Had the pleasure of making an Apple account to join our company's developer team. I filled out the form on the website 7 times: Edge on Windows, Edge on macOS, Safari on macOS, using 2 different phone numbers. No matter what, Apple just refused to send the verification code to me.
It only worked after I remember Apple is a dick to the web platform, then I managed to create one from the popup in the App Store.
Apple also makes it a biznatch to make a developer account separate from your personal account. In Apple's ideal world, multiple accounts should in no circumstance ever exist. I, in an ideal world, would agree with this. But we live in this world, where Apple bans accounts for redeeming legitimate gift cards.
And yet Apple CREATED the multiple-accounts problem for millions of people by implementing their idiotic "Apple ID must be an E-mail address" policy.
So of course people thought that when they changed jobs, cable companies, or whatever... they needed to create a new Apple ID with their new E-mail address. This was reinforced when Apple further stupidified their policy by requiring your ID to be a WORKING E-mail address (originally it didn't actually have to work).
After the outcry over people's App Store and other purchases being scattered across multiple IDs, Apple finally publicly and huffily declared that they weren't going to fix the problem they created by letting people consolidate accounts.
The moral: Don't force people to use E-mail addresses as user IDs. It's stupid on several levels.
> Apple finally publicly and huffily declared that they weren't going to fix the problem they created by letting people consolidate accounts.
They somewhat changed that. It now is possible to move purchases between accounts. See https://support.apple.com/en-us/117294. Looks quite cumbersome to do, and will not apply to everybody (“If an Apple Account is only used for making purchases, those purchases can be migrated to a primary Apple Account to consolidate them.”, “This feature isn’t available to users in India.”)
It's not super difficult if you have an Apple ID from many years ago that you bought media with and then have a different Apple ID that you use for everything. Which isn't that uncommon for anyone who used iTunes and bought music or media and then forgot their ID and just made a new one when they got a iPhone or Macbook. Was able to transfer all my purchases to my main account pretty easily.
The real downside is if you have two fully active Apple IDs. Then things like calendars, photos, email, etc are still stuck on the other account until you export it. Which can be a pain since you have to sign out of your main account, sign into the old account and export, then sign back into the main account.
What's weird, and I'm not sure if it's a documented or undocumented feature, but the account I am logged into on the App Store differs from the one logged into on the system. The system Apple ID is setup with Family Sharing, and the users are able to use apps purchased with the secondary Apple ID.
I haven't transferred the purchases or anything either. The two Apple IDs have different purchases on them, and those on Family Sharing are able to access both.
Interesting. But WTF is a "primary" Apple account? My original Apple ID isn't an E-mail address, so they forced me (and others in that situation) to create another one for iCloud because that one inexplicably has to be an E-mail address.
I use both for quite a few things. Which one is "primary?"
That text is badly written. They define that after mentioning it:
“At the time of migration, the Apple Account signed in for use with iCloud and most features on your iPhone or iPad will be referred to as the primary Apple Account.
At the time of migration, the Apple Account signed in just for use with Media & Purchases will be referred to as the secondary Apple Account.”
⇒ apparently you can be signed into multiple accounts at the same time ¿but I guess with only one account per feature?
But as I said, that page is badly written. So, maybe I’m understanding it wrong.
> of course people thought that when they changed jobs, cable companies, or whatever... they needed to create a new Apple ID with their new E-mail address.
This belief is rampant amongst 90% of the general public. I had to spend an hour helping a friend last week who had created a new Cash App account to do their taxes, because they didn't prefer the old email address that was on their longstanding Cash App account. So now they have to keep 2 Cash App accounts forever. And to make things more fun, they're obsessed with phone numbers there, so adding the phone to the second account pulls it off the other account.
Oh, and digression but I have to vent: their login process on the web is, in some order: an SMS to your phone, another numeric to your email, and your password. All in succession, on every login.
Thanks for the anecdote backing up my longstanding suspicion on that.
This is also why using E-mail addresses as user IDs is monumentally stupid: People will think that they need to use their E-mail password, too. So now any entity with this ID policy becomes a gatekeeper not only to their own site or service, but the user's E-mail account.
One poor security regime or disgruntled employee at one obscure Web site can now enable identity theft on a grand scale, by exposing E-mail addresses and passwords.
There's a reason that banks and brokerages don't employ this ignorant policy. It's disappointing that Apple set such a poor example by implementing it. Then they had to run around trying to mitigate the harm with 2FA and other measures, after high-profile "hacking" attacks on journalists and celebs.
And Apple won't let you add all your "trusted phone numbers" to all those accounts. So, if you are in country A and your country B phone can't receive SMSs, and you get a new device, you can't log into country B account because 2FA via SMS does not work. (And no, you can't just make multiple accounts on a MacBook or other device that supports multiple accounts for non-SMS 2FA; login fails.)
Pff, Apple can't even keep your contacts intact if you go abroad.
I traveled to Australia and got a local SIM. Suddenly every incoming call was from an unknown caller, even though every one was in my address book. Apple is too stupid to handle international calling in the 2020s. I mean... WTF?
Then again, this is the same company that "helpfully" changes all your calendar appointment times when you travel to a different time zone... with NO WAY TO PREVENT IT. So if you go east, you're going to miss any events you set up in advance... including flights home.
> And yet Apple CREATED the multiple-accounts problem for millions of people by implementing their idiotic "Apple ID must be an E-mail address" policy.
Ironically they then relented only for India and China because market share too sweet, so all auth developers now need to update the assumption that Apple auth users have an email address. Worst of both worlds :)
> So of course people thought that when they changed jobs, cable companies, or whatever... they needed to create a new Apple ID with their new E-mail address.
I am facing this issue right now. I need to create a separate developer account because I am risk averse. Do I need a new phone number for this? Online some people say yes, others say no. I tried creating the account several times but it just doesn't work. At this point I am planning to just get a prepaid SIM card from US Mobile for the phone number.
Apple will allow you to have multiple Apple IDs tied to the same phone number -- my kids' ones have my number on them. So for some purposes it seems fine to just reuse the phone number for a second account -- like for your kids, or for a "sandbox" account to use testing your app so that you don't have to use your real iCloud account.
However, for your purpose of avoiding Apple's capricious BS, I probably wouldn't go that route since if their braindead fraud systems or braindead employees decide you're a threat actor they could definitely default to "Ban account. Find all their evil backup accounts that have the same phone numbers or contact emails and ban them too."
I set up a couple developer accounts recently for my clients. Just use a new Google Voice number for 2FA. I had to live chat with Apple support to get past initial verification both times and after that setup went fine.
If you create your developer account in another country (or with a card from another country, who knows), the whole thing just crashes and the sign-in on the phone loops.
When encountering this, I updated the device which bricked the appstore, the device has to be fully reset if that happens.
Slightly off-topic, but stuff like this does not just happen at Apple.
When Cyberpunk 2077 came out, my wife bought it with her credit card and gifted the game to me. It was fine at first. I even managed to play through the game. However when coming back to the game a few months later (to see all the bugfixes), it was gone. I contacted the (gog) and they said it was removed due to automatic fraud detection and that the balance had been paid back to the original credit card (my wife's card, she had obviously not noticed this in her bank statement).
Point being automatic fraud detection systems can wipe out stuff you purchased even months after the fact (or in some cases lock your account)... It feels kafkaesque.
If you buy milk at a store and then walk out of the store and then the store refunds you 2 days later, that's the store's problem and you're still allowed to drink the milk. You didn't steal the milk. Subscription logic only applies to subscriptions, and GoG is a simple exchange of money for goods, not a subscription.
If the store tried to sue you claiming there was a contract for you not to drink the milk if refunded, it would be laughed out of court and banned from suing anyone ever again.
Incorrect, the milk does not disappear. You are contractually and legally obligated not to drink the milk, much in the same way I should not go around killing people, but I certainly have the ability to.
Now, if you sell the customer electrically locking milk bottles which won't open after the contract is over, then the customer "can't" drink the milk, they couldn't.
Let me guess, you think GOG was perfectly justified in unilaterally taking away nake89's copy of--excuse me, I meant unilaterally revoking nake89's license to play Cyberpunk 2077--when they judged the gift transaction to be fraudulent, just because it could have been a conspiracy between nake89 and their wife to defraud GOG of the princely sum of eighty United States dollars[0]?
I don't dispute that GOG has the right, from a strictly legal standpoint, to revoke a license for any reason their terms of service allow, and that someone continuing to play a game after their license was revoked would be in breach of contract. What I do dispute is that this is a correct, fair, or desirable state of affairs, especially when the license in question was received as a gift and believed in good faith by the recipient to have been acquired non-fraudulently.
And in particular, if GOG wants the absolute and irrevocable right to prevent consumers from using products for which GOG has decided to revoke the licenses, they shouldn't advertise themselves as a DRM-free platform, nor claim that "Here, you won't be locked out of titles you paid for, or constantly asked to prove you own them - this is DRM-free gaming." -- advertising copy may not have the force of law, but courts tend to take a dim view of ad claims that are provably false.
[0]: the list price of the Cyberpunk 2077 Ultimate Edition on GOG as of this writing (though it is currently on sale for 38% off)
GOG may have the right to revoke a sale, but since it lets you download the game without DRM, it doesn't have the ability. Unless you delete your copy of the game and then try to download it again.
If you buy milk from the supermarket and they reverse the transaction 2 days later claiming you used a fraudulent card, but you didn't use a fraudulent card, you have the right to keep the milk and the loss of money is the store's problem.
GOG has a Steam-like client application that you can use instead of downloading the installers (which, in the case of Cyberpunk 2077, would be more convenient because its installer is in 28 parts, with another 11 for the Phantom Liberty expansion). It may be that if you install games through that, GOG can remove them if they revoke a license for any reason. I don't know that for sure, though. Just pointing out that they may, in fact, have the ability, at least in principle. But to be clear in case there's any doubt, I think we're on the same side: I think if nake89 had downloaded and installed CP2077 manually instead of through GOG Galaxy, and had continued to play it even after GOG decided the license was fraudulently acquired, they would have been in the right in every way that matters, and at least from a moral perspective, GOG could go pound sand.
It wasn't a sketchy retailer though, it was one Apple has authorized through its handpicked affiliate (in the US, this is probably Blackhawk who basically owns the third-party-giftcard-sales business).
For Apple to say "Don't buy gift cards from our authorized retailers, or prepare to face incredibly harsh consequences due to fraud that you can't detect or predict" while continuing to sell them through those channels is morally bankrupt and completely unacceptable.
I have no doubt fraud is a big problem. It is for all gift cards. But this is a 3 trillion dollar company -- and they make minimum 30% of every gift card sold in pure profit. If they can't secure those channels without torpedoing innocent customers' entire digital lives, they need to drop that channel.
Your comment reminds me of this news story of a guy trapped in his work's elevator for the weekend. How was he supposed to know it'll be only for the weekend.
Hah, because it went viral. Good luck if you aren't able to reach a wide audience (99% of people aren't). Else it would've been locked for eternity. Stop defending atrocious behavior like this.
If somebody bought something from Walmart you wouldn’t insinuate he’s at fault because he bought it from a ‘sketchy retailer’. Just stop it lol. There is literally no way to defend Apple on that one.
What matters is that the purchaser had every reason to think that it was legitimate and they were not the malefactor in this scenario, but they still got banned.
If you buy stolen property without knowing you still get punished by having the stolen property taken away. Just because you don't know, it doesn't mean you have not done anything wrong.
Having your purchase taken away is not punishment. It's done because it's not actually yours, it still belongs to the person it was stolen from. It's a negative for the person who made the purchase, but that's just an unfortunate side effect. Unknowingly buying stolen property is not legally wrong. The typical law punishing receiving stolen property requires the receiver to know that it is stolen. Otherwise you're innocent of any wrongdoing, you just got ripped off.
If unknowingly using a stolen gift card just meant you lost your money, nobody would be complaining about Apple's behavior here. The issue is that they didn't just lose their money, they also got their account locked, which locks up a lot of stuff completely unrelated to gift cards.
Terrible analogy. The victim here bought the card from the retailer. Someone else had gained access to the secret contained on the card and stolen or attempted to steal the value on the card because Apple can't figure out how to sell a gift card securely.
Our victim was the victim of the only theft that involved the gift card. Then Apple stole the person's whole digital life with no recourse because they are ham-fisted and don't care.
this kind of stuff happens all the time across major companies with minimised support. sure your google account is likely to be there tomorrow but it's only a very good chance that it's not locked forever.
i would be surprised if there's any company with millions of users where .01 or .001 (still a LOT of users) just get screwed with zero recourse
Elsewhere in this thread, you assert that perhaps Apple simply reversed all this out of the kindness of their heart without regard for the social media blowup that this lucky victim was able to create.
This is cognitive dissonance. If Apple reversed it due to their conscience, it's because they are pretty convinced this user is honest and Apple PR isn't (or didn't need to be) involved.
If on the other hand, Apple has proof the user is not honest, then Apple PR took a huge hit for nothing by forcing Apple Support to unban them, when they could have said "Because we have documented proof the user couldn't have bought this from a legitimate reseller, we cannot unban them."
The two are related. Apple doesn't want you having multiple accounts, because it wants to ban you for redeeming legitimate gift cards, not just one of your personas.
I had a similar issue trying to create an Apple TV account. I already had an Apple account that I was using on my work laptop (first mistake - I should have created a work account there instead), and for 2FA, I needed to wait for a code to pop up on that laptop. It never came. There was an email alternative, but that also didn't work properly (maybe only on certain devices, IIRC?). Apparently in the settings you can request a 2FA code, though, so I did that... but that only had five digits, whereas I needed to give six for the code to work. Eventually I figured out that Apple had just forgotten to zero-pad the 2FA code out to six digits, so I needed to add a leading zero to make things work.
The worst part of this is that now my Apple TV account is linked to a laptop that I don't always have on me. And even if I did have it on me, I don't want to get a laptop out and turn it on just to do 2FA. I already have a TOTP app on my phone, just let me put everything in there and leave me be.
My experience with MacOS is generally that it's about as buggy as my home Linux setup. That's partly a testament to how solid Linux can be these days, but at the same time, it feels pretty damning considering only one of these operating systems is free (in any sense of the word). And that's not including stuff like the configurability of the whole thing.
I had a similar issue when I first brought my iPad. Turns out, Apple doesn't like custom domains for emails. So, I had to make an Apple account with a Gmail account, then remove the Gmail account and add my email address with the custom domain.
Why? Who knows. Still remember my first experience after buying an iPad.
Might've had something to do with the state of the various email security measures on the domain. I have an Apple account on a custom domain with Fastmail and it's never been a problem.
I couldn't make an account on the website Digikey outsourced all their 3d models to with my work email. signed up with my personal gmail account in less than 30 seconds.
This is not some Apple specific problem.
Also this was yesterday. Never did I get any of the 3 confirmation emails they claim they sent to my work mail.
You have to reach a human to make a Flickr account in 2025 if you use a custom domain. It wasn't too difficult, they gave me some reason about abuse. Whatever.
You purchase your own domain name and use that domain name as your email address. For instance, if I had an email address that was me@afandian.com; the afandian.com would be a custom domain. It's not routed to @gmail.com, it's routed to @afandian.com. Now in practice you can have a custom domain and still have it managed by Google's Mail servers; but it's the domain name itself that sends up the flags.
I and a friend (both are not Apple users) had the same issue about 2 years ago. I gave up after trying different (non-Apple) platforms, IPs and phone numbers. He was applying to Apple internship and ended up borrowing a Macbook to set up his account.
And talking about why I wanted a new Apple account... My old account was created with stupid security questions (like, What is your favorite dish) as a second factor, which I believe Apple has long deprecated. I forgot my answers and that blocked certain functionalities. Resetting the security questions requires answering the questions...
I can't access anything without knowing exactly what I did wrong, presumably Apple never verified it when I created the account decades ago, but it's now part of the critical flow to log in.
The opposite happened to me: I got a new Mac and had to fill out my Apple account billing details to download apps from the App Store, but somehow the form on both the App Store and the web page didn't work. In the end I managed to do it through the Apple Music app on my Android (!) phone.
I seem to remember this happening to me, and I finally called them and they said something about a waiting period for new accounts? It might help to try calling their tech support for this as painful as that is.
Unfortunely Apple skills to write server software is inversely proportional to the fame they enjoyed thus far on client systems, as anyone using their Web APIs or backends can attest for.
Oh yeah, there is also a problem with people not noticing they're reading LLM output, AND with people missing sarcasm on here. Actually, I'm OK with people missing sarcasm on here - I have plenty of places to go for sarcasm and wit and it's actually kind of nice to have a place where most posts are sincere, even if that sets people up to miss it when posts are sarcastic.
Which is also what makes it problematic that you're lying about your LLM use. I would honestly love to know your prompt and how you iterated on the post, how much you put into it and how much you edited or iterated. Although pretending there was no LLM involved at all is rather disappointing.
Unfortunately I think you might feel backed into a corner now that you've insisted otherwise but it's a genuinely interesting thing here that I wish you'd elaborate on.
Its not just verbose—it's almost a novel. Parent either cooked and capped, or has managed to perfectly emulate the patterns this parrot is stochastically known best for. I liked the pro human vibe if anything.
That’s just the internet. Detecting sarcasm requires a lot of context external to the content of any text. In person some of that is mitigated by intonation, facial expressions, etc. Typically it also requires that the the reader is a native speaker of the language or at least extremely proficient.
Can vouch for Starlight and Astro in general. Don't be fooled by the fact that they are npm packages: Astro is geared for content-heavy websites and produces zero-JS bundles by default (i.e., if you just use markdowns without any script tags or JS frontend libraries, then there will be no JS in the final output at all).
You can replace eslint and prettier with Biome or Oxlint + Oxfmt. Vite and Node.js are still the modern safe choices, though if you actually want to play with new things you can replace Node.js with bun.
Shouldn't public documents by the government use a free and libre font? In fact, the mentioned Public Sans developed by the US federal government seems to be a great option, as it actually distinguishes the lowercase l and the uppercase I, something that, ironically, all suggested sans-serif alternatives fail to do.
Times New Roman is available at no cost under the Microsoft Core Fonts for the Web. (Microsoft no longer distributes this, but the license allows redistribution and redistribution is popular). AFAIK, Apple explicitly licenses the fonts and most open source OS distributions have a package for these fonts.
It's not libre, but font copyright is weird anyway, and the federal government doesn't always need to follow copyright.
Public Sans seems like a good candidate for a new "web safe" font. Perhaps one new web safe font per twenty five years is not too much. From there, it can percolate to the word processor and pdfs, and finally: government standard for government workers who just want to open their word processor and get to work, where sourcing even a free font to meet standard is just a snag to annoy.
Further, Public Sans was developed by the US govt under the first Trump administration and appears to be an excellent font. That seems to be a wise choice against TNR or Calibri on multiple angles.
You would hope, but changing this font isn't about making anything better, it's that Calibre was apparently a DEI font and had to go. I can't imagine these people thinking highly of an open source (Oooh communism) font that's also designed with accessibility in mind.
Are we still doing the communism thing? I thought the bogeyman is socialism now.
In any case, it would be nice to have some consistency across the government, and if they want to make a change, at least take prior works into account like what the Congress or SCOTUS are doing in their official texts.
China made its first computer in 1958 and its first 1 megaflop computer in 1973, so yes, their nascence of computer programming preceded the Cultural Revolution, about 10 years after the West.
And if your database is 99% reads 1% writes, the difference probably doesn't really matter.
And tons of database indexes operate on randomly distributed data -- looking up email addresses or all sorts of things. So in many cases this is not an optimization worth caring about.
Lots of distributed, NoSQL databases work (or partially work) this way too (e.g., HBase rowkey, Accumulo row ID, Cassandra clustering key, DynamoDB sort key). They partition the data into shards based upon key ranges and then spread those shards across as many servers as possible. UUIDv7 is (by design) temporally clustered. Since many workloads place far more value on recent data, and all recent data is likely to end up in the same shard, you bottleneck on the throughput of a single server or, even with replication, a small number of servers.
FWIW it looks like Cassandra doesn't belong on this list, and DynamoDB only with qualifications.
Though Cassandra is more like quasi-SQL than NoSQL, the bigger issue is that actually the clustering key is never used for sharding. So Cassandra (today) always puts all data with the same partition key on the same shard, and the partition key is hashed, meaning there's no situation in which UUIDv7 would perform differently (better or worse) than UUIDv4.
In DynamoDB, it is possible for sort keys to be used for sharding, but only if there is a large number of distinct sort keys for the same partition key. Generally, you would be putting a UUID in the partition key and not the sort key, so UUIDv7 vs UUIDv4 typically has no impact on DB performance.
i think the standard recommendation is to do range partitioning on the hash of the key, aka hash range partitioning (i know yugabyte supports this out of the box, i'd be surprised if others don't). this prevents the situation of all recent uuids ending up on the same shard.
AWS CodeArtifact can act as a proxy and fetch new packages from npm when needed. A bit late for that though but sharing if you want to future proof against the yearly us-east-1 outage
