interaction in the entire run. If that is how security reports are handled, I would not recommend an app developed by this person.
Response: initially positive, then ghosted, then defensive
Fix: none
Code quality: entirely vibe coded
# What next?
Now that we see these apps, we're at a crossroads. What next? Well, I'll first give some recommendations to you, the user, and then to a developer who may have these issues or wish to look further at their app.
I always recommend that, no matter how much money or how little data it is, you first believe that the developer is telling the truth, is able to actually code (although this is a lot harder; check for common "vibe coding," i.e., emojis, bolded text, gradients, and other junk), how they respond, and whether it is honestly worth it. At the end of the day, I'm not here to tell you how you should spend your time or money; I can only give you tips and help you make an informed decision.
So, let's move on, shall we?
# Common failure patterns I kept seeing?
This is a TL:DR of what's posted in my blog, but,
* Trusting plain JSON from Gumroad / Lemon Squeezy / Polar or custom APIs and only checking simple flags like `success: true` or `activated: true`
* Storing critical license or trial data in UserDefaults or unprotected JSON/MessagePack files in Application Support
* Misconfigured Supabase row‑level security, allowing users to modify their own license rows or even release/update tables
* Treating a specific Keychain item’s existence as “Pro is on”, which can be faked with normal macOS tooling
Now, for those who are looking to develop or have an app that may have a flaw listed here, how can we fix it?
* Validate more than one “success” flag in JSON. Check product IDs, users, expiry, and signatures.
* Keep real license decisions on the server where possible; treat local data as a cache.
* Lock down Supabase RLS so users cannot modify license or release rows they shouldn’t touch.
* Sign or MAC cached license state on disk.
* Publish a clear way to report security issues, and respond like you actually want your app to survive.
Good examples of how to react include Resurf, How To Convert, LowTechGuys (Pipiri), InfiniDesk, Taphouse, Seam, and OS‑Engine. None of them were perfect; they just treated reports as a chance to improve, not as a personal attack.
# The end
If you wish to have your own app reviewed, you can see https://kamidevs.com/application-security. I aim to do free reviews for a developer's first app if they're a student or cannot afford one (see the 32 I just reviewed). For those who wish for a review but are unsure of pricing, discounts may apply.
I am free and open to any and all questions you might have, such as, can you give me tips on managing an app's security in Swift, or other questions, or what an app was like, expanded, i.e., you wish to know my thoughts on the app's UI/UX and security for any of the posted ones, or in general, how was your night? This post is, however, made at the time of posting, 23:50, so I will be going to bed, but you can expect a reply in 12 hours if this post wasn't mass reported or removed!
Now, this, is the end of the post, it's just a small post, on what is fully written in my blog, see that for,
* all 32 apps, names and links
* per‑app notes, ratings, and interaction summaries
* more detailed explanation of “vibe‑coded” apps
* concrete advice for better licensing and update security
Full writeup: [https://kamidevs.com/blog/macapps-audit](https://kamidevs.com/blog/macapps-audit)
# NOTICE
If you’re a developer whose app is on the list and you think I’ve been unfair, or you want a follow-up review, contact me privately; my details are at the end of the blog or in the messages/emails I've previously sent. If you wish for a proper conversation, please send me a message on Discord. I do not like Reddit chats as it lacks functions I normally use.
https://redd.it/1ryvdei
@macappsbackup
Response: initially positive, then ghosted, then defensive
Fix: none
Code quality: entirely vibe coded
# What next?
Now that we see these apps, we're at a crossroads. What next? Well, I'll first give some recommendations to you, the user, and then to a developer who may have these issues or wish to look further at their app.
I always recommend that, no matter how much money or how little data it is, you first believe that the developer is telling the truth, is able to actually code (although this is a lot harder; check for common "vibe coding," i.e., emojis, bolded text, gradients, and other junk), how they respond, and whether it is honestly worth it. At the end of the day, I'm not here to tell you how you should spend your time or money; I can only give you tips and help you make an informed decision.
So, let's move on, shall we?
# Common failure patterns I kept seeing?
This is a TL:DR of what's posted in my blog, but,
* Trusting plain JSON from Gumroad / Lemon Squeezy / Polar or custom APIs and only checking simple flags like `success: true` or `activated: true`
* Storing critical license or trial data in UserDefaults or unprotected JSON/MessagePack files in Application Support
* Misconfigured Supabase row‑level security, allowing users to modify their own license rows or even release/update tables
* Treating a specific Keychain item’s existence as “Pro is on”, which can be faked with normal macOS tooling
Now, for those who are looking to develop or have an app that may have a flaw listed here, how can we fix it?
* Validate more than one “success” flag in JSON. Check product IDs, users, expiry, and signatures.
* Keep real license decisions on the server where possible; treat local data as a cache.
* Lock down Supabase RLS so users cannot modify license or release rows they shouldn’t touch.
* Sign or MAC cached license state on disk.
* Publish a clear way to report security issues, and respond like you actually want your app to survive.
Good examples of how to react include Resurf, How To Convert, LowTechGuys (Pipiri), InfiniDesk, Taphouse, Seam, and OS‑Engine. None of them were perfect; they just treated reports as a chance to improve, not as a personal attack.
# The end
If you wish to have your own app reviewed, you can see https://kamidevs.com/application-security. I aim to do free reviews for a developer's first app if they're a student or cannot afford one (see the 32 I just reviewed). For those who wish for a review but are unsure of pricing, discounts may apply.
I am free and open to any and all questions you might have, such as, can you give me tips on managing an app's security in Swift, or other questions, or what an app was like, expanded, i.e., you wish to know my thoughts on the app's UI/UX and security for any of the posted ones, or in general, how was your night? This post is, however, made at the time of posting, 23:50, so I will be going to bed, but you can expect a reply in 12 hours if this post wasn't mass reported or removed!
Now, this, is the end of the post, it's just a small post, on what is fully written in my blog, see that for,
* all 32 apps, names and links
* per‑app notes, ratings, and interaction summaries
* more detailed explanation of “vibe‑coded” apps
* concrete advice for better licensing and update security
Full writeup: [https://kamidevs.com/blog/macapps-audit](https://kamidevs.com/blog/macapps-audit)
# NOTICE
If you’re a developer whose app is on the list and you think I’ve been unfair, or you want a follow-up review, contact me privately; my details are at the end of the blog or in the messages/emails I've previously sent. If you wish for a proper conversation, please send me a message on Discord. I do not like Reddit chats as it lacks functions I normally use.
https://redd.it/1ryvdei
@macappsbackup
I got tired of tabbing out to random websites mid-coding, so I built this
https://redd.it/1ryvmc0
@macappsbackup
https://redd.it/1ryvmc0
@macappsbackup
Reddit
From the macapps community on Reddit: I got tired of tabbing out to random websites mid-coding, so I built this
Explore this post and more from the macapps community
This media is not supported in your browser
VIEW IN TELEGRAM
Focusdim - Dim, blur, or highlight your active window (Freemium / $4.99 one-time)
https://redd.it/1rywi71
@macappsbackup
https://redd.it/1rywi71
@macappsbackup
Any app for click and scroll?
Hi there, when I want to select text, I usually click and then scroll. However, for some reason, this doesn’t work on macOS. Is there any app that could help me?
Thanks!
https://redd.it/1rz0ypc
@macappsbackup
Hi there, when I want to select text, I usually click and then scroll. However, for some reason, this doesn’t work on macOS. Is there any app that could help me?
Thanks!
https://redd.it/1rz0ypc
@macappsbackup
Reddit
From the macapps community on Reddit
Explore this post and more from the macapps community
TuringShot v1.4.4 (formerly ZoomShot) - Live screen zoom, focus highlight, magnifier lens, drawing & text memo for macOS
Hey r/macapps,
I've been recording coding tutorials on my Mac for about 10 years now. Over that time I tried pretty much everything to make screen recordings more engaging. DemoPro for drawing, ScreenStudio and FocuSee for auto-zoom. They all had tradeoffs. ScreenStudio zooms in on every single click, which sounds cool until you're trying to draw on screen and the whole view jumps around.
So I ended up building my own tool. It started as ZoomShot, recently rebranded to **TuringShot**.
https://i.redd.it/h4zkj2r858qg1.gif
**What it does:** Adds live visual effects to your screen that show up in any screen recording (OBS, Zoom, QuickTime, whatever) since it works at the OS level.
**Features:**
* **Screen Zoom** (free) - Ctrl+A + scroll to zoom when you want, not on every click
* **Focus Highlight** \- Spotlight effect around your cursor with impact animation
* **Magnifier Lens** (new in v1.4.4) - Magnifies just the area around your pointer like a loupe, without shaking the whole screen
* **Live Drawing** \- Ctrl+X + drag to draw lines, rectangles, circles directly on screen
* **Text Memo** \- Ctrl+Q to place text notes on screen, auto-resizing and fully stylable
You can customize all of shortcuts as well.
The v1.4.4 update adds the Magnifier Lens which I've wanted for a while. Sometimes you need to zoom into a small area without moving the entire view. The lens magnifies what's around your pointer with adjustable strength and a glass effect. Works alongside Focus Highlight or on its own.
Been pushing updates almost weekly since v1.3.6. Trying to get this right.
**Pricing:** Screen Zoom is free forever. Full features: $2.99/year or $9.99 lifetime.
**Promo code:** TURINGSHOT66 gets you the yearly plan for $0.99 (expires 3/31)
[App Store](https://apps.apple.com/app/id6758536367) | [Website](https://www.turingshot.site/)
[Feature overview](https://files.catbox.moe/2hql2x.png)
Happy to hear feedback or answer questions!
https://redd.it/1rz03j5
@macappsbackup
Hey r/macapps,
I've been recording coding tutorials on my Mac for about 10 years now. Over that time I tried pretty much everything to make screen recordings more engaging. DemoPro for drawing, ScreenStudio and FocuSee for auto-zoom. They all had tradeoffs. ScreenStudio zooms in on every single click, which sounds cool until you're trying to draw on screen and the whole view jumps around.
So I ended up building my own tool. It started as ZoomShot, recently rebranded to **TuringShot**.
https://i.redd.it/h4zkj2r858qg1.gif
**What it does:** Adds live visual effects to your screen that show up in any screen recording (OBS, Zoom, QuickTime, whatever) since it works at the OS level.
**Features:**
* **Screen Zoom** (free) - Ctrl+A + scroll to zoom when you want, not on every click
* **Focus Highlight** \- Spotlight effect around your cursor with impact animation
* **Magnifier Lens** (new in v1.4.4) - Magnifies just the area around your pointer like a loupe, without shaking the whole screen
* **Live Drawing** \- Ctrl+X + drag to draw lines, rectangles, circles directly on screen
* **Text Memo** \- Ctrl+Q to place text notes on screen, auto-resizing and fully stylable
You can customize all of shortcuts as well.
The v1.4.4 update adds the Magnifier Lens which I've wanted for a while. Sometimes you need to zoom into a small area without moving the entire view. The lens magnifies what's around your pointer with adjustable strength and a glass effect. Works alongside Focus Highlight or on its own.
Been pushing updates almost weekly since v1.3.6. Trying to get this right.
**Pricing:** Screen Zoom is free forever. Full features: $2.99/year or $9.99 lifetime.
**Promo code:** TURINGSHOT66 gets you the yearly plan for $0.99 (expires 3/31)
[App Store](https://apps.apple.com/app/id6758536367) | [Website](https://www.turingshot.site/)
[Feature overview](https://files.catbox.moe/2hql2x.png)
Happy to hear feedback or answer questions!
https://redd.it/1rz03j5
@macappsbackup
Do you have experience with the hazel app and terminal commands? i'm kind of swamped and could do with some help creating the rules if so (please)
I'm even willing to pay for your time to get it done, and you're quite welcome to save the rules and share them with others once they're completed. Basically I would like a set of rules that will achieve the following:
1.) Convert files from .cbr to .cbz (it's an OCD thing, just go with it - I like order) extract the scan group image from the back of "acquired" digital comics that I can add and subtract to in some form of black list.
2.) Move said comics from one location, to automatically sort into different folders that correspond to the comic title. Again, it would be neat if I can add and subtract folders as and when I need them, so in both cases the rulesets would be appreciated if they ran applescript or shell commands.
That's it. That's the gig. If you require payment while i'm reticent to use paypal, I'm sure I can figure it out, but in the interests of sharing I would be happy for you to disseminate the rules on the noodlesoft forum or wherever you see fit as well.
Thank you if you've taken time to read this slightly odd and admittedly very lazy request.
https://redd.it/1rzhxxc
@macappsbackup
I'm even willing to pay for your time to get it done, and you're quite welcome to save the rules and share them with others once they're completed. Basically I would like a set of rules that will achieve the following:
1.) Convert files from .cbr to .cbz (it's an OCD thing, just go with it - I like order) extract the scan group image from the back of "acquired" digital comics that I can add and subtract to in some form of black list.
2.) Move said comics from one location, to automatically sort into different folders that correspond to the comic title. Again, it would be neat if I can add and subtract folders as and when I need them, so in both cases the rulesets would be appreciated if they ran applescript or shell commands.
That's it. That's the gig. If you require payment while i'm reticent to use paypal, I'm sure I can figure it out, but in the interests of sharing I would be happy for you to disseminate the rules on the noodlesoft forum or wherever you see fit as well.
Thank you if you've taken time to read this slightly odd and admittedly very lazy request.
https://redd.it/1rzhxxc
@macappsbackup
Reddit
From the macapps community on Reddit
Explore this post and more from the macapps community
Managing lots of open windows on macOS – what’s your setup?
I’m trying to improve my multitasking setup on macOS and I’m looking for app recommendations from people who manage lots of open windows daily.
Typical workflow for me:
* multiple Safari windows (2 profiles, work and private)
* several work apps open at once
* switching between contexts frequently during the day
Main things I’m looking for:
1. A better Alt+Tab-style window switcher (something closer to Windows behavior, ideally with previews and switching between individual windows instead of just apps)
2. A solid window snapping/layout tool ( on Linux I used hyprland and i3)
3. Tools that help manage large numbers of open windows/apps more efficiently overall
4. A reliable app uninstaller that removes leftover files too
I tried Raycast and really liked how fast it is, but I’m still unsure about using it long-term because of privacy/security concerns around extensions and the AI features.
Curious what setups people here are using for this kind of workflow. Free or paid suggestions are both welcome.
https://redd.it/1rztv05
@macappsbackup
I’m trying to improve my multitasking setup on macOS and I’m looking for app recommendations from people who manage lots of open windows daily.
Typical workflow for me:
* multiple Safari windows (2 profiles, work and private)
* several work apps open at once
* switching between contexts frequently during the day
Main things I’m looking for:
1. A better Alt+Tab-style window switcher (something closer to Windows behavior, ideally with previews and switching between individual windows instead of just apps)
2. A solid window snapping/layout tool ( on Linux I used hyprland and i3)
3. Tools that help manage large numbers of open windows/apps more efficiently overall
4. A reliable app uninstaller that removes leftover files too
I tried Raycast and really liked how fast it is, but I’m still unsure about using it long-term because of privacy/security concerns around extensions and the AI features.
Curious what setups people here are using for this kind of workflow. Free or paid suggestions are both welcome.
https://redd.it/1rztv05
@macappsbackup
Reddit
From the macapps community on Reddit
Explore this post and more from the macapps community
This media is not supported in your browser
VIEW IN TELEGRAM
After 12 years building Launchpad tools, here's what I added that Apple never did
https://redd.it/1rzuqg1
@macappsbackup
https://redd.it/1rzuqg1
@macappsbackup
Feedback: the "lifetime license audit" thread
Lets talk about that "lifetime app security thread" that is now closed. I tried to go into it with the intention of learning But even After reading the full blog post, I mostly came away irritated.
The Reddit thread already had a loaded, prosecutorial vibe, and the blog made it plain. Everything got turned into a public scorecard. Apps ranked top to bottom, developers graded on how well they replied, ghosted counts, blocked counts, lower scores for ignoring it, pushing back, or getting annoyed. And the whole "vibe coded" thing just felt like OP was "branding" app developers with judgment. I felt (reading some of the replies) that some developers were hastily replying and capitulating because they were afraid that the crosshair would be on them next if they didn't. It honestly was starting to feel a bit like weaponized auditing.
I still don't buy the core premise...If a license check gets bypassed, that tells me the licensing is weak. That's all it tells me. It doesn't automatically mean the app is unsafe. Piracy resistance and user safety are separate questions, and this post kept rubbing them together until the distinction was gone. A flimsy paywall, a sloppy entitlement flow, and an actually dangerous update path are not the same problem. I still haven't seen the missing step that turns “someone can pirate this” into “ordinary users are at risk.” Why does the licensing security actually matter? Don't we all maintain the idea that piracy is a service issue and not a technical one? That if the product is excellent and easy to buy, people tend to actually buy it??
It also felt extremely self-promotional...The post starts out findings, then swings right into naming the "good" developers and the "bad" ones, assigning scores, calling some apps “purely vibe coded,” plugging paid reviews, free first reviews, donation links, sponsor links, a licensing package, etc. All while claiming the moral high ground for policing this corner of the Mac app world that no one asked for?
Some developers got defensive. Warlock did (sorry to call you out dude). But After reading the full post, I can see why. If somebody publicly grades your app, folds your inbox behavior into the grade, writes the whole thing with an editorial sneer from line one, and leaves readers thinking weak licensing might also mean their data is in danger, you're going to feel attacked. Some replies were heated, sure, but that frustration didn't randomly appear out of thin air. By then the thread had already drifted away from useful critique and into hit-piece territory.
And I'm sorry but The moderation was just bad. Plainly bad. The thread stayed up while the framing got harsher, then it got locked with a note that still leaned on the idea that people were just offended by scrutiny. That honestly feels really disingenuous. Developers can handle scrutiny. What they got here felt a lot more like being attacked. It felt like Mods had plenty of chances to step in, demand tighter evidence, strip out the scorekeeping garbage, or shut it down after several corrections that the OP had to make.
I just think we're better than this. Im not sure what the OP was trying to add but it left a really sour taste in my mouth that the post was left up and seemingly defendced by a moderator.
https://redd.it/1s021oe
@macappsbackup
Lets talk about that "lifetime app security thread" that is now closed. I tried to go into it with the intention of learning But even After reading the full blog post, I mostly came away irritated.
The Reddit thread already had a loaded, prosecutorial vibe, and the blog made it plain. Everything got turned into a public scorecard. Apps ranked top to bottom, developers graded on how well they replied, ghosted counts, blocked counts, lower scores for ignoring it, pushing back, or getting annoyed. And the whole "vibe coded" thing just felt like OP was "branding" app developers with judgment. I felt (reading some of the replies) that some developers were hastily replying and capitulating because they were afraid that the crosshair would be on them next if they didn't. It honestly was starting to feel a bit like weaponized auditing.
I still don't buy the core premise...If a license check gets bypassed, that tells me the licensing is weak. That's all it tells me. It doesn't automatically mean the app is unsafe. Piracy resistance and user safety are separate questions, and this post kept rubbing them together until the distinction was gone. A flimsy paywall, a sloppy entitlement flow, and an actually dangerous update path are not the same problem. I still haven't seen the missing step that turns “someone can pirate this” into “ordinary users are at risk.” Why does the licensing security actually matter? Don't we all maintain the idea that piracy is a service issue and not a technical one? That if the product is excellent and easy to buy, people tend to actually buy it??
It also felt extremely self-promotional...The post starts out findings, then swings right into naming the "good" developers and the "bad" ones, assigning scores, calling some apps “purely vibe coded,” plugging paid reviews, free first reviews, donation links, sponsor links, a licensing package, etc. All while claiming the moral high ground for policing this corner of the Mac app world that no one asked for?
Some developers got defensive. Warlock did (sorry to call you out dude). But After reading the full post, I can see why. If somebody publicly grades your app, folds your inbox behavior into the grade, writes the whole thing with an editorial sneer from line one, and leaves readers thinking weak licensing might also mean their data is in danger, you're going to feel attacked. Some replies were heated, sure, but that frustration didn't randomly appear out of thin air. By then the thread had already drifted away from useful critique and into hit-piece territory.
And I'm sorry but The moderation was just bad. Plainly bad. The thread stayed up while the framing got harsher, then it got locked with a note that still leaned on the idea that people were just offended by scrutiny. That honestly feels really disingenuous. Developers can handle scrutiny. What they got here felt a lot more like being attacked. It felt like Mods had plenty of chances to step in, demand tighter evidence, strip out the scorekeeping garbage, or shut it down after several corrections that the OP had to make.
I just think we're better than this. Im not sure what the OP was trying to add but it left a really sour taste in my mouth that the post was left up and seemingly defendced by a moderator.
https://redd.it/1s021oe
@macappsbackup
Reddit
From the macapps community on Reddit
Explore this post and more from the macapps community