August 27, 2015
Last year, Apple held their September media event at the Flint Center. The previous time Apple used the Flint Center, they unveiled the Macintosh. This year, they’re using the Bill Graham Civic Auditorium, which they previously used to introduce the Apple II. Interesting, though probably entirely devoid of subtext.
Daisuke Wakabayashi in a post for the Wall Street Journal’s Bits blog titled “Glimmers Emerge on Apple Watch Sales, and They’re Not Pretty”, July 31:
Mark Li, an analyst at Bernstein Research, said an ASE subsidiary told investors on a conference call that it didn’t reach its “break-even volume” of two million units per month in the second quarter. The ASE unit also said it didn’t expect to reach that level during the third quarter – a busy production period before the holiday sales season – and wouldn’t commit to reaching it during the fourth quarter either, according to Mr. Li.
“The shortfall of Apple Watch is a disappointment,” Mr. Li wrote in a note to clients. “We came in with a low expectation but below break-even still surprised us.” […]
ASE’s numbers suggest that the watch is not selling nearly as well as some analysts expected.
Daisuke Wakabayashi in a post today:
Apple Inc. sold more watches in their first quarter of availability than it did iPads or iPhones. So why are people eager to call it a bust?
I don’t know why, but it should be pointed out that Wakabayashi is in control of that. He can choose to not drive the narrative that it isn’t selling very well. But he won’t, just like he blamed “the story line” for his series of articles that drove the narrative of Samsung dominating Apple, only to have to recant on that narrative shortly thereafter.
Square format has been and always will be part of who we are. That said, the visual story you’re trying to tell should always come first, and we want to make it simple and fun for you to share moments just the way you want to. It turns out that nearly one in five photos or videos people post aren’t in the square format, and we know that it hasn’t been easy to share this type of content on Instagram: friends get cut out of group shots, the subject of your video feels cramped and you can’t capture the Golden Gate Bridge from end to end. Now, when choosing a photo or video, you can tap the format icon to adjust the orientation to portrait or landscape instead of square.
As Neven Mrgan points out, this isn’t really a response to the way people use Instagram. If anything, it seems tailored for advertisers.
This sort of capitulation feels weak. I’m aware that I sound like an old man here, but the implied square format created a unique limitation for users to work within. If anything, I think Instagram should auto-detect DSLRs and other standalone cameras and block their photos.
Tristan Emrich writes on Google’s ad developer blog:
To ensure ads continue to serve on iOS9 devices for developers transitioning to HTTPS, the recommended short term fix is to add an exception that allows HTTP requests to succeed and non-secure content to load successfully.
Publishers can add an exception to their Info.plist to allow any insecure connection.
So in a year where malware-laden ads are becoming increasingly frequent, Google’s response is not to convert their ad network to HTTPS, but rather to tell developers to reduce the security of their apps. Google has had years to make changes on their end, so this is both dangerous and outdated advice.
Greg Bensinger, Wall Street Journal:
In recent weeks Amazon has dismissed dozens of engineers who worked on its Fire phone at Lab126, its secretive hardware-development center in Silicon Valley, according to people familiar with the matter.
The layoffs were the first in the division’s 11-year history, these people said. But the precise toll on its roughly 3,000-person staff couldn’t be learned, in part because Amazon typically requires employees to sign a nondisclosure agreement in exchange for severance payments.
The company also has scaled back or halted some of Lab126’s more ambitious projects—including a large-screen tablet—and reorganized the division, combining two hardware units there into one, people familiar with the matter said.
Any job loss is awful, and I hope these displaced workers find new employment soon. But the Fire Phone does demonstrate that Amazon’s internal culture doesn’t always produce results. Amazon is not always making the best products or services, despite the mistreatment of their staff.
August 26, 2015
You get in-flight WiFi. Sam Grobart, Bloomberg:
Since pioneering the in-flight Internet business, Gogo has dominated, commanding about 80 percent of the market. And as often happens with near monopolies, Gogo has become a name people love to hate. “So, Gogo is officially a joke at this point, right?” is the title of a well-commented-on thread on the road warrior site FlyerTalk. “They’ve got a monopoly, and they just don’t care,” says pharmaceutical executive and frequent flyer Keith Lockwood.
I’m not sure if you’ve seen the Bill Graham on Google Street View, but it’s enormous. The Yerba Buena Theatre, where Apple frequently hosts press events for iPhone and iPad launches, has a seating capacity of about 750. Apple’s own auditorium, where the “S” variants of iPhones have usually been announced, has a seating capacity of about 300, while the Flint Center, where Apple launched the iPhones 6 and the Watch, holds over 2,000.
The Bill Graham can seat 6,000 or more, depending on configuration.
Don’t read too much into this yet. The venue is just a rumour right now, though the secretive quality of the building permits and
MacRumors’ Hoodlines’ source lend credence to this being Apple’s next venue. If it is, that’s a lot of space to fill. The rumours and pattern right now would suggest the launch of the iPhones 6S, a new Apple TV, iOS 9, and watchOS 2. There’s nothing on that list that screams that it needs nearly three times the seating capacity of last year’s event. What am I missing here?
Update: I’ve seen some chatter suggesting that Apple doesn’t necessarily need to fill all 6,000 seats, which is true enough. The balconies, for example, don’t need to be occupied, which could be as much as 2,000—3,000 seats. But that still leaves a venue much larger than any others they’ve used before. And anyone who’s ever been to an arena-sized rock show in time for the opening band knows that a half-filled venue sucks the vibe right out of the crowd.
Less time spent in the browser — proportionately, of course — likely means far more time is spent in apps, which explains the race to the bottom in app pricing: the web is, after all, mostly free. Is the increasing amount of time spent in apps primarily the cause or the effect of the decreasing price of apps, though?
Julia Cheiffetz concludes a heartbreaking story of navigating combined medical and parental leave, and the complexities of dealing with medical insurance, thus:
Jeff: You asked for direct feedback. Women power your retail engine. They buy diapers. They buy books. They buy socks for their husbands on Prime. On behalf of all the people who want to speak up but can’t: Please, make Amazon a more hospitable place for women and parents.
As Gabe Weatherhrad said, even the fact that Bezos sent a company-wide email on a weekend sets the tone for the kind of working culture Amazon expects. They have a lot of changes to make.
August 25, 2015
Vlad Savov, the Verge:
With the iPhone 4, the joke was “You’re holding it wrong.” With the Note 5, it’s apparently “You’re sliding it in wrong.” Either way, it’s not very funny.
Except with the iPhone, it was a temporary signal drop in weak signal areas. With the Note 5, it’s a full hardware failure that requires replacement.
Phil Wahba, Fortune:
The largest U.S. electronics retailer reported a rise in domestic comparable sales of 3.8% for the second quarter, well ahead of Wall Street’s expectations, and posted a better than expected profit. While Best Buy has helped its cause by cutting costs and adding floor space to growing categories like smart homes, home theaters, and shops-within-a-shop for top brands, it has also been getting a lot of help from Apple and its roster of red-hot products.
“Demand for Apple Watch has been so strong in the stores and online,” Best Buy CEO Hubert Joly told Wall Street analysts on a conference call. The retailer expects to be selling the device, which hit the market in June, at all of its 1,050 big-box stores by the end of September, he added. Initially, Best Buy had planned to have watches in 300 stores by the holiday season. (It started selling the watches in early August.)
Must be unprecedented for a “flopped” product to be so resoundingly successful.
Interesting report from Mark Bergen at Recode:
Google teased [Now on Tap] with some fanfare in May, at its I/O developer conference, as a breakthrough iteration of Google Now, its personal assistant and one of the twin bedrocks for CEO Larry Page when he returned as executive in 2011.
What went unannounced was that most of the original team that built Now had departed, many of them just before I/O, according to multiple sources. Some had grown frustrated that the product, born within Android, was shuttered into search inside of Google, they said. And Sundar Pichai, Google’s SVP and incoming CEO, did not prioritize the product as much as Page.
Google could be increasing the priority of Now and they feel as though making it a core component of their search product is the best way to do that. But the article by Bergen paints a picture of a frankly brilliant product being eroded to fit within the confines of Google’s core business model. This is particularly intriguing as Apple is weeks away from unleashing their take on predictive search with iOS 9’s Proactive. As Apple increases their focus on predictive search, Google appears to be reducing theirs somewhat. Peculiar.
This report-cum-content-marketing comes from Cyphort, an enterprise-level anti-malware software company, so take it with the appropriate level of skepticism. But if 0.4% of the sites you visited now serve malware-laced ads, as is claimed by the report, that’s one in every 2,500 domains. You probably visit more websites than that every week, perhaps even more frequently, given the amount of iframes and other embedded content on typical web pages today. The nature of web ads has truly changed in the past five years or so, and with every report like this, content blockers are increasingly appealing.
August 24, 2015
Johana Bhuiyan reports for Buzzfeed:
Uber CEO Travis Kalanick often talks about his dream of the perfect Uber trip. “It’s the perpetual trip, the trip that never ends,” he said at the Digital-Life-Design conference in Europe last October. “The driver picks one passenger up, picks another passenger up, drops off the first passenger, but then picks up passenger number three and drops off passenger number two.”
What would be even better is if the driver could use a really big car to hold more than a handful of people. That kind of scale could allow Kalanick to set a flat rate so it becomes affordable to lower income passengers, who perhaps need to live outside of the city centre and use it for their work commute. And perhaps this would become such a valuable piece of infrastructure that he could sell it to municipalities who could then subsidize the cost to users through taxes.
What I’m getting at is that Kalanick’s perfect Uber is a bus.
Update: Via Ben Sargent, the songthaew is fairly similar as well:
Songthaews are used both within towns and cities and for longer routes between towns and villages. Those within towns are converted from pick-up trucks and usually travel fixed routes for a set fare, but in some cases (as in Chiang Mai) they are used as shared taxis for passengers traveling in roughly the same direction.
Twitter attempted to justify this decision:
“The ability to delete one’s Tweets – for whatever reason – has been a long-standing feature of Twitter for all users. We built into our Developer Policy provisions a requirement that those accessing our APIs delete content that Twitter reports as deleted or expired,” a spokesman for the company said.
“From time to time, we come upon apps or solutions that violate that policy. Recently, we identified several services that used the feature we built to allow for the deletion of tweets to instead archive and highlight them. We subsequently informed these services of their noncompliance and suspended their access to our APIs.
How does this square with the numerous public records laws around the world?
You know that scene out of the beginning of GoldenEye, where James Bond drives a motorcycle off the edge of a cliff1 to chase after a plane that’s in a dangerous dive? Here, it’s Tim Cook instead of James Bond, an email instead of a motorcycle, and Apple’s stock instead of a plane. Tim Bradshaw, Financial Times:
After the company’s stock started the week 10 per cent down following a “Black Monday” for Chinese equities, Apple’s chief executive insisted in a rare intervention that consumer demand in Apple’s most important growth market remained “strong”.
The world’s most valuable company clawed back $78bn in market capitalisation it had lost earlier in the day.
Apple’s stock works with bigger numbers than anyone else’s. Therefore, even a tiny blip in their share price can wipe billions of dollars in value from the company. A much larger drop, like today’s, wipes a lot more, and erodes investor confidence. This, by the way, is probably the dumbest time for that to happen, as we’re headed into Apple’s new product season through September and October.
Update: Yeah, I thought the SEC might have a problem with this email.
In a nut, if you can hand your Markdown file in its plain text format to someone who’s never read it before, and that person can read the file without difficulty, it’s good Markdown. I disagree with one of the things Brett Terpstra advises:
Markdown allows either inline (
[text](url)) or reference format links. Either will work anywhere, and my personal preference is usually determined by the length of the document. Short documents get inline links. Longer ones get blocks of reference links. The readability is the determining factor.
I’ve switched to reference format links permanently; I think inline links are unreadable in almost every circumstance. Even using numerical reference links (
[link text here]) is preferential to inline links, because
[link text here](http://brettterpstra.com/2015/08/24/write-better-markdown/) really breaks this paragraph up, doesn’t it?
August 23, 2015
Something to keep in mind now that we have the opportunity to look up the potential philandering activities of anyone whose email addresses are known to us.
August 22, 2015
I’ve tried about half of the apps on this list and, while they’re good representations of what a Watch app should be in theory, the speed limitations imposed by watchOS 1 really hamper the “quick use” concept. That is, it’s rather difficult for developers to produce apps that feel like information that can be digested in a few seconds when it takes twenty or thirty seconds for the app to load. Some semblance of relief should arrive with apps optimized for watchOS 2, because they’ll be able to run logic on the watch itself instead of on the connected iPhone. I’m curious to see how much of a difference it makes to the way I use my watch.
What started off as a one page experiment has since evolved into a full product I’ve worked non-stop on over the past 60 days. I thought it would be a good idea to revisit my original post with Crystal, to show how different the mobile web will be with content blockers. […]
On average, pages loaded 74% faster with Crystal and used 53% less bandwidth. Just by having Crystal installed, I saved a total of 70 seconds and 35MB of data on these 10 pages.
I’ve been testing Crystal for a few days now and it’s almost like getting a faster phone and web connection with a single app installation; I imagine this will be a similar reaction to most content blockers. It’s kind of remarkable what a difference is made just by blocking the kinds of scripts that track you across the web. Since new versions of iOS typically have a high adoption rate, I think this will be a real headache for the targeted ad industry. It will likely pressure them into making changes to their business model, or getting sneakier with how they embed these scripts.
Update: Everything about content blockers being baked into iOS must be unnerving for web publications that are dependent on really crappy ad exchanges. I think it’s lazy to blame non-paying readers for this situation. While it’s true that this has given rise to websites that fill pages with CPM ads, nobody said that they had to be targeted, or that these scripts had to become increasingly more sophisticated (and, as a result, more resource-intensive). Nobody said that web publications needed to stuff a dozen analytics scripts into every page either.
Let’s be optimistic here and consider the possibility that ad and analytics scripts will improve. They’ll have a smaller resource footprint, and publications will use fewer of them. Will readers notice? I don’t think it’s likely. Plenty of people will discover and install content blockers, notice the improved browsing experience, and slowly forget that they’re installed. What then? Are they supposed to occasionally disable their content blockers to see if scripts are still awful? Once bitten…
August 21, 2015
It is astonishing how close Apple is to failure, year after year, after year. They are truly on the precipice of near-certain death, aside from their comically large mountain of cash, record-breaking quarters, and year-over-year marketplace growth.
Spotify CEO Daniel Ek responds to yesterday’s Spotify brouhaha:
August 20, 2015
Kirk McElhearn, for Macworld:
I get a lot of packages. I buy hardware, books, CDs, and other items, and I get hardware to review from a variety of companies. Most of the packages I get are enigmatic: I never know where to start opening them, which corner to try and pull off to start the unboxing process. Some have ugly colors and look functional but not attractive, while others try too hard to stand out.
From the first moment you open an Apple box — even its outer protective shipping box, if you’ve ordered it online — the process is effortless.
Apple is the only company I know of that has packaging that’s so often saved by customers. I don’t think it’s some kind of fan nuttiness or hoarding; it’s just nicer.
Ricardo Bilton, Digiday:
Amazon said this week that starting in September, it will no longer accept Flash ads on Amazon.com or on Amazon Advertising Platform, which lets advertisers target Amazon Shoppers on Amazon’s sites and across the Web.
Good news from Amazon. Here’s where Bilton loses me:
Amazon said the move is a reaction to the recent anti-Flash tweaks from browser makers, which have taken aim at the software over the past few months. Chrome, which commands nearly 45 percent of the browser market, was recently fitted with a feature that automatically pauses non-essential Flash content, which essentially means ads. Apple, the most vocal of Flash critics, doesn’t let [Flash] content run on the iPhone and iPad, and also forces Safari users to download plugins before they can view Flash content. And Firefox maker Mozilla temporarily blocked Flash content in Firefox after a security scare in June.
What is it about Apple’s stance on Flash that confounds so many journalists? Bilton makes it seem as though Adobe created a version of Flash that worked great on iOS devices and all they needed was approval from Apple, but that’s not the case. Adobe never created a version of Flash that worked really well on any mobile device. Their earliest demonstration of Flash on mobile, in 2010, was embarrassing, to say the least. A year and a half later, Adobe killed Flash on mobile, having never achieving a really workable version of it.
As far as requiring Safari users to download “plugins”, Bilton is referring to the Flash plugin being necessary to play Flash content. It’s necessary in every browser; only Chrome bundles the plugin by default, a decision that has been criticized for its inherent security risk.
August 19, 2015
“Excellent thinking,” raves Jeff Bezos.
The word above describes both what happened today with all the data — 10 GB of compressed text — that was stolen last month from Ashley Madison, and what will likely be happening to the millions of users of the site today.
I don’t mean to be glib about it: this is serious. Ashley Madison is a website that encourages an often-deplorable activity,1 but that doesn’t make this intrusion any less criminal. Unlike with credit card data breaches, which are largely inconvenient but manageable, the fallout is going to affect millions of lives immediately.
Dan Goodin, Ars Technica:
Researchers are still poring over the unusually large dump, but already they say it includes user names, first and last names, and hashed passwords for 33 million accounts, partial credit card data, street names, and phone numbers for huge numbers of users, records documenting 9.6 million transactions, and 36 million e-mail addresses. While much of the data is sure to correspond to anonymous burner accounts, it’s a likely bet many of them belong to real people who visited the site for clandestine encounters. For what it’s worth, more than 15,000 of the e-mail addresses are hosted by US government and military servers using the .gov and .mil top-level domains.
The leak also includes PayPal accounts used by Ashley Madison executives, Windows domain credentials for employees, and a large number of proprietary internal documents. Also found: huge numbers of internal documents, memos, org charts, contracts, sales techniques, and more.
Brian Krebs is convinced this is legitimate.
One of those sales techniques Goodin alludes to is a full user profile wipe, available for $20. As noted by Joseph Bernstein at Buzzfeed, the company estimated that they generated $1.7 million in revenue from this in 2014.
Robert Graham notes that Ashley Madison took security reasonably seriously:
They tokenized credit card transactions and didn’t store full credit card numbers. They hashed passwords correctly with bcrypt. They stored email addresses and passwords in separate tables, to make grabbing them (slightly) harder. Thus, this hasn’t become a massive breach of passwords and credit-card numbers that other large breaches have lead to. They deserve praise for this.
There’s plenty to read on this if you’re interested; I wanted to highlight the articles I found most intriguing. Like other breaches, there are some tools online where you can check if your (or others’) information was compromised. But don’t ask questions that you don’t want answered, at least not in this way. 36 million accounts represents a lot of potential cheaters. Reading through the revelations of a few people who did find out about their significant others’ infidelity in this manner is heartbreaking. Cheating is never okay, but I know that I wouldn’t want to find out about the infidelity of anyone I know like this.
August 18, 2015
Ben Brooks wants to save you money and make you a better photographer at the same time:
A great photo isn’t made by the camera.
The reason you love photography on your iPhone so very much is because Apple has made it damned easy to get a pretty solid picture each time. And the reason that you loathe picking up that dSLR is because Canon has done a lot to give you full control of everything.
Well said. This isn’t coming from a place of elitism; cheap SLRs are just generally crappier than non-SLR cameras in the same price bracket, and they’re far harder to use.
But there’s a fair counter to Brooks’ argument if you want to take way better pictures and you have a little bit of money to experiment. Does that sound like you? Try picking up something like a Sony NEX model (affiliate link — you never know). It has interchangeable lenses, like an SLR, but it does a lot of background processing, like a smartphone. It does have a bajillion modes that are part of a learning curve, but you can stick it in full manual and experiment with all of the settings at will. Or you can leave it in one of the automatic modes and get some pretty great pictures as long as you’re pointing it in the general direction of what you want to capture.
Just remember Brooks’ sage advice: “a great photo isn’t made by the camera.” It’s a tool, and it’s only as good as its operator.
Looks like you’ll have to wait a little while longer to get driver incompatibility errors on your smartphone. Damn.
Serious question: would non-nerds like to assemble their own smartphone?
I was not expecting to write about new $200 WiFi router from Google today, but here I am. Out of the box, it uses Google’s DNS servers or your ISP’s — Google’s is often way faster — and collects some data, which you can opt out of. That’s giving some people a mild case of the heebie-jeebies, but if you read through the list of items they’re collecting data on, it’s all very reasonable and typical; there’s nothing nefarious going on.
Like Apple’s AirPort devices, the OnHub is controlled via an app on your phone, and it looks really good. It’s probably my favourite feature of the AirPort — well, that, and its lifespan — and I’m happy to see the same approach with the OnHub.
But, if I didn’t own an AirPort, would I buy one? Probably not. My ISP’s router comes with all the WiFi trimmings built in, as do the routers of most people I know. (I use my AirPort Extreme so I can connect a hard drive and not deal with the crappy built-in software.) Are non-enterprise WiFi routers really a big market? The OnHub probably has an advantage over the AirPort, insomuch as the latter — amongst some people I know — has the unfortunate reputation of being proprietary. It isn’t, but that’s the kind of rep Apple’s products sometimes get; Google’s products are not seen in a similar way.
The above paragraph really only makes sense if the OnHub is viewed as a WiFi router, though. That’s not really what it is: as Google alludes to in the second part of the name, it’s a hub. It’s probably going to be doing a lot more very soon. Still doesn’t answer the question of whether anyone will buy one, but it would be a lot more compelling argument if it wasn’t just a WiFi router.
August 17, 2015
Manton Reece (via Michael Tsai):
There is one thing, though. There is one change that was made while rolling out the version 1.1 Twitter API: they removed support for unauthenticated RSS feeds of user tweets or timelines. If they reversed that one decision, the next day I would be back on Twitter.
Here’s a neat little story: I was at the Stedelijk in Amsterdam a couple of months after the “Touch and Tweet” exhibition opened, featuring a work that I assumed would be rather interesting. It was connected to Twitter’s RSS feed, though, and hadn’t been upgraded to API 1.1 by the time I saw it. It’s the same story with the first incarnation of my piece “Confessional”. I don’t understand why Twitter disabled unauthenticated RSS feeds; it was an immensely liberating way to interpret recent tweets.
Jeff Bezos rebutted last week’s horrific assertions in the New York Times in a statement to employees, which was reprinted, in full, by the Times today:
The NYT article prominently features anecdotes describing shockingly callous management practices, including people being treated without empathy while enduring family tragedies and serious health problems. The article doesn’t describe the Amazon I know or the caring Amazonians I work with every day. But if you know of any stories like those reported, I want you to escalate to HR. You can also email me directly at firstname.lastname@example.org. Even if it’s rare or isolated, our tolerance for any such lack of empathy needs to be zero.
I strongly believe that anyone working in a company that really is like the one described in the NYT would be crazy to stay. I know I would leave such a company.
That’s a clear denial of the broad strokes of the article. I have no doubt that Bezos hasn’t seen this kind of behaviour amongst his employees, because a CEO has a lot to deal with — that’s one reason why managers exist. (The other reason, of course, is to suggest that nine women can deliver a baby in one month.)
But then there was a supporting story published today in Vice, for example, by an anonymous former employee:
My experience had not been as bad as those quoted in the piece, but every story rang true. The kicker of the feature comes from Amazon’s own recruiting video: “You either fit here or you don’t. You love it or you don’t. There is no middle ground.” This is the perfect embodiment of Amazon’s corporate culture: If you don’t like it, you are the problem.
Yet, from the same author:
Weirdly, I did like it. Despite the strangeness of the company’s bathroom culture, my experience at Amazon had been a positive one. I’d succeeded in my roles, been promoted once, given multiple raises, and worked on projects that I’ve been proud of. I left the company on good terms for an even better opportunity.
And then Mehal Shah chimed in on LinkedIn:
I’ve never personally seen people cry at their desk, but I have seen people hit the beer fridge at 11AM after a bad meeting, or slam the door of a small conference room shut for some desperately needed alone time. The image of Amazon as a high stress environment that is proud to be a high stress environment is, in my opinion, largely true.
Let’s be overly skeptical and assume that a full half of the Times article is exaggerated, out of context, or otherwise stretching the truth. That leaves an awful lot of frankly terrible stories that are fully attributed, indicative of a workplace that prides itself on inducing Stockholm syndrome in its employees.
I’ve heard a shocking number of people defend the company’s practices saying, broadly, “if you don’t like it, quit, or don’t work there”. That’s a load of crap. There are employment standards for a reason, and a lot of people can’t just jump ship. To suggest that the situations and stories in the Times piece are anything other than unacceptable is asinine.
On that note, I’ve updated my 2015 tech company diversity survey to include Amazon.
Brendan James of the International Business Times surveyed major “new media” newsrooms and compared them against “old” media outlets, like the Washington Post. In some cases, like with Buzzfeed, the results are actually not bad:
Of the news outlets IBTimes spoke with, BuzzFeed is the only one that makes its diversity figures public: Its report last year, written by Editor-in-Chief Ben Smith, showed that among 185 editorial employees, 72.7 percent were white, 7.1 percent Asian, 6.0 percent black, 9.8 percent Latino and 3.8 percent were of mixed race. Women outnumbered men, 52.52 percent to 47.8 percent.
A little over 27% non-whiteness isn’t terrible, though not the best; the male/female ratio, however, allows for perspectives and voices that aren’t heard at other publications.
Then there’s this:
When asked for internal exact numbers from Henry Blodget’s sprawling content factory Business Insider, Managing Editor Jess Lieberman did not address the question and instead gave a terse statement.
“Thanks for asking. Business Insider has a highly diverse editorial team,” Lieberman replied to an initial email. To a follow up question asking again for the numbers, she responded: “That’s our statement.”
August 16, 2015
Jodi Kantor and David Streitfeld, in a blistering report for the New York Times on the employment conditions at Amazon. Not in the warehouses, mind you — in the corporate offices:
At Amazon, workers are encouraged to tear apart one another’s ideas in meetings, toil long and late (emails arrive past midnight, followed by text messages asking why they were not answered), and held to standards that the company boasts are “unreasonably high.” The internal phone directory instructs colleagues on how to send secret feedback to one another’s bosses. Employees say it is frequently used to sabotage others. (The tool offers sample texts, including this: “I felt concerned about his inflexibility and openly complaining about minor tasks.”)
Any good product or decision requires plenty of discussion, which can sometimes turn heated. That’s okay. But I firmly believe that disagreements on business strategy or the resiliency of new ideas should come from a place of fully comprehending the original position and empathizing with it. Amazon’s corporate culture seems to thrive on and encourage destructive criticism:
Of all of [Jeff Bezos’] management notions, perhaps the most distinctive is his belief that harmony is often overvalued in the workplace — that it can stifle honest critique and encourage polite praise for flawed ideas. Instead, Amazonians are instructed to “disagree and commit” (No. 13) — to rip into colleagues’ ideas, with feedback that can be blunt to the point of painful, before lining up behind a decision.
It’s extraordinarily infantile to think that the choice is between couched praise and destroying ideas. As I said above, there’s no reason that a pinch of empathy cannot breed better thought and more productive discussions.
The other components of that opening paragraph are worrisome, too. Privately snitching on colleagues is childish, and there’s an employee ranking system in place that’s awfully similar to Microsoft’s stack ranking system. But perhaps most shocking is the erosion of a balance between work and life. Here’s another excerpt:
Some veterans interviewed said they were protected from pressures by nurturing bosses or worked in relatively slow divisions. But many others said the culture stoked their willingness to erode work-life boundaries, castigate themselves for shortcomings (being “vocally self-critical” is included in the description of the leadership principles) and try to impress a company that can often feel like an insatiable taskmaster. Even many Amazonians who have worked on Wall Street and at start-ups say the workloads at the new South Lake Union campus can be extreme: marathon conference calls on Easter Sunday and Thanksgiving, criticism from bosses for spotty Internet access on vacation, and hours spent working at home most nights or weekends.
Motherhood can also be a liability. Michelle Williamson, a 41-year-old parent of three who helped build Amazon’s restaurant supply business, said her boss, Shahrul Ladue, had told her that raising children would most likely prevent her from success at a higher level because of the long hours required.
There’s nothing heroic about this; nobody’s job performance or their level of satisfaction should be tied to their amount of overtime hours. And making veiled threats about motherhood affecting promotional considerations is both outrageous and sexist.
The scariest thing about this article is the number of responses I’ve seen that say something along the lines of “it’s not just Amazon; you’ll probably hear similar stories from employees at other companies”. That’s depressing. A culture of nonstop work is not healthy. It is not something that we should strive for, nor is it something we should celebrate. We need time to dedicate to ourselves, and those we love and care for. Granted, I’m not in charge of a multibillion-dollar company, nor am an employee at one, but I do not think history will be kind to the dedication some employers today expect out of their employees.
Update: Tim Bray says he’s never seen anything like his since he started working at Amazon.
August 15, 2015
T-A-P-P-I-N-G. At least, according to Julia Angwin, et. al. in a ProPublica–New York Times joint report:
While it has been long known that American telecommunications companies worked closely with the spy agency, newly disclosed NSA documents show that the relationship with AT&T has been considered unique and especially productive. One document described it as “highly collaborative,” while another lauded the company’s “extreme willingness to help.”
One document reminds NSA officials to be polite when visiting AT&T facilities, noting: “This is a partnership, not a contractual relationship.”
August 14, 2015
Paul Kafasis (via Michael Tsai):
$353 is rather pricey for a one-way flight. Let’s check some other options. Philadelphia is about 30 minutes farther than Newark from central Jersey, and presumably you’re not a defenseless robot, so you should be safe there for a few minutes. Set Philadelphia as your destination instead, and hey, why not turn on the “Search Nearby Airports” checkbox?
Hey, now there’s a better deal. You can get home for just $149! But hang on a sec. A close look shows that rather than Philadelphia International Airport (PHL), this flight winds up at “ZFV”, which is labeled as a “rail station”. How exactly is a plane going to land there?
Very, very carefully, probably.
Jem Aswad of Billboard interviewed Zane Lowe about Beats 1, and they covered a lot of ground. When asked about the genre mix — something that came up earlier this week — Lowe had this to say:
We’ve played country music, Mexican house music, South American EDM, German hip-hop. I’ve never been a fan of, “We’ve got to get 22 percent of rock, 17 percent of R&B; where’s our 16 percent of hip-hop and our 9 percent of country?” If you do it that way, you’re not basing it on the merit of the music. You’re basing it on some kind of obligation.
Maybe there’s just a lot more great hip-hop being made these days. It certainly seems like it: this year has been absolutely golden.
Lowe again, on working with Trent Reznor:
I’m not sure if you’ve had a chance to sit with Trent, but he’s one of the most intelligent, eloquent, passionate people I’ve ever met, not just for art, but also the way people can use it. He’s really committed to the user experience, so his whole thing was like, “People have been splintered off into individual experiences — let’s see if we can bring them back together and if so, what would that feel like for the user? What if they’re using it on a device in a music service, and not in the traditional places where radio is experienced?”
There’s no doubt in my mind that the collective and genuine appreciation for both music and pushing its distribution forward is a big reason why Apple wanted to acquire the Beats Music team.
Pretty clever reporting from Mark Harris of the Guardian. Apple isn’t obligated to say anything about their plans, but government agencies are subject to the Freedom of Information Act:
In May, engineers from Apple’s secretive Special Project group met with officials from GoMentum Station, a 2,100-acre former naval base near San Francisco that is being turned into a high-security testing ground for autonomous vehicles.
In correspondence obtained by the Guardian under a public records act request, Apple engineer Frank Fearon wrote: “We would … like to get an understanding of timing and availability for the space, and how we would need to coordinate around other parties who would be using [it].”
According to LinkedIn, Frank Fearon worked at Lit Motors until January of this year.
I’m not yet sold on the idea that Apple is making an entire car, but every piece of it makes sense. Apple knows how to make great batteries, they’re experts in aluminum, and they love to control every part of the production. They’re going to loathe the automotive paparazzi, though.
See Also: Marc Newson’s interview with the Wall Street Journal from yesterday.
August 13, 2015
Note: Making these tables responsive is the biggest pain in the ass. If you’re on a phone, save this to Instapaper or something and come back to it on your tablet or desktop.
Updated August 17: Added Amazon.
Last year was the first year that most big tech companies began to report their employee diversity figures after attention was called to their lack of diversity, particularly for women of all ethnicities. I’ve gathered up the latest round of diversity reports from the same companies — Apple, Google, Microsoft, LinkedIn, Facebook, and Yahoo — to see how they’ve done with the past year to grow. As with last year, these figures are compared against the latest available national statistics, from 2013, and some analysis will follow.
Please note that Twitter has not yet made updated diversity data public. I have reached out to them for comment or any indication of updated numbers and will update this if they choose to release their figures this year (they are not required to do so publicly). For comparison’s sake, I’m using 2014 data.
Almost all available data in this selection of companies solely reports a male/female split. Yahoo is the only company that has an “other/not disclosed” option. Please note that Google and Microsoft have retail operations which are not made distinct from the corporate side of the company. This year, Apple did break out its retail operations — see analysis.
Gender Diversity, USA
Gender Diversity in Tech Positions
Last year, Microsoft did not separate tech and non-tech workers; this year, they did, so the table data isn’t necessarily comparable. Amazon does not separate tech and non-tech employees.
Gender Diversity in Non-Tech Positions
Last year, Microsoft did not separate tech and non-tech workers; this year, they did, so the table data isn’t necessarily comparable. Amazon does not separate tech and non-tech employees.
Yahoo reports 1% of their non-tech employees identify with a gender other than male or female, or do not disclose their gender.
Gender Diversity in Leadership/Executive Positions
The “USA” row uses the “management, business, and financial operations” data row from the BLS report, as a rough and imperfect approximation. This is different than my table last year, which used the “management occupations” row; my impression is that the row that includes business operations is a better approximation of what the tech companies are actually reporting.
As Google says in their report, “ethnicity refers to the EEO-1 categories which we know are imperfect categorizations of race and ethnicity, but reflect the US government reporting requirements”. Please keep that in mind.
The “USA Workforce” row uses data provided by the Bureau of Labor and Statistics (PDF). Their demographics information (indicated page 9) is kind of a pain in the ass, though: the unemployed column is a percentage of the labour force, but the employed column is a percentage of the total population. I’ve done the math, though, and the results are what’s shown below. In addition, the BLS does not separate out those of Hispanic descent because “[p]eople whose ethnicity is identified as Hispanic or Latino may be of any race.” As such, the row will not add to 100%, but the percentage of Hispanics in the workforce has been noted per the table on page 10.
Similarly, the “USA Overall” row uses data from the CIA World Factbook, and they, too, do not note those of Hispanic descent separately. This row will also not add to 100%.
Google and Microsoft have retail operations which are not made distinct from the corporate side.
Ethic Diversity, USA
|USA Workforce (PDF)
Ethnic Diversity in Tech Positions
This year, I’ve added a row for the USA tech workforce as a whole, for comparison. It uses the “computer and mathematical operations” data row from the BLS report. Amazon does not separate tech and non-tech employees.
|USA (PDF, pg. 25)
|Amazon (see note)
|Microsoft (see note)
Ethnic Diversity in Non-Tech Positions
Amazon does not separate tech and non-tech employees.
|Amazon (see note)
|Microsoft (see note)
Ethnic Diversity in Leadership/Executive Positions
The “USA” row uses the “management, business, and financial operations” data from the BLS report, as a rough and imperfect approximation of the broad US national trend.
|USA (PDF, pg. 24)
Let’s get something out of the way: I’m a white twenty-something Canadian who graduated from art college. Analysis of statistics of racial and gender diversity at American tech companies is not exactly my strongest suit. But, hey, you’ve made it this far. I want to be as fair as possible to everyone represented in these stats. If there’s a problem, please let me know.
Most companies made only tiny gains in their tech worker diversity in the past year, on the order of singular percentage points. Apple, Google, Yahoo, and Facebook all posted single percentage point gains in their male/female split (i.e. Facebook went from an 85/15 split to 84/16). An improvement, but nothing to shout about.
Microsoft’s gender stats were thrown off by their lack of a tech/non-tech breakdown last year, but it shows just how male-dominated their workforce is, though not as extreme as Yahoo or Apple.
This year’s report from Apple makes their retail operations’ demographics distinct from their corporate demographics. It’s much more transparent.
I’m surprised at how male-dominated their retail side is. I had a hunch that there would be a much more even split between males and females, and that it was potentially tipping their corporate data last year, but that does not appear to be the case.
The non-tech side of most tech companies has a much better male/female ratio than the tech or leadership reports. Sometimes, as in the case of Facebook and Yahoo, it’s actually female-dominated. Apple is the outlier here, with a very male-heavy staff overall.
Leadership positions, as you may expect, did not significantly change over the past year in either gender or ethnicity distribution. The exception is Yahoo, which became much more white over the past year.
While the comparison isn’t perfect, leadership positions, as a whole, are far more male dominant than the USA as a whole.
Black and Hispanic Americans are hired at significantly disproportionate rates in tech positions compared to the national distribution, and also when compared to computer science graduates.
More companies released their full EEO-1 reports this year than last year, demonstrating a desire for more transparency but also revealing in much greater detail just how few improvements they’ve made. Facebook, for example, hired precisely 36 black Americans this year, out of over a thousand new employees. For comparison, Microsoft hired 249 new black Americans out of about 2,000 new employees, and Apple hired 561 new black employees out of 5,000 hires. This appears to conflict with Tim Cook’s statement that they “hired more than 2,200 Black employees” in the U.S., so my reading of the EEO-1 might be wrong, or they experienced some employee churn. I’m looking into this.
Tim Cook: “Additionally, in the first 6 months of this year, nearly 50 percent of the people we’ve hired in the United States are women, Black, Hispanic, or Native American.” That’s huge.
As Amazon has extensive non-tech operations — delivery drivers, warehouse employees, and the like — the blending of non-tech and tech employee diversity figures is very misleading, especially if their tech position demographics are comparable to other companies surveyed.
As noted above, Twitter has not publicly released updated diversity statistics yet. I will update this if and when they do.
Ed Bott explains how Windows 10’s licensing works. In short, it now ties a Windows 10 license to the hardware and stores it on Microsoft’s servers, so it’s possible to wipe your system and do a reinstall without having to enter the key again. Smart. It even covers most kinds of hardware updates, so upgrading a hard drive shouldn’t affect this tech. But:
The one exception is a motherboard replacement, which will inevitably cause the Software Licensing Management utility to recognize the device as a new PC and require reactivation, typically over the phone. A motherboard upgrade, even if you reuse storage, video, memory, and a case, is considered a new PC. In that case, if the underlying Windows license is from a retail copy, that license can be transferred. If you are upgrading (and not replacing) a motherboard on an OEM PC that was sold with Windows preinstalled, the license agreement prevents the license from being transferred.
That seems like a confusing, unnecessary and an ultimately customer-unfriendly distinction. It’s still licensing by machine, not by person. If the technology exists for storing the license key in the cloud, why not link it to a Microsoft account?
The Wall Street Journal interviewed1 current Apple contract designer Marc Newson:
My design pet-peeve is: the automotive industry. There were moments when cars somehow encapsulated everything that was good about progress. But right now we’re at the bottom of a trough.
Compare that answer to, say, Tim Cook’s at D11 in 2013, when asked about wearables:
So, what does Cook think of Google Glass? The Apple CEO says the device has some merit, but might be targeting the wrong part of the human body.
“I think there are some positive points in the product,” Cook said. “I think it’s probably more likely to appeal to certain vertical markets. … I wear glasses because I have to. I don’t know a lot of people that wear them that don’t have to. They want them to be light and unobtrusive and reflect their fashion. … I think from a mainstream point of view [glasses as wearable computing devices] are difficult to see. I think the wrist is interesting. The wrist is natural.”
August 12, 2015
Nikhil Sonnad at Quartz:
Beats 1 has something that is rare in the world of digital music: scarcity. Listeners can’t choose a song and play it over and over. (They can do that elsewhere on Apple Music.) But curation doesn’t mean songs aren’t repeated. We counted 12,445 tracks but only 3,371 unique songs, meaning each track was played an average of 3.7 times. Eighteen of the 20 songs in the table above were played over 50 times.
That’s a lot of repeats, and it’s something Beats 1 has been criticized for. An initial marketing push for Pharrell’s new single Freedom led to a Reddit thread called “Beats 1 Needs to Stop Playing Freedom.” Still, over a quarter of the songs in the dataset were played only once, so there is a reasonable amount of diversity.
The song data also challenge Apple’s insistence that Beats 1 is “a truly global listening experience.” Nearly every song is in English and produced by artists from the US, UK, or Canada.
Beats 1 is only bound by the guidelines of radio insomuch as there is a DJ in a booth playing tunes. Other than that, it should be boundless. There are certain expectations, of course — songs need to be universally palatable, so don’t expect to hear Black Flag or some of DMX’s deeper cuts on Beats 1 anytime soon — but I can imagine future Beats stations taking this so much further. I’d love to hear more international music and vastly more variety from lesser-known artists. I’d also like to hear deeper cuts from popular artists: if we’ve all heard the latest single multiple times, maybe throw in something from the same album that isn’t as widely-known. Lots of opportunity here.
Jason Del Rey, Recode:
CurrentC, the payments app being created by a consortium of big retailers known as MCX, may not launch widely this year as originally planned, MCX CEO Brian Mooney told Re/code in an interview on Tuesday. The company will begin a public pilot of its app in Columbus, Ohio, in a few weeks and will not rush a wider rollout if the product is not ready, he said.
“This is a long game,” Mooney said. “Certainly going faster is always better — that’s not necessarily a debatable point. But we’re going to do it right.”
“Right”, eh? How so?
Instead, CurrentC’s beta users can only pay using one of three options: Gift cards, a store’s private-label payment card or direct hookups with their checking accounts. Mainstream credit cards carry higher transaction fees than these options, which is a big reason why they aren’t currently part of the offering. Mooney said CurrentC could add support for mainstream cards in the future, but wouldn’t say when or which ones.
August 11, 2015
Khoi Vinh has shared some of his thoughts on his design process behind Wildcard 2.0. There are plenty of clever ideas in here, starting with the method they’re using to make text legible when laid overtop an arbitrary image:
Like it says in the title of this post: blurring is the Auto-Tune of UI design. That is, it creates a pleasant enough effect, but it’s heavily overused (to put it politely). We set out to create an alternative and, given our new focus on news, decided to borrow from the print world by using a halftone effect that emulates the way photographs appear in newspapers. You’ll see it in full color in the headlines we have at the top of the app’s home screen and in monotone throughout the rest of the app.
Very nice. I very much appreciate the current ethos of pushing the content1 forward in UI, app, and web design, but it feels a bit samey. The current trends are pleasant enough, like someone dressed in a plaid shirt and dark denim, but a uniform approach isn’t necessarily effective. Good on the Wildcard team for thinking critically.
Web ads are dramatically different from prior ad media, though — rather than just being printed on paper or inserted into a broadcast, web ads are software. They run arbitrary code on your computer, which can (and usually does) collect and send data about you and your behavior back to the advertisers and publishers. And there’s so much consolidation amongst ad networks and analytics providers that they can easily track your behavior across multiple sites, building a creepily accurate and deep profile of your personal information and private business.
All of that tracking and data collection is done without your knowledge, and — critically — without your consent. Because of how the web and web browsers work, the involuntary data collection starts if you simply follow a link. There’s no opportunity for disclosure, negotiation, or reconsideration. By following any link, you unwittingly opt into whatever the target site, and any number of embedded scripts from other sites and tracking networks, wants to collect, track, analyze, and sell about you.
To make matters worse, most publishers neglect to adequately inform their readers about what ad networks and analytics software they use, or how many of them are presently in operation.
Still other publishers, like BGR,
Here’s how the Google-to-Alphabet transition will occur (via John Gruber):
Later this year, Google intends to implement a holding company reorganization (the “Alphabet Merger”), which will result in Alphabet owning all of the capital stock of Google. Alphabet will initially be a direct, wholly owned subsidiary of Google. Pursuant to the Alphabet Merger, a newly formed entity (“Merger Sub”), a direct, wholly owned subsidiary of Alphabet and an indirect, wholly owned subsidiary of Google, will merge with and into Google, with Google surviving as a direct, wholly owned subsidiary of Alphabet. Each share of each class of Google stock issued and outstanding immediately prior to the Alphabet Merger will automatically convert into an equivalent corresponding share of Alphabet stock, having the same designations, rights, powers and preferences and the qualifications, limitations and restrictions as the corresponding share of Google stock being converted. Accordingly, upon consummation of the Alphabet Merger, Google’s current stockholders will become stockholders of Alphabet. The stockholders of Google will not recognize gain or loss for U.S. federal income tax purposes upon the conversion of their shares in the Alphabet Merger.
It’s the kind of corporate legal deal that makes sense for esoteric and nuanced reasons, yet sounds kind of like that species of spider where the offspring eat their mother. That link has a picture of a spider, naturally, if that sort of thing rustles your jimmies.
(Also, Alphabet’s ticker symbol will be “GOOG”. Is that weird or what?)
A lot of people probably saw a few companies being acquired by Google this year, but I can’t imagine anyone predicted that Google itself would be acquired this year.
Okay, so Google founders Larry Page and Sergey Brin created the company — Alphabet — and it’s basically a massive restructuring that allows them to move their atypical businesses outside of Google Inc. ownership, but that’s what it is.
August 10, 2015
Safari is not the new IE, but one area where it lags embarrassingly behind other browsers is in CSS and OpenType typographic feature support. This is particularly glaring for a company that has traditionally focused on reproducing type as great as it can be on screen. This set of changes to WebKit largely remedies that, with support for enhanced ligatures, alternate character sets, and more. This is fabulous news for anyone who cares about great typography on the web (he wrote in twelve-point Helvetica).
Mark Scott, New York Times:
[Like] a growing number of people, [Guillermo] Beltrà, a Spaniard who works for a consumer protection organization in Brussels, decided to block [ads] by downloading software for his desktop browser that removed any online advertising from his daily Internet activity.
While he acknowledged that advertising was often the primary source of income for many websites, Mr. Beltrà said he remained wary of how much data companies were collecting on his online activities.
“If I don’t know what data is being collected on me, I’d rather block it,” he added.
The bulk of growth in web advertising companies today is on mobile devices. Google highlighted that growth in their most recent quarterly report, while mobile ads now account for 76% of Facebook’s total ad revenue. While Apple is adding content blocking to Safari on iOS, it doesn’t impact content shown in apps, meaning Facebook’s revenue seems much safer than Google’s. I anticipate the latter pushing their mobile app much more readily.
Tim Culpan, Bloomberg:
A 60 percent plunge in HTC Corp.’s stock this year pushed its market value to below its cash on hand. That means investors were effectively saying the smartphone maker’s brand, factories and buildings were worthless. […]
“HTC’s cash is the only asset of value to shareholders,” said Calvin Huang, who has a NT$46.50 price target on the stock at Sinopac Financial Holdings Co. in Taipei. “Most of the other assets shouldn’t be considered in their valuation because there’s more write-offs to come and the brand has no value.”
Ouch. Things change fast, but this is a real bummer. As far as I’m concerned, HTC has long been the only Android hardware manufacturer that has a semblance of taste in their industrial design. Yes, there’s a little bit of Apple-copycat stuff going on, like unibody aluminum shells and the use of Helvetica in some of their UIs, but it actually felt like they cared about that kind of stuff. Shame.
August 7, 2015
John Paczkowski, Buzzfeed:
Sources familiar with Apple’s plans tell BuzzFeed News the company intends to hold a special event the week of Sept. 7, with Wednesday the 9th being the most likely date. Sept. 9 is the same day on which Apple held this event last year.
Like Apple fall events past, this one too will focus on the company’s next-generation iPhones, which are expected to arrive at market with a pressure-sensitive Force Touch display, an improved camera system, and a significantly faster and power-efficient wireless chip. Sources say Apple executives are likely to show off the company’s latest iPads as well, though that 12.9-inch “iPad Pro” seems to be a wildcard, still.
Makes sense given the number of features in iOS 9 that are iPad-oriented. Apple will surely want to demo the split screen functionality, which — as of today — only works on one iPad model, the Air 2. A full lineup of new iPads that support all the new features looks more impressive, naturally.
Like many of you, I imagine, I tuned in to the final episode of the Daily Show with Jon Stewart. It was kind of bittersweet: I can’t wait to see what Trevor Noah does with the show, but I will — of course — miss Stewart. Of all of the media critics I’ve read, watched, and listened to, Stewart is one of the most notable; I regard him as an influence on the way I approach many of the topics I write about here.
Stewart’s final bit was a wonderful speech on the different kinds of bullshit people should be able to recognize (not-safe-for-work language, obviously). And, in a similar vein, Caitlin PenzeyMoog, of the A/V Club, argues that news needs more smart analysis:
[Objectivity] — or the quest to be objective — renders journalists toothless. Boiled down, a journalist’s job is to call bullshit — on those in power, on institutions, on agendas. And it gets a whole lot harder to call bullshit when you can’t actually say it out loud. There are examples of journalists doing this, but they are the few outsiders in a sea of people who don’t ask hard questions or push politicians for fear of coming off as biased.
There is an uncomfortably narrow line between pushing an agenda and asking the right questions, but news media needs to do vastly more of the latter. People and organizations of power should respect a journalists’ ability to hold their feet to the fire, and those in power should be able to survive that because they’re doing the right thing. Without that, any interaction with the press is merely publicity and marketing, and any competent journalist aspires for more.
Thomas Mulier, Bloomberg (autoplaying video warning):1
Retailers sold $375 million of watches during the month, 11 percent less than in June 2014, according to data from NPD Group. The 14 percent decline in unit sales was the largest since 2008, according to Fred Levin, head of the market researcher’s luxury division.
“The Apple Watch is going to gain a significant amount of penetration,” he said Thursday in a phone interview. “The first couple of years will be difficult for watches in fashion categories.”
All the earmarks of a flop.
August 6, 2015
Smart decision. No longer is the buying experience so disconnected from the browsing experience — in effect, the entire site becomes both marketing and retail, somewhat paralleling the physical stores. Big move.
One thing I noticed is that between this change and the co-designed retail packaging, third-party accessories feel even more like they’re from Apple instead of merely being sold on behalf of them. Curious.
Zack Whittaker at ZDNet:
New research, set to be announced at the Black Hat conference in Las Vegas on Wednesday, by FireEye researchers Tao Wei and Yulong Zhang outlined new ways to attack Android devices to extract user fingerprints.
The threat is for now confined mostly to Android devices that have fingerprint sensors, such as Samsung, Huawei, and HTC devices, which by volume remains low compared to iPhone shipments. But down the line by 2019, where it’s believed that at least half of all smartphone shipments will have a fingerprint sensor, the threat deepens.
Of the four attacks outlined by the researchers, one in particular — dubbed the “fingerprint sensor spying attack” — can “remotely harvest fingerprints in a large scale,” Zhang told ZDNet by email.
Shout out to Whittaker for the clarification that fingerprint extraction bugs are “confined mostly to Android devices that have fingerprint sensors”.
There are two things in this article that I find most fascinating. The first has nothing to do with the content of the article itself, but rather how Bloomberg writers Brad Stone and Vernon Silver frame it as poky little Google up against the big bad E.U. My second fascination is with the way the E.U. and its business interests perceive globalized — yet highly U.S.-centric — web companies.
“Ernesto” at TorrentFreak:
“It is now unlawful to make private copies of copyright works you own, without permission from the copyright holder – this includes format shifting from one medium to another,” a spokesperson informed us.
The IPO specifically notes that copying a CD to an MP3 player is not permitted. This means that iTunes’ popular ripping feature, which Apple actively promotes during the software’s installation, is illegal.
This is so wilfully and blindingly stupid; it boggles the mind. This isn’t the issue it once was, with online purchasing and streaming quickly reducing the CD to distant memory, but it is still a mind-bending retraction of a clarification of the law that went into effect last year.
It gets dumber:
Simply copying a song in an automated computer backup or storing a copy on a private cloud hosting service is also against the law.
So we’re supposed to revert to the days when we only had one copy of something, and if that copy was damaged, that thing must be re-purchased? That’s hilariously quaint.
Also, under the current law iTunes is actively facilitating copyright infringement by promoting their CD-ripping functionality. This means that the company could face significant claims for damages.
Good luck with that.
August 5, 2015
Reddit CEO Steve Huffman:
I know some of you are upset because we banned anything today, but the fact of the matter is we spend a disproportionate amount of time dealing with a handful of communities, which prevents us from working on things for the other 99.98% (literally) of Reddit.
Oh, so you didn’t ban them because it would be doing the right thing by making it clear that racism, sexism, and intolerance are unacceptable, but because it was hard for you to deal with them? Frankly, that’s asinine, though I suppose it explains the long list of subjectively awful subreddits that have gone unaffected by this policy change.
Peter Kafka, Recode:
Share prices for the biggest TV programmers are all nose-diving. Disney is down 9 percent. Time Warner is down 8 percent. Viacom and 21st Century Fox are down 7 percent. […]
The conventional wisdom, which seems right to me, is that all of this stems from Disney’s earnings call yesterday, when Bob Iger and co. admitted that yes, Disney had indeed seen subscriber losses at ESPN — just as the Wall Street Journal had written a month ago, in a piece that shook up the industry.
With this in mind, will the forthcoming Apple TV subscription service be reported and viewed as a media industry saviour — a la the early narrative that the iPad would save the print industry — or is it going to be seen as a thorn in media companies’ sides?
Android security engineer Adrian Ludwig:
Nexus devices have always been among the first Android devices to receive platform and security updates. From this week on, Nexus devices will receive regular OTA updates each month focused on security, in addition to the usual platform updates. The first security update of this kind began rolling out today, Wednesday August 5th, to Nexus 4, Nexus 5, Nexus 6, Nexus 7, Nexus 9, Nexus 10, and Nexus Player. This security update contains fixes for issues in bulletins provided to partners through July 2015, including fixes for the libStageFright issues. At the same time, the fixes will be released to the public via the Android Open Source Project.
Regular security patches are a very good thing, and it’s great to see Google taking a more proactive approach. However, the final sentence of that quote illustrates the ongoing flaw of having the operating system so disconnected from the end user. These security updates still require Android partners to commit to releasing them in a timely way. To their credit, Samsung has committed to implementing these security fixes as soon as they’re available, but there’s a further caveat:
Samsung is currently in conversation with carriers around the world to implement the new approach. In collaboration with carriers and partners, more details about the specific models and timelines will be released soon.
That remains an awfully circuitous route to travel when a critical bug needs to be fixed.
August 4, 2015
What was apparently a pretty good scoop for Business Insider yesterday turns out not to be the case. Apple almost never confirms nor denies rumours — at least, not on the record — so their specific response here must carry some weight.
Craig Hockenberry, in a guest piece for iMore:
Last week, I received an all-too-familiar call: One of our credit cards had been used to make a fraudulent transaction. […]
Luckily, my spouse had a backup card in her purse and could use it for the remainder of her trip. I, on the other hand, didn’t have another card—and I was on my way to the market to buy dinner. My fingers were crossed that the meager amount of cash in my pocket would be able to cover the charges. […]
Of course… I’m also the kind of person who likes to experiment with new technology. And, since I had my iPhone in my pocket, I decided to see what Apple Pay would do with a cancelled credit card.
I held my phone up to the reader and… it worked flawlessly.
Even after American companies eventually dump their shitty swipe-based cards in favour of EMV cards, the security benefits and lack of hassle are a huge boon for Apple Pay.
Alec Meer at Rock Paper Shotgun:
People aren’t so hot on paying for things these days, which means the money comes from harvesting data and flogging it to advertisers and other organisations who want to know exactly what we’re all up to online. Microsoft want a piece of that, so if you ever wondered why they’ve made the Windows 10 upgrade free to Win 7 & 8 users, here’s one possible answer. Windows 10 has all sorts of user tracking baked right in.
Importantly, you can opt out of what seems to be all this stuff (time will tell) either during installation or afterwards, though Microsoft swaddle it in a combination of dissembling “hey, this stuff’ll really help you get the information you want’ fluff and 45 pages of service agreement documents. I’ll refer you here and here for a detailed breakdown of the really worrying stuff, but the long and short of it is the operating system assigns you a unique advertising ID, which is is tied to the email address you’ve associated with Windows and fed data from a great many facets of your computer usage. Including the contents of messages and calendars, apps and networks, some purchases and whatever you upload to Microsoft’s unreliable OneDrive cloud storage. Using the Cortana search assistant makes the harvest even more aggressive, and of course the OS claims it’s all in the name of a better, more accurate online experience for you.
The amount of information gathered by Windows 10 at the core system level is pretty worrying from a privacy standpoint. Is it entirely unreasonable that the most basic versions of Windows will one day have contextual ads cluttering up system applications? “Looks like it’s going to be hot and sunny for your picnic on Saturday. Do you have sunscreen?”, or something like that.
I think the thing that perturbs me most is how all of these privacy-invasive technologies are wrapped in the eerily vague language of improving the user experience. First of all, no; second of all, says who? Users? I doubt it.
Nathan Ingraham, the Verge:
Between the shorter lengths and Apple’s smart recommendations, I found myself following a couple dozen playlists shortly after I started using Apple Music. By and large found them a really enjoyable way to find new tracks or dig in on a particular style, era, or artist. However, perusing these playlists has led me to one of the most ridiculous and unfathomable Apple Music bugs yet: a whole bunch of these playlists include songs that aren’t playable on Apple Music.
Yup, that’s right — I’ll be in the middle of enjoying Pitchfork’s Modern Americana Gold playlist and come across a song that has somehow been added to a playlist that Apple itself created, and that song will be greyed out, teasing me. It’s incredibly bizarre and frustrating and I have no idea how such a thing slipped past the humans curating these playlists.
Michael Rockwell comments:
I would guess that Apple isn’t limiting their curators strictly to the Apple Music library for the sake of future proofing. Apple hopes to eventually have all music available on the service and the currently unavailable tracks would automatically become playable once Apple acquires the proper rights.
I think Rockwell is right, but I think this is a way to coax labels into granting rights. It’s sort of like the name-and-shame battery menu in OS X, and the similar Settings panel in iOS. If you’re on that list, you’re responsible for screwing up the user experience.
August 3, 2015
It sounds like a fix might be in the works — this bug affects all current versions of 10.10, including the current beta versions of 10.10.5, but not 10.11.
Isis Anchalee reflects on a recruiting campaign for the company she works for, OneLogin, which featured a photo of her and a testimonial of why she enjoys working at the company:
Some people think I’m not making “the right face”. Others think that this is unbelievable as to what “female engineers look like”. News flash: this isn’t by any means an attempt to label “what female engineers look like.” This is literally just ME, an example of ONE engineer at OneLogin. The ad is supposed to be authentic. My words, my face, and as far as I am concerned it is.
I didn’t ask for any of this attention, and I’m rather uncomfortable with all of it. I’m just a human and I prefer to keep my life simple/reserved, but it blows my mind that my fully-clothed smiling face with unbrushed hair and minimal makeup on a white wall is seemingly more controversial in some communities than this simply because of my gender.
None of the male employees featured in this campaign have been subjected to the same backlash. Not one of them has heard that they don’t look like an engineer.
Happily, some good has come of this in the form of the #ILookLikeAnEngineer hashtag. I dumped a few from the last twenty minutes into a Storify, but you can find more posts on Twitter.
Update: Another excellent Storify collection.
Really interesting short interview-cum-essay by John Pavlus:
“I said, ‘What is this?’ and they said, ‘We don’t know yet,’” [Bret] Victor recalls. “It was an early prototype of the [iPad] hardware. Maybe twenty other people in the world knew about it. Nobody had answers. My job was to try to figure it out.”
Victor spent the next two months making “an app every week, explor[ing] new UI ideas” as part of a three-person “internal R&D prototyping group” that Apple had assembled. Soon, Victor says, the iPad became “a real project” and his group was reassigned to tinker with other experimental hardware. “Everyone [at Apple] was focused on the next product release, what needed to happen six months from now,” he says. “We were the ones looking at what could happen five or ten years from now.”
Cabel Sasser and Sebastiaan de With have shared some internal screenshots sent to them of the Cinema 4D files behind the iCal and folder icons, and how the 3D perspective was determined. These are lit pretty neutrally, in comparison to the more stylized Yosemite icons.
August 2, 2015
Very few good products come from fear, and nobody wants that to be forced upon them. It’s almost as if Google hasn’t learned the lessons of Microsoft’s “Windows everywhere” policy, or the lukewarm reception to Windows Phone. Doing the same thing everyone else is doing after they have the inertia simply isn’t a good product philosophy.
July 31, 2015
It’s crazy that this was ever up for debate. Good news.
Peter Kafka, Recode:
LinkedIn is emailing the 500 people it calls its “Influencers” and asking them for permission to automatically hand their stuff to other sites that want to republish it in full. Sites like Quartz routinely publish LinkedIn posts, but right now each article has to be manually approved by the author, which makes it a multistep process.
There’s no money trading hands here — Influencers write for LinkedIn for free, and LinkedIn lets other sites use those posts for free — but there’s still an obvious value exchange: Influencers get more distribution for their names and ideas, along with the notion that LinkedIn says they are “influencers.” And LinkedIn gets to advertise LinkedIn.
From the email LinkedIn sent to “Influencers”:
Your posts may appear in top-tier English publications such as the The Economist, New York Times, Quartz, TechCrunch, etc., always with attribution and links back to your original post.
In what universe is TechCrunch considered a “top-tier” publication, especially when listed alongside the Economist?
Then again, in what universe does the Economist need to farm content — not writing and not stories, but content — from freaking LinkedIn?
At least, according to Kirk McElhearn’s testing (via Michael Tsai):
I started with a random piece of music from a disc of Bach chorales.
I changed its tags to Can’t Feel My Face, by The Weekend. (I picked this track because it’s one of the best selling tracks on the iTunes Store; I could have picked any track in the Apple Music catalog.)
I waited for Apple Music to match the file, deleted my local copy, and then downloaded it from the cloud. […]
When I played it, it was not Bach.
There are some teething problems that are acceptable with any new service, but this is so half-assed, especially from Apple.
First off, it’s not even matching the tags correctly. The Weeknd’s artist name is spelled as such, and the replacement file given to McElhearn retains this incorrect metadata. If you have songs in your library with slightly incorrect metadata, it may match them or it may not, and if it does, it won’t correct your tags for you.
Secondly, it doesn’t even bother checking against the timecode. The Bach chorale McElhearn tested this song against is under two minutes long; “Can’t Feel My Face” is three and a half minutes long. This was already broadly proven by Simon Schellaert’s Spotify to Apple Music script.
But this is far more frustrating than it need be because Apple already has an audio fingerprinting system. They built it with iTunes Match. And for some infuckingexplicable reason, they’re not using it, even for iTunes Match subscribers:
I have an iTunes Match subscription, which is active on the computer I used for these tests, so, theoretically, my tracks should be matched using digital fingerprinting. So I’m all the more confused about what’s happened here.
This is a really big problem, and it affects music lovers’ more comprehensive libraries more than it does an average library. I have dozens of bootleg recordings from my favourite artists. I probably have ten copies of “Reptile” by Nine Inch Nails from studio albums, live rehearsals, live performances, and so forth. If all of those were determined by Apple Music to be the same track and consolidated, I would be furious.
A music library is sacrosanct and should be treated as such. Someone with a lot of music has probably worked really hard to maintain their library, and has carefully chosen everything about it. This matching system screws with that, yet it could have been broadly avoided by using iTunes Match.
While Apple has demonstrated great respect for priceless photo libraries by making iCloud Photo Library a fantastic service, they have not demonstrated a similar level of respect for music libraries. Until they do, you should keep iCloud Music Library off. It’s going to take a lot of trust rebuilding for me to ever allow Apple this kind of access to my music library.
Update: McElhearn has updated his post to state that he can no longer reproduce the issue where Apple Music overrides iTunes Match. That is, if you have an iTunes Match subscription, it now matches based on the acoustic fingerprint. That still doesn’t excuse the rest of this issue, though.
July 30, 2015
John Paczkowski for Buzzfeed:
Sources familiar with Apple’s plans tell BuzzFeed News that the company intends to announce its next-generation Apple TV in September, at the same event at which it typically unveils its new iPhones. […]
It’s a significant overhaul of the diminutive set-top box, which hasn’t seen a material refresh since 2012, and one that Apple hopes will inspire a big upgrade cycle through the annual winter holiday consumer binge, setting the stage for the subscription internet-TV service Apple’s been trying to get off the ground for years. While that service is most certainly in the offing, sources tell BuzzFeed News that Apple does not currently plan to announce it alongside the new Apple TV.
I have this irrational fear that I’ll be able to scan and match my DVDs with some sort of iCloud Movie Library thing, but halfway through the process my DVD collection will spontaneously combust.
Bernard Desarnauts of Wristly:
Making healthy lifestyle changes isn’t always easy. There is a famous quote that says “The first step to change is awareness”, and your responses indicate that the Watch is helping many of you on your health journeys. Over 78% of you agreed or strongly agreed that since getting the Watch, you are more aware of your overall health. In addition, many of you have already made changes with 78% of you agreeing or strongly agreeing that you stand more, 67% that you walk more, 57% that you exercise more and 59% that you make better overall health choices.
I’ve heard this a lot from less technically-inclined users, who are also more satisfied with it. Meanwhile, more technical users want more advanced functionality in a way that’s antithetical to the purpose of the Watch.
July 29, 2015
Lorenzo Franceschi-Bicchierai, Vice:
As security expert Cem Paya put it, that was a conscious decision Google made when it created Android. Paya called it a Faustian deal: “cede control over Android, get market-share against iPhone.” Basically, Google was happy to let carriers put their bloatware on their Android phones in exchange to having a chance to fight Apple for in the mobile market. The tradeoff was giving carriers and manufacturers control over their Android releases, leaving Google unable to centrally push out operating system updates.
Some carriers and manufacturers are better than others, it’s true, but they all pretty much suck when it comes to pushing updates. There really isn’t a better way to put it.
As security researcher Nicholas Weaver put it in a (now deleted) tweet, ”Imagine if Windows patches had to pass through Dell and your ISP before they came to you? And neither cared? That is called Android.”
Similar to the big vulnerability disclosed earlier this week, these exploits take advantage of the Stagefright media player framework on Android.
A hesitantly positive review from Ars Technica’s Peter Bright:
Windows 8 felt unfinished, but it was an unfinished thought. The actual released operating system was stable and reliable and didn’t have any glaring errors in it, but the thoughts behind it, the thoughts about how its various facets should work together, were incomplete.
Windows 10 feels unfinished, but in a different way. The concept of the operating system is a great deal better than its predecessor. It’s better in fact than all of its predecessors. It can ably span a range of form factors and designs, and it can be comfortable and effective on all of them. For all my gripes, it’s the right idea, and it’s implemented in more or less the right way. But I think it’s also buggier than Windows 8.1, 8, 7, or Vista were on their respective launch days.
Microsoft’s going through the same transition period Apple started a few years ago, and it is manifesting itself in similar ways: some icons that look a little rough, a healthy dose of bugs, yet generally positive reviews. Good stuff.
Update: Icon link swapped.
Louie Mantia shares the story of how he got to be the designer he is today, and wonders how the next generation of designers will hone their skills:
Just the other day I was wondering… what happens now? Not with me, but with the next fourteen-year-olds who are ready to be inspired. Do they look at Dribbble and decide to make things? Do they jump in and make an app?
I started by tinkering, customizing. Just as an engineer might. You start with something that exists and you change it to understand it. You do things on your own. But now… companies like Apple have locked down things like theming. It’s so hard today that no one even bothers. Changing icons is hard too. With some apps you can’t even do it without an app breaking because of code signing.
People haven’t stopped modifying cars just because it has become more difficult. They’ve found ways to either work around the limitations or to embrace them. My hope is that this generation of designers can do the same, and one hopes they don’t simply browse the heterogenous work on Dribbble.
Pretty crazy announcement from Intel:
The explosion of connected devices and digital services is generating massive amounts of new data. To make this data useful, it must be stored and analyzed very quickly, creating challenges for service providers and system builders who must balance cost, power and performance trade-offs when they design memory and storage solutions. 3D XPoint technology combines the performance, density, power, non-volatility and cost advantages of all available memory technologies on the market today. The technology is up to 1,000 times faster and has up to 1,000 times greater endurance than NAND, and is 10 times denser than conventional memory.
Even wilder? It’s not just a concept; Intel and Micron are beginning production. Moore’s Law may not be wholly accurate any longer, but its effects are still being realized.
As I’m sure you’ve heard by now, the story of the killing of Cecil the lion is depressing all around. Why an American dentist — or anyone — feels compelled to pay tens of thousands of dollars to fly halfway around the world to shoot and kill wildlife for entertainment is bewildering. As Fusion’s Jason O. Gilbert points out, this is going to play out in a far too predictable pattern:
The backlash to the backlash begins. Benghazi will be invoked. A right-wing radio host with an active following will start a GoFundMe page; it will raise hundreds of thousands of dollars in a few hours. Everyone will act surprised. Barack Obama’s birth certificate will be invoked. The Minnesota dentist will issue a formal apology through a lawyer. The Nuremberg trials will be invoked. Furious tweets will be fired off. The second amendment will be invoked, even though Zimbabwe doesn’t have a second amendment. Someone will ask Donald Trump for comment. Someone will ask Mitt Romney for comment. Someone will ask Dog the Bounty Hunter for comment. CNN will screw up a segment about the story, perhaps by mislabeling Zimbabwe on a map of Africa, or by mislabeling Minnesota on a map of America, or by mislabeling a lion as a baby hippopotamus.
There are plenty of outrageous things going on in the world at the moment, but this must rank pretty highly in your heart and mind; it certainly does in mine. Maybe it’s possible for something good to come out of this. Cecil was being tracked for many years by a team of researchers at Oxford, and if you want to help them out, you can donate; I did. Americans: you’ll want to donate here and specify that you want your donation allocated to WildCRU. Canadians: here’s your link. If you live somewhere else in the world and want to help out, check out WildCRU’s site.
July 28, 2015
The solution that Craig Hockenberry devised is now documented. Maybe I should take it for a spin on this site — I need to update the typography here anyway.
Mike Masnick, TechDirt:
[In] a filing on Thursday, Google revealed one of the few emails that they have been able to get access to so far, and it’s stunning. It’s an email between the MPAA and two of Jim Hood’s top lawyers in the Mississippi AG’s office, discussing the big plan to “hurt” Google. Beyond influencing other Attorneys General (using misleading fake “setups” of searches for “bad” material) and paying for fake anti-Google research, the lawyers from Hood’s office flat out admit that they’re expecting the MPAA and the major studios to have its media arms run a coordinated propaganda campaign of bogus anti-Google stories
As Google notes in its legal filing about this email, the “plan” states that if this effort fails, then the next step will be to file the subpoena (technically a CID or “civil investigatory demand”) on Google, written by the MPAA but signed by Hood. As Google points out, this makes it pretty clear (1) that the MPAA, studios and Hood were working hand in hand in all of this and (2) that the subpoena had no legitimate purpose behind it, but rather was the final step in a coordinated media campaign to pressure Google to change the way its search engine works.
An “Anonymous Coward” in the comments points out that this could amount to securities fraud:
… conspiracy, fraud, bribery, and corruption.
U.S. Securities and Exchange Commission
Common violations that may lead to SEC investigations include:
• Manipulating the market prices of securities
That’s probably a stretch, but interesting to consider. The MPAA has way too much influence in Washington; they will be unlikely to feel any repercussions from this plan.
July 27, 2015
I’m no lawyer, so I’m just going the way the wind blows on this one. I would have thought that no single part of Apple Music’s competitive advantage constitutes a legal issue, but the compounded effect of all of the advantages offered to Music may be grounds for anticompetitive behaviour. Some legal experts that Wired contacted happen to disagree, but the FTC seems to think they have enough to go on to initiate inquiries.
Dustin Volz, National Journal:
The National Security Agency will purge all phone data collected during the operation of its expiring bulk surveillance program by the start of next year pending ongoing litigation, the government announced Monday.
“As soon as possible, NSA will destroy the Section 215 bulk telephony metadata upon expiration of its litigation preservation obligations,” the Office of the Director of National Intelligence, referring to a provision of the Patriot Act, said in a statement. “Analytic access” to those records, which go back five years, will end Nov. 29, and they will be destroyed three months later.
Slow progress is progress nevertheless. No word on when they’re stopping their far more invasive mass collection of internet traffic.
Must be a rough day to be working at Google. Bradley Horowitz, VP of “Streams, Photos, and Sharing”:
People have told us that accessing all of their Google stuff with one account makes life a whole lot easier. But we’ve also heard that it doesn’t make sense for your Google+ profile to be your identity in all the other Google products you use.
So in the coming months, a Google Account will be all you’ll need to share content, communicate with contacts, create a YouTube channel and more, all across Google. YouTube will be one of the first products to make this change, and you can learn more on their blog. As always, your underlying Google Account won’t be searchable or followable, unlike public Google+ profiles. And for people who already created Google+ profiles but don’t plan to use Google+ itself, we’ll offer better options for managing and removing those public profiles.
Much as Horowitz spins this as “focusing” Google+, the reality is that Google is slowly peeling away any dependence on it. Take a look at how it’s being “focused”:
Google+ is quickly becoming a place where people engage around their shared interests, with the content and people who inspire them. In line with that focus, we’re continuing to add new features like Google+ Collections, where you can share and enjoy posts organized by the topics you care about.
So they added a Pinterest clone. Is that useful? Were people asking for that?
At the same time, we’ll also move some features that aren’t essential to an interest-based social experience out of Google+. For example, many elements of Google+ Photos have been moved into the new Google Photos app, and we’re well underway putting location sharing into Hangouts and other apps, where it really belongs. We think changes like these will lead to a more focused, more useful, more engaging Google+.
All of the stuff that actually boosted Google+’s active user numbers — YouTube comments, photo sharing, and so on — is being removed from Google+. What’s it left with? A discussion board nobody really uses? Does that sound good for the future health of Google+?
Update: To clarify: I love Pinterest a lot; I think it’s one of the best things to come out of Silicon Valley in a long time. I question the application of its concept in the context of Google+.
This isn’t good. Michael Mimoso, for Kapersky’s ThreatPost:
Researcher Joshua Drake, vice president of platform research and exploitation at Zimperium zLabs, said exploits could be particularly insidious given the fact that an attacker need only use a malicious MMS message that could trigger the vulnerability without user interaction, and delete the message before the victim is aware. All an attacker would need, Drake said, is the device’s phone number.
An attacker in possession of their target’s phone number could send an MMS or even a Google Hangouts message to an affected device that triggers the vulnerability before the victim has a chance to open the message. In some cases, the attack would delete the MMS in question, leaving behind only a notification that a message was sent. Drake said the processing carried out by Stagefright is a bad design and implementation choice, and that once he dug in and did additional fuzzing and learned more context from prior work, he said he uncovered close to a dozen issues, with half of those being critical remote code execution vulnerabilities; the others were less serious and did not have RCE implications.
That’s pretty scary: merely receiving a malicious MMS will likely trigger the attack which, if executed correctly, can run remote code, all with zero user interaction. But, while Google has patched this, it faces the same problem as any other software update for Android: the companies that make the phones have practically no financial incentive to update their devices. As far as they’re concerned, their job is done. NPR, for example, spoke with HTC:
Google informed HTC of the issue and provided the necessary patches, which HTC began rolling into projects in early July. All projects going forward contain the required fix.
“All projects going forward”? I know HTC doesn’t sell a lot of phones so, by the numbers, their user base does not even a reasonable minority of those affected, but come on. That’s a weak response. I’m hoping that other major manufacturers will do the right thing instead of worrying purely about their bottom line.
July 26, 2015
I think it’s very important that you are aware of the goings-on of this site, and any changes to it. I want you to know that I’m taking Piwik for a trial run. Piwik is analytics software that is self-hosted, so none of your information is going to a giant advertising company. I’ve long been an ardent supporter and user of Mint, but it hasn’t been updated for a while so it’s not super great at reporting recent versions of iOS and OS X, for example.
There’s good news for you, too: if you’d rather not be recorded by Piwik, it will attempt to respect the Do Not Track preference you’ve set in your browser; Mint does not.
For now, I’ll be running both Mint and Piwik, as it doesn’t seem to impact load times to a noticeable degree. In a few months, I’ll decide whether I want to keep both, or switch to one permanently. If you have any questions about this experiment, please don’t hesitate to email me or send me a note on Twitter.
Thank you, as always, for reading. It means a lot to me.
July 25, 2015
Apple said my music was never deleted and that it was in the cloud the entire time. Before Apple Music, iTunes Match would show me all of my songs—matched, uploaded, and purchased. However, if you turn off iCloud Music Library and Apple Music, iTunes Match will only show your purchased content now. There is no way to separate iTunes Match from the iCloud Music Library. Before, you would turn off iTunes Match—now you would turn off iCloud Music Library.
So now I have the iTunes Match service that I pay for separately, and Apple Music, both of which use iCloud Music Library. There is really no way to get away from them if you want to use the latest and greatest from Apple.
I’ll admit, I’m still trying to get my head around how this works.
I’ve said it before and I’ll say it again: I don’t think Apple is doing a very good job of explaining the differences between their music services. I’m a pretty low bar, but if this is confusing for Dalrymple as well, it’s really hard to understand.
July 24, 2015
A couple of weeks ago, Apple launched a new ad campaign sporting the tagline “If it’s not an iPhone, it’s not an iPhone”, and I kind of ignored it. Though one focuses on customer satisfaction and the other focuses on the interplay between hardware and software, both come across as bland, and a little smug. Apple used a similar tagline on a campaign a few years ago, and it felt only slightly more charming at the time. Now, with an industry-dominating profit share, it feels kinda gross.
But now, today, Apple’s launched a companion site that really ups the smugness. As Gruber points out, the section on apps is cringeworthy:
Also amazing? The fact that there are over a million and a half capable, beautiful, inspiring apps on the App Store. And each and every one was reviewed and approved by a team of real live humans. With great taste. And great suggestions. And great ideas.
Yep — the App Store is truly a bastion of greatness. It’s not like they’d carry dozens of the same tutorial-originating app, or apps with truly appalling user interfaces. Great taste, indeed.
Apple has gotten really, really good at making ads that show the products, rather than talking about them — remember the “Every Day” series? They’re still doing ads like that series, but for the Watch.1 And, while I know they have to change things up every so often, these feel like a miss to me. They’re too smug, and too pompous for my tastes. I prefer the softer sell.
I’m typically a big fan of AnandTech’s in-depth reviews, but this one let me down a bit. In particular, Joshua Ho and Brandon Chester didn’t even bother to try the Workout app (via Michael Rockwell):
There is a workout component, but I suspect that this is something more targeted towards someone who is actually setting aside time every day to do nothing but exercise. I tried the interface and found it to be a useful addition, but I really haven’t had a reason to use it as the automatic tracking is pretty much good enough for my needs.
I understand that the Watch is — to put it as Apple does — their “most personal device yet” and that not all people are going to find the fitness component important, but the Workout app is worth testing. This is AnandTech, the land of the ridiculously in-depth review — I expected more. How does it compare to actual fitness and workout trackers? Is it accurate? Is it easy to use while riding a bike? (I can answer the last question: it’s kind of easy to use while riding, but you need to find a bit of road where you can take both hands off the handlebars if you need to diddle with it. Not that I’d ever do that. Ride safe.)
There are other nitpicks I have with it: the authors question a lack of a multitasking UI, for example. This, then, is a review of what the Apple Watch is, not what it does. It’s almost certainly the best glimpse you’ll get of the technology behind the Watch, but it’s decidedly not the best review of how it fits into your life.
July 23, 2015
Elissa Shevinsky in a brilliant, must-read piece for the Christian Science Monitor:
My older friends in the security world have started telling me countless battle stories about fighting “the cryptowars.” Now we chat openly at hacker conferences or their fancy corporate offices. But back then, they were building Pretty Good Privacy, known as PGP, which became one of the most widely used tools for encrypting communications. They would take their servers home at night. They thought the FBI would break into the offices and seize their code. Export controls made it illegal for them to ship this crypto code overseas, so they typed the PGP code into book form. Senior executives mailed it to a bookstore in Europe. As online e-commerce and other activities became more mainstream, the restrictions – and security pros’ paranoia! – relaxed.
But now, with FBI and National Security Agency leaders pushing Silicon Valley technologists to weaken their encryption so the US government can more easily access the protected data, it’s clear that while I may have missed the drama of the ’90s, I won’t be able to escape the cryptowars redux of the 2010s.
Remember the bullshit of Bulletproof coffee, and the café founder Dave Asprey is doing in Santa Monica? He’s just raised nine million dollars to build it, and it includes other pseudo medical bullshit, per Buzzfeed’s William Alden:
It will also include a Bulletproof Vibe vibration platform, which is said to be able to support the immune system and build muscle strength by moving up and down 30 times per second. “You can use it while you’re waiting for us to make a cup of Bulletproof coffee,” Asprey said.
There is no evidence that body vibration systems improve muscle strength, and the only reference to any support or boosting of the immune system comes from Bulletproof. But these claims are implicitly validated through this venture capital injection, and that’s appalling.
July 22, 2015
Micah Singleton of the Verge demonstrates the case against Apple:
As you would expect, Apple Music doesn’t need to raise its price to make up for lost revenue, nor is it subject to other restrictions that the App Store rules place on competition streaming services, essentially giving the service a built-in advantage.
If Spotify wanted to point iOS users who try to sign up through its app to its website, where the subscription price is cheaper, it wouldn’t be allowed according to the App Store rules. “Apps that link to external mechanisms for purchases or subscriptions to be used in the App, such as a “buy” button that goes to a web site to purchase a digital book, will be rejected,” Apple wrote in section 11.13 of its App Store review guidelines.
This makes sense to me. If we assume that all streaming services have broadly comparable licensing terms with record labels, Apple can book $10 in monthly revenue from the sale of a $10 per month plan, while competing services can only book $7 per month of a $10 plan, if sold through an in-app purchase. And, it’s worth mentioning, Apple gets to book their full $3 per month cut from those competing in-app sales; they don’t have to pay a dime of that to labels.
Here’s where Singleton loses me a bit:
Competing music streaming services also aren’t allowed to offer free promos, according to the App Store guidelines, even as a three-month free trial is currently being offered for Apple Music. Music streaming services are also forbidden from offering family plans through the service, which again, Apple Music does.
When it was independent, Beats Music offered a free trial at launch, though through what mechanism I’m not sure.
The gist remains, however. I think the most likely outcome of this, should it be found against Apple, will be for the ban on advertising alternative points of purchase within an app to be overturned. But this is one of those cases where there is little precedent. It all smells like anticompetitive behaviour, but it’s up to the FTC to decide.
Jim Dalrymple sounds pissed:
From what I can tell in my tests, Apple Music is deciding itself, based on your library, that it will not add duplicate songs. For instance, I purchased a lot of Black Sabbath albums over the years, but not all of the compilations. I went into Apple Music and added a compilation album, but it didn’t all get added to my library. When I looked at all of the songs that didn’t get added, they were ones that I already had in my library.
However, if I decide I really want those songs, when I click the “Add” button, nothing happens, which seemed odd to me. If adding the songs is an option, why won’t they add to the library. I went to my iPhone and tapped “Show Complete Album”—when I tapped on the song to add it, the option was to “Remove from My Music.” This means that my iPhone thinks it’s already added, but the song isn’t showing up. What I had to do is go through all of the songs, remove them from the library, and then click add to get them back in the library.
At some point, enough is enough. That time has come for me — Apple Music is just too much of a hassle to be bothered with. Nobody I’ve spoken at Apple or outside the company has any idea how to fix it, so the chances of a positive outcome seem slim to none.
For what it’s worth, this sounds like an iCloud Music Library problem, not an Apple Music issue. It’s splitting hairs, but it’s an important distinction to make. Because I have Apple Music turned on, but not iCloud Music Library, I get all of the streaming features, but none of the saving or syncing ones. That means my local files remain untouched, which gives me a vastly greater sense of security.
But that’s neither here nor there, when considering what’s written here. Based on everything Dalrymple has said on this, it sounds like the absolute worst possible situation. Missing and skipped songs, matching that doesn’t work very well, and deleting local files. It sounds like my worst nightmare.
You can bet very good money that there’s going to be a tough meeting in Cupertino this week.
(Also, who said that writers like Dalrymple and John Gruber were afraid of damaging their relationship with Apple, so they temper their criticism with platitudes?)
Capital New York’s Peter Sterne recaps a meeting between several editors and business partners at Gawker, regarding the publishing and subsequent takedown of that trashy article:
This sparked a shouting match between [managing editor Nick] Denton and Gawker features editor Leah Finnegan, who previously worked as a staff editor at the [New York Times].
“[The Times] doesn’t [weigh its reporters against its advertisers]! I know that for a fact. It does not and it never will,” Finnegan said.
“I think at some level, yes they do. I know enough New York Times people to know that,” Denton said.
“Nick, I worked there for two and a half years. They canceled ads in favor of journalism.”
“Do you know how much money we lose all the time, because of cancellations in ads? I cannot, I cannot believe that you are actually saying this!”
“Make this into an advertising company then! Say what it really is! It’s not a place for journalism!”
[John] Cook told everyone to calm down and the conversation moved on.
Two things are true here: the Times (broadly) maintains separation between church and state — that is, the editorial and advertising departments of the paper; and, the Times has vastly higher journalistic standards than Gawker. It would be irresponsible to have a conversation about the legitimacy of this entire incident without acknowledging that Gawker is, at its core, a morally-corrupt disingenuous advertising company masquerading as a news organization.
Update: The Times has confirmed to Politico that they’re not jackasses:
“It’s too bad that Mr. Denton is trying to damage others to get out of his own scandal,” Times spokesperson Eileen Murphy wrote in an email when asked about Denton’s remarks. “The New York Times does not make decisions about assignments or beats based on advertisers.”
July 21, 2015
Maciej Cegłowski, with yet another killer talk:
A further symptom of our exponential hangover is bloat. As soon as a system shows signs of performance, developers will add enough abstraction to make it borderline unusable. Software forever remains at the limits of what people will put up with. Developers and designers together create overweight systems in hopes that the hardware will catch up in time and cover their mistakes.
It’s 2014, and consider one hot blogging site, Medium. On a late-model computer it takes me ten seconds for a Medium page (which is literally a formatted text file) to load and render. This experience was faster in the sixties.
The web is full of these abuses, extravagant animations and so on, forever a step ahead of the hardware, waiting for it to catch up.
But yeah, sure, it’s the browser’s fault.
Dan Goodin, Ars Technica:
A string of weaponized attacks targeting Adobe’s Flash media player — including three in the past 10 days — has kept software engineers scrambling to fix the underlying vulnerabilities that make the exploits so dangerous. Fortunately, they have also been busy making structural changes to the way the program interacts with computer operating systems to significantly reduce the damage that can result not only from those specific attacks but entire classes of similar ones.
At the moment, the defenses are fully implemented only in the Flash version included in Google Chrome, having made their debut earlier this week. One of the two mitigations is available in other versions of Flash, and the remaining one is expected to be added to other browsers in August.
As Google has opted to bundle Flash into Chrome, thereby creating one of the biggest and most popular security risks around, this is a welcome improvement.
I’ve got to wonder if this is a last ditch effort on Adobe’s part to prolong Flash’s welcome life, which, as far as I’m concerned, it has long surpassed. When will these improvements be rolled into Adobe’s software that relies upon Flash for various UI elements? When can we finally say goodbye to Flash entirely, the way we did for Java on the web? Is Adobe aware that this is only prolonging the agony of a product that is well beyond its sell-by date? Can we just move on already to discover the new and exciting security holes that are surely in HTML5 local storage?
A very clever way to repurpose an existing tool, from ex-Apple designer Linda Dong. Reminds me of the way Facebook’s Julie Zhuo uses Quartz Composer for a similar purpose.
John Degraft-Johnson has been testing the sites in the Alexa top 50, and his findings aren’t exactly surprising: a lot of sites load far too slowly, either because of the number of requests they make or the size of those requests.
I’m not sure I entirely agree with the inclusion of the China-based sites on here, though. Sure, Sina Weibo loads slowly outside of China, but that’s because its servers and users are located primarily within the country. On the other hand, it’s 2015, so geography should no longer cause issues with site speed.
Update: Wil Turner points out that the China-US slowness isn’t any better in the other direction:
@nickheer follow up on slow internet post & China: from other side of Pacific, all US hosted sites are significantly slower.
@nickheer from Seoul Hong Kong Tokyo lag is slight, real. From Shanghai tedious (if not blocked). Majors (Amazon) better, v. close to US.