Stuart Breckenridge

Custom Fonts in Email

I’m using custom email fonts through Cloud.Typography’s service. I found it easy to setup but noticed several drawbacks in early usage, which I’ve outlined below.

Note: For the purpose of this article, I'm using Mail on OS X El Capitan and I've assumed you have a Production project setup with email enabled at Cloud.Typography.


The first thing you need to do is create a new Stationery file. To do this, open Mail and create a new empty email message ⌘ + N, and then select File -> Save as Stationery.... In the save dialogue box, pick a name for your new Stationery file—I named mine Standard—and click Save.

After the Stationery template is saved, you need to locate it and edit the content.html file. Open a Finder window and use the Shift + ⌘ + G shortcut to open up a Go to folder... dialogue. In the window that opens, copy and paste this path and click Go:

~/Library/Containers/ Support/Mail/Stationery/Apple/Contents/Resources/Custom/

In the resulting window that appears, open the Contents folder, then the Resources folder, option-click on the Standard.mailstationery file and select Show Package Contents. Again, open the Contents folder, followed by the Resources folder. In this folder you will see the content.html file, option-click it, select Open With, and then select a relevant program that can edit html files (I use Coda).

The html code should be edited so it looks something like this:

		<!-- Add you cloud.typography css key here -->
		<link rel="stylesheet" type="text/css" href="" />
	<body dir="auto" style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">
		<!-- Add custom font styling in the span tag -->
		<span contenteditable="true" apple-content-name="body" style="display: block; font-family: 'Whitney SSm A', 'Whitney SSm B'; font-style: normal; font-weight: 400;" class="">		


Once this is complete, save the content.html file. You can now navigate back to Mail and create a new mail message ⌘ + N and start typing. When you want to apply your custom font, select the stationery pane (top right of the compose window) and select the custom template (under Sentiments in the picker pane) and the typography will be updated.


The drawbacks I’ve noticed are almost entirely on the part of the Mail app:

  • Custom Stationery—and therefore custom fonts—are not available in replies.
  • If you select Custom Stationery before typing your email, you can’t actually type any content into the email.
  • Custom fonts cannot be used to compose mail on mobile devices.

All in all, I’m not convinced on custom fonts in email. The entire solution seems sub-optimal.

Answers to Your Questions About Apple and Security

The question:

Could Apple build this operating system just once, for this iPhone, and never use it again?

The (common sense) answer:

The digital world is very different from the physical world. In the physical world you can destroy something and it’s gone. But in the digital world, the technique, once created, could be used over and over again, on any number of devices.

Law enforcement agents around the country have already said they have hundreds of iPhones they want Apple to unlock if the FBI wins this case. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks. Of course, Apple would do our best to protect that key, but in a world where all of our data is under constant threat, it would be relentlessly attacked by hackers and cybercriminals. As recent attacks on the IRS systems and countless other data breaches have shown, no one is immune to cyberattacks.

Again, we strongly believe the only way to guarantee that such a powerful tool isn’t abused and doesn’t fall into the wrong hands is to never create it.

The Cheapest Smartphone in the World

Hitesh Raj Bhagat, ET Bureau (via the Economic Times):

February 18, 2016 will be an important day for the smartphone industry - at 6am, registrations for the Freedom 251 will start. Priced at Rs 251 (less than $4), it’s not just the cheapest smartphone in India - it’s the cheapest smartphone ever.

Just look at the app icons and home button. They look disturbingly familiar.

ASICS to Acquire Runkeeper

Jason Jacobs, founder of Runkeeper, discussing their acquisition by ASICS:

When we look ahead, it seems clear that the fitness brands of the future will not just make physical products, but will be embedded in the consumer journey in ways that will help keep people motivated and maximize their enjoyment of sport. By putting these two pieces together (digital fitness platform and world class physical products), you can build a new kind of fitness brand that has a deeper, more trusted relationship with consumers and can engage with them in a more personalized way.

Partnering with ASICS to fulfil this vision together makes a ton of sense. We both have deep roots in and focus on running as a core component of the fitness experience. There is strong alignment between our brands and core values. And from people using our Shoe Tracker feature in the app, we know that ASICS shoes are by far the ones that Runkeeper users run in the most!

From the end-user standpoint, not much will change. Not only will the Runkeeper product carry on, but we will be able to move even faster. We will be able to pursue the vision we’ve set out to pursue all along, with a partner that can bring many resources to bear that we couldn’t fathom having access to on our own.

My favourite running tracker and my favourite running trainer—I use the ASICS Gel-Kinsei 6—joining forces is good news. I’m hoping for discounts on merchandise in exchange for completing running challenges.

Related: Why I use Runkeeper instead of Apple’s Workout app.

Sparkle Framework Vulnerability

Dan Goodin:

Camtasia, uTorrent, and a large number of other Mac apps are susceptible to man-in-the-middle attacks that install malicious code, thanks to a vulnerability in Sparkle, the third-party software framework the apps use to receive updates.

The vulnerability is the result of apps that use a vulnerable version of Sparkle along with an unencrypted HTTP channel to receive data from update servers. It involves the way Sparkle interacts with functions built into the WebKit rendering engine to allow JavaScript execution. As a result, attackers with the ability to manipulate the traffic passing between the end user and the server—say, an adversary on the same Wi-Fi network—can inject malicious code into the communication.

If you want to find if there are affected apps on your Mac, run this command in Terminal:

find /Applications -name Sparkle.framework

On my Mac, Coda 2, Fabric, GPG Keychain, and Sketch show up as using the Sparkle Framework. However, it’s important to note that the vulnerability only works when updates are served over a non-HTTPS connection. With that in mind:

  • Coda 2 is not affected
  • Fabric is not affected
  • GPG Keychain is not affected
  • Sketch is fixed as of v3.5.2

Say what you want about the state of the Mac App Store, but this stuff hasn’t happened there.