They only check if your mic is on, not what you're saying (they can't hear you unless you've granted mic permission). They also look at your network traffic to see if audio is being sent (otherwise you can get a lot of false positives). Using mic + network data is a common way to spot meetings -- my app LookAway[0] does something similar to pause reminders during calls.
I thought you had to give explicit permission for an app to monitor network traffic in macOS? I'm assuming your app asks for this, but it sounds like Notion does not if the GP was surprised by the monitoring.
No, that’s the new "Local Network" prompt which started appearing since macOS 15.
Any app that opens a multicast/broadcast socket (mDNS, SSDP, WebRTC ICE, etc.) now has to ask. Electron apps (including Notion) do this by default, so you see this dialog.
> Feels like a bad default, it teaches user to ignore and say yes.
I believe that, broadly speaking, from all but the most scrupulous app developers' point of view, it is a good thing for users to blindly agree to permissions. This is obviously true if they are doing something nefarious, but even true if not, since every user who denies a permission to your app is a user who might be writing a nasty review about such-and-such an advertised feature that doesn't work. I hope very much that my OS will make it easy for me to behave in a security-conscious way—a hope that is almost always disappointed!—but I do not even bother to have such a hope for all but my most beloved apps, which are often beloved for exactly that reason.
"Hey, head's up, this doesn't work because you didn't give us permission to {...}, needed because {...}. [Fix this]" would not be the end of the world.
> "Hey, head's up, this doesn't work because you didn't give us permission to {...}, needed because {...}. [Fix this]" would not be the end of the world.
You don't need to convince me, as a software user, but the app developers! And it's hard to blame them. I'm a teacher, and I rail against students who won't read the plain instructions before working on an assignment, but I also see it in myself: when I'm rushing through what I have to do, to get to what I want to do, I can stare right at a block of text and simply not register crucial parts of it. So such a plain instruction seems straightforward, but you'd still get users somehow managing to click it out of the way and then saying it doesn't work, and even one such user is a user that you wouldn't have to deal with if you made the permission opt-out.
That's interesting. Although I wasn't able to find any confirming info that allowing the "locate local devices" permissions allows for network monitoring. It seems to only allow Bonjour and multicast DNS. Anyone know for sure what it allows?
This would certainly be news to me as well. Packet capture (even local) has historically required superuser perms, but I'm not up to speed on how MacOS permissions work in this regard since the launch of System/Network Extensions.
After writing the above, I've just reviewed [0] - as much as I could in 5 minutes - and as far as I can tell it confirms our understanding. To do packet filtering or interception or reading, you'd need to do [1].
Yeah, non-sandboxed apps can iterate over open file descriptors. It's quite useful to detect eg. which app on your local machine is connecting over TCP. I hope they don't lock it down. It doesn't allow intercepting traffic, but you can see what connects where.
I'm working on the next major update for LookAway. I'm improving the wellness reminders to be smarter - instead of nagging you on a timer, blink and posture alerts now only trigger when you actually need them.
Also adding productivity stats so you can see how taking proper breaks during prolonged screen time affects your work output.
I’m working on LookAway (https://lookaway.app) to help people stay healthier and more productive during prolonged screen time.
My main challenge has been making meeting detection more robust -- it currently uses both mic and camera activity, which led to a lot of false positives. In the next version I’m switching to mic only (the camera caused most of the noise) and I’ve added a way to identify which app is using the mic, so users can exclude non-meeting apps.
I’ve also added plenty of small tweaks throughout to make LookAway even less interruptive. I’m excited for the next release!
Do these tags really weigh down the webpages? I don’t see any noticeable differences in loading times on websites with these tags vs websites with lesser or no tags.
They don't. Removing these tags will not result in any meaningful increase in page load time honestly. This is especially because most don't actually load up any linked file. Their weight is just the characters they are typed out in.
It's an informative webpage but it's not very effective optimization imo.
The alternatives are getting better, but it always seems like there is one action that would be trivial in photoshop that always end up being impossible in the competitors, and it ends up being exactly the thing you need for your project.
Was about to mention photopea as well...I should add that i'm by no means a person who uses this type of software on a regular basis....But whenever i need it i reach for either GIMP or photopea, and last few years, its been photopea far more often.
Honestly, i wish Adobe would still offer the conventional license, but with an additional hosting option that consumer can *choose* to activate and pay more for, or not...so that, basically:
* I pay a one-time license to use photoshop offline - and for however long i wish (understanding that after its end of life i may not eligible for security updates, but that's fair)
* Now, for storing of files, i would need to of course store them locally on my machine.
* But, if i *chose* to pay an ongoing subscription, that is when Adobe would host files for me....so i can still use their product offline, and they only charge me for use of online file storage...and i wouldn't mind if there were a premium on that charge, since i get that i would be paying for an ongoing storage service.
That gives me choice, it gives them money (both for licensing and ongoing hosting subscription), and i would figure everyone would be content....
...but, i guess the current world does not work that way, eh? So, i guess i will continue to avoid their products, heading towards alternatives like photopea, Gimp, etc.
reply