You know the drill: when you go through airport security there are two lines. In one, a TSA agent makes sure you’re the person in your passport photo. In the other, a machine scans your carry-on for explosives, weapons, or a normal-sized bottle of shampoo.
Enterprise security is much the same, but instead of passengers and luggage, we’re talking about end users and their devices. In the first line, user authentication verifies a user’s identity, and it’s gotten pretty sophisticated in the past few years, with SSO and MFA becoming more common.
But user devices don’t get nearly the same level of attention. The average device trust solution only looks at a handful of endpoint security factors, like OS updates and firewall. If this really were the TSA, that wouldn’t even be an x-ray machine, more like holding a bag to your ear and listening for a ticking sound.
And that’s assuming an organization looks at end user devices at all. Kolide’s Shadow IT report found that 47% of companies let unmanaged devices access their resources, and authenticate via credentials alone.
Unmanaged devices (those outside a company’s MDM) can be infected with malware, full of PII, or worse–they can belong to a bad actor using phished employee credentials.
And hey, there are valid reasons for a device not to be enrolled in MDM. Contractor devices, Linux machines, and employee phones all need to be able to access company resources. But there’s plenty of room for middle ground between “fully locked down and managed” and an open-door device policy.
Specifically, companies need device trust solutions that block devices from authenticating if they don’t meet minimum security requirements.
Even with phishing-resistant MFA, it’s frighteningly easy for bad actors to impersonate end users–in the case of the MGM hack, all it took was a call to the help desk. What could have prevented that attack (and so many others) was an unspoofable form of authentication for the device itself.
That’s what you get with Kolide’s device trust solution: a chance to verify that a device is both known and secure before it authenticates. Kolide’s agent looks at hundreds of device properties (remember, our competitors only look at a handful). What’s more, our user-first, privacy-respecting approach means you can put it on machines outside MDM: contractor devices, mobile phones, and even Linux machines.
Without a device trust solution, all the security in the world is just security theater. But Kolide can help close the gaps. (And we won’t even make you take off your shoes.)
Earlier this week, I linked to The Ringer’s profile of Monument Valley on its 10th anniversary, which focused on what’s become of mobile gaming since the game’s release. Today, I have another story about Monument Valley that focuses on the game’s origins and beautiful design.
The end result had a pixel-perfect axonometric aesthetic that not only went hard on its references to Dutch master artist and printmaker Maurits Cornelis Escher, but also dug deep into classic video game design, going right back to early arcade machines and 8-bit titles. Each of the ten levels is like a piece of fine furniture, built with invisible dovetail joints and inlaid with marquetry, stuffed with secret compartments and little design flourishes. Gray cites the world of theatre and stage design, as well as graphics, as important keystones in the way the levels were constructed. ‘Ken would always talk about flower arranging, and how you frame a silhouette of a level on the screen,’ he says
I love this anecdote about the game’s last minute naming:
The small team was so laser-focused on delivering the best game they could that the name wasn’t even considered until the very end. ‘Right before launch we were going to be interviewed by Edge magazine – the morning of that day we hadn’t picked the name.’ Monument Valley was chosen as being familiar, yet unusual, implying a sense of mystery, grandeur and travel.
Monument Valley is one of the most important indie games ever published on the App Store, so it’s great to see its backstory told in detail by Bell. Be sure to check out the full story, which includes photos of early design sketches of the game’s interface and characters.
Yesterday, Apple announced an update to its App Review Guidelines in a brief post on its developer site. The changes to sections 3.1.1(a) and 4.7 of the guidelines, which apply globally to all apps distributed through Apple’s App Store, address three items:
game emulators,
super apps, and
linking to the web from inside music streaming apps to make purchases outside the App Store
Historically, game emulators were forbidden from the App Store. As a result, an emulator like Delta, which can play games released for Nintendo systems through the N64, could only be used on iPhones through a clever combination of developer tools and a Mail plug-in. In contrast, there are plenty of emulators on the Google Play store for Android users to download.
Mini apps, mini games, streaming games, chatbots, plug-ins, and game emulators
Apps may offer certain software that is not embedded in the binary, specifically HTML5 mini apps and mini games, streaming games, chatbots, and plug-ins. Additionally, retro game console emulator apps can offer to download games.
Presumably, this will allow Delta and other emulators onto the App Store, so they can be used to play game files stored on iPhones.
The change to section 4.7 also says that “mini apps and mini games, streaming games, chatbots, and plug-ins” of the sort found in apps like WeChat must be created with HTML 5, a clarification of the language previously used.
Finally, section 3.1.1(a) of the App Review Guidelines allows music streaming services to link out to the web from their apps so customers can make purchases outside the App Store. The change addresses the anti-steering provisions for which Apple was fined $2 billion by the EU, and Apple has said it will appeal.
This week on MacStories Unwind, cicadas invade Italian TV, John tries an espresso soda, Dragon’s Dogma II, The Creator, and what’s next in our media queues.
Seasons is the sort of weather app I’d hoped for ever since I ordered my Vision Pro. It’s a unique mix of detailed forecast data combined with an immersive spatial computing experience. There’s a gee-whiz, proof-of-concept aspect to the app, but at its core, Seasons is a serious weather app and a spatial widget that’s a pleasure to incorporate into an everyday Vision Pro workflow.
With such gigantic success, Monument Valley should have become a blueprint for indies on mobile (and it did, for the small cohort of artful titles such as Alto’s Adventure and Old Man’s Journey that followed soon after it). But as the years wore on, it became clear that the game was really more of an aberration. Premium mobile games, that is, those that you pay for, eventually turned into an endangered species, crowded out by free-to-play “forever game” behemoths such as Clash Royale and, most recently, Monopoly Go! (the latter of which is partly bankrolled by Saudi Arabia’s Public Investment Fund and spent an eye-watering sum of nearly $500 million on marketing and user acquisition alone). A binary, then (and thus a battle), presents itself, pitting the art game that values people’s time against the commercial product that seeks to exploit it with ever-increasing, capitalistic intensity. “In 2014, it was just the beginning of that battle,” says Orland. “We didn’t have a clear winner.”
Gordon argues that Monument Valley’s release marked a high water mark and the beginning of the end of artful mobile games. As he recounts, the game was profitable within a week, but just six months later, users were leaving one-star reviews for a $1.99 expansion pack to a game that was only $3.99 to begin with. Gamers had been trained by the Candy Crush Sagas of the world to expect endless free updates.
Before, says de Jongh, Apple “featured” a couple of titles per week, promoting them to anyone across the entire globe who opened the App Store. It was the “single biggest marketing beat” for Hidden Folks, helping the game earn just more than $50,000 on its very first day. Then, with the redesign, the opportunity practically vanished. iPhone users had to navigate to a different tab to see new games. In de Jongh’s view, this was a fundamental and ultimately fatal layer of friction.
Gordon’s story is worth reading in its entirety because it’s one of the best tours of the business of selling iPhone games that I’ve read. At the same time, though, I think Gordon paints a bleaker picture than is justified. There’s no denying that the iPhone gaming universe has changed a lot from the days when games like Monument Valley, Alto’s Adventure, and Hidden Folks were first released. However, it’s also too soon to declare the end of premium iPhone gaming. Few of those titles may break into the top paid games category these days, but that doesn’t mean there aren’t innovative, artistic games being released on the App Store. You need to work a little harder, cutting through the jungle of free-to-play games to find them, but they’re there.
The updated Obsidian Shortcut Launcher with support for passing document backlinks to Shortcuts.
Two years ago, we released Obsidian Shortcut Launcher, a free plugin to trigger shortcuts from Obsidian with the ability to pass input text to Apple’s automation app. In case you missed it in January 2022, here’s how I described the plugin:
With Obsidian Shortcut Launcher (or ‘OSL’), you’ll be able to trigger any shortcut you want from Obsidian, passing along values such as the text of the document you’re working on, its name, text selection, and more. Obsidian Shortcut Launcher is free to use and works on iOS, iPadOS, and macOS.
Obsidian Shortcut Launcher is the result of weeks of planning and work from me and Finn Voorhees, and it has created an entirely new dimension in how I use Obsidian and Shortcuts on a daily basis.
I’ve been using Obsidian Shortcut Launcher every day for the past two years, and I couldn’t imagine a better way to integrate my favorite text editor and note-taking app with Shortcuts. I’ve built launchers to publish articles to WordPress, upload images, perform backups of my iOS reviews, and a lot more. You can read more about my examples and find a usage guide for the plugin in the original story.
Today, I’m pleased to announce that we’re releasing version 1.1 of Obsidian Shortcut Launcher with two new integrations: properties and backlinks.
This week on Magic Rays of Light, Sigmund and Devon highlight new Apple Original documentary STEVE!, share a few hopes for this year’s WWDC, grade their Academy Awards predictions, and preview this weekend’s premiere of Apple Original series Sugar.