first review. New apps pass first try now.
Build system woes are almost always solved by deleting build cache & artifacts and trying again. Often necessary after messing around with deeper dependencies.
After decades of heavily using the computer keyboard (every day, all day) I started getting pain in my wrists.
I got an ortholinear keyboard that looks like a rectangular grid, just 12 by 4 keys around 10-15 years ago.
I don't recall the last time I felt pain in my hands, completely gone.
In Apple’s defense, your company name is MITM. Man In The Middle certainly falls on one side of the perception line, don’t you think?
Of course, one might construe Apple as an MITM in the relationship between the user an and the software vendor.
Right?!
I get that some people are unfairly targeted but some other times it's people being (extremely) naive or just playing dumb
"Hey you know what would be cool? If we named our bluetooth speaker company bee oh emm bee!!11"
The acronym is unfortunate, you're not wrong. MITM here is "Moogle In The Machine" (the Final Fantasy moogle + machine learning), but the security-context joke is fair and I hear it constantly.
Moogle itself might be copyrighted, too
The frustrating part is less that Apple has a boundary here, and more that the boundary seems opaque and inconsistently enforced
This is well documented by them which is why a majority of the apps doing this are released outside of the App Store. I built something similar, and I just publish it separately https://github.com/moxiebytescode/speakeasy.
Some non apple apps get access to accessibility APIs. What gives?
This API is sensitive. I imagine Apple is particularly stringent as to how the access is justified. Not how it uses it but how the reason for using it is explained.
It's not like someone tests the app and all api calls to deem them reasonable or not.
They do literally pay people to do that. Then one of those people chose to reject this anyway.
I’ve had lots of inconsistent app reviews from Apple. Just appeal and/or re-word your language and you’ll be ok. Plan on it taking a few weeks to fully sort out.
What API are you using? I have a sandboxed app on the Mac Store that synthesizes CGEvents to simulate arbitrary keyboard actions on behalf of the user. It needs accessibility permission, of course.
Same approach: CGEventPost with Accessibility permission. The wrinkle was that my App Store reviewer wasn't comfortable with how I was using AX permission for auto-paste, even though the mechanism is the same as other apps already in the store. The clipboard-only version of WhisperPad needs no AX permission and that's what got through. Interesting that your sandboxed app with similar mechanics is approved.
Wondering the same, there is some weirdness around the clipboard and CGEvents though. Are you avoiding the clipboard entirely in your implementation?
Quick question, I assume you're getting caught by the CGEvent(PostEvent)...but I want to be sure. AX API has been gimped for over a decade so you'd have never made it into the app store that way. Just making certain, in case you have another path. It doesn't appear CGEvent is a universal approval anymore either though.
Have fought similar demons lately, feel your pain.
The direct version uses CGEventPost to synthesize the paste, which requires Accessibility permission. The App Store version writes to the clipboard only, so no AX permission needed and the user presses Cmd+V manually. The 2.4.5 rejection was specifically about the Accessibility permission use case. Your read sounds right that this path has been gimped for a long time.
Doesn't Wispr Flow do this though? How did they get past these limitations?
From what I understand Wispr Flow distributes directly from their website and doesn't ship through the Mac App Store, so they don't go through Apple's App Store review at all. They use the Accessibility API the same way the direct version of WhisperPad does. The 2.4.5 limitation really only kicks in if you want App Store presence.
not in the app store?
I don't want random apps to paste potentially dangerous things into other apps. Its understandable.
Imagine a banking app, and for example an IBAN field.
Them you are free to not install them? Why ban them outright?
I'm using https://github.com/cjpais/Handy whichseems to be doing exactly what this app does, and has a very similar background story (author couldn't type die to injury).
Handy is excellent and cross platform, and really elegant. They've got a direct website here which might be easier to navigate than the Github repo:
https://handy.computer/
Handy looks great. More tools in this space is a good thing for people who need them.
In this case it feels like it's a feature that the operating system should be providing or something that could be marked as an accessibility tool, which would allow it to use that API.
The problem from Apples perspective could be that there is a ton of tools that require access to the accessibility API because they want to do stuff that Apple have deemed a security risk and the only way to do it is by abusing the API. Some of these are also because macOS simply lacks certain APIs.
I think Apple overreacting due to previous API misuse by other apps.
[dead]
To their defense you cannot rollback apps, so if you did install and only an update had this function, you are out of luck
"In their defense, the OS is even more insane with mandatory forced application updates that you have no control of". I hope I won't ever happen to have you representing me as a defense attourney!
I see, that's a really fair point. And I can understand that banking field example. So I can see why they're guarding against it. My disagreement was less with the rule itself and whether Whisperpad's specific use case for users with mobility needs falls on the right side of it.
I would like the option to allow the behaviour selectively
That's what install outside of the App Store is for. On your own risk-
Pasting doesn't seem very unsafe. Especially not when the app can't know what it's pasting into.
No surprises here, Google has also been restricting access to its accessibility API.
Useful context, thanks. I hadn't realized Google was tightening similarly. Would be interesting to see how the rationales compare.
Oof, thats rough. I'll still start facing those issues, just got accepted into the apple's dev program. I predict a ton of rejections coming my way.
macOS already has a dictation feature that does this exact thing, albeit in real time. I use it extensively.
OP’s description in the linked article doesn’t say much more than this, so what am I missing with this particular app?
Apple's built-in dictation works for casual use, but in my own daily use the typo rate was high enough that I was constantly going back to fix things, which defeated the point (with a hand injury, those corrections cost me). WhisperPad uses Whisper models instead, doesn't cut off after 30-60 seconds like Apple's does, supports 99 languages offline, and pastes into any active field via hotkey. There's a 120-minute monthly free tier so you can see if it fits your use case. If Apple's built-in dictation handles what you need, that's a fair answer.
Apple's own dictation is quite limited, doesn't handle multiple languages very well, and many open source dictation models simply do better.
[flagged]
Is this just an stealthy ad for another paid dictation app…
Easy, don't make apps for devices which are only leased to people.
Make apps for device, which are 100% owned by people.
This is another reason why one shouldn't become dependent on those giant companies. Just as Microsoft recently stated, you'll have to pay for GitHub CoPilot soon on a token basis. Apple controls access to its software ecosystem too.
Eh. I think it’s fair if Apple doesn’t want to publish something on their app store.
I just wish they weren’t so obstinate about people installing from other sources without signing/notarization. I understand it from a security standpoint but it’s also nakedly self-serving.
I’m glad that they’re fine with signing in this case.
Fair points. The notarization-but-not-App-Store path was actually a workable middle ground in my case. Apple still gates security via notarization, but doesn't gatekeep the use case. The warnings users see when installing non-App-Store apps could be lighter without compromising security.
A company called “MITM LLC” which hijacks pastes in other apps.
I have no idea what they’re thinking. Insanity.
Accessibility things should be more useful than to just narrow accessibility uses only. Wheelchair ramps help move heavy objects. The accessibility API makes it possible to introspect all of the keyboard shortcuts an app provides for another app to list them.
Screw Apple and their persnickety, controlling myopia.
Add it to the antitrust pile.
Microsoft was almost broken up over not allowing third party programs to use certain APIs. Apple abuses their dominant position to suppress competition.
Time to turn Linux into a platform where you can upload into a store whatever the fuck you want. And see these behemots burn.
I guess this app can still be installed locally? It's just that it can't be distributed to others due to signing requirements?
Edit: Ah, it's in the article, this is about AppStore distribution. Walled gardens are going to walled garden.
The direct version is fully signed and notarized by Apple, just not distributed through the App Store. Anyone can install it from mitmllc.com/whisperpad without workarounds. The 2.4.5 rejection was an App Store rule, not a general restriction on the app.
[dead]
I am still not certain I understand exactly what Apple's reviewer meant by 2.4.5 in my case. My working assumption is that the concern is about an app reaching into every other app on the system to inject text, but I never got a perfectly clear explanation. (Or maybe I'm too dense to understand it.)
If anyone here has more direct experience with this guideline, especially from the App Store review side, I would like to hear it. I would rather understand the policy than just guess at it.
[dead]
[dead]