Pleco 4.0

Fernando

举人
The problem is that most developers created their iOS apps in the expectation that they would only run on iOS. So, for example, paid app developers who were willing to live with a small # of users pirating their apps on jailbroken devices might not have bothered putting in code to verify receipts or otherwise guard against piracy, and likewise developers of free-with-IAP apps might have left those systems trivially easy to hack (say, editing a preferences file) expecting that people would only be able to hack them if they jailbroke their phones.

Likewise, many developers - including myself! - have signed copyright licenses that specify that a piece of content is licensed for use on a particular set of platforms / form factors, a set which might not include Macs. So if our app had turned out to be able to run paid add-ons on Mac, we would have been violating our license agreements with those publishers through absolutely no fault of our own. (and would have probably had to take much more severe measures to prevent use on Mac in that case)

There's also the business model end of it. Say that you built a beautiful Mac-native version of your app that you charge $50 for, and then a beautiful iPad-native version of it that you charge $10 for. Those prices were perfectly reasonable given the number of users you expected each version to have, but now that Mac version you worked so hard on suddenly seems extremely overpriced because people can just buy your $10 iPad app and run that on their Mac, even if it doesn't work as well. There are other variations on this too, of course - it could even be that the Mac and iPad apps were more-or-less functionally identical, but this particular app happens to be much more useful on Mac than on iOS as a form factor, and so they were selling the iPad app as a companion of sorts, with the Mac version underwriting most of the cost.

You can argue that that that was a bad / unfair business model and that the developer should have been charging the same price for both apps from the beginning, but as of a year ago this was still a perfectly sensible thing for them to have done, and now their business is getting blown up just because Apple couldn't be bothered to apply even rudimentary copy protection to iOS apps on Mac. Moreover, Apple didn't even warn us that this particular problem was coming - they sent a couple of emails telling us to opt out of Mac App Store distribution if we didn't want our apps on iOS, but there was nothing about needing to add code to your app to detect that it's running on Mac and throw out an error / crash immediately / etc if we wanted to actually make sure our app couldn't run on Mac.

I don't agree with the idea of requiring all Mac software in general to be signed, but I do think that apps that were signed for / distributed through the iOS App Store should not be runnable on Mac without the developer's consent, and I support whatever technological measures are necessary to make that the case - it could be as simple as automatically blacklisting any App Store app that had not opted into Mac distribution, but they need to at least do *something*.
The part of your argument I unreservedly agree with is that Apple should've given fair warning and the how-to for developers to make changes on their side ensuring their apps would not work on Macs if they did not wish so, giving them a chance to push updates BEFORE Macs with ARM became available. This way they could've better protected developers' IP and their business models. Now it will all have to be done in a rush.

On the licensing issue though, I think this is no different from Android apps running on emulators. You made an app for iOS (and Android), and you don't officially support it on other platforms. People who find a roundabout way to run it on other platforms can't complain if something is broken or come to you for assistance. Perhaps you're expected to take "reasonable" preventive measures, but you can't cover for every possible hack/workaroud. You can start implementing the necessary changes now that you're aware of the issue.

I'm against irremovable locks to the OS though, as I think this is a slippery slope. I'm not very optimistic on Apple keeping MacOS open for the long-run though. I believe that in the end people who really want to be the actual owners of their computers will have to run Linux or some other open-source OS. But I don't want an IP-protection issue like this one to be the trigger of the Mac's downfall.
 

mikelove

皇帝
Staff member
I don't even agree with the principle that developers should have had to work to block Mac usage, actually - DRM is complicated and might require major changes to an app's design, and we already do more than enough work for Apple for free to keep our apps working on the latest versions of iOS as-is. It would have been better if they'd warned us than not, but really Apple should have blocked off this route altogether, and since they didn't, it's now their responsibility to supply a technical fix. This wouldn't necessarily be a lock like code signing, as I said it could simply be a blacklist - the same sort of thing they routinely do for malware scanning, e.g.

But honestly I think the likeliest reason they didn't do anything is because they were expecting to start requiring notarization for all apps this year and then dropped that at the last minute (or failed to communicate a change in plans to the Catalyst team) - certainly a lot of indications that that's the direction they're moving in general - so if you bought your M1 Mac expecting it to continue merrily running unsigned code I'd suggest you resell or return it while you still can :)

Licensing: some key differences here:

1) Emulation != Native; it's still running "on Android," in an Android UI in an embedded Android window and integrating with the rest of the computer awkwardly if at all.
2) Google didn't create Android emulation, nor could they prevent if they wanted to; it's implicit in the nature of Android as an open OS that something like that is possible, and even in 2010 it would have been readily apparent to anybody planning an Android app (like me!) that if you made an Android app somebody was going to run it in an emulator on a PC somewhere.
3) Android devices have never had any meaningful DRM provided by the operating system, not to mention the fact that it's always been possible to run un-signed apps on them without hacking, so anybody shipping an Android app they want to charge money for can't simply shrug their shoulders at a few jailbreakers like iOS developers can.
 

Fernando

举人
The problem with blacklists is that the user must be able to override them in any OS that's truly open. An open OS means it can run anything, even malware, if only for testing purposes. I suppose they could add non-Mac-notarized iOS apps to system integrity blacklists, but any tech-savvy user would be able to override those if he really wanted to. To add a blacklist that can't be overridden is to lock down the OS. As I said, I'm not optimistic Apple will keep MacOS as an open platform for the long haul. In the short-to-mid term, however, I'm trusting what Apple's exec Federighi said in an interview after releasing the M1 Macs and Big Sur. He said that "they didn't have to do this" (how gracious of them), but they'd still continue to give users the option to disable all system integrity protections if they wished to do so, because users should be allowed to tinker and "that's what the Mac is supposed to be", or something like that.

I think your argument on the difference between iOS and Android boils down to the fact that you knew Android was an open-source platform when you decided to start coding for it. But "processor architecture obscurity" was never a form of IP protection Apple explicitly offered developers. If google built an emulator or a rosetta-like layer for windows and MS decided to include it as a permanent and officially-supported part of their OS you wouldn't call on them to block any app, even if illegally obtained. Same thing if Mac and iOS devices had shared a chip architecture from the beginning. Developers would put on the work if they wanted to block bootleg platform transfers, and call it a day. But Apple maintains both MacOS and iOS, and only now MacOS is running on ARM, so you think they have an obligation to turn a platform that up to now has been an open platform into a closed one. That's the Faustian compromise Mac users have been afraid Apple would make ever since they launched the App Store on iOS. I agree Apple should have been more supportive and forthcoming, but to call for an entire platform to be placed on the sacrifice altar because some people managed to (sort of) run a bootleg copy of your app on it is unconscionable. They'll block iOS apps now, then they'll start blocking Calibre and VLC and any other open source app that can be instrumental to IP violations, and you can see how that will evolve. It will become iOS with a different UI.

Until Apple lowered them you were complaining about excessive fees Apple charged developers on their App Store and supported those developers' rights to sell their apps and additional content elsewhere, and I was in favor of that too. But now you basically want a platform that is open enough for developers to market their apps as they wish, but closed enough to grant them all the IP protection they need without them having to do any work, even if this means sacrificing users who never signed up for a closed platform in the first place. Mind you that many of those Mac users don't use iOS or don't care about iOS particularly. I would be one of them if I didn't have an iPad that's essentially a Pleco device. I also don't have a M1 Mac. Ironically I would probably have bought one if you had already released an official Mac app for it xD My hardware needs are limited, so I tend to run my computers till the wheels fall off, or till software I need is no longer supported. Still running a 2013 MacBook Air that, to Apple's credit, still runs the latest OS and does everything I need.
 

Shun

状元
Hi Fernando,

if you buy an M1 machine now, you're still very early in the game. Only if you already use the only resource-intensive Apple apps there are, such as Final Cut Pro, or if you are programming large projects using Xcode, will you benefit from native performance in the coming months, otherwise you will mostly be running on emulation which feels quite a bit slower than what most online articles make you believe. I'd say under emulation, the perceived UI performance is worse than the benchmarked performance. The best path I think is to wait for the M2 or perhaps D1 ("Desktop 1") chip that may arrive in the second half of 2021. These should have a lot of upside potential as they will likely have a higher TDP, which they can afford to have, since the M1 almost never runs hotter than 5-15 °C above the environment's temperature. Or they may already run on a 3 nm process, which would give them even more thermal headroom they could exploit.

Until every piece of (open-source) Intel software you can think of will have made the move to Apple Silicon, it looks like at least 3 years will have passed. (because there are lots of dependencies)

I now plan to buy and re-sell laptops more often, every 3 years or so, considering that the resale value of Apple devices is so high.

On the openness of the Mac platform, as long as you can run fast emulators or virtual machines on top of Apple Silicon, your options of what software to run should remain wide open. Linux will also be ported directly to Apple Silicon hardware, so I've heard. Could it perhaps be that freedom to boot other OSes that Craig Federighi meant, not for software running on top of macOS?

Cheers, Shun
 

mikelove

皇帝
Staff member
I suppose they could add non-Mac-notarized iOS apps to system integrity blacklists, but any tech-savvy user would be able to override those if he really wanted to.
Sure, but now we're talking about something equivalent to jailbreaking - you can override the blacklist but then you're also opening yourself up to security vulnerabilities / voiding your warranty / etc. This isn't about reducing unauthorized usage to zero, it's about reducing it to the same tiny fraction of users as jailbreaking; when major Mac news sites are cheerfully posting guides on how to install iOS apps on Mac with instructions easy enough for non-technical people to follow, that's a whole different level.

Also, since I believe Catalyst is using a different runtime I don't see any reason why they couldn't require notarization for Catalyst apps while leaving everything else open; they just chose not to. Mac could remain just as open as it is now, with the added ability to run iOS apps but with those iOS apps subject to the same restrictions they're subject to on iOS.

I think your argument on the difference between iOS and Android boils down to the fact that you knew Android was an open-source platform when you decided to start coding for it. But "processor architecture obscurity" was never a form of IP protection Apple explicitly offered developers.
iOS has DRM (and Apple most definitely did make that an explicit part of their offer), it was not unreasonable to expect that an app you offered in the App Store would continue to be protected by that same DRM. iOS also doesn't run un-signed software and it was reasonable to expect that an app you created for iOS would likewise not subsequently be made compatible with a platform that runs un-signed software.

If, say, Amazon announced a new Kindle "Sharing Edition" which let everybody share their purchased e-books with anybody else with a Kindle Sharing Edition without any copy-protection, the resulting lawsuit from publishers would be swift and brutal.

Until Apple lowered them you were complaining about excessive fees Apple charged developers on their App Store and supported those developers' rights to sell their apps and additional content elsewhere, and I was in favor of that too. But now you basically want a platform that is open enough for developers to market their apps as they wish, but closed enough to grant them all the IP protection they need without them having to do any work, even if this means sacrificing users who never signed up for a closed platform in the first place.
I don't think those positions are inconsistent - they're both about developer choice. We should have the choice to sell outside of the App Store or not, we should have the choice to make our apps available on a new platform or not. And I'd be fine with macOS not providing any IP protection as long as we also had the choice to not distribute an app on Mac - blacklisting is about putting the genie back in the bottle after Apple botched that part of it so badly.
 

Fernando

举人
Sure, but now we're talking about something equivalent to jailbreaking - you can override the blacklist but then you're also opening yourself up to security vulnerabilities / voiding your warranty / etc.
I think what you're getting wrong here is that disabling system integrity protections in MacOS is not the same thing as jailbreaking an iOS device. MacOS is not "in jail". Disabling those protections works out of the box, does not require you to download any extra software, does not work by exploiting any vulnerability and, AFAIK, does not void your warranty. Malware designed to damage hardware is theoretically possible, but I've never heard of one specifically designed to physically damage Mac personal computers.

Apple current take on those Mac system protections are: "they're here to make you safer, but if you feel confident enough to disable them, go ahead"

Whereas on iOS devices it's rather: "jailbreaking is misuse"

So blacklisting as you suggested would indeed discourage most people from bootlegging non-Mac-notarized iOS apps, but there would still be an officially sanctioned way to override that blacklisting, and you can't put an end to that without effectively turning MacOS into a closed platform.

So my take is that, if Apple made a promise to developers regarding DRM on iOS apps, they should honor that promise on the iOS app side of the equation, and not mess with MacOS as it currently stands.


On the openness of the Mac platform, as long as you can run fast emulators or virtual machines on top of Apple Silicon, your options of what software to run should remain wide open. Linux will also be ported directly to Apple Silicon hardware, so I've heard. Could it perhaps be that freedom to boot other OSes that Craig Federighi meant, not for software running on top of macOS?
Hi Shun, I think what Federighi referred specifically to the ability to disable system protections in MacOS. He also said something about Windows and Linux being able to run on the new hardware, contingent only on MS and Linux developers making it happen.

As it is my Mac will probably still receive 2-3 years of security updates, even if it doesn't make the cut for the next version of MacOS. But maybe hardware will fail sooner than that, who knows? In any case I'm hoping I can wait till at least the 2nd gen of those ARM Macs come out. The apps I use the most, Scrivener and the Affinity suite, are already universal, but, as you said, there are still a handful of open source ones that would still run (poorly?) in Rosetta. And there is also Office, that will probably take a while to become universal. In any case I'll, hopefully, be making a purchase for the long run. This thing of always being on the lookout for the greener grass on the newest and greatest hardware release consumes too much mental power imho.
 

Fernando

举人
If, say, Amazon announced a new Kindle "Sharing Edition" which let everybody share their purchased e-books with anybody else with a Kindle Sharing Edition without any copy-protection, the resulting lawsuit from publishers would be swift and brutal.
Actually I think it's funny you mentioned this example. I used to buy Kindle e-books and crack their DRM with Calibre + a plugin of, let's say, dubious provenance. I never shared those cracked e-books with anyone, not even in the spirit of "lending", but I hated the idea that Amazon could dictate the devices and apps where I could read the books I purchased and even delete them from my account, and even my devices, for whatever reason. In the end I just stopped buying e-books and went back to good old paper just so that I could lend books to friends/family without distributing illegal material and potentially causing losses to authors and publishers.
 

mikelove

皇帝
Staff member
I think what you're getting wrong here is that disabling system integrity protections in MacOS is not the same thing as jailbreaking an iOS device. MacOS is not "in jail". Disabling those protections works out of the box, does not require you to download any extra software, does not work by exploiting any vulnerability and, AFAIK, does not void your warranty. Malware designed to damage hardware is theoretically possible, but I've never heard of one specifically designed to physically damage Mac personal computers.
Sure, but it comes with scary security warnings and requires you to fiddle with the command line. That's enough to dissuade 99% of people from trying it. Android devices that allow rooting and/or unsigned firmware installs frequently include warranty disclaimers, which again would dissuade a lot of people from trying that even if the actual likelihood of permanent damage to your device is extremely low.

The problem with the current situation is that somebody can literally just give you an unprotected iOS app file which you can run on your system without clicking through anything - huge difference from even the modest amount of work needed to disable SIP.

So my take is that, if Apple made a promise to developers regarding DRM on iOS apps, they should honor that promise on the iOS app side of the equation, and not mess with MacOS as it currently stands.
But the promise was for the apps themselves - they weren't saying that apps would have DRM unless Apple randomly decided to make them work perfectly on a DRM-free system someday.

Actually I think it's funny you mentioned this example. I used to buy Kindle e-books and crack their DRM with Calibre + a plugin of, let's say, dubious provenance. I never shared those cracked e-books with anyone, not even in the spirit of "lending", but I hated the idea that Amazon could dictate the devices and apps where I could read the books I purchased and even delete them from my account, and even my devices, for whatever reason.
Sure, but others could share them. And would. And might not even appreciate farther down the line that they were doing anything wrong.

Paid iOS apps generally don't ship with a lot of code announcing that they're paid apps; part of what makes the App Store so convenient is that they don't have to. And people are accustomed to lots of useful software being free. So someone could download the IPA for an app they purchased, pass it along to a bunch of friends without saying anything about how it's pirated (heck, they might not even realize that themselves), and so on, everybody circulating this free app which the developer built for iOS under the reasonable expectation that it would only run on iOS.
 

Shun

状元
Hi Shun, I think what Federighi referred specifically to the ability to disable system protections in MacOS. He also said something about Windows and Linux being able to run on the new hardware, contingent only on MS and Linux developers making it happen.

As it is my Mac will probably still receive 2-3 years of security updates, even if it doesn't make the cut for the next version of MacOS. But maybe hardware will fail sooner than that, who knows? In any case I'm hoping I can wait till at least the 2nd gen of those ARM Macs come out. The apps I use the most, Scrivener and the Affinity suite, are already universal, but, as you said, there are still a handful of open source ones that would still run (poorly?) in Rosetta. And there is also Office, that will probably take a while to become universal. In any case I'll, hopefully, be making a purchase for the long run. This thing of always being on the lookout for the greener grass on the newest and greatest hardware release consumes too much mental power imho.
Definitely, one shouldn't update one's hardware too often. Just so one is always happy with the performance offered by one's hardware, if possible.

I'm already running MS Office natively through their beta program. Because I use Adobe apps, which will go native in the not-too-distant future, I haven't yet tried if, for example, the Mac ports of GIMP, Inkscape, or VLC work well.

Thanks for the clarification on Craig. You make an interesting case on Apple's protections. But isn't it technically possible to establish some sort of protection for a subset of macOS (not SIP), so that one part of the OS is open, and another part is cordoned off by means of unbreakable encryption or somesuch? (If we don't know the answer to this abstract question, it's fine. :))
 
Last edited:

Fernando

举人
Sure, but others could share them. And would. And might not even appreciate farther down the line that they were doing anything wrong.

Paid iOS apps generally don't ship with a lot of code announcing that they're paid apps; part of what makes the App Store so convenient is that they don't have to. And people are accustomed to lots of useful software being free. So someone could download the IPA for an app they purchased, pass it along to a bunch of friends without saying anything about how it's pirated (heck, they might not even realize that themselves), and so on, everybody circulating this free app which the developer built for iOS under the reasonable expectation that it would only run on iOS.
Yes, I know people will pirate, and I have no doubt I was using the very same tool pirates were using. But my general point was that every system needs a measure of trust to function. If trust is impractical and controls become too cumbersome, people will just opt out of the system altogether. I'd rather not read e-books at all than complying with the restrictions imposed by Amazon's DRM. Having said that, I didn't make the case that Apple should do nothing about the situation. Perhaps they can hide the non-notarized apps behind SIP, but that would only discourage people, and not be an actual block. Something like that could be a temporary measure till they can implement the necessary changes on the apps themselves and perhaps on iOS itself. Since iOS is already a closed platform, and the apps in question were originally made for that platform, they can fiddle with that, instead of finding fault with MacOS just because it now runs on ARM.

Thanks for the clarification on Craig. You make an interesting case on Apple's protections. But isn't it technically possible to establish some sort of protection for a subset of macOS (not SIP), so that one part of the OS is open, and another part is cordoned off by means of unbreakable encryption or somesuch? (If we don't know the answer to this abstract question, it's fine. :))
I'm not an expert on the issue, but I don't think it's possible as you envision it. The way those protections work is by limiting what the root account can do, and if you allow root freely in part of the OS, then you allow it freely everywhere, cause, you know, it's root. In MacOS the way SIP works is by making root restrictions enabled by default, and you have to boot into recovery mode and disable them via terminal there. The OS is now installed in a separate partition that's ordinarily not writable by root, but once you disable SIP you have access to everything. I suppose you could make a "hybrid" system if you build something like Qubes OS, in which a base OS does not run user applications directly, but creates virtual machines for them to run on. They could create a system in which the base OS is completely locked, while the virtual machines would be free to run any compatible software. That, however, would block access to hardware, and also be very resource-intensive.
 

Shun

状元
I'm not an expert on the issue, but I don't think it's possible as you envision it. The way those protections work is by limiting what the root account can do, and if you allow root freely in part of the OS, then you allow it freely everywhere, cause, you know, it's root. In MacOS the way SIP works is by making root restrictions enabled by default, and you have to boot into recovery mode and disable them via terminal there. The OS is now installed in a separate partition that's ordinarily not writable by root, but once you disable SIP you have access to everything. I suppose you could make a "hybrid" system if you build something like Qubes OS, in which a base OS does not run user applications directly, but creates virtual machines for them to run on. They could create a system in which the base OS is completely locked, while the virtual machines would be free to run any compatible software. That, however, would block access to hardware, and also be very resource-intensive.
Thanks a lot for your interesting assessment. I would have thought one could hardwire the kernel to treat different tasks differently, but indeed, as root, one could perhaps alter the kernel, circumventing any protections. Thanks also for the reference to Qubes OS, I did not know it.
 
We have put in a lot of work optimizing 4.0 for new Macs via Catalyst, and are tentatively planning to offer a fully supported Mac version as some sort of paid upgrade / add-on, but have no plans to support Mac in our existing app.
I'm really interested in V4.0 for Mac. All this talk about security/licensing, etc. begs the question as to when V4.0 will be available on the Mac via Catalyst?
 

mikelove

皇帝
Staff member
Having said that, I didn't make the case that Apple should do nothing about the situation. Perhaps they can hide the non-notarized apps behind SIP, but that would only discourage people, and not be an actual block. Something like that could be a temporary measure till they can implement the necessary changes on the apps themselves and perhaps on iOS itself. Since iOS is already a closed platform, and the apps in question were originally made for that platform, they can fiddle with that, instead of finding fault with MacOS just because it now runs on ARM.
Then it seems like we actually agree on most of this. I wasn't pushing for Apple to require notarization for all apps - frankly it's better for Pleco in some ways if they don't - but simply to put in some sort of reasonable measures to prevent most users from running unauthorized IPAs.

I'm really interested in V4.0 for Mac. All this talk about security/licensing, etc. begs the question as to when V4.0 will be available on the Mac via Catalyst?
I'd *like* to launch it more-or-less at the same time we launch the 4.0 beta for iOS (whenever that is), though I'm not 100% sure if we'll be able to do that. It's likely that only a small fraction of our dictionary catalog will be available with the first 4.0 beta anyway, so it should be relatively easy to avoid any licensing concerns.
 

Fernando

举人
Thanks also for the reference to Qubes OS, I did not know it.
I never ran it myself, but you get to read about it if you're interested in security. It's the tin-foil rabbit hole.

Then it seems like we actually agree on most of this. I wasn't pushing for Apple to require notarization for all apps - frankly it's better for Pleco in some ways if they don't - but simply to put in some sort of reasonable measures to prevent most users from running unauthorized IPAs.
You're understandably angry that Apple fumbled this one, and I guess I reacted based on my libertarian instincts, which are more moral and pragmatic, rather than political or ideological.
 

tomasilheu

Member
I'd *like* to launch it more-or-less at the same time we launch the 4.0 beta for iOS (whenever that is), though I'm not 100% sure if we'll be able to do that. It's likely that only a small fraction of our dictionary catalog will be available with the first 4.0 beta anyway, so it should be relatively easy to avoid any licensing concerns.
I know you don’t usually mention any time frames, but i seriously can’t wait for Pleco 4.0! I’ve been checking this forum every single day for the past 6 months and my iPad Pro is so ready for it! I remember that you were gonna share a little sneak peak for Pleco’s 20th birthday back in may. I can’t help but ask when you’re gonna release that beta for ios!
 

mikelove

皇帝
Staff member
Still don't know. Honestly there just isn't much to be gained by releasing a public beta until the product is mostly finished and we've found all of the obvious bugs / solved all of the glaring design issues / etc; prior to then, the effort to release it / document it / politely answer all of the bug reports and feedback emails (or even form-reply to them but organize / check them all) vastly exceeds whatever benefit we'd get from it.

That sneak peak thing is exactly why I try so hard to resist the urge to discuss dates - it's not that we couldn't produce a preview or something, it's just that it's hard to actually get up the energy / enthusiasm to do that right now; we're not exactly living in normal times here :)
 

Fernando

举人
it's just that it's hard to actually get up the energy / enthusiasm to do that right now; we're not exactly living in normal times here :)
Take a cold shower every morning. This is not sarcasm. Will electrify you for the whole day.

Also exercise (at home if you can) and take vitamin B and D supplements, those help a lot too. Lockdown is a b*tch. People everywhere are getting cabin fever / mild depressions.
 

rizen suha

状元
Take a cold shower every morning. This is not sarcasm. Will electrify you for the whole day.

Also exercise (at home if you can) and take vitamin B and D supplements, those help a lot too. Lockdown is a b*tch. People everywhere are getting cabin fever / mild depressions.
:)
eat as varied as you can. that includes greens, meats, fish, fruit, ... all of it. in general eat "rugged" food, food rich in fiber, avoid highly processed foods, like white rice. if you do, you do not have to take vitamins and it _may_ be best (for most people) to avoid taking them as supplement. https://www.healthline.com/nutrition/do-multivitamins-work#bottom-line :)
 

mikelove

皇帝
Staff member
Thanks, but it's nothing like that - certainly still taking care of myself, and I live in a big house in the woods with lots of empty hiking trails nearby so I'm extremely fortunate lockdown-wise; it's more about having two young kids and various other obligations in the midst of all of this. So it's a case of having too much stuff to do rather than too little :)
 

Shun

状元
Thanks, but it's nothing like that - certainly still taking care of myself, and I live in a big house in the woods with lots of empty hiking trails nearby so I'm extremely fortunate lockdown-wise; it's more about having two young kids and various other obligations in the midst of all of this. So it's a case of having too much stuff to do rather than too little :)
I almost guessed that was the reason. At least it’s "just" two kids, and not four. :)

I agree with @rizen suha on eating natural; however, to get your vitamin D levels into the green zone during winter, I think you have to take it as a vitamin D3 supplement (optimally in an oily solution), because you can't get it directly from food, and as we know, in the sunny season, the body is able to make it from the sunlight on the skin. I like fiber-rich foods, too.

I also hope one of the vaccines, or the different ones together, will put an end to the lockdowns pretty soon.
 
Top