

I was kept up late last night with the news from Netflix CEO Reed Hastings that the company would split into two. Of course, it didn’t take me long to deliver several of my own choice thoughts about the announcement, including:

This heartfelt apology and explanation from @Netflix sounded good until “Qwikster.” Serious branding failure. blog.netflix.com/2011/09/explan…

Netflix to customers: “We apologize for being so dense about how our decisions come off in public. BTW: WELCOME TO QWIKSTER!!!!!”

Usually a blog post that opens with an apology proceeds to explain how things are going to be better. I’d hate to read Netflix’s “bad news.”

I realized this morning that I was missing the point. Sure, Netflix’s actions appear stupid and short-sighted. Maybe. But if they are, it’s not very interesting, it’s just a drag. It would be more interesting to examine their “stupidity” for signs of intelligence.

My friend Jon Wight made a good, obvious in retrospect, point on Twitter:

Maybe Netflix dumped the DVD division to make them more attractive to a company that traditionally hates spinning media. #conspiracytheory

Of course! Dump the stagnant DVD-by-mail business, in anticipation of one of those perennial acquisition rumors coming true. Netflix’s brilliant streaming system would live on in the realm of some new corporate ownership, boosting the web streaming wing of Apple, Amazon, Microsoft, or whoever. Spinning off the beloved DVD-by-mail program beforehand not only makes the streaming company more attractive to potential buyers, but ensures that the DVD business lives on, rather than becoming an unwanted side-asset for the new owners. In that light, Qwikster might be something of a genius move.

The main problem with this reasoning is it would most likely eliminate the Netflix brand.  Most potential buyers of the streaming business would be likely want to brand it with their own name. As would any potential buyer of the DVD-by-mail wing. That’s fine, we can live without the Netflix brand. But if either wing of Netflix will live on independently, the brand would be one of its most valuable assets. Here’s  another tweet I posted last night:

I just visited Blockbuster.com for the first time ever, so I guess Netflix’s announcement is not a total loss for the industry.

If Netflix wants to sell just the DVD half of the business, then there’s no strong impetus to come up with a perfect, lovable name. It just needs a name. Sure, it could be “Netflix by Mail” or something else strongly tied to the brand, but I suspect Netflix wants to start disassociating their brand from DVDs as qwiksly as possible. Renaming the DVD business to something stupid immediately starts to isolate it from the Netflix brand, so that when some company like Blockbuster comes along to buy it, it will feel less like they are “actually buying Netflix.” It’s nothing of core importance to Netflix. “Blockbuster didn’t win. That’s just some silly DVD business we happen to own.”

Qwikster is a burner name.

(Incidentally, do you think we’ll be able to rent Qix from Qwikster?)

Apple’s sandboxing technologies make it possible to control at a very fine-grain system level exactly which system resources an application should be allowed to access. It offers control over reading and writing  files, opening  network resources, and much more.

I’m really excited about sandboxing and also really terrified. Apple has given us, thus far, a limiting set of entitlements that don’t quite cover everything that reasonable apps want to do, or even everything that Apple itself has approved as acceptable behavior in the Mac App Store. Yet Apple has made it clear that it wants to see all apps adopt sandboxing, and the writing is on the wall that in particular, participants in the Mac App Store should be prepared for the day when non-sandboxed apps may not be approved for sale in the store.

For us developers looking into sandboxing our own apps, it can be tough to wrap one’s head around exactly what privileges need to be requested. One way to go about it is to sandbox your application with the strictest of controls (basically disallow everything disallowable), and see what breaks. Then you could add back whatever entitlements are necessary to get things working again.

On the other hand, it would be handier to have the system simply tell us what kinds of behaviors our app is engaging in, and what the corresponding entitlements would be to allow it to work even while sandboxed. Thanks to a tracing mechanism in the sandbox, this is in fact possible. Furthermore, you can use a command-line tool to apply arbitrary sandbox profiles to an application without having to modify the application itself.

I defined a handy shortcut in zsh for running an arbitrary app with the “trace” mechanism enabled, to show exactly what the app is accessing, simplify the output, and open it in my default text editor:

function sbx()
{
        echo '(version 1)\n(trace "/tmp/traceout.sb")' > /tmp/tracein.sb
        sandbox-exec -f /tmp/tracein.sb $1
        sandbox-simplify /tmp/traceout.sb > /tmp/tracesimple.sb
        open -t /tmp/tracesimple.sb
}

After you’ve defined this in your .zshrc (other shells, you are on your own!), you can do something like:

sbx /Applications/FastScripts
.app/Contents/MacOS/FastScripts

Then you use whatever features in your app you are concerned about, and quit the app. A text file will open with exquisite details about all the privileged actions your app was permitted to do, which would otherwise be forbidden by the sandbox.  Great, just copy that list of permissions into your sandbox entitlements plist, and we’re done. Right? Not quite.

The rules generated by the trace are very precise and may not be sufficient to cover your app’s behavior in practice. For example, if I open FastScripts, my scripting utility, and run a single AppleScript that controls the terminal, the resulting permissions trace reveals a sandbox rule that would allow that behavior to happen:

(allow appleevent-send
       (appleevent-destination "com.apple.terminal"))

That’s well and good for a utility that only ever needs to send events to the Terminal, but of course FastScripts is a general purpose scripting application that needs to send events “wherever the heck the user wants to send them.” Currently, Apple doesn’t offer a sandbox entitlement for this broad behavior, so it is not possible to sandbox FastScripts.

I think that Apple would have a lot more developer enthusiasm for this feature if it wasn’t so clear to many of us that our apps will be forced to lose features in order to adopt sandboxing. And while users may be happy about the prospects of improved security with the sandbox, I think there will be less excitement about the diminished functionality of apps whose features don’t fit nicely into the sandbox confines.

Developers and power-users can use the sandbox command-line tools now to get a good sense for what will or will not work down the road if sandboxing, with the current set of entitlements, is enforced by Apple for a large number of 3rd party applications. There is some documentation for these tools in e.g. “man sandbox-exec”, but the documentation is pretty minimal. If you want to read more, check out this useful document, which aims to give a better understanding of the sandbox, entitlement profiles, and how to use the command-line tools.

After the stress of moving (tomorrow!) is passed, I’ll be tackling a slate of new challenges this fall, including the usual work at Red Sweater, developing future versions of MarsEdit and my other apps. But I’ll also be punctuating the season with a few speaking opportunities at three great conferences.

• Çingleton. October 14-15. Montreal, Québec. My friends Guy English, Scott Morrison, and Luc Vandal teamed up to put on a very small, very focused “symposium.” I love the small scale and single-tracked nature, but it comes with one huge drawback: low capacity. Just as the similarly formatted C4 conferences sold out quickly every year, I expect Çingleton will do the same.
• MacTech. November 2-4, Los Angeles, California. This year’s show features a keynote from Guy Kawasaki, which will be exciting for me, since I’ve corresponded with Guy over the years: he’s provided a ton of valuable feedback about MarsEdit. Also exciting is the addition to the organization team of Scotty from iDeveloperTV, who will be running the developer side of the conference.
• Voices That Matter. November 12-13. Boston, Massachusetts. The floating conference moves back to Boston, the site of its first show, at which I also had the pleasure of speaking. They have just posted the schedule, revealing that Aaron Hillegass will be delivering the opening keynote. Definitely wake up for this!

The Voices That Matter folks are offering a coupon code with a twist: $150 off for the purchaser, with a $50 bonus for me as the speaker. I am not paid for the speaking itself, so if you are looking for a discount, consider using “BSTSPK5“. When combined with the early-bird pricing, it brings the cost of the conference down to $395.

With such a busy speaking lineup, I have once again had to pass on some other conferences where I would have enjoyed the less demanding experience of simply attending. In particular, I am bummed to be missing:

• 360iDev. September 11-14. Denver, Colorado. Another show I haven’t had the pleasure of attending yet, but that is celebrated by many of my peers. The schedule a more conventional, multi-track affair, which is great for those who prefer to pick a favorite topic from a variety of choices. The keynote address will be delivered by my friend Matt Drance, whose work you may also know from his past life as an Apple evangelist.
• SecondConf. September 23-25. Chicago, Illinois. Seen by many as the organic successor to C4, I have been hoping to attend for the past two years. This year’s roster of speakers is outstanding, featuring some well-known developers and … Andy Ihnatko! But it’s also notable for featuring some folks who don’t do as much public speaking, including Mike Rohde, the designer of Red Sweater’s logo!

Suffice to say, there is a lot going on this fall. If you are looking  for something to do, take a click-through to some of these great shows and see if any of them sounds like the right place for you.