I just posted MarsEdit 3.4.4 to the MarsEdit home page for direct-purchase customers, and am submitting to the Mac App Store for release as soon as it’s approved by Apple.

This release is important for MarsEdit customers who use the integrated Flickr browser to insert images into blog posts. In particular, if you tend to use the “Medium” size embed, this update is critical to restore the app’s ability to insert photos of that size.

What happened is Flickr added some new image sizes: “Large Square” and “Small 320”. MarsEdit didn’t know what to make of either of these, and ended up calling each of them “Medium” too. So customers were seeing three medium items in the menu, and it was only ever possible to select the first one.

This update fixes the problem at hand and further fixes the way MarsEdit handled Flickr embed sizes so that should they add additional items or rename the existing ones, MarsEdit should adapt more elegantly.

Dave Winer writes about the intermingling of of tech and advertising (via Brent Simmons):

The tech industry has been absorbed by the ad industry, and vice versa.

However, there is, imho, still room for a tech industry that is not merged with the ad industry.

I’ll take this a step further: advertising is on the way out. Technology loathes a middle-man, and advertising as an industry is the king of all middle-men. The purpose of advertising is to connect customers with companies, so as to facilitate a transfer of money in exchange for goods or services. As time goes by, customers and companies will be more and more capable of achieving this on their own.

In the history of the world so far, there has been considerable opportunity for advertisers to misguide customers, and to lure their money toward products or services that can be framed as perfect for them, even when they are not. That’s the art and the holy grail of advertising. But going forward, technology will offer customers and companies the tools to connect effortlessly, optimizing for compatibility without the help of the bogus, outdated advertising system.

Most of us base purchasing decisions on vague hunches derived from a mix of advertising influences, word-of-mouth, and the relative trendiness of a product. But more and more as customers we are cutting out the advertising middle-man, in favor of systems based on education and trust. Amazon is a good example of this. With the notable exception of their Kindle line of products, they have little concern about which products their customers buy. It only matters that they buy things, and that they buy things often. They provide detailed product information, and allow honest, often scathing reviews. The goal is for customers to make self-serving decisions. In this case, defying the advertisers’ best interests is in Amazon’s best interest as well.

Extrapolate the technology-assisted consumption process out over the next 10, 50, 100 years, and I have a hard time imagining a meaningful role for conventional advertising. If I search Google for “lawnmower,” it’s not interesting that some tractor company has paid Google for the privilege of putting their brand’s information at the top of the list. At some point in the future, customers will assume that companies who choose to advertise conventionally are afraid of the outcome when consulting various self-empowering resources. Where am I more likely to search for “lawnmower?” If I want to know what a lawnmower is, Google. If I want to know which lawnmower to buy? Amazon, or another site that strives to empower customers, not advertisers.

I do worry about what happens to some of our beloved, advertising-driven services. We’ve all grown accustomed to the subsidization of news reporting and analysis. In recent decades, advertising has crept further into our lives, even subsidizing municipal infrastructures such as public transit. What impact will the end of advertising have on these important services?

In the old world, technology for connecting customers directly to companies did not exist, so companies were satisfied in buying advertising. It is tool that serves to expose customers to the concept of a product, and to crudely attempt to educate them about the suitability of the product for their purposes.

In the new world, mass-exposure will be replaced by social networking, and education will be not only replaced by, but massively bolstered by trusted systems such as Amazon’s review database, Consumer Reports, and other much better stuff that is presumably coming in the future. Presumably? It has to be coming, and it has to be better, because everything’s riding on it.

Everything’s riding on it because this is the salvation for current advertising-subsidized industries. They will shift from being exposure-focused, to education-focused. Amazon, Apple, and many others already offer affiliate systems that reward anybody who can produce a sale. The old way to produce a sale is by blasting customers with unwanted information until you happen upon something that sticks. The new way is to provide customers with a trustworthy, opt-in system for determining what’s best for the customer. To stay alive in the changing world, these subsidized industries will change their business plans, or go out of business.

Earlier today, before I even followed Brent’s link to Dave’s piece, I read this short, thought-provoking essay, allegedly by the graffiti artist Banksy. Here is an excerpt that I think is pertinent to my predictions here:

They have access to the most sophisticated technology the world has ever seen and they bully you with it. They are The Advertisers and they are laughing at you.

…

You owe the companies nothing. Less than nothing, you especially don’t owe them any courtesy. They owe you. They have re-arranged the world to put themselves in front of you. They never asked for your permission, don’t even start asking for theirs.

As a businessman who is dedicated to my own commercial success, I embrace the challenge of getting the word out to potential customers. I will shout my message from the rooftops to anybody who will listen. But only to those who will listen. I don’t want to annoy, interrupt, cajole, or appeal to a customer’s feelings of inferiority. I don’t want a customer to choose my product over a competitor’s unless it’s better for them. In short: I want a future without advertising, where my products sell themselves through word-of-mouth and through trusted systems that educate customers about making the right choice for them. Not what’s right for companies, and certainly, so long as they’re still around, not what’s right for advertisers.

MarsEdit 3.4.3 is now available for download from the MarsEdit home page and as an update in the Mac App Store.

I highly recommend this update for anybody who has installed the Safari 5.2 beta release on Lion, or who is running a developer preview of a future OS X release.

MarsEdit 3.4.3

• Fixes to improve with the Safari 5.2 beta
• Fixes to improve with a future OS X update
• Prevent a possible hang while parsing Lightroom libraries

Apple’s getting a lot of press this week about their forthcoming 10.8 “Mountain Lion” update to Mac OS X. One of its key features will be a security feature called “Gatekeeper” that will allow users to avoid launching apps from developers who are not registered with Apple. If you are not already familiar with Gatekeeper, read Steven Frank’s writeup to get up to speed. You should also check out Wil Shipley’s post from this past November, where he argued for something very much like Gatekeeper.

I am excited about Gatekeeper not only because it will improve security on the Mac but because of how it will achieve this goal. Apple, as the authority in the OS X environment, will convey information to Mac users about who developed a particular application, empowering them to protect themselves. Compare this to the status quo of the App Store, where security is completely out of users’ hands, and Apple uses its discretion to protect users from software it judges unfit for consumption.

Who vs. What

Simply establishing the identities of software developers is a major step for increasing security, because bad actors can either be immediately shut down, or at least prevented from further propagating on the platform. If “Hawt Dawg Industries” is discovered to be a malware developer, Apple can flip a switch and any user who trusts Apple’s opinion about such things can automatically prevent their Macs from trusting software from that vendor.

If somebody knocks on your door in the middle of the night, the first thing you’re liable to ask is “Who are you?” That’s Gatekeeper. Sometimes, the “who” is all the information you need. But if there’s any doubt, the next bit of information you’ll pry for is “What do you want?” That’s the sandbox. At least, it’s what the sandbox will be, after Apple fixes it.

The Broken Sandbox

At its best sandboxing is a means for app developers to faithfully state their intentions in a manner that can be evaluated by users, and also be reliably enforced by the operating system. So if your new “Fun on Facebook” app declares its intention is to connect to the web, you might judiciously allow it. If it says it needs to write files to the root of the filesystem, you’d be wise to search for another app.

Sandboxing on the Mac works by providing developers with a standardized list of “entitlements” which are clear descriptions of things it would like to do on your Mac. Examples include: access the internet, read files from your Pictures folder, print things on your printer.

The number one broken thing about sandboxing as it stands today, is the list of entitlements is simply too limited. Many apps on the App Store, including my own, will need to have their functionality considerably diminished, or in some cases made outright useless, in order to accommodate the available list of entitlements that sandboxing offers.

To stretch the stranger-at-your-door metaphor a little further, imagine the visitor is your trusted plumber, who’s come to fix a leaking pipe. In response to “What do you want?” he’s a bit tongue-tied. There’s no “entitlement” for fixing pipes, so he’s forced to say “I’m here for a chat.” When you reluctantly let him in the door he informs you that actually, due to recent legal changes, he’s no longer allowed to fix your pipes.

The impending state of the Mac App Store is very much like this. A great number of apps provide useful services to grateful customers, but as those services don’t fit the mould of Apple’s sandboxing entitlements, they will be effectively barred from the store within a few weeks. If you want to hire somebody to “fix the leaky pipe,” you’ll have to look outside the store, where apps are not sandboxed at all, and where Apple is in no position to improve users’ knowledge about the “what” of an app.

Saving Face

Gatekeeper is extremely simple, yet is likely to be extremely effective. Some exasperated developers who have been frustrated by the sandbox limitations are hopeful that all this attention on Gatekeeper might indicate a change of heart on Apple’s part. Will they see the error of their ways and ditch sandboxing in favor of Gatekeeper’s elegance?

One problem with this approach is that Apple would appear as though it had stumbled in its strategy. It spent the greater part of a year selling the idea of sandboxing and all of its merits, then two weeks before its grand debut, jumps ship for a completely different approach? Smooth move, Apple.

But a more important problem is that abandoning sandboxing would mean the significant engineering investment, both by Apple and by developers who have refactored their apps to satisfy sandboxing requirements, would have been a waste. There is such great value in sandboxing technology, we just need to finish the job of mining it out.

What should Apple do about all this? Gatekeeper and the Mac App Sandbox are both technologies that stand to improve security on the Mac by labeling apps with useful information about their developers and their functionality. The extent to which security is improved is very much tied to how widely adopted these technologies are. If the vast majority of developers agree to sign their apps with Gatekeeper certificates, then the vast majority of users will leave the Gatekeeper “safe” mode enabled.

Embrace, Expand, and Empower

Apple should embrace the utility of sandboxing by shifting their focus away from sandboxing only Mac App Store titles, to a strategy that would sandbox virtually every Mac app, inside the store or out. Given the current limitations of sandboxing, a significant number of developers will not adopt the technology, so its usefulness to users and to the security of the platform will be diminished. Apple can turn that around so that sandboxing is a worthy counterpart to Gatekeeper, and a technology that any developer in his or her right mind would feel foolish not to incorporate.

To increase adoption, Apple should expand the current list of entitlements until it covers every reasonable behavior that users expect from Mac apps. A good test for this is any app that is currently available in the Mac App Store. Having been approved by Apple’s own reviewers, and purchased by Apple’s own customers, the merit of these apps should be considered implicit. If a Mac App Store app’s reasonable behavior cannot be achieved in the confines of the sandbox, it should be considered a sandboxing bug, and a new entitlement should be added.

Finally, Apple should take a cue from its own Gatekeeper approach. By incorporating sandbox information about apps into the forthcoming app security preference pane, they will empower users to understand application intentions. Along with the proposed options controlling the “who” of apps, users would be given reasonable defaults pertaining to the “what” of apps. For power users, these settings would be configurable on an entitlement-by-entitlement basis. The sheer transparency will be yet another motivation for developers to adopt sandbox, and for users to demand sandboxing from their developers.

Imagine a future where the majority of Mac apps are signed with Gatekeeper certificates, and an accurate list of entitlements. Users will be protected by smart default settings, and by the knowledge of who their apps come from, as well as what they intend to do. Developers will be protected from their own unintentionally destructive mistakes, and from impostors selling software purported to be authentic. And Apple? Apple will be remembered as the huge, clever computer company that solved the software security problem on two fronts, without pissing off developers or customers. Much.

(This piece was inspired by a lunchtime chat with my friend Paul Kafasis. Thanks, Paul!)