Pixel Envy

Written by Nick Heer.

Facebook Suspends Crimson Hexagon’s Access to User Data

Hannah Kuchler, Financial Times (this article may be behind a paywall):

Facebook has suspended Crimson Hexagon, as it investigates if the analytics firm violated any of the social network’s policies, including whether it harvested user data to build surveillance tools.

The social network said it does not yet have any evidence that the Boston-based company obtained Facebook or Instagram data improperly. Crimson Hexagon could not be reached for comment.

[…]

Crimson Hexagon describes itself as an artificial intelligence-powered consumer insights company for brand managers, marketers and executives. The company says it has the world’s largest library of public social data, including over one trillion posts.

Even though these are entirely public posts, it’s disconcerting to think that our offhand remarks and pictures of meals are seen as widgets to be collected by a creepy company to be resold as fodder for advertisers and marketers. Facebook users are already granting permission for Facebook to mine their online life in service of advertisers, of course, but this is a third-party company with whom data is not explicitly being shared for this purpose. I completely understand that public is public, and this information can be used this way legally and ethically. It’s still gross to think that the entire web is seen by companies like these solely as material to target ads.

DuckDuckGoogle

DuckDuckGo aired several anti-competitive grievances they had with Google in the wake of the latter’s record-setting E.U. antitrust decision. Among them was this nugget:

Google also owns http://duck.com and points it directly at Google search, which consistently confuses DuckDuckGo users.

DuckDuckGo was founded in 2008. According to a Security Trails domain record search, duck.com was transferred from Level 3 Communications/On2 Technologies to Google in November 2010, about a year after On2 was acquired by Google. I’m having a hard time understanding why Google would use this domain for this purpose for any reason other than to bully confused DuckDuckGo searchers, as it appears to have redirected to google.com ever since unlike, say, on2.com.

Update: Google is now showing an intermediate page that offers to redirect visitors to DuckDuckGo and provides some context about why they own the domain.

Allowing Customization of Default Apps on iOS

Dan Moren, Macworld:

For users, the benefits of choosing default apps is obvious. Right now if you tap a web link in most apps you get taken to Safari, regardless of whether you’d rather use Chrome or Firefox. The same for mail links: if you’d rather compose your messages in Outlook or Gmail, you have to jump through some hoops to make it happen.

Not everybody is going to switch to a third-party app if this happens. Most people probably are probably happy enough with the defaults. But for those folks who want a feature that Apple’s apps don’t currently have — like snoozing mail message alerts or sync between Chrome on iOS and your PC — the choice to use that app as the default should be available.

Since you can now remove Mail, in particular, from iOS, this seems like it should be a natural next step. If you tap on a mailto: link without Mail being installed any more, you get an error message telling you that no apps are installed that can handle that type of link. But that’s awkward, confusing, and only partially true — no apps are available because no other apps are allowed to register themselves as capable of handling mailto: links.

The amazing thing about iOS is that most system apps can easily be replaced without the need for setting a third-party app as the default. I never touch Apple’s weather app, and the only time I don’t use Fantastical to create appointments is when I tap on a data detector and Apple’s default sheet appears. But iOS would be a little better if Mail and Safari — and perhaps Maps and Camera, too — could be swapped out for third-party apps as the defaults for their data types.

Bringing Common UI Controls Nearer to the Bottom of the Screen

Theo Strauss (via Michael Tsai):

In most apps, it’s common to see a search bar up at the top of the screen. On social media platforms, such as Facebook, Instagram, LinkedIn, and even Snapchat, the search bar is at the top of almost every main screen. In transportation apps, that style is almost ubiquitous.

Why is this? Apple doesn’t suggest that a search bar sit towards the top of an app’s UI, nor does the HIG suggest that it should be persistent.

[…]

Lyft took a different approach with their search bar. Instead of a floating field up top, they added it to an overlay towards the bottom-mid section of the screen. This simple change made it more accessible for almost 100% of users.

This is also one of the reasons why I prefer using Apple’s Maps app over Google’s, despite better data in the latter.

Contra Strauss’ point that the HIG doesn’t say that the search bar should be at the top of the app, Apple does indicate that, by default, it’s often part of the navigation bar at the top, and so designers may feel that it’s more consistent across the system to place it there. But, as Lyft and Apple Maps demonstrate, it’s completely possible to place it wherever it ought to be.

I think there’s a deeper argument here for a more comprehensive adjustment to the way iOS, in particular, is designed. The layout of a typical app hasn’t really changed much since the first iPhone — from top to bottom: status bar, then navigation bar, then the main view, then a tab bar at the bottom. While that worked great on a 3.5-inch screen with an iPhone that easily fit in your hand, I don’t think that’s the case with today’s iPhones — and, if the rumour mill is correct, the smallest of this year’s models will be the size of the iPhone X.

Third-party app designers and Apple, alike, seem to understand this in the examples above, but too many of the default apps that set the standard are still designed for smaller displays. Worse still is a gesture like the one to invoke Control Centre on the iPhone X, which — in my right-handed use — requires shuffling the phone slightly downwards with my palm and fingers to allow my thumb to extend enough into the top-right corner of the display.

That Control Centre gesture feels like it’s from the past; Lyft and Maps feel like they’re bang up to date.

Apple Confirms 2018 MacBook Pro Keyboard’s Silicone Membrane is Designed to Protect the Mechanism From Debris

Joe Rossignol, MacRumors:

In an internal document distributed to Apple Authorized Service Providers, obtained by MacRumors from multiple reliable sources, Apple has confirmed that the third-generation keyboard on 2018 MacBook Pro models is equipped with a “membrane” to “prevent debris from entering the butterfly mechanism.”

John Gruber also heard separately from his sources that durability was part of the reason for this redesign.

Sam Lionheart of iFixit tested the new keyboard against debris:

Okay, now to the nitty-gritty testing. We pumped this keyboard full of particulates to test our ingress-proofing theory. We started with a fine, powdered paint additive to add a bit of color and enable finer tracking (thanks for the tip, Dan!). Lo and behold, the dust is safely sequestered at the edges of the membrane, leaving the mechanism fairly sheltered. The holes in the membrane allow the keycap clips to pass through, but are covered by the cap itself, blocking dust ingress. The previous-gen butterfly keys are far less protected, and are almost immediately flooded with our glowing granules. On the 2018 keyboard, with the addition of more particulate and some aggressive typing, the dust eventually penetrates under the sheltered clips, and gets on top of the switch — so the ingress-proofing isn’t foolproof just yet.

It sounds like it’s better than its predecessor, but I’d be more interested to know how this new keyboard compares to a pre-butterfly design in durability and reliability.

TechCrunch’s Report on Control Over iCloud Data in China

Jon Russell, TechCrunch:

The operator’s Tianyi cloud storage business unit has taken the reins for iCloud China, according to a WeChat post from China Telecom. The company agreed to a deal with Guizhou-Cloud Big Data (GCBD), the original partner that Apple signed on with when it first migrated the data earlier this year.

Apple’s transition of the data from its own U.S.-based servers to local servers on Chinese soil has raised significant concern among observers who worry that the change will grant the Chinese government easier access to sensitive information. Before a switch announced in January, all encryption keys for Chinese users were stored in the U.S., which meant authorities needed to go through the U.S. legal system to request access to information. Now the situation is based on Chinese courts and a gatekeeper that’s owned by the government.

Apple itself has said it was compelled to make the move in order to comply with Chinese authorities, and that hardly eases the mind.

GCBD is a provincially-owned company; Chinese iCloud users have, since earlier this year, had effectively a contract between themselves, Apple, and the Guizhou provincial government. Now, the federal government is taking over. See update below. Because there’s no due process or legal recourse in China that’s comparable to that of most other countries, it seems that the only way for Apple to protest this would be to turn off any of their user data services in the country.

Russell:

It’s ironic that the U.S. government has pursued Chinese telecom equipment maker ZTE on account of national security and suspected links to Chinese authorities, and yet one of America’s largest corporates is entrusting user data to a state-owned company in China.

Without debating the meaning of irony itself, I don’t think these situations are comparable. Without minimizing how bad this is for Chinese iCloud users, it is solely their data that is affected by this deal, not users from any other country. That is not to say that their data is worth any less or ought to be protected to a reduced degree, should it be legally permitted. The entirely different worry about ZTE’s devices and equipment is that they could perhaps pilfer data from users outside China and give it to the Chinese government.

Update: Russell’s post is based on a misunderstanding. Ben Lovejoy, 9to5Mac:

However, we understand this to be essentially nothing new. Apple has always stored encrypted blocks of data on third-party servers like Amazon Web Services, and in China Tianyi Cloud has long been one of these.

I have updated the headline to this piece to reflect this. My apologies for the mix-up. My criticism of the statement comparing iCloud in China to ZTE still stands, however.

Venmo Transactions Are Public By Default

Olivia Solon, the Guardian:

Anyone can track a Venmo user’s purchase history and glean a detailed profile – including their drug deals, eating habits and arguments – because the payment app lacks default privacy protections.

[…]

By accessing the data through a public application programming interface, Do Thi Duc was able to see the names of every user who hadn’t changed their settings to private, along with the dates of every transaction and the message sent with the payment. This allowed her to explore the lives of unsuspecting Venmo users and learn “an alarming amount about them”.

The default state for transactions when a user signs up to the app is “public”, which means they can be seen by anyone on the internet. Users can change this to “private” by navigating to the app’s settings, but it’s not clearly highlighted during sign-up.

Hang Do Thi Duc’s resulting work, Public By Default, is extraordinary. She has extrapolated fairly rich narratives from payment data alone. It’s worth checking out in full.

But let’s not waffle here: why was — and is — Venmo’s transaction data public? Sure, it doesn’t show the amounts, but who would have designed any payments system with a totally unauthenticated method to view anyone’s payment history? Isn’t that a base expectation of any finance-related system? Am I missing something here, or is this just unbelievably stupid of Venmo?

Triangulating and De-Anonymization

Olivia Solon, the Guardian:

Nameless New York taxi logs were compared with paparazzi shots at locations around the city to reveal that Bradley Cooper and Jessica Alba were bad tippers. In 2017 German researchers were able to identify people based on their “anonymous” web browsing patterns. This week University College London researchers showed how they could identify an individual Twitter user based on the metadata associated with their tweets, while the fitness tracking app Polar revealed the homes and in some cases names of soldiers and spies.

“It’s convenient to pretend it’s hard to re-identify people, but it’s easy. The kinds of things we did are the kinds of things that any first-year data science student could do,” said Vanessa Teague, one of the University of Melbourne researchers to reveal the flaws in the open health data.

[…]

“One of the failings of privacy law is it pushes too much responsibility on to the consumer in an environment where they are not well-equipped to understand the risks,” said [Anna Johnston, a director of consultancy Salinger Privacy]. “Much more legal responsibility should be pushed on to the custodians [of data, such as governments, researchers and companies].”

While we ought to try to inform ourselves about the privacy implications of the entirety of our online behaviour, I don’t think it’s possible for the vast majority of users to understand the depth of knowledge that advertising, analytics, and data brokerage companies have on each of us. We’ve often never heard of these companies, and we certainly haven’t explicitly consented to giving them any of our information.

It’s easy to say that users should be better educated, particularly for those with a vested interest in users’ ignorance. It absolves data collectors of the responsibility to get explicit permission, which users almost certainly won’t give. The incentives for data collectors are aligned with implied consent wherever possible, and then vague explanations beyond that point. Data collectors have insisted for decades that they can be trusted to self-regulate, but their behaviour in that time has repeatedly shown that they cannot — largely, it seems, because regulations are diametrically opposite to growth incentives.

Apple’s App Store Continues to Generate More Revenue for Developers Than Google Play

Sarah Perez, TechCrunch:

Apple’s App Store continues to outpace Google Play on revenue. In the first half of the year, the App Store generated nearly double the revenue of Google Play on half the downloads, according to a new report from Sensor Tower out today. In terms of dollars and cents, that’s $22.6 billion in worldwide gross app revenue on the App Store versus $11.8 billion for Google Play – or, 1.9 times more spent on the App Store compared with what was spent on Google Play.

[…]

The growth in spending can be partly attributed to subscription apps like Netflix, Tencent Video, and even Tinder, as has been previously reported.

[…]

Consumer spending on games grew 19.1 percent in the first half of 2018 to $26.6 billion across both stores, representing roughly 78 percent of the total spent ($16.3 billion on the App Store and $10.3 billion on Google Play). Honor of Kings from Tencent, Monster Strike from Mixi, and Fate/Grand Order from Sony Aniplex were the top grossing games across both stores.

This is a remarkable trend, especially when you consider that Sensor Tower has estimated that around 15 billion app downloads came from Apple’s App Store, compared to 36 billion from Google Play. On average, App Store downloads are worth about four-and-a-half times as much as Google Play downloads. That’s astounding.

Instapaper Has a New Owner, Same As the Last Owner, Kind Of

The Instapaper team:

Today, we’re announcing that Pinterest has entered into an agreement to transfer ownership of Instapaper to Instant Paper, Inc., a new company owned and operated by the same people who’ve been working on Instapaper since it was sold to betaworks by Marco Arment in 2013. The ownership transfer will occur after a 21 day waiting period designed to give our users fair notice about the change of control with respect to their personal information.

We want to emphasize that not much is changing for the Instapaper product outside the new ownership. The product will continue to be built and maintained by the same people who’ve been working on Instapaper for the past five years. We plan to continue offering a robust service that focuses on readers and the reading experience for the foreseeable future.

Alex Heath:

Some clarification from a Pinterest spokesperson: The two employees Pinterest brought on from the Instapaper acquisition will continue working at Pinterest and run Instapaper independently on the side. So sounds like Instapaper wasn’t really working out inside of Pinterest.

I don’t think it’s a great sign when a product is transferred from an official offering to something akin to a hobby.

iFixit Found a New Silicone Membrane in the Mid-2018 Macbook Pro’s Keyboard

Sam Lionheart of iFixit:

Here’s an inflammatory take for you: Apple’s new quieter keyboard is actually a silent scheme to fix their keyboard reliability issues. We’re in the middle of tearing down the newest MacBook Pro, but we’re too excited to hold this particular bit of news back:

Apple has cocooned their butterfly switches in a thin, silicone barrier.

This is a promising discovery.

The biggest lingering question for me is whether this keyboard is being swapped into repaired 2016 and 2017 MacBook Pros. If you get your MacBook Pro keyboard repaired over the next couple of months and notice any changes, let me know.

Update: Joe Rossingol, MacRumors:

When asked if Apple Stores and Apple Authorized Service Providers will be permitted to replace second-generation keyboards on 2016 and 2017 MacBook Pro models with the new third-generation keyboards, if necessary, Apple said, no, the third-generation keyboards are exclusive to the 2018 MacBook Pro.

I hope there’s a purely technical reason for this decision.

Apple Discontinues Photo Printing Service

In the giveth corner today are the new MacBook Pro models; in the taketh away corner is this news from Benjamin Mayo at 9to5Mac:

Apple is discontinuing its Photo Print Products service, which has been integrated into iPhoto since its launch in 2002. The service expanded from simple prints, to albums, photo books, and calendars. It stayed around on the Mac when iPhoto was replaced with the Photos app a couple of years ago, but the service never made the leap to iOS.

Later this year, Apple will stop offering the service altogether. A new message in macOS 10.13.6 Photos app says that final orders for Apple’s built-in service must be placed by September 30, 2018.

Via Michael Tsai, who linked to the Wirecutter’s roundup of the best photo book printing services:

If you have a Mac, don’t bother with Shutterfly. Apple’s own Photo Books service makes a better photo book with brighter images and more handsome layouts. If you’ve ever used the Photos app before, you’ll find the software familiar and easy to use — Apple also offers a detailed tutorial if you need help. Plus, unlike any of the other services, the colors will print on the page how they looked on your screen, including the cover. A master printer and Wirecutter’s photo and design editors all fawned over the Apple photo book for its spot-on colors, gorgeous layouts, and small design elements, such as page numbers, panoramic spreads, and a dust jacket that matches the cover.

Damn; this sucks.

For the past several years, I’ve created a book of photos for my parents to show them where I’ve travelled and what I’ve been up to. The books I’ve received have always been perfect and of the highest quality. I’ve ordered from other services in the past, and I’ve never found anything that was quite as good as Apple’s.

Updated MacBook Pros With Performance Improvements, True Tone Displays, and ‘Hey, Siri’ Support

Apple PR:

Apple today updated MacBook Pro with faster performance and new pro features, making it the most advanced Mac notebook ever. The new MacBook Pro models with Touch Bar feature 8th-generation Intel Core processors, with 6-core on the 15-inch model for up to 70 percent faster performance and quad-core on the 13-inch model for up to two times faster performance — ideal for manipulating large data sets, performing complex simulations, creating multi-track audio projects or doing advanced image processing or film editing.

Already the most popular notebook for developers around the world, the new MacBook Pro can compile code faster and run multiple virtual machines and test environments easier than before. Additional updates include support for up to 32GB of memory, a True Tone display and an improved third-generation keyboard for quieter typing. And with its powerful Radeon Pro graphics, large Force Touch trackpad, revolutionary Touch Bar and Touch ID, dynamic stereo speakers, quiet Apple-designed cooling system and Thunderbolt 3 for data transfer, charging and connecting up to two 5K displays or four external GPUs, it’s the ultimate pro notebook.

I like surprises and I like spec bumps, so this update is very much up my alley.

Dieter Bohn of the Verge was among a handful of journalists invited to a small demo event:

We got only minutes (and no more) to interact with the new hardware. So at best, I can tell you that the keyboard does seem quite a bit less clacky than current MacBooks, though key travel is the same.

[…]

When we asked Apple representatives at the event exactly how the keyboard was changed to make it quieter, they declined to specify.

I’m conflicted about this. There is evidence to suggest that Apple has been improving the durability of the keyboard in the MacBook Pro, and I would be surprised if that trend has not continued given the cost of repairs to them. Nothing has been mentioned to that regard, though; Apple’s statements about the keyboard have been fairly substance-free.

But would Apple mention reliability improvements if they had indeed made any? They’ve maintained that the reported problems with the keyboard are not widespread, and I’m sure Apple would rather not have press coverage around these updates be specifically about the keyboard, thereby refocusing the issue on its susceptibility to defeat by dust. But, also, given the coverage so far about the unreliability of the butterfly keyboards, wouldn’t they want users to know that they’ve heard the complaints and can trust the revised version?

Tenth Anniversary of MobileMe’s Launch

Overshadowed by the tenth anniversary of the App Store came another milestone this week: ten years since the launch of MobileMe. Stephen Hackett:

When MobileMe launched in 2008, Microsoft Exchange really was its most direct competitor, in terms of features. However, Google was steadily improving Gmail, Google Contacts and Google Calendar.

Starting in 2009 or so, it was possible to leave MobileMe behind with a handful of now-defunct applications. By 2010, syncing data from Google directly with iOS and OS X was trivially easy.

In October 2011, just over three years after announcing MobileMe, Apple replaced with a free service: iCloud.

When Steve Jobs introduced iCloud at WWDC 2011, he pointed out that MobileMe was “not [Apple’s] finest hour”, and he’s certainly right about that. I would argue that not seeing earlier that Google could usurp MobileMe’s position for many iPhone users was also a poor showing.

But, while imperfect — a free tier that hasn’t changed in seven years, for example — iCloud has proved that Apple can absolutely do a fantastic job in online services. I use nearly all of iCloud’s features, with the exception of iCloud Music Library, and it has been, for years, increasingly reliable, fast, and dependable.

The Power of Tech Giants

John Herrman, in an editorial for the New York Times:

The companies most vulnerable to easy questions tend to be the ones that can no longer be understood in terms of former competitors or current peers — because they don’t really have any. Google doesn’t have to worry about losing its users; it simply wants them to use Google more and to use more Google products. Vindicated by growth, these businesses take the liberty to redesign more of our online lives than any of us have asked for. As with Facebook, and to some extent now Amazon, there is no overarching pitch to its users beyond: Where else could you possibly go?

Are tech companies now too big to fail? It sure seems like it: Amazon and Google are now part of the infrastructure of the web; Facebook owns WhatsApp, which is an essential communications product for much of the world.

Univision Says It’s Exploring Sale of Former Gawker Sites and the Onion

Todd Spangler:

Univision Communications is officially looking to unload the Gizmodo Media Group — which mostly comprises the sites it acquired in the bankruptcy auction of Gawker Media — and its stake in comedy and entertainment publisher The Onion.

[…]

The GMG digital portfolio includes Gizmodo, Jezebel, Deadspin, Lifehacker, Splinter, The Root, Kotaku, Earther and Jalopnik and The Onion portfolio includes, The Onion, Clickhole, The A.V. Club and The Takeout.

Max Tani posted the email Univision CEO Vince Sadusky sent to all staff:

[Gizmodo Media Group] and The Onion are great assets. I read The Onion regularly in college and the many Gizmodo brands have become key sources for content to tens of millions of consumers.

Who writes like that? Also, a 53 year-old CEO referencing his long-past college years is not the first time that a Univision executive was kind of a dick about the Onion. Apparently, the company’s “head of digital” couldn’t remember a single article from the site that he liked.

Worth reading is this piece from May, by Kate Conger, David Uberti, and Laura Wagner, and published at the Univision-owned Special Projects Desk:

From routine human resources fuckups to vastly overselling the prospects of an IPO whose ultimate doom this March precipitated the company’s current cost-cutting spree, Univision has been deeply mismanaged and is in the midst of making huge cuts that have, among other things, already claimed vast swaths of Univision Noticias—the most vital newsgathering operation serving the Spanish-speaking community in the U.S.—and Fusion Media Group. Consultants from Boston Consulting Group, who have reportedly recommended budget cuts of up to 35 percent in some parts of the company, have been combing through the books for months, and more than 150 people have been laid off so far. Plenty more cuts are pending (Univision president of news Daniel Coronell reportedly described them as “catastrophic” to his newsroom), including at GMG, the staff of which fears the newsroom may be cut by up to a third by the end of June, perhaps as part of a broader pivot toward video and branded content. What is happening to the company is not ultimately a failure of editorial or even executive management, though: If Univision was a mammoth whose failure to adapt slowed it down, it was private equity investors, consumed by the thought of turning their riches into more riches, who brought it down and bled it dry.

Gizmodo, the Onion, the AV Club, Deadspin, the Root, Jezebel, Splinter — these publications are good, and the (semi-)indie media landscape would be worse if they did not exist. The predicament they face now is due in part to an excessively-aggressive settlement for publishing a Hulk Hogan sex tape, and now because of vulture capitalists of the type that also decimated Toys R Us.

Maintaining the Narrative

Andrew Orlowski, the Register:

One day Apple may look back on its great iPhone X adventure and view it as an embarrassing midlife crisis, like running off with the au pair.

The iPhone 8, based on a four-year-old design, was the best-selling phone in the world in May, according to Counterpoint Research. Samsung’s Galaxy S9 Plus took second place. The X still sold well, but in third place.

Counterpoint Research attributes the success of the iPhone 8 to new advertising, but it’s also worth noting that the 8 and 8 Plus got the Product Red treatment this spring. Even so, May marks the first month since its launch, the iPhone X was not the best-selling iPhone model in the lineup, and the Register is treating this as confirmation that the iPhone X is a mistaken experiment. Even in this two-paragraph excerpt, Orlowski transitions from calling the iPhone X an “embarrassing midlife crisis” to acknowledging that it sold well.

Orlowski, later in this article:

The X is far from a flop, but Cook acknowledged it wasn’t the runaway success Apple wanted. Apple faced many questions about inventory on its most recent earnings, claiming that the lower-than-hoped demand had resulted in component glut (mostly someone else’s problem) rather than an iPhone X glut (definitely Apple’s problem).

No, you don’t have a giant gap in your memory: I looked for any indication that Tim Cook had ever stated that the iPhone X didn’t sell as well as expected — which would be quite the story — and can’t find anything matching that. The link on “acknowledged” goes to another story Orlowski wrote summarizing an anaylist’s research note issued ahead of Apple’s Q2 2018 conference call, where Cook confirmed that the iPhone X’s sales were strong every week since it launched. That linked article does not contain a single mention of Tim Cook.

I know that the Register is just a tabloid, but it’s also widely-read, and this is a clear example where the story is being driven by the narrative that the iPhone X is a flop. Orlowski so desperately wants that to be true, apparently, but I don’t understand why. What difference does it make to him which iPhone model is selling better?

Smart TVs in Millions of U.S. Homes Track Everything Users Watch

Sapna Maheshwari, New York Times:

Still, David Kitchen, a software engineer in London, said he was startled to learn how Samba TV worked after encountering its opt-in screen during a software update on his Sony Bravia set.

The opt-in read: “Interact with your favorite shows. Get recommendations based on the content you love. Connect your devices for exclusive content and special offers. By cleverly recognizing onscreen content, Samba Interactive TV lets you engage with your TV in a whole new way.”

[…]

“The thing that really struck me was this seems like quite an enormous ask for what seems like a silly, trivial feature,” Mr. Kitchen said. “You appear to opt into a discovery-recommendation service, but what you’re really opting into is pervasive monitoring on your TV.”

[…]

Jeffrey Chester, executive director of the Center for Digital Democracy, said few people review the fine print in their zeal to set up new televisions. He said the notice should also describe Samba TV’s “device map,” which matches TV content to mobile gadgets, according to a document on its website, and can help the company track users “in their office, in line at the food truck and on the road as they travel.”

Do people truly want to be tracked for advertising purposes by nearly every device that they interact with? Survey after survey for years has indicated that they do not, yet we seem to have shrinking opportunities to object to it. Nearly every TV you’ll find at an electronics store today is a smart TV, and many of them have some form of this kind of tracking built in. The number of ways we’re being tracked on the web has exploded, and the number of companies that trade and collect that information in bulk keeps going up.

This is all buried in multi-thousand-word privacy policies that are not reasonable for the average user to read and interpret correctly. This is one reason I’m so supportive of GDPR — even though it doesn’t adequately regulate behavioural data collection, it does at least require full disclosure of privacy-intrusive practices to allow users more control the sharing of their data.

Technology companies are increasingly not operating in users’ best interests because users have few options besides disconnecting entirely.

Maheshwari, continued:

The Times is among the websites that allow advertisers to use data from Samba to track if people who see their ads visit their websites, but a Times spokeswoman, Eileen Murphy, said that the company did that “simply as a matter of convenience for our clients” and that it was not an endorsement of Samba TV’s technology.

As I wrote in April, website administrators have a responsibility to their users — and, in the Times’ case especially, their paying subscribers — to be careful with their website’s third-party data collection and sharing practices. Their agreement with Samba is an implicit endorsement that advertisers can target their users with data collected in an ethically-dubious manner.

‘Stylish’ Browser Extension Shares Browsing History With SimilarWeb

Robert Heaton:

Unfortunately, since January 2017, Stylish has been augmented with bonus spyware that records every single website that I and its 2 million other users visit. Stylish sends our complete browsing activity back to its servers, together with a unique identifier. This allows it’s new owner, SimilarWeb, to connect all of an individual’s actions into a single profile. And for users like me who have created a Stylish account on userstyles.org, this unique identifier can easily be linked to a login cookie. This means that not only does SimilarWeb own a copy of our complete browsing histories, they also own enough other data to theoretically tie these histories to email addresses and real-world identities.

I bet the vast majority of Stylish users have no idea that this simple browser extension would not be scraping their browsing history and selling it to a scummy marketing technology company. I bet that most of them would not have explicitly agreed to such an obvious privacy intrusion. This is deeply unethical.

Facebook’s Political Rule Blocks Ads for Bush’s Beans, Singers Named Clinton

Sarah Frier, Bloomberg:

The three ads have in common the use of the word “bush.” Facebook Inc.’s system automatically associated the word with the former presidents of that family name, flagging them as political and blocking them, pending verification of the advertiser’s identity. They now appear in Facebook’s searchable archive of political advertising – the company’s newly launched initiative to increase transparency around who is paying to promote certain political ideas. The archive is home to dozens of ads that don’t belong there, from various schools, towns, brands and people that happen to share names with presidents.

[…]

“Clinton” is one of the most popular names for cities in the U.S., not just the surname of the political family. In Clinton, Indiana, a vacation bible school was blocked from advertising a free lunch event for kids aged 3 to 12. “Come learn how COOL Jesus’s love is!” it said, including a picture of a flier featuring animated penguins. In Clinton, Iowa, an insurance company was blocked from advertising its annual family baseball night for customers and friends, featuring a backpack drive for needy children. And in Clinton, Tennessee, Facebook’s system took down an ad for performances of Twelfth Night and the Jungle Book, featuring actors from local high schools.

This is an indication to me that Facebook simply isn’t taking this problem seriously. Instead of employing more humans to verify automatically detected ads, they’ve apparently added a basic string matching filter. Consider, for a start, all of the public buildings in the United States named after former presidents and other officials. Text matching without context isn’t good enough to serve as a filter.

Re-Emphasizing the Decentralized Feed

Luc Lewitanski has a pretty good theory on why Google killed Reader five years ago Sunday:

@Google killed its Reader in 2013 because RSS as a format gives readers agency, doesn’t track browsing to sell ads, and lets the user chose what they want to read. As opposed to algorithmic personalisation which siloes [sic] us into increasingly homogenous demographics for advertisers

Aral Balkan:

Time was, you couldn’t browse the web without seeing RSS icons of all persuasions gracing the façades of Web 1.0’s finest. This was before they were mercilessly devoured by the tracking devices … ahem … “social sharing buttons” of people farmers like Google and Facebook.

[…]

[…] You can start making RSS more visible again today by finding the URL for your own RSS feed and exposing it visibly on your site.

It’s not complicated: just a link in the head of your page and a link in the body with an RSS icon and Bob’s your decentralised Uncle.

Badges, buttons, and links to RSS feeds used to be all over the web; now, they’re almost like a nerd calling card — it’s an indication that a website is cool with an audience reading new material on their terms. I’d like to think there’s a certain confidence in a website indicating to its readers that it doesn’t need a precise count of how many people visited the website, nor does it need all the tracking and surveillance nonsense that comes with that.

RSS and JSON Feed are both terrific formats for reading — not just on the web, but reading generally. They work with a lot of different client applications that can be set up to your liking, and you can subscribe to as many or as few websites as you like. You can be a completionist with your subscriptions, or you can let new posts flow by and only focus on a handful. You can even have a combination of the two, using something like Lire and its excellent Discover section — you can see that, even with an obnoxious amount of unread items overall, it’s possible to prioritize what to look at first. Best of all, you are in control of RSS and JSON Feeds, not a mysterious algorithm that you don’t fully understand.

Personal Data in 340 Million Records Leaked From Exactis Databases

Abrar Al-Heeti, CNet:

If you’re a US citizen, your personal information — your phone number, home address, email address, even how many children you have — may have just become easily available to hackers in an alleged massive data leak.

Florida-based marketing and data aggregation firm Exactis exposed a database containing nearly 340 million individual records on a publicly accessible server, Wired reported. Earlier this month, security researcher Vinny Troia found that nearly 2 terabytes of data was exposed, which seems to include personal information on hundreds of millions of US adults and millions of businesses, the report said.

“It seems like this is a database with pretty much every US citizen in it,” Troia told Wired.

It’s remarkable and deeply troubling how a private marketing company in Florida that most people haven’t heard of could conceivably have a database containing every American citizen. I doubt Exactis is the only company in possession of a database like this, too.

Some Third-Party Email Apps Let Employees Read User Emails

Juli Clover, MacRumors:

Return Path, a service for email marketers that has 163 app partners, two years ago allowed its employees to read approximately 8,000 full customer emails to train the company’s software.

Similarly, Edison Software, a company that makes the Edison Mail app for iOS, had employees read the emails of hundreds of users to craft a new “smart replies” feature.

According to The Wall Street Journal, neither company asked users for specific permission to read their emails, but have said the practice is covered in their user agreements. Employees who read the emails were governed by “strict protocols,” and in Edison’s case, user information was redacted.

I’m still uncertain why anyone would pass their email through any third party like these, nor why either of these companies would think that this is a good idea even if it’s theoretically covered by their privacy policy.

500px Nukes Over One Million Creative Commons Photos

Michael Zhang, PetaPixel:

500px just shut down its Marketplace stock photo platform in favor of selling photos directly through Getty Images and VCG, as the company announced a month ago. And as part of the major change, 500px has wiped out over 1 million of the Creative Commons photos photographers had uploaded to the service.

Creative Commons licensing allows photographers to make their works freely available for others to build upon and share while following certain guidelines. 500px introduced the licensing option back in 2012, following in Flickr’s footsteps.

But overnight, all of the CC photos that have been uploaded since 2012 have been nuked from 500px. Users can no longer choose a CC license during uploading, search for CC photos, or download them.

And prior to the wipeout, 500px provided no migration path for 500px users wishing to keep their CC photos on the service alive.

This sucks for anyone who wants to share their photography while maintaining control over its use or licensing it to third parties.

Flickr, meanwhile, has been shuttled around from owner to owner before landing with SmugMug earlier this year. Aside from Instagram, there really aren’t any successful photo-centric sharing websites or services — at least, not in North America. Why is that? Is it simply because Instagram consumes the entire market in much the same way that YouTube is the video sharing platform?

Apple Is Rebuilding Maps From the Ground Up

Matthew Panzarino, TechCrunch:

Maps needs fixing.

Apple, it turns out, is aware of this, so it’s re-building the maps part of Maps.

It’s doing this by using first-party data gathered by iPhones with a privacy-first methodology and its own fleet of cars packed with sensors and cameras. The new product will launch in San Francisco and the Bay Area with the next iOS 12 beta and will cover Northern California by fall.

Every version of iOS will get the updated maps eventually, and they will be more responsive to changes in roadways and construction, more visually rich depending on the specific context they’re viewed in and feature more detailed ground cover, foliage, pools, pedestrian pathways and more.

This is nothing less than a full re-set of Maps and it’s been four years in the making, which is when Apple began to develop its new data-gathering systems. Eventually, Apple will no longer rely on third-party data to provide the basis for its maps, which has been one of its major pitfalls from the beginning.

This is huge news. As Panzarino points out, only one other company owns a data set like this, and that’s Google. Mark Gurman first reported on this project for 9to5Mac in 2015.

It’s also a gigantic undertaking — obviously. It combines truly anonymized and minimized data gathered from iPhones — which can be turned off — with data gathered from those Apple Maps vehicles that have been driving around nearly a dozen countries over the past few years. Those vehicles are gathering more than just images and information about the roads; they’re also helping model cities in 3D.

It really does seem like Apple is committed to radically improving the most painful parts of their mapping data. They trusted that the information they were getting from third-party sources was accurate; but, in my experience, the majority of errors I’ve reported have been for places that were permanently shut long before Apple Maps launched. There simply wasn’t a mechanism in place at launch to verify that this third-party information was correct. Five years ago, they started hiring people as their “ground truth” team, but that doesn’t seem to have had the effect they wanted. So, they’re starting from scratch with the source data and, as Panzarino reports, have made it easier for their staff to keep everything up to date. Whether they actually can do so, at worldwide scale, is another matter; I have my doubts.

Apple says that they will be rolling this out across the United States next year, after launching initially in the Bay Area, of course. They’ve been driving extensively throughout the U.K. for about the same amount of time as in the U.S., so I would imagine that its revised cartography won’t be far behind.

Apple hasn’t even begun to drive Canada yet, though — not even Toronto. However, I’ve been watching their vehicle schedule page for a while and there are some smaller communities in the U.S. that they seem to have driven through over and over. My guess is that they’ve been perfecting the vehicle rig, and will rapidly scale their use of those rigs worldwide. The biggest question now is: when can we expect Maps to be entirely powered by Apple’s own data? It has already been six years since Apple launched their own Maps app with iOS 6, and it seems like there’s still a long way to go before they are no longer dependent on third parties like Tom Tom and Yelp.

Apple Is Building a Media Platform Like Never Before

Ryan Christoffel, MacStories:

[…] Once not long ago, Apple’s primary media platform was iTunes. Now, hundreds of millions of users consume media every day through Apple’s suite of spiritual successors to iTunes:

  • Apple Music

  • Apple TV (the app)

  • Apple Podcasts

  • Apple Books

  • Apple News

  • And the App Store

Apple has one unified goal, I believe, driving all its media efforts: it aspires to utilize hardware, software, and services to provide the entirety of a user’s media experience. If you consume media, Apple wants to provide the full stack of that consumption, from media delivery to media discovery. My aim in this story is to share an overview of how that goal is being fulfilled today.

This is big — the kind of thing that, in hindsight, was indicated when they dropped “Computer” from the “Apple Computer, Inc.” name.

Apple Rumoured to Be Considering a Combined Media Subscription

Anna Washenko, Radio and Internet News:

Apple may be planning a new type of multimedia content subscription. The Information (paywall) reports that Apple is considering a single package that would combine Apple Music with the company’s original TV and video projects and its overhauled news app. Each of the services would still be available individually, but a single access point would position Apple as a single-stop purveyor of entertainment.

Several of the other leading tech companies have pursued similar paths. Amazon Prime combines several perks for repeat customers of the ecommerce giant and Google’s YouTube Premium is making another effort to blend subscription music and video on the platform. The potential for Apple to incorporate its recent acquisition of Texture, frequently billed as “the Netflix of magazines,” is a new wrinkle for this type of joint package.

This makes complete sense to me: let people subscribe to individual services that they’re most interested in, but incentivize them to get everything. But will the Apple TV subscription be closer to a true Netflix competitor? I hope so.

The Butterfly Keyboard and Expensive Repairs

Kyle Wiens of iFixIt:

Which brings us back to the point. Why did it take so long, and so many complaints, for the repair program to be put in place? Why do you need to send your MacBook Pro away for upwards of a week for a repair? That’s easy: because Apple made their product hard for them to repair, too. Apple’s new warranty program is going to cost them a lot of money.

Apple’s profit on every machine that they warranty under this new program has been decimated. There is a real business impact caused by unrepairable product design. Samsung recently had a similar experience with the Note7. Yes, the battery problem was a manufacturing defect. But if the battery had been easy to replace, they could have recalled just the batteries instead of the entire phone. It was a $5 billion design mistake.

But this isn’t just about warranty cost—there is a loud outcry for reliable, long-lasting, upgradeable machines. Just look at the market demand for the six-year-old 2012 MacBook Pro — the last fully upgradeable notebook Apple made. I use one myself, and I love it.

Notebooks have long been less modular than desktops. When the Nvidia GPU failed in my mid-2007 MacBook Pro about ten years ago, Apple had to replace the entire logic board. Since then, their notebooks have become increasingly sealed — first, by placing the battery behind the screwed-on bottom plate, then soldering the RAM to the board, and finally by making the SSD also part of the board.

A couple of friends were mentioning in a small Slack room that they had some warranty-covered service done recently — one with a MacBook Pro, and one with a MacBook Air. In both cases, Apple replaced nearly all of the parts of the computer without doing a whole-machine swap.

Stories like these, and especially this new keyboard replacement program, make me wonder if this trend is being reconsidered. Of course, there haven’t been widespread complaints similar to the MacBook Pro’s keyboard about the SSD or RAM failing, or about the battery not being removable. Perhaps these failures are a relatively small, somewhat expensive step back after years of moving forward. If anything about the design of Apple’s portables is being reconsidered, though, I hope that it isn’t just the financials that would be the primary factor; likewise, if no such discussions are happening.

Jack Dorsey Met With American Conservative Leaders and Media Personalities to Hear Their Complaints About Alleged Bias

Tony Romm, Washington Post:

In response, the Twitter executive heard an earful from conservatives gathered at the table, who scoffed at the fact that Dorsey runs a platform that’s supposed to be neutral even though he’s tweeted about issues like immigration, gay rights and national politics. They also told Dorsey that the tech industry’s efforts to improve diversity — after years of criticism for maintaining a largely white, male workforce — should focus on hiring engineers with more diverse political viewpoints as well, according to those who dined with him in D.C.

Hadas Gold:

What I find fascinating about the several meet-ups social media has had w/ conservatives, is the feeling that there’s an inherent need for these platforms to be unbiased and run by unbiased folks… as though they’re a public utility

Ashley Feinberg:

Meanwhile I’ve talked to like a dozen people over the past week who have tried to get tweets with their addresses and phone numbers removed as Twitter keeps telling them it’s not a violation […]

Are the CEOs of Twitter and Facebook not supposed to have their own viewpoint? That’s a bizarre notion.

Let’s look at this from a free market perspective. If Twitter truly were censoring conservatives — they’re not, but let’s pretend that there’s a movement at Twitter targeting conservative voices for a moment — this should just sort itself out, right? Dorsey has heard the complaints of Grover Norquist, Sean Hannity, and Ted Cruz, and will likely make no changes: the company has been growing steadily for a couple of years, so this (completely fictional) conservative censorship project seems to be paying off. Conservatives could continue to suffer on Twitter, or they could build a competitor that is either conservative-focused or truly neutral. Maybe that competitor will be a rousing success amongst conservatives, or the public at large; maybe it won’t. Either way, that’s the free market making the decision, right?

In the real world, though, Dorsey and other Twitter executives have repeatedly insisted that they are not banning or silencing users for expressing conservative viewpoints. They have been trying to combat harassment and that has resulted in the moderation of users of different political orientations — including those who tweeted a news story purportedly containing Stephen Miller’s cellphone number.

This is an entirely silly, bad faith line of argument. If Dorsey needs to meet with American conservatives and take seriously their complaints about being the victims of silencing — the Republican President has used Twitter to threaten a congressperson, while conservatives also control Congress and, soon, the Supreme Court — then that’s his game to play. But it isn’t worth pretending it isn’t horseshit.

Update: Max Read, New York:

That either Dorsey or Zuckerberg might be taking these complaints seriously is troubling. What’s galling is not the staleness of the charges — reporters are too liberal to neutrally cover politics! Editors suppress conservative stories! Newspaper coverage is biased against conservatives! — but the context in which they arrive. The conservative movement has found itself with complete control of the federal government and in power in a majority of states across the country — and it’s taken that power thanks in a large part to social media like Twitter and Facebook.

iTunes Remote Updated

Benjamin Mayo:

Looking slighter wider, what is the point of this app existing? Remote controlling your Mac’s iTunes app makes little sense in an era of AirPlay 2 and HomePod speakers. Also, Apple now has three separate places to find ‘media remotes’. There’s the iTunes Remote app, Apple TV Remote app, and the Apple TV Remote platter in Control Centre. Each of these tread on each other’s toes in different ways, but there’s not one app for everything either. It is messy. Before today, I was assuming iTunes Remote had run its course and was heading towards extinction. With this update, I just don’t know what the roadmap is here. Apple isn’t normally prone to carrying around legacy baggage.

I completely agree that having two different remote apps — plus a Control Centre widget — is confusing, but I hope that being able to control iTunes playback from an iPhone doesn’t disappear. Because my music library and bookshelf speakers are still connected to my Mac, I use the iTunes Remote app all the time. It’s nice to see this app updated.

Apple News Says Its Midterm Elections Section Is More Trustworthy Because It’s Run by Humans

Mathew Ingram, Columbia Journalism Review:

Apple launched a special section of its News app on Monday dedicated to the upcoming midterm elections, a section it said will be filled with stories and features curated by Apple News editors from “trusted publishers.” And while the name Facebook didn’t appear anywhere in the company’s press release, the description of the new section seemed like one long subtweet of the social network.

While Facebook continues to try to overcome a reputation for misinformation—especially the kind distributed by Russian trolls—and fights with publishers about lumping their news stories in with political advertising, Apple makes a point of noting that its stories are curated by human beings, and that it has solid relationships with leading news publishers. […]

The skeptical and cynical counterpoint that I’ve seen repeated on Twitter today is that humans are fallible and have their own biases. No shit. But I don’t think Apple’s promotion of this is entirely marketing bluster. There’s a reason human editors still work in newsrooms and decide what’s most worthy to appear on the front page, no matter whether that’s the homepage of their website or A1 — what is most popular can be important, but it’s their job to decide what is most newsworthy, and that’s often not the same thing.

Maybe Apple’s human editors will accidentally place something of little value in the midterm section; they may even promote a story that is later revealed to have critical mistakes. But they are less likely to surface something simply because of its virality without accounting for its news value.

MacOS Mojave Preview

Jason Snell:

With macOS Mojave, available today to the general public as a part of a public beta, the story is different. macOS Mojave feels like a macOS update that’s truly about the Mac, extending features that are at the core of the Mac’s identity. At the same time, macOS Mojave represents the end of a long era (of stability or, less charitably, stagnation) and the beginning of a period that could completely redefine what it means to use a Mac.

Is macOS Mojave the latest chapter of an ongoing story, the beginning of a new one, or the end of an old one? It feels very much like the answer is yes and yes and yes.

Given the somewhat frustrating Mac hardware situation, I’d be deeply concerned for the future of the platform if this year’s MacOS release was a boring one. It isn’t — Mojave shows that there’s lots of life left in the Mac. Even simple things, like Desktop Stacks, make a difference in real-world everyday usability.

Last year’s migration to APFS pays off in a big way for those of you thinking about trying the public beta of Mojave on a separate partition. I don’t know how many of you had to run fsck in single-user mode to get previous beta partitions working, but I did — every year. Not this time, though. It took a minute flat to create a Mojave “container” and begin installing. Nice.

AT&T Reportedly Has a Special Working Relationship With the NSA Because of Its Deep Ties to Communications Infrastructure

Ryan Gallagher and Henrik Moltke, the Intercept:

Atlanta, Chicago, Dallas, Los Angeles, New York City, San Francisco, Seattle, and Washington, D.C. In each of these cities, The Intercept has identified an AT&T facility containing networking equipment that transports large quantities of internet traffic across the United States and the world. A body of evidence – including classified NSA documents, public records, and interviews with several former AT&T employees – indicates that the buildings are central to an NSA spying initiative that has for years monitored billions of emails, phone calls, and online chats passing across U.S. territory.

The NSA considers AT&T to be one of its most trusted partners and has lauded the company’s “extreme willingness to help.” It is a collaboration that dates back decades. Little known, however, is that its scope is not restricted to AT&T’s customers. According to the NSA’s documents, it values AT&T not only because it “has access to information that transits the nation,” but also because it maintains unique relationships with other phone and internet providers. The NSA exploits these relationships for surveillance purposes, commandeering AT&T’s massive infrastructure and using it as a platform to covertly tap into communications processed by other companies.

This article is fairly American-centric, because it is unconstitutional for the NSA to be monitoring the contents of Americans’ communications. But it also raises questions about the extent to which the American government is monitoring the world’s communications.

To the best of my understanding, the NSA is legally able to gather intelligence from any non-U.S. communications. The main reason they didn’t do so historically was because it’s not as efficient as a more targeted collection sttategy. But, after building a massive data centre in Utah and creating software to automatically sift through all they collect, it has become reasonable for them to broaden their scope. This article from the Intercept reinforces that: AT&T is a valuable NSA partner because they have access to, effectively, much of the world’s communications through their peering agreements. Legally, this is apparently fine by the NSA’s mandate; ethically, it’s outrageous. My communications and yours, probably, have been scooped up and could be sitting on a hard drive somewhere in the United States, without a warrant or any suspicion of wrongdoing, in a repugnant dismissal of common-sense morals.

Two Keyboards at a Bar

Michael Lopp:

BARTENDER: Can I get you something?

TOUCHBAR: Can I get a Blue Hawaiian?

APPLE EXTENDED II: And nachos.

MACBOOK PRO: NACHOS? Wait, WHOA WHOA. You didn’t say we’d be eating food. I’ve got work tomorrow, and a single bit of chip, a smear of cheese, or a bit of jalapeño and I’m screwed.

I can’t put my finger on why this is the case, but there’s something so right about an anthropomorphized Touch Bar ordering a Blue Hawaiian.

Mark Gurman’s Report on the Status of the AirPower

Mark Gurman, Bloomberg:

Apple didn’t say when in 2018 it would release AirPower, but engineers hoped to launch the charger by June. The aim now is to put it on sale before or in September, according to one of the people. In recent months, some Apple engineers have ramped up testing of the device by using it as their charger at the office, another person said.

Gurman doesn’t say when the shipping target was originally set as June. If that was the case when they announced it last year, why not hold the announcement until WWDC? Regardless, if the new deadline is September, that will make it a full year between announcement and shipping — and for what? Most iPhone buyers probably don’t remember that Apple announced the AirPower because, let’s face it, it’s nowhere near as exciting as new iPhones. Judging by my Twitter feed and comments around the web, many of those who do remember the announcement of the AirPower are disappointed that it’s taking so long.

This saga is a blunder, and I’d be shocked to find out that it wasn’t a preventable one.

Apple Launches Repair Program for Faulty MacBook and MacBook Pro Keyboards

Juli Clover, MacRumors:

Apple today launched a keyboard repair program for MacBook and MacBook Pro models equipped with butterfly keys to address complaints over letters or characters that repeat unexpectedly, letters or characters that do not appear, and keys that feel “sticky” or do not respond in a consistent manner.

According to Apple, a “small percentage” of MacBook and MacBook Pro keyboards from 2015 to 2017 can experience these symptoms.

This is good news for anyone affected by this, whether in the past, now, or with future sales of this same generation of MacBooks. My only question is whether they’ve somehow quietly fixed the problem, or if a faulty keyboard repaired with another of the same design will one day require fixing again.

Long Product Cycles Are the Mac’s New Normal

Dan Moren, Macworld:

At present, the lack of recently updated Macs is frustrating, especially to those looking to spend money on new hardware. (And, I would argue, it’s multiplied by the current dissatisfaction with the company’s portable line.) But it certainly isn’t leaving Apple or customers at the brink of disaster. On the other hand, if this fall comes and goes with nary a new Mac, then there will definitely be some hard questions.

If Apple had been updating all of their Mac lines on a relatively consistent or more frequent basis, I doubt there would be as much consternation. Similarly, if the MacBook were a more affordable entry-model notebook and the MacBook Pro did not have ridiculous keyboard problems — and, sigh, still had an SD Card slot — I think people would be a lot happier. But, as it is, there’s a poor combination of a lack of updates followed by, in some ways, hardware regression.

I’m generally optimistic about the future of the Mac; I think that Mojave is a great update, the iMac remains a reliably solid performer, and Apple’s commitment to a better Mac Pro and new display signify a strong commitment to smaller market segments. But, as a single platform vendor, there are unique responsibilities that Apple has to their users.

The GDPR and Browser Fingerprinting

Katarzyna Szymielewicz and Bill Budington of the Electronic Frontier Foundation:

The concept of legitimate interest in the GDPR has been constructed as a compromise between privacy advocates and business interests. It is much more vague and ambiguous than other legal grounds for processing data. In the coming months, you will see many companies who operate in Europe attempt to build their tracking and data collection of their users on the basis of their “legitimate interest.”

But that path won’t be easy for covert web fingerprinters. To be able to rely on this specific legal ground, every company that considers fingerprinting has to, first, go through a balancing test (that is, verify for itself whether its interest in obscure tracking is not overridden by “the fundamental rights and freedoms of the data subject, including privacy” and whether it is in line with “reasonable expectations of data subjects”) and openly lay out its legitimate interest argument for end-users. Second, and more importantly, the site has to share detailed information with the person that is subjected to fingerprinting, including the scope, purposes, and legal basis of such data processing. Finally, if fingerprinting is done for marketing purposes, all it takes for end-users to stop it (provided they do not agree with the legitimate interest argument that has been made by the fingerprinter) is to say “no.” The GDPR requires no further justification.

Browser fingerprinting is seriously intrusive — and popular. One of the privacy-focused features new to Safari in MacOS Mojave is protection against fingerprinting, which Apple says is possible because any given installation of the browser will look more generic. I’m glad to see it being reined in from both regulatory and technological standpoints.

Turns Out Our Evil Tech Overlords May Be No Match for Europe’s New Privacy Laws

Paris Martineau, the Outline:

Though it’s only been a few weeks since the European Union’s General Data Protection Regulation (GDPR) officially went into effect, its impact is already noticeable. Sites have gone dark and pared down their tracking-laden homepages, while users have had to struggle to stay afloat under the deluge of privacy policy update emails. But, strangely enough, the most interesting side effect of GDPR can be found outside of its regulatory borders. In a rather shocking turn of events, U.S. lawmakers, policy wonks, and academics alike appear to actually be inspired by the GDPR’s bold design and efficacy. New measures in the works would deny businesses the ability to share and sell people’s data willy nilly, more clearly identify where and to whom their personal information has been disclosed, and even require them to alert people if their data has been stolen within 72 hours. […]

I’m glad to see even ostensibly regulation-averse American policy makers confront online privacy abuses, but I’m concerned that they won’t get it right. Lucy surely isn’t going to let Charlie kick the football this time, right?

Getting it right is highly subjective, of course. GDPR does a good job of making everyone aware of all of the rats and cockroaches, but it doesn’t establish any requirements for their limitations or extermination. Maciej Cegłowski’s proposals are, I think, a terrific blueprint for successful privacy regulations.

Apple’s Colour Strategy

The Macalope in Macworld skewers Mike Murphy’s ridiculous piece — “Apple Killed Fun” — that was published in Quartz last week:

Even still, the MacBook, all of the iPhones other than the iPhone X, the iPad Pro, and the Watch (counting the Edition) all come in four different colors. The MacBook Pro comes in two and the iPad in three. Other than the Product(RED), they’re all muted tones but that’s good. The bright colors of the original run of iMacs worked for Apple and were a brilliant strategic move but, frankly, created a trend in design that did not age well.

One thing that the Macalope, astute as it is, did not mention is the way that Murphy blames Apple for the entire industry’s lack of colourful products:

By refining its products to near-impenetrable pieces of glass and metal, and bringing the aesthetic of the entire consumer electronics market along with them, Apple has stamped out much of the fun within its own company, and the greater industry. […]

Murphy’s passive tone here is his way of shifting the blame towards Apple and away from all of the companies that thoughtlessly copy them. There’s every opportunity for Samsung or Xaomi or Oppo or Google to come along and ship a brightly-coloured lineup of devices with unique shapes and clear differentiation through design, but they don’t. That’s not on Apple; that’s on them — but their lack of doing so also assuredly reflects what most consumers want to buy.

After Sen. Wyden Investigation, American Cellular Carriers Pledge to Stop Selling Your Phone’s Location to Data Brokers

Jon Brodkin, Ars Technica:

The Obama-era FCC voted to impose privacy rules that would have required carriers to get consumers’ consent before selling or sharing personal data, including location information. But Congress last year voted to prevent implementation of those rules, with Pai’s support. Pai also took action to halt implementation of data security requirements that were part of the Obama-era FCC’s privacy rulemaking.

The current FCC administration has been uniquely terrible for consumers, but there may be another reason for their rejection of sound privacy regulations for carriers beyond simple malicious intent:

The Federal Communications Commission is investigating the matter, and Wyden called on FCC Chairman Ajit Pai to recuse himself because he represented Securus as an attorney in 2012.

Readers may also recognize that Pai has previously represented Verizon as well. Isn’t it remarkable how many decisions made by Pai’s FCC happen to benefit companies he used to work for?

Ajit Pai Now Trying To Pretend That Everybody Supported Net Neutrality Repeal

Karl Bode, Techdirt:

Over in an interview with Marketplace, Pai again doubles down on repeated falsehoods, including a new claim that the repeal somehow had broad public support:

Marketplace: …this is not a popular decision. Millions of people have written in opposition to it. Public opinion polling shows most Americans favor net neutrality, not your open internet rule. And I wonder why you’re doing this then? If public opinion is against you, what are you doing?

Pai: First of all, public opinion is not against us. If you look at some of the polls —

Marketplace: No, it is, sir, come on.

Pai: If you look at some of the polling, if you dig down and see how these polls were constructed, it was clearly designed to reach a particular result. But even beyond that —

Marketplace: It’s not just one, there are many surveys, sir.

Pai: The FCC’s job is not to put a finger in the wind and decide which way the winds are blowing, it’s to look at the facts and make a sober judgment based on what the law is. And that is exactly what we’ve done here. Moreover, the long-term interest is in building better, faster, cheaper internet access. That is what consumers say when I travel around the country, and I’ve have spoken to consumers in Los Angeles to the reservation in South Dakota, places like Dahlonega, Georgia. That is what is on consumers’ minds. That is what this regulatory framework is going to deliver.

First Pai tries to claim that the public supported his repeal, then when pressed tries to claim that the polls that were conducted were somehow flawed. Neither is true. In fact, one recent survey out of the University of Maryland found that 82% of Republicans and 90% of Democrats opposed the FCC’s obnoxiously-named “restoring internet freedom” repeal. Pai then tries to sell the interviewer on the implication that consumers simply aren’t smart or informed enough to realize that gutting oversight of indisputably terrible companies like Comcast will somehow be secretly good for them.

It’s worth reading or listening to that Marketplace interview in full. The host, Kai Ryssdal, does a respectable job of pushing back against Pai’s repeated lies and faulty talking points.

Google Plus Is Apparently Pretty Popular — With Nazis

Ali Breland, the Hill:

Many groups espousing racist rhetoric and hate speech were kicked off Facebook and Twitter after violence erupted at the “Unite the Right” rally last summer in Charlottesville, Va., where a woman was killed by a car that was driven into a crowd of protesters.

While such voices have been kicked off Facebook and Twitter, they have not been purged from Google Plus.

Anthony Cuthbertson, the Independent:

A Google spokesperson told The Independent: “We have clear policies against violent content as well as content from known terrorist organisations and when we find violations, we take swift action.”

They added: “We have a team dedicated to keeping violent content and hate speech off our platforms, including Google+. And while we recognise we have more to do, we’re committed to getting this right.”

At this point, I’m surprised Google would keep investing in moderation rather than simply shuttering Google Plus.

Europe’s Proposed New Link Tax Will Enshrine Big Tech’s Stranglehold Over the Internet

Cory Doctorow, in an op-ed published by Vice:

On Wednesday, a European Union committee will vote on Article 11, a proposal to create a new copyright over links to news stories. If the proposal is adopted, a service that publishes a link to a story on a news website with a headline or a short snippet would have to get a license before linking. News sites could charge whatever they want for these licenses, and shut down critics by refusing to license to people with whom they disagreed. And the new rule would apply to any service where a link to a news story can appear, including social media platforms, search engines, blogging platforms, and even nonprofits like Wikipedia.

This is a ridiculous proposal that would likely undermine the basics of the web.

Why We Don’t Read, Revisited

Caleb Crain, the New Yorker:

Television, rather than the Internet, likely remains the primary force distracting Americans from books. The proportion of the American population that watches TV must have hit a ceiling some time ago; in the years studied by the American Time Use Survey, it’s very stable, at a plateau of about eighty per cent—roughly four times greater than the proportion of Americans who read. But America’s average TV time is still rising, because TV watchers are, incredibly, watching more and more of it, the quantity rising from 3.28 hours in 2003 to 3.45 hours in 2016.

Set aside the depressing decline in reading — this is an astonishing figure. Who has the time to watch over three hours of television a day?

HomePod Can Now Read the News in Canada, France, and Germany

Joe Rossignol, MacRumors:

Ahead of the HomePod launching in Canada, France, and Germany in three days from now, the speaker has gained the ability to read the news in those countries.

Siri can now provide news briefs from a handful of sources in Canada, for example, including CBC, Global TV, CTV, and CNN. To start, say “Hey Siri” and then say something like “read me the news” or “what’s the news today?”

That’s interesting, because Apple News isn’t currently available in these three countries. Perhaps this is foreshadowing.

Best Before

Here we are again: a stale Mac hardware lineup. Let’s assume that we’ll be waiting until WWDC next year — at the earliest — to hear anything about the next-generation Mac Pro, and that the MacBook Air only exists because Apple can’t hit the same price point with the MacBook yet. The iMac Pro is still pretty new, and it has received near-universal acclaim. That leaves four Mac models unaccounted for.

Just before the keynote last Monday, a good friend unaware of WWDC messaged me to say that he was thinking about going to the store that day and picking up a 5K iMac. I told him to hold off because it seemed like a product Apple might refresh, given that it was last updated a year prior.

That, of course, didn’t happen. Nor were any updates made to the MacBook Pro, with its notoriously poor keyboard. That one pains me: I happen to be in the market for a new Mac, and I will not purchase one of the current MacBook Pro models for that reason alone.

The MacBook still has limited configuration options. I was considering buying one to replace my current MacBook Air — I don’t need that much power, really — but it tops out at 16GB of RAM and 512GB of storage, the latter of which simply isn’t enough for me.

And then there’s the Mac Mini, which has embarrassingly not changed in either price nor specs in nearly four years. It’s hard for me to justify the purchase of a brand new product that’s already over a year old, like any of the MacBook Pro models; I’m not even considering purchasing a Mac Mini because it’s not much newer than the computer I currently use.

What is the acceptable shelf life of a Mac? How old can a model be before it becomes uncouth to sell it as new? I remember when Macs used to get regular, approximately-annual spec bumps. It wasn’t that long ago — maybe five years or so. Has something changed since 2013 that seemingly makes difficult for the Mac to be updated more frequently?

When Apple launched the 2016 MacBook Pro models — the first models with the Touch Bar — members of their executive team spoke with Shara Tibken and Connie Guglielmo of CNet. Schiller mentioned that the new models took a while to be launched because they “didn’t want to just create a speed bump on the MacBook Pro”. I hope that’s not their attitude across the product line. People love spec bumps; it helps customers know that they’re getting the newest model they can, and reassures them that it will last longer.

When he was in charge of operations, Tim Cook likened his approach to inventory management to being in the dairy business. Inventory is, of course, not the same thing as product freshness — I bet that, if you were to order a Mac Mini today, it would probably be produced within the past couple of weeks — but product age has the same effect. Updating products, even in minor ways, isn’t just good to give the impression of freshness; it also sows trust with customers that there is an ongoing commitment to the product.

For the past several years, it has been awfully hard to feel like Apple has a strong commitment to Mac hardware.

Apple, Marzipan, Delight

I’ve been struggling to assemble several disparate threads of thought that emerged from WWDC last week. I think Becky Hansmeyer’s piece is a good assessment of what we know about “Marzipan” apps so far, and some interesting speculation:

Here’s two opinions. They aren’t necessarily my opinions, but I know many of you share them.

  1. The visual design of iOS has grown stale and is in need of an overhaul.

  2. Marzipan apps, while better than Electron apps, still don’t feel like they “belong” on the Mac. They don’t feel like “real” Mac apps.

Let’s talk about these things.

I’ve been watching the usual suspects’ tweets closely over the past week, and their findings have given me a lot to think about, and a fair amount of uncertainty. One thing I am clear on, however, is that those who are making snap judgements about the quality of “Marzipan” based on the apps in the first beta of MacOS Mojave are jumping the gun.

New App Store Guidelines May Impact Facebook’s Onavo App

Mark Gurman and Sarah Frier, Bloomberg:

The iPhone maker’s updated App Store Review Guidelines ban applications that “collect information about which other apps are installed on a user’s device for the purposes of analytics or advertising/marketing.” This could give Apple grounds to remove the Onavo app, although the software is still available despite the rules kicking in last week.

You may recall that Onavo is a VPN app owned by Facebook that collects usage data about other apps. If apps were not sandboxed on iOS, you can bet Facebook would use a more direct way of gathering this data; because apps are sandboxed, the company had to find a workaround. A more ethical company would instead realize why behaviour like that is prohibited on the platform and just stop right there.

USB Type-C Is Still a Mess

Robert Triggs, Android Authority:

USB Type-C was billed as the solution for all our future cable needs, unifying power and data delivery with display and audio connectivity, and ushering in an age of the one-size-fits-all cable. Unfortunately for those already invested in the USB Type-C ecosystem, which is anyone who has bought a flagship phone in the past couple of years, the standard has probably failed to live up to the promises.

Even the seemingly most basic function of USB Type-C — powering devices — has become a mess of compatibility issues, conflicting proprietary standards, and a general lack of consumer information to guide purchasing decisions. The problem is that the features supported by different devices aren’t clear, yet the defining principle of the USB Type-C standard makes consumers think everything should just work.

Benjamin Mayo at 9to5Mac summarized an article today from Digitimes that the 2019 iPhone lineup will replace the Lightning connector with USB Type-C. I only mention that sketchy rumour because Triggs’ report is a reminder that the single port dream of USB Type-C has yet to materialize, in part because of conflicts and complications in the standard itself.

Federal Judge Clears AT&T’s Bid for Time Warner With No Conditions

Just one day after the rollback of net neutrality rules in the United States, a federal judge has approved AT&T’s proposed acquisition of Time Warner. Sara Salinas, CNBC:

A federal judge said Tuesday that AT&T’s $85.4 billion purchase of Time Warner is legal, clearing the path for a deal that gives the pay-TV provider ownership of cable channels such as HBO and CNN as well as film studio Warner Bros.

AT&T isn’t just a “pay-TV provider” — it’s an ISP and cellular provider as well, and they run a subscription media streaming business too. This judge has now given them permission to purchase the world’s sixth-largest media company. And it gets worse:

U.S. District Court Judge Richard Leon did not impose conditions on the merger’s approval. He also urged the government not to seek a stay when issuing his decision in a closed-door room with reporters.

For comparison, when Comcast bought a majority share of NBC Universal, the FCC and the Department of Justice both placed restrictions on the acquisition. Comcast’s FCC restrictions expired in January; the DOJ conditions will be lifted at the beginning September. Meanwhile, according to Alex Sherman of CNBC, Comcast is set to announce their offer for 21st Century Fox’s entertainment assets tomorrow. And don’t forget that Disney is planning to launch its own streaming service next year.

I don’t see how reducing competition through vertical integration of production and distribution of entertainment assets with few legal restrictions is supposed to be beneficial to the American consumer.

Facebook Filibustered Congress With a 450-Page Response to Its Questions

Rhett Jones, Gizmodo:

The sheer length of the document and the opacity of Facebook’s responses makes it difficult to say which answers provide the most insight. In all honesty, it seems like you could find most of this information in Facebook’s various terms of service documents. But Facebook is like jazz—the notes it doesn’t play are often the most revealing. It’s high-priced attorneys clearly did a good job of filling in space with their answers, but which Senators decide they are unsatisfied will be the major question in the near future.

As I skimmed the answers Facebook provided, it struck me just how much the company obfuscates its grey area behaviours. Companies behaving in an ethically-sound manner don’t need to be so circuitous or vague in their answers to straightforward questions. Even Facebook, when asked about things it is objectively not doing — like monitoring conversations with a user’s microphone for advertising and data mining purposes — provides direct answers. That they cannot or are unwilling to do so for the vast majority of these questions ought to be deeply troubling.

Google Continues to Push AMP as an HTML Replacement

Jeremy Keith:

On an episode of the Dev Mode podcast a while back, AMP was a hotly-debated topic. But even those defending AMP were doing so on the understanding that it was more a proof-of-concept than a long-term solution (and also that AMP is just for news stories—something else that Google are keen to change).

But now it’s clear that the Google AMP Project is being marketed more like a framework for the future: a collection of web components that prioritise performance… which is kind of odd, because that’s also what Google’s Polymer project is. The difference being that pages made with Polymer don’t get preferential treatment in Google’s search results. I can’t help but wonder how the Polymer team feels about AMP’s gradual pivot onto their territory.

The long game is that Google is using its extraordinary influence to push the language of the open web in the direction of one that it ultimately controls.

Enthusiast

Anthony Bourdain:

I am not a journalist. I am not a foreign correspondent. I am, at best, an essayist and enthusiast. An amateur. I hope to show you what people are like at the table, at home, in their businesses, at play. And when and if, later, you read about or see the places I’ve been on the news, you’ll have a better idea of who, exactly, lives there.

Somehow, he simultaneously made the world feel small and comfortably communal, yet bigger than anyone could possibly imagine.

Anthony Bourdain Dead at 61

Bourdain has long been a personal hero; I don’t think any other public figure or author comes close. He had an unparalleled skill to tell unique stories, and made me want to drop everything week after week to go wherever he happened to be — preferably, with him. And, he was one hell of an author. Nobody else was more capable of making me want to write, travel, eat, or be hungry for more. I’m gutted.

The Messy Split of Facebook and WhatsApp’s Founders

Kirsten Grind and Deepa Seetharaman, Wall Street Journal (Twitter redirect):

How ugly was the breakup between Facebook Inc. and the two founders of WhatsApp, its biggest acquisition? The creators of the popular messaging service are walking away leaving about $1.3 billion on the table.

The expensive exit caps a long-simmering dispute about how to wring more revenue out of WhatsApp, according to people familiar with the matter. Facebook has remained committed to its ad-based business model amid criticism, even as Facebook Chief Executive Mark Zuckerberg has had to defend the company before American and European lawmakers.

Felix Salmon, Slate:

WhatsApp wasn’t an easy acquisition for Zuckerberg, because the two apps have very different founding principles. Koum, who grew up in Ukraine, believes deeply in privacy; Zuckerberg thinks that the more open and connected we are, the happier we all become. And so in order to acquire WhatsApp, Zuckerberg not only had to pay a lot of money and give up a board seat to Koum; he also had to make a lot of promises. Some of those promises were even enshrined in the acquisition agreement: If Facebook imposed “monetization initiatives” like advertising onto WhatsApp, its founders’ shares would vest immediately, and they could leave without suffering any kind of financial penalty.

Thus did WhatsApp retain exactly the independence that it had been promised — until it didn’t.

It’s hard to feel sorry for WhatsApp’s founders here. They sold their privacy-focused anti-advertising profitable business to a company that is known for its privacy-ignoring advertising practices. It’s like if a band acclaimed for its artistic integrity and dedication were to get the Chainsmokers to write and produce their next album — how else would you expect it to turn out?

Safari Extensions Deprecated in Safari 12; Developers Told to Switch to Safari App Extensions

It’s not all good news coming out of WWDC this year:

Support for .safariextz-style Safari Extensions installed from the Safari Extensions Gallery is deprecated with Safari 12 on macOS. Submissions to the Safari Extensions Gallery will no longer be accepted after December 2018. Developers are encouraged to transition to Safari App Extensions.

That’s not just for users, either — all old-style Safari extensions are deprecated:

Support for developer-signed .safariextz Safari Extensions in Safari 12 on macOS has been removed. They no longer appear in Safari preferences and cannot be enabled. On first launch users will receive a warning notification and these extension will not load.

Well, that’s a bummer — I still use a handful of older-style extensions that have no modern equivalents that are quite as simple. JS Blacklist is one of my favourite pieces of software because it allows me to block problematic scripts rather than ads more generally. There are content blockers available on the Mac App Store, but nothing quite as refined. But this isn’t a surprise; the writing has been on the wall for old-style extensions ever since Apple’s developer tiers were changed three years ago.

Edit for iOS

Kyle Dreger describes his new app:

Edit is a tasteful place to write. Think of it as a single page of paper, not a notebook. You get a single note, and whatever you leave in the app will be there when you get back. Once you’re done writing, you can send or save your text to anywhere in iOS via the Share Sheet.

Ever since I was sent an early beta of this app nearly a year ago, it has been on my first home screen. You know how you sometimes just need a quick place to jot something down — a single scrap of paper, the back of an envelope, or whatever you have laying around — and you know you won’t need to save it? Edit is like the digital version of that. It’s fast, it’s simple, and I use it all the time. And just $2.

Apple Announces MapKit JS

Apple’s developer documentation:

MapKit JS brings Apple Maps to the web. This new JavaScript library lets you add interactive maps to webpages — complete with annotations, overlays, and interfaces to Apple Maps services such as Search and Directions — to enable rich interactions.

Looks like MapKit.js has grown up: it’s now at version 5.0 and ready for use outside of Apple’s websites. This will be a good alternative to Google Maps on the web, provided Apple keeps investing in their mapping efforts — something they haven’t significantly addressed for a few years.

iOS 12 First Beta Speed Test

Two things about iOS 12 that I think speak volumes:

  1. It’s available on all of the same devices as iOS 11, going back to the iPhone 5S. Apple has long been good at issuing updates for several years, but the iPhone 5S is easily the longest-supported iOS device.

  2. Not only does Apple continue to update older devices, the headlining performance features of iOS 12 are specifically targeted towards improving devices they no longer sell.

The narrative that Apple deliberately makes older devices obsolete through software updates has always been fictional, but moves like these underscore how untrue a notion that is.1


  1. They also reiterate just how poor Apple’s initial response to iPhone battery and performance issues was. ↩︎

Updates to App Store Guidelines

Lots of updates this year, but I wanted to highlight two in particular, via Juli Clover at MacRumors:

[…] A modified 3.1.1 rule, for example, says that non-subscription apps may offer a free time-based trial period using a free in-app purchase option that temporarily unlocks app functionality. This will allow all apps in the App Store to offer free trials, rather than just subscription apps.

This formalizes a technique that was being used by apps like OmniFocus. It’s interesting to see that this somewhat hack-ish way of implementing a free trial is officially supported.

A new rule, 2.3.12, states that all apps are required to “clearly describe” new features and product changes in their “What’s New” text. Apps can continue to use generic descriptions for bug fixes, security updates, and performance improvements, but anything more significant must be listed in the notes.

On the one hand, hallelujah. On the other, “bug fixes and performance improvements” is, theoretically, still valid; I think bug fixes should be enumerated whenever possible.

WatchOS 5 Adds Automatic Workout Detection, Walkie-Talkie, and More

Jordan Golson, MacRumors:

A new Walkie-Talkie app lets users send push-to-talk messages (like an old-school Nextel phone) to each other from watch-to-watch, and a new Podcasts app has been added as well. […]

If the walkie talkie feature sounds familiar, that’s because it was included among the original Apple Watch marketing materials in 2014 before being pulled just before the product was released in spring 2015. Its initial omission was curious; it’s quite nice to see it back.

New Privacy Features in iOS 12 and MacOS Mojave

Apple PR:

As with all Apple software updates, enhanced privacy and security remain a top priority in macOS Mojave. In Safari, enhanced Intelligent Tracking Prevention helps block social media “Like” or “Share” buttons and comment widgets from tracking users without permission. Safari now also presents simplified system information when users browse the web, preventing them from being tracked based on their system configuration.

This feature is also in iOS 12, and I could not be happier. As I wrote two months ago, web developers and property owners have a responsibility to not sell out their visitors’ privacy — or, in the wake of GDPR, at least tell visitors how their privacy is being sold out. Due to either ignorance or incompetence, this responsibility is frequently abdicated. This change, like most of the Intelligent Tracking Prevention features in Safari, doesn’t prevent analytics or sharing buttons from working; it simply educates users and allows them to make an informed decision about whether to allow tracking.

One more security and privacy feature, via Lorenzo Franceschi-Bicchierai:

New: Apple put USB Restricted Mode in both iOS 11.4.1 beta and iOS 12 beta. And now it’s triggered after 1 HOUR of phone not being unlocked, not 1 week.

This is the feature that essentially kills iPhone unlocking tools made by Cellebrite and GrayShift.

Again, this is good news — not specifically because it defeats techniques used by law enforcement, but because those same techniques could be used by bad actors, too.

Update: More on Safari’s new privacy features from Apple’s developer site:

Improved Intelligent Tracking Prevention to permanently partition cookie access in third-party contexts, add a user prompt to the Storage Access API, detect bounce trackers and purge their website data, identify tracker collusion, and send origin-only headers for third-party tracker requests.

Users shouldn’t have to think about this stuff. They also shouldn’t worry that browsing the web every day will spool up an ad tech machine that will track them without their permission.

Google and Facebook Are Benefitting From GDPR

Nick Kostov and Sam Schechner, Wall Street Journal (Twitter redirect):

The reason: the Alphabet Inc. GOOGL 2.09% ad giant is gathering individuals’ consent for targeted advertising at far higher rates than many competing online-ad services, early data show. That means the new law, the General Data Protection Regulation, is reinforcing — at least initially — the strength of the biggest online-ad players, led by Google and Facebook Inc.

Hundreds of companies along the chain of automated bidding and selling of digital ads — from ad buyers to websites that show ads — have been scrambling to comply with the law while continuing to target people based on the personal information such as web-browsing histories, offline purchases or demographic details.

Given the option, it’s trivial to choose whether to opt into tracking on smaller websites and from advertising companies you’ve never heard of. But it’s pretty much guaranteed you’ll opt into the same from Google and Facebook because of how deeply-entrenched their products and, by extension, their tracking is across the web.

I don’t think the solution here is to roll back GDPR and make it easier for more companies to track people without their explicit consent.

The 2013 Mac Pro, Five Years Later

Stephen Hackett:

On June 10, it will have been five years since Apple first showed off the iteration of the Mac Pro that has come to be known as The Trashcan.

To put that in a little context, it was the same WWDC keynote where iOS 7 and OS X Mavericks were introduced.

It’s been a minute since the Mac Pro was updated, of course, but Hackett really puts it into context here. I don’t expect to see anything about the future Mac Pro at WWDC this year, not — sadly — about the Mac Mini.

Rumours About Running iOS Apps on MacOS

Brent Simmons:

I’ve heard more than once that at WWDC we’ll learn about how we can run iOS apps on Macs.

I’m worried, of course, that this will lead to the further degradation of the Mac UI, and even less incentive for developers to write Mac apps.

I’ve been thinking a lot about this rumour, and I’m not sure I share the same concern. I completely understand where Simmons and others with similar skepticism are coming from, but I think the other side of this coin is more interesting and positive. What if easier cross-platform development is less about bringing iOS apps to the Mac, and more about making it easier for developers to bring Mac-grade apps to iOS? That’s intriguing to me, particularly in the context of the iPad.

Bitcoin Miners Stress Power Grids

Paul Roberts, Seattle Times:

In a normal year, demand for electric power in Chelan County grows by perhaps 4 megawatts — enough for around 2,250 homes — as new residents arrive and as businesses start or expand. But since January 2017, as Bitcoin enthusiasts bid up the price of the currency, eager miners have requested a staggering 210 megawatts for mines they want to build in Chelan County. That’s nearly as much as the county and its 73,000 residents were already using. And because it is a public utility, the PUD staff is obligated to consider every request.

The scale of some new requests is mind-boggling. Until recently, the largest mines in Chelan County used five megawatts or less. In the past six months, by contrast, miners have requested loads of 50 megawatts and, in several cases, 100 megawatts. By comparison, a fruit warehouse uses around 2.5 megawatts.

EurekAlert:

Bitcoin’s burgeoning electricity demands have attracted almost as much attention as the cryptocurrency’s wildly fluctuating value. But estimating exactly how much electricity the Bitcoin network uses, necessary for understanding its impact and implementing policy, remains a challenge. In the first rigorously peer-reviewed article quantifying Bitcoin’s energy requirements, a Commentary appearing May 16 in the journal Joule, financial economist and blockchain specialist Alex de Vries uses a new methodology to pinpoint where Bitcoin’s electric energy consumption is headed and how soon it might get there.

[…]

His estimates, based in economics, put the minimum current usage of the Bitcoin network at 2.55 gigawatts, which means it uses almost as much electricity as Ireland. A single transaction uses as much electricity as an average household in the Netherlands uses in a month. By the end of this year, he predicts the network could be using as much as 7.7 gigawatts — as much as Austria and half of a percent of the world’s total consumption. “To me, half a percent is already quite shocking. It’s an extreme difference compared to the regular financial system, and this increasing electricity demand is definitely not going to help us reach our climate goals,” he says. If the price of Bitcoin continues to increase the way some experts have predicted, de Vries believes the network could someday consume 5% of the world’s electricity. “That would be quite bad.”

It takes days to complete a single transaction, and sucks up a huge amount of power in the process. This industry is asinine.

Vermont Passes Regulation on Data Brokers

Devin Coldewey, TechCrunch:

While Facebook and Cambridge Analytica are hogging the spotlight, data brokers that collect your information from hundreds of sources and sell it wholesale are laughing all the way to the bank. But they’re not laughing in Vermont, where a first-of-its-kind law hems in these dangerous data mongers and gives the state’s citizens much-needed protections.

Data brokers in Vermont will now have to register as such with the state; they must take standard security measures and notify authorities of security breaches (no, they weren’t before); and using their data for criminal purposes like fraud is now its own actionable offense.

This is excellent news for American consumers — even those who do not live in Vermont. Because many data brokers operate nationally or internationally, it will a widely-covered scandal when a data broker inevitably announces that it has suffered a breach or used its data improperly.

Facebook’s GDPR-Related Dark Patterns

In a tweet, Francis Irving linked to Max Schrems’ complaint against Facebook (PDF):

[…] If the data subject has not consented until 25 May 2018, the whole Facebook account was blocked. [Facebook] used additional “tricks” to pressure the users: For example, the consent page included two fake red dots (violation against Article 5(1)(a) — neither “fair”, nor “transparent”), that indicated that the user has new messages and notifications, which he/she cannot access without consenting — even if the user did not have such notifications or messages in reality.

This is pretty sleazy, but also basically what you’d expect from a company that misleads users into accepting facial recognition, guilt trips users who try to deactivate their account, and places several other barriers to deactivation.

Apple Releases iOS 11.4 With AirPlay 2, Messages in iCloud, and More

Ryan Christoffel, MacStories:

Today Apple released iOS 11.4, likely the final major release for the operating system before its successor, iOS 12, reaches the public in September. The update includes two major features that were originally revealed last June as iOS 11 features, but were later delayed: AirPlay 2 and Messages in iCloud.

The teasing and continued delays of both of these features has been aggravating, to say the least, but the latest builds of iOS 11.4 have been very stable for me. Messages in iCloud is one of my favourite new features.

Apple also announced today that the HomePod will be released in Canada on June 18, as well as France and Germany. Their deadline for those latter two countries was “this spring”, so it looks like they’ll make it.

In Email Obtained by MacStories, Phil Schiller Explains Steam Link App Rejection

John Voorhees, MacStories:

Valve announced on May 9th that it would release a video game streaming app called Steam Link. According to Valve, that announcement was made after the app was approved by Apple’s App Review team. As we reported Friday, Valve says that App Review reversed its decision the next day, rejecting the app for what Valve describe as ‘business conflicts with app guidelines.’

Steam Link is an app designed to allow users to stream Steam games from a Mac or PC to an iOS device or Apple TV over fast WiFi or Ethernet. Valve appealed the rejection on the basis that it was similar to other LAN-based remote desktop apps available on the App Store, but the appeal was denied. That led some people to question whether Apple’s rejection was motivated by a desire to protect gaming on iOS devices and the Apple TV.

Phil Schiller, in an email obtained by Voorhees:

Unfortunately, the review team found that Valve’s Steam iOS app, as currently submitted, violates a number of guidelines around user generated content, in-app purchases, content codes, etc. We’ve discussed these issues with Valve and will continue to work with them to help bring the Steam experience to iOS and AppleTV in a way that complies with the store’s guidelines.

As with many controversial App Store rejections, this one comes as a result of poor communication: Apple apparently allowed the app, which meant Valve could announce it, and then rejected it for unclear reasons. It also sounds like Valve isn’t being entirely forthcoming about the app’s capabilities, or there’s some confusion about what the app allows — is it basically a VPN app, or does it have additional features? It sounds like there’s something Valve or Apple — or both — haven’t clearly stated about why this app was rejected, especially after being initially approved.

Apple’s Emoji Search Is Bad

Jeremy Burge of Emojipedia:

So here we are. Let’s say you type the Apple name for an emoji. Will it always come up? No.

The woman raising her hand? Apple calls her “Happy Woman Raising One Hand”:

[…]

If you search for this exact phrase, no results are shown:

[…]

It’s not clear why “raising” works as a search term here but not “happy” or “happy woman” (or even “hand” fails to bring this up).

This is pretty bad. However, I’ve tried everything that Burge cites in this post, and the one I quoted here is the only one where I found any discrepancy between the example and my experience. The search term “happy” works fine for me. Everything else Burge cites checks out, and it’s embarrassing.

Vevo Gives Into YouTube, Will Shut Down Site

Amy X Wang, Rolling Stone:

The company announced in a blog post Thursday that it is shuttering its mobile apps and website, and that “going forward, Vevo will remain focused on engaging the biggest audiences and pursuing growth opportunities.” It will continue investing in original content and sponsorships, but phase out its own independently-operated platforms, it said. Read: Vevo is almost entirely succumbing to YouTube, the juggernaut that has long supplied most of its audience.

I completely forgot that Vevo had its own hosting service. I even have their app on my Apple TV, but the only time I ever come across anything with their name on it is on YouTube.

The major record labels set up Vevo – an abbreviation for “video evolution” – in 2009 as a designated streaming service for music videos that would ideally bring in greater revenue from more high-end advertisers. Via a distribution deal with YouTube, it received a cut of revenue from putting its music videos on the Google-owned site.

But YouTube’s might has grown: The video-streaming service recently took Vevo’s branding off its music videos, while also securing permission under a new licensing deal to sell Vevo’s clips directly to advertisers, cutting out the smaller company’s sales force. Though Vevo has been trying to peel away from its dependence on YouTube by touting its own suite of apps and offerings for years, it seems those efforts haven’t been met with much success.

It sounds to me like YouTube muscled them out. That’s unsurprising — what other website do you think of when you want to watch short videos? They have a huge amount of influence, and Vevo has now given them even more power. I don’t see this ending well for Vevo as its own brand.

Notes on Notifications

One of the reasons why using an iPhone has been so nice, for a decade now, is because of how little the user must manage it. The App Store gave even novice users the confidence to download new software, implicitly trusting that it would not cause problems on their phone or carry malware. You shouldn’t close open apps, either, and you don’t have to toggle Bluetooth or LTE to get great battery life. The system just sorts it out.

I want that same level of confidence with push notifications.

Apple has apparently intended for the notification system to be seen as less of a todo list of items of interest, and more of an advisory area — something that you look at occasionally, and never really worry about clearing fully. I think that it feels too heavy-handed to be something so passive. Either Apple ought to be more prescriptive about how push notifications are to be used, or the design of the system needs to be pragmatic and take into account the notifications that people actually get. The latter is more challenging because it would need to compensate for all kinds of edge cases, but I think that would ultimately result in a better product.

An easy benchmark is that users should not have to worry that allowing notifications from an app will subject them to spam and advertising. Apple already prohibits this, but some apps still abuse push notifications.

More difficult questions concern the scalability of the notification system. Even though most users probably don’t receive many hundreds of notifications a day, the system should still be able to scale to a point where notifications do not become egregiously overwhelming.

Finally, there’s the design of notifications themselves. Right now, a notification that arrives when using the phone will cover part of the top of the display and any UI elements underneath. And, right now, that means covering the app’s navigation bar — that is, if you tap a primary navigation button in an app at the same time a notification comes in, you’ll suddenly be taken out of that app and into another, with very little context.

This should not require a bunch of new settings and options for notifications. I don’t think apps should require users to figure out a granular array of notification types; apps should set appropriate priorities for different kinds of alerts they may push, and the system ought to have a way to enforce that. The same goes for prioritizing notifications across multiple apps — no matter how much I miss grouping notifications by app instead of sorting chronologically, I don’t think that’s something users should be required to manage. As with multitasking and Bluetooth connectivity, above, an iPhone should be able to figure this stuff out.

It is a hard problem: phones have a fixed display space, and notifications have to be somehow informative yet unobtrusive. And, yes, an Apple Watch helps bear the burden of rapidly-accumulating notifications. But I think iOS should to do better on its own. I don’t know for certain what radically-improved notifications look like, and I don’t think that it’s any sort of AI-backed magic algorithm sorting your notifications for you. Maybe it is, in part, taking a cue from the Apple Watch: a very small initial notification and expanding the notification only if you linger on it, something which can be accomplished on the iPhone by tracking eye movement with the TrueDepth camera.

Perhaps that is needlessly high-tech. Perhaps it’s as simple as queueing notifications for a few seconds, so your phone isn’t rattled off a table by repeated alerts. This sometimes exists within single apps — Mail, for instance, might post a notification that I have five new emails — but it’s something that I think should be applied to notifications from multiple apps.

Even grouping notifications from the same app would reduce the visual noise created by several individual bubbles.

I suspect that, whatever the solution is, it will require an ingenious combination of visual design and revised functionality — it isn’t simply one or the other. And I don’t know that my spitballed ideas would have a positive effect — I don’t think they’re particular original thoughts, so I wouldn’t be surprised if Apple had already tried similar options and rejected them for reasons I haven’t considered. What I do know is that the present implementation of notifications does not feel scalable and requires too much management. Whenever an app asks whether it can send me push notifications, I assume it’s going to overload me with nagging alerts, so I keep them turned off for a lot of apps. I don’t think I should have to worry about or disable a core feature of iOS for half the apps I use to make it bearable; the system should be designed with scalability in mind.

GDPR Hall of Shame

Your inbox has probably been inundated with requests for you to explicitly opt into receiving emails from companies you bought something from once, and requirements for you to accept updated privacy policies. Even though the date when GDPR comes into effect has been known for two years, it’s unsurprising that many companies have left compliance to the last possible minute.

While most of these notices are fairly routine, Owen Williams has been collecting examples of bad behaviours, like products that will become useless after GDPR takes effect for seemingly no reason, and hilarious data sharing agreements.

Instagram Adds a Mute Button

Katie Notopoulos, Buzzfeed:

If you’re sick of someone who posts too often, or you just don’t want to see them for any reason, you no longer have to outright unfollow them; you can just subtly mute them.

Although Instagram never made it obvious that you unfollowed someone, it was still possible for them to find out by looking through their followers list — and that had the potential to create some hurt feelings. And so it was that we remained hostage to their many unwelcome posts all this time.

But now, muting these insufferable people, like the gracious and polite person you are, solves those problems.

This is such a fascinating aspect of social media to me. I have no problem with following or unfollowing someone on any platform based on what they’re posting, regardless of their relationship to me. I follow almost nobody I know in real life on Instagram or Twitter — it isn’t that I don’t like them, it’s just that I don’t want to see them everywhere. And yet, I completely understand how a one-way follow or an unfollow could be seen as rude. We’ve managed to create a proxy for friendships without requiring any interaction. Isn’t that curious?

Illustration in the App Store

Khoi Vinh:

Apple’s dramatically redesigned App Store got a decent amount of attention when it debuted last year with iOS 11, but its unique success as a hybrid of product design and editorial design has gone little noticed since. That’s a shame, because it’s a huge breakthrough.

I myself paid it scant attention until one day this past winter when I realized that the company was commissioning original illustration to accompany its new format. If you check the App Store front page a few times a week, you’ll see a quietly remarkable display of unique art alongside unique stories about apps, games and “content” (movies, TV shows, comics, etc.). To be clear: this isn’t work lifted from the marketing materials created by app publishers. It’s drawings, paintings, photographs, collages and/or animations that have been created expressly for the App Store.

I’m not sure what the Today tab has done for me in terms of app discovery, but it’s my favourite feature of the redesigned App Store, in large part because of these illustrations. I only wish there were some way to see updates to the Today tab that’s more passive than opening the App Store — via a widget, perhaps. I often find myself remembering to open the App Store for several days to check out new Today articles, then forgetting for a week or two. Perhaps it just isn’t routine yet.

Comcast Preps All-Cash Offer for 21st Century Fox

Todd Spangler, Variety:

Confirming weeks of rumors, Comcast said Wednesday that it is in “advanced stages” of preparing an all-cash offer for entertainment assets of 21st Century Fox — in a move to outflank Disney’s $52.4 billion offer for Fox.

Comcast said that any offer for Fox would be at a “premium to the value of the current all-share offer from Disney,” but it didn’t reveal an anticipated price tag. The media conglomerate added that the structure and terms of its bid for the 21st Century Fox assets — including regulatory-risk provisions and the termination fee it would be required to pay — would be “at least as favorable to Fox shareholders as the Disney offer.”

Could you imagine if a single telecom owned two major motion picture studios in a post-net neutrality media landscape?

Amazon Rekognition Allows for Real-Time Identification From Photos and Video

Matt Cagle and Nicole A. Ozer of the ACLU:

Marketing materials and documents obtained by ACLU affiliates in three states reveal a product that can be readily used to violate civil liberties and civil rights. Powered by artificial intelligence, Rekognition can identify, track, and analyze people in real time and recognize up to 100 people in a single image. It can quickly scan information it collects against databases featuring tens of millions of faces, according to Amazon.

Amazon is marketing Rekognition for government surveillance. According to its marketing materials, it views deployment by law enforcement agencies as a “common use case” for this technology. Among other features, the company’s materials describe “person tracking” as an “easy and accurate” way to investigate and monitor people. Amazon says Rekognition can be used to identify “people of interest” raising the possibility that those labeled suspicious by governments — such as undocumented immigrants or Black activists — will be seen as fair game for Rekognition surveillance. It also says Rekognition can monitor “all faces in group photos, crowded events, and public places such as airports” — at a time when Americans are joining public protests at unprecedented levels.

John Moltz:

This is very cool coming from a company that sells cameras that sit on your nightstand and recording devices for your kids’ rooms and not at all troubling in any way.

For what it’s worth, Amazon previously did not respond to questions about whether they would help build a “Muslim registry”.

I get that the business argument exists, and that employees need an income. But that doesn’t absolve the shocking lack of conscience demonstrated here by Amazon.

‘60 Minutes’ Reports on Google’s Dominance

This isn’t a terrific report. It is pretty light on details, skimming over more technical aspects of Google’s dominance: Google Chrome isn’t mentioned even once, despite being the world’s most popular web browser, and neither was the company’s mischievous bypassing of iPhone users’ privacy settings. While that may be a function of its allotted running time, Google’s behaviours deserves a much deeper dive.

Nevertheless, I think this exchange is worth paying attention to:

Gary Reback: Google makes the internet work. The internet would not be accessible to us without a search engine

Steve Kroft: And they control it.

Gary Reback: They control access to it. That’s the important part. Google is the gatekeeper for— for the World Wide Web, for the internet as we know it. It is every bit as important today as petroleum was when John D. Rockefeller was monopolizing that.

If this argument sounds familiar to you, it’s because Reback was extensively interviewed for a New York Times Magazine piece in February. However, it does raise two good questions:

  1. How fair and accurate is this comparison?

  2. While European antitrust regulators have reached to Google’s dominance, American regulators have been reluctant to do so while, even after Google’s acquisition of DoubleClick. What are they waiting for?

Ironically-Named LocationSmart Leaked Live Location Data for Customers of All Major U.S. Mobile Carriers on Its Website

Yesterday, I linked to Joseph Cox’s report for Vice concerning Securus’ weak safeguards protecting access to its software that monitors the real-time location of cellphones. While I was writing it, I couldn’t help but think that there isn’t much worse it could get, right? Well, what about if a similar location tracking application had no security — at all?

Brian Krebs (emphasis his):

LocationSmart, a U.S. based company that acts as an aggregator of real-time data about the precise location of mobile phone devices, has been leaking this information to anyone via a buggy component of its Web site — without the need for any password or other form of authentication or authorization — KrebsOnSecurity has learned. The company took the vulnerable service offline early this afternoon after being contacted by KrebsOnSecurity, which verified that it could be used to reveal the location of any AT&T, Sprint, T-Mobile or Verizon phone in the United States to an accuracy of within a few hundred yards.

There’s a lot about this that’s pretty outrageous, but I think the most alarming aspect of this is that a company most of you have probably only just heard of has access to your phone’s live location, and they’ve never asked you if that’s okay.

Basic Questions About Google Duplex

Dan Primack of Axios found Google’s demo of Duplex a little fishy:

When you call a business, the person picking up the phone almost always identifies the business itself (and sometimes gives their own name as well). But that didn’t happen when the Google assistant called these “real” businesses:

  • When the hair salon picks up, a woman says: “Hello, how can I help you?”

  • When the restaurant picks up, a woman says: “Hi, may I help you?”

Axios called over two dozen hair salons and restaurants — including some in Google’s hometown of Mountain View — and every one immediately gave the business name.

There also does not seem to be ambient noise in either recording, such as hair dryers or plates clattering. We heard that in most of the businesses we called, but not in all.

Google CEO Sundar Pichai insisted three times that these calls were real, but these discrepancies should be answered. If these calls were edited, even just to remove the business name to limit publicity, Google hasn’t said. Very strange.

Finally, neither the hair salon nor the restaurant ask for the customer’s phone number or any other contact information.

Primack also included this as a reason why the calls seemed suspicious, but I disagree. The hair salon asked for the customer name; I don’t usually book my haircuts, but when I do, they don’t ask for contact information. The restaurant didn’t need to ask for contact information because the staff member answering the phone said that no reservations would be accepted for Duplex’s party size.

Jack Wellborn on Twitter:

Regardless of whether the Duplex demo was real or not, I keep wondering why Google didn’t target it to businesses first. People are used to talking to robots when calling businesses and some might even prefer it.

As a demo, it’s pretty cool, though somewhat less compelling to me as a recording rather than a live preview. But as an actual consumer service offering, I’m not sure I get it in its current guise. While Pichai said that 60% of American businesses don’t have an online booking system, that number has been dropping and, though I doubt it will hit zero, their pitch is to a temporary and shrinking market.

But as a business product, like Wellborn describes, it makes more sense to me. Why not have a robot handle reservations? As Sarah Jeong said on Twitter, this is only a product “because we treat service industry people like robots” anyway, unfortunately.

But that’s only if we feel like Duplex is limited to making bookings. Over time, it will of course become more capable. Like they do for the web, Google is already crawling the real world with things like Street View and AI-powered verification of business details. What’s next?

Twitter Is Executing Its 2012 Vision

Yesterday’s announcement to API changes and pricing may have been foreshadowed six years ago, but it’s still hard to be facing what looks like the slow turning of the screw on third-party Twitter clients.

Favstar Is Shutting Down in June

Speaking of the influence Twitter’s API changes are having on third parties, Tim Haines has announced that Favstar is shutting down:

Favstar started in May 2009, and in it’s early years was a huge hit with people new to Twitter, up-and-coming comedians, tech folk, reporters, celebrities, and people looking for a quick route to the best tweets. You could visit Favstar, and almost be guaranteed a laugh, whatever your sense of humor.

[…]

Favstar will go offline on June 19th 2018.

Haines’ announcement comes just shy of the two year anniversary of Stellar.io’s goodbye, which had a similar purpose. I miss Stellar, and I’ll miss Favstar greatly.

Twitter hasn’t cared about their ecosystem of third-party apps for ages. Unfortunately, they are often the best way to experience Twitter.

Hacker Breaches Now-Ironically-Named Securus, a Company That Provides Cellphone Location Monitoring Software

Hey, remember Securus, the company I told you about last week that provides software that can monitor the location of most cellphones in the United States with only a phone number?

Joseph Cox, Vice:

A hacker has broken into the servers of Securus, a company that allows law enforcement to easily track nearly any phone across the country, and which a US Senator has exhorted federal authorities to investigate. The hacker has provided some of the stolen data to Motherboard, including usernames and poorly secured passwords for thousands of Securus’ law enforcement customers.

Although it’s not clear how many of these customers are using Securus’s phone geolocation service, the news still signals the incredibly lax security of a company that is granting law enforcement exceptional power to surveil individuals.

Cox reports that users’ passwords were hashed using MD5 which, as of a decade ago, was considered by the U.S. Office of Cybersecurity and Communications to be “cryptographically broken and unsuitable for further use”. I disagree with the notion that a private company can offer this sort of software with little legal oversight or scrutiny, but even if you think that’s totally okay, surely tracking the live location of hundreds of millions of people should be guarded with more than an email address and a badly-encrypted password.

Future of Many Third-Party Twitter Apps in Question as New API Pricing Is Shared With Developers

Juli Clover, MacRumors:

Third-party Twitter app developers will be required to purchase a Premium or Enterprise Account Activity API package to access a full set of activities related to a Twitter account including Tweets, @mentions, Replies, Retweets, Quote Tweets, Retweets of Quoted Tweets, Likes, Direct Messages Sent, Direct Messages Received, Follows, Blocks, Mutes, typing indicators, and read receipts.

Premium API access, which provides access to up to 250 accounts, is priced at $2,899 per month, while enterprise access is more expensive, with pricing quotes available from Twitter following an application for an enterprise account.

That is a huge lump of money: over $10 per user per month from developers for real-time activity if they have just 250 users; can you imagine the rate for tens of thousands of users? Let’s be generous and assume that they’ll give third-party developers operating at that scale a remarkable deal of $1 per user per month. At $12 per user per year, that’s probably unsustainable for developers like Tapbots and the Iconfactory to be charging a flat rate.

I know lots of people — myself included — who have proposed paying a monthly fee to continue using third-party clients. Loathe as I am to suggest it, perhaps a subscription model is one way for these apps to stay afloat. Given the choice, I’d rather pay five bucks per month to continue to use Tweetbot than use the official Twitter app, especially as there isn’t a first-party Mac client.

I bet I’m in the minority, though; I bet this is Twitter’s way of slowly turning the taps off for third-party apps that replicate the consumer Twitter experience. What a pisser.

As an aside, Twitter developer relations has mastered the art of the sleazy redirection:

There’s no streaming connection capability as is used by only 1% of monthly active apps. Also there’s no home timeline data. We have no plans to add that data to Account Activity API or create a new streaming service. However, home timeline data remains accessible via REST API.

The 1% of monthly active apps that make use of streaming could represent hundreds of thousands of users, maybe even millions. Only Twitter knows that for certain, but they’re not sharing it, because it would give away an approximate number of users who reject Twitter’s own apps while still using the platform.

Notifications on Android P vs. iOS 11

Michael Simon, Macworld:

Even before the public beta of version 9.0 landed this week, Android’s system of notifications was far superior to Apple’s. As someone who regularly bounces between the two platforms, I actively ignore the iOS Notification Center, but on Android, I use it regularly to catch up on things I might have missed. The Android notification shade isn’t just for messages and alerts; it’s an information center for your entire digital life.

As it stands, I have far fewer complaints about notifications on Android Oreo than I do on iOS 11, but the system has its kinks and annoyances just like it did on previous Android version, Nougat and Marshmallow. But in Android P, notifications are nearly perfect. Google hasn’t overhauled the notification system in Android P, but it has implemented a series of meaningful tweaks that work to make notifications useful, whether you want to interact with them, control what you see, or just keep them at bay.

And I hope someone on Apple’s iOS team is taking notes.

Making notifications the centre of my phone sounds like my idea of hell, but I certainly hope iOS 12 includes significant refinements to the notification system. It’s messy, it’s astonishingly interruptive, notifications cover app controls and a mis-tap can send you to a completely different app, and there isn’t always something you can do from the notification so you end up having to launch the app anyway. Notifications may necessarily be an interruption, but they shouldn’t be quite so intrusive.

UIs That Amass Memories

I’ve been watching this tremendous Twitter thread started by Marcin Wichary since yesterday:

Fascinated by UIs that accidentally amass memories. One of them is the wi-fi “preferred networks” pane – unexpected reminders of business trips, vacations, accidental detours, once frequented and now closed cafés.

Another? The alarm page and its history of painful negotiations with early mornings. (One of these, I’m sure, was for a lunar eclipse; another for sending a friend in Europe a “good luck” text.)

I like that both of these places require you to coax your memory a bit to remember.

What else like this is out there?

People replying have suggested logs of completed reminders, weather app, and composing a new iMessage to an infrequent contact as more memory-laden UIs. Another two suggestions, from me: open tabs, and web browser history. I have a hard time with remembering to close tabs on Safari for iOS, and there’s an animation bug where, sometimes, opening a new tab will scroll through the entire list, giving me glimpses of articles and websites I opened weeks prior. Also, Safari on the Mac defaults to keeping history items for a year, and trudging through those can be a trip down memory lane — again, articles that I was reading, recipes, job hunting, trying to find a new apartment, and the like are all in there.

I love all of those suggestions, but the one I keep coming back to is WiFi history, especially because it’s collected almost passively. I hadn’t checked my own history in a while and found it absolutely full of memories: the network I set up for my parents in my childhood home, which they’ve since sold; there’s a hotspot for a Gloria Jean’s Coffee location, which I could have connected to in Kuta when I got lost there, or it could have been from another time in Los Angeles. Wonderful.

The Media’s Paywall Obsession Won’t Work for Most

Mike Masnick, Techdirt:

This is an important point, and one we’ve tried to make a few times in the past, highlighting that all of the metrics you hear about concerning audience side are complete bullshit, but everyone in the ecosystem has strong incentives to keep up the charade. At least they do while they’re pitching advertisers. When the actual hard subscription numbers come down, it can be a real wake up call. I’m reminded, of course, of the newspaper Newsday that implemented a paywall with great fanfare… and three months later had a grand total of 35 subscribers. Thirty. Five.

And they were hardly the only one. We’ve written time after time after time after time of paywalls failing for newspapers, and actually doing a lot more overall harm in terms of reducing both audience and influence.

I’ve been thinking about this a lot lately. What follows is not exactly new, but I want to set something up in your mind.

You used to have to pay for the entirety of your local paper if you wanted news in print form, and it worked even if you only read a few stories a day, and you had to flip through loads of big ads to get to the handful of stories you actually cared about. All of this came from one or two sources, largely because you couldn’t live in, like, Lowell, Indiana and get that day’s Los Angeles Times dropped on your doorstep every morning. It didn’t matter that the local paper was comprised of a mix of original and syndicated reporting; it was the only way to get the news.

Now, you can read far more stories in a day and never touch your local paper. And why would you when, through a horrible downward spiral of business choices, it may now be almost entirely Associated Press stories that you can get anywhere? Besides, the big scoops largely go to the New York Times, Washington Post, and Wall Street Journal. Just look at this year’s list of Pulitzer Prize winners in journalism — of the fourteen award categories, fully half were won by the Times, Washington Post, Reuters, and USA Today. Compare the clustered wins of 2018 against the more widely-awarded prizes twenty or thirty years ago.

Many of us will, therefore, only pay a monthly fee towards one or two publications that we find really valuable; and, for most of us, that’s probably a national broadsheet “paper of record” rather than a thin local edition. But the national papers of record can’t realistically cover all local news of relevance across an entire country. Also, I’ve focused on American papers here, but this is a massive problem in Canada as well, and around the world.

Like I mentioned at the top of the preceding paragraphs, I’ve been thinking about this quandary a lot, for reasons of obvious importance — the continued existence of a press covering all levels of government and activities is crucial — but also for selfish concerns: I want to find a way for Pixel Envy to support itself. What ails the news industry also affects, albeit to a far lesser extent, independent blogs and web-only publications. Relatively large websites like the Onion and Gizmodo Media Group are struggling; the Awl shuttered earlier this year. Maybe the web cannot support all of these fantastic sites — that it did at any time was maybe a silly fluke. But I think giving up and treating the web as a place for giants and nobody else would be a mistake and a great shame.

Perhaps new legislation and the reclamation of our privacy online will spur the creation of small, privacy-focused advertiser networks again, akin to the Deck Network or something like the Outline’s ad strategy. Perhaps we need more networks of bloggers, too, allowing readers to subscribe to several related websites at the same time, without creating barriers to readership with paywalls. Maybe there’s a third and fourth source of money beyond readers and advertisers — I’m not sure. But non-giant entities, whether web-only or in print, need a funding solution for the future that isn’t solely reliant upon massive traffic, Facebook referrals, or subscriptions.

The Toronto Star’s Plan to Save Itself

Brett Popplewell, the Walrus:

Shortly after his arrival in 2017, John Boynton, Cruickshank’s replacement as publisher of the newspaper and Torstar CEO, called a town hall in the newsroom. Boynton is a fifty-four-year-old turnaround specialist with no real journalistic experience but a record of success in running Aeroplan and other multi-million-dollar loyalty programs. The job of saving the Star has fallen to him. What he inherited when hired wasn’t just the fate of Torstar’s 3,800 employees but the legacy of the Star’s costliest and most valuable resource: its reporting.

According to sources, Boynton, standing near the empty desks of the men and women who’d been hired and then fired as a result of Star Touch, looked at what was left of his staff and said: “We can’t be a department store anymore.” The Star needed to transform into a publication less concerned with being everything for everyone on the streets of Toronto. It needed instead to do what tech companies like Facebook and Google were doing — study its readership algorithmically, learn what readers want, and stop feeding them what they don’t.

“We’re going to kill some sacred cows,” he said. The words alarmed many. Someone asked what the Star would consider a sacred cow. “We need the data,” Boynton replied. The response didn’t ease any concerns. In the old model, every reader counted. Soon, only those whom data science indicates have a propensity to pay may end up mattering to the Star — and any other newspaper still standing after the next presidential election. The trend won’t just redefine the value of certain journalists but the value of certain types of journalism as well.

No matter how much I want the Star to succeed and cannot imagine the pressures it faces, along with almost every other newspaper, this sort of thinking worries me. The present U.S. administration has probably caused subscriptions to the Washington Post and New York Times to shoot higher, but that’s not because we want to read more hard news; we like spectacle, and we’re getting that in spades. We also need news coverage with less intrigue, but still carries great importance, and that remains a hard sell.

Last year, I read “Saving the Media” by Julia Cagé, and its proposal fascinated me. Cagé proposes a new way for media organizations to be recognized in a business sense, which, she says, would give greater control over a newspaper’s editorial direction to its staff, and more diversified funding sources without editorial influence. I don’t know how scalable this business model is for, say, a local-only paper to something more like the Star, but it’s a proposal worth considering. Try to find the book at your local library or independent bookshop.

GDPR and the Adtech Bubble

In just two weeks, the E.U. can begin fining GDPR violators. This is a must-read essay by Doc Searls, touching on the law itself, consent, and adtech. There’s a lot in this piece that is quotable and brilliant, but I think this is a truly critical paragraph:

And that’s on top of the main problem: tracking people without their knowledge, approval or a court order is just flat-out wrong. The fact that it can be done is no excuse. Nor is the monstrous sum of money made by it.

In addition to GDPR, Apple’s anti-tracking feature in iOS 11 and MacOS High Sierra has also, apparently, caused great concern amongst adtech companies that rely upon users’ implied consent, as most browsers’ default preferences permit the setting of third-party cookies. In cases where they don’t — for example, in Safari — adtech companies actively try to subvert your preferences. For example, Criteo:

Criteo may use non-cookie technologies in limited cases where the by-default settings of your browser aim to prevent the use of cookies for cross-site personalization and only if you have unambiguously accepted our services after being asked to do so (and offered the possibility to refuse subsequently).

A reminder that Criteo’s idea of unambiguous consent has long been represented by a banner across the bottom of the screen that indicates that any further clicks on the webpage will be construed as consent, and that you can opt out in the future if you read the banner in full and managed to remember the name of the third-party company that is now tracking you across the site.

It’s obvious — but no less revealing about their suspension of morality — how adtech companies will take full advantage of browser defaults to imply consent, but will actively fight against browser defaults through nefarious behaviours when it impacts their business.

Searls’ next paragraph is key, too:

Without adtech, the EU’s GDPR (General Data Protection Regulation) would never have happened. But the GDPR did happen, and as a result websites all over the world are suddenly posting notices about their changed privacy policies, use of cookies, and opt-in choices for “relevant” or “interest-based” (translation: tracking-based) advertising. Email lists are doing the same kinds of things.

Understanding that the GDPR is the direct result of widespread bad behaviours is truly critical. I don’t think this will eliminate bad actors, but it will provide a framework for adequate consequences. If a company cannot bear the legal blowback from a failure of responsibility to adequately protect users’ information, they should not be collecting it in the first place.

Google Duplex and AI Ethics

Natasha Lomas, TechCrunch:

Yet Pichai said Google had been working on the Duplex technology for “many years”, and went so far as to claim the AI can “understand the nuances of conversation” — albeit still evidently in very narrow scenarios, such as booking an appointment or reserving a table or asking a business for its opening hours on a specific date.

“It brings together all our investments over the years in natural language understanding, deep learning, text to speech,” he said.

What was yawningly absent from that list, and seemingly also lacking from the design of the tricksy Duplex experiment, was any sense that Google has a deep and nuanced appreciation of the ethical concerns at play around AI technologies that are powerful and capable enough of passing off as human — thereby playing lots of real people in the process.

Zeynep Tufekci:

Google Assistant making calls pretending to be human not only without disclosing that it’s a bot, but adding “ummm” and “aaah” to deceive the human on the other end with the room cheering it… horrifying. Silicon Valley is ethically lost, rudderless and has not learned a thing.

Instead of worrying about humanoid robots becoming self-aware and destroying us all, I think it’s more satisfying and intellectually stimulating — and, of course, more practical — to ask questions about the ethics of the pseudo-automated systems we’re so quick to applaud.

See Also:Who Will Command the Robot Armies?” by Maciej Cegłowski.

Despite Announcing Otherwise, Google’s Revised Privacy Policy Still Permits It to Mine Users’ Gmail Accounts for Advertising

Paris Martineau, the Outline:

Though Google announced that it would stop using consumer Gmail content for ad personalization last July, the language permitting it to do so is still included in its current privacy policy, and it without a doubt still scans users emails for other purposes. Aaron Stein, a Google spokesperson, told NBC that Google also automatically extracts keyword data from users’ Gmail accounts, which is then fed into machine learning programs and other products within the Google family. Stein told NBC that Google also “may analyze [email] content to customize search results, better detect spam and malware,” a practice the company first announced back in 2012.

It’s bothersome that Google was scooping up users’ emails for ad targeting purposes in the first place, then said that they would stop doing it — after way too long — and has now given itself permission to keep doing so if they want to. But it isn’t going to make a difference: the popularity of Gmail and, more broadly, how deeply we’ve allowed surveillance capitalism to become embedded in the way we live and work on the web.

Apple Cracking Down on Applications That Send Location Data to Third-Parties

Chance Miller, 9to5Mac:

In the instances we’ve seen, the apps in question don’t do enough to inform users about what happens with their data. In addition to simply asking for permission, Apple appears to want developers to explain what the data is used for and how it is shared. Furthermore, the company is cracking down on instances where the data is used for purposes unrelated to improving the user experience:

You may not use or transmit someone’s personal data without first obtaining their permission and providing access to information about how and where the data will be used.

Data collected from apps may not be used or shared with third parties for purposes unrelated to improving the user experience or software/hardware performance connected to the app’s functionality.

Good — there’s almost no circumstance in which a third-party has any business in receiving location data when it isn’t connected with what the app actually does. But this is also the kind of thing I wish App Review was better at catching in the first place. Apps that request permission for location data, or access to contacts, or access to the photo library — in particular — ought to be subject to a degree of scrutiny that would prevent malicious uses of this functionality from appearing in the App Store in the first place. I’m not saying that they don’t catch this behaviour; rather, that there shouldn’t be enough apps in the store abusing location permissions to warrant a “crackdown”.

Securus Software Can Track Location of Cellphone in U.S. With Little Oversight

Jennifer Valentino-DeVries, New York Times:

Securus offers the location-finding service as an additional feature for law enforcement and corrections officials, part of an effort to entice customers in a lucrative but competitive industry. In promotional packets, the company, one of the largest prison phone providers in the country, recounts several instances in which the service was used.

In one, a woman sentenced to drug rehab left the center but was eventually located by an official using the service. Other examples include an official who found a missing Alzheimer’s patient and detectives who used “precise location information positioning” to get “within 42 feet of the suspect’s location” in a murder case.

Asked about Securus’s vetting of surveillance requests, a company spokesman said that it required customers to upload a legal document, such as a warrant or affidavit, and certify that the activity was authorized.

“Securus is neither a judge nor a district attorney, and the responsibility of ensuring the legal adequacy of supporting documentation lies with our law enforcement customers and their counsel,” the spokesman said in a statement. Securus offers services only to law enforcement and corrections facilities, and not all officials at a given location have access to the system, the spokesman said.

To be clear, all that this software requires is for users to type in a phone number, upload a supporting document, and check a box certifying that it’s a legal request. The location of the phone attached to that number will then be revealed; there appears to be no intermediary step of verifying that the location search is legally justified. No wonder this news story is about the abuse of such a flawed system.

Tesla Adds Fremont Factory to Its Line of Credit Collateral

Alexandra Scaggs, Financial Times:

While observers were preoccupied with its CEO’s personal life, Tesla disclosed it has added its Fremont, Calif. factory to a pool of collateral backing its US asset-based revolving credit line from nine banks.

CreditSights analysts called attention to the addition of the Fremont factory — a 5.3m-square-foot facility that was previously home to a famous joint venture between GM and Toyota — in a Tuesday note. The electric carmaker also said vehicles in or on their way to Belgium could be included in the base of collateral for its Dutch borrowings.

About six months ago, the Economist wrote about the rarity of future success for firms with billion-dollar debts. Watch this space.