December 22, 2014


My, how things have changed. Want to know how far? Here’s Microsoft’s guide for Mac users switching to a Surface, with gems like:

On my Macbook… [sic]

I was used to using the command key with letters like C, V, and P to copy, paste, and print respectively.

On my Surface Pro 3…

Use Ctrl in place of command and many of the keyboard shortcuts you know still work!

It’s like Apple’s “Switch” campaign all over again, just in reverse. This isn’t gloating or anything; I just find the situation entirely surreal.

OS X NTP Security Update

You’re going to want to update as soon as you can:

Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10.1

Impact: A remote attacker may be able to execute arbitrary code

Description: Several issues existed in ntpd that would have allowed an attacker to trigger buffer overflows. These issues were addressed through improved error checking.

Scary stuff. Do this right away: it’s 1.4 MB, it requires no reboot, and it’s in the App Store. Just go do it.

On Developer Confidence in iOS

Russell Ivanovic wrote an intriguing post titled “2015: The Year of Android” (via Michael Tsai). With a title like that, I had to check it out:

In other words in 2013 Google payed out $2 billion to developers on Google Play. In 2014, $5 billion. This is a growth rate of 2.5x since last year. The lazy way to analyse this would be to point out that Apple announced that they’d paid out $15 billion to developers in December of 2013. 15 = 5 x 3, case closed. We could argue all day about growth rates, profitability and which platform is ‘winning’ right now. The real thing I pay attention to as a developer is this: can you be profitable on Android? To me the clear answer, with many years of actual revenue flowing into our company is an emphatic ‘Yes’.

Ivanovic’s phrasing isn’t quite correct here. Apple’s $15 billion figure is a cumulative amount, and they announced last year that they’d paid out a total of $7 billion to developers, giving Apple a 115% growth rate. Not as good as Google’s, but way, way more money on a per-user basis.

Though Ivanovic’s company has done very well on Android, but the vast majority of developers with paid apps in both stores have consistently reported far greater revenue on iOS than on Android. The chance of users paying for an app on iOS remains vastly greater than Android, so I have to disagree with Ivanovic here.

His second of three points:

The next thing people often throw out is “Oh but it’s so fragmented, I could never bring myself to buy 300 phones and test on 1000 screen sizes!”. This too as it turns out is a mostly a myth based on a lack of understanding. Firstly screen sizes on Android are actually less fragmented on Android than iOS. If you don’t understand why, or don’t believe me then you need to read this, followed by this.

iOS has the greater developer tools for supporting flexible layouts, especially for game developers. Neener neener.

But Ivanovic’s third point is why I’m linking to it. Not to poke fun, but to agree with it:

To me the next most important thing is how the App Store on the platform works. On iOS we’re starting to see things like this on a daily basis:

And that’s just the high profile developers. I shudder to think of how many small developers, with no contacts in the media are just being crushed on a daily basis. Do I see those things on Android? Nope. The only place I’ve seen Google crack down is on apps that download from YouTube and apps that do nefarious things. The first is against YouTube’s TOS, clearly so, and the second is obvious. I can’t tell you just how refreshing it is to push ‘publish’ on a brand new app or update, and see it in the store an hour later.

2015 should be the year of iOS. Apple has given developers a boatload of new APIs and new ways of interacting with iOS, but they apparently haven’t told the App Store review team any of this. While I don’t agree with Ivanovic’s premise — “2015 is the year of Android” — I do think that Apple is squandering its goodwill with developers and betraying their trust and confidence in developing for the platform.

PHG’s Fund Releasing Policy

The per-currency $30 threshold is the biggest pain in the ass for smaller publishers like myself. PHG’s policies have a habit of encouraging only the biggest referral marketers, while leaving people with not-insubstantial but not-quite-big-enough sales figures without their funds.

December 21, 2014

The Curse of Compressing Reality

Noah Lorang (via Shawn Blanc):

Any creative endeavor is highly non-linear, but the sharing of it almost always skips a lot of the actual work that goes into it. That’s ok; a clear progression makes for a good story that’s easy to tell. But don’t judge your reality against someone else’s compressed work. It’s ok if it takes you a day to make a cutting board like one that someone made in six minutes on YouTube; the truth is it probably took them a day too.

As I watch the traffic on this site rocket upwards one day only to take a dive over the following days, time and time again, I must keep reminding myself that the success I’m so amazed and proud of Blanc, and Gruber, and others for achieving is the product of a lot of work and a lot of time. But, while I don’t write Pixel Envy for the most readers — only the best, like you — it’s hard to stay motivated when one great week is followed by a lousy one. It’s probably my fault, or the fault of the season, but I must keep reminding myself that Blanc probably had (and has) crappy weeks himself, and what keeps him motivated is knowing that he does great work. I want to do great work for myself, and for you. That’s what motivates me to keep going.

Apple Forces the Nintype Keyboard to Drop Its Calculator

Just as I thought that things might — might — possibly be improving, Apple snatched that idea right back. Jormy, the developer of Nintype:

So the reason I was given was that “completing calculations” is “not an appropriate use of App Extensions”

I mean, for real?

Update: Turns out this decision was reversed (thanks, Mike M). I ask again: How much confidence can developers really have in a review system that’s so wildly inconsistent?

December 20, 2014

On File Formats, Very Briefly

Paul Ford, in the Manual:

You can take apart these formats and find out which decisions were made to create them. You’ll find that within them each carries the weight of its own past. Whether it’s Photoshop reacting to the enormous power of computers by doing ever more things with images, ever more channel ops and blends, or HTML opening up to accept every kind of data, serving not as a way to present documents but as a sort of glue.

Samsung to Shut Down ChatOn Next Year

I didn’t even know Samsung had an iMessage competitor, though I should have guessed. But they do, or, rather, did. Richard Lawler, Engadget:

The company blamed “changing market conditions” for the change, but seems that despite a claimed 100 million strong user base, people weren’t really using the software preloaded on so many smartphones.

“Changing market conditions”, eh? How’s iMessage doing?

During today’s annual stockholders meeting, Apple CEO Tim Cook revealed (via Bloomberg) that [several] billion iMessages and 15 to 20 million FaceTime calls are made daily. That number suggests iMessage has grown exponentially over the course of the last year as usage numbers were at two billion messages per day in January of 2013.

Maybe if market conditions continue to change, Samsung will keep removing its terrible bloatware.

December 18, 2014

Get Info Redesigned

With every update to OS X comes a reminder of just how far behind some parts of the system are. The Get Info dialog is one of those things; the colour picker is another.

Journalism as Entertainment

Stephen Hackett:

[T]he old-school rules of objective journalism exist for a reason. They protect reporters, subjects and stories from being influenced by emotions. Breaking those rules is fine, as long as expectations are set correctly. The fact that people are upset at Serial’s ending indicates they weren’t.

On the contrary, I think Sarah Koenig did a great job emphasizing that it’s not a fictional drama series, but a real-life event. Adnan Syed is still in prison, and it’s continuously referenced throughout her reporting on the story. If people are upset, that’s an indication that Koenig did a great job of making such a contrived decade-old case so compelling.

Stop the Presses


Yes, we have ever growing access to filtering software to shape our own sphere of coverage, and yet tens of millions of people read, and likely most believed, that Apple had deliberately and secretly deleted competitors’ songs from users’ iPods, an impression which may never be sufficiently corrected. Yes, we’re getting better tools to find and check facts, and yet the incentives to not deceive readers through disingenuous headlining and packaging are clearly not in place. How many headline corrections have you seen in this case?

Not a single one. While most headlines stated that “Apple deleted non-iTunes music from iPods”, or something to that effect, Mike Beasley of 9to5Mac took his headline even further:

Apple admits it deleted songs purchased through competing stores from iPods without warning

Bold. And not just my formatting.

It’s funny, because later in Beasley’s re-reporting, he makes the opposite case:

Apple’s lawyers stress that while such security measures did exist, the plaintiffs have yet to produce a single case of music being lost.

C’est la clickbait.

Drafts 4.0.6

Greg Pierce, the Agile Tortoise himself:

New: Today widget. Now back with the addition of recent drafts summary. Thanks to the help of some fine folks inside Apple for sorting this out.

Of the major App Store rejection stories this past month, all have now had their rejections reversed. But do you think developers — in particular, those who have a lower profile and smaller user base — are much more confident?

December 16, 2014

App Store Discovery Is Completely Broken

It’s so bad that it’s almost as if it’s programmed to be deliberately obtuse. If the App Store were a barista, it would bring you a wrench instead of your coffee and then come around to your house a few weeks later to take it back for unclear reasons.

Shaw Wins Gold in Verbal Gymnastics

Remember that totally craptacular Shaw announcement I wrote about earlier? They finally officially announced the changes to the pricing and service tiers, and it’s like a masterclass in spin:

These new services will introduce faster download speeds and greater value for customers who have our most popular tiers by providing more value per Mbps (Megabits Per Second) download rate.

HS 10 improves to Internet 15
HS 25 improves to Internet 30
BB 50 improves to Internet 60

Sounds good, doesn’t it? Except it’s not like the 50 mbps service becomes 60 mbps for the same price; rather, the 50 mbps service turns into a 60 mbps service for the same price as the outgoing 100 mbps service.


We’re pleased to be introducing a new entry-level Internet service, Internet 5, which is well suited to customers who use their Internet for simple web browsing and email.

Who the fuck, exactly, is going to want a 5 mbps service for the same price as the outgoing 10 mbps service?

The Ten Year DRM Saga Is, at Last, Over

Robert Burnson and Karen Gullo, Bloomberg:

Apple Inc. prevailed in a potential $1 billion lawsuit by iPod customers who claimed restrictions in the iTunes library were meant to kill competition, as a jury handed the company a decisive victory after only three hours of deliberations.

Firmware and software updates in iTunes 7.0, which were contained in the iPod models at issue, were genuine product improvements, the jury in Oakland, California federal court said. That finding meant the company couldn’t be held liable for thwarting competition even if the tweaks hurt rivals.

A decade of combined lawsuits and general nuttiness ended in just three hours. Finally.

All-Canadian Duopoly

I talk a lot here about the importance of ensuring net neutrality. I also talk a lot here about how shitty internet service providers are. But most of the time, I’m talking about this in the context of American providers because the majority of my readership is American. But I’m Canadian, and we’ve got our own problems. Let’s talk about them.

There are two major internet service providers in Canada: Shaw and Telus. There are a few more in certain cities — Rogers and Bell, for example — and several local providers that generally operate using bandwidth from a larger provider. I’m with Shaw, because they’re marginally more reliable than Telus, and they provide Usenet access.

Every year, like clockwork, Shaw bumps their prices up a little; last year, it was by a lot — over 50% in some cases. This year is no different, and I received notification from them a couple of weeks ago that they would be increasing prices by about 10% across the board. Why? Shaw makes several claims:

Canadians use the Internet more than anyone else in the world. We are doing more than just browsing the web and checking email – we’re conducting business, watching videos and movies, streaming TV shows and talking to our loved ones with video chat. Today the average home has 10 WiFi devices with modern appliances, tablets, phones, and home security all increasing traffic on the network. By 2018, Internet traffic is estimated to triple*.

There’s no citation for the statement “Canadians use the Internet more than anyone else in the world”. By number of users and penetration, Canadians are far from the most connected country on earth, and according to Wikipedia’s traffic stats,1 Canada is nowhere near the top. Either that, or we’re just way less curious. It is incomprehensible that Canada — a country with about 10% of the internet users of the United States — could be using more bandwidth.

The citation for the traffic estimate is Cisco’s VNI forecast, which estimated traffic to triple from 2013 to 2018, and we’re nearly halfway through that. Traffic isn’t expected to triple from 2015 to 2018.

So it’s clear that Shaw’s reasons for the price increase are built on shaky ground, at best. Some person named “seanman72” — going out on a limb here that it’s some guy named Sean — has thoroughly deconstructed these arguments.

Simultaneously, Shaw will be cutting back service plans:

Effective Jan 6th (One day after the price increase):

Shaw 100mbps becomes Shaw 60mbps
Shaw 50mbps becomes Shaw 30mbps
Shaw 25mbps becomes Shaw 15mbps
Shaw 10mbps becomes Shaw 5mbps

All for the same increased price of their originating packages…

On the bright side, anyone currently ON one of the higher packages will be grandfathered in, until they have to make any changes to their account (Moving, changing package, etc).

This hasn’t been announced by Shaw, but numerous customers have confirmed it over the phone, though phone staff have offered mixed information regarding grandfathering.

In a country Shaw claims is using the internet most heavily, they are simultaneously raising prices and cutting — by 40-50% — the amount of service offered to their customers. This comes as Shaw and Rogers have teamed up to launch Shomi, a Netflix competitor. Shaw and Rogers also own various Canadian television networks as well.

This smacks of an abuse of their market-leading position, in an industry that has almost no actual competition. Similar to Canada’s cellular carriers, our internet service providers have an unprecedented level of end-to-end control and responsibility in the market. It’s time we started regulating them as we view them in 2014: as utilities.

  1. This is the best source I could find. Most global traffic estimates are behind paywalls of thousands or tens-of-thousands of dollars. I like you, reader, but not quite that much. 

Who’s Apple’s Ideal Customer?

Thomas Verschoren:

There’s a clear devide [sic] within Apple these days. On one side you have the people who bring you WWDC, new SDK’s and who feature LaunchCenter Pro as a top app in 2014. It’s those people who, I think, invite developers to push the boundaries of what’s possible in iOS forward.

On the other side you have the people who promote these free apps, push [in-app purchases] and who see those who develop differently as wrong and force them to remove those imaginative features.

Internal disagreements are common — even encouraged — at most companies, including Apple. But this internal disagreement — similar to the Maps debacle from two years ago — is spilling into the lives of their developers, customers, and most ardent users. Shouldn’t that be enough to spark a large internal shift of priorities and practices?

December 15, 2014

Insecure Keyboard Entry

Daniel Jalkut made a little tool to alert him any time he tries to enter his password in a non-password field on his Mac. Turns out, there are a couple of places in OS X that look and work like secure password entry fields, but aren’t. Like Terminal:

The nice “•” is new to Yosemite, I believe. Previously tools such as sudo just blocked typing, leaving a blank space. But in Yosemite I notice the same “secure style” bullet is displayed in both sudo and ssh, when prompting for a password. To me this implies a sense of enhanced security: clearly, the Terminal knows that I am inputting a password here, so I would assume it applies the same care that the rest of the system does when I’m entering text into a secure field. But it doesn’t. When I type my password to sudo something in the Terminal, my little utility barks at me. There’s no way around it: it saw me typing my password. I confirmed that it sees my typing when entering an ssh password, as well.

There are a couple of radars that are dupe-able in Jalkut’s post, too.

IUMA: Digital Music’s First Big Chance

Caleb Garling:

In IUMA’s final days, computing celebrity John Gilmore furiously scraped the tracks — imploring others to do the same — and stowed them away. In 2012 he worked with Jason Scott of to put the “wreckage” of IUMA, as Scott calls it — 45,000 bands and over 680,000 tracks — back on the web, where it remains today, free for anyone to access.

“It’s what it was always meant to be: a big pile of music that people enjoy listening to,” Scott says. (Though about 100 artists have asked Scott to remove their music, many having shed punk guitar riffs for collared shirts.)

Casual browsing turns up all kinds of hidden gems. Adam Duritz was the lead singer of The Himalayans and would eventually bring the band’s song “Round Here” to the Counting Crows and the top of Billboard charts. Duritz ensured The Himalayans got songwriting credits for the iconic ’90s tune, and their version remains preserved on

Scott says listeners sometimes come across the IUMA music and review it, as if it were new, having no idea these tracks were first uploaded in the 1990s. “The music is timeless,” he says. “It just might be more angry at the first Bush than the second.”

December 13, 2014

The Sony Hacks Are Terrifying

Brian Barrett, Gizmodo:

The most painful stuff in the Sony cache is a doctor shopping for Ritalin. It’s an email about trying to get pregnant. It’s shit-talking coworkers behind their backs, and people’s credit card log-ins. It’s literally thousands of Social Security numbers laid bare. It’s even the harmless, mundane, trivial stuff that makes up any day’s email load that suddenly feels ugly and raw out in the open, a digital Babadook brought to life by a scorched earth cyberattack.

These are people who did nothing wrong. They didn’t click on phishing links, or use dumb passwords (or even if they did, they didn’t cause this). They just showed up. They sent the same banal workplace emails you send every day, some personal, some not, some thoughtful, some dumb. Even if they didn’t have the expectation of full privacy, at most they may have assumed that an IT creeper might flip through their inbox, or that it was being crunched in an NSA server somewhere. For better or worse, we’ve become inured to small, anonymous violations. What happened to Sony Pictures employees, though, is public. And it is total.

December 12, 2014

Apple Probed in Canada Over iPhone Carrier Contracts

Alastair Sharp and Euan Rocha, Reuters:

Canada’s Competition Bureau is investigating allegations that Apple Inc’s Canadian unit used anti-competitive clauses in contracts with domestic wireless carriers, the watchdog said on Thursday.

The bureau said no wrongdoing by Apple’s Canadian arm has been found so far, without stating who made the allegations. An Apple spokeswoman was not immediately available for comment.

Apple was part of that giant Silicon Valley employee anti-poaching ring, so heavy-handed contracts with cell carriers wouldn’t surprise me in the least. But I do wish the CRTC and the Competition Bureau would cooperate to investigate the carriers themselves, too. Or maybe it’s entirely coincidental that all three major carriers announced almost-identical plans when the wireless consumer code was introduced.

Workflow for iOS

Another one of Federico Viticci’s mammoth reviews, and — oh boy — what an app to review. Workflow is like Automator for iOS, and with capabilities like that, it’s worth downloading fast, before Apple pulls it for confusing and ultimately ridiculous reasons.

I’ve been messing around with it for a little while, trying to add a button to my Share sheet to create link posts. It’s incredibly powerful, especially with Pythonista and Editorial integration. I think I’ve gone down the Viticci rabbit hole.

Anyway, if you’d like to join us freaky iOS automation types down in this hole, you can grab the app from this referral link.

December 11, 2014

Transmit’s Forced Removal of Its Sharing Sheet to Be Overturned

The Guardian’s Charles Arthur broke the news in an article about developer grievances with the App Store:

The Guardian understands that Panic will be allowed to reinstate sharing – but that only raises the question of why it was stopped in the first place. Apple declined to comment to the Guardian on the banning or reinstatement of the functionality.

And from Panic themselves:

Update: late Wednesday we got a nice call from Apple. We have resubmitted Transmit iOS with “Send To” (iCloud Drive et al.) restored.

Great for Transmit iOS users, but how does this crapshoot style of App Store moderation instil developer confidence?

December 10, 2014

Instagram Surpasses Twitter’s Userbase

John Gruber:

Perhaps it’s as simple as photos being more appealing to a broader audience than tweets. But I say part of Instagram’s success is that their interface is simpler, and the rules for what you see in your feed are like what Twitter’s used to be: a simple chronological list of posts from the people you choose to follow. Insert your own “Correlation is not causation” disclaimer here, but it seems to me that Twitter’s slowing growth corresponds pretty closely to its complexity increasing over the past few years.

I remember Twitter being easy to explain, even if it wasn’t conceptually easy to understand: “constant 140 character snippets of whatever from people you find interesting”. Twitter is no longer that simple; its complexity has made it more difficult to explain and understand.

Twitter Clients in 2014

Federico Viticci has added another to his series of mammoth reviews, this time regarding the state of Twitter clients in 2014. Pour yourself a coffee for this one, because it’s a great read. Viticci has made known his preference for the official Twitter client, but I found his conclusion most telling as to why I prefer Tweetbot:

2014 Twitter is bigger than Twitterrific and Tweetbot. Today’s Twitter goes beyond text and a traditional display of the timeline – it encompasses native photos (and soon videos), interactive previews, advanced recommendation algorithms, photo tagging features, and a fully indexed search. I didn’t know how much I would come to rely on Twitter’s new features until I started using the official app and now, in spite of design details and advanced functionalities that I still prefer in third-party clients, I don’t feel like I want to switch back.

And that’s because the basic Twitter experience in 2014 is different. Twitter is split in Legacy Twitter and Modern Twitter, and it increasingly seems like users and developers of classic clients will have to stay in the past of the service. Perfectly functional (for now), beautiful in their delightful touches, but ultimately limited.

I am a happy Legacy Twitter user. I don’t much like Cards, the insertion of tweets from people I don’t follow into my timeline, the blue conversation line, or creepy app spying. As Viticci notes, your choice of Twitter client is a personal one. You, like Viticci, may actually like Twitter cards, so you might use the official Twitter app, or you might like a unified timeline, so you’d prefer Twitterrific. The best possible user experience for my needs, however, remains Tweetbot. Regardless of your choice, this is a must-read article.

December 9, 2014

Apple Pay’s User Experience

James Cook at — sighBusiness Insider:

iPhone 6 users are hitting upon a problem when trying to pay for burgers in McDonald’s: Staff don’t know how to accept payment using Apple Pay, the new mobile payments app.


Here’s a post from DKDonkeyKong that explains the problem:

I just got my new Gold iPhone 6 Plus (128GB) yesterday. I went to McDonalds, excited to purchase lunch using my new device. The lady at the front gave me my total, and I said “I’m going to pay using my new iPhone”. She immediately gave a very confused look and told me I could pay using cash or credit. I said that Apple Pay is an NFC-based feature and should work with any NFC terminal. She told me to wait just a moment while she spoke with her manager. At that point I was rather embarrassed and told her I’d just pay with my card.

First of all, it’s from Business Insider, so we’re already off to a bad start.

Then there’s this DKDonkeyKong person, who might — and this is just a guess — not necessarily be the best source for a journalistic outlet.1 But, then again, this is Business Insider.

But there’s actually something to this. Cook continues with a quote from the MacRumors thread from which he sourced this entire let’s-call-it-an-article:

Do NOT involve the cashier. While they ring up, I generally have my phone near the terminal [with] home button pushed. This works over 50% of time. For those other times, when they ask cash or credit, simply say credit. People spend too much time talking to the cashiers. They’re easily confused.

Aside from the holier-than-thou way this poster calls cashiers “easily confused”, they’re kind of right. You shouldn’t need to explain that you’re using Apple Pay; it should work just like a contactless credit card. It’s not cashiers that are to blame, but rather retailers who favour collecting data over customer experience creating unnecessary complications in the contactless payment space.

  1. This is from a MacRumors thread, but you could probably tell that from the way this user explains, in full, which iPhone they bought. I’m half-surprised DKDonkeyKong didn’t also include the model number. 

Big Dogs/Little Fish

Ole Begemann:

What does it say about Apple’s priorities when app review spends its time policing developers for building features that are innovative, useful, and entirely opt-in anyway?

At around the same time, Twitter announced that their app is now spying on users in a new way, using a public API for a purpose it was clearly not intended for. I would argue that this practice, if not against the letter of the Review Guidelines, is much more harmful to users. It’s stuff like this that should warrant action from the app review team.

Things like Begemann’s Twitter example and putting a U2 album on everyone’s iPhone are clearly more detrimental to user experience than having a calculator in Notification Centre. It’s undeniably frustrating for developers to be given a shitload of great new APIs only to be told through subterranean channels that they cannot be used in ways which are innovative, interesting, and ultimately make the platform better.


Jessica Guynn, USA Today:

American companies collect and report information about their workforces to the federal government each year in a form called the EEO-1.

The EEO-1 is a standard form that breaks down race, ethnicity and gender of workforces by job classification.

Facebook, eBay, Google, Yahoo and LinkedIn are among the technology companies that have made public their EEO-1s.


Chief among the companies that decided not to disclose their EEO-1s were Microsoft, Twitter, Apple and Amazon.

Every company’s already-disclosed diversity figures are already so bad that I’m not certain why they’d be so shy about their EEO-1s.

December 8, 2014


Cabel Sasser of Panic has written a short post officially announcing that Transmit for iOS is dropping support for send-to-iCloud Drive, and, collaterally, send-to-several-other-services-on-the-same-sheet. The gold is in the comments, though; an addendum of sorts from Sasser:

Speaking for myself: when we get a call from the App Review Bad News Guy — a very nice guy with a very terrible job — we know we’re in for a difficult few weeks. We haven’t shared, and likely never will share, most of those stories. To be clear, we always work all of the angles available to us to keep our software great, and there’s no doubt there are countless great people at Apple who are doing wonderful work and want the best for all developers. But we have to remember Apple is now a massive organization with countless divisions — the App Review team isn’t even in Cupertino, for example — and sometimes that means the wheels turn slowly or the car, well, drives backwards. It’s hard to describe the legitimate emotional toll we feel when we’re angry or frustrated with a company we love so deeply. But then we realize it’s never Apple we’re frustrated with. It’s always the App Store.

Apple is a fucking massive company; internally, though, it’s been famously described as “the world’s biggest startup”. I don’t think it’s naïvety but rather a sense of optimism that has kept it humming as a gigantic startup, but the widening gap between that and the giant company that it is has become most apparent to developers through the App Stores.

There doesn’t appear to be a common understanding of what rules the app reviewers should be focusing on, or even what rules exist — as far as I can tell, there’s no written rule that prohibits what Transmit was doing here. The lack of consistency is especially frustrating for developers. They become increasingly unsure of how much effort they should invest in features that shouldn’t be controversial. They don’t know if they’re the next ones to be rejected for some feature while dozens of other apps remain on sale with a similar feature.

In this particular case, I don’t understand what Apple gains by having Panic remove their export to iCloud Drive feature. I don’t understand what Apple or their users would lose — financially, morally, ethically, or in any other way — by allowing Transmit to retain this feature. If anything, this entices people to use iCloud Drive.

Meanwhile, there remain apps available in the Store that continue to push out notification spam or have atrocious user interfaces, both of which are explicitly prohibited by the review guidelines.1 Both of these rule violations directly impact users’ experience with the platform, yet issues of this nature are not treated nearly as seriously. Why, for example, is there no way to report apps that send excessive or spam notifications?

We all want Apple to do better here. It’s not about the (bloody) ROI, nor should it be. It’s just an issue of user and developer satisfaction, both of which are being toyed with in inconsistent and frustrating ways. That’s it.

And am I the only one who wishes for a book of stories from development hell?

  1. 5.6 Apps cannot use Push Notifications to send advertising, promotions, or direct marketing of any kind,” and “10.6 Apple and our customers place a high value on simple, refined, creative, well thought through interfaces. They take more work but are worth it. Apple sets a high bar. If your user interface is complex or less than very good, it may be rejected”. And, arguably, “If your App looks like it was cobbled together in a few days, or you’re trying to get your first practice App into the store to impress your friends, please brace yourself for rejection. We have lots of serious developers who don’t want their quality Apps to be surrounded by amateur hour”. 

December 6, 2014

Profound Stupidity, Round Three

Apple’s war on developers putting to use the new APIs in iOS 8 continues. Transmit for iOS doesn’t have a Notification Centre widget, but it does have a ridiculously powerful Share sheet extension. Or, well, did, because Apple has decided to neuter it by removing its send-to-iCloud Drive functionality.

The thing that PCalc, Drafts, and Transmit all have in common is that they’re power user tools. I’d wager heavily that their users are more likely to be longtime Apple supporters and very tech savvy. Never mind the silliness of going after developers who actually use the new APIs; the stupidity of taking on software used by Apple’s most ardent supporters is baffling to me.

December 4, 2014

…And Then It Got Weird

That iTunes/iPod/DRM/RealPlayer/blast-from-the-past lawsuit that’s been going on seemingly since the dawn of consumer technology? Yeah, it just got weird. Brian X. Chen, New York Times:

The class action seeks damages for iPods bought from September 2006 to March 2009. Apple said it checked the serial number of Ms. Rosen’s iPod Touch and found that it was bought in July 2009, months after the class period ended.

Apple’s lawyers also said the company could not verify purchases of other iPods that Ms. Rosen said she had bought, including an iPod Nano in the fall of 2007. Apple lawyers said they had requested proof from Ms. Rosen’s lawyers of her purchases.

Apple also said it had asked the plaintiffs’ lawyers for proof of any purchases of iPods by the other plaintiff in the case, Melanie Tucker of North Carolina. Apple said it verified that an iPod Touch was purchased by Ms. Tucker in August 2010, also outside the class period. In her testimony, Ms. Tucker said she bought an iPod in April 2005.

The judge overseeing the case, Yvonne Gonzales Rogers, said she was concerned about the potential issues presented by the letter. “I am concerned that I don’t have a plaintiff,” she said. “That’s a problem.”

Deleting the Evidence

Jeff Elder, Wall Street Journal:

When a user who had downloaded music from a rival service tried to sync an iPod to the user’s iTunes library, Apple would display an error message and instruct the user to restore the factory settings, [attorney Patrick Coughlin] said. When the user restored the settings, the music from rival services would disappear, he said.

Apple directed the system “not to tell users the problem,” Coughlin said.

This is yet another example of the plaintiffs in this case confusing various computer terminology. In this case, it was an iPod software update with a revised version of FairPlay. And Apple did warn users what would happen, in broad strokes:

We strongly caution Real and their customers that when we update our iPod software from time to time it is highly likely that Real’s Harmony technology will cease to work with current and future iPods.

I’m a generally optimistic guy, so I’m a pretty big believer in Hanlon’s razor. I’d like to believe that the reason Apple didn’t tell users specifically what was going on was due to the kind of confusion that this trial has created. People don’t understand the difference between DRM formats, or even the fact that an audio file has DRM. So Apple not explicitly telling users that they’re updating the iPod to ensure the security of their own FairPlay DRM — and that this will remove songs with unlicensed or hacked versions of FairPlay — is likely borne from simplicity, not malice.


When the Kevin McClory suit was settled last year, I got so thrilled for the prospect of bringing back the best and baddest villains in the Bond franchise, and back they are. Pair SPECTRE with a brilliant cast and crew and I’m so entirely excited for November 2015.

I’m also digging the teaser poster, with a bullet hole somewhat reminiscent of SPECTRE’s logo. Nice.

December 3, 2014

“I Can’t Breathe”

Charles M. Blow, New York Times:

At some point between the moment a Missouri grand jury refused to indict a police officer who had shot and killed Michael Brown on a Ferguson street and the moment a New York grand jury refused to indict a police officer who choked and killed Eric Garner on a Staten Island sidewalk — on video, as he struggled to utter the words, “I can’t breathe!” — a counternarrative to this nation’s calls for change has taken shape.

The argument is that this is not a perfect case, because Brown — and, one would assume, now Garner — isn’t a perfect victim and the protesters haven’t all been perfectly civil, so therefore any movement to counter black oppression that flows from the case is inherently flawed. But this is ridiculous and reductive, because it fails to acknowledge that the whole system is imperfect and rife with flaws. We don’t need to identify angels and demons to understand that inequity is hell.

The iPod/DRM/iTunes/Holy-Shit-It’s-December-2014 Trial Begins

Dan Levine, Reuters:

Opening statements began on Tuesday in an Oakland, California, federal court in the long-running class action, which harks back to Apple’s pre-iPhone era. The plaintiffs, a group of individuals and businesses who purchased iPods from 2006 to 2009, are seeking about $350 million in damages from Apple for unfairly blocking competing device makers. That amount would be automatically tripled under antitrust laws.

Levine’s description of the suit is a bit off. Even the description in the lawsuit itself (PDF) is wrong:

In July 2004, an Apple competitor in the online music market, third party Real Networks (“Real”), introduced a new version of its own digital-song manager, RealPlayer. RealPlayer included a feature called Harmony. Harmony made songs downloaded from Real’s online music store mimic FairPlay, and thus made music purchased from Real playable on iPods.

Music wasn’t required to use FairPlay to play on iPods; non-FairPlay AAC and MP3 files play just fine on any iPod.

Levine, again:

In July 2004, Jobs wrote to other Apple executives with a suggested press release about Real Networks.

“How’s this?” Jobs wrote. “‘We are stunned that Real is adopting the tactics and ethics of a hacker and breaking into the iPod.’”

“I like likening them to hackers,” Apple marketing chief Philip Schiller responded.

During his 2011 deposition, Jobs displayed some of the edge he was known for, according to a transcript filed in court. Asked if he was familiar with Real Networks, Jobs replied: “Do they still exist?”

I don’t understand how this suit still exists.

December 2, 2014

Apple Tells ‘Drafts’ to Remove Note Creation Feature in its Notification Centre Widget

iOS 8 feels very similar to iPhone OS 2: there are a lot of new developer goodies to play with, and apps are being rejected for seemingly random reasons from a frustratingly inconsistent rulebook. It’s not like Agile Tortoise took a big risk by putting a shortcut button in Notification Centre; there were plenty of apps already in the Store that had similar functionality before Drafts 4 was released. Yet it’s the one that’s being restricted over two months after its release for a rule that doesn’t even exist.

Profoundly stupid, take two.

December 1, 2014

I Dot Me Cloud Drive

Dr. Drang:

Then came MobileMe. It was introduced with the iPhone 3G, just before Apple’s internet-connected user base was about to shoot through the roof. MobileMe will forever be remembered as the reason Steve Jobs called a special company meeting to ask two questions:

  1. “Can anyone tell me what MobileMe is supposed to do?”

  2. “So why the fuck doesn’t it do that?”

The phrase “MobileMe” in the Jobs quote above could easily be replaced with any one of Apple’s cloud services, though at a blessedly decreasing rate. I’d wager that it’s an asymptote; whatever Apple calls their cloud service, it will never, ever reach the point of expected reliability. Part of this is because Apple is ambitious, and wants to replace most of their existing web services in one fell swoop. This is made extra complicated because as soon as the service is released, there will be tens of millions of people trying to use it immediately. But that’s really hard to see as an excuse in 2014.

November 27, 2014

Ars Technica’s iWork ’14 Review

It’s incredible just how much of a feature regression Pages experienced in the ’09-to-’13 update, going from an easy-to-use page layout machine to a barely-cutting-it word processor. It still doesn’t support page numbering on alternating sides, full OpenType features, or a useful contextual menu.

November 26, 2014

A Eulogy for RadioShack

Jon Bois, writing for SB Nation,1 shares some of his stories from his employment at the legendary prototypical American electronics retailer:

Most folks who have worked in retail are probably familiar with this. Once every couple months, we’d have to stay after hours and count inventory. The store computer would print out a novel of every single item we were supposed to have in stock, from TVs to transistors to batteries, and then we’d have to root through the entire store and make sure we had all of it.

This could mean staying until midnight on a good inventory, or staying until five in the morning, depending on how obsessive my manager happened to be. RadioShack could very easily have scheduled these regularly and in advance, as a courtesy to its employees, but RadioShack is a craven and unfeeling entity that issued what I can only describe as open contempt of those they employed. The higher-ups preferred to spring them on us with maybe a day’s notice.

That is a major violation of labor laws, but they didn’t care. Sometimes they’d call an hour before the store closed to let us know we were staying there until two in the morning. We could comply or be fired.

Great piece. Altogether unsurprising, too. Every time I went into a RadioShack, I felt overwhelmed by how cheap and nasty everything felt. Not compared to Apple; compared to the dashboard of a mid-’80s Chevrolet. It’s almost as if they genuinely wanted people to feel like they couldn’t buy anything more downmarket.

I once bought a quarter-inch-to-eighth-inch audio cable adapter from RadioShack. It cost me four dollars, I believe, which already felt a bit spendy for something that felt so light and plasticky in my hand. But it’s all they had, and I wanted to plug my headphones into my guitar amp, so I picked it up. I took it home, plugged it in, plugged my headphones in, played for a bit, and felt it was acceptable. Then, I unplugged my headphones, and pulled the entire adapter’s assembly apart with the connector.

I haven’t seen any RadioShack locations near where I live, but we have their replacement, called “the Source”. Same shit, different name.

  1. Which recently, I think, added some sort of bullshit contextual highlight-and-tweet Javascript. It’s baked into the site-wide scripts, though, so I can’t just add it to my JS Blacklist extension, which is a pity. I hope it doesn’t make its way over to the Verge

Android vs. iOS Start Experience

Privacy has its tradeoffs. While the setup process for a Nexus 9 requires just eight steps, the setup process for an iPad Air 2 takes 23. Most of those are for turning on individually-segmented features: iCloud, Find My iPad, iCloud Drive, and your Apple ID all require separate activation steps, for example. It gives the user more control, but it creates a much more cumbersome first-run experience.

Attack of the 50-Foot Save Sheet

Jason Snell:

It turns out — and thanks to Jon Gotow of St. Clair Software, maker of the excellent Default Folder X, for the answer to this — that there’s a bug in Yosemite that causes a sheet to grow taller by 22 pixels every time you use it.

This is such a weird bug, but so easy — and fun! — to reproduce. Just hit Cmd + S in this window, then hit Esc. Rinse and repeat until your Safari window is moving way off-screen to fit the enormous Save dialog.

Reminds me of that amazing Finder bug that Cabel Sasser found years ago.

November 25, 2014


The prosecution screwed up. The President’s speech was weak. The looting and violence is wrong. But the decision not to indict the officer responsible? That’s beyond reproach. I can understand bringing this case before a court and finding the officer not guilty, if that’s what the evidence shows. But refusing to admit that the officer could have possibly committed a crime in the shooting death of an unarmed person? I can’t understand that at all. It’s relatively common in cases like this involving an officer, though.

November 24, 2014

Homescreens in 2014

John Borthwick:

The degree that users are switching core Apple apps — calendar, email, tasks, notes etc. — with alternatives is something that interests me a lot. I discussed this in last years’ shareholder letter. Startups and companies other than Apple made significant inroads here in 2013. Fifty percent of people who have a mail app on their homescreens in the sample have a non-Apple mail app. For task-related apps the number is 57 percent, calendaring 46 percent, weather 44 percent, maps is 54 percent and for podcasting the number is 65 percent. The discovery process in mobile is still nascent, yet Apple has a huge advantage over other app developers by installing their default experiences and not letting carriers change them pre-sale. The large percentage of people going through the hassle of switching suggests that even in an iOS7 post-skeuomorphic world Apple’s apps are often not best in class.

On the contrary, I’m a little surprised that 50% of a sample skewed in favour of a technologically-literate user base continues to use Apple’s Mail app,1 and 54% use the default Calendar app. The users who are not using Apple’s default apps are likely splitting their vote across a wide variety of third-party apps, with the exception of Maps, which is probably almost universally Google Maps.

What that suggests is that Apple’s default apps are good enough for most people, most of the time. Tech-savvy users are using more specialized apps, but not nearly as much I had anticipated.

I see this in my personal circle of friends as well. The vast majority are primarily using Apple’s apps and other “default” apps, like the official Twitter client and the standard Facebook app. My more tech-savvy friends are using a mix of first- and third-party apps, or other alternatives — Facebook Paper over standard Facebook, for instance.

  1. I do, for what it’s worth. 

Calendaring Layouts

I think Lukas Mathis nails his critique of the new Android calendar app, with one minor quibble:

It’s now a «5 Day» view, because it only shows five days. This is confusing, because it means that the starting day in this view changes. Instead of always being Monday (or Sunday in the US), it’s now a random day. So in order for me to figure out what I’m looking at, I first have to take a second to recalibrate my brain. Okay, the leftmost day is now a Wednesday…

I’m one of the heathens who vastly prefers a dynamic week layout, with today plus the next few days; if it’s a Wednesday, the Monday and Tuesday probably don’t matter much to me. Today-plus-four or today-plus-six is how I’ve always had my calendar set up. It’s one of the things a computer calendar does vastly better than a paper one.

November 21, 2014

“The World’s Most Personal Distraction Device”

Shawn Blanc:

I mean, of course I’m excited about the Watch. The UI is unlike anything else out there right now, and there are going to be some really great apps and some really useful ways to use the device.

And yet it’s quotes like this one from Kevin Systrom that describe exactly what I don’t want in a watch:

Apple Watch allows us to make the Instagram experience even more intimate and in the moment. With actionable notifications you can see and instantly like a photo or react with an emoji. The Instagram news and watch list allows you to see your friends’ latest photos, follow new accounts and get a real-time view of your likes and comments.

This is exactly what a Watch app should not be, and it remains a mystery to me as to why Apple put this in their press release, especially when you consider the HIG:

Apps on Apple Watch are designed for quick, lightweight interactions that make the most of the display size and its position on the wrist. Information is accessible and dismissible quickly and easily, for both privacy and usability. The notification Short Look, for example, is designed to provide a minimal alert, only revealing more information if the wearer remains engaged. And Glances provide information from apps in an easy-to-access, swipe-able interface. Apps designed for Apple Watch should respect the context in which the wearer experiences them: briefly, frequently, and on a small display.

November 20, 2014

A Second Kryptos Clue

The New York Times:

Despite many attempts to decrypt it, the final section of the Kryptos sculpture remains unsolved. Jim Sanborn, the sculptor, told the New York Times in 2010 that the 64th to 69th characters, which read NYPVTT, will read BERLIN when decoded.

This week, Mr. Sanborn gave the Times a second clue: the 70th through 74th positions, which read MZFPK, will read CLOCK when decoded.

Twenty years of the best cryptographers in the world having a crack at a 97-letter puzzle, and it remains unsolved. Truly the contemporary Enigma, as it were.

Comments in the Age of Social Media: Recoded

Remember how Reuters dropped comments from their site last week? Today, Recode did the same. Walt Mossberg and Kate Swisher:

The biggest change for some of you, however, will be that we have decided to remove the commenting function from the site. We thought about this decision long and hard, since we do value reader opinion. But we concluded that, as social media has continued its robust growth, the bulk of discussion of our stories is increasingly taking place there, making onsite comments less and less used and less and less useful.

Progress, people. Progress.

November 19, 2014

Thoughts on WatchKit

It’s been less than two months since the Apple Watch was announced, and it won’t ship for several more months, but Apple is getting developers on the fast track by launching the Watch’s SDK, WatchKit, now. And it’s a real treat because it’s the first extended glimpse into the interface and what it means to develop for the Watch. After reading the documentation, what appears clear is that the Apple Watch will be like no other iOS device and no other smartwatch on the market.

Pixels and Performance

Without releasing any hardware, Apple has revealed the answer to a big mystery on that front: the display resolutions of both models of Watch. The 38mm one has a screen that’s 272 × 340 pixels, while the 42mm one measures 312 × 390 pixels. Based on the 1:1 graphic on the Layout page of the Human Interface Guidelines and my rough calculations, that works out to about 312 and 326 pixels per inch, respectively.

If I were a betting man, I’d have bet on a shared resolution, with the smaller one utilizing a trimmed version of the iPhone 6 Plus’ panel, and the bigger one getting the 326 pixel-per-inch panel used in iPhones since the fourth generation. Clearly — and surprisingly, to me at least — that’s not exactly the case.

But what’s not known is just what kind of panel the Watch will have; I’m interested to see whether it’s an LED or some kind of (AM)OLED, which would be Apple’s first.

Along with display pixels, the Human Interface Guidelines also reveal the different sizes of icons required by the system. As you might expect, with two different — and somewhat finicky — display resolutions, there are two sets of icon sizes required. The small Watch has 29-pixel Notification Centre icons, 80-pixel “long look” icons, and 172-pixel home screen icons; the big one has 36-pixel, 88-pixel, and 196-pixel versions of the same. Apple also provides a set of recommended stroke weights for the contextual Force Touch menu icons, with a single pixel of weight difference between the little Watch and the big one.

From the outside looking in, this seems needlessly resource-intensive and complex; two different resolutions with two different sets of icon sizes means a lot of work for designers and developers alike. But it also comes across as a certain level of care and dilligence. Apple didn’t simply trim down an iPhone; this is someting entirely new for them. It’s a complete reconceptualization of personal technology, and it’s going to take some effort for it to work well. 1

Indeed, the HIG is notable for where it differs from the recommendations in, say, the iOS HIG. From the Color and Typography page:

Avoid using color to show interactivity. Apply color as appropriate for your branding but do not use color solely to indicate interactivity for buttons and other controls.

In the equivalent iOS page:

Consider choosing a key color to indicate interactivity and state. Key colors in the built-in apps include yellow in Notes and red in Calendar. If you define a key color to indicate interactivity and state, make sure that the other colors in your app don’t compete with it.

Avoid using the same color in both interactive and noninteractive elements. Color is one of the ways that a UI element indicates its interactivity. If interactive and noninteractive elements have the same color, it’s harder for users to know where to tap.

There are other, more subtle, differences between the way different UI components are treated on each platform. The message here is clear: don’t just try to scale down your iPhone app.

Speaking of hard work for designers and developers, have you seen the Watch’s approach to animation? I’ll simply quote the HIG:

Create prerendered animations using a sequence of static images. Store canned animations in your Watch app bundle so that they can be presented quickly to the user. Canned animations also let you deliver high frame rates and smoother animations.

Let’s see that again in an instant replay:

Create prerendered animations using a sequence of static images.

I didn’t believe that this meant what I knew it meant, so I downloaded the “Lister” demo app to take a look at its assets. And I found a progress bar rendered as a circle, with each of the 360 frames of the animation in its own PNG image. It means exactly what you think it means: each frame is its own image.

There’s more curiousity at play, too: Maps embedded in apps are non-interactive, and app caches are limited to just 20 MB, or approximately 14 floppy disks.

All this adds up to a distinct impression that the Apple Watch is little more than a dumb notifications screen, which is what I — and so many others — have repeatedly stressed that we don’t want. Indeed, that’s basically what the Watch App Architecture document conveys:

When the user interacts with your Watch app, Apple Watch looks for an appropriate storyboard scene to display. It selects the scene based on whether the user is viewing your app’s glance, is viewing a notification, or is interacting with your app’s main interface. After choosing a scene, Watch OS tells the paired iPhone to launch your WatchKit extension and load the appropriate objects for running that interface.

As of right now, it’s write-only.

So why am I not worried? WatchKit is kind of like the “sweet solution” of the Apple Watch, only way better than that ever was. For now, Watch apps are limited to interactive notifications and Glances, Apple’s name for quick, focused information from a parent app. Watch apps require an iPhone to be present, paired, and nearby for them to run, because they’re basically just showing an extended UI projected from the iPhone.

Apple is promising “native” Watch apps later in the year, though it remains to be seen the extent of the processing that can be done on an Apple Watch itself. The limitations currently imposed on Watch apps are likely limited by the speed at which UI components and code can be transmitted from an iPhone to a Watch, not the processor inside the Watch itself. But I’m not sure it’ll be possible to leave the house with only the Watch, and not your iPhone, too. You may not need to take your iPhone out of your pocket, but it appears that you’ll be relying upon it for most connectivity and app data.

For now, though, WatchKit is limited to treating the Apple Watch as a way to show immediately-relevant information, and little more. So why would I be more optimistic about its chances? Or, at least, more optimistic compared to, say, the way I viewed the Pebble Steel or the Samsung Galaxy Gear — or, indeed, smartwatches as a category. I’m more optimistic because it feels like the iPhone all over again: Apple wasn’t the first to market, but they’re seeking to be the best. And everyone else will likely follow in their footsteps.

There’s a lot to pick through in this new territory, but Apple seems dedicated to making it as straightforward as possible for both designers and developers. Developers have extraordinary limitations — barely any options for sizing and placement of UI objects, and no subclassing of interface controllers, both which developers have previously relied upon to create customized interfaces. Designers have the luxury of a care package of PSD templates of icons, interfaces, and UI components.2 Oh, and the new system fonts.

San Francisco

Top to bottom: the standard character set, stylistic set 1 (which is just the alternate 6 and 9), and stylistic set 2 (which is just an open 4).
I remember reading all kinds of reactions to the Apple Watch, but the commentary from designers about the new typeface is what I remember clearest of all. In September, it didn’t even have a name. Plenty of people called it “DINvetica”, while others speculated that this was, indeed, Apple Sans. While it may be the final form of “Apple Sans”, its public name is San Francisco, harkening back to the old Macintosh days of typefaces with names like Chicago and Geneva. Indeed, it now occupies the namespace of Susan Kare’s original.

This is clearly something Apple has been working on for a very long time. Initial — and, dare I say, lazy — comments immediately rushed to compare it to Roboto. A closer look reveals more differences than similarities.

The San Francisco family comes in three styles, each in myriad weights. Display is to be used when text is 20 points or greater, while Text is to be used at smaller sizes. There’s also a Rounded style hiding in the SDK, but don’t tell anyone.3 There are also a few alternate numbers, shown at right, proper small caps, and a plethora of international and special characters. It’s a very comprehensive typeface family.

I compared it against two similar faces: DIN Next is a 2009 update of the venerable DIN 1451, and Roboto is Google’s house face. I threw Helvetica Neue into this comparison because it’s Apple’s current system face. All of these are the regular weights, and all are set at the exact same size, utilizing the fonts’ built-in kerning metrics. A few things are immediately apparent in this comparison:

  1. San Francsico Display is noticeably optimized for larger sizes. Strokes are thinner, and it’s a little tighter.
  2. The “DINvetica” reference couldn’t be more appropriate: the numbers look very similar to Helvetica’s, while the characters take inspiration from DIN.
  3. If Roboto looked a little gross before, it looks really gross in comparison to these. This is the newly-updated version of Roboto, not the old one with the Helvetica-knockoff uppercase-R. It looks way better than the old version, but it’s nowhere near as precise-looking nor as balanced as the others here.
  4. San Francisco Text — that’s the one for smaller text sizes — has similar metrics to Helvetica Neue. Not the same, but if you squint a little, kind of close enough, and closer still to the metrics of Lucida Grande. Perhaps this is eventually the new UI font for all Apple interfaces. It certainly would be more of a distinct signature face than Helvetica, and it would be more legible, too.

San Francisco is extremely exciting. Apple has released a number of in-house typefaces, even very recently — Menlo was released in 2009, and Chalkboard in 2003 — but this is the first comprehensive family to be released since 1984. It’s apparently still being worked on, but it’s in very good shape.4

  1. Sure, Apple’s not the first. But… 

  2. Just how long have we been asking for a PSD of the iPhone UI? 

  3. San Francisco Rounded isn’t shown here because it silently fails to install. 

  4. When you try to print a document with San Francisco, the tracking is absolutely enormous. This might be due to Dynamic Text features, or it might be related to a Yosemite bug for fonts with UPMs greater than 1000. San Francisco has a UPM of 2048. 

NSA Reform Stalls

Dustin Volz, National Journal:

Senate Republicans blocked legislation Tuesday that would limit the government’s sweeping domestic spying powers, dealing a massive blow to the post-Snowden efforts to reform the U.S. surveillance state.

At a final vote of 58 to 42, nearly every Democrat and four Republicans voted for the bill, the USA Freedom Act, but it failed to clear the 60-vote threshold necessary to move forward in the upper chamber. Its defeat almost certainly means that any reforms to the National Security Agency will have to wait until next year, when Republicans take over the Senate.

With nearly every Republican voting against this bill, what are the chances that any real reform will occur next year when they’re in the majority?

November 18, 2014

Uber Executive Suggests Digging Up Dirt On Journalists

Ben Smith, BuzzFeed:

A BuzzFeed editor was invited to the dinner by the journalist Michael Wolff, who later said that he had failed to communicate that the gathering would be off the record; neither Kalanick, his communications director, nor any other Uber official suggested to BuzzFeed News that the event was off the record.

Keep the “off the record” defence in mind as you read what Uber SVP Emil Michael said at the event:

Over dinner, [Michael] outlined the notion of spending “a million dollars” to hire four top opposition researchers and four journalists. That team could, he said, help Uber fight back against the press — they’d look into “your personal lives, your families,” and give the media a taste of its own medicine.


Michael was particularly focused on one journalist, Sarah Lacy, the editor of the Silicon Valley website PandoDaily, a sometimes combative voice inside the industry. Lacy recently accused Uber of “sexism and misogyny.” She wrote that she was deleting her Uber app after BuzzFeed News reported that Uber appeared to be working with a French escort service.


He said that he thought Lacy should be held “personally responsible” for any woman who followed her lead in deleting Uber and was then sexually assaulted.

This is so incredibly offensive. Sarah Lacy responded on PandoDaily (skip the comments, obviously):

Unless forces more powerful than me in the Valley– or even Washington DC– see this latest horror as a wakeup call and decide this is enough. That the First Amendment and rights of journalists do matter. That companies shouldn’t be allowed to go to illegal lengths to defame and silence reporters. That all these nice words about gender equality in tech aren’t just token board appointments every once in a while. That professional women in this industry actually deserve respect. That they shouldn’t be bullied with the same old easy slurs about bitchiness or sexual objectification. That deep scary misogyny in a culture isn’t something that you hire a campaign manager to “message out” of a founder, nor is it something you excuse as genius at work. That there is a line someone can cross, even amid an era where the Valley believes founders can never be fired.

That last line seems a little prophetic now. Uber’s CEO went on Twitter to apologize for Michaels’ behaviour but, as Mashable’s Todd Wasserman reports, didn’t fire him. Atrocious, but expected in Silicon Valley. And that’s what’s so depressing about this story: it’s par for the course.

November 17, 2014

Ads in Firefox’s New Tab Page Are Live

Darren Herman of Mozilla:

For users with no browsing history (typically a new installation), they will see Directory Tiles offering an updated, interactive design and suggesting useful sites. A separate feature, Enhanced Tiles, will improve upon the existing new tab page experience for users who already have a history in their browser.

Tiles provides Mozilla (including our local communities) new ways to interact with and communicate with our users. (If you’ve been using a pre-release Firefox build, you might have seen promotions for Citizenfour, a documentary about Edward Snowden and the NSA, appearing in your new tab in the past few weeks.)

Tiles also offers Mozilla new partnership opportunities with advertisers and publishers all while respecting and protecting our users. These sponsorships serve several important goals simultaneously by balancing the benefits to users of improved experience, control and choice, with sustainability for Mozilla.

Translation: “We know these ads are gross, but being forever dependent on Google is worse for us. Also, we’ve just found out that it’s really difficult to make money while giving away for free our software and its source code. Also, check out this ad for a movie about the NSA being creepy as shit while we collect your browser history to tailor ads to you.”

“Or Maybe It’s Just a Malware Infested Serbian Honeypot”

While I merely complained about the use of undetectable ad tracking tags used by AT&T and Verizon, “John Gordon” actually checked out the opt-out steps:

AT&T does have a great sense of humor though — here’s the opt out link you’re supposed to visit while on AT&T’s network:

AT&T Adworks –

Yeah, an IP address. I think it’s legit, fwiw the footer says “AT&T’s intellectual property”…

Interestingly enough, AT&T has a support article on their website about phishing:

The good news is that you can avoid scams by looking for telltale signs that indicate when a site is fake or an email is phishy. The next time you are not completely confident that you are on a legitimate website or that an email you received is valid, check for these signs:

Uses an incorrect URL – If you are used to going to your bank via a regular address and the address of the site you land at is not the same name, you can be confident that you are not at the real site. Always double check to make sure that the site address is accurate. You can also hover your mouse pointer over a link in the email to verify that the link is directed to the same site that the email came from.

So, in short, be on the lookout for scams that look legitimate, and legitimate sites that look like scams. And it’s still a big mystery to some that people actually fall for this stuff.

Apple Releases iOS 8.1.1

Some welcome improvements in this update, including (finally) a fix for the Share sheet extension reordering bug, and some nice performance improvements for older hardware.

Update: Federico Viticci noted a couple of edge cases to setting and maintaining Share sheet extension reordering. The systemwide nature of Share sheet extensions is simple to understand for everyone, but might feel heavy-handed for power users. On the other hand, setting them on a per-app basis would be a huge pain in the ass.


Josh Constine, TechCrunch:

Watchville for iOS pulls in news stories from top watch blogs with cheeky names like Perpetuelle and Haute Time. That includes hands-on reviews, buyer’s guides, and feature posts that will titillate timekeepers, whether they consume through the app’s Reader Mode or view the original articles through Watchville’s internal browser.

Collectors can synchronize their watches to the exact time using the app’s Atomic Clock. Little bell sounds count down the last five seconds of each minute so they can listen for just when to punch in the crown. And if their timepieces show the moon phase, they can set that too.

If it all sounds wildly esoteric, that’s kind of the point. There’s a small, diehard, but very lucrative community that Watchville wants to appeal to.

I don’t anticipate this market is shrinking, either. I wonder how such a market will react to the Apple Watch, particularly the Edition model. The timelessness of luxury watches is a huge part of their appeal; constant iteration, on the other hand, is part of technology’s appeal.

November 14, 2014

Code Names of the Surveillance State

Trevor Paglen presents “Code Names of the Surveillance State,” a video installation in Metro Pictures’ upstairs gallery composed from more than 4,000 National Security Agency (NSA) and Government Communications Headquarters (GCHQ) surveillance program code names. Projected onto four walls as an endlessly scrolling series of columns, the code names are deliberately nonsensical, often droll and sardonic words or short phrases without discernable connection to the programs they designate. “Bacon Ridge” is an NSA installation in Texas, “Fox Acid” an NSA-controlled Internet server designed to inject malware into unsuspecting web browsers, and “Mystic” a program to collect every phone call from the Bahamas.

Paglen’s works are not explanatory documents of his subjects; instead, they are revealing and eerie evidence of the US government’s vast secret surveillance apparatus. His installation is as enigmatic and seductive as is his photographs of drones, black op programs, spy satellites and military “black sites.” Within the installation the code names are subtly suggestive of the clandestine programs they represent, just as Paglen’s photographs, shot from great distance using specially devised photographic equipment, reveal isolated facilities and distant objects in the sky as untethered and dreamlike aberrations.

If you’re in New York City and you don’t go see this — it’s on until December 20 — I will be deeply saddened. This looks incredible. It’s the kind of thing that makes me wish I had more time to devote to art making.

AT&T Stops Using Undeletable Phone Tracking IDs

Julia Angwin, Pro Publica:

AT&T says it has stopped its controversial practice of adding a hidden, undeletable tracking number to its mobile customers’ Internet activity.

“It has been phased off our network,” said Emily J. Edmonds, an AT&T spokeswoman.

Here we have a case of AT&T actually doing the right thing. They get criticized so frequently for so many reasons, so I think it’s important to point out when they do something good and ri—

*mimes touching earpiece*

What’s that? Oh.

Edmonds said AT&T may still launch a program to sell data collected by its tracking number, but that if and when it does, “customers will be able to opt out of the ad program and not have the numeric code inserted on their device.”


Google Glass Future Cloudy

Sarah Mcbride, Malathi Nayak, and Alexei Oreskovic, Reuters:

After two years of popping up at high-profile events sporting Google Glass, the gadget that transforms eyeglasses into spy-movie worthy technology, Google co-founder Sergey Brin sauntered bare-faced into a Silicon Valley red-carpet event on Sunday.

He’d left his pair in the car, Brin told a reporter.

Bet he didn’t leave his phone in the car, though.

November 13, 2014

The A8X’s GPU

Ryan Smith, AnandTech:

[It] has become clear that with A8X Apple has once again thrown us a curveball. By drawing outside of the lines and building an eight cluster GPU configuration where none previously existed, the A8X and its GXA6850 GPU are more powerful than even we first suspected. Apple traditionally aims high with its SoCs, but this ended up being higher still.

The numbers here are just off the charts. The iPad is aching for software features that can really take advantage of performance like this.


From Microsoft TechNet:

This security update resolves a privately reported vulnerability in the Microsoft Secure Channel (Schannel) security package in Windows. The vulnerability could allow remote code execution if an attacker sends specially crafted packets to a Windows server.

This security update is rated Critical for all supported releases of Microsoft Windows.


When this security bulletin was issued, Microsoft had not received any information to indicate that this vulnerability had been publicly used to attack customers.

No time to gloat; this is properly scary. This remote code execution vulnerability exists in pretty much all versions of Windows since 95, and it requires almost no user interaction beyond using Internet Explorer to go to the wrong website. And it’s about to get scarier because that last line — the bit about it not being used in the wild — has just changed.

Patch up.

November 12, 2014

Comments in the Age of Social Media

Reuters recently turned off comments on their articles, perhaps realizing that they’re not exactly a bastion of considered thought. However, there was a curious paragraph in executive editor Dan Colarusso’s announcement:

We value conversation about the news, but the idea of comments on a website must give way to new realities of behavior in the marketplace.The best place for this conversation is where it is open to the largest number of participants possible.

Translation: the best place for this conversation is as far away as is possible from Reuters properties.

Twitter’s New Mission Statement

Yoree Koh, Wall Street Journal:

[Twitter CFO Anthony] Noto, who led and emceed most of the all-day event, also read out Twitter’s new strategy statement, which he admitted was a mouthful: “Reach the largest daily audience in the world by connecting everyone to their world via our information sharing and distribution platform products and be one of the top revenue generating Internet companies in the world.”

“I struggle to read it every time,” Noto said.

There are word salad mission statements, and then there’s this jumbled pile of meaningless spew. Let’s take this bit-by-bit:

Reach the largest daily audience in the world…

It reads as though they were forced to jam into the statement the worldwide, real-time intent of Twitter, so that’s why this phrase has every buzzword.

…by connecting everyone to their world…

Two instances of the word “world” separated by just five words makes my head whirl.

…via our information sharing and distribution platform products

What the hell is a “platform product”? Why both? What separates these “platform products” from other “information sharing and distribution platform products” like email?

…and be one of the top revenue generating Internet companies in the world.

My guess is that they wrote the first bit of the statement, then realized their investors might get a bit testy when they didn’t include money. Also, another “in the world”? Was this statement written by Jeremy Clarkson?

It’s also 80 characters longer than a tweet, which should be the new benchmark for mission statements, especially Twitter’s.

Ars Technica’s Android “Lollipop” Review

Judging by Ron Amadeo’s review, it seems that this update is a big refinement across the board. As iOS 7 was to iOS 6, Android 5 is to Android 4.x: a universal revision, aiming to provide consistency and structure across the OS. And, as iOS 7 took cues from Android at the time, Lollipop takes some cues from iOS: the lock screen, in particular, looks like a lightly-skinned version of iOS’.

But who cares? All mobile OSes are basically converging towards the same point, each taking inspiration (and often more) from their competition. Until something brand new in either software or, more likely, hardware comes along to really shake things up, we’re probably going to be seeing more of the same push towards refinement, not revolution. And that’s okay.

November 10, 2014

Ted Cruz’s Net Neutrality Take Isn’t Just Dumb, It’s Dangerous

Kate Knibbs, Gizmodo:

Corporations can be just as tyrannical as corrupt federal administrations, and we have been in danger of ISPs controlling and corroding the flow of information through the internet in a way that would be detrimental to everybody. This is not a case of government scope creep. This is a case of the executive branch of the government taking a stand in an attempt to preserve an endangered freedom.

The only thing net neutrality would slow down is the speed at which you’re getting fucked, and that’s something everyone in Congress should agree on.

Yeah, yeah: Gizmodo. But this is a perfect response to Sen. Cruz’s bile.

President Obama on Net Neutrality

From the President’s prepared remarks:

The rules I am asking for are simple, common-sense steps that reflect the Internet you and I use every day, and that some ISPs already observe. These bright-line rules include:

  • No blocking. If a consumer requests access to a website or service, and the content is legal, your ISP should not be permitted to block it. That way, every player — not just those commercially affiliated with an ISP — gets a fair shot at your business.

  • No throttling. Nor should ISPs be able to intentionally slow down some content or speed up others — through a process often called “throttling” — based on the type of service or your ISP’s preferences.

  • Increased transparency. The connection between consumers and ISPs — the so-called “last mile” — is not the only place some sites might get special treatment. So, I am also asking the FCC to make full use of the transparency authorities the court recently upheld, and if necessary to apply net neutrality rules to points of interconnection between the ISP and the rest of the Internet.

  • No paid prioritization. Simply put: No service should be stuck in a “slow lane” because it does not pay a fee. That kind of gatekeeping would undermine the level playing field essential to the Internet’s growth. So, as I have before, I am asking for an explicit ban on paid prioritization and any other restriction that has a similar effect.

This isn’t in any way about changing the way the internet works; it’s about retaining the way the internet has always worked in the face of increasing corporate influence.

Unfortunately, it seems as though some people have got it into their heads that the internet should be regulated not by the government but by corporate interests. These uncompromising beliefs have polarized an issue that, frankly, is something that should be immune to polarization. The overarching principles of net neutrality are generally agreeable and not something most people would debate; it is the idea that government would set rules around this that seems to frighten people, which is unfortunate. The government already sets rules that prohibit other utilities from discrimination; why would the internet be any different?

More unfortunate is the unlikelihood of any regulations being passed on this extremely important issue. Now that Republicans — overwhelmingly those who not only disagree with net neutrality regulations due to a market solutions-based philosophy, but who summarily reject anything the Obama administration proposes — control both the House and Senate, the likelihood of a bill becoming law is extraordinarily slim. If such a bill were to be proposed, it’s likely that it would become a watered-down, corporate-influenced version of such a bill that doesn’t actually set net neutrality boundaries, but rather reinforces the ability for ISPs to jerk their customers around. Though, that’s probably true regardless of the party in charge — telecom companies routinely donate large amounts of money to candidates from both parties.

Remember, too, that though this debate is taking place largely in the United States, its effects will be felt worldwide. The US exerts massive influence on the way other countries will follow. As Voltaire reminds us, this power doesn’t come without responsibility.

iCloud Drive Stumbles

David Sparks:

I don’t know what to think about Apple and the cloud at this point. I think this is really important to Apple’s success (and my ability to get the most out of their products). Nevertheless, they keep stumbling. I know what they are doing at this massive scale is hard. However, Apple’s secretive nature combined with these obvious problems makes it appear they just don’t care, which I don’t think is true but nonetheless frustrating when it interrupts my flow. I suspect the truth is that the iCloud team is pedaling like mad and don’t want to publicly acknowledge these problems but instead just fix them.

I want to believe that iCloud’s reliability is getting to a point where us nerdier types can comfortably recommend it to our friends and family. But the bungled launch of iCloud Drive combined with quiet changes and backwards incompatibility puts at risk much of the cloud services goodwill Apple has been trying to salvage.

I don’t know how long it’s going to take iCloud to become reliable, but it will almost certainly be shorter than the amount of time it will take me to feel comfortable relying upon it. And I should be able to rely upon it. While I may feel that my local storage is more secure, the truth of the matter is that it cannot compete with server farms mirrored worldwide. Though I could pick up some Amazon storage or use Dropbox, an OS-integrated solution makes far more sense to me if it were done right.


When I was a little younger, I used to spend an awful lot of time hanging out on IRC in small rooms of like-minded people. I’ve made a lot of acquaintances and a few friends in that way. Over time, those relationships moved over to Twitter. While the friendships continue, it’s more passive, and a little harder to keep a discussion going. While I’m not one to hope Twitter goes away, I see the value in a platform more tailored to conversations.

For the past week, I’ve been testing an interesting new app called Wulu that promises that and, for the most part, seems to deliver. They describe it this way:

WULU is a place for real people and real conversation.

Just pick a trending topic and we’ll pair you with other people looking to talk about the same thing.

Which makes sense, but I like to think of it as short, real-time conversations among four like-minded people. Just four: no more, no less.

Now, full disclosure: one of the creators of the app, Andrew Turnbull, emailed me to tell me about it, and to inquire about purchasing sponsorship space on the site. I get loads of emails like this, and I ignore most of them, but Wulu seemed interesting. I declined the sponsorship, but told him I’d check out the beta and see if it interested me. And it’s earned a space on my first home screen, so I think that tells you all you need to know.

The app also has another interesting angle: it was developed right here in Calgary. So I met Andrew for coffee (well, tea) yesterday and got to know a little more about the intent of the app. He reiterated that the real-time aspect was very important, so that’s why there’s no archived chats. He explained that double-tapping on a comment in a thread would “nod” that comment — sort of like a thumbs-up; each nod equates to a point, and there’s a leaderboard to see how many nods you and others are getting. Andrew explained to me that this encourages productive conversations, rather than spam. (There’s a “report inappropriate” button on each user’s profile to combat the latter.)

To reiterate: I wasn’t paid for this post, and not even encouraged. I’m just a fan of the app and wanted to let you, my dear readers, know about it. It’s definitely a 1.0; there are some things that aren’t entirely sorted out. Topics, for example, are currently set manually by the founders, with Google News, and trending Facebook and Twitter topics as guides. But it’s a really good start. You should check it out.

November 9, 2014

The Future of Unison

Cabel Sasser:

Unison — our excellent OS X app for accessing Usenet Newsgroups and the many wonders and mysteries contained within — has reached the end of its road after years of faithful service.

Unison’s end is bittersweet. The market for a Usenet client in 2014 isn’t exactly huge. But if you know Panic, you know we do our very best to never drop things awkwardly — we like to leave our apps in a good place for our (very) valued users.

Frankly, I’m surprised that Unison has survived this long. How many people — aside from a few nerds like myself — actually use Usenet in a year beginning with “2″?1 And, yet, it soldiered on, until now. This is a textbook example of how to discontinue an app in a way where nobody really loses.

  1. There are two major ISPs in Calgary, and I deliberately chose the one that offers Usenet access. Because, of course, I totally like talking to people in a 1980s way. That’s why. 

November 6, 2014

Amazon’s Echo Chamber

Dustin Curtis:

People buy hardware that fits into their lives, and becomes part of how they identify themselves to the world. If you want to sell hardware, you have to be in fashion, like Samsung was two years ago, or like Apple has always been. Amazon is incapable of understanding fashion, because it has no taste, and its hardware is completely unfashionable and tasteless.

The Great Bitcasa Data Purge

I hadn’t heard of Bitcasa until I started reading about this euphemistically-named “new storage infrastructure”, and the woes it’s creating for users. What a mess.

(Via Jason Scott.)

Amazon Echo Amazon Echo Amazon Echo

Darrell Etherington, TechCruch:

Amazon has a new product that doesn’t really have any current equivalent form any other tech company – a connected speaker called Echo that’s always-on, listening for commands that its virtual assistant can then respond to with information or by triggering a task.


Amazon notes that it only listens when you say the activation word, which appears to be “Alexa” by default.

So it’s always listening, then.

And I wonder if this, like the Fire Phone, will simply be a conduit to buying stuff from Amazon. If it can be hooked up home-wide and it’s not pushy about filling your Amazon cart, it could be a slick Jarvis-esque product. If it’s just gonna suggest new albums to buy when you tell it to play music, it sounds pretty weak. In either case, I’m not sure I’d buy one; Amazon simply isn’t a great hardware company.

November 5, 2014

Matias Duarte and Bullshit

Marco Arment:

Google’s use of their Android sharing icon in their iOS apps has nothing to do with “open” nonsense and everything to do with Google asserting that they know better.

Apple shamelessly pulls the same move — see, for instance, every Windows app they’ve ever made — but they don’t patronize us with bullshit justifications.

I went to art school. I’ve seen people dream up some conceptual nonsense to fit whatever piece they threw together the night before. I can smell bullshit.

If you want to stay “on brand”, just say so. That’s why the new Google Maps looks the same on iOS and Android: all Roboto all the time, “material” design, and a vertical ellipsis to denote “more” in the toolbar.

(And by “their Android sharing icon”, Arment means Alex King’s sharing icon.)

Too Much Encryption Killed BlackBerry, According to a Former NSA Lawyer

Jemima Kiss, reporting for the Guardian:

[Former NSA general counsel Stewart] Baker said encrypting user data had been a bad business model for Blackberry, which has had to dramatically downsize its business and refocus on business customers. “Blackberry pioneered the same business model that Google and Apple are doing now – that has not ended well for Blackberry,” said Baker.

He claimed that by encrypting user data Blackberry had limited its business in countries that demand oversight of communication data, such as India and the UAE and got a bad reception in China and Russia.

That’s the best you’ve got, Baker?

Encrypting user data was and, in fact, has always been one of the highlights of the BlackBerry product range. It’s why the Pentagon has ordered boatloads of them, as recently as earlier this year. It’s one of the features former NSA chief Micheal Hayden praised:

Mr. Hayden said the BlackBerry has “baked in a heightened level of security from the beginning” and has an “inherent advantage” over other devices, but: “I bought an iPhone. What more can I say?”

So the US government and its most secretive factions praise the BlackBerry’s ability to encrypt data and have showered them with impressive contracts as a result.

Let’s look at Baker’s other claim: that this level of secrecy has resulted in limited adoption in places that demand less encryption, and that the increased security on iPhones and Android phones will cause their demise. Like Baker, we’ll start in India, where the iPhone has just had its best year of sales yet:

Apple has sold more than a million iPhones in India since its current fiscal year started in October, a major milestone for a company that wasn’t serious on the South Asian market until a couple of years ago.

The company didn’t reveal its India sales data, but industry research agencies put it at 1.02 million between October 2013 and August 2014. Sales are likely to reach 1.1 million units by the time Apple’s fiscal year ends on September 30.

A million phones in a country of a billion people doesn’t sound like much, but India is a developing nation. A majority of those phones are the 5S model, too — this report came out before the iPhones 6 were released there — which support more robust encryption that previous models.

How about the United Arab Emirates? While some iPhone functionality, like FaceTime, is disabled there, iPhones occupy three of the top five most-used smartphones in the country. A third-party company also launched a gold-plated iPhone in Dubai, which allegedly made Justin Bieber cry.

But back to Baker’s premise: was BlackBerry killed by too much encryption? No. They simply failed to keep up with the iPhone and, subsequently, Android phones that had big multitouch displays and a much better user experience. People simply bought the better product.

Intelligence agencies sure are scared shitless that they can’t read our text messages, though, aren’t they?

November 4, 2014

Verizon Injecting Perma-Cookies to Track Mobile Customers

Not content with ruining journalism, Verizon has decided to put some effort into maintaining the shitty reputation of ISPs and cellular carriers. Jacob Hoffman-Andrews, of the EFF:

Verizon users might want to start looking for another provider. In an effort to better serve advertisers, Verizon Wireless has been silently modifying its users’ web traffic on its network to inject a cookie-like tracker. This tracker, included in an HTTP header called X-UIDH, is sent to every unencrypted website a Verizon customer visits from a mobile device. It allows third-party advertisers and websites to assemble a deep, permanent profile of visitors’ web browsing habits without their consent.

Unfortunately, by signing the extremely long Verizon service agreement, you’re also agreeing to the very long privacy policy, of which a subsection does enable Verizon to be this creepy (emphasis mine):

We collect information about your use of our products, services and sites. Information such as call records, websites visited, wireless location, application and feature usage, network traffic data, product and device-specific information and identifiers, service options you choose, mobile and device numbers, video streaming and video packages and usage, movie rental and purchase data, FiOS TV viewership, and other similar information may be used for billing purposes, to deliver and maintain products and services, or to help you with service-related issues or questions. In addition, this information may be used for purposes such as providing you with information about product or service enhancements, determining your eligibility for new products and services, and marketing to you.

This is buried way down in Verizon’s sub-sub-agreement, almost as though they hope nobody reads these things. Worse still, as the EFF points out, the header is part of all your traffic over their network, is specific to your device, and can be sniffed by anyone. Creepy.

Should I Call 999 for a Whambulance?

Robert Hannigan, the head of the GCHQ — sort of the British equivalent of the NSA — wrote an op-ed in the Financial Times:

Terrorists have always found ways of hiding their operations. But today mobile technology and smartphones have increased the options available exponentially. Techniques for encrypting messages or making them anonymous which were once the preserve of the most sophisticated criminals or nation states now come as standard.

It’s unrealistic for governments to shut down all spying and intelligence operations, but why should Apple and Google make it any easier for creepy agencies to peek into and record our everyday communications?

Besides, it’s not as though the new security measures in iOS 8 are uncrackable. Apple’s just not going to do — and, in fact, can’t do — the job of a law enforcement official seeking to extract the data from a perp’s phone.

Hannigan, again:

However much [technology companies] may dislike it, they have become the command-and-control networks of choice for terrorists and criminals, who find their services as transformational as the rest of us. If they are to meet this challenge, it means coming up with better arrangements for facilitating lawful investigation by security and law enforcement agencies than we have now.

Presumably, Hannigan was getting close to the word limit offered to him by the Times, because it cut off the rest of this paragraph. Which, I assume, was to read: “For example, we could stop the bulk collection of data from global internet traffic.” Pity this got cut off in the final version though.


But privacy has never been an absolute right and the debate about this should not become a reason for postponing urgent and difficult decisions.

Act before you think. Shoot first and ask questions later. That’s what they say in Texas and, as it turns out, in Cheltenham.

As we celebrate the 25th anniversary of the spectacular creation that is the world wide web, we need a new deal between democratic governments and the technology companies in the area of protecting our citizens. It should be a deal rooted in the democratic values we share. That means addressing some uncomfortable truths. Better to do it now than in the aftermath of greater violence.

That’s how Hannigan actually ends this thing: with a taunt. Ridiculous.

November 3, 2014

Verizon Is Launching a Tech News Site That Bans Stories on U.S. Spying

It’s telling about this site’s popularity that the three most recent stories on Sugarstring’s homepage were published 6, 10, and 12 days ago. Its Twitter account may have 75,000 followers, but StatusPeople estimates that 17% of them are fake and 29% are inactive, as of September 3. It also looks like a totally generic knockoff of ReadWrite and the Verge. What an exciting entrant into the world of churnalism.

November 2, 2014

Amazon Unclear on Diversity

This week, Amazon released their workplace diversity figures, and they’re, well, a little sketchy. The Rainbow PUSH Coalition, as quoted by David Streitfeld in the Times:

“Their general work force data released by Amazon seems intentionally deceptive, as the company did not include the race or gender breakout of their technical work force,” the statement said. “The broad assumption is that a high percentage of their black and Latino employees work in their warehouses.”

I’m not sure about malicious, but Amazon’s figures are certainly less forthcoming than the figures from other companies. Amazon, like Microsoft, seems to be masking their male- and white-dominated workforce. Apple, too, does not break out their retail employees from their corporate employees; one might reasonably guess that, in the current employment environment, their retail employees are more likely to be women or minorities than their corporate employees. Diversity statistics which break out different divisions within the company would be much more revealing for all tech companies.

November 1, 2014

The Internet’s First Family

Stephan Thomas wrote a great profile of Metafilter for Hazlitt Magazine:

People connect to each other here, is what I’m saying. They get to know each other and they treat each other well. If Twitter is people you don’t know at their wittiest, and Facebook is people you do know at their most mundane, then MetaFilter, I would say, is a family of strangers.

Trent Reznor Is Doing Something at Apple

Joe Levi interviewed Trent Reznor for Billboard. Reznor answered a question about his role at Apple:

Beats was bought by Apple, and they expressed direct interest in me designing some products with them. I can’t go into details, but I feel like I’m in a unique position where I could be of benefit to them. That does mean some compromises in terms of how much brain power goes toward music and creating. This is very creative work that’s not directly making music, but it’s around music.


Let’s Talk About Money

Over the past few years, I’ve let this site run at a loss. It’s not super expensive to host, but it’s not super cheap either. But I’d like to change that. I’m not going to be writing for profit or for my only job at any point in the near future, but I’d like to offset the costs of hosting the site. I think that’s fair.

To do so, I’ve joined the Carbon Ads network. There’s a tiny, tasteful ad in the sidebar. Just one, though, and that’s all you’ll see.

Writing here has never been about money, but I’ve always liked to be reasonable about my costs in everything I do. You will see no negative changes here — I won’t be doing clickbait headlines, listicles, or any of that other crap to drive up page views and impressions. I just want to offset some of my costs here. Perhaps I’ll even write a little more regularly, something which has fallen by the wayside a bit.

I’m running this as a little experiment, and we’ll see how it goes. If you have any questions or comments, please feel free to let me know.

Thank you, as always, for reading.

October 31, 2014

Police Can Require Cellphone Fingerprint, Not Pass Code

Elisabeth Hulette, of the Virginian Pilot (via Steven Frank because, really, why would I be reading the Virginian Pilot?):

Judge Steven C. Frucci ruled this week that giving police a fingerprint is akin to providing a DNA or handwriting sample or an actual key, which the law permits. A pass code, though, requires the defendant to divulge knowledge, which the law protects against, according to Frucci’s written opinion.

You may disagree with this — I know I do — but this argument actually makes sense. A workaround for this, if you’re interested, is to simply shut off your iOS device before the police seize it; it will require the passcode when it wakes.

90% of Mobile Transactions in the US Are Made at a Starbucks

John Cook, GeekWire:

[J]ust how important is mobile technology for the Seattle coffee retailer?

Consider this: Starbucks said today that roughly 16 percent of its U.S. sales now occur through a mobile device, with the company now handling about seven million mobile payments each week. It also controlled about 90 percent of all mobile payment transactions last year.

You’ll notice that Starbucks is not a CurrentC partner.

A Week With the Retina iMac

Shawn Blanc:

When I’m standing here, using the iMac, I keep thinking about how it’s all about the screen. But what’s crazy is that the screen is only half the story. Inside this iMac just so happens to be one of the fastest Macintosh computers on the planet. Take away the Retina display and you’ve still got an incredible machine. But you don’t have to take away the display. With the Retina iMac you’ve got your cake and you’re eating it, too.

Like Shawn, I’ve always had a laptop as my main machine, hooked up to an external display when I’m at my desk. But, also like Shawn, the amount of time my MacBook Air actually leaves my desk has dwindled to the point where a desktop is starting to look more favourable. The Retina iMac makes that kind of decision much, much easier. This is the first time in as long as I can remember where I’ve considered giving up the “freedom” of a laptop that I have but don’t actually exercise for a desktop. And what a desktop.

Tim Cook: “I’m Proud to Be Gay”

Tim Cook, in a special for Bloomberg Businessweek:

While I have never denied my sexuality, I haven’t publicly acknowledged it either, until now. So let me be clear: I’m proud to be gay, and I consider being gay among the greatest gifts God has given me.


I don’t consider myself an activist, but I realize how much I’ve benefited from the sacrifice of others. So if hearing that the CEO of Apple is gay can help someone struggling to come to terms with who he or she is, or bring comfort to anyone who feels alone, or inspire people to insist on their equality, then it’s worth the trade-off with my own privacy.


October 29, 2014

A Translation of MCX’s Hastily-Written Blog Post from PR-Speak to Plain English

You may recall this weekend’s discussion of a new mobile payment solution called CurrentC. Though it won’t launch until next year, its exclusivity agreement prohibits retailers who will be implementing it from using any other pay-with-your-phone tech, including Apple Pay.

This set off the kind of public relations shitstorm that makes me excited for blog posts like this one, from MCX — CurrentC’s parent company — CEO Dekkers Davidson. And now, akin to Weird Al, here’s an Anglicized version of this PR disaster, vaguely in the style of John Gruber.

Does MCX Require its Merchants to Only Offer CurrentC?

MCX merchants make their own decisions about what solutions they want to bring to their customers; the choice is theirs. When merchants choose to work with MCX, they choose to do so exclusively and we’re proud of the long list of merchants who have partnered with us.


Importantly, if a merchant decides to stop working with MCX, there are no fines.

We do not consider a lack of refunds of deposits or penalty fees to be “fines”.

Back when the MCX merchants first got together, it was in response to a market that lacked a viable mobile wallet that would benefit both consumers and retailers. Today, we believe that need still exists, and our working group is getting ready to reveal a solution that is different from other mobile payment options in many important ways.

We live in a state of perpetual denial about what features are most important to consumers, and are desperately trying to convince ourselves that QR codes really took off. That’s what makes us different: we use QR codes. None of your near-field bullshit.

What Are the Facts Around Consumer Privacy?

Our Lawyers Made Us Phrase This Section Title in an Evasive and Weird Way.

Consumers’ privacy and data security are our top priorities. CurrentC will empower consumers and merchants to make informed decisions regarding how information can be shared through our privacy dashboard.

Much like Facebook, you’ll be able to see, at a glance, just how much data we collect about you. You will have very little say, however, in how that data will be used.

By the way, we noticed you recently purchased a 24-pack of Charmin and a box of Wheaties, so we hope you enjoy 10% off Glade-brand products with this coupon.

What Are the Facts About Data Security?

On the data security side, the technology choices we’ve made take consumers’ security into account at every aspect of their core functionality. We want to assure you, MCX does not store sensitive customer information in the app. Users’ payment information is instead stored in our secure cloud-hosted network. Removing this sensitive information from the mobile device significantly lowers the risk of it being inappropriately disclosed in a case that the mobile device is hacked, stolen or otherwise compromised.

Please ignore today’s unfortunately coincidental news.

The cloud is impenetrable! Clouds are like fortresses, or adamantium, or fortresses made of adamantium.

Please ignore today’s unfortunately coincidental news.

In the event that our “cloud-hosted network” is breached, please take solace in knowing that it wouldn’t be just your banking information that would be compromised, but everybody’s. Everyone’s a winner.

Please ignore today’s unfortunately coincidental news.

We look forward to continuing to work hard to develop our app. There will be more to come in the weeks and months ahead and we can’t wait for the time when we can show you more about CurrentC and its benefits. Until then, we’ll stay hard at work.

We’ll keep trying desperately to pretend that Apple Pay doesn’t exist.

PCalc’s “Featured” Calculator Widget Isn’t Allowed in the App Store Any Longer

This is a profoundly stupid decision by Apple. James Thomson, PCalc’s developer, was apparently told that “Notification Center widgets on iOS cannot perform any calculations, and the current PCalc widget must be removed.” That, despite Apple’s own app review guidelines and extension programming guide (PDF) making no mention of this restriction. The App Store editorial team must not be aware of this rule, because PCalc is currently featured as an example of iOS 8′s extensible Notification Centre feature — this is what inspired my use of the word “profound” above.

It’s not the rules themselves that are necessarily a burden on app developers. It’s Apple’s store, so they get to set the rules. But it’s seemingly-arbitrary stuff like this that makes developers lose sleep at night. Thomson clearly spent a great deal of time and care building this extension, and now that’s gone to waste with unfortunately characteristic indifference from Apple. And it’s not like PCalc was rejected outright — Apple allowed it in the store for the past month and a half before pulling it for violating a rule that doesn’t even exist.

It can’t be that Apple doesn’t want interaction in widgets — Strava’s widget allows you to start and stop a session. It can’t even be that calculations aren’t allowed, unless it only pertains to iOS for inexplicable reasons, as Yosemite includes a calculator in its default Today widget bundle. If it’s either of these things, Apple ought to better explain their expectations before developers waste hours doing stuff that’s allowed, only to be summarily rejected for new and unwritten rules.

October 28, 2014

Profit Margin of Error

Arik Hesseldahl, of Recode:

The latest report from the research firm IHS, due later today and shared exclusively with Re/code, shows that the base model of the iPad Air 2, the 16 gigabyte Wi-Fi version, which sells for $499, costs $275 to build, exactly one dollar higher than the previous base model. The top-end model, the 128GB LTE version, which sells for $829, costs $358.

Why is this being reported as though it were factual? These reports do not factor in research and development, nor do they account for software. Anyone worth their analysis salt knows that these reports are, at best, a rough estimate.

October 25, 2014

CurrentC, Not PrivaC

John Gruber:

And the reason they don’t want to allow Apple Pay is because Apple Pay doesn’t give them any personal information about the customer. It’s not about security — Apple Pay is far more secure than any credit/debit card system in the U.S. It’s not about money — Apple’s tiny slice of the transaction comes from the banks, not the merchants. It’s about data.

They’re doing this so they can pursue a system that is less secure (third-party apps don’t have access to the secure element where Apple Pay stores your credit card data, for one thing), less convenient (QR codes?), and not private.

Bingo. Josh Constine, over at TechCrunch:

CurrentC notes it may share info with your device maker, app store, or developer tool makers. Oddly, it will collect health data. Precise location information is used to verify you’re at the retailer where you’re making a transaction, and if you opt in it can be used for marketing or advertising. CurrentC notes that you can opt in to be able to capture and store photos in the app for a hypothetical visual shopping list or other features down the road.

After his investigation of the app, Aude told me “CurrentC borders on the creepy line” due to it pulling health info. He also that found that its Terms Of Service leaves high liability for fraud to the user if someone else is able to get access to a user’s phone and make CurrentC payments.

Let me get this straight: a group of retailers — including Michaels, Lowe’s, and Target, all of which have had significant security breaches in the past year — are trying to launch a payment system based on QR codes and a steady hand, and want to access significantly more data so your purchase history can be sold to advertisers. Good luck with that.

October 24, 2014

Samsung Knox Stores PINs in Plain Text


Samsung phones, like the Samsung Galaxy S4, are shipped with a preinstalled version of Samsung Knox. Samsung advertises Knox with the following:

“KNOX Workspace container improves the user experience, providing security for enterprise data by creating a secure zone in the employee’s device for corporate applications, and encrypting enterprise data both at rest and in motion. KNOX Workspace container provides users with an isolated and secure environment within the mobile device, complete with its own home screen, launcher, applications and widgets for easier, more intuitive and safe operation. Applications and data inside the container are separated.”

Searching around the internet to find specific information about Samsung Knox were not satisfying, as Samsung Knox is not open source. This was the reason to investigate Samsung Knox a little bit and lead to this analysis. Also today I read an article that the US government certified the use of Samsung Knox for their work and this was the reason to publish my analysis.

This sounds like something that’s definitely FBI approved.

Update: Link added. Whoops.

October 23, 2014

The Race to Archive TwitPic

Pierre Chauvin, for the Globe and Mail:

Right now, a collective of Internet archivists and programmers is trying to do the impossible: save more than 800 million pictures uploaded to the Twitter photo-sharing service Twitpic before they disappear down the memory hole after the company’s scheduled shutdown on October 25.

For this group of digital librarians, saving a bunch of stranger’s pictures is about keeping alive a key piece of our digital culture.

TwitPic was huge for the first years of Twitter’s life, until the official image hosting service was launched. Its shutting down has been a botched affair; it deserves better. Another valuable contribution to history from the Archive Team.

October 22, 2014

Yosemite, Spotlight, and Privacy

Concerns about the amount of information transmitted to Apple in standard usage of Yosemite first surfaced a few days ago. To be fair, it looks like a lot of stuff that Apple is collecting: an analytics ID, kinds of email addresses, Spotlight searches, and so forth. Sounds pretty scary. But Russell Brandom of the Verge and Michael Tsai have both done a great job of reducing the amount of FUD in these claims. Brandom:

But on closer inspection, many of the claims are less damning than they seem. There’s already a public privacy policy for the new feature, as well as a more technical look at the protections in the most recent iOS security report. That document breaks down five different kinds of information transmitted in a search: the approximate location, the device type, the client app (either Spotlight or Safari), the device’s language settings and the previous three apps called up by the user. More importantly, all that information is grouped under an ephemeral session ID which automatically resets every 15 minutes, making it extremely difficult to trace a string of searches back to a specific user. That also makes the data significantly less useful to marketers, since it can’t track behavior over any meaningful length of time. And most importantly, the data is transmitted over an HTTPS connection, so it can’t be intercepted in transit.

And Tsai:

Cook frames it as Apple not needing your information because it isn’t monetizing it, but there are definitely cases where having more information would help Apple improve the user experience—at the expense of privacy. It is not always possible to maximize both.

Also of note: the fact that this Washington Post article even got published. If it were nearly any other company, an article like that probably wouldn’t be warranted. That’s not because the Post wants to target Apple or anything, but because Facebook, Google, and others collect this kind of information routinely. Apple is one of the few Silicon Valley companies to care to such an extent about user privacy. Any breach of that is considered noteworthy. By contrast, the expectation of most other tech companies is that they will take as much analytics and user data as they can get away with.

Gruber’s New iPads Review

Perhaps I was a little unfair in calling the iPad Air 2 an iterative update. Gruber’s review is convincing me otherwise. The combination of big upgrades, like to the SoC and display, and little enhancements, like the thickness and Apple SIM, are much greater than the sum of their parts:

I think the sort of person who prefers the Mini form factor is less likely to be using their iPad in the ways that the iPad Air 2 is improved. (Anecdotally, most iPad photographers I see in the real world are using 9.7-inch iPads, not the Mini.) And the sort of iPad users who are pushing the performance limits of the platform are the sort of people who’ve preferred the 9.7-inch models all along. In short, I think the Mini really is more of a pure consumption device, and the Air is more of an alternative to a MacBook.

That’s a big claim, but there’s probably enough in the Air 2 to warrant it. It’s a pretty impressive update on the hardware, all things considered.

But, despite the great hardware, the iPad lineup is aching for software improvements. Last year’s iPads can do everything that this year’s iPads can, with the exception of Touch ID and Apple Pay. Yes, the Air 2 has a better user experience — it’s faster and much nicer to hold. It’s certainly a much better product than the iPad 3 or 4, which is a more appropriate comparison for most people who will upgrade. But I can’t help but wish for far greater capabilities to go with the far greater hardware.

October 21, 2014

5.5 Million Macs

Speaking of Apple’s quarterly results, how about those Mac sales figures? The iPad may be weak right now, but never have so many Macs been sold in a single quarter.

This is fascinating, especially when you consider that Macs — particularly the MacBook lines, which have traditionally been the strongest sellers — haven’t really been updated this year. Both received only relatively minor spec bumps and pricing adjustments. The back to school promotion was also the same this year as it was in previous years. I can’t think of a specific impetus for such a surge; the surge simply exists. As I said: fascinating.