Tech Talk

Sparkle System Profile Improvements

Tech Talk is a series of posts that will reveal some of the inner workings of Coppice. We couldn't have built Coppice without the amazing community of developers and designers on Apple's platforms who share their knowledge with others. Tech Talk is our contribution to that pool of knowledge.

In an earlier blog post we talked about how we designed Coppice to respect your privacy. One part of this was regarding the usage statistics we collect, which are handled by an open-source framework called Sparkle.

Sparkle

Sparkle is a framework for performing software updates. If you've ever installed 3rd party software from outside of the Mac App Store you have likely used Sparkle. It's so widely used as a developer can pretty much drop it into their app and it will handle checking for updates and then downloading, verifying, and installing those updates.

A standard Sparkle Software Update window running in Coppice. It has a title 'A new version of Coppice is available!', followed by text saying 'Coppice 2020.1.1 is now available–you have 2020.1. Would you like to download it now?'. Below are release notes followed by buttons to 'Skip this version', 'Remind me later', or 'Install Update' (which is the focused button)

Another thing Sparkle allows for is collecting anonymous information about a user's system. If the user has opted in, it will send the following information to a developer's server when checking for updates:

This is all potentially useful information for a developer. For example, if an app is particularly memory intensive then knowing how much RAM your users have in their systems can help a lot in knowing how and when to optimise. And knowing the languages people use can help you know what localisations to provide for your app.

Enter Privacy

As we talked about in our blog post on privacy, two of the most important principles are minimising the amount of data you collect and being transparent about it. We care a lot about privacy at M Cubed Software so we wanted to go above and beyond with Coppice. Unfortunately, when it came to Sparkle, this presented a few challenges.

The first challenge was transparency. Sparkle shows the information that will be collected when you first opt in to automatic updates, which is excellent for transparency. However, there wasn't a way to view this information again later.

A dialogue with the title 'Check for updates automatically?' It asks the user if Coppice should 'automatically check for updates'. Below is an option to 'Include anonymous system profile' which explains what it sent, including a table listing the exact data sent. At the end are buttons to 'Don't Check' or 'Check Automatically'

Data minimisation was a different challenge. We don't care about certain aspects of the data Sparkle sends. The only information we really care about for Coppice are the OS version, the CPU type, the system language, the app version, and the model of Mac. Now, we could have said "that's all we'll store in our database and we'll ignore the rest" and call it a day. But that unnecessary data would still be sent, it would appear in server logs, and Sparkle would still show we collect it. So we wanted to correct that.

Updating Sparkle

One of the benefits of open-source software is if something doesn't work how you want you can always change it. So we opted to make some additions to the Sparkle framework (specifically the 2.x branch). So what changes did we make?

The first is the -[SPUUpdaterDelegate allowedSystemProfileKeysForUpdater:] method. Developers can implement this delegate method and return just those keys they want to collect. That way the keys they don't care about will never be sent to their server.

The second is adding the SPUUpdater.systemProfileArray property. This allows developers to get the same data that is displayed in the initial prompt (filtered by the -allowedSystemProfileKeysForUpdater: method) so they can present it to the user themselves at a later date.

These changes have now been merged back into the Sparkle 2.x branch so are now available to all developers. These features are what allowed us to create our "Learn More" sheet, which explains in detail what we collect in Coppice and why.

A sheet from Coppice's preferences explaining why analytics are collected. Below is a table showing the data that is sent (OS Version, CPU Type, Model, Language, App Version, and Bundle ID). Above the table is a toggle allowing users to switch between the Raw data or a human readable version

(As an added bonus, we also fixed a bug when reporting CPU Type on Apple Silicon. Sparkle will now provide the correct value when running on Apple Silicon)

We hope you enjoyed this first Tech Talk. We hope to add more updates over time to show more of the tools, technologies, and processes we use to develop Coppice. If you want to stay up to date with all Coppice-related news then be sure to subscribe to the Coppice Blog, follow @coppiceapp on Twitter, and sign up to the Coppice Newsletter.