I’m a fan of the whole Apple ecosystem but I have to say that there’s a pattern here. Apple does a decent job of keeping my data safe from others but a terrible job of keeping it intact. From music libraries with song titles that got switched to long integers to this (and I’m sure more that I’m not remembering atm) they need to do a better job here.
I am baffled by Apple's incompetence here. In the past years I've seen:
* iTunes/Music app randomly reassign my Album artwork, with different (incorrect) art showing up on different devices!
* Reminders app: shared reminder lists can end up with the name of a different list
* Ghost photos that are deleted from my phone, and come back later.
* Maps, when I say "navigate to $friend" set a route that ended in my own driveway.
To me, these bugs suggest a fundamental design flaw, perhaps they are using a simple Integer as an index rather than a UUID?
Or maybe the database schema are solid, but there's some sort of race condition in their synchronization frameworks and the data is getting scrambled in RAM?
Whatever it is, it's absolutely insane that in 2025 these kinds of bugs are happening.
I completely agree about there being a fundamental design flaw.
I still use Macs because data on a physical disk seems perfectly reliable, but I've been bitten by so many of these bugs in their apps. iCloud files completely disappear, then reappear a day later. Highlight a couple chapters of a PDF in Preview, then reopen the file and they're gone because iCloud thinks the older unhighlighted version is newer or something. Madness. I don't touch any of these Apple services/apps anymore.
There's very clearly a fundamental bug in whatever sync framework they seem to share across everything. It's bad enough to have data disappear entirely or deleted data reappear, but then when data shows up in the completely wrong place, and this has been happening for years and years and still isn't fixed... I don't know what to think.
You're right. There's no other word for it but "insane". They can engineer their A-series and M-series microchips, but it's been over a decade now and their sync is still fundamentally broken.
> There's no other word for it but "insane". They can engineer their A-series and M-series microchips
There are certainly other words for it. Lazy, anticompetitive, disinterested, any of those are more plausible than all of Apple being insane. They sold you a microchip that you knew you wanted, now they are beholden to little else. For over a decade, Apple didn't even offer the iOS APIs for third-parties to implement cloud storage. They know you need their software services, regardless of how shit they are.
Insanity would be a pretty satisfying explanation. Fickleness fits a lot better with Apple's track record though.
* prompts in settings for adding an account recovery contact that never go away, even after months and months of successfully setting it up multiple times.
* OS account profile picture can barely stay associated with the most recently picked option. Happens for non-iCloud local accounts on Mac, happens when I change profile pictures on iOS for iCloud… weird.
* OS account update screens on iPad, iOS, and watchOS will forget that they are in the middle of updating if you navigate away from the settings screen. Thankfully, today they at least recover from it (it’s probably still happening in the background), but it takes several long seconds of spinning for the settings page to remember that it was doing an update two seconds ago before I navigated away from it.
* similar to your ghost pictures bug, deleting a large media file from a media player app moves it to recently deleted, but you can sometimes end up in situations where you can’t permanently delete the file, or it doesn’t show up anywhere but still takes up space. (Talking about 20GB-80GB file sizes where it makes a big difference on OS storage space)
Some of these bugs have been around for a VERY long time.
But the weird thing is I don’t see them in 3rd party apps.
The thing is, in many cases, these products and teams are very siloed from each other. I suspect, having worked in one of these teams, that some of the issues comes from this siloing. Lessons learned aren't shared, and it can be difficult to build integrations.
Clipboard has been unstable on every OS (especially on Desktop - and I mean Linux, Windows and Mac), and I think part of the culprit is apps like Teams and Discord, if you Ctrl + C by mistake on an empty text box, IT COPIES THE EMPTY TEXT BOX effectively wiping your clipboard. It's the most irritating UX and it took me years to figure out. Always right click copy and right click paste, you'll notice it works 100% of the time as it used to.
Copying empty text is a configurable flag in some linux environments, at least, but I'm not sure if that behavior is faithfully preserved in teams / discord / etc as I've never really had it on.
> Apple does a decent job of keeping my data safe...
How do you know? Why do you believe that they're competent on writing security code but not competent enough to write a general purpose app? Is there a different company culture applied to the latter?
I stopped using apple's notes app with an ipad pen after it lost 20 minutes of my handwritten notes when trying to sync them. (Which fits the theme of apple losing people's stuff.)
I don't really get the syncing situation with apple. And it's really hard to tell when they've resolved bugs in one app or introduced new ones elsewhere.
The Safari reading list can't even sync properly between devices for me. Image Capture ("Keep Originals"??) or AirDrop is a little minimal for such a keystone part of the phone -> computer if you don't want to use Apple ecosystem after.. Let alone the other more complicated issues.
You presumably would process the pen inputs, not the resulting image produced by the handwriting. No different from how you handle conflicts in online gaming.
This is a company that is trying to design away the concept of the file completely. Which leaves very little recourse in the way of workarounds or recovery when bad things happen.
I think of Apple as blessed and cursed by hubris. The same arrogance that lets them assert a design into the world on the belief that people will adopt it allows them to incapable of changing at the things they are bad or deplorable at.
I would love to know if they even invest enough into QA resources. For a company like Microsoft, Apple, Google, and Amazon etc... I guess anything that qualifies as FAANG, I would prefer their QA departments be slightly overstaffed and that they do redundant testing than messing up with completely avoidable software issues. Sometimes the production bugs are embarrassingly obvious so much so it screams no QA team was involved.
I used to be in QA at Apple before I became a SWE.
Used to be, these were full software engineers embedded with dev teams, with a mission to destroy, document, and harden the apps and frameworks.
During the 2010s in all the FAANG that I’m aware of (have worked at 3), QA as a high paid American profession was completely offshored to India and responsibility for quality removed from developers concern. It’s a blocking item on the Launch Checklist. Automated testing was expected to fill the gap but has mostly been ignored.
Well put! But I think there's an interesting exception—APFS seems to be very reliable. It's been quite a few years since the very successful silent auto migration and it’s pretty quiet about it, which is a good thing for filesystems.
This is infuriating to me. I manually manage my music library and have for years. I buy the iPhone with the most storage so I can keep my entire library with me locally. This used to work great, but has degraded over the last decade. Now when I drag new music to my phone in iTunes nothing happens for minutes, and then if I get lucky it finally starts transferring, but some times nothing happens at all and I have to retry.
Recently when I load new music onto my phone I find that random unrelated album art has been mangled or switched with other albums from other artists. And some music, which exists on my phone's hard drive, is now greyed out and when clicked says "This item is not currently available in your country or region." I am considering switching back to a iPod with an upgraded drive and giving up on keeping music on my phone completely.
Odd that you would omit the part of the text you quoted that contradicts the impression your partial quote creates.
> The images were initially believed to have been obtained via a breach of Apple's cloud services suite iCloud, or a security issue in the iCloud API which allowed them to make unlimited attempts at guessing victims' passwords. Apple claimed in a press release that access was gained via spear phishing attacks.
I also found it notable that the source for the above unlimited password guessing password guessing is an Apple press release that states no such thing.
Also interesting was that all sources in that article suggesting anything about unlimited attempts describe to an app or script (unclear which) called iDar, which the only source to actual name iDar claims that it reports success 100% of the time, regardless of its actual success in guessing the password.
I've no love for Apple. Maybe it's true. But the evidence presented in this wiki article is weak.
Either you didn't read the page you linked or are deliberately lying, the API issue is speculation we know now that it was predominantly spearphishing.
All from the same article:
>"Apple claimed in a press release that access was gained via spear phishing attacks."
> "Apple later reported that the victims' iCloud account information was obtained using "a very targeted attack on user names, passwords and security questions", such as phishing and brute-force attack guessing."
>"Court documents from 2014 indicated that one user created a fake email account called "appleprivacysecurity" to ask celebrities for security information."
>"During the investigation, it was found that Collins phished by sending e-mails to the victims that looked like they had been sent by Apple or Google, warning the victims that their accounts might be compromised and asking for their account details. The victims would enter their passwords, and Collins gained access to their accounts, downloading e-mails and iCloud backups."
>"In August 2016, 28-year-old Edward Majerczyk of Chicago, agreed to plead guilty to a similar phishing scheme, although authorities believe he worked independently and he was not accused of selling the images or posting them online."
>"Garofano's attorney said he had been led into the phishing scheme by criminals."
>"Through a phishing expedition[further explanation needed], he hacked more than 200 people"
All of the other methods of compromise are speculation, what has been unambiguously proven in a court of law over and over again was phishing.
It's a little embarrassing that people are still pushing that particular conspiracy theory a decade after it was debunked.
Not only was "Celebgate" the consequence of a standard phishing attack, but we know from court records that a larger number of Google accounts were breached than Apple accounts.
> A Pennsylvania court has sentenced a man to 18 months in jail for hacking into the accounts of celebrities and stealing nude photos and videos.
Collins tricked his victims - including actresses Jennifer Lawrence, Kate Upton, Scarlett Johansson, and Kirsten Dunst - by sending emails appearing be from Google or Apple.
Collins accessed at least 50 iCloud accounts and 72 Gmail accounts.
What they actually do is a moderate effort to keep app developers from accessing user data. Which is definitely good!
Though the reason for this likely more about keeping the customer relationship with apple then actually protecting the privacy of users, but it's a nicely marketable side effect - and that's definitely a good thing for the users, too!
Anybody who was anybody back then was an active participant in PRISM. There are no good guys and bad guys when it comes to that. There are businesses that get to keep doing business by doing what the government tells them to do, there are ones that shut down (Lavabit), and there are ones that don't have enough going on to be on the radar for a project like PRISM.
But at the end of the day, you gotta be able to sleep with yourself and I have no idea what I'd choose if I were a CEO. Everyone lost their jobs. He did wrong outside of PRISM, so it's hard to say. I'm not him and I already don't sleep well at night.
Photos does a lot of extra work on import (merging RAW+JPEG pairs, generating previews, database indexing, optional deletion), so my guess is a concurrency bug where a buffer gets reused or a file handle is closed before the copy finishes.
Rare, nondeterministic corruption fits the profile.
I have had extremely bad luck, reporting bugs to Apple.
They constantly ask for an example project, even if it's something that is easily demonstrated, simply by running existing Apple software, and creating a project, would be a huge pain.
They also ignore reports. Very rarely, I may get a ping on one of my reports, asking me to verify that it was fixed in some release. Otherwise, there's no sign that they ever even read it.
I usually end up closing my bug reports and feature requests, after a few months, because I'm tired of looking at them.
It's clear that they consider every bug report to be a burden. That's a very strange stance, but then, they are not a typical company.
I guess you can't argue with the results, as they have a market value North of 3 trillion dollars, but that does not make it any less annoying.
They asked me for a sysdiagnose when I complained about how crappy their new Finder disk icon looks on macOS 26. See this rant by Jeff Johnson, who called for a boycott on filing bugs with Apple a couple years back (I stuck to the boycott except for two obvious UI design issues in the latest OS because neither required repro steps (so why the sysdiagnose?)).
Not to hand wave-- but this feels industry standard IMO. I have a dozen PRs sitting unacknowledged and stale across a handful of FAANG (and other) repos, including Apple's.
I start my first day @ Apple in a few weeks, so I ACK that my opinion might be a little biased here.
Maybe you can help bump FB13400242, a bug that is _literally_ going to kill people. (The bug is that to make an emergency call, even from lock screen, you're supposed to be able to squeeze buttons on either side of the phone. But it only works with the volume buttons on the left - the Action button didn't get supported, when that button was added. So now the rule for teaching a small child isn't just "squeeze both sides" it's "oh but not that one!")
(Yes, this came close to killing someone close to me. Fortunately someone else happened to come along to help.)
Consider hitting up some Apple "watcher" people (e.g. 9to5mac) to see if they can give you a boost on their social media. It's pretty obnoxious that it's come to needing to make a stink like that to get eyeballs on something, but here we are.
This definitely works. When I was at Apple I remember a number of issues in their weekly “bug review board” were classified as being high priority because they were going viral on Twitter.
I'm decades away from being a small child and I can't remember these gestures. The only time I get screenshots or activate emergency mode on my phone is accidentally. Of course I also don't expect my phone to be able to help me much in an emergency.
Well, not an Apple fan personally but on this they are just top of class. Even if this story involves an Apple Watch and not an iPhone, my father-in-law some time ago fainted (due to an underlying heart issue we late uncovered), knocked his head on the toilet when he got up in the middle of the night to go to the bathroom. He lost consciousness for a brief moment and when he regained it, there was already someone from the emergency line speaking through the Apple Watch and he got the ambulance at home faster that without wearing the Apple Watch, and surely helped in saving his life.
Btw I wonder if Apple sends some spoken message to the emergency services or some metadata or just connects the phones and that's it.
Edit: oh and I forgot: my wife got a loud message (that bypassed DND) telling her that her father maybe felt, because she is one of his emergency contacts.
My phone is off at night and I don't have a watch. I try not to let these huge companies FUD me into thinking that I appreciably change my odds of surviving an accident by buying their technology, but I get that others see it differently.
Unless one's title is going to be "VP" or "SVP", the chance that someone joins BigTech and gets to "improve the process" is usually miniscule. You're being hired as cog #21 on team #54 and there is a large backlog of JIRA (well, in this case, Radar) tickets to grind through. There will be people who tell you what the processes are, and to not deviate from them. And you shouldn't get mad at those people, either--they're just the messengers, and were told what the processes are by people above them on the totem pole and so on.
It’s not a matter of ambition or lack-of. Nobody is going into a 100k+ company and just changing the entire corporate culture around something as broad as bug fixing. These companies have hundreds of teams, and decades of entrenched culture. Sure, go in and improve what you can in your own lane, but be realistic about your scope and reach.
how is this different from any product with a billion users and 100,000+ live bug reports?
I've had pretty good luck reporting bugs to Google (notoriously bad!):
1. provide simple, crystal clear examples that cannot be due to third parties, misconfiguration or user error.
2. show that it's happening to a large number of mainstream users (not niche)
3. show that it breaks critical workflows and has no easy workaround (incl partial workarounds).
4. if you meet #1-3, then wait 6-9 months minimum (more if hard to fix). If not, wait 3-5+ years.
---
Favorite example: in the mid-2000s, I caught google maps confusing suite/apt numbers for street numbers. It got flagged as low priority. So, to get the team's attention, I reproduced the bug on a large Google offices. Six month later, bug fixed.
After that experience, I report everything to Google that breaks my workflow. Like clockwork, the biggies get fixed a couple of quarters later.
---
Want long? Try improving/fixing core issues with the API design of Linux or PostgreSQL: fix times can be measured in decades. Backward compatibility is insufficient - they rightfully worry about libraries and tools adopting the new APIs and then breaking legacy systems that cannot be upgraded even for mission-critical security issues.
---
NOTE: OP bug feels P0 and the better strategy is either mass media (incl HN) or networking to someone inside the company. I've hit those too over the years and can usually find someone at the company to send directly.
> How does one finance a project or a company with increased maintenance costs
You seem to be assuming that the company will eventually pay off the technical debt rather than just continue accumulating it and lowering production quality.
? This is the system working as designed. The whole game, from startup to fortune 500, is to accumulate market power fast enough to avoid tech debt swallowing you whole.
Once you have market power (which means different things for different companies) you can safely feed the tech debt monster just as little as you feel like.
I still don't under stand why Apple limits updates to their first party apps to OS updates.
They could really benefit from how Google does it on Android and decouple it. Push updates to their first party apps via the app store like everyone else, and let the OS update on its own separate schedule.
They somehow separate out certain apps, like Safari (on occasion), the iWork suite, and the Pro apps, but I have no idea why they insist on coupling apps like Photos and Music to OS updates.
I think your best bet is to do what you did: write an extensive blog post about it and hope it goes "viral" and grabs the right people at Apple's attention.
I would think the diffs would be telling to the right people.
It's on the front page of HN, so that's a good start!
I use Lightroom, but always with this workflow (copy files from memory card to disk, then use LR to do the import / move / build previews).
If nothing else, it lets you get your card back much more quickly, as a file-system copy runs at ~1500MBps, which makes a difference when importing 50-100GB of photos.
I also don't delete the images off the memory card until they've been backed up from the disk to some additional medium.
This is what I always do. Rather than go directly from the card reader or camera into Photos or Lightroom, I copy the files onto an SSD, and then bring them in from the SSD. The entire process goes faster.
I also want to point out that I've seen similar corruption in the past, only in Lightroom. The culprit ended up being hardware, not software. Specifically, the card reader's USB cable. I've actually had two of these cables fail on different readers. On the most recent one, I replaced it with a nicer Micro B to USB C cable, and haven't had an issue.
I haven't had actual corruption but had imports take an excessive long time or fail to complete in Lightroom because of bad USB cables or (I think) bad USB jack.
Generally I'm frustrated with the state of USB. Bad cables are all over the place and I'm inclined to throw cables out if I have the slightest problem with them. My take is that the import process with Lightroom is fast and reliable if I am using good readers and good cables; it is fine importing photos from my Sony a7iv off a CFExpress card but my Sony a7ii has always been problematic and benefits greatly from taking the memory card out and putting it in a dedicated reader, sometimes I use the second slot in the a7iv.
I worked on the Photos team a decade ago — some of what you're saying I can vouch for. If it is a rare occurrence, that lowers the priority of the bug. Data corruption though? That moves it to the top.
I'll tell you a secret though that kind of pisses me off. If you have shipped with a bug, that automatically lowers the perceived priority as well. You know, as opposed to introducing a new bug in a new release. "We've already lived with that old bug…" seems to be the mind set. Oh well.
To be sure though, if you saw the number of bugs that queue up for a popular app like Photos, you'd know that fixing all of them is not going to be possible — some kind of system of prioritization is required.
Yeah, I have had friends in Apple and they have described pretty much the same approach. It's perfectly understood.
There is one more thing that gets factored into the bug triage. If the bug affects professional users (as in, data corruption from external media) - fuck them. Apple couldn't care less about professional users. The priority is to fix Photos.app for utility gauge pics and preferably in HEIC and other default settings.
> I'll tell you a secret though that kind of pisses me off. If you have shipped with a bug, that automatically lowers the perceived priority as well. You know, as opposed to introducing a new bug in a new release.
This mentality is all over BigTech: This bug didn't block release X-1, why should it block release X? So, it inevitably just sits in the backlog forever. If your releases are 90 days apart, any bug found has an average of 45 days to be fixed, or it ends up on the "we lived with it last time" list.
Edit: Nevermind, the contents are vastly changed. This is like a different stream of input got used, or a buffer was written over with contents from another image.
This bug has happened on multiple, perhaps all, iphones I ever owned, I clearly remember at least 3 where I spent hours on trying to save (extract) photos from my iphone with different tools.
Interesting that he went from 30% failure to it taking a while to find a single failure after replacing everything.
Random is random, and random is clumpy, so maybe swapping parts is irrelevant, but... I wanted more detail how often the corruption happened throughout his replacement journey.
edit: also wth i just realized I went to "tenderlovemaking.com" at work. gross. lol.
I'd be interested in knowing if he was multitasking and using a lot of memory. I know wedding photos are usually something you feel rushed to upload so maybe this issue can be made worse depending on system resource availability.
I wonder if it’s related to import sources, and maybe the speed of that hardware. They are still successfully importing the photos into the Photos app, just not from the camera.
Why? A new framework gets you new bugs instead of the old ones, but not necessarily fewer or less severe ones.
It’s more likely that things will be reversed: the old, battle-tested framework may have bugs, but it’s is less likely to have serious ones.
They should try to hunt down bugs in the existing code. A partial rewrite of parts that historically have many bugs may be in order, but a complete replacement? Unlikely to be an improvement.
Well I'd imagine the new framework wouldn't rewrite old but wrap the existing low level APIs in a way that is not error prone. Centralize the tricky bits so Photos and third party apps don’t each have to reinvent them?
Always count on Tenderlove for a detailed technical deep dive! I've missed your blog.
Tangential story - 12-13 years ago I was a burgeoning and super eager software dev that moved to Seattle to be closer to "the scene." tenderlove's content was a major reason for me going there and I poured through his posts learning way too much about Nokogiri, Active Record, and much much more.
I went to every Ruby meetup I could get to out there and I remember one in particular, a Seattle RB meetup, in the Substantial office. It was a pretty small group, at most 15-20 people.
I was with a coder buddy but knew nobody else. We were all just drinking pints of Manny's beer and eating pizza from Big Mario's or something. Ryan Davis (the creator of minitest among other things) was doing a presentation on Unicode.
Aaron Patterson (tenderlove) was cracking jokes at every opportunity. At one point I asked a relatively naive question and Aaron _tenderly_ answered in joke-form response. I felt such a _part_ of the scene then. Aja Hammerly was super engaged in the presentation, I think even Ryan Bates and/or Geoffrey Grosenbach were there.
It was quite surreal to be in this dream-like state around giants and heroes just doing what they were doing and being so inclusive. It seemed so normal but became a core memory.
Thanks for everything Aaron, you've truly been an inspiration!
But good gravy that troubleshooting path got expensive real fast. Replacing the laptop and the camera? Why not start by trying something other than Photos? It doesn’t even need to be a paid product; the Olympus software is free not to mention a good baseline since it - of all the applications - should be able to import photos without corrupting them.
Edit to add: delete on import seems pretty risky. My workflow is to import and only delete from the camera after 1) the imported photos are backed up 2) I’ve done a first pass culling.
My workflow is don't delete after import but format the card in the camera afterwards. I have XXXL cards and it is not such a problem if I forget to format.
I had one case where I screwed up a shoot and thought file corruption might have been involved (it wasn't) Even though I had formatted the card with the camera and shot maybe 5 test shots I was able to recover most of the images with Disk Drill
My first thought was “software troubleshooting is a lot cheaper than hardware troubleshooting!” Maybe the author isn’t bound by the same economic realities as some of us are accustomed to.
before stackoverflow there was expertsexchange.com and they were forced to add a hyphen to the name because people kept making fun of the expertSEXchange, it became experts-exchange.com
Wow, I probably haven't logged into EE into 20 years. I just tried now and somehow guessed my username and 5 letter password first time. They want $9.99 to let me in, though, but they claim to have all my achievements still...
Oh wow, I'm surprised the name change appears to be so universally appreciated on reddit.
It doesn't strike me as different from "porn" i.e. "unix porn" "food porn" etc, which are at least somewhat widely accepted. I assumed it was self-aware/deprecating humor, as in the people there recognized they were frequently replacing which gear they used beyond what might be strictly necessary.
It was colorful, in the way a lot of music and art is colorful. It's not like it's a sysadmin forum...
I guess the reason why modern times feel so bland is because we all agree on the lowest common denominator, and then celebrate that as "iNcLuSiViTy". If anything you do has any personality, aka deviates from the standard workflow, it immediately gets a disadvantaged position on the free market.
It's like, we collectively prioritize efficiency over fun and then we wonder why life is not fun even though it is efficient.
Dumb frat-boy innuendos count as personality now, huh?
Let's just leave aside the fact that the name genuinely made many people uncomfortable and unwelcome there (it did), it was also just teenage and immature. There's ways to inject personality and fun into a social experience without giggling about sex. Talk about lowest common denominator...
In the late 90s my then-wife was watching over my shoulder one day and saw the domain “freshmeat.net” pop up as a possible auto-completion in my address bar. She was justifiably suspicious until I showed her it was just a software distribution site.
This reminds me of a flash games website from 2007. The domain was something like sogay.com. one time I had to spell it to my father. He asked if I'm sure before pressing enter lol
It is simply hilarious to make grown adults visit a website called tender love making dot com (a sexual reference) to read a very specific and niche blog about technology.
The author's name is tenderlove. He has been a famous contributor to Ruby and Rails for at least 10 years. If this is objectionable to you, it shows your lack of expertise.
I also have an OM System camera (OM-5) and never get corruption this bad but occasionally got one row of green pixels at the bottom of a photo during import to Photos. I thought I was crazy, but this motivates me to change up my routine and check if it was Photos all along.
I ran into the same corruption issue without any sort of RAW images and without using OM camera. My partner was pissed at me, thinking it was my fault. But it turns out that Apple Photos is to blame!
I’ve been seeing this happen on older photos that had imported properly, and I just use my iPhone and view photos on my Mac and iPhone. Looking back, I’ve lost whole chunks of my photo library. It’s a bigger problem than I realized. I don’t have these backed up elsewhere.
I used to see this when I had iCloud Photo Library turned on. It randomly corrupted old photos that were correct. It corrupted both photos taken on the iPhone and photos imported from a real camera.
I have since turned off iCloud Photo Library, downgraded iCloud (no longer needed so much storage), and started using fully open source photo management with flat files on disk.
I realize it's easy to think or assume this is a bug affecting everyone but for what it's worth, I've had zero issues importing photos from my Sony a6000 and a7iii for the past eight or so years. Tens of thousands of photos at this point.
For the longest time my process while traveling was importing onto my iPad or occasionally my iPhone since I didn't have a personal laptop, just a Mac Mini at home.
I hadn’t dug that far in to it, thanks for sharing! I assumed my rather old SD card or the adapter I keep stuffed at the bottom of my bag was the issue as I’ve only seen it on a couple of photos.
I’ve used Olympus cameras for over a decade. Well, the same camera to be honest, a PEN E-PM2. This has only appeared in the past couple of years.
I haven’t seen it on photos from my Canon EOS 80D yet, but I guess it’s time to change my workflow. And maybe OS.
It would be very helpful to document the version number of the Photos app that demonstrates this behaviour so anyone else who is affected can use this article to keep track of potential fixes.
Apple just isn't as good at software anymore. The same thing can be said for almost any big software company, though. Generally QA seems to really not be a priority anymore.
I've not experienced corruption like the author, since my workflow involves copying the raw files from sdcard to harddrive, and then importing into Photos. After processing the raws in Photos, I export a .jpg back out to the filesystem.
That's because my worry is corruption of the entire Library, which Photos stores as one gigantic opaque file/directory abomination. My .photoslibrary file is currently 70gb in size, and I'm terrified of what would happen if it becomes corrupted. The Photos app crashes not infrequently.
> That's because my worry is corruption of the entire Library, which Photos stores as one gigantic opaque file/directory abomination. My .photoslibrary file is currently 70gb in size, and I'm terrified of what would happen if it becomes corrupted.
It's a folder that acts like a file.
Right click > Show Package Contents works, and there's an "originals" folder that should have all your photos in normal everyday files.
I had a similar issue recently. I used the Windows Photo app to import & delete photos from my iPhone. When it finished, I realized that a significant fraction of the photos had been corrupted. Not sure where in the pipeline it happened, or if they were already corrupted on the phone.
Not sure if related but importing images via image capture on mac to the disk of the mac gives you correct time when the photo was taken in the file (kind of important if it’s family photos). But if you import it to a usb drive you get current time as creation time for each file so you’ve lost any timestamp you had on the photos.
> Not sure if related but importing images via image capture on mac to the disk of the mac gives you correct time when the photo was taken in the file (kind of important if it’s family photos).
Something related: exporting originals from Photos used to give the current timestamp back in Ventura, which annoyed me to no end.
They fixed that bug in either Sonoma or Sequoia (I jumped straight from Ventura to Sequoia).
Anything important should be kept inside the file. Filesystem metadata gets lost all the time, isn't consistent between operating systems, zipping up a folder and extracting it will probably mess up timestampts too.
Apple's Migration Assistant messed up timestamps when I did a M2 > M4 copy recently.
Dropbox doesn't seem to keep timestamps properly either.
I like using filesystem timestamps to sort through things in Finder, and thankfully I like A Better Finder Attributes for being able to batch copy EXIF data into timestamps.
I had this with some old photos but you can quickly rsync preserving metadata and then use exiftool to fill in the time and the whole thing will always work. After that I pasted it in Google Photos and it’s correctly in the timeline. Remarkable how easy this stuff is these days with LLM.
I remember years ago I lost some random videos on iCloud (synced via the Photos app). The filenames were there but they couldn't be opened anymore and seemed corrupt. Since then I never trusted iCloud anymore and switched to Syncthing (which back then also messed up some of my data if I recall correctly) and then Nextcloud.
I am not letting Apple Photos touch my photos. Neither Google Photos, etc.
All my photos are managed using Digikam and developed using Darktable. They are also visualized via immich, but immich only has access via a read-only mountpoint.
I am moving this direction, but for now as a redundancy purpose.
Copied google take out into immich, who has its mountpoint use truenas iscsi backed by zfs. Zfs is set to take snapshots frequently.
Your workflow was horrendous, and now it's merely bad. Don't touch any images on the card until you're sure that the images imported correctly AND your local and cloud backups have backed up the images. I assume you have local and cloud backups. If not, you should set them up right away. Really, cards hold a huge number of images and there should be no rush to empty them out.
You also shouldn't delete from the SD card using your laptop anyway. Always use the in-camera format. This was a bad workflow from the beginning, no idea why you would ever click "Delete after import" when importing directly off an SD card.
Also a good idea to copy to multiple locations when importing. When I do professional work and import into Lightroom from SD card I have it set to create two copies - import to my external SSD (the "working" copy) and also copies the files to my NAS (which is then backed up to the cloud).
Nowhere in that process do I ever delete anything.
I shoot RAW but I wouldn't want to eat up all my iCloud space with my RAW files. They're 80MB each off of my Fujifilm camera. I store them on a local DAS instead. Curious what the real use case is for storing RAW on iPhoto.
You can put your apple photos library on an external / network attached drive. Thats what I do, since my photo library has grown to ~300gb. And I'd much rather buy a hard drive than rent one from apple.
There's also the excellent osxphotos utility which can export / backup / migrate photos in and out of apple photos:
I have tried fairly persistently to make Apple Photos my primary photo management tool and I finally gave up recently. The app crashes repeatedly when I have it open—only occasionally until this year but the frequency has increased to the point that it no longer feels usable. A real shame. I’d rather stay in the ecosystem if I had the choice.
What are some good Open Source / Self Hosted alternatives to Apple Photos (Desktop)?
I pretty much keep my Mac Mini around solely to import photos from our phones, free up space on the phone, and backup the Photos DB. We like to go back and look at old photos from time to time too, and the feature that shows them on a map is a big one for us.
Last time I looked (pre-COVID) there wasn't a lot of promising options, and some didn't support HEIF images
I use and enjoy PhotoPrism. It's open source and self hosted. It has the map view. It accepts imports via WebDAV, or you can manage files completely manually without using the import feature.
It's strictly for looking and exploring old photos. It doesn't do photo editing (except metadata editing), nor do I expect it to.
I'm fond of digikam https://www.digikam.org/ it's simple enough for most users and has complex features for more advanced users its open source cross platform and doesn't do some weird rearranging of files so you can still use your file browser too.
Immich could solve what you are looking for.
It supports wireless upload to the server, everything is stored locally and it has some neat additional features.
I do the same (though not for personal photos, only for my professional wedding work). SD cards are small, I have a stack in a safe.
Every professional/paid client I shoot for, I do on new SD cards. I have dual slot cameras, so one card just permanently lives in my camera and gets formatted between shoots, the other I treat as a one-time use card.
Doesn't eat into my margin too much, and I appreciate the extra redundancy when dealing with someone else's wedding photos, so that if somehow something went catastrophically wrong with the rest of my back up process and off sites, at the very least I still have the SD card with the RAWs on it.
Back in 2011 I did the grave mistake of updating my iPad to the beta version of iOS. It was iOS 4 I believe. I took it with me on my honeymoon travel in US. My use case was to offload images onto the iPhotos app with an SD adapter. I bought the Apple Dock one.
On day 7 or so the import failed and all files on the pad got corrupted. But also the SD card got corrupted.
I stopped using the device and the card because I knew not all is lost. I had to buy a new card in SF as replacement. Back home I used a recovery software to check if data is still on the card (I used the same software before on a card that got deleted by another person and I was able to get all images back). I was able to get most of the images recovered and also recovered a few from the iPad. All in all I lost maybe 10 out of a few 100.
Now I travel with multiple cards and backup already each night while in the hotel. And I don’t delete the images on the SD Card. I format only when I’m sure I have everything copied and secured.
This is really good to know. I’ve never personally run into this problem despite having the same hardware because I only ever put the final jpeg into apple photos and keep the camera output completely outside of the Apple ecosystem on a hard drive.
Have you tried importing them using the Image Capture app on iOS, instead of the Photos app? It just gets them off the camera/SDCard and onto your Mac in a folder, which you can then drag onto Photos.app -- worth a shot.
Past few days, i created a copy of all my photos on google in my nas.
This gave me a peace of mind in case something catastrophic happens (image corruption, account getting banned etc)...
I had a weird issue with at least one photo in Apple Photos recently (possibly more that I haven't found) where the photos app showed the image, but I couldn't export it - like it was only a preview. I've upgraded my photos database over many release so I don't know if that's a part of it, the photo in question was from 2018 or so
Im interested to see if you encounter the same with a different phone. Most probably a software issue, but are we sure it isnt something defective with your phone?
Somewhat tangental, but I keep my music in the Music app. Wireless music sync is great and usually does what I need. Once in a blue moon, however, it'll absolutely scramble every album cover of every song I have.
This bug has been there for years, probably a decade.
I got similar symptoms as mentioned, I suspected AFS+, but what do I know. It has happened on at least 3 iphones (pros), now when I think about it, I don’t remember any iphone I haven’t have troubles with. Having 5000+ images (non-raw) where 5-10% are corrupt is infuriating, but I just stupidly buy another iphone every year (the most expensive one).
Re-importing images 10-100 times could sometimes extract a few additional images, but the phone just disconnects after a while when running such scripts.
Use photorec to recover from the old SD card even if you deleted
Then for the current files you’ll want to see what happened. Often with this class of problem either the bytes are zeroed or shifted. Since the size is the same, perhaps they’re zeroed or perhaps bytes are LE to BE or dumb shit like that (don’t know why it would be but weird world right).
Just diff and see if you see anything (I wrote off memory but you get the idea)
diff -aui <(xxd -r file1) <(xxd -r file2)
If files are getting zeroed sucks but otherwise maybe you can swizzle it back out. If full bytes look weird, look at binary representation and see if you have pattern.
Fortunately it mentions early on in the article that this is related to an Olympus camera so I'm guessing this has something to do with the OM system's flavor of Olympus's proprietary ORF format.
This would not surprise me. For whatever reason, ORF files from the TG-4 import fine, but CoreRAW doesn't handle the TG-6, so I need to either use RAW+JPEG or convert to DNG.
He says the checksums are different but he doesn’t provide a diff to show how different. It could just be a single flipped bit or something. And that could happen in his own RAM/disk/CPU/router so seems premature to immediately blame Apple.
I ran both files through xxd then diffed them. I've literally changed every piece of hardware (at no small cost). "premature to immediately blame Apple" seems a bit off.
I tried running the file segments through a binary diff with Hex Fiend
As far as I can tell:
- 0x7800 bytes were replaced at file offset 0x00aa0000
- 0x2200 bytes were replaced at file offset 0x00aa8000
I can't tell if the replacement data came from a different part of the file, or somewhere totally different. Race condition somewhere sounds plausible.
So some part of the chain with 512 byte buffer size corrupted the data.
It doesn't look like a memory corruption but if this were my computer I'd run the equivalent of memtest86 on it.
It looks like a filing system corruption to me. Running `diskutil info` on the main harddisk and the sd card might be interesting to see if the block sizes match.
Running a disk tester on the sd card and the main disk might be a good idea too. Here is one I wrote: https://github.com/ncw/stressdisk
This is the kind of stuff that makes me wish my Binary Diff Tool was already completed, but unfortunately I'm still working on it. Can't tell much what's wrong with the differences in the bytes without knowing what the structure behind it is.
No, it isn’t. The OP isn’t questioning whether the file changed, but asking what changed to the file, not what changed visibly.
The visible effect shown could be due to a change as small as a single bit flip. It also could be that large parts of the file got overwritten, or that it partially got zeroed. The exact kind of damage can help pinpoint the cause of the problem.
Yeah, I would have been interested in the diff too.
That said, the article does mention replacing basically all the hardware and still encountering the issue. FWIW, my personal experience with Apple software so far is that the usage expected for Average Joe is well tested and polished. But stepping outside of that, it's "Here be dragons" territory very quickly.
The default behavior for handling cards containing images is a read-only mount, and copy all the images without any modifications.
When flash fails it returns garbage or zeros instead of (what was) your data. It can be tranient or persistent. And without any error codes from the storage device or the file system.
If storage returns garbage for filesystem metadata, all bets are off how the OS filesystem driver will behave.
Reformat should be done in camera. And that card used only in that camera. And only that camera gets to write to that card. And don't delete individual images.
Image Capture did me dirty once. Macbook ran out of space while importing photos but it never stopped and kept on deleting photos from my iPhone. Lost 5K photos of a wedding... submitted a bug and hopefully it has been rectified.
I have Apple Photos but I never thought to use it to automatically import my photos and clean it up. My process is very similar to where you've ended up. Thanks for validating it--I'll never change it.
For transferring files (photos or others) from iOS, I have been using Landrop for a while and never had any issues so far, it’s also way faster than using a cable.
I always wonder about the motivation behind these polished, high-quality programs on the App Store which are not open source, and also don't collect (much) data, neither have ads in them.
I used it along with another called Localsend, but the later one gave me a bit of headache and crashed while transferring some large files last time I used it, but still great as an alternative too, and it’s open source as well.
Edit: Actually, you are correct, it seems they did close it! Try localsend instead.
Love LocalSend. Can be a bit finicky but for quick transfers between systems I love it. Use it so my work laptop, Linux gaming PC, and iPhone can easily pass staff around.
> What's the purpose of RAW+jpg though? Seems rather redundant?
You get to keep out of camera jpg files. Some people might like how their camera processes jpg files and might also want the raw file for a scenario when a more complex editing is needed.
As I said in my blog post, it imports both and combines them in the UI. Also as I said in my blog post, I switched to shooting only in raw, and it still exhibited file corruption.
Processing RAW can be expensive time wise. If you’re sorting through a session of 10,000 photos, you want the speed that comes with the jpeg variant, which allows you to quickly sort out blurry, smeared, severely mis-exposed, and other various defect photos.
The storage cost is negligible (JPEG75@10MP is cheap) and the workflow benefit is immediate. Additionally, cropping and early white balance corrections (as well as a handful of other things) are much faster to preview with a non-RAW version of the image; since you’ll be processing that detail later anyway from scratch in the RAW later, it’s functionally free to do it on the jpeg version before you dig into the raw.
Additionally, there’s a cheap debugging aspect that you saw here: was it Apple Photos mishandling ORF? Was it something else? When working with both, you have a “reference” that can be used to make sure your digital development pipeline is set up correctly; finer details about the imager can sometimes get mangled by some RAW developers like pixel order and sub pixel blending. Not every CCD is a linear grid, not every LCD looks the same, but if you can get your RAW pipeline producing ≈the same as your camera did, it verifies that you have things mostly set up correctly.
GP isn't wrong though. Most cameras embed a medium quality full-resolution JPEG along a couple different thumbnails in raw files, so saving raw+normal JPG is kinda pointless, because the raw already contains that jpeg. Raw+jpg is only easier in the sense that many/most non-vendor tools - even viewers - can't properly handle the embedded jpg so it's easier to just duplicate the storage (e.g. 50 MB for the raw + 10-20 MB for the JPG) and take the hit on storage consumption/transfer time.
With SD cards relatively cheap I long thought about, why delete them at all. Just put them into a box after importing the images/when full. So you still have a physical backup.
What's the purpose of RAW+jpg though? Seems rather redundant?
Otherwise, it is wise to highlight that "delete after import" is not a good choice in general.
I personally would not let device A to automatically delete files from device B while files are being copied from B to A.
My workflow is quite manual when bringing pictures in from camera to my MacBook.
- I simply take the SD Card from the camera and then use the SD Card reader on MacBook itself to copy the files (RAW + JPEG) into a working directory.
- Move just the JPEGs into Apple Photos library
- The ones which I think I can/should improve using RAW processing, are processed in DxO Photo Lab and exported to JPEG with a *_DXO.JPEG filename
- DXO Processed JPEGs are added to Apple Photos again. This time due to the naming scheme, the DXO processed JPEGs and camera baked JPEGs are next to each other which helps in quickly checking the results.
- Delete the camera baked JPEG once I am happy with DXO's output
Regarding...
What's the purpose of RAW+jpg though? Seems rather redundant?
...as others have pointed out. Shooting RAW+JPEG is like an insurance policy where if the camera was unable to produce a result which I would like to keep, I have the RAW to play with.
I only keep JPEGs in Apple Photos as all of my image library is backed up to iCloud and don't want that duplication.
RAW files get backed up to another SSD. Looking into a better backup for RAW files.
Also, since I switched recently to a camera which uses CFeB cards for best experience (but also has a SD card slot), the onboard SD Card reader on my MacBook will become useless for this once I get an external CFeB reader.
Because it's utterly irrelevant nitpicking, acting as if a blog post is something that was inflicted on hk1337, followed by a question about a pretty basic concept demonstrating a very limited understanding of the domain, which would be fine if the assumption of good-faith wasn't undermined by the preceding text.
I’m a fan of the whole Apple ecosystem but I have to say that there’s a pattern here. Apple does a decent job of keeping my data safe from others but a terrible job of keeping it intact. From music libraries with song titles that got switched to long integers to this (and I’m sure more that I’m not remembering atm) they need to do a better job here.
Sure security is important but integrity is too.
I am baffled by Apple's incompetence here. In the past years I've seen:
* iTunes/Music app randomly reassign my Album artwork, with different (incorrect) art showing up on different devices!
* Reminders app: shared reminder lists can end up with the name of a different list
* Ghost photos that are deleted from my phone, and come back later.
* Maps, when I say "navigate to $friend" set a route that ended in my own driveway.
To me, these bugs suggest a fundamental design flaw, perhaps they are using a simple Integer as an index rather than a UUID?
Or maybe the database schema are solid, but there's some sort of race condition in their synchronization frameworks and the data is getting scrambled in RAM?
Whatever it is, it's absolutely insane that in 2025 these kinds of bugs are happening.
I completely agree about there being a fundamental design flaw.
I still use Macs because data on a physical disk seems perfectly reliable, but I've been bitten by so many of these bugs in their apps. iCloud files completely disappear, then reappear a day later. Highlight a couple chapters of a PDF in Preview, then reopen the file and they're gone because iCloud thinks the older unhighlighted version is newer or something. Madness. I don't touch any of these Apple services/apps anymore.
There's very clearly a fundamental bug in whatever sync framework they seem to share across everything. It's bad enough to have data disappear entirely or deleted data reappear, but then when data shows up in the completely wrong place, and this has been happening for years and years and still isn't fixed... I don't know what to think.
You're right. There's no other word for it but "insane". They can engineer their A-series and M-series microchips, but it's been over a decade now and their sync is still fundamentally broken.
> There's no other word for it but "insane". They can engineer their A-series and M-series microchips
There are certainly other words for it. Lazy, anticompetitive, disinterested, any of those are more plausible than all of Apple being insane. They sold you a microchip that you knew you wanted, now they are beholden to little else. For over a decade, Apple didn't even offer the iOS APIs for third-parties to implement cloud storage. They know you need their software services, regardless of how shit they are.
Insanity would be a pretty satisfying explanation. Fickleness fits a lot better with Apple's track record though.
Another two examples:
* prompts in settings for adding an account recovery contact that never go away, even after months and months of successfully setting it up multiple times.
* OS account profile picture can barely stay associated with the most recently picked option. Happens for non-iCloud local accounts on Mac, happens when I change profile pictures on iOS for iCloud… weird.
* OS account update screens on iPad, iOS, and watchOS will forget that they are in the middle of updating if you navigate away from the settings screen. Thankfully, today they at least recover from it (it’s probably still happening in the background), but it takes several long seconds of spinning for the settings page to remember that it was doing an update two seconds ago before I navigated away from it.
* similar to your ghost pictures bug, deleting a large media file from a media player app moves it to recently deleted, but you can sometimes end up in situations where you can’t permanently delete the file, or it doesn’t show up anywhere but still takes up space. (Talking about 20GB-80GB file sizes where it makes a big difference on OS storage space)
Some of these bugs have been around for a VERY long time.
But the weird thing is I don’t see them in 3rd party apps.
The thing is, in many cases, these products and teams are very siloed from each other. I suspect, having worked in one of these teams, that some of the issues comes from this siloing. Lessons learned aren't shared, and it can be difficult to build integrations.
The clipboard is no longer reliable.
Not sure when exactly that changed, but it was probably a few OS releases ago?
Clipboard has been unstable on every OS (especially on Desktop - and I mean Linux, Windows and Mac), and I think part of the culprit is apps like Teams and Discord, if you Ctrl + C by mistake on an empty text box, IT COPIES THE EMPTY TEXT BOX effectively wiping your clipboard. It's the most irritating UX and it took me years to figure out. Always right click copy and right click paste, you'll notice it works 100% of the time as it used to.
Clipboard managers help a lot there.
I just use KDE's default one, Klipper, and I raise the max entry number.
If something bad replaces your copy, you can get the good one back from the history.
There are nice features like QR code generation for your copied text if you want to quickly share something with someone else's phone as well.
I’ve copied with right click out of chatGPT on Firefox and the contents not ending up on my clipboard. Not reliably.
Thats chatgpt doing ott wrapping and breaking web standards in a way chrome accepts but firefox doesnt last i looked
Copying empty text is a configurable flag in some linux environments, at least, but I'm not sure if that behavior is faithfully preserved in teams / discord / etc as I've never really had it on.
[dead]
Could be because of shared clipboard between devices?
[dead]
iTunes randomly changing album artwork happened to me too. Only thing that fixed it was wiping the iPhone and resyncing with computer.
> Apple does a decent job of keeping my data safe...
How do you know? Why do you believe that they're competent on writing security code but not competent enough to write a general purpose app? Is there a different company culture applied to the latter?
I stopped using apple's notes app with an ipad pen after it lost 20 minutes of my handwritten notes when trying to sync them. (Which fits the theme of apple losing people's stuff.)
I don't really get the syncing situation with apple. And it's really hard to tell when they've resolved bugs in one app or introduced new ones elsewhere.
The Safari reading list can't even sync properly between devices for me. Image Capture ("Keep Originals"??) or AirDrop is a little minimal for such a keystone part of the phone -> computer if you don't want to use Apple ecosystem after.. Let alone the other more complicated issues.
Deleting your data is next level privacy.
I'd love to know how they CRDT hand-written notes.
You presumably would process the pen inputs, not the resulting image produced by the handwriting. No different from how you handle conflicts in online gaming.
Sounds like they don't.
You should’ve put an airtag on them first.
Yes, two or three to make sure.
This is a company that is trying to design away the concept of the file completely. Which leaves very little recourse in the way of workarounds or recovery when bad things happen.
I got burned by Apple purposely corrupting my music library. I'm still salty about it.
Purposely? Could you elaborate?
Still can't get rid of that U2 album I'm guessing
I think of Apple as blessed and cursed by hubris. The same arrogance that lets them assert a design into the world on the belief that people will adopt it allows them to incapable of changing at the things they are bad or deplorable at.
I would love to know if they even invest enough into QA resources. For a company like Microsoft, Apple, Google, and Amazon etc... I guess anything that qualifies as FAANG, I would prefer their QA departments be slightly overstaffed and that they do redundant testing than messing up with completely avoidable software issues. Sometimes the production bugs are embarrassingly obvious so much so it screams no QA team was involved.
I used to be in QA at Apple before I became a SWE.
Used to be, these were full software engineers embedded with dev teams, with a mission to destroy, document, and harden the apps and frameworks.
During the 2010s in all the FAANG that I’m aware of (have worked at 3), QA as a high paid American profession was completely offshored to India and responsibility for quality removed from developers concern. It’s a blocking item on the Launch Checklist. Automated testing was expected to fill the gap but has mostly been ignored.
Well put! But I think there's an interesting exception—APFS seems to be very reliable. It's been quite a few years since the very successful silent auto migration and it’s pretty quiet about it, which is a good thing for filesystems.
Funnily, "data security" encompass both protecting it from undesired access (and stealing) but also from loss/corruption.
So they do a terrible job from a data security point of view;)
This is infuriating to me. I manually manage my music library and have for years. I buy the iPhone with the most storage so I can keep my entire library with me locally. This used to work great, but has degraded over the last decade. Now when I drag new music to my phone in iTunes nothing happens for minutes, and then if I get lucky it finally starts transferring, but some times nothing happens at all and I have to retry.
Recently when I load new music onto my phone I find that random unrelated album art has been mangled or switched with other albums from other artists. And some music, which exists on my phone's hard drive, is now greyed out and when clicked says "This item is not currently available in your country or region." I am considering switching back to a iPod with an upgraded drive and giving up on keeping music on my phone completely.
[flagged]
Odd that you would omit the part of the text you quoted that contradicts the impression your partial quote creates.
> The images were initially believed to have been obtained via a breach of Apple's cloud services suite iCloud, or a security issue in the iCloud API which allowed them to make unlimited attempts at guessing victims' passwords. Apple claimed in a press release that access was gained via spear phishing attacks.
I also found it notable that the source for the above unlimited password guessing password guessing is an Apple press release that states no such thing.
Also interesting was that all sources in that article suggesting anything about unlimited attempts describe to an app or script (unclear which) called iDar, which the only source to actual name iDar claims that it reports success 100% of the time, regardless of its actual success in guessing the password.
I've no love for Apple. Maybe it's true. But the evidence presented in this wiki article is weak.
Either you didn't read the page you linked or are deliberately lying, the API issue is speculation we know now that it was predominantly spearphishing.
All from the same article:
>"Apple claimed in a press release that access was gained via spear phishing attacks."
> "Apple later reported that the victims' iCloud account information was obtained using "a very targeted attack on user names, passwords and security questions", such as phishing and brute-force attack guessing."
>"Court documents from 2014 indicated that one user created a fake email account called "appleprivacysecurity" to ask celebrities for security information."
>"During the investigation, it was found that Collins phished by sending e-mails to the victims that looked like they had been sent by Apple or Google, warning the victims that their accounts might be compromised and asking for their account details. The victims would enter their passwords, and Collins gained access to their accounts, downloading e-mails and iCloud backups."
>"In August 2016, 28-year-old Edward Majerczyk of Chicago, agreed to plead guilty to a similar phishing scheme, although authorities believe he worked independently and he was not accused of selling the images or posting them online."
>"Garofano's attorney said he had been led into the phishing scheme by criminals."
>"Through a phishing expedition[further explanation needed], he hacked more than 200 people"
All of the other methods of compromise are speculation, what has been unambiguously proven in a court of law over and over again was phishing.
It's a little embarrassing that people are still pushing that particular conspiracy theory a decade after it was debunked.
Not only was "Celebgate" the consequence of a standard phishing attack, but we know from court records that a larger number of Google accounts were breached than Apple accounts.
> A Pennsylvania court has sentenced a man to 18 months in jail for hacking into the accounts of celebrities and stealing nude photos and videos.
Collins tricked his victims - including actresses Jennifer Lawrence, Kate Upton, Scarlett Johansson, and Kirsten Dunst - by sending emails appearing be from Google or Apple.
Collins accessed at least 50 iCloud accounts and 72 Gmail accounts.
https://www.bbc.com/news/technology-37796986
That was a pretty big screw-up. But, it was more than a decade ago.
That's unfortunate, but your passwords should be such that it would take an attacker millions of years to guess the password through HTTP requests.
They were also active participants in prism...
https://en.m.wikipedia.org/wiki/PRISM
What they actually do is a moderate effort to keep app developers from accessing user data. Which is definitely good!
Though the reason for this likely more about keeping the customer relationship with apple then actually protecting the privacy of users, but it's a nicely marketable side effect - and that's definitely a good thing for the users, too!
Anybody who was anybody back then was an active participant in PRISM. There are no good guys and bad guys when it comes to that. There are businesses that get to keep doing business by doing what the government tells them to do, there are ones that shut down (Lavabit), and there are ones that don't have enough going on to be on the radar for a project like PRISM.
I think that just makes them all bad guys? Just because everybody was doing it doesn't make it ok, let alone when it's something as bad as prism.
This is like saying there are no good guys or bad guys in the mafia, because the good guys all got taken out early on.
What you are then left with are bad guys.
When China does that they're the bad guys. When the US does that there are no good guys or bad guys.
Also, Qwest Communications.
But at the end of the day, you gotta be able to sleep with yourself and I have no idea what I'd choose if I were a CEO. Everyone lost their jobs. He did wrong outside of PRISM, so it's hard to say. I'm not him and I already don't sleep well at night.
It seems to be an import pipeline bug.
Photos does a lot of extra work on import (merging RAW+JPEG pairs, generating previews, database indexing, optional deletion), so my guess is a concurrency bug where a buffer gets reused or a file handle is closed before the copy finishes.
Rare, nondeterministic corruption fits the profile.
This is also my guess. It's really a bummer, and I'd report it to Apple but since it's nondeterministic I have no idea how to provide repro steps.
I have had extremely bad luck, reporting bugs to Apple.
They constantly ask for an example project, even if it's something that is easily demonstrated, simply by running existing Apple software, and creating a project, would be a huge pain.
They also ignore reports. Very rarely, I may get a ping on one of my reports, asking me to verify that it was fixed in some release. Otherwise, there's no sign that they ever even read it.
I usually end up closing my bug reports and feature requests, after a few months, because I'm tired of looking at them.
It's clear that they consider every bug report to be a burden. That's a very strange stance, but then, they are not a typical company.
I guess you can't argue with the results, as they have a market value North of 3 trillion dollars, but that does not make it any less annoying.
They asked me for a sysdiagnose when I complained about how crappy their new Finder disk icon looks on macOS 26. See this rant by Jeff Johnson, who called for a boycott on filing bugs with Apple a couple years back (I stuck to the boycott except for two obvious UI design issues in the latest OS because neither required repro steps (so why the sysdiagnose?)).
https://lapcatsoftware.com/articles/2025/8/7.html
Edit: accidentally called sysdiagnose a spindump.
Not to hand wave-- but this feels industry standard IMO. I have a dozen PRs sitting unacknowledged and stale across a handful of FAANG (and other) repos, including Apple's.
I start my first day @ Apple in a few weeks, so I ACK that my opinion might be a little biased here.
Maybe you can help bump FB13400242, a bug that is _literally_ going to kill people. (The bug is that to make an emergency call, even from lock screen, you're supposed to be able to squeeze buttons on either side of the phone. But it only works with the volume buttons on the left - the Action button didn't get supported, when that button was added. So now the rule for teaching a small child isn't just "squeeze both sides" it's "oh but not that one!")
(Yes, this came close to killing someone close to me. Fortunately someone else happened to come along to help.)
Consider hitting up some Apple "watcher" people (e.g. 9to5mac) to see if they can give you a boost on their social media. It's pretty obnoxious that it's come to needing to make a stink like that to get eyeballs on something, but here we are.
This definitely works. When I was at Apple I remember a number of issues in their weekly “bug review board” were classified as being high priority because they were going viral on Twitter.
A bug that has been reported that is down prioritized that then leads to killing people would be a pretty bad case for Apple when it came to court.
I'm decades away from being a small child and I can't remember these gestures. The only time I get screenshots or activate emergency mode on my phone is accidentally. Of course I also don't expect my phone to be able to help me much in an emergency.
Well, not an Apple fan personally but on this they are just top of class. Even if this story involves an Apple Watch and not an iPhone, my father-in-law some time ago fainted (due to an underlying heart issue we late uncovered), knocked his head on the toilet when he got up in the middle of the night to go to the bathroom. He lost consciousness for a brief moment and when he regained it, there was already someone from the emergency line speaking through the Apple Watch and he got the ambulance at home faster that without wearing the Apple Watch, and surely helped in saving his life.
Btw I wonder if Apple sends some spoken message to the emergency services or some metadata or just connects the phones and that's it.
Edit: oh and I forgot: my wife got a loud message (that bypassed DND) telling her that her father maybe felt, because she is one of his emergency contacts.
My phone is off at night and I don't have a watch. I try not to let these huge companies FUD me into thinking that I appreciably change my odds of surviving an accident by buying their technology, but I get that others see it differently.
I think a faster / easier approach is to just press the biggest button repeatedly until it makes an emergency call for you.
A five year old is going to find "just squeeze" easier than doing that.
[dead]
Did you take a job at Apple just so you can accept one or more of those PR's that's been bugging you? :)
Wasn't there an xkcd about that scenario...
Just gotta be careful...
https://xkcd.com/1739/
If you ever get the chance, maybe you can be the one that improves that process some day.
Even if it's standard among tech giants, you could be the one that makes a new standard! Good luck in your new role, btw.
Unless one's title is going to be "VP" or "SVP", the chance that someone joins BigTech and gets to "improve the process" is usually miniscule. You're being hired as cog #21 on team #54 and there is a large backlog of JIRA (well, in this case, Radar) tickets to grind through. There will be people who tell you what the processes are, and to not deviate from them. And you shouldn't get mad at those people, either--they're just the messengers, and were told what the processes are by people above them on the totem pole and so on.
Your lack of ambition is a self-fulfilling prophecy.
It’s not a matter of ambition or lack-of. Nobody is going into a 100k+ company and just changing the entire corporate culture around something as broad as bug fixing. These companies have hundreds of teams, and decades of entrenched culture. Sure, go in and improve what you can in your own lane, but be realistic about your scope and reach.
how is this different from any product with a billion users and 100,000+ live bug reports?
I've had pretty good luck reporting bugs to Google (notoriously bad!):
1. provide simple, crystal clear examples that cannot be due to third parties, misconfiguration or user error.
2. show that it's happening to a large number of mainstream users (not niche)
3. show that it breaks critical workflows and has no easy workaround (incl partial workarounds).
4. if you meet #1-3, then wait 6-9 months minimum (more if hard to fix). If not, wait 3-5+ years.
---
Favorite example: in the mid-2000s, I caught google maps confusing suite/apt numbers for street numbers. It got flagged as low priority. So, to get the team's attention, I reproduced the bug on a large Google offices. Six month later, bug fixed.
After that experience, I report everything to Google that breaks my workflow. Like clockwork, the biggies get fixed a couple of quarters later.
---
Want long? Try improving/fixing core issues with the API design of Linux or PostgreSQL: fix times can be measured in decades. Backward compatibility is insufficient - they rightfully worry about libraries and tools adopting the new APIs and then breaking legacy systems that cannot be upgraded even for mission-critical security issues.
---
NOTE: OP bug feels P0 and the better strategy is either mass media (incl HN) or networking to someone inside the company. I've hit those too over the years and can usually find someone at the company to send directly.
[dead]
> I have had extremely bad luck, reporting bugs to Apple.
From your description, your experience is quite typical.
> I guess you can't argue with the results, as they have a market value North of 3 trillion dollars
This was financed by equally massive technical debt.
How does one finance a project or a company with increased maintenance costs and lower quality production?
That’s what technical debt is. It’s the cost for moving forward quickly. I’m not sure I understand what you’re trying to state.
> How does one finance a project or a company with increased maintenance costs
You seem to be assuming that the company will eventually pay off the technical debt rather than just continue accumulating it and lowering production quality.
? This is the system working as designed. The whole game, from startup to fortune 500, is to accumulate market power fast enough to avoid tech debt swallowing you whole.
Once you have market power (which means different things for different companies) you can safely feed the tech debt monster just as little as you feel like.
What's worse about the Apple ecosystem is that because of how tightly coupled it is, a bug fix for Photos would only come as part of a macOS update.
Which means that if that bug has been present since the (now unsupported) Mavericks, tough luck!
I still don't under stand why Apple limits updates to their first party apps to OS updates.
They could really benefit from how Google does it on Android and decouple it. Push updates to their first party apps via the app store like everyone else, and let the OS update on its own separate schedule.
They somehow separate out certain apps, like Safari (on occasion), the iWork suite, and the Pro apps, but I have no idea why they insist on coupling apps like Photos and Music to OS updates.
MacOS updates are several per year though. If a fixes found (and the bug considered a high enough priority) it could show up before 2025 is up.
I think your best bet is to do what you did: write an extensive blog post about it and hope it goes "viral" and grabs the right people at Apple's attention.
I would think the diffs would be telling to the right people.
It's on the front page of HN, so that's a good start!
Have you tried copying the files to the local disk before importing?
I use Lightroom, but always with this workflow (copy files from memory card to disk, then use LR to do the import / move / build previews).
If nothing else, it lets you get your card back much more quickly, as a file-system copy runs at ~1500MBps, which makes a difference when importing 50-100GB of photos.
I also don't delete the images off the memory card until they've been backed up from the disk to some additional medium.
This is what I always do. Rather than go directly from the card reader or camera into Photos or Lightroom, I copy the files onto an SSD, and then bring them in from the SSD. The entire process goes faster.
I also want to point out that I've seen similar corruption in the past, only in Lightroom. The culprit ended up being hardware, not software. Specifically, the card reader's USB cable. I've actually had two of these cables fail on different readers. On the most recent one, I replaced it with a nicer Micro B to USB C cable, and haven't had an issue.
I haven't had actual corruption but had imports take an excessive long time or fail to complete in Lightroom because of bad USB cables or (I think) bad USB jack.
Generally I'm frustrated with the state of USB. Bad cables are all over the place and I'm inclined to throw cables out if I have the slightest problem with them. My take is that the import process with Lightroom is fast and reliable if I am using good readers and good cables; it is fine importing photos from my Sony a7iv off a CFExpress card but my Sony a7ii has always been problematic and benefits greatly from taking the memory card out and putting it in a dedicated reader, sometimes I use the second slot in the a7iv.
> I'd report it to Apple
What's the point of it? It is well known in the industry they ignore bugreports.
Also, this bug doesn't affect the majority of users, so it won't ever be fixed.
I worked on the Photos team a decade ago — some of what you're saying I can vouch for. If it is a rare occurrence, that lowers the priority of the bug. Data corruption though? That moves it to the top.
I'll tell you a secret though that kind of pisses me off. If you have shipped with a bug, that automatically lowers the perceived priority as well. You know, as opposed to introducing a new bug in a new release. "We've already lived with that old bug…" seems to be the mind set. Oh well.
To be sure though, if you saw the number of bugs that queue up for a popular app like Photos, you'd know that fixing all of them is not going to be possible — some kind of system of prioritization is required.
Yeah, I have had friends in Apple and they have described pretty much the same approach. It's perfectly understood.
There is one more thing that gets factored into the bug triage. If the bug affects professional users (as in, data corruption from external media) - fuck them. Apple couldn't care less about professional users. The priority is to fix Photos.app for utility gauge pics and preferably in HEIC and other default settings.
> I'll tell you a secret though that kind of pisses me off. If you have shipped with a bug, that automatically lowers the perceived priority as well. You know, as opposed to introducing a new bug in a new release.
This mentality is all over BigTech: This bug didn't block release X-1, why should it block release X? So, it inevitably just sits in the backlog forever. If your releases are 90 days apart, any bug found has an average of 45 days to be fixed, or it ends up on the "we lived with it last time" list.
If you have more bugs than you can fix in a given amount of time then you have to prioritize somehow.
“This bug didn't block release X-1, why should it block release X?” Is actually a pretty strong argument and tough, but not impossible, to counter.
And the bug backlog only gets longer with time. It’s the price of greatly increased software complexity.
What’s wild is that this kind of bug feels like something that should’ve been caught with even minimal end-to-end integrity checks
Maybe bad RAM flipping bits?
Edit: Nevermind, the contents are vastly changed. This is like a different stream of input got used, or a buffer was written over with contents from another image.
This bug has happened on multiple, perhaps all, iphones I ever owned, I clearly remember at least 3 where I spent hours on trying to save (extract) photos from my iphone with different tools.
”Glad” to see it was an actual bug.
Interesting that he went from 30% failure to it taking a while to find a single failure after replacing everything.
Random is random, and random is clumpy, so maybe swapping parts is irrelevant, but... I wanted more detail how often the corruption happened throughout his replacement journey.
edit: also wth i just realized I went to "tenderlovemaking.com" at work. gross. lol.
I'd be interested in knowing if he was multitasking and using a lot of memory. I know wedding photos are usually something you feel rushed to upload so maybe this issue can be made worse depending on system resource availability.
yeah copying can take a loooooooong time and so you multitask.
maybe the randomness is based on the other apps he's using at the same time.
Since it looks like a concurrency issue, most likely the new laptop made the issue less frequent through the simple virtue of being faster.
That's not everything that happened, a big non-replacement part
> I stopped checking the “delete after import” button
I wonder if it’s related to import sources, and maybe the speed of that hardware. They are still successfully importing the photos into the Photos app, just not from the camera.
Sounds like an argument for Apple to provide a new high-level media import framework?
Why? A new framework gets you new bugs instead of the old ones, but not necessarily fewer or less severe ones.
It’s more likely that things will be reversed: the old, battle-tested framework may have bugs, but it’s is less likely to have serious ones.
They should try to hunt down bugs in the existing code. A partial rewrite of parts that historically have many bugs may be in order, but a complete replacement? Unlikely to be an improvement.
Well I'd imagine the new framework wouldn't rewrite old but wrap the existing low level APIs in a way that is not error prone. Centralize the tricky bits so Photos and third party apps don’t each have to reinvent them?
Always count on Tenderlove for a detailed technical deep dive! I've missed your blog.
Tangential story - 12-13 years ago I was a burgeoning and super eager software dev that moved to Seattle to be closer to "the scene." tenderlove's content was a major reason for me going there and I poured through his posts learning way too much about Nokogiri, Active Record, and much much more.
I went to every Ruby meetup I could get to out there and I remember one in particular, a Seattle RB meetup, in the Substantial office. It was a pretty small group, at most 15-20 people.
I was with a coder buddy but knew nobody else. We were all just drinking pints of Manny's beer and eating pizza from Big Mario's or something. Ryan Davis (the creator of minitest among other things) was doing a presentation on Unicode.
Aaron Patterson (tenderlove) was cracking jokes at every opportunity. At one point I asked a relatively naive question and Aaron _tenderly_ answered in joke-form response. I felt such a _part_ of the scene then. Aja Hammerly was super engaged in the presentation, I think even Ryan Bates and/or Geoffrey Grosenbach were there.
It was quite surreal to be in this dream-like state around giants and heroes just doing what they were doing and being so inclusive. It seemed so normal but became a core memory.
Thanks for everything Aaron, you've truly been an inspiration!
As an Olympus shooter this is good to know.
But good gravy that troubleshooting path got expensive real fast. Replacing the laptop and the camera? Why not start by trying something other than Photos? It doesn’t even need to be a paid product; the Olympus software is free not to mention a good baseline since it - of all the applications - should be able to import photos without corrupting them.
Edit to add: delete on import seems pretty risky. My workflow is to import and only delete from the camera after 1) the imported photos are backed up 2) I’ve done a first pass culling.
Yeah, after you've had this problem once it seems you'd uncheck delete after import before buying a literally entirely new photography system.
My workflow is don't delete after import but format the card in the camera afterwards. I have XXXL cards and it is not such a problem if I forget to format.
I had one case where I screwed up a shoot and thought file corruption might have been involved (it wasn't) Even though I had formatted the card with the camera and shot maybe 5 test shots I was able to recover most of the images with Disk Drill
https://www.cleverfiles.com/data-recovery-software.html
which has both Windows and Mac versions and looking at a sample of them confirmed it wasn't corruption, it was user error.
[dead]
I too sometimes use troubleshooting as an excuse to get new hardware I had been meaning to upgrade to.
My first thought was “software troubleshooting is a lot cheaper than hardware troubleshooting!” Maybe the author isn’t bound by the same economic realities as some of us are accustomed to.
I feel like this is a URL that I don't want in my history
There is a very popular professional audio website called Gearspace that had a much spicier name for a long, long time.
https://gearspace.com/
https://www.reddit.com/r/audioengineering/comments/mftc0g/ge...
before stackoverflow there was expertsexchange.com and they were forced to add a hyphen to the name because people kept making fun of the expertSEXchange, it became experts-exchange.com
Wow, I probably haven't logged into EE into 20 years. I just tried now and somehow guessed my username and 5 letter password first time. They want $9.99 to let me in, though, but they claim to have all my achievements still...
Oh wow, I'm surprised the name change appears to be so universally appreciated on reddit.
It doesn't strike me as different from "porn" i.e. "unix porn" "food porn" etc, which are at least somewhat widely accepted. I assumed it was self-aware/deprecating humor, as in the people there recognized they were frequently replacing which gear they used beyond what might be strictly necessary.
It was colorful, in the way a lot of music and art is colorful. It's not like it's a sysadmin forum...
Modwiggler changed name around the same time.
Ha ha, I remember that name.
I guess the reason why modern times feel so bland is because we all agree on the lowest common denominator, and then celebrate that as "iNcLuSiViTy". If anything you do has any personality, aka deviates from the standard workflow, it immediately gets a disadvantaged position on the free market.
It's like, we collectively prioritize efficiency over fun and then we wonder why life is not fun even though it is efficient.
Dumb frat-boy innuendos count as personality now, huh?
Let's just leave aside the fact that the name genuinely made many people uncomfortable and unwelcome there (it did), it was also just teenage and immature. There's ways to inject personality and fun into a social experience without giggling about sex. Talk about lowest common denominator...
In the late 90s my then-wife was watching over my shoulder one day and saw the domain “freshmeat.net” pop up as a possible auto-completion in my address bar. She was justifiably suspicious until I showed her it was just a software distribution site.
Infohazard warning:
C++ reference is one of these.
See also: Experts Exchange, Pen Island
There was also a website for a mole station, but I'm not sure if that one was satire.
And she wasn’t suspicious of amazon.com? ;)
As if "tender lovemaking" is so shocking?
Obviously there must be bureaucracy and an RFP involved!
Whaaa, you don't like tender lovemaking?
I’m old enough to remember arXiv being hosted by Los Alamos National Laboratory under the domain xxx.lanl.gov.
It’s understandable why they changed their name.
This reminds me of a flash games website from 2007. The domain was something like sogay.com. one time I had to spell it to my father. He asked if I'm sure before pressing enter lol
Why? It's brilliant.
The URL might be mistaken for some different content?
Well, then don't browse from the church computer
ZScaler gets pissed off going to frame.work just because of a “malicious TLD”.
I don’t even want to know what ZScaler thinks of “tender love making”.
What's brilliant about it? What's the reference, for those of us unfamiliar?
It is simply hilarious to make grown adults visit a website called tender love making dot com (a sexual reference) to read a very specific and niche blog about technology.
"tender love making" and then the specific URL mention photos and corruption... it could look really bad!
You are welcome not to visit it if you do not want to hear from a Rails contributor for over 10 years.
The author's name is tenderlove. He has been a famous contributor to Ruby and Rails for at least 10 years. If this is objectionable to you, it shows your lack of expertise.
Site belongs to Aaron Patterson, one off the most prolific Ruby developers in the world.
Something something Railed.
Nah that's just a one off
I also have an OM System camera (OM-5) and never get corruption this bad but occasionally got one row of green pixels at the bottom of a photo during import to Photos. I thought I was crazy, but this motivates me to change up my routine and check if it was Photos all along.
Never thought to suspect Photos itself
I feel it's OM camera issue.
I've been importing raws for years from Sony and earlier from Pentax and didn't experience it.
In fact searching for "OM image corruption" shows bunch of results not related to Apple Photo.
My guess is that OM has buggy SD driver which starts deletion before actual read finished.
I ran into the same corruption issue without any sort of RAW images and without using OM camera. My partner was pissed at me, thinking it was my fault. But it turns out that Apple Photos is to blame!
It comes back to my fundamental philosophy that apple is the problem and we should abandon it until it shapes up
Kind of horrifying. You expect Photos to be dumb and slow, sure, but corrupting files
I’ve been seeing this happen on older photos that had imported properly, and I just use my iPhone and view photos on my Mac and iPhone. Looking back, I’ve lost whole chunks of my photo library. It’s a bigger problem than I realized. I don’t have these backed up elsewhere.
I used to see this when I had iCloud Photo Library turned on. It randomly corrupted old photos that were correct. It corrupted both photos taken on the iPhone and photos imported from a real camera.
I have since turned off iCloud Photo Library, downgraded iCloud (no longer needed so much storage), and started using fully open source photo management with flat files on disk.
You work in IT right? always backup
I realize it's easy to think or assume this is a bug affecting everyone but for what it's worth, I've had zero issues importing photos from my Sony a6000 and a7iii for the past eight or so years. Tens of thousands of photos at this point.
For the longest time my process while traveling was importing onto my iPad or occasionally my iPhone since I didn't have a personal laptop, just a Mac Mini at home.
I hadn’t dug that far in to it, thanks for sharing! I assumed my rather old SD card or the adapter I keep stuffed at the bottom of my bag was the issue as I’ve only seen it on a couple of photos.
I’ve used Olympus cameras for over a decade. Well, the same camera to be honest, a PEN E-PM2. This has only appeared in the past couple of years.
I haven’t seen it on photos from my Canon EOS 80D yet, but I guess it’s time to change my workflow. And maybe OS.
Well, it might even be a bad sector in RAM or SSD somewhere.
Though, considering the macOS 26, it’s likely the Photos app.
It would be very helpful to document the version number of the Photos app that demonstrates this behaviour so anyone else who is affected can use this article to keep track of potential fixes.
Apple just isn't as good at software anymore. The same thing can be said for almost any big software company, though. Generally QA seems to really not be a priority anymore.
I've not experienced corruption like the author, since my workflow involves copying the raw files from sdcard to harddrive, and then importing into Photos. After processing the raws in Photos, I export a .jpg back out to the filesystem.
That's because my worry is corruption of the entire Library, which Photos stores as one gigantic opaque file/directory abomination. My .photoslibrary file is currently 70gb in size, and I'm terrified of what would happen if it becomes corrupted. The Photos app crashes not infrequently.
> That's because my worry is corruption of the entire Library, which Photos stores as one gigantic opaque file/directory abomination. My .photoslibrary file is currently 70gb in size, and I'm terrified of what would happen if it becomes corrupted.
It's a folder that acts like a file.
Right click > Show Package Contents works, and there's an "originals" folder that should have all your photos in normal everyday files.
Photos uses sqlite. I came across this but haven't tried them yet. https://github.com/AndrewRathbun/iOS_Photos.sqlite_Queries
Apple corrupted images on my iPhone where I can’t import them to my PC via photos, but I can backup the whole phone.
They finally recognized there is an issue, but there is no fix, as of a few weeks ago :(
I had a similar issue recently. I used the Windows Photo app to import & delete photos from my iPhone. When it finished, I realized that a significant fraction of the photos had been corrupted. Not sure where in the pipeline it happened, or if they were already corrupted on the phone.
Yeah, that's one of the billion reasons I'm sticking to Android phones with gasp file managers and shock expandable storage via an SD card slot.
I never need to import anything when I can simply copy the data from the card.
But files are hard, scary and dangerous! What if a scammer asks Grandma to open the files app or copy photos directly to her pc!?
Not sure if related but importing images via image capture on mac to the disk of the mac gives you correct time when the photo was taken in the file (kind of important if it’s family photos). But if you import it to a usb drive you get current time as creation time for each file so you’ve lost any timestamp you had on the photos.
> Not sure if related but importing images via image capture on mac to the disk of the mac gives you correct time when the photo was taken in the file (kind of important if it’s family photos).
Something related: exporting originals from Photos used to give the current timestamp back in Ventura, which annoyed me to no end.
They fixed that bug in either Sonoma or Sequoia (I jumped straight from Ventura to Sequoia).
> kind of important if it’s family photos
Anything important should be kept inside the file. Filesystem metadata gets lost all the time, isn't consistent between operating systems, zipping up a folder and extracting it will probably mess up timestampts too.
Apple's Migration Assistant messed up timestamps when I did a M2 > M4 copy recently.
Dropbox doesn't seem to keep timestamps properly either.
I like using filesystem timestamps to sort through things in Finder, and thankfully I like A Better Finder Attributes for being able to batch copy EXIF data into timestamps.
[1] https://www.publicspace.net/ABetterFinderAttributes/index.ht...
I had this with some old photos but you can quickly rsync preserving metadata and then use exiftool to fill in the time and the whole thing will always work. After that I pasted it in Google Photos and it’s correctly in the timeline. Remarkable how easy this stuff is these days with LLM.
iPhoto still works just fine, and I refused to move. And I never have it or anything else be the only place an image exists. Storage is cheap.
I remember years ago I lost some random videos on iCloud (synced via the Photos app). The filenames were there but they couldn't be opened anymore and seemed corrupt. Since then I never trusted iCloud anymore and switched to Syncthing (which back then also messed up some of my data if I recall correctly) and then Nextcloud.
I am not letting Apple Photos touch my photos. Neither Google Photos, etc.
All my photos are managed using Digikam and developed using Darktable. They are also visualized via immich, but immich only has access via a read-only mountpoint.
Everything is hosted locally of course.
I am moving this direction, but for now as a redundancy purpose. Copied google take out into immich, who has its mountpoint use truenas iscsi backed by zfs. Zfs is set to take snapshots frequently.
Just a warning, I don't think that ZFS snapshots are sufficient for ZFS bitrot protection.
Ensuring ZFS has at least 2 copies on physically separate disks and using scrub frequently is the way, right?
Please correct me if I am wrong HN!
Your workflow was horrendous, and now it's merely bad. Don't touch any images on the card until you're sure that the images imported correctly AND your local and cloud backups have backed up the images. I assume you have local and cloud backups. If not, you should set them up right away. Really, cards hold a huge number of images and there should be no rush to empty them out.
That the workflow could be better does not really excuse the software corrupting the images. This is like the "you are holding it wrong" type excuse.
Yeah it really amused me that he went through tons of steps, buying lots of new hardware, etc before simply unchecking the delete images box.
You also shouldn't delete from the SD card using your laptop anyway. Always use the in-camera format. This was a bad workflow from the beginning, no idea why you would ever click "Delete after import" when importing directly off an SD card.
Also a good idea to copy to multiple locations when importing. When I do professional work and import into Lightroom from SD card I have it set to create two copies - import to my external SSD (the "working" copy) and also copies the files to my NAS (which is then backed up to the cloud).
Nowhere in that process do I ever delete anything.
I shoot RAW but I wouldn't want to eat up all my iCloud space with my RAW files. They're 80MB each off of my Fujifilm camera. I store them on a local DAS instead. Curious what the real use case is for storing RAW on iPhoto.
Backups on the go. 2TB iCloud + wifi + sd card reader for iPhone.
No longer have to bring laptop or external drive along for backups
You can put your apple photos library on an external / network attached drive. Thats what I do, since my photo library has grown to ~300gb. And I'd much rather buy a hard drive than rent one from apple.
There's also the excellent osxphotos utility which can export / backup / migrate photos in and out of apple photos:
https://github.com/RhetTbull/osxphotos
I have tried fairly persistently to make Apple Photos my primary photo management tool and I finally gave up recently. The app crashes repeatedly when I have it open—only occasionally until this year but the frequency has increased to the point that it no longer feels usable. A real shame. I’d rather stay in the ecosystem if I had the choice.
What are some good Open Source / Self Hosted alternatives to Apple Photos (Desktop)? I pretty much keep my Mac Mini around solely to import photos from our phones, free up space on the phone, and backup the Photos DB. We like to go back and look at old photos from time to time too, and the feature that shows them on a map is a big one for us.
Last time I looked (pre-COVID) there wasn't a lot of promising options, and some didn't support HEIF images
Immich.app, with their import from iCloud CLI command to seed it: https://github.com/simulot/immich-go#from-icloud-sub-command
I use and enjoy PhotoPrism. It's open source and self hosted. It has the map view. It accepts imports via WebDAV, or you can manage files completely manually without using the import feature.
It's strictly for looking and exploring old photos. It doesn't do photo editing (except metadata editing), nor do I expect it to.
I'm fond of digikam https://www.digikam.org/ it's simple enough for most users and has complex features for more advanced users its open source cross platform and doesn't do some weird rearranging of files so you can still use your file browser too.
Immich could solve what you are looking for. It supports wireless upload to the server, everything is stored locally and it has some neat additional features.
https://immich.app/
> Turns out “delete after import” was a huge mistake.
I learned the hard way to never delete photos from the SD. Just buy a new one it's so cheap anyway.
Great article by the way, sounds like my kind of rabbit hole :)
> Just buy a new one it's so cheap anyway
Not a good idea, you are going to have piles and piles of SD cards that will be hard to manage, and you will burn through $$$.
I do the same (though not for personal photos, only for my professional wedding work). SD cards are small, I have a stack in a safe.
Every professional/paid client I shoot for, I do on new SD cards. I have dual slot cameras, so one card just permanently lives in my camera and gets formatted between shoots, the other I treat as a one-time use card.
Doesn't eat into my margin too much, and I appreciate the extra redundancy when dealing with someone else's wedding photos, so that if somehow something went catastrophically wrong with the rest of my back up process and off sites, at the very least I still have the SD card with the RAWs on it.
people have catalogued and tracked physical items for centuries without issue; a 1TB SD card is now $75 and can store perhaps a year worth of photos
> Turns out “delete after import” was a huge mistake.
https://www.cgsecurity.org/wiki/photoRec
Back in 2011 I did the grave mistake of updating my iPad to the beta version of iOS. It was iOS 4 I believe. I took it with me on my honeymoon travel in US. My use case was to offload images onto the iPhotos app with an SD adapter. I bought the Apple Dock one.
On day 7 or so the import failed and all files on the pad got corrupted. But also the SD card got corrupted.
I stopped using the device and the card because I knew not all is lost. I had to buy a new card in SF as replacement. Back home I used a recovery software to check if data is still on the card (I used the same software before on a card that got deleted by another person and I was able to get all images back). I was able to get most of the images recovered and also recovered a few from the iPad. All in all I lost maybe 10 out of a few 100. Now I travel with multiple cards and backup already each night while in the hotel. And I don’t delete the images on the SD Card. I format only when I’m sure I have everything copied and secured.
It feels less of security related and and more of ecosystem lock-in related to be honest
This is really good to know. I’ve never personally run into this problem despite having the same hardware because I only ever put the final jpeg into apple photos and keep the camera output completely outside of the Apple ecosystem on a hard drive.
Have you tried importing them using the Image Capture app on iOS, instead of the Photos app? It just gets them off the camera/SDCard and onto your Mac in a folder, which you can then drag onto Photos.app -- worth a shot.
Past few days, i created a copy of all my photos on google in my nas. This gave me a peace of mind in case something catastrophic happens (image corruption, account getting banned etc)...
I had a weird issue with at least one photo in Apple Photos recently (possibly more that I haven't found) where the photos app showed the image, but I couldn't export it - like it was only a preview. I've upgraded my photos database over many release so I don't know if that's a part of it, the photo in question was from 2018 or so
See if you can File->Duplicate Photo it first.
Im interested to see if you encounter the same with a different phone. Most probably a software issue, but are we sure it isnt something defective with your phone?
My read of the article is that they were importing photos from their camera to their laptop, so there's no phone involved anywhere here.
I stopped using the Photos App on Mac because of this, has happened on several occasions.
Somewhat tangental, but I keep my music in the Music app. Wireless music sync is great and usually does what I need. Once in a blue moon, however, it'll absolutely scramble every album cover of every song I have.
I'm feeling dumb, but that seems a really different RailsConf than I was expecting.
This bug has been there for years, probably a decade.
I got similar symptoms as mentioned, I suspected AFS+, but what do I know. It has happened on at least 3 iphones (pros), now when I think about it, I don’t remember any iphone I haven’t have troubles with. Having 5000+ images (non-raw) where 5-10% are corrupt is infuriating, but I just stupidly buy another iphone every year (the most expensive one).
Re-importing images 10-100 times could sometimes extract a few additional images, but the phone just disconnects after a while when running such scripts.
I’ve never had this bad of corruption. But not surprised.
Personally, I have seen a row of green pixels on the top or bottom + vertically flipped photos on import.
Good sleuthing!
Use photorec to recover from the old SD card even if you deleted
Then for the current files you’ll want to see what happened. Often with this class of problem either the bytes are zeroed or shifted. Since the size is the same, perhaps they’re zeroed or perhaps bytes are LE to BE or dumb shit like that (don’t know why it would be but weird world right).
Just diff and see if you see anything (I wrote off memory but you get the idea)
If files are getting zeroed sucks but otherwise maybe you can swizzle it back out. If full bytes look weird, look at binary representation and see if you have pattern.From that bare start you can see what’s up.
Fortunately it mentions early on in the article that this is related to an Olympus camera so I'm guessing this has something to do with the OM system's flavor of Olympus's proprietary ORF format.
This would not surprise me. For whatever reason, ORF files from the TG-4 import fine, but CoreRAW doesn't handle the TG-6, so I need to either use RAW+JPEG or convert to DNG.
He says the checksums are different but he doesn’t provide a diff to show how different. It could just be a single flipped bit or something. And that could happen in his own RAM/disk/CPU/router so seems premature to immediately blame Apple.
Here you go!
I ran both files through xxd then diffed them. I've literally changed every piece of hardware (at no small cost). "premature to immediately blame Apple" seems a bit off.I tried running the file segments through a binary diff with Hex Fiend
As far as I can tell:
- 0x7800 bytes were replaced at file offset 0x00aa0000
- 0x2200 bytes were replaced at file offset 0x00aa8000
I can't tell if the replacement data came from a different part of the file, or somewhere totally different. Race condition somewhere sounds plausible.
gcd(0x2200,0x7800) = 512
So some part of the chain with 512 byte buffer size corrupted the data.
It doesn't look like a memory corruption but if this were my computer I'd run the equivalent of memtest86 on it.
It looks like a filing system corruption to me. Running `diskutil info` on the main harddisk and the sd card might be interesting to see if the block sizes match.
Running a disk tester on the sd card and the main disk might be a good idea too. Here is one I wrote: https://github.com/ncw/stressdisk
This is the kind of stuff that makes me wish my Binary Diff Tool was already completed, but unfortunately I'm still working on it. Can't tell much what's wrong with the differences in the bytes without knowing what the structure behind it is.
There's a corrupted photo at the top of the article and the non corrupt version at the bottom, is that not enough?
No, it isn’t. The OP isn’t questioning whether the file changed, but asking what changed to the file, not what changed visibly.
The visible effect shown could be due to a change as small as a single bit flip. It also could be that large parts of the file got overwritten, or that it partially got zeroed. The exact kind of damage can help pinpoint the cause of the problem.
Yeah, I would have been interested in the diff too.
That said, the article does mention replacing basically all the hardware and still encountering the issue. FWIW, my personal experience with Apple software so far is that the usage expected for Average Joe is well tested and polished. But stepping outside of that, it's "Here be dragons" territory very quickly.
He switched out his laptop.
"I’ve not seen any file corruption when importing to Darktable, so I am convinced this is a problem with the Photos app."
Yes this argument is a bit unconvincing for me. Not saying Apple photos doesn't corrupt his files, but this is not real proper investigating either.
> Bought a new laptop Bought a new camera: the OM System OM-1 MKii
I think he was just looking for an excuse to buy new kit
The default behavior for handling cards containing images is a read-only mount, and copy all the images without any modifications.
When flash fails it returns garbage or zeros instead of (what was) your data. It can be tranient or persistent. And without any error codes from the storage device or the file system.
If storage returns garbage for filesystem metadata, all bets are off how the OS filesystem driver will behave.
Reformat should be done in camera. And that card used only in that camera. And only that camera gets to write to that card. And don't delete individual images.
See also the Image Capture bug from several years ago where it appends a ton of empty data to imported photos:
https://cdfinder.de/blog/files/image_capture_bug.html
(I'm not sure whether this bug has been fixed or not yet, though I think it has been fixed.)
Image Capture did me dirty once. Macbook ran out of space while importing photos but it never stopped and kept on deleting photos from my iPhone. Lost 5K photos of a wedding... submitted a bug and hopefully it has been rectified.
Image Capture hasn't had a delete after import checkbox for a few versions now, I think.
I have Apple Photos but I never thought to use it to automatically import my photos and clean it up. My process is very similar to where you've ended up. Thanks for validating it--I'll never change it.
for context, the author is Aaron Patterson of Ruby and Ruby and Rails fame, a proficient C programmer and overall hacker, he knows his stuff
For transferring files (photos or others) from iOS, I have been using Landrop for a while and never had any issues so far, it’s also way faster than using a cable.
I use PhotoSync for images which works (most of the time ;) ) automatically in the background. Once or twice a month I give it a kick to make sure...
For transferring photos from your Iphone to your Mac, you can also use the native Image Capture app.
I always wonder about the motivation behind these polished, high-quality programs on the App Store which are not open source, and also don't collect (much) data, neither have ads in them.
It’s open source, else I wouldn’t recommended it
https://github.com/LANDrop/LANDrop
I used it along with another called Localsend, but the later one gave me a bit of headache and crashed while transferring some large files last time I used it, but still great as an alternative too, and it’s open source as well.
Edit: Actually, you are correct, it seems they did close it! Try localsend instead.
Love LocalSend. Can be a bit finicky but for quick transfers between systems I love it. Use it so my work laptop, Linux gaming PC, and iPhone can easily pass staff around.
You figured out how to teleport people through local send?
Coming Eventually:TM:
This article is about importing photos from an SD card to MacOS
...just discovered DarkTable because of this! #win
Imagine having the resources of Apple and not testing your software. We deserve better.
[dead]
[flagged]
[flagged]
Where can I get professional-grade toothpicks?
Ask your dentist?
This is what you get when you buy consumer hardware.
And when your Toyota breaks down, we'll all be there to tell you that you should have bought a military-spec truck.
[flagged]
Why?
[dead]
WTF is that URL? I'm NOT clicking on that. LOL
> Turns out “delete after import” was a huge mistake.
That's a mistake no mater what application you're importing to, else we'll be graced with another blog post, "Darktable app Corrupts Photos".
What's the purpose of RAW+jpg though? Seems rather redundant?
> That's a mistake no mater what application you're importing to, else we'll be graced with another blog post, "Darktable app Corrupts Photos"
Thanks dad.
> What's the purpose of RAW+jpg though? Seems rather redundant?
You get to keep out of camera jpg files. Some people might like how their camera processes jpg files and might also want the raw file for a scenario when a more complex editing is needed.
Interesting, based on this and other replies, it sounds like Photos App should have an option to select what to import? i.e. RAW or jpg, but not both.
It sounds like Photos App can have issues trying to import both at the same time?
As I said in my blog post, it imports both and combines them in the UI. Also as I said in my blog post, I switched to shooting only in raw, and it still exhibited file corruption.
I commend you for your patience with this comment section.
Speed. It all comes down to speed.
Processing RAW can be expensive time wise. If you’re sorting through a session of 10,000 photos, you want the speed that comes with the jpeg variant, which allows you to quickly sort out blurry, smeared, severely mis-exposed, and other various defect photos.
The storage cost is negligible (JPEG75@10MP is cheap) and the workflow benefit is immediate. Additionally, cropping and early white balance corrections (as well as a handful of other things) are much faster to preview with a non-RAW version of the image; since you’ll be processing that detail later anyway from scratch in the RAW later, it’s functionally free to do it on the jpeg version before you dig into the raw.
Additionally, there’s a cheap debugging aspect that you saw here: was it Apple Photos mishandling ORF? Was it something else? When working with both, you have a “reference” that can be used to make sure your digital development pipeline is set up correctly; finer details about the imager can sometimes get mangled by some RAW developers like pixel order and sub pixel blending. Not every CCD is a linear grid, not every LCD looks the same, but if you can get your RAW pipeline producing ≈the same as your camera did, it verifies that you have things mostly set up correctly.
> Speed. It all comes down to speed.
GP isn't wrong though. Most cameras embed a medium quality full-resolution JPEG along a couple different thumbnails in raw files, so saving raw+normal JPG is kinda pointless, because the raw already contains that jpeg. Raw+jpg is only easier in the sense that many/most non-vendor tools - even viewers - can't properly handle the embedded jpg so it's easier to just duplicate the storage (e.g. 50 MB for the raw + 10-20 MB for the JPG) and take the hit on storage consumption/transfer time.
With SD cards relatively cheap I long thought about, why delete them at all. Just put them into a box after importing the images/when full. So you still have a physical backup.
I also use RAW+JPG. Latter part allows quick sharing without long post-processing, esp. for impatient friends.
If I'm going to share the photo to an album or something, I process the RAWs selectively.
Is this downvoted because of the last line i.e.
Otherwise, it is wise to highlight that "delete after import" is not a good choice in general.I personally would not let device A to automatically delete files from device B while files are being copied from B to A.
My workflow is quite manual when bringing pictures in from camera to my MacBook.
- I simply take the SD Card from the camera and then use the SD Card reader on MacBook itself to copy the files (RAW + JPEG) into a working directory.
- Move just the JPEGs into Apple Photos library
- The ones which I think I can/should improve using RAW processing, are processed in DxO Photo Lab and exported to JPEG with a *_DXO.JPEG filename
- DXO Processed JPEGs are added to Apple Photos again. This time due to the naming scheme, the DXO processed JPEGs and camera baked JPEGs are next to each other which helps in quickly checking the results.
- Delete the camera baked JPEG once I am happy with DXO's output
Regarding...
...as others have pointed out. Shooting RAW+JPEG is like an insurance policy where if the camera was unable to produce a result which I would like to keep, I have the RAW to play with.I only keep JPEGs in Apple Photos as all of my image library is backed up to iCloud and don't want that duplication.
RAW files get backed up to another SSD. Looking into a better backup for RAW files.
Also, since I switched recently to a camera which uses CFeB cards for best experience (but also has a SD card slot), the onboard SD Card reader on my MacBook will become useless for this once I get an external CFeB reader.
JPG so you can also see the default camera processing which might be work well from time to time. RAW in case it doesn't.
I don't know why this is downvoted.
Because it's utterly irrelevant nitpicking, acting as if a blog post is something that was inflicted on hk1337, followed by a question about a pretty basic concept demonstrating a very limited understanding of the domain, which would be fine if the assumption of good-faith wasn't undermined by the preceding text.