Stuart Breckenridge

WWDC 2017 Announced (Already)

WWDC 2017

A very early WWDC announcement this year. (I assume because it’s in San Jose for the first time in 17 years.)

Technology alone is not enough. Technology must intersect with the liberal arts and the humanities, to create new ideas and experiences that push society forward. This summer we bring together thousands of brilliant minds representing many diverse perspectives, passions, and talents to help us change the world.

San Jose, CA, June 5 - 9

Is it just me or is the artwork quite horrid?

Update 2017-02-17: Apple Moves WWDC Back to San Jose via Daring Fireball.

— Supported by —

Yahoo's 2013 Data Breach Expanded to 2015 and 2016

The timing and frequency of Yahoo’s announcements in relation to their myriad data breaches makes it extremely difficult to follow just what’s going on. I’ve tried to summarise the history below.

Date Details Links
December 2016 Yahoo announce data breach of over one billion accounts. These accounts were compromised in August 2013. Link
September 2016 Yahoo announce data breach of 500 million accounts. These accounts were compromised in 2014. Link
August 2016 It was revealed that details of 200 million Yahoo accounts were being sold online. These accounts were compromised in 2012. Link

Today, in relation to the December 2016 announcement, the Associated Press is reporting:

Yahoo is warning users of potentially malicious activity on their accounts between 2015 and 2016, the latest development in the internet company’s investigation of a mega-breach that exposed 1 billion users’ data several years ago.

Yahoo confirmed Wednesday that it was notifying users that their accounts had potentially been compromised but declined to say how many people were affected.

There have been data breaches each and every year from 2012 through 2016, affecting over 1.7 billion accounts. In December of last year I wrote:

While Yahoo are taking steps to invalidate forged cookies, invalidate unencrypted security questions, and forcing users to change their passwords, I am of the opinion that having an account with them is somewhat of a liability. As such, I’ve taken the decision to terminate my account and have it deleted. If you wish to do the same, simply log in to Yahoo and then visit and follow the instructions.

I’d just go straight ahead and delete your account.

FATCA Packets

For the second day in a row here’s a new app, FATCA Packets. It is the .NET implementation of the FATCA IDES Preparation tool, which you can use to create, encrypt, and validate IDES payloads. It was built following the instructions available the IRS’ GitHub site.

You can download the source code from GitHub or download a ClickOnce deployment from here. This is a code-signed application, however, SmartScreen may prevent the application from running unless you allow it to and/or it builds up enough reputation1.

  1. Reputation is established by SmartScreen® service intelligence algorithms based on how an application is used by Windows and Internet Explorer users. Reputation may be based on the downloaded application or can also be assigned to the publisher based on digital certificate information. Only Authenticode Certificates issued by a CA that is a member of the Windows Root Certificate Program can establish reputation. ↩︎

Solids for Mac

Solids for Mac

I’ve uploaded a small sample app to GitHub called Solids for Mac. It lets you change the your macOS background in almost the exact the same way you are already able to do using the Apple provided background changer. Nothing new, just a bit of fun.

Update 2017-02-14: You can also download a zip file containing the app here

  • MD5: f5ceeb5d09ce22307ffa10c3bc771e8d
  • SHA1: 1d717e3061a4393dcf4deaa9c95e11801df9008d

Thoughts on Webfont Subscriptions

For the last few years I’ve subscribed to Cloud.Typography. Whitney is my favourite sans-serif font — it is part of my webfont package and I own a desktop license. However, like all subscriptions, mine is coming to an end and I’ve decided to stop using Cloud.Typography on my website.

The general complaint about webfonts is that they slow down your website. While true, this issue can be mitigated through various optimisation strategies, so it doesn’t bother me1. Instead, my issue is with the business model that requires me to subscribe to a webfont service.

I want to buy a font once, per domain, and then serve it from my own server. With Cloud.Typography this isn’t possible. Indeed, the expectation is that after using 1GB of development bandwidth, you will serve the fonts from your own production server while continuing to pay for the privilege of using the fonts. I don’t think that’s fair.

Therefore, I’ve been searching for a new font for my site, and I’ve settled on a serif: Guardian Egyptian Text. You may recognise it from The Guardian newspaper. I was thinking of using Charter (Mac) and Georgia (Windows), but Guardian Egyptian is very, very nice (see the difference).

From a licensing perspective, I pay for it once per domain and for a certain number page views. It’s precisely what I wanted.

  1. This website has a performance grade of 100 from Pingdom. ↩︎