Pixel Envy

Written by Nick Heer.

Spotify Is Allegedly ‘Burying’ Musicians That Also Have Exclusives on Competing Platforms

Lucas Shaw and Adam Satariano, Bloomberg:

Spotify has been retaliating against musicians who introduce new material exclusively on rival Apple Music by making their songs harder to find, according to people familiar with the strategy. Artists who have given Apple exclusive access to new music have been told they won’t be able to get their tracks on featured playlists once the songs become available on Spotify, said the people, who declined to be identified discussing the steps. Those artists have also found their songs buried in the search rankings of Spotify, the world’s largest music-streaming service, the people said. Spotify said it doesn’t alter search rankings.

Spotify has been using such practices for about a year, one of the people said, though others said the efforts have escalated over the past few months. Artists who have given exclusives to Tidal, the streaming service run by Jay Z, have also been retaliated against, the person said, declining to identify specific musicians.

For what it’s worth, Spotify is denying Bloomberg’s report.

Twitter Rumoured to Be Working on Keyword Filtering to Combat Harassment

Sarah Frier, Bloomberg:

Twitter Inc. is working on a keyword-based tool that will let people filter the posts they see, giving users a more effective way to block out harassing and offensive tweets, according to people familiar with the matter.

The San Francisco-based company has been discussing how to implement the tool for about a year as it seeks to stem abuse on the site, said the people, who asked not to be identified because the initiative isn’t public. By using keywords, users could block swear words or racial slurs, for example, to screen out offenders.

For comparison, it took Twitter less than two weeks to identify a GIF from the Olympics posted by a sports journalist, and it took under three minutes for it to escalate from a removal demand to a permanent suspension, which was later reversed.

Twitter has known about harassment on its platform for years. It has only recently taken steps to combat it with the smallest of steps.

Keystroke Recognition via WiFi

Kamran Ali, et al.:

In this paper, we propose a WiFi signal based keystroke recognition system called WiKey. WiKey consists of two Commercial Off-The-Shelf (COTS) WiFi devices, a sender (such as a router) and a receiver (such as a laptop). The sender continuously emits signals and the receiver continuously receives signals. When a human subject types on a keyboard, WiKey recognizes the typed keys based on how the CSI values at the WiFi signal receiver end. We implemented the WiKey system using a TP-Link TL-WR1043ND WiFi router and a Lenovo X200 laptop. WiKey achieves more than 97.5% detection rate for detecting the keystroke and 96.4% recognition accuracy for classifying single keys. In real-world experiments, WiKey can recognize keystrokes in a continuously typed sentence with an accuracy of 93.5%.

From the paper (PDF):

In this paper, we have shown that fine grained activity recognition is possible by using COTS WiFi devices. Thus, the techniques proposed in this paper can be used for several HCI applications. Examples include zoom-in, zoom-out, scrolling, sliding, and rotating gestures for operating personal computers, gesture recognition for gaming consoles, in-home gesture recognition for operating various household devices, and applications such as writing and drawing in the air.

The paper does say that the initial research was done in a very controlled environment; the amount of noise created by someone walking between the WiFi sender and receiver, for example, could cause a drop in accuracy and reliability. Utterly fascinating, nevertheless.

Dropbox Is Resetting Passwords That Haven’t Been Changed Since Mid-2012

I received an email from Dropbox this evening; you likely did as well:

We’re reaching out to let you know that if you haven’t updated your Dropbox password since mid-2012, you’ll be prompted to update it the next time you sign in. This is purely a preventative measure, and we’re sorry for the inconvenience.

If that sounds strangely suspicious to you, you’re not alone. But I asked around and it seems that it really is just preventative, though it is related to other mid-2012 security breaches that you may have heard of.

Matthew Lynley, TechCrunch:

Dropbox’s intelligence team identified the existence of a file that contained hashed and salted passwords, according to a person familiar with the matter. That file pertains to passwords that were likely obtained in connection to the LinkedIn hack. While the information appears to have been taken from then and quietly held for some time, it is now surfacing, this person said. Dropbox earlier disclosed that usernames and passwords that were obtained in 2012 were used to access some accounts.

While you’re at it, you might as well turn on two-factor authentication too.

Shorting Lives

Christina Warren, now writing at Gizmodo:

After finding serious security vulnerabilities in St. Jude Medical’s pacemakers and defibrillators, cybersecurity and research company MedSec decided to take that information to a short-seller (Carson Block of the investment firm Muddy Waters) which then bet against the company in the stock market. This was instead of disclosing the vulnerability, in theory something that could endanger lives, to the manufacturer St. Jude.

Sometimes I wish I had a podcast or a television show instead of words on a page, so I could play a supercut of people saying “that’s fucked up” right now.

MedSec CEO Justine Bone:

In order to help address patient safety, we have chosen to depart from standard cyber security operating procedures in order to bring this to the public’s attention and to ensure that St Jude Medical responds appropriately and with urgency. We have shared our research with an investment firm, Muddy Waters Capital, that is helping us deliver this message.

What a load of horse shit. While MedSec is right that electronic medical devices need vastly better security, there are loads of legitimate paths that they could have taken to ensure that St. Jude was required to fix their devices. As MedSec is only now going to the FDA, their decision to put profits over responsible disclosure is scarcely better than selling the vulnerability to the highest bidder.

The Trident Exploit

There’s is one hell of a scary set of exploits that are capable of targeting deep capabilities within iOS devices. Before you read any further, be sure to update to iOS 9.3.5 if you haven’t already.

Bill Marczak and John Scott-Railton of the Citizen Lab:

Ahmed Mansoor is an internationally recognized human rights defender, based in the United Arab Emirates (UAE), and recipient of the Martin Ennals Award (sometimes referred to as a “Nobel Prize for human rights”). On August 10 and 11, 2016, Mansoor received SMS text messages on his iPhone promising “new secrets” about detainees tortured in UAE jails if he clicked on an included link. Instead of clicking, Mansoor sent the messages to Citizen Lab researchers. We recognized the links as belonging to an exploit infrastructure connected to NSO Group, an Israel-based “cyber war” company that sells Pegasus, a government-exclusive “lawful intercept” spyware product. NSO Group is reportedly owned by an American venture capital firm, Francisco Partners Management.

The ensuing investigation, a collaboration between researchers from Citizen Lab and from Lookout Security, determined that the links led to a chain of zero-day exploits (“zero-days”) that would have remotely jailbroken Mansoor’s stock iPhone 6 and installed sophisticated spyware. We are calling this exploit chain Trident. Once infected, Mansoor’s phone would have become a digital spy in his pocket, capable of employing his iPhone’s camera and microphone to snoop on activity in the vicinity of the device, recording his WhatsApp and Viber calls, logging messages sent in mobile chat apps, and tracking his movements.

Lorenzo Franceschi-Bicchierai of Vice interviewed the researchers who disclosed this series of vulnerabilities:

“We realized that we were looking at something that no one had ever seen in the wild before. Literally a click on a link to jailbreak an iPhone in one step,” [Lookout VP Mike Murray] told Motherboard. “One of the most sophisticated pieces of cyberespionage software we’ve ever seen.”

The people targeted by this spyware are largely activists and journalists for civil rights in Mexico and the United Arab Emirates, as well as users in Kenya. The spyware users are suspected to be government officials or intelligence agencies.

According to leaked NSO slides, this exploit is able to steal information from text messages, documents, photos, and lots more. As iOS 9 encrypts individual files and the system as a whole, I’d be interested to know how it’s able to access this data in a (presumably) usable-by-others manner. The researchers say it’s able to get FaceTime calls; what about iMessages?

Once the dust settles on this, I hope a report is published with the full scope of Trident’s abilities and the precise ways in which it exploits the JavaScriptCore engine.

Spotify Renegotiating Licensing Contracts

Hannah Karp, Wall Street Journal:

Spotify is now operating on short-term extensions of its old contracts with all three major record companies, having been on a month-to-month basis with at least one of the labels for nearly a year. It is negotiating new deals that would make its finances more attractive to investors.

Spotify, which saw its net loss increase to roughly $200 million last year even as revenue doubled to more than $2 billion, wants to pay a smaller share than the nearly 55% of its revenue that it currently pays to record labels and artists, according to people familiar with the matter.

Anyone blaming exclusives for the current state of the streaming industry has it all backwards. The current state of the music streaming industry is what has beget exclusives on better-paying platforms.


Former Apple Music “samurai” — according to his LinkedIn profile — Sean Glass:

Contrary to what you read, there’s no scary Apple board room conspiracy where corporate is plotting to take over creativity via artist exclusives. There’s one guy who is behind ALL of these campaigns — and he is light years ahead of everyone else. He works intimately with each artist as a creative peer, and develops an amazing plan, this is no simple land grab. He works closer with the artists than labels do.

He’s building a club, or a “community” as we like to say. Everyone is invited, at a very low cost. If you’re in, you are not complaining about exclusives. Those complaining about exclusives are not participating which means refusing to pay $10 a month for music, so why are we letting them get airtime?

When Apple says that they care about music, it’s not an empty platitude or a throwback to the iPod. They mean it, despite occasional frustrations that seem to suggest the contrary.

Google Search Will Penalize Mobile Sites With Interstitial Ads

Jack Marshall, Wall Street Journal:

In a post published Tuesday on the Google Webmasters blog, Google product manager Doantam Phan wrote, “Pages that show intrusive interstitials provide a poorer experience to users than other pages where content is immediately accessible. This can be problematic on mobile devices where screens are often smaller.”

As a result, pages where content is not easily accessible to a user on the transition from mobile search results may not rank as highly in Google’s search results after Jan. 10, 2017, the post said. This could result in less traffic to those pages and sites.

Examples of interstitials that make content less accessible include pop-ups that “cover the main content [of a page], either immediately after the user navigates to a page from the search results, or while they are looking through the page,” Mr. Phan wrote.

Marshall and Phan are right — interstitial covers can be really irritating on mobile browsers. But why stop there? They provide a crappy desktop experience as well. Why not apply the same algorithmic demotion to all sites that practice this user-unfriendly technique?

Coincidentally, I added api.bounceexchange.com to my JavaScript Blacklist today. Bounce Exchange is a company that specializes in this sort of thing, and it drives me crazy.

The Best Photo Editing App for Your iPhone

Remember how, three years ago, I recommend that everyone go out and download VSCO because it was the best photo editing app you could get for your iPhone? And then remember how VSCO went and messed it up with a really confusing new UI?

Well, I wrote an updated version of that article for the Sweet Setup. No spoilers; you should go read it and learn what apps I recommend you use with that new dual-camera iPhone you’ll be getting in a month’s time.


From the Instapaper blog:

Today, we’re excited to announce that Instapaper is joining Pinterest. In the three years since betaworks acquired Instapaper from Marco Arment, we’ve completely rewritten our backend, overhauled our mobile and web clients, improved parsing and search, and introduced tons of great features like highlights, text-to-speech, and speed reading to the product.

Marco Arment in 2013, in the post announcing that he had sold Instapaper to Betaworks:

Instapaper is much bigger today than I could have predicted in 2008, and it has simply grown far beyond what one person can do. To really shine, it needs a full-time staff of at least a few people. But I wouldn’t be very good at hiring and leading a staff, and after more than five years, I’d like an opportunity to try other apps and creative projects. Instapaper needs a new home where it can be staffed and grown, but I didn’t want to give it to a big company that would probably just shut it down in six months.

Brian Donahue of Betaworks:

Instapaper will continue to operate as a separate app and they will not be pushing some separate agenda that alters the app or user-experience.

Maciej Cegłowski:

The “we sold to Pinterest but nothing is changing” email is Instapaper’s equivalent of reassuring grandma about her move to a nursing home.

I’m worried about this. I’m a long-time Instapaper user and customer, and its features — particularly highlights and notes — are essential to my reading and research habits. But what happens six months from now? Will Pinterest really keep the app the same as it’s always been, given a reasonable level of overlap between the two services? That uncertainty leaves me feeling uneasy.

Apple Mart

You’ve probably heard by now that the Apple Store is no longer the “Apple Store” — they’re dropping the “Store” part.

John Gruber chimes in:1

Think about the brands that are Apple’s peers in retail. No one goes to the Tiffany Store or Gucci Store, they just go to Tiffany or Gucci. It’s not even just a premium thing — you say Target and Walmart, not Target Store and Walmart Store.

Daniel Jalkut disagrees somewhat:

Apple is a company whose products, hardware and software, have historically been sold separately from its own retail presence. Going to “Apple” will never make sense the way it does to go to “Target” or even to “Tiffany’s.” Where “Store” has been dropped, it’s essential that some other qualifier takes it place. Going to “Apple Union Square” makes sense. Asking a hotel concierge whether there is “an Apple nearby” makes as much sense as asking where the nearest “Ford” or “Honda” is.

Jalkut is right, but that’s because he includes the definite article “the”. Apple’s retail line may officially be referred to as “Apple Chinook Centre”, for instance — instead of “Apple Store, Chinook Centre” — but most people are still going to ask where the nearest “Apple store” is, lowercase intended. They’re also going to continue to say that they’re “going to Apple on Fifth Avenue”, which doesn’t need the “store” qualifier because it doesn’t have the definite article.

He’s also right that nobody asks for the nearest “Honda”; they’re more likely to ask for the nearest “Honda dealership”. But, at least where I live, no Honda dealerships actually have the words “dealer” or “dealership” in their names. People may ask for the nearest “Honda dealership”, or they may refer to the one where they bought their S2000 at as “Honda West” or “T&T Honda”.

Update: Some of these examples sound a little weird — even “Apple Chinook Centre” comes across as contrived. “Apple The Grove” doesn’t sound right at all. Perhaps “Apple at location” would sound better in nearly all circumstances. But, then again, Apple has always been funny about their phrasing — note, for example, their persistence in dropping the definite article when referring to any of their products: it’s always “iPhone”, never “the iPhone”.

Update: John Buck, via email, pointed out something that I hadn’t considered: “store” branding is good for most of the products Apple sells today, but would you ever buy a car from a “store”?

  1. Incidentally, Gruber’s reference to Gucci is undermined very slightly by Kanye West↩︎

Bandcamp Is the People’s Online Music Store

This link is kind of an extension to my response yesterday to a particularly poorly-considered post from Bob Lefsetz. One thing I didn’t expand upon then was this part of Lefsetz’s article:

Apple Music is a me-too product that works badly that’s locked behind a paywall and the music industry wants it to be the dominant platform so the fan is squeezed and indie acts are pushed down to the bottom where they belong.

I don’t dispute that Apple Music is, functionally, a “me-too product”, but that’s okay. Every streaming service is ten dollars per month for a broadly-identical library of tracks, and that’s fine. Where these services come into their own is with the unique focus of each: Tidal offers a pricier lossless tier, for CD-quality streaming; Spotify prioritizes shared discovery and radio; and Apple Music attempts to bring a human touch to today’s largely-automated world of music discovery. Tidal and Apple Music also, of course, divvy up exclusive releases.

But the idea that indie acts will be “pushed to the bottom” because Apple dares to charge a subscription fee is as ludicrous as anything in Lefsetz’s article. There are plenty of opportunities for indie bands to succeed within Apple Music — many of the tracks played during the first hour of Beats 1’s first broadcast, including the very first song, were by indie artists — and there are even more opportunities beyond the platform.

Ben Ratliff, New York Times:

Bandcamp, which started in 2008 and is run out of a number of small offices in San Francisco, Brooklyn and elsewhere, became profitable in 2012 and sells a record every five seconds. It grew 35 percent last year and has paid $169 million to artists, according to its website. Its chief executive, Ethan Diamond, mentioned in an interview that “plenty of artists” have made more than $100,000 each through it, and all of them get the same deal: The site keeps 15 percent of each sale. (By comparison, iTunes takes about 30 percent, and going that route also requires being on a label or working with an independent distributor, which takes another cut.)

I remember ripping copies of friends’ records that they bought at shows because I forgot to bring merch table money. Now, unsigned indie bands can distribute their music all over the world without going through a distributor. I’ve bought a bunch of albums through Bandcamp, and I anticipate buying many more in the months and years to come. Between it and Soundcloud, there are plenty of opportunities for independent and major musicians alike to get their music into the ears of fans everywhere.

Blonde Bombshell

The highly-anticipated followup to Frank Ocean’s 2012 “Channel Orange”, “Blonde”, was released yesterday. Like most records with a similar calibre of precedence, it debuted exclusively on a single platform — in this case, Apple Music and iTunes — as opposed to having a wide release across multiple outlets.

And, for some reason, it was this very decision that made longtime music industry commentator and grouch Bob Lefsetz think that fans are getting the shaft:

[The music industry has] come through the digital wars scathed, but it’s well-prepared for the future. Streaming has won and it’s been fan-friendly.

Until now.


But in music, you can find everything you want to hear, right at your fingertips.

Until now.


The gist of Lefsetz’s piece is that the exclusive-to-Apple Music release of “Blonde” is, somehow, the canary in the coal mine of the music industry. That its exclusivity is, somehow, a symptom of a music industry that doesn’t know how to build a fanbase and is, instead, spitting in the face of everyone from committed fans to casual listeners.

But, for some reason, Lefsetz is only angered now by the release of Frank Ocean’s record on Apple’s platforms.

Exclusive releases are nothing new. Back when people bought CDs, retailers clamoured to offer bonus tracks exclusive to their copies of the record. Taylor Swift’s “Fearless”, for instance, was released in twelve different versions, including four retailer-specific editions. Each had its own set of bonus tracks or videos, and many editions were country-specific. A Taylor Swift fan would find it difficult and expensive to acquire all the versions of her record.

While exclusive releases aren’t a new concept in the slightest, I’ve mentioned them a fair bit this year because of their increasing role in the rollout strategy for new music on streaming services. My stance has long been — and remains — that exclusives can be frustrating for many fans and likely do not decrease piracy of a new record, but they’re an important feather in a streaming service’s cap at little to no risk for artists — more on that in a bit.

Tidal’s numbers surged after Kanye West made his new record exclusive to the platform earlier this year, though the release also ranked highly on popular torrent trackers. It’s a gamble and a bit of a gimmick, but it can work fine for everyone involved.

However, the way that Lefsetz sees it, exclusives like this are nothing more than marketing:

[Most] people don’t give a crap about the new Frank Ocean album. We’ve got an industry that promotes marginal products that appeal to few and makes them unavailable to most people? That’s hysterical!

The biggest act in the business is Adele, and her music sounds like no one else’s. She can sing, the songs are well-constructed, and they appeal to almost everybody. This is the music industry that used to triumph, it’s one being left behind, as insiders pursue a pop game wherein the youth are everything and if you can’t get it on the radio they don’t care.

This is an utterly ridiculous argument. Ocean’s last record debuted in the number two slot in the United States and United Kingdom, and has been certified gold.

Meanwhile, the notion that Adele is being “left behind” is absurd. It was heavily marketed worldwide and became 2015’s highest seller after just three days. The only way she was being left behind was her decision not to release the record on any streaming services at all — it was, in effect, exclusive to a CD release. (And, yes, there was a Target edition, too.)

Funny how the press wasn’t interested in Major Lazer’s “Lean On,” which ended up being the biggest track of the year on Spotify.

“Lean On” was written about by Pitchfork, Rolling Stone, Billboard, Entertainment Weekly, MTV, Spin, and NME — to name just a few of the most popular music publications in the world. Many of those even put it on their year-end lists. I’ve no idea what argument Lefsetz is trying to make here, but it is — as he would put it — hysterical. (Exclamation point.)

But this isn’t about exclusives, per se. According to Lefsetz, this is something vastly more sinister:

Because there’s a conspiracy between Apple Music and the industry to change the game, to get everybody to pay for a subscription by putting hit content behind a paywall.

Setting aside the first part of that sentence, which I will return to later, so what?

From the perspective of a fan not willing to subscribe to a bunch of different platforms — that is, virtually everyone — exclusives can be a pain in the ass. But putting a much-anticipated new release behind a paywall is a very good thing because getting people to pay for music is also a very good thing.


We need a free tier. We need a place where casual fans can experience new music. We’re in the business of building lifelong fans, but how do you do this when you can’t hear the music first, when you’ve got to overpay to experience it, that’s a twentieth century model but we’re deep in the twenty first!

I think it’s funny that Lefsetz complains about paying for music being an old business model, as the free tiers of services that offer them — Spotify, Pandora, and so forth — are effectively a light re-imagination of radio. Spotify, for instance, only allows shuffle mode to non-paying members, and they insert ads and assorted other tracks into the stream. Pandora users on the free tier have a skip limit.

Update: Reader “Charles” has written me to say that the desktop version of Spotify does allow listeners in the free tier to select tracks on demand. The mobile version is shuffle-only. The rest of the limitations I described, including limited skips and plenty of ads, seem to apply to the desktop version equally.

Meanwhile, I don’t think Frank Ocean — or any other artist — is bothered by not offering their newest record to people who will consume it for free in a legal way. Their gamble is that they’ll get a decent agreement from Apple or Tidal for making their album exclusive to the respective platform.

Those who will ante up for the opportunity of listening before anyone else are probably fans, so that’s fine for the artist and for the platform operator. It’s likely that these kinds of exclusive contracts include a small slice of revenue from new subscribers who, within a specific timeframe, listen to the artist’s new release.

Listens from existing subscribers, meanwhile, are likely paid out at a typical rate. Meanwhile, the album will be uploaded and torrented by a wide range of people, from casual listeners to committed fans that don’t want to — or cannot — pay for a subscription.

What does an artist lose by not uploading the record to Spotify or Pandora? My guess: almost nothing. Both platforms pay notoriously poor royalty rates, and the free tier of both platforms mandates a lower quality experience through forced shuffling. Ocean is the kind of artist that cares deeply about all aspects of his record, including the track order. I bet he’d rather have someone not pay for his record and listen to it in the correct order than to receive a measly royalty rate from a non-paying user of a streaming service listening to the album in the wrong order.

Now, back to that “conspiracy” argument:

Apple should be investigated by the government for antitrust. How do you compete with the world’s richest company that’s got endless cash on hand? You can’t. It’d be like expecting hillbillies to get into Harvard if slots went to the highest bidder. The rich get richer and the rest of us… we’re left out, just like in America at large, which is why Bernie and Trump got traction, the usual suspects doing it for themselves have rigged the game in their favor, and now the music industry is trying to do this too.

I’m not sure why Lefsetz has chosen to associate a weeks-long exclusive release of an album he apparently doesn’t care much about to a populist political movement in the United States, or a classist argument, but it’s silly.

I’m not sure where the antitrust angle comes from, either. Not all new releases are exclusive to Apple Music. Some of this year’s highest-profile albums have been, while others have been exclusive to Tidal. Some lower-profile releases have been exclusive to one of those as well, including Neil Young’s newest. None that I can think of have been exclusive to Spotify because it’s not that friendly to artists.

If Spotify wants their own exclusives, perhaps they should pay artists better.

Is there a conspiracy here? Only insomuch as artists, labels, and Apple executives have vouched for the idea of listeners paying for music. This doesn’t prohibit users of the free tiers of Pandora or Spotify from ever hearing “Blonde” — it just means they have to wait a couple of weeks to do so, or they can buy the album on iTunes without subscribing to Apple Music. Simple.

Every Joke From ‘Airplane!’ Ranked

There are 178 jokes counted in this list, but Airplane! is only 87 minutes long, giving it an average of a joke every thirty seconds — and that’s including credits.

A solid ranking, but #154, #61, and #49 would be a hell of a lot higher if it were up to me.

The Final Vesper

Sad news from Brent Simmons, on behalf of himself, John Gruber and Dave Wiskus:

I loved working on Vesper. It was one of the great software-making experiences of my life. We’d get on a roll and it was wonderful.

And now it hurts to turn it off, but it’s time.

I have a lot of stuff collected in my copy of Vesper: ideas for artworks, photos of book covers I like, recipes, receipts, and lots more. It’s my go-to “anything” bucket app. All things must come to an end, and all, but it’s heartbreaking to see it happen to a great app like Vesper, especially since this serves as a de facto acknowledgement that a Mac version is never coming as well. Damn.

The final version is, appropriately enough for this crew, version 2.007.

Net Nanny, Anew

The Ringer’s Alyssa Bereznak compares Twitter’s “Quality Filter” to Net Nanny, the original web filter:

Net Nanny is not the only program of its kind (I see you, Christian Broadband), but it is an example of how internet filtering began, and how flawed it was (and is). In the world of Net Nanny, visiting the Victoria’s Secret website is deemed “provocative,” while a Google image search of “best lingerie” is permitted. Looking up another word for “abusive” on Thesaurus.com, as I am ashamed to admit I did for this article, is for some inexplicable reason considered “mature.” Gawker and BuzzFeed were out of the question, yet somehow a Redbook post on how to give a good blow job is OK.

Considering that Net Nanny has been featured in many a tech advice column, and is now overseen by company called ContentWatch, you’d think it would have addressed some of these oversights. But this is the downfall of any filter, whether it be for a social network or your entire web browser: The internet embraces and rejects new slang, celebrities, websites, and social networks at a breakneck pace. What once was offensive, now is not, and on and on.

Twitter’s rollout of the Quality Filter has been slow — I haven’t seen it appear in my account settings yet.

It’s not going to be perfect, and there’s a very real chance some abuse is going to get through, particularly when it’s targeted towards specific users. Like any spam filter, it’s also likely to catch some false positives. I hope Twitter is more adept at managing the Quality Filter than it has been at addressing harassment for the past ten years, but I’m not particularly optimistic.

Opaque Transparency

Jeff John Roberts, Fortune:

In case you’re unfamiliar, the activities of the [Campaign for Accountability], as it calls itself, consist of a smattering of do-gooder projects — LGBT rights, clean water and so on — and a permanent campaign called “The Google Transparency Project,” which claims to expose various villainies carried out by the search giant. Now, though, at least one company has claimed credit for funding it.

“Oracle is absolutely a contributor (one of many) to the Transparency Project. This is important information for the public to know. It is 100 percent public records and accurate,” said Ken Glueck, Senior Vice President of Oracle.

I have no idea what “100 percent public records” means in this context, but:

The deputy director of the CfA, Daniel Stevens, declined to name the group’s other donors, or to explain why it does not disclose its funders.

A lobbying group with “transparency” in the name of one of its missions — and “accountability” in its actual name — doesn’t reveal its donors unless a journalist gets a hot tip, or if its hand is forced by ongoing litigation. You can’t make this shit up.

NSA Hacking Tools Leaked

Sam Biddle, writing for the Intercept:

On Monday, a hacking group calling itself the “ShadowBrokers” announced an auction for what it claimed were “cyber weapons” made by the NSA. Based on never-before-published documents provided by the whistleblower Edward Snowden, The Intercept can confirm that the arsenal contains authentic NSA software, part of a powerful constellation of tools used to covertly infect computers worldwide.

The applications that have been leaked are from about 2013, which means that their attack vectors may already be outdated and ineffective. I can’t remember the last time that intelligence tools were leaked; it might have been as long ago as during the Cold War. Even if this leak isn’t ultimately damaging or dangerous, it’s still embarrassing for the premier American intelligence agency.

Taking CarPlay for a Spin

Khoi Vinh’s Kia received a software update that enabled CarPlay, so he tried it out. His verdict? Kind of lukewarm:

The most prominent example of CarPlay’s challenges may be that it looks terrible, though through no fault of its own. The display of most in-dash consoles is not of Retina quality, and as a result, the CarPlay apps and UI elements look jagged and poorly rendered. That’s compounded by the fact that, even though you can tap and swipe on the screen, the performance is sluggish and occasionally choppy.

Remember the Motorola Rokr — Apple’s first (collaborative) attempt at a cellphone? Here’s what Sascha Segan said in his review for PC Magazine:

The ROKR’s treatment of iTunes, however, isn’t up to iPod standards in several ways. The worst thing is the rude awakening you’ll get if you try to connect your ROKR at both home and work: The ROKR pairs with only one computer. When we plugged the phone into a second computer, it erased all the onboard music! In addition, the phone’s memory card stores only 100 songs. Yes, we know you could probably fit 120 songs into 512MB, but there’s a software-imposed cap of 100 songs: When we tried to add a 101st track, we got an error message.

Kent German also reviewed the Rokr, for CNet:

The first thing an experienced iPod user will notice about the Rokr E1’s iTunes player is noticeably slow performance. There are obvious navigation delays — occasionally up to two seconds, particularly when skipping through songs or changing screens.

Sure sounds familiar, doesn’t it?

Facebook’s Struggle to Build a More Diverse Workforce

Deepa Seetharaman and Georgia Wells report for the Wall Street Journal on a points-based incentive program for hiring managers at Facebook:

At Facebook, like at other tech companies, recruiters bring in candidates, but it is up to hiring managers to make job offers. Therefore, attracting more candidates doesn’t necessarily result in a more diverse workforce.


Facebook recruiters often mined LinkedIn profiles for details that could serve as a proxy for race or gender: attending a historically black college, membership in an organization for Hispanic engineers, or a profile picture. Some compiled lists of the 100 most-common Hispanic names in the U.S. to plug into search strings, according to people familiar with the matter.

I’ve no doubt that recruiters will find some exceptional candidates this way, but this strikes me as a potentially short-sighted way to attempt to boost diversity figures for candidates, and doesn’t actually change the company’s culture to embrace a more diverse workforce. This is a patch covering up a much deeper issue of employees from entry-level engineers to higher management being conditioned to prefer — typically — white and male candidates.

Claire Cain Miller, reporting for the New York Times in February:

In the 1970s, symphony orchestras were still made up almost exclusively of white men — directors claimed they were the only ones qualified. Around that time, many began to use a new method of hiring musicians: blind auditions. Musicians auditioned behind screens so the judges couldn’t see what they looked like, and walked on carpeted floors so the judges couldn’t determine if they were women or men — the women often wore heels. The Boston Symphony Orchestra pioneered the practice in 1952, and more orchestras began using it after a high-profile racial discrimination case was brought by two black musicians against the New York Philharmonic in 1969. Researchers from Harvard and Princeton took notice and studied the results; they found that blind auditions increased the likelihood that a woman would be hired by between 25 and 46 percent. In fact, with blind auditions, women became slightly more likely to be hired than men. Confident that they would be treated fairly, female musicians started applying in greater numbers.

There’s no reason a similar blind hiring system would not be possible at tech companies, and I bet it would make for a substantially more diverse workforce. And, as a consequence, I’m certain that engineering and computer science programs across the United States would find themselves with a far greater representation of women and ethnic minorities.

A Pre-Post-Mortem for Gawker

Adrian Chen, writing for the New Yorker:

I worked at Gawker for four years, walking the tightrope. The immediacy of publishing encouraged me to be extremely sure of arguments and facts and to write things I truly believed, since I had nobody to fall back on but myself. And, in order to find an audience, I had to be entertaining and provocative. At the site’s best, these two often conflicting impulses encouraged writing with a spontaneity, humor, and self-assuredness that wasn’t like anything else on the Internet. At its worst, it led to gratuitous meanness and a bad lack of self-awareness. I know I’m talking in generalities, but looking back on one’s old writing is rarely a fruitful prospect, even when it was produced under the most considered circumstances. There are plenty of posts that I’m proud of, and others that make me cringe to think about. Regardless, I can’t imagine having had a better place to develop as a journalist than Gawker.

I empathize.


Univision PR:

[Univision Communications Inc.] will acquire the digital media assets for $135 million, subject to certain adjustments, and these assets will be integrated into Fusion Media Group (FMG), the division of UCI that serves the young, diverse audiences that make up the rising American mainstream. The deal, which will be accounted for as an asset purchase, includes the following digital platforms, Gizmodo, Jalopnik, Jezebel, Deadspin, Lifehacker and Kotaku. UCI will not be operating the Gawker.com site.

There’s a lot that Gawker did wrong over the years, but the way they were forced to shut down is scary. It’s suppressive, it’s arrogant, and it sets a nasty precedent for publications that cannot afford the legal costs of defending themselves against suits filed against them.

With that in mind, I bring you one of my favourite stories from the past month:

Peter Thiel, the tech billionaire-turned-Trump delegate who successfully bankrupted Gawker Media, has long been obsessed with anti-aging technologies. He believes people have been conned by “the ideology of the inevitability of the death of every individual,” and has funded startups dedicated to extending the human lifespan. According to Jeff Bercovici of Inc. magazine, Thiel is so afraid of dying that he has begun exploring a novel, and fairly unsettling, technique: Harvesting, and injecting himself with, the blood of younger people.

I’ve wanted desperately to link to this story ever since it was published, but I couldn’t think of a decent headline. So: here it is. In light of today’s rather bleak and depressing news, let’s all remember that Peter Thiel is still super messed-up.

NYT Now to Be Discontinued August 29

Disappointing, but not unexpected. Many of the best features of NYT Now have been incorporated into the “full” NYTimes app, while NYT Now has received barely any updates for the past year.

Twitter to Roll Out Quality Filter to All Users

Twitter’s Emil Leong:

Last year we began testing a quality filter setting and we’re now rolling out a feature for everyone. When turned on, the filter can improve the quality of Tweets you see by using a variety of signals, such as account origin and behavior. Turning it on filters lower-quality content, like duplicate Tweets or content that appears to be automated, from your notifications and other parts of your Twitter experience. It does not filter content from people you follow or accounts you’ve recently interacted with – and depending on your preferences, you can turn it on or off in your notifications settings.

Since becoming verified and turning the quality filter on, Brianna Wu says that she hasn’t seen any threats in her notifications. This is a good move that comes agonizingly later than it should have.

Generated Maps of Fantasy Worlds

Betsy Mason, National Geographic:

As you travel northeast along the shore of southern Nimrathutkam, the first town you’ll encounter is Ak Tuh, followed by Nunrat and Nrik Mah before you reach the coastal city of Tuhuk, the largest urban area in the region of Mum Huttak.

If these sound like places out of a fantasy novel you read as a teenager, you’re not far off. Nimrathutkan is the result of an automated map generator that was inspired by those novels. The map bot, created by glaciologist Martin O’Leary of Swansea University in Wales, combines imaginary place names with fake terrain to produce fantasy worlds, tweeting a new one every hour from the Twitter account @unchartedatlas.

This is a tremendous accomplishment. My best NaNoGenMo achievement was building a story that would write itself in chapters based on works by or referencing William S. Burroughs. I love this kind of stuff.

Link via Kai Sunderland.

NPR to Drop Comments on Their Website

Elizabeth Jensen of NPR:

In July, NPR.org recorded nearly 33 million unique users, and 491,000 comments. But those comments came from just 19,400 commenters, [managing editor Scott] Montgomery said. That’s 0.06 percent of users who are commenting, a number that has stayed steady through 2016.

A tiny percentage of their audience that sways the discussion in an unproductive manner:

It’s not possible to tell who those commenters are; some users comment anonymously. But there are some clues that indicate those who comment are not wholly representative of the overall NPR audience: They overwhelmingly comment via the desktop (younger users tend to find NPR.org via mobile), and a Google estimate suggested that the commenters were 83 percent male, while overall NPR.org users were just 52 percent male, Montgomery said.

When viewed purely from the perspective of whether the comments were fostering constructive conversations, the change should come as no surprise. The number of complaints to NPR about the current comment system has been growing — complaints that comments were censored by the outside moderators, and that commenters were behaving inappropriately and harassing other commenters.

Imagine viewing the world through the lens of a website’s comments section — any website’s comments section. What a bleak and depressing experience that would be.

Verizon Has Offered to Force Apps Onto Users’ New Android Phones

Garett Sloane, Advertising Age (via Lessien):

The wireless carrier has offered to install big brands’ apps on its subscribers’ home screens, potentially delivering millions of downloads, according to agency executives who have considered making such deals for their clients. But that reach would come at a cost: Verizon was seeking between $1 and $2 for each device affected, executives said.

Yet another solid argument for not letting carriers have any control over a mobile phone operating system.

Another downside to Verizon’s app offering is that it doesn’t offer any targeting, yet. So, a brand, for instance, couldn’t focus on buying pre-installed apps on phones of known customers, the executive said.

The implications of that “yet” are pretty gross, aren’t they?

Apple’s Presentation at Black Hat

You’ve read the book; now see the movie. Ivan Krstić’s presentation is as solid as any Apple WWDC presentation, and it’s packed with much more information than the company usually reveals about its security protocols.

Though this is a very easy watch, even for someone — like myself — with only a cursory understanding of security and software engineering, I’ve picked out a few key parts that are worth paying attention to:

  • Right off the top, there’s a rationale for why the kernel cache is no longer encrypted. In light of this news, which broke in mid-June, these slides were likely inserted after the presentation was considered complete.

  • At about 8:21, Krstić touches on the Secure Enclave’s multitude of protections. Some of this is known, but because it’s the root of the entire security system on iOS, it’s good to hear it reiterated.

  • At 18:57, Krstić explains how the Update Later feature, introduced in iOS 9, is made secure.

  • My guess for why I was asked for my iPad passcode when setting up Sierra — as referenced in my post on these slides — appears to be correct (24:55).

  • At 26:37, Krstić launches into a long explanation of how Apple protects their own encryption secrets and cloud synchronization technologies. From my perspective, this is the most dense part of the whole presentation, but it’s also the most important: Apple proving their own security protocols to the security community — and the community verifying it by looking for holes in it; see also the bug bounty program introduction at 36:14 — is critical to maintaining the company’s position as the tech company that values user security and privacy.

  • There’s a pretty funny explanation of Apple’s “physical one-way hash function” at 34:08.

  • At 39:40, Krstić kicks off the Q&A period. All questions are worth watching, but the first one is particularly telling, as is the question at 49:37. As you might expect from Apple, there are a lot of non-answers within the Q&A, but that’s also because of the kinds of questions that were asked.

  • I was surprised by Krstić’s answer to the second audience question regarding seeing a list of devices granted user data syncing permissions for the purpose of revoking those credentials. Krstić said that there isn’t currently a way to do that, but the list of devices on the iCloud Settings page seems to serve that purpose. I’ve reached out to the company for an explanation and will update this post if I hear back.

WordPress Version 4.6

Among the long list of improvements and bug fixes, highlights include the addition of Unicode 9 emoji support, a big update to the long-kludgy updating mechanism, and the removal of Open Sans from the administrator dashboard. Huzzah.

The replacement fonts for Open Sans are the default system faces for all OSes: San Francisco on Macs and iOS devices, Segoe on Windows, and Roboto on Android.

However, omitted from these updates are any changes to the typefaces used in the TinyMCE editor. So I made a plugin. It’s ridiculously lightweight and simply ensures that everything you see on the dashboard is a variant of San Francisco. If you have SF Mono installed, you’ll see that in the editor.

I probably won’t update this plugin unless I see a glaring issue, but I’ve been running it for the past month or so and it’s been fine.

On a related note, I just updated my copy of WordPress. If you spot anything wonky, please let me know.

Intel to Produce 10nm ARM Processors

Ian King, Bloomberg:

Intel Corp., the world’s biggest semiconductor maker, said it’s licensing technology from rival ARM Holdings Plc, a move to win more customers for its business that manufactures chips for other companies.

The two chipmakers, whose designs and technology dominate in computing and mobile, unveiled the agreement Tuesday at the Intel Developer Forum in San Francisco. The accord will let Intel offer third-party semiconductor companies its most advanced 10-nanometer production lines for manufacturing the complex chips usually used in smartphones.

That’s some really big news that Apple is no doubt interested in, too. While they design their own SoCs, Apple doesn’t make them — they contract the manufacturing to companies like Samsung and, increasingly, TSMC. However, Apple has shown an interest in reducing their reliance upon Samsung, to the extent that the A10 is rumoured to be exclusively made by TSMC, and the company has repeatedly expressed a desire to bring more of their product manufacturing to the United States.1

Tim Cook at the D10 conference in 2012:

Will there be an Apple product ever made in the U.S.?

I want there to be. This isn’t well known, but the engine for the iPhone and the iPad are built in the U.S., not just for the U.S. but the world. The glass for your iPhone is made in a plant in Kentucky, not just for the U.S. but other markets outside the U.S. so I think there are things that can be done in the U.S., not just for the U.S., but exported for the world.

I’m not sure that the statement about making the A-series chip in the United States — or, as Cook called it, “the engine” — is still accurate, but making things in the U.S. is something Apple is proud to tout when they can. Apple and Intel also have a pretty good business relationship. I wouldn’t be surprised if it expanded to include the A-series as well.

Update: Paul McGrane says that Cook’s comment about building the A-series processors in the U.S. likely refers to Samsung’s Austin factory. Later that year, Samsung invested $4 billion in an expansion of that plant. Rumours are that TSMC is the exclusive manufacturer for both the A10 and A11.

  1. To my knowledge, TSMC has one manufacturing facility in the U.S., while most of Intel’s processors are made in America. ↩︎

Sportsball Is Rumoured to Be Coming to the Apple TV via Twitter

Mike Isaac, New York Times (there’s autoplaying video with audio because the Times apparently hates their readers):

When Twitter streams its first N.F.L. game on Sept. 15, it will get to assess whether its vigorous pursuit will pay off — and whether live streaming can viably be a linchpin of its future.

Since April, Twitter has signed a series of live-streaming deals, including with Wimbledon, CBS News, the National Basketball Association, Major League Baseball, the National Hockey League and Pac-12 Networks. Twitter is also in discussions with other organizations, including Major League Soccer and the Professional Golfers Association, for similar agreements, according to people briefed on the talks.


To bolster the effort, Twitter is in talks with Apple to bring the Twitter app to Apple TV, which would potentially let millions of Apple TV users watch the streaming N.F.L. games, according to the two people briefed on the discussions.

I didn’t get this rumour at first. Why would Apple and Twitter need to talk about doing an app? Can’t Twitter just build the app?

But then Abdel Ibrahim pointed out that there might be some kind of deal-sweetening exclusive arrangement at play here, which makes complete sense to me. It’s pretty widely known that Apple has been aching to build a full television experience into the Apple TV. If Apple can secure an exclusive app for Twitter’s live streaming deals, they might be able to bypass individual negotiations with each of the leagues and events at play here.

This also gives me an opportunity to remind you that “soccer is but one ball away from the ancient non-sport of fast running back and forth,” which remains one of the most succinct expressions of any sport I’ve ever heard. Then again, I like Formula 1, which is but twenty-odd engines away from the ancient non-sport of sitting in a chair and sweating profusely.

VBR MP3s and AVFoundation

Great post from Marco Arment on a bug within AVFoundation that prevents the widespread use of VBR MP3s, specifically for distributing podcasts:

AVFoundation, the low-level audio/video framework in iOS and macOS, does not accurately seek within VBR MP3s, making VBR impractical to use for long files such as podcasts. Jumping to a timestamp in an hour-long VBR podcast can result in an error of over a minute, without the listener even knowing because the displayed timecode shows the expected time.

A lot of my iTunes library is also encoded as VBR MP3s — I was a longtime user of the LAME V0 preset — I’ve seen some weird seeking bugs and other issues in longer tracks. With its ideal blend of quality and file size, VBR a beautiful solution to audio encoding; Apple should provide more robust support for it.

Breadth and Depth

What defines Tim Cook’s Apple?

The end of this month will mark five years into his tenure presiding over the company — the third longest-serving CEO in Apple’s history, behind John Sculley and, of course, Steve Jobs. There are a few things I think are generally agreeable about Cook’s style: a less rigid corporate image, a more noticeable social impact, and a (slightly) more approachable executive team. Back in the Jobs-and-Katie Cotton era, a magazine was lucky if it got an interview, and they were typically only proposed if there was a major new product to show — recall the famous Time and Newsweek iMac G4 and iPod covers, for instance.

Today’s Apple is more comfortable with providing more frequent conversations with the executive staff. Mashable has received several exclusives in the past couple of years and, this week, Fast Company and the Washington Post were both granted interviews with Tim Cook. Fast Company also spent time with Craig Federighi, Eddy Cue, and Bozoma Saint John.

Those interviews underscore one of the most defining characteristics of Cook’s Apple: innovation at scale. Rick Tetzeli:

Apple’s CEO is a deeply grounded man who has not been blinded by Jobs’s brilliant legacy. Jobs only came to appreciate the incremental nature of innovation during the second half of his life; you get the sense that Cook understood and loved process from birth. This focus on detail is often mentioned as a weakness. But, in the five years under Cook, Apple’s revenue has tripled, its workforce has doubled, and its global reach has expanded rapidly. That’s a remarkable record. Cook has shown a great capacity for getting improvements from every corner of the company, and for then deploying those gains across a wider canvas of software, hardware, and services than Jobs ever had at his disposal. He will never be as flashy as Jobs, but he may just be the perfect CEO for the behemoth Apple has become.

It’s hard to fathom the size of Apple’s operations today. In their fiscal 2011, they sold 72 million iPhones; they now sell that many in a single quarter. In the past six years, their “Services” business — which includes the iTunes and App Stores, Apple Pay, iCloud, and other online services — has grown nearly ten times, from a $636 million business in Q3 2010, to a $5.9 billion business in Q3 2016. Apple doesn’t reveal the number of active iCloud users, but I’d be willing to bet it’s dozens of times greater than the number of MobileMe users in its heyday.

But this rapid expansion has not come for free, as can be seen in a resurgence of the “Apple is doomed” cottage industry. In his Fast Company interview, Eddy Cue explained his perspective on the perceived decline in Apple’s quality:

When we were the Mac company, if we impacted 1% of our customers, it was measured in thousands. Now if we impact 1% of our customers, it’s measured in tens of millions. That’s a problem, right — things are going to be perceived differently. Our products are way better than they used to be, but there’s a higher bar, and I’m okay with that.

It doesn’t really matter whether there’s a real decline in Apple’s software quality, or if it’s mostly an exaggeration bolstered by a larger user base and increased media coverage. What is concerning is the sentiment I perceive in Cue’s explanation — that a bug affecting 1% of users is comparable in 2016 to one affecting 1% of users in, say, 2006 or 1996. But, as he says, there’s an enormous chasm in the actual number of users affected, and that’s what’s particularly concerning. If Apple is pushing out, to be generous, one-quarter of the number of these bugs as they were ten years ago, that means that they’re still affecting orders of magnitude more users.

These frustrations coincide with the rise of a related worry: with whisperings of an Apple vehicle, alongside an exploration into original media, there’s a growing sentiment that Apple’s focus is drifting.

These two narratives converge in a way that I think makes longtime Apple customers uncomfortable. For those who recall the Apple of the ’90s, there’s a lingering doubt that the company can juggle so many projects at once while maintaining a focus on quality. I’m not sure that’s right, but I’m also not sure it’s entirely inaccurate.

There are, of course, key differences between the Apple of the mid-’90s and the company of today. The grunge-era Apple didn’t just lack focus — it lacked an idea of what focus is, and what to strive for. The post-renaissance Apple is much more attuned to the purpose and vision for their products:

Over its 40 years of existence, Apple has been seen as a laggard in music, video, the Internet, telephony, wireless, content creation, networking, semiconductors, software applications, touch screens, gesture controls, materials, messaging, news aggregation, social media, voice recognition, and mapping. (That’s not even close to being an exhaustive list.) Nevertheless, the company has managed to survive by doing an unmatched job of integrating the most important of those technologies into products that eventually delight many customers. By the time Jobs died, Apple’s innovation process — the way it accomplishes that job of creating, acquiring, improving, and integrating technology — was polished and proven. It was arguably Jobs’s greatest gift to his successor.

Cook has maintained this, growing R&D spending while introducing products that are defining entire categories: the MacBook for the high-end ultraportable laptop market, and the Apple Watch for smartwatches. There are clear echoes of his predecessor in those products.

Yet the Apple Watch, in particular, felt a little rushed. I’ve been running watchOS 3 since the first beta and, without giving too much away, you should know that the speed and UI improvements are very real. Could Apple have released watchOS 3 as watchOS 1 or 2? Probably not. But could someone have foreseen that dedicating the side button to a single set of communication functions only available to Apple Watch owners was, at best, an overly-optimistic assessment of first-year Watch ownership? Probably, yes.1

This year also sees the redesign of two major efforts launched just last year: both News and Apple Music are receiving significant facelifts designed to alleviate confusion and make the apps more user-friendly. The Apple TV is also getting a dark mode this year, presumably because having a bright white UI on an object used in a darkened room can be quite glaring.

That’s not to say that Cook’s Apple is debuting more duds than Jobs’. Consider, for example, the number of times Apple attempted and failed to do online services before iCloud. iCloud isn’t perfect, of course, nor is it as reliable as we’d like, but it’s good enough that I entrust my contacts, calendars, keychain, and photo syncing to it. I think the ratio of hits to misses has remained constant, or perhaps even improved slightly. But the scale of today’s Apple is affecting that perception, and that’s not an excuse. Scale must be managed.

There’s an implicit unsaid followup to many of the questions about the debut of Maps and Apple Music, which goes something like this: In what specific ways are the lessons learned from the launch of these products impacted the development and preparations for the introduction of the next big thing, whatever that may be? In the vein of the attributes that define Tim Cook’s Apple, I’m confident that attention to detail at an unprecedented scale is something they’re getting better at, though not to a great enough extent that it feels fully managed yet.

  1. Perhaps the Digital Touch features coming in iOS 10’s Messages app were supposed to debut alongside the Watch, but were delayed. Just a guess. ↩︎

Google Plus Continues Its Slow March Towards the Sunset

Lucia Maffei, TechCrunch:

In an email to TechCrunch, Google confirmed the news that “a G+ profile is no longer needed to post a review.” Rumors that the change was happening were first reported by Android Police, which quoted several tips from its readers.

This is in addition to the unbundling of Google Plus from YouTube and their Photos product, and a complete overhaul of Google Plus to make it a shitty version of Pinterest that nobody uses.

I wouldn’t be surprised if, in the next two-to-three years, Google shutters the Plus brand after parceling out any remaining components they feel remain worthwhile.

Maybe an OLED Strip Could Bring QuickType to the Mac

Lou Miranda has an intriguing idea for how the rumoured OLED strip on the new MacBook Pros could be utilized:

By having an OLED touch screen instead of function keys, Apple can bring the API that supports inputAccessoryView to the Mac (helping developers create apps that work identically on iOS and OS X).

While you’re in the Finder in OS X, the OLED touch bar will display things like volume & brightness & media playback controls. When you’re in Pages, it’ll display buttons for bold, italic, font, text size, etc. (and maybe a generic button to bring up media playback, too). When you’re in FCP X, the OLED touch bar will display options for editing video.

His ideas are similar to what I wrote yesterday, but I wasn’t considering it in the style of the QuickType bar that appears above the keyboard on iOS. But I’m still not convinced that I’ll like all of my keyboard functions changing with each application. Perhaps there’s a way to “lock” certain widgets.

Cat and Mouse

Facebook’s Andrew Bosworth, Tuesday:

We’ve designed our ad formats, ad performance and controls to address the underlying reasons people have turned to ad blocking software. When we asked people about why they used ad blocking software, the primary reason we heard was to stop annoying, disruptive ads. As we offer people more powerful controls, we’ll also begin showing ads on Facebook desktop for people who currently use ad blocking software.

Ben Williams of Adblock Plus, Thursday:

Two days ago we broke it to you that Facebook had taken “the dark path,” and decided to start forcing ad-blocking users to see ads on its desktop site. We promised that the open source community would have a solution very soon, and, frankly, they’ve beaten even our own expectations. A new filter was added to the main EasyList about 15 minutes ago. You’ll just need to update your filter lists (see below for how).

Josh Constine reporting Thursday night for TechCrunch:

A source says Facebook is now rolling out the code update that will disable Adblock Plus’ workaround. It should reach all users soon.

Adblock Plus on Twitter earlier this morning:

UPDATE: @TechCrunch @joshconstine say that FB had a workaround, but there’s already a workaround to that workaround. Just update filters ;)

Back to that post from Constine:

And Facebook has already broken the new workaround from Adblock Plus, which vows to strike back soon.

Adblock Plus is apparently working on a patch to block ads again, and so it goes. I can’t wait to see which party decides that it’s simply not worth it to keep going on. Facebook is motivated by money; Adblock Plus, by principle.

Update: I forgot that Adblock Plus is also motivated by money:

We receive some donations from our users, but our main source of revenue comes as part of the Acceptable Ads initiative. Larger entities pay a licensing fee for the whitelisting services requested and provided to them (90% of the licences are granted for free, to smaller entities).

Thanks to Erik Michaels-Ober for reminding me.

Apple Rumoured to Be Working on a MacBook Pro Overhaul

Mark Gurman, now at Bloomberg, has the scoop on an upcoming MacBook Pro refresh. Among the much rumoured updates is, allegedly, the replacement of the function keys across the top of the keyboard with a touchscreen OLED strip:

Apple’s goal with the dedicated function display is to simplify keyboard shortcuts traditionally used by experienced users. The panel will theoretically display media playback controls when iTunes is open, while it could display editing commands like cut and paste during word processing tasks, the people said. The display also allows Apple to add new buttons via software updates rather than through more expensive, slower hardware refreshes.

These are probably the least-exciting uses for something like this. Imagine scrubbing along the whole timeline of a movie with just the tip of your finger, or manipulating specific brush characteristics in Photoshop. Maybe you could flip through iBooks by scrubbing along, or customize it for changing equipment in a video game. Just a few ideas.

Maybe this and the lack of a headphone jack in the new iPhone have a much simpler explanation: maybe Phil Schiller got sick of hacky media playback controls. The previous-play/pause-next function keys on a MacBook can get confusing when there’s more than one media playback app open. And, as for the remote on a pair of headphones, it’s a very clever hack that doesn’t work reliably — at least, it doesn’t for me.

I think a multipurpose, adaptable function strip would be infinitely more useful than a strip of function keys. Here’s what I mean: look at your keyboard from an oblique angle and notice all the places where the original plastic texture remains, and where it has been worn down. If your keyboard is anything like mine, it’s probably mostly shiny, but the strip of function keys at the top likely looks pretty similar to the day you bought it. Those keys have valuable purposes, of course, but they’re nowhere near as oft-used as the rest of the keyboard. Why fix them in plastic?

But, then again, would you want your keys to be changing whenever you switch applications? I anticipate this and many other questions will be answered whenever this product debuts:

The MacBook Pros aren’t likely to debut at an event currently scheduled for Sept. 7 to introduce next-generation versions of the iPhone, according to one of the people.


John Oliver Isn’t Responsible for Saving Journalism

You’ve probably seen Sunday’s Last Week Tonight piece on the current state of journalism and, well, Tronc.

Well, the Newspaper Association of America didn’t like it very much. CEO David Chavern responded in a blog post:1

Whatever you think of the name “tronc” and that company’s announced growth strategy, at least they are trying new things and trying to figure out how to create great news journalism in the digital era. John Oliver doesn’t seem to have any better ideas.

Joe Amditis of the Center for Cooperative Media replies:

Another reason it’s hard to take Chavern’s blog post seriously is the fact that Oliver isn’t making fun of Tronc because they decided to try something new. He’s making fun of them because they’re overlooking one of the most valuable journalistic assets, a genuine relationship with your audience, in favor of “content funnels” and “a story portfolio of storytelling.”

One of the more depressing losses on the business side of the news is the demise of the advertisement as a functional piece of art. Ads used to be beautiful because they had to be beautiful — if you’re a business paying thousands or tens of thousands of dollars for a full colour back-page ad, you’re going to want to make it the most memorable and compelling visual it can be.

By devaluing the advertisement to online levels, both print and digital advertising has suffered. Instead of gorgeous visuals, we’re typically shown whatever can be put together efficiently and cheaply. Instead of compelling visitors to interact with ads through temptation, advertising has become forceful, with full-page takeovers and animations complete with sound effects.

  1. You’d think that the president of the Newspaper Association of America would have a more apt way to extoll the virtues of newspapers, but hey. ↩︎

‘A Honeypot for Assholes’

Charlie Warzel of Buzzfeed spoke with ten former employees to find out why Twitter’s abuse problem is so shockingly bad. The answer?

[…] Fenced in by an abiding commitment to free speech above all else and a unique product that makes moderation difficult and trolling almost effortless, Twitter has, over a chaotic first decade marked by shifting business priorities and institutional confusion, allowed abuse and harassment to continue to grow as a chronic problem and perpetual secondary internal priority. On Twitter, abuse is not just a bug, but — to use the Silicon Valley term of art — a fundamental feature.

This article looks really bad for Twitter, but it effectively confirms something that was previously alluded to in a post by Biz Stone: they feel that not sanctioning users who are abusive is part of their corporate strategy. Warzel’s sources claim that the in-house rationale is because management thinks that it helps boost their monthly active user count.

Back in February, Umair Haque wrote a terrific article for Harvard Business Review that argues the precise opposite:

In an age of interaction, the simplest path to advantage is higher quality interaction. Abuse isn’t a nuisance that’s peripheral to “real” strategic issues. It is the central strategic issue. Offering low-quality interactions in an omni-connected world is just like selling defective products, the interaction age equivalent of faulty auto parts in the industrial age, or false advertising in the branding age.

Twitter knows that many users are also dissuaded by the bullying and vitriol that prevails on the platform. Last year, then-CEO Dick Costolo sent a memo to Twitter’s staff:

We suck at dealing with abuse and trolls on the platform and we’ve sucked at it for years. It’s no secret and the rest of the world talks about it every day. We lose core user after core user by not addressing simple trolling issues that they face every day.

Today, however, Costolo disputed Warzel’s articleafter the fact:

Total nonsense and laughably false as anybody who would speak on the record would tell you. Absurd.

Not even going to link to it.

Here’s the problem: everyone else was linking to it, especially in replies to Costolo‘s tweet. It’s caused enough of a firestorm that Twitter PR replied to it, though not in the way you might expect. They didn’t bother to denounce any specific statements in Warzel’s piece — rather, they disputed “inaccuracies in the details”, which seems tantamount to admitting that the thrust of the article is correct.1

Twitter clearly has an abuse problem. Though they haven’t released their employee diversity statistics this year, their stats from last year show a company profile that is overwhelmingly white and malethe demographic least likely to be on the receiving end of abuse and bullying. They need to take big steps, because whatever they’ve tried so far isn’t working.

  1. They also complained that they weren’t given adequate notice to respond, something which a Buzzfeed editor denies↩︎

Creepy Email Spam From Criteo

My favourite creepy ad retargeting company strikes again. Fred Benenson:

I recently fell down a deep dark hole on the internet.

It began by researching a part for my central air conditioning but ended up with me stumbling upon a terrible development in modern advertising: spam driven by my browsing habits.

If that sounds like a privacy invading hellscape you’d like to avoid, read on, dear reader.

This is super creepy. I can’t imagine anyone responding positively to receiving unsolicited email from websites that they’ve merely browsed.

Criteo is a French company. As such, it falls under E.U. privacy and communications laws — specifically, the Directive on Privacy and Electronic Communications, which prohibits direct marketing emails without an explicit opt-in. However, these restrictions are relaxed if those contact details are used to market products that are similar to a sale made in a previously-established customer relationship. Perhaps that has unintentionally incentivized more targeted advertising. There are also no regulations that explicitly prohibit buying or selling lists of email addresses.

Even if all of this is fine, legally speaking, it seems unambiguously creepy and unwanted from a moral or ethical standpoint. Users need better privacy protections to prevent the sharing of email lists, and restrict email communications to those solely related to individual, direct requests.

Update: Benenson is perhaps inaccurate with this statement:

I am signed up to some platform which is considered a Criteo partner. This could possibly be Facebook since Criteo boasts a “close partnership” with them. That platform actually has my email address and my consent to send me email.

While Criteo does say that they use Facebook and Instagram data for personalization, Facebook’s data use policy says that they require opt-in for third-parties’ use of email addresses:

We do not share information that personally identifies you (personally identifiable information is information like name or email address that can by itself be used to contact you or identifies who you are) with advertising, measurement or analytics partners unless you give us permission.

Unfortunately, as Criteo fails to disclose precisely where an email address in their system originated, it is difficult to trace it back to a specific instance. But, by blending together lots of information across multiple sessions into a single advertising profile, Criteo has created a system where private data is shared and marketed against in ways that are hard to imagine for most users. The ambiguity of granting permission — and how far that permission extends — is why strong privacy legislation is needed.

Snapchat Releases, Then Pulls, ‘Yellowface’ Selfie Filter

Kwame Opam, at the Verge:1

Just four months after causing outrage over a similarly offensive selfie lens, Snapchat has incurred the wrath of its users by enabling what many see as, effectively, a yellowface lens. According to Mic, users called out the social platform on Twitter yesterday, saying the lens caused people’s faces to look like racist Asian caricatures.

That’s pretty racist. How this made it through an internal review process to be released publicly is a mystery to me — Snapchat hasn’t released their employee diversity stats. I’ve reached out to ask if they plan on doing so, and I’ll update my annual survey should they come through.

  1. While this story originated at Mic, they have autoplaying video ads and full-screen takeover subscription prompts. Why would I want to subject you, dear reader, to that madness? ↩︎

Diversity of Tech Companies by the Numbers: 2016 Edition

For the past few years, tech companies have been publicly releasing the diversity statistics of their employees. Over the same amount of time, I’ve compared their numbers to United States national statistics, via the Bureau of Labor Statistics’ releases — you can see that in the 2015 and 2014 editions.

This year, it’s more of the same, in more ways than one: I’ll be comparing those stats side-by-side in the same categories as defined by the BLS’ EEO-1 form — which limits the available racial and gender identity information — followed by some brief analysis. New this year is that I’m also noting the year-over-year percentage point difference. Please be aware that rounding errors and other factors may create imperfect differences from last year’s figures; however, these differences are worthwhile guidance.

One more note: last year, LinkedIn and Yahoo released their stats at the beginning of June and July, respectively, while Amazon and Twitter released theirs later in August. A Yahoo spokesperson told me that their diversity report will be available in September, while a LinkedIn spokesperson is tracking down their report internally. I will update this article should their figures become available.

Gender Diversity

Gender stats are reported by all companies on a global level; ethnic diversity is typically reported at a U.S.-only level. In the past, I’ve compared both sets of stats against U.S. figures; this year, I’m adding worldwide labour participation rates for genders, for a more complete set of stats. The World Bank only reports female labour force participation for their worldwide stats; the male labour force participation has been inferred based on the binary gender system currently used for these reports.

Gender Diversity, U.S.A.
Category Male Female
U.S.A. Overall (approx.) 49% 51%
U.S.A. Workforce (PDF) 53.2%
Δ 0
Δ 0
Worldwide Workforce (inferred) 60% 40%
Gender Diversity in Tech Positions
Company Male Female
Amazon 63% 37%
Apple 77%
Δ -2
Δ +1
Facebook 83%
Δ -1
Δ +1
Google 81%
Δ -1
Δ +1
LinkedIn 82% 18%
Microsoft 83.0%
Δ +0.2
Δ +0.2
Twitter 87% 13%
Yahoo 84% 16%
Gender Diversity in Non-Tech Positions
Company Male Female
Amazon 63% 37%
Apple 62%
Δ -1
Δ +1
Facebook 47%
Δ -1
Δ +1
Google 53%
Δ 0
Δ 0
LinkedIn 50% 50%
Microsoft 58.1%
Δ +1.3
Δ -1.1
Twitter 50% 50%
Yahoo 45% 54%
Gender Diversity in Leadership/Executive Positions

The “U.S.A.” row uses the “management, business, and financial operations” data row from the BLS report, as a rough and imperfect approximation.

Company Male Female
U.S.A. (PDF, pgs. 23-25) 56.3%
Δ -0.4
Δ +0.5
Amazon 75% 25%
Apple 72%
Δ 0
Δ 0
Facebook 73%
Δ -4
Δ +4
Google 76%
Δ -2
Δ +2
LinkedIn 70% 30%
Microsoft 82.6%
Δ +0.1
Δ -0.1
Twitter 78% 22%
Yahoo 76% 24%

Ethnic Diversity

As Google says in their report, “ethnicity refers to the EEO-1 categories which we know are imperfect categorizations of race and ethnicity, but reflect the US government reporting requirements”. Please keep that in mind.

The “U.S.A. Workforce” row uses data provided by the Bureau of Labor and Statistics (PDF). Their demographics information (indicated page 9) is kind of a pain in the ass, though: the unemployed column is a percentage of the labour force, but the employed column is a percentage of the total population. I’ve done the math, though, and the results are what’s shown below. In addition, the BLS does not separate out those of Hispanic descent because “[p]eople whose ethnicity is identified as Hispanic or Latino may be of any race.” As such, the row will not add to 100%, but the percentage of Hispanics in the workforce has been noted per the table on page 10.

Similarly, the “U.S.A. Overall” row uses data from the CIA World Factbook, and they, too, do not note those of Hispanic descent separately. This row will also not add to 100%.

Ethic Diversity, U.S.A.
Category White Asian Hispanic Black Mixed Other or
U.S.A. Overall 79.96% 4.43% 15.1% 12.85% 1.61% 1.15%
U.S.A. Workforce (PDF) 79.1%
Δ -0.3
Δ +0.1
Δ +0.4
Δ +0.2
Δ +0.5
Δ +0.2
Ethnic Diversity in Tech Positions

This year, I’ve added a row for the U.S.A. tech workforce as a whole, for comparison. It uses the “computer and mathematical operations” data row from the BLS report. Amazon does not separate tech and non-tech employees.

Company White Asian Hispanic Black Mixed Other or
U.S.A. (PDF, pg. 26) 70.0%
Δ -0.9
Δ +0.7
Δ +0.3
Δ +1.4
Amazon 60% 13% 9% 15% N/A 3%
Apple 55%
Δ +2
Δ +2
Δ 0
Δ +1
Δ 0
Δ -5
Facebook 48%
Δ -3
Δ +3
Δ 0
Δ 0
Δ 0
Δ +<1
Google 57%
Δ -2
Δ +2
Δ +1
Δ 0
Δ 0
Δ 0
LinkedIn 34% 61% 3% 1% 1% <1%
Microsoft 55.5%
Δ -0.3
Δ +0.4
Δ 0
Δ +0.1
Δ +0.1
Δ +0.1
Twitter 56% 37% 3% 1% 1% 2%
Yahoo 31% 61% 3% 1% 1% 3%
Ethnic Diversity in Non-Tech Positions

Amazon does not separate tech and non-tech employees.

Company White Asian Hispanic Black Mixed Other or
Amazon 60% 13% 9% 15% N/A 3%
Apple 58%
Δ +3
Δ +1
Δ +2
Δ +1
Δ 0
Δ -6
Facebook 60%
Δ -2
Δ +1
Δ 0
Δ +2
Δ 0
Δ 0
Google 63%
Δ -1
Δ 0
Δ +1
Δ 0
Δ 0
Δ 0
LinkedIn 66% 25% 4% 3% 2% <1%
Microsoft 67.6%
Δ 0
Δ +0.7
Δ +0.6
Δ +0.1
Δ +0.1
Δ 0
Twitter 62% 24% 4% 4% 1% 5%
Yahoo 66% 19% 6% 3% 3% 3%
Ethnic Diversity in Leadership/Executive Positions

The “U.S.A.” row uses the “management, business, and financial operations” data from the BLS report, as a rough and imperfect approximation of the broad US national trend.

Company White Asian Hispanic Black Mixed Other or
U.S.A. (PDF, pg. 25) 84.2%
Δ -0.1
Δ 0
Δ +0.5
Δ +0.1
Amazon 71% 18% 4% 4% N/A 3%
Apple 67%
Δ +4
Δ 0
Δ +1
Δ 0
Δ -6
Facebook 71%
Δ -2
Δ 0
Δ 0
Δ +1
Δ +1
Google 70%
Δ -2
Δ +2
Δ 0
Δ 0
Δ +1
Δ 0
LinkedIn 63% 30% 4% 1% 2% 0%
Microsoft 70.1%
Δ -1.0
Δ +1.1
Δ +0.1
Δ -0.1
Δ 0
Δ 0
Twitter 72% 28% 0% 0% 0% 0%
Yahoo 73% 19% 2% 1% 2% 3%


Let’s get something out of the way: I’m a white twenty-something Canadian who graduated from art college. Analysis of statistics of racial and gender diversity at American tech companies is not exactly my strongest suit. But, hey, you’ve made it this far. I want to be as fair as possible to everyone represented in these stats and at these companies. If there’s a problem, please let me know.

  • Apple notes this year that they achieved pay equity for all U.S. employees.

  • Apple also says that they reduced the amount of employees who chose not to declare their race or ethnicity compared to previous years. The majority of those identified as white.

  • Microsoft was a real mixed bag this year, becoming whiter and more male in a few areas — and, in some, significantly so.

  • Facebook made a relatively large 8 percentage-point shift in favour of women in leadership roles. No other company reported as large of a gain in any demographic.

  • Facebook also became the first company to highlight their LGBTQ community, with 7% of their staff identifying.

  • However, a disproportionately low presence of black employees continues at Facebook, Google, and Microsoft. All three companies have released products with flaws experienced by black and darker-skinned users — issues that, if those companies had a greater proportion of black employees, would likely have been found and corrected.

  • I will reiterate that one of the excuses most frequently cited by tech companies for their lack of diversity is a small selection of underrepresented prospective employees coming out of colleges and universities in the United States. This is false.

  • Across the board, most gains are on the order of one or two percentage points, or even less. This is similar to last year’s incremental improvements.

  • Even though half the companies I survey annually have yet to release their latest data, I don’t anticipate much difference from last year. As I said at the top, however, I will update this should those figures become available.

  • Something that, unfortunately, comes with reporting any stats on gender and ethnicity is that angry white men use it to try to support their thesis that the white male is oppressed. These people can quietly fuck themselves.

Update Aug 15: A LinkedIn spokesperson has told me that their stats will be out by the beginning of October, but noted that their numbers are “looking strong”. We shall see.

Embrace, Extend, and Extinguish

You may recall that Amazon recently began offering a new smartphone that launched with an intriguing pricing strategy. Joanna Stern, Wall Street Journal:

Even though Amazon sells the R1 HD for as little as $50, on the open market it starts at $100. Why the discount? Ads. Sorry, “special offers.” Which are ads.

If you’re an Amazon Prime member, you pay $50 (plus an extra $10 if you want more memory and storage), and on the lock screen, you see a rotation of promotions similar to what appears on Amazon tablets and e-readers. The shopping giant knocks down the price knowing it will make back the money and then some.

Putting ads on a platform owned by an advertising technology company is a pretty bold move. Unfortunately for Amazon, it was a little too bold for Google.

Ron Amadeo reports for Ars Technica on the state of the version of Android coming on Google’s new Nexus phones:

In Android, the System UI is a huge deal since it’s responsible for much of the base operating system. It handles the bottom navigation bar, the top status bar, the notification panel, Quick Settings, Recent Apps, the lock screen, the volume controls, and the power button long-press menu. The new Nexus devices are apparently going to replace the open source System UI with a proprietary APK called the “Google System UI.”


We’d imagine the System UI could take a similar path to the Google Now Launcher. The [Android Open Source Project] version of the launcher still exists, which OEMs take and make questionable changes to. Users are free to download the Google version of the launcher (today it’s available through the Play Store), which allows them to undo a big chunk of the OEM changes. It would be amazing to have the option of restoring Android’s notification panel and Recent Apps screen if OEMs get too out of hand.

Jack Wellborn:

Carriers and handset makers’ inability and unwillingness to push updates of any sort, including those vital to their customers’ security, gives Google a very good reason to shift as much of Android to their control by any means possible, but migrating functionality to Play also effectively replaces open source Android with Google proprietary code. While it’s certainly reasonable to expect that Google’s applications and services like YouTube or GMail would remain proprietary, it seems open source Android functionality is increasingly being migrated to closed source for the sole strategic benefit of Google. Additionally, as functionality is added to Play, any open source counterpart in Android languishes without Google’s vast resources.

Android may technically be open source, and much of its development still occurs in a way that anyone can freely download and build from. But it is becoming increasingly under Google’s control by default, with core features restricted to platform partners and parts of the system moving closer to propriety. It’s clearly not under the same level of control as iOS is under Apple, but there is a growing rift between the open source promise and the contractually-agreed proprietary reality.

Facebook Says That It Will Override Ad Blockers

Andrew Bosworth of Facebook, in a press release euphemistically titled “A New Way to Control the Ads You See on Facebook, and an Update on Ad Blocking”:

We’ve designed our ad formats, ad performance and controls to address the underlying reasons people have turned to ad blocking software. When we asked people about why they used ad blocking software, the primary reason we heard was to stop annoying, disruptive ads. As we offer people more powerful controls, we’ll also begin showing ads on Facebook desktop for people who currently use ad blocking software.

The defiance in that last sentence is kind of incredible, when you think about it. Imagine if it were a slightly different browser feature, like cookie permissions (emphasis added):

As we offer people more powerful controls, we’ll also begin setting cookies on Facebook desktop for people who currently block cookies.

Ludicrous, no?

Jack Marshall reports for the Wall Street Journal on this news:

Mr. Bosworth acknowledged that forcing ads onto people who have attempted to avoid them could irritate those users, but he said the company has invested heavily in ensuring advertising on Facebook is “uninterruptive” and relevant. Facebook is also introducing more ways for users to control the type of advertising they see on the service.

For some people, having increasingly relevant ads is the problem. Its indicative of deeper tracking and further privacy intrusions.

If you’re a Facebook user, it’s worth taking a look at your privacy and advertising controls to ensure nothing has changed — Facebook has a history of adjusting user preferences when they roll out large changes like this.

By the way, I discovered a somewhat minor advantage to providing your contact details to Facebook: they show you which advertisers have those details, like your email address. It’s buried a little bit, but if you go into Account SettingsAdsManage the preferences we use…Visit Ad Preferences and scroll down, you’ll see a cell that says “Advertisers”. Click or tap on With your contact info to see the Facebook advertisers who have your contact email from another source, like a mailing list. I found out that a couple of advertisers who I’ve never heard of have somehow acquired one of my less-public email addresses, perhaps through a bought email list.

Update: The instructions above were made while referencing the website on my phone. You should see advertisers who have your contact info at the bottom of this page; if you don’t see it, it might be because an advertiser hasn’t uploaded your contact info to Facebook.

Slides From Apple’s Presentation at Black Hat USA (PDF)

Apple’s head of security Ivan Krstić spoke at Black Hat USA this year to announce, amongst other things, a new bug bounty program. Their bug bounty program has very generous rewards and a 1:1 matching program for donating the reward to charity.

Black Hat posted the slides (PDF) from Krstić’s talk, with lots of information about security protocols in iOS 10, WebKit, the Secure Enclave, and lots more.

For instance, there’s a new method of backing up iCloud Keychain secrets to a secure Apple server, to be used when trying to recover the iCloud Keychain if a device is lost. Krstić says that this requires an additional credential: a device passcode, typically. I saw this firsthand when I installed the developer beta of MacOS Sierra, and was prompted to enter my iPad passcode.

The set of slides beginning at 63 is also worth your time. It’s about how Apple controls iCloud security internally, and it’s surprising, to say the least.

Like any good talk, these slides are merely supplementary and will require more context from the presentation itself. Black Hat will probably post a video to their YouTube channel in the coming weeks; keep an eye out.

If you’re looking for a deeper dive into the Secure Enclave, a few security researchers from Offcell Research and Azimuth Security did their best to examine it for quality and flaws. Almost all of their slides go way over my head, but they did say this in their conclusion:

Overall hardware design is light years ahead of competitors

That’s reassuring, at least.

If you spot a more accessible summary of either of these talks, please do let me know.

Google Debuts New Photos Commercial

This ad is perfect. The only reason it exists is because Apple has decided to be stingy with their storage offerings: the iPhone still starts at 16 GB, and iCloud offers just 5 GB for free. It may only be an extra dollar per month to get 50 GB of storage, but why does it cost a dollar? If you’ve just paid $649 for new iPhone, you probably feel like that should have included a barely-tolerable 50 GB of iCloud storage, too. When you’ve missed a photo because you’ve run out of space, you’re not thinking about the business model of the company that made the phone. You just wanted that photo.

Update: I previously misstated that the first paid iCloud tier, at $1/month, offered 20 GB of storage. It’s 50. Apple has a full list for the pricing in all countries where it’s offered.

Tweaked First-Generation Apple Watch Rumoured to Release Alongside New Model

Mikey Campbell at AppleInsider:

[KGI analyst Ming-Chi Kuo] believes Apple is planning to launch two new Apple Watch versions in the second half of 2016, both of which offer moderate improvements over their predecessor. The first unit will be an iterative upgrade on the original Apple Watch and is expected to sport the same aesthetics, but with improved intervals like a TSMC processor built on the 16nm process. Waterproofing should also be slightly improved.

A second version, dubbed “Apple Watch 2,” is also expected to share the same general design as current models, but will include a GPS radio and barometer for improved geolocation capabilities. A higher capacity battery will be included to power the advanced components, but its size will prohibit Apple’s usual generational device slimming.

I wouldn’t be surprised if the major external differentiator between the current Apple Watch models and the second-generation units is in the finishings. I doubt the Edition model will hang around, but new case options like titanium or bright colours for anodized aluminum might be fun.

These days, Apple tends to drop the price of the existing units while leaving them on sale, so it seems likely that they’d do the same for the Watch. But, like the iPad 2’s quiet update from a 45nm process A5 to a 32nm variant in 2012, it could go completely unannounced.

A Rough Week for Twitter Communications

Alex Kantrowitz, reporting for Buzzfeed on Sunday:

Natalie Kerris, who joined Twitter as its VP of communications in February, is leaving the company, BuzzFeed News has learned. Leslie Berland, Twitter’s chief marketing officer, will lead both marketing and communications in a combined role.

BuzzFeed News confirmed the departure with a Twitter spokesperson. “During her time leading communications at Twitter, Natalie helped us share the Twitter story with the world. We are grateful for her energy and enthusiasm and the impact she’s had, even in this short time,” said the spokesperson. “We wish her all the best.”

Kurt Wagner, reporting for Recode on Thursday:

Twitter is losing another key member of its communications team. Jim Prosser, the company’s head of corporate and policy communications, is leaving Twitter for SoFi at the end of the week.

Prosser is taking over as VP of Communications and Policy at SoFi, a five-year-old loan and financing startup in San Francisco.

Alexandra Valasek, head of Consumer Communications at Twitter, today:

It’s been an incredible 4 years, @Twitter! (I never stopped smiling). So very excited to join the team at @Uber

As far as I can tell, Twitter’s communications team is already pretty small. A LinkedIn search shows a team of about 173 people, though most of those are spread around the world for local communications purposes, and the results start to become irrelevant on the fifth page. I counted a couple dozen currently working in San Francisco in Communications positions. Losing three high-ranking staff members in a single week can’t be a good sign.

Don’t Mention the Games

The Olympic Games begin today in Rio, but if you’re thinking about tweeting about it from a business account in the United States, you should know that the USOC is cracking down on such flagrant misuses of Olympic intellectual property such as mentioning the Games at all. Christine Birkner, AdWeek:

While individuals, news media and official sponsors are generally free to post about the games and athletes during the Olympics, other businesses and brands are essentially locked out from anything close to a direct discussion.

Summarizing its many brand restrictions, which you can see detailed below, the USOC warns businesses: “Do not create social media posts that are Olympic themed, that feature Olympic trademarks, that contain Games imagery or congratulate Olympic performance unless you are an official sponsor as specified in the Social Media Section.”

The list of brand restrictions includes prohibitions on using the names of Olympic cities, hashtags associated with Olympic trademarks — the list is long — posting results from any Olympic event, or retweeting officially-sanctioned Olympic posts. Seems a little harsh, doesn’t it?

A Minimum Expectation of Privacy

The New York Times editorial board in March of this year:

Under the proposal by the chairman, Tom Wheeler, cable and phone companies would be allowed to use personal data for things like billing and pitching more expensive versions of services that customers are already using. Customers could opt out of marketing for other services provided by their broadband companies. And the companies would have to get permission from their customers before they could do more with the data, like selling it to advertisers. Another rule would require companies to protect the data and notify customers, the commission and law enforcement agencies if the information was stolen.

These are similar to the protections the commission has long imposed on phone companies. Those rules have worked so well that most Americans do not worry that Verizon or T-Mobile is listening to their conversations or using call records to market products and services. People should have similar privacy protections when they use cable or phone lines to get on the Internet.

As far as I’m concerned, this policy is a no-brainer.

Amicus Curiæ of Designers Submits a Brief in Favour of Apple (PDF)

Speaking of copying and Samsung, an amicus curiæ of over a hundred designers of all stripes have submitted a brief arguing in favour of Apple in their long-running legal battle. This is a link to a PDF copy of a legal document, but it’s a surprisingly breezy read. Among the signatories: Raymond Riley of Microsoft, Calvin Klein, Norman Foster, Alexander Wang, former Apple industrial designer Robert Brunner, and — naturally — Dieter Rams.

The Audacity of Copying Well

Instagram announced on Monday that they had blatantly copied Snapchat’s “Stories” feature. It’s called Instagram Stories, because they’re clever like that, and Ben Thompson is actually rather impressed:

Still, cloning isn’t enough. The fact features don’t offer useful differentiation does not remove the need for differentiation: the key is figuring out what else can be leveraged. Google, for example, may have largely copied the iPhone’s UI, but the key to Android’s success was the search company’s ability to leverage their advertising-based business model to offer it for free. On the hardware side Samsung leveraged their manufacturing might and long-established distribution channels to dominate the otherwise undifferentiated Android market, at least for a time. And, in perhaps the most famous example of this strategy, Microsoft embraced web standards with Internet Explorer, extended their browser’s capabilities with features like ActiveX, eventually extinguishing the threat when Netscape couldn’t keep up.

This is why it is so fascinating that Facebook is leveraging Instagram in this way. For all of Snapchat’s explosive growth, Instagram is still more than double the size, with far more penetration across multiple demographics and international users. Rather than launch a “Stories” app without the network that is the most fundamental feature of any app built on sharing, Facebook is leveraging one of their most valuable assets: Instagram’s 500 million users.

Unlike Google leveraging their massive user base to try to compete with Facebook, Instagram didn’t try to get clever with their Snapchat clone. It is shockingly — brazenly — similar. And, in a perverse way, that’s probably one of the main reasons it seems to be working so far.

Update: As though Thompson’s argument wasn’t abundantly clear, Instagram just sent out an email newsletter announcing Stories. One of the headings in the email? “Your Friends Are Already There”.

Comcast Exploring Plans to Sell Customers’ Web Browsing Data to Advertisers

Following in the footsteps of AT&T’s deceptively-named “Internet Preferences” program, Comcast also wants the right to sell customers’ web browsing data to advertisers. And they’re arguing this at the same time as the FCC is exploring new privacy regulations.

Francis Buono of Comcast, in a regulatory filing concerning an FCC meeting this Monday:

First, we expressed our agreement with the Federal Trade Commission’s (“FTC’s”) comments in this proceeding that the FCC should adopt a sensitivity-based approach to consent. Under such an approach, opt-in consent would be required only with respect to the use or disclosure of sensitive information (financial, health, and children’s information, Social Security numbers, and precise geolocation information), while the use and disclosure of non-sensitive information would be subject to opt-out consent in most instances and implied consent for an ISP to market its products and services to its customers.

While Comcast is generally correct in asserting that data disclosures for marketing purposes are generally opt-out, an ISP should be treated separately. Brian Fung of the Washington Post:

Consumer groups who oppose Comcast have said that Internet providers have a unique vantage point over everything an Internet user does online. For example, Netflix’s intelligence about its users is largely limited to what customers do on its own platform, with little visibility into how those same people watch videos on Hulu or Amazon. […] Internet providers, however, can detect when a subscriber visits all three sites.

The assumption that consumers would generally agree to their personal information being used for marketing purposes without their consent is fundamentally flawed. If provided a choice, most people would probably decline to opt into their data being used for targeted marketing.

Comcast and AT&T know this, which is why they’re offering deep discounts to incentivize subscribers’ consent. Or, to put it another way, Comcast is planning to charge customers extra — and AT&T is currently doing so — to continue to have basic privacy protections on the web.

Update: For comparison, note this Information Week article published in 2002:

Comcast Corp. last week bowed to pressure and agreed to stop recording the IP addresses of its high-speed Internet customers. Some say Comcast could have sidestepped the issue altogether had it been more up front with customers.

The controversy began after a customer noticed his Internet query was being redirected to another Web page. He correctly concluded that Comcast was logging customers’ activity and spread the word. At issue was Comcast’s installation of caching technology in its network six weeks ago to optimize performance by determining which Web pages customers visit the most and then caching them for faster response times.

Comcast is using Inktomi Corp.’s caching technology. When set at the default configuration–which was the case at Comcast–the system logs customers’ IP addresses and the IP addresses and URLs of the Web pages they visit, then purges the data within 36 hours. Customers’ IP addresses were never matched with names or other personal information, Comcast executives say.

Yahoo Is Investigating a Possible Leak of 200M Accounts

Joseph Cox, Vice:

On Monday, the hacker known as Peace, who has previously sold dumps of Myspace and LinkedIn, listed supposed credentials of Yahoo users on The Real Deal marketplace. Peace told Motherboard that he has been trading the data privately for some time, but only now decided to sell it openly.


According to a sample of the data, it contains usernames, hashed passwords (created with md5 algorithm), dates of birth, and in some cases back-up email addresses. The data is being sold for 3 bitcoins, or around $1,860, and supposedly contains 200 million records from “2012 most likely,” according to Peace. Until Yahoo confirms a breach, however, or the full dataset is released for verification, it is possible that the data is collated and repackaged from other major data leaks.

In mid-2012, the login details for around 450,000 Yahoo accounts were publicly leaked. It’s unclear how much overlap there is between this alleged stash of 200 million accounts and those. Even if all of those previously-leaked details were included, that’s still well under 1% of all of the accounts allegedly part of this leak. This year — or, well, decade — really isn’t treating Yahoo very well.

Apple Releases Its 2016 Corporate Diversity Stats

Most of the improvements are 1–2 percentage points, compared to last year’s figures. A highlight from their report is that American workers now have total compensation equity across men, women, and minorities — I think that’s significant progress. But, while Apple is on the right path, they still have a long way to go to ensure better representation across their entire staff. The disparity is particularly noticeable at the executive level, which remains predominantly white (67%) and male (72%).

The Outline of Joshua Topolsky

Yesterday, Joshua Topolsky took the wraps off his new venture, the premise for which was outlined in an April 25 essay that Topolsky published on Medium:

So over time, we built up scale in digital to replace user value. We thought we could solve with numbers (the new, seemingly infinite numbers the internet and social media provides) what we couldn’t solve with attention. And with every new set of eyeballs (or clicks, or views) we added, we diminished the merit of what we made. And advertisers asked for more, because those eyes were worth less. And we made more. And it was less valuable.

The media industry now largely thinks its only working business model is to reach as many people as possible, and sell — usually programmatically, but sometimes not — as many advertisements against that audience as it can. If they tell you otherwise, they are lying.

They are also wrong, I believe, in the long run.

Enter: the Outline. Topolsky and Ryan Houlihan spoke about it at length on his podcast, Tomorrow, but if you don’t have nearly an hour to spare, Mike Shields of the Wall Street Journal summed it up in an article yesterday:

Mr. Topolsky is touting The Outline as something of the antidote to a rising crop of digital media brands that are reliant on social media distribution and, in his mind, are too focused on reaching massive user totals.

Instead, with The Outline, Mr. Topolsky said he is aiming to reach roughly 10 to 15 million users, most of whom come directly to his site. “This has to be a real brand,” he said. The site’s content will focus on three areas: power, as it relates to subjects like politics and business; culture; and the future. He said he’s aiming for a smart, influential readership.

The plan is to produce roughly 15 to 20 pieces of content a day, including text articles, more visual stories and video.

Despite the amount by which I loathe the phrases “real brand” and “pieces of content”, and how vague this mission statement is, I’m looking forward to seeing the results of Topolsky’s work. There are some really smart people — like Leah Finnegan and Adrianne Jeffries, to name two — who are setting the foundation for the Outline. This should be good; or, at the very least, worth keeping an eye on.

Glow App Exposed Women to Privacy Threats

Glow is a menstrual cycle and fertility tracking app. Jerry Beilinson, Consumer Reports:

Recently, Consumer Reports tested Glow for security and privacy features as part of a broader project, and found surprising vulnerabilities. One security flaw might have let someone with no hacking skills at all access a woman’s personal data. Other vulnerabilities would have allowed an attacker with rudimentary software tools to collect email addresses, change passwords, and access personal information from participants in Glow’s community forums, where people discuss their sex lives and health concerns.

We concluded that it would be easy for stalkers, online bullies, or identity thieves to use the information they gathered to harm Glow’s users. In July, we shared our concerns with Glow, Inc., the company that makes the app. The executive we spoke with was not aware of the potential vulnerabilities, and the company moved quickly to correct them.

This kind of thing is why last month’s introduction in Europe of a network security law is sorely needed in the United States. Glow reacted responsibly, and Consumer Reports did a good service by finding these faults, but it’s not enough. There’s no legal requirement for companies to disclose their security faults, nor are they mandated to test their apps or services prior to launch.

We’re now providing personal and sensitive information on a regular basis to apps and services. While it would be advisable for consumers to restrict the amount of data they’re providing and to be aware of the possible implications of a breach, users aren’t going to do that, nor should they be expected to. Their data can be transferred in unexpected ways, from the obviously illegal black hat hacker scenario, to a totally mundane corporate acquisition. Users’ data ought to be protected with far more concern than it currently is.

Google to Automatically Link to AMP Results When Available

Joshua Benton, reporting for Neiman Lab in October:

Google said it won’t prefer AMP pages over non-AMP pages in search… but reminded us hint-hint-nudge-nudge that page speed is already a factor in Google results, with faster pages getting preference. […]

Dieter Bohn, reporting for the Verge today:

Now, Google has announced that it plans to expand the delivery of AMP links beyond that carousel to all mobile search results. So when you search for a story and an article from an AMP publisher shows up in search results, clicking on that blue link will take you to the AMP version of the story instead of the traditional website. When a webpage has an AMP version available, it will be represented by a small lightning bolt next to the search result. (For now, Google is offering a “developer preview” of AMP pages within search results to collect feedback before it rolls out to all users later this year.)

AMP, you will recall, is Google’s proprietary fork of HTML that requires the inclusion of a 158 KB JavaScript file to “speed up” the webpage. By contrast, the very page you’re reading is well under 158 KB with everything, including the little sidebar ad and the lightweight analytics script I use.

By the way, in case you’re wondering — and I know you are — the linked Verge page is over 8 MB, took over six seconds to load its over 200 HTTP requests, and included 146 page errors. At the beginning of June, Nilay Patel told me that site performance would get “way better very soon”, but I’m not seeing it.

Update: Just for giggles, I tried loading up the AMP version of this article and, though it loaded in just half a second, its 100 HTTP requests transferred 5.39 MB of data, and created an infinite number of page errors — every second, three new ones are created, due to a bug in the ad script.

Over 100 Redesigned and More Diverse Emoji Coming With iOS 10

Apple PR:

More than one hundred new and redesigned emoji characters will be available to iPhone and iPad users this fall with iOS 10. This exciting update brings more gender options to existing characters, including new female athletes and professionals, adds beautiful redesigns of popular emoji, a new rainbow flag and more family options.

As emoji becomes an increasingly popular universal language, it’s good to see a more representative and inclusive set of options. Good on Apple and the entire Unicode consortium for building out a full array of choices.

Nothing gets people to upgrade to a new version of iOS more than an emoji update. I’m adjusting my totally spitballed and virtually baseless first-week adoption estimate of iOS 10 to 45%, up from 40%.

Update: Looks like the idea for the replacement of the pistol with the water gun originated with Neven Mrgan’s bug report earlier this year.

Boys Don’t Cry

Ben Sisario and Joe Coscarelli, New York Times:

The long wait for a new Frank Ocean album may nearly be over.

Mr. Ocean, the innovative and enigmatic R&B singer, is set to release his next album, “Boys Don’t Cry,” on Friday through an exclusive deal with Apple Music, according to a person with knowledge of the release plans. The release is also expected to include a major video and a printed publication called Boys Don’t Cry that will be distributed at Apple stores.

As far as exclusives go, getting the next Frank Ocean album is about as good as it gets. Few records are as anticipated as “Boys Don’t Cry”.

The Most Popular Product of All Time

Horace Dediu gives some context to Apple’s billion iPhone announcement:

The iPhone is not only the best selling mobile phone but also the best selling music player, the best selling camera, the best selling video screen and the best selling computer of all time.

It is, quite simply, the best selling product of all time.

The scale of this singular product line is astonishing, both in sales and in manufacturing. I know Apple gets a lot of credit for their logistical prowess, but in many ways, I don’t think they get enough.

Intuition and iOS

Ben Brooks makes the case that tasks on iOS are not inherently more difficult or more of a puzzle than on OS X, they’re just different:

But, this is a big but, we do already know how to intuitively do one of these things. We know how to find, and then drag and drop shit where we want it on a Mac — it’s effortless not because the task is easier, but because we know the steps without consciously thinking of the steps since we have been doing it for decades. That’s why it feels easier.

It feels harder on iOS only because you have to stop and think about how to do things, and then you question (because you are a nerd) if the way you thought of is actually the best/right/fastest/easiest way to do that thing.

Dr. Drang is, as he puts it, “sympathetic” to Brooks’ argument, but he thinks Brooks used the wrong example:

But we really don’t have to use the Finder at all. Following Ben’s example, let’s say we have an image file open in Preview and we want to edit it in Acorn. That same icon in the title bar, known formally as a proxy icon, is our ticket, because if we click on it and drag it out of the title bar, it behaves just like a Finder icon.

All we have to do is click on icon in the title bar and drag it over to Acorn in the Dock, and it’ll open.

I’m certainly not the first person to make this argument, but one of the things I think makes for a major head shift when moving to an iOS-centric workflow is that there’s very often just one way of doing something in iOS, while there are multiple ways of doing the same thing on the Mac. Consider the “move file from one app to another” example being used here. On iOS, you use the Share sheet, and that’s the only way, unless the app is stored in iCloud Drive or Dropbox and both apps support that as the file store. On the Mac, you can use the proxy icon, the Finder, the Open/Save sheet, or — in some cases — simply drag the file across in the open workspace.

But that naturally leads to a further question: is having more options inherently good? (Where by “good”, I mean some combination of “more productive” and “easier to use”.)

The myriad options offered for manipulating files on the Mac can certainly be helpful, but it’s also very frequently confusing. Note that I said that it’s sometimes possible to drag a file from one app to another, but this behaviour changes in different apps. For instance, dragging an email message from the inbox of Mail into a text box on a webpage in Safari will insert the subject line from that email. Dragging it to the desktop will save the entire message. Dropping the email into Messages will send a subject line linked to the email message which, to a recipient on a Mac, will not open because they won’t have a copy of that message on their system; on iOS, the link simply won’t appear as a link and the message will just display the subject line. Dragging the email into a Pages document will insert what I’m guessing is the message ID:


Those behaviours can be helpful, but they can also be confusing. Limiting this inter-app file manipulation on iOS to just the Share sheet is more restrictive, yes, but it is also more predictable. If you’ve been using computers for eons, this predictability can seem unnecessary. But for those growing up in a computer-centred world, it’s possibly more logical to use an environment that doesn’t have this legacy baggage.

The Amazon-to-eBay Arbitrage Scheme

It’s not just counterfeit goods on Amazon that are a problem for legitimate businesses. Jason Feifer writes for Entrepreneur magazine on a new scheme that marries Amazon’s generally low prices and dubious eBay sellers:

To see how this works in real time, I go to eBay and buy a Ripple Rug. There are five listings for the product on this day, and I select one from a seller called AFarAwayGalaxy. The price is $49.51; on Amazon, Ruckel sells it for $39.99. So, how’d this listing get here? Almost certainly, the seller is using some kind of software — made by DS Domination or a competitor — that scans Amazon for its best-selling products. (They can also do this on large sites like Walmart’s, though most seem to focus on Amazon). The software found the Ripple Rug, which, on the day in June I buy it, is ranked number 25 in cat toys. Then it copied everything in the Amazon listing and pasted it into an eBay listing –amusingly, right down to the part of the product description that says, “Thank you for viewing our Amazon version of the Ripple Rug.”

The price is usually set between 5 and 15 percent over the Amazon price. When I make the purchase, the person behind AFarAwayGalaxy simply goes to Amazon and buys a Ripple Rug — but instead of buying it for themselves, they designate it as a gift and have it shipped to me. Because I paid $9.52 above the Amazon price, that’s profit, which AFarAwayGalaxy can keep (minus Paypal and eBay fees). This seller has more than 11,000 items listed on eBay. That can quickly add up to real money.

Both Amazon and eBay failed to condemn the actions of these individuals, and they didn’t commit to making changes to prevent this practice. It’s deceptive, and it hurts individuals and businesses more than it has the potential to turn a profit for the weaselly sellers who dabble in it.

Another Analyst Offers Tim Cook Some Advice

I haven’t seen one of these incredibly idiotic articles in a while, but I also haven’t read MarketWatch in a while. Vivek Wadhwa opines:

In June 1985, Bill Gates sent a letter to Apple CEO John Sculley and Mac development head Jean Louis Gassée, urging them license Apple’s operating system to other companies. Apple ignored his advice, and five months later, Microsoft released its own operating system, Windows. It went on to become the dominant player in the personal-computer industry while Apple floundered. Microsoft saved Apple from bankruptcy in 1997 by investing $150 million in it.

There are many ways to interpret this history lesson, but one thing is clear: building an open platform gave Microsoft MSFT a huge advantage. Yes, by focusing on design and integrating hardware and software, Steve Jobs was able to reinvent Apple AAPL and make it the most valuable company in the world. But this came much later, in the 2000s, after the opportunities were lost.

One has to wonder what would have happened if Apple had taken Gates’s advice.

Okay, rewind that:

Yes, by focusing on design and integrating hardware and software, Steve Jobs was able to reinvent Apple AAPL and make it the most valuable company in the world. But this came much later, in the 2000s, after the opportunities were lost.

All of the opportunities were lost for Apple to… — what, exactly? Not become the most valuable company in the world?

Wadhwa is wrong all over this shit show of an article. Apple did license their operating system in the ’90s, and it resulted in a devaluing of their brand and their engineering, both in hardware and software. Not only that, Macintosh clones barely made a dent in the overall Mac OS market share. Clones were unpopular, usually-terrible computers (see note below) that made Mac OS and — as a result — Apple look bad. Why repeat that?

Apple needs to do something dramatic before the spell wears off and we all begin to question the company’s innovation capability again. It needs to follow Bill Gates’s recommendation and offer its operating system on other platforms. Full-featured smartphones can be purchased for as little as $50 in China and India today; that price will fall to less than $25 over the next three or four years, and billions of people will be purchasing them. The market is still in its infancy. Apple should port iOS to Samsung, HTC, LG, Xiaomi, and other brands of smartphones. It still has a chance to displace Google’s Android and become the dominant smartphone platform—if it acts in time.


Will this eat further into iPhone revenue? Yes, it surely will, but this revenue is declining anyway and Apple needs to find alternative revenue sources.

Let’s briefly engage in this crazy parallel universe, just for the hell of it. In what world will an OEM choose to pay for licenses to iOS when Android is free? This is the problem Windows Phone has always had: Microsoft charged for it and established minimum hardware guidelines, thereby limiting its potential.

Any notion that Apple should follow in those footsteps is painfully misguided. But this article trips over itself so many times trying to justify its premise that it becomes clear that Wadhwa has no idea what he’s talking about.

And before you think I’m picking on some no-name analyst, he has some serious credentials:

Vivek Wadhwa, a former tech entrepreneur, is a Distinguished Fellow and professor at Carnegie Mellon University Engineering at Silicon Valley.

He’s also made the Time top 40 as one of the “most influential minds in tech”, and been recognized by Foreign Policy. I don’t think Tim Cook will be feeling his influence on this matter.

Update: Shawn King points to several examples of clones that were better than Apple’s hardware offerings at the time. I remember using bad clones, but clearly there were some good ones around, too.

Don’t Cry for Yahoo

Maya Kosoff, Vanity Fair:

Companies like Twitter and Yahoo already get too much benefit of the doubt by virtue of being in the tech sector. At the beginning, it’s assumed these companies will be unprofitable; investors clamor to pump money into them, typically on the strength of pitch decks and founder promises. In no other industry are companies allowed to flail for so long before ultimately getting smacked down by public or private markets.

This isn’t a purely capitalistic concern for me; it’s more about user rights because of those capitalistic concerns. There are just a handful of likely end-games for an unprofitable or poorly-performing tech company: fill it with ads, sell the company, or shut it down.

These are all concerning avenues for users. Adding advertising tends to mean user privacy is compromised, as ads become increasingly targeted by the day; shutting a company down means all user data gets removed, and it’s up to each user to find a new product or service to fill the hole. Rinse and repeat.

Arguably worse is when the company and all attached user data is acquired. There’s very little control any user has over that decision: they may like the original product, but are uncomfortable with the new owner. These decisions are impossible to foresee: if you signed up for Flickr ten years ago, or Tumblr five years ago, would you be expecting your photos and blog posts to end up in the hands of Verizon today?

Twitter is another rumoured acquisition target, and one of the rumoured buyers is Google. Would you continue to use Twitter if Google purchased it and your tweets become part of your Google advertising profile?

This income inequality problem is significant for the scale at which tech companies operate. On the one hand, there are tiny companies that don’t have a business model and can barely sustain themselves. On the other hand, there are massive whale-like companies that suck up the startup krill for their data, intellectual property, and engineering talent. And that means that the technology landscape becomes increasingly dominated by a few very large players.

You Know What’s Cool?

A billion iPhones, that’s what. At an employee meeting today, Tim Cook showed off the billionth one: what appears to be a rose gold iPhone 6S Plus.

The scale at which Apple operates is unprecedented. I was trying to find something — anything — to compare it to when I stumbled across a list of the best-selling products of all time. It’s a crappy “listicle”, but it provides some context. They say that 516 million iPhones had been sold at the time of the list’s creation in May 2014, which means that nearly half of all iPhones ever made have been sold in the last two years.

Apple Reports Third Quarter Results

Amongst some not-great iPhone and Mac sales are improvements in services, and a decent bump in iPad average selling prices despite a drop in total sales, potentially indicating more people choosing the iPads Pro. “Other” revenue was down for the first time in a while, probably because the Apple Watch debuted in Q3 2015.

Graham Spencer of MacStories put together a good roundup of reactions from Twitter, and highlights from the earnings call.

Illegally Downloading Music Like It’s 1999

Tom Usher, Vice:

Eventually the music industry worked out that it couldn’t just bash people with the proverbial stick, and it created the carrot of way cheaper legal downloading and streaming services, while also going around closing down the websites that had almost destroyed its business.

That tactic pretty much worked, and today I, like everyone else, am more than happy to wrestle with the extensive catalogs of YouTube and Spotify rather than endangering my computer with dodgy software. But I do wonder what happened to those old pirate websites, whether they still exist in some kind of internet graveyard or whether they have all been expunged.

So, as I was feeling particularly blue this week, I decided to try download Simon and Garfunkel’s “The Sound of Silence” for free on every old pirate website, to see if any of them had sprung back up in my absence.

It is truly remarkable how long it took for major music labels and movie studios to realize that they couldn’t fight pirates directly; it is equally as remarkable how quickly most of us have transitioned to a streaming world. For ten bucks a month, you can get a virtually limitless catalogue of music on loads of different platforms — from the good, to the less good. For another nine bucks a month, you can get Netflix’s huge library of TV shows and movies. It’s taking the movie studios and distribution companies longer to figure out that holding out on Netflix doesn’t necessarily make it more likely that people will pay to rent an individual movie or buy a whole television show’s season, but they’re coming around.

But if you don’t want to pay for music or movies, it’s as easy as ever to surf the web while flying the Jolly Roger, as long as you know where to look. The fight against piracy has driven these kinds of sites underground, relying upon a more distributed network. Private torrent trackers remain popular, and offer plenty of records and movies that are virtually impossible to find on streaming services or elsewhere. Music blogs remain popular and continue to distribute RAR files hosted outside of the United States, making it difficult to remove either the blog or the files.

They may be illegal and they don’t encourage support for the artists and creators of the work, but all of these files come with a distinct advantage: there’s no DRM or licensing disputes to contend with. That‘s something that the major studios and labels have yet to solve. While we’re being encouraged to put our media libraries into the cloud, we’re also told that we’re not entitled to any of this media. We’re placing yet another controlling party between ourselves and what we’re trying to do, and that party has a poor track record of balancing their own wishes with consumer desires.

There are now more obstacles between us and pirated media compared to, say, ten or fifteen years ago. But streaming media has replaced some of those with potential obstacles that show up every now and again.

Transit Cartography

I know that this is effectively an advertisement for Transit, but it also happens to be very good at explaining some of the design decisions and difficulties encountered when trying to make maps for public transportation users. Between Google Maps and Transit — Apple’s Maps app doesn’t support Calgary yet — it’s an easy choice.

An Interview With Kara Swisher

New York magazine interviewed 113 journalists and polled them on the state of the media — what’s right and, more importantly, what’s wrong. Their responses were varied and frank, with a kind of candour that is admirable and eye-opening.

As far as I can tell, the only tech journalist interviewed for the piece was Kara Swisher. Jeff Wise was the interviewer:

What about with Marissa Mayer?

I was critical of her tenure from the beginning because of a lot of moves she made. Now, I’ve known her as an executive a long time, and I knew her background at Google, which was very mixed. So I was like, “Hey, just a second. She’s never run anything. Some of the selections of executives she’s making aren’t very good. It’s a bigger problem at Yahoo than people realize — she’s not going to just arrive and wave her golden wand and make it okay.” And people are like, “Why are you so mean to her?” and I’m like, “This isn’t high school, she’s an executive, she’s a highly paid executive at a major public company, and she’s messing it up.”

Turns out…

I kept saying, “This is not going to end well.” I don’t think it was mean. All I was commenting on was her business ability. And people were saying I was mean. I’m not mean, I’m accurate.


This is a terrific interview. Swisher has always been one of the sharpest minds in tech media. She’s not blind to the problems that are rife in it; or, indeed, in any other media niche.

Koenigsegg’s Analysis of Their Nurburgring Accident

Like Elon Musk and Tesla, the team at Koenigsegg is pretty open about communicating what they’re learning after mistakes and accidents. I think this might be one of the most frank and honest articles published by a company about what they did wrong, and how they’re fixing it. It’s refreshing.

And the car is pretty badass, too.

A Short History of Yahoo Acquisition Attempts

Now that Verizon has made official their purchase of Yahoo for $4.83 billion, it’s worth taking a look at the comparative value of this acquisition. I’ve already contrasted its price with how much Yahoo paid for GeoCities and Broadcast.com, but this is not the first time that a company has tried to buy Yahoo itself.

Back in February of 2008, Microsoft offered $44.6 billion to acquire Yahoo, in an attempt to better compete with Google. At the time, analysts speculated that it would be a difficult merger for antitrust reasons — an idea that seems positively quaint today. In the end, Yahoo rejected the offer:

After careful evaluation, the Board believes that Microsoft’s proposal substantially undervalues Yahoo! including our global brand, large worldwide audience, significant recent investments in advertising platforms and future growth prospects, free cash flow and earnings potential, as well as our substantial unconsolidated investments.

Later that year, Microsoft tried again, offering about $20 billion for Yahoo’s search functionality. While it was also rejected, Yahoo and Microsoft entered into a deal in 2009 that would use Bing’s search technology to power Yahoo. That deal was re-signed last year; its value was not disclosed.

While Yahoo has an illustrious history with Microsoft, part of the negotiations in 2008 involved a familiar friend. Nick Tabakoff of the Australian:

But any joint move by Microsoft and News could face stiffening resistance from Yahoo, with reports suggesting the portal and internet search directory is itself in discussions with Time Warner’s AOL about the two companies joining forces to combine their online operations.

Yahoo’s reported negotiations with AOL are being seen as a direct attempt to make it harder for Microsoft to control the portal. The reported move by News Corp, which owns The Australian, to enter the fray for Yahoo follows Microsoft’s February $US44.6 billion takeover bid for the group.

News has been mulling an alliance with Yahoo for much of the past year.

Not only was News Corp. involved in these negotiations, so was AOL. There were even suggestions at the time that AOL and Yahoo could merge.

Verizon bought AOL last year. In their announcement of the Yahoo acquisition today, they noted:

Yahoo will be integrated with AOL under Marni Walden, EVP and President of the Product Innovation and New Businesses organization at Verizon.

At last.

Stellar.io Has Officially Shut Down

Sad news from Jason Kottke:

Hi all, Jason here. I am not at all excited or happy or thrilled to announce that Stellar has been shut down and will not be coming back. This was not an easy decision to make. Building the site was some of the most fun I have ever had and watching people use and love it, well, it was very satisfying both personally and professionally. But as the reasons for discontinuing Stellar piled up over the past 2-3 years, it became obvious even to me that it was the only way forward.

Stellar never caught on the way I had hoped it would, and the cost (both in dollars and in even more precious time) doesn’t allow me to give it – and you – the attention that’s deserved. The site has been unstable since late 2015 and non-responsive since April, and it’s well past time to make it official. It’s better to be a fond memory than an on-going frustration.

I loved Stellar. It’s one of the few bookmarks I keep — well, kept — in my bookmarks toolbar, as opposed to squirrelled away in a bookmarks folder. There’s nothing else that works quite like it; nothing else with the same uncanny ability to surface really great tweets from friends of your friends. I used to check my Stellar feed every night before bed. I’ll miss it, but I’ll always appreciate Kottke’s work to make it as good as it was; it gives me a reason to miss the site.

Make America Colbert Again

This week, Marisa Guthrie of the Hollywood Reporter and Alison Herman of the Ringer published two interesting articles examining Stephen Colbert’s iteration of the Late Show.

While both Jimmy Fallon and James Corden have done spectacularly well in encouraging viewers to flood their friends’ Facebook and Twitter feeds with YouTube links, Colbert has struggled. Yet, in the last month or so, Colbert has managed to combine his intellect with videos that have a similar popularity as his competitors’.

The first was a daring “explanation” of Donald Trump’s reaction to the mass shooting in Orlando. This week, he’s been broadcasting live during the Republican National Convention, and will do so next week during the Democratic equivalent. Last night, however, he topped it all by bringing Jon Stewart back.

I don’t worry too much about the Late Show’s reluctance to create viral singalong videos. Colbert has an on-air personality that’s kind of like a lighter version of David Letterman, whom he replaced. That style of television is more sophisticated, and less dependent upon gags. I hope that’s not lost should they more rigorously pursue ratings or YouTube views.

Homeland Security Tried to Confiscate a WSJ Reporter’s Phones

Joseph Cox, Vice:

The agent passed over a document, which [reporter Maria Abi-Habib] later photographed and posted to Facebook, purportedly showing that the agent has the right to seize those devices. Abi-Habib instead said that the border agents would need to contact WSJ’s lawyers. After some back and forth, the agent went to see her supervisor, and eventually said Abi-Habib is free to go.

Abi-Habib said she reported the incident to a WSJ lawyer, encryption expert and the outlet’s in-house security. From those conversations, Abi-Habib says, “My rights as a journalist or US citizen do not apply at the border, as explained above, since legislation was quietly passed in 2013 giving DHS very broad powers (I researched this since the incident). This legislation also circumvents the Fourth Amendment that protects Americans’ privacy and prevents searches and seizures without a proper warrant.”

Per the Department of Homeland Security’s assessment (PDF):

The overall authority to conduct border searches without suspicion or warrant is clear and long- standing, and courts have not treated searches of electronic devices any differently than searches of other objects. We conclude that CBP’s and ICE’s current border search policies comply with the Fourth Amendment. We also conclude that imposing a requirement that officers have reasonable suspicion in order to conduct a border search of an electronic device would be operationally harmful without concomitant civil rights/civil liberties benefits.

Read that again, carefully, and realize that these three sentences completely undermine the Fourth Amendment at any border crossing, such as an airport, or within a hundred miles of the American border.

Pixellating or Blurring Text in Photoshop Creates Identifiable Patterns

Kashmir Hill summarizes for Fusion a study by Steven Hill, et. al. (PDF):

“In many online communities, it is the norm to redact names and other sensitive text from posted screen shots,” write the researchers, specifically citing Reddit. “Mosaicing and blurring have also been used for the redaction of high-profile government documents and celebrity social media.”

They should probably stop doing that. The UC-San Diego researchers found that they could use statistical models—”so-called hidden Markov models”—to generate the blurring or pixelation of lots of numbers, letters, and words, to the point that their software program could match a known redaction to an unknown redaction to figure out what it says. The biggest challenge is figuring out the font and size of the underlying text which the researchers need for their deciphering. They say it works better than a brute-force technique for deciphering pixelated images discussed by Dheera Venkatraman in 2007.

There’s a great reason why intelligence agencies redact documents by placing an oversized black bar on top of the text in question, then printing and scanning the document to make it unrecoverable. The latter steps were not performed by the New York Times in 2014, and it lead to the unintentional exposure of sensitive information from a Snowden-leaked NSA document.

Limiting Harassment, Not Speech

Madeleine Sweet:

While [Milo] Yiannopoulos uses the term “free speech” to declare what Twitter, in his opinion, deprived him of — he clearly could not have meant it in the legal sense, though he likely meant to evoke the same sense that many horrible Americans have; this sense that they can spew whatever bigotry they want without repercussion because “the first amendment”. Perhaps he did mean it in the legal sense, in which case he is as dumb as all of his bigoted drones trolling the #FreeMilo hashtag (also: free him from what?) and attempting to make some correlation between the bill of rights and [Twitter] banning a bigot and a hate-monger from their forum.

Much like when Brendan Eich was removed as Mozilla’s CEO after his contributions to Prop 8 became known, and when Charles Johnson was banned from Twitter for raising funds to “take out” DeRay Mckesson, it was entirely within the realm of reason for Yiannopoulos to be banned as well. By goading his followers into targeted harassment repeatedly and expressing no contrition for it, he became an unwelcome and toxic presence.

Yiannopoulos’ defence is that Twitter is a “safe space for Muslim terrorists and Black Lives Matter extremists”. Racism and xenophobia aside, it should be noted that, last summer, Twitter began a crackdown on accounts that tweeted in support of ISIS. The result? A 40% decline in related activity.

In a weird way, Yiannopoulos is right: Twitter has a much bigger problem with abuse than any single user can represent. But he’s part of the problem. Twitter should not be a safe space for inciting hatred and targeted violence.

Update: Leigh Alexander, writing for the Guardian:

Banning one man won’t undo the small but poisonous cultural legacy he’s created, nor erase the playbook for defamation and harassment online that he’s played a key role in scripting. Twitter has far, far more work to do.

Without this further work, Yiannopoulos’s ban – and even the subsequent catty gloating from us folks on the left – all just stands to aggravate a wound that’s been attracting flies to social media discourse for too long already. An isolated ban just lets Yiannopoulos make himself a martyr for “free speech” – it enables him to argue that social media offers special treatment to those on the political left that it does not accord the right, and perpetuates the pernicious myth that the main interest of the progressive left is in shutting its ears to offensive things or in “censoring” those who ruffle feathers.

Apple and Formula 1

Joe Saward brings us a strange but intriguing rumour:

The suggestion last week that Apple may be discussing the acquisition of the Formula One group has led to a lot of interest and a lot of opinion. […]

Right now, it is unclear whether an Apple-F1 deal is a serious possibility, but it is clear that discussions have been taking place. Logic is often the wrong way to look at F1 because decisions tend to be driven by the enthusiasm of the decision-makers, who then argue for F1 within the companies involved. In this respect, Apple should be watched because Cue is a petrolhead – not to mention a member of the board of Ferrari SpA.

Saward is a reliable, long-time F1 reporter; this rumour should not be dismissed out of hand, no matter how bizarre it seems. He clarified on Twitter that he heard rumours from multiple sources in Baku and Austria about these discussions. This is unclear and volatile so far, but, as it brings together two of my favourite things, I’m fascinated already.

Why would Apple do this? Formula 1 is a huge brand, especially outside of the United States. If they want exclusive shows and other content — and they do — a pre-existing global network of live events that is broadcast to a dedicated fanbase around the world makes some sense.

Update: Then again, Siri still doesn’t support F1 queries.

Leslie Jones and Harassment on Twitter

Leslie Jones, who played Patty Tolan in this year‘s Ghostbusters film, spent today screencapping and tweeting some of the racist and sexist crap she has to put up with on a regular basis. Susan Cheng of Buzzfeed has compiled several of the tweets, along with a bunch of words of support from friends and other users.

What’s clear is that Twitter remains a platform on which it is trivial to hurl insults, epithets, and hate at other users with virtually no recourse. It took Twitter four and a half hours to respond to Buzzfeed with confirmation that they had suspended the accounts in question, and Cheng posted her article well after Jones had begun exposing those users.

Does Twitter simply not see harassment as a big deal? Their tech staff is overwhelmingly white and male, as is their leadership. Do you really think these problems would persist if they had a more diverse staff that were, depressingly, more often on the receiving end of this kind of hatred?

iTunes Match Audio Fingerprinting Is Coming to Apple Music

Jim Dalrymple:

Apple has been quietly rolling out iTunes Match audio fingerprint to all Apple Music subscribers. Previously Apple was using a less accurate metadata version of iTunes Match on Apple Music, which wouldn’t always match the correct version of a particular song. We’ve all seen the stories of a live version of a song being replaced by a studio version, etc.

Using iTunes Match with audio fingerprint, those problems should be a thing of the past.

It baffles me that Apple Music rolled out with an entirely different matching techniques when, probably two or three offices over, the iTunes Match team built a perfectly decent audio fingerprinting system. Duplicative efforts in this vein seem like they should have been eliminated when the executive staff was shuffled in 2012.

According to iMore’s Serenity Caldwell, this change also means that the files stored in Apple Music will be DRM-free. While it hasn’t been confirmed by anyone at Apple, it seems like iTunes Match is slowly being eliminated, which makes sense — it, too, is duplicative of a number of Apple Music features.

Tech Companies and Diversity Hiring

Dare Obasanjo:

The low relative numbers of black engineers at many tech companies is a reflection of how these companies approach recruitment and hiring. If 7% of Apple’s tech employees are black and it is literally the most valuable company in the world and Slack can have 8.9% of its engineering staff be black then break records by being the fastest enterprise startup to hit a $1 billion valuation, it’s a farce for other tech companies to imply that hiring more than 1% black engineers can’t be done without lowering their standards.

What an incredibly insulting statement it is for hiring managers to claim that increasing the number of nonwhite, non-male employees at their companies necessitates a lowering of standards.

Diversity Is a Broken Product

Bo Ren, in what I promise is an uplifting piece towards the end:

[We] are told that we don’t cut it, even when we have the same or higher qualifications. There is a gulf between a privileged mediocre candidate and an excellent minority candidate. It’s the tension between the B, B+, B- folks versus the A, A-, A+ folks. Yet, even after college, there’s still grade inflation for mediocre white men.

It is flawed to look to women in power as indicators of progress in diversity. Just having Sheryl Sandberg, Marissa Mayer, and Marry Barra (all white women) in power is not enough for furthering diversity. If you are an excellent, smart, Ivy League graduate, who is an early employee of a big tech company, you will do just fine despite difficulties and biases along the way. But what about the the other candidates who are not as fortunate?

There are other industries that are heavily skewed towards particular combinations of gender and ethnicity, but the ongoing focus on improving diversity in tech is because it shouldn’t be skewed. Its promise is an egalitarianism that doesn’t exist anywhere else. Tech is an inherently complex industry, with people working in everything from design and creative pursuits to physical engineering and finance. It should span the gamut, particularly due to its growing influence and power. Yet it remains an industry largely dominated by white male figures in all positions, from interns to CEOs.

And it shows: Apple debuted a Health app in iOS 8 without the capability to track menstrual cycles; Google’s photo recognition software tagged black people as “gorillas”; software from both HP and Microsoft has had problems with recognizing the faces of darker-skinned users; and, just this year, Microsoft held a party with dancers dressed as erotic schoolgirls mere hours after holding a luncheon discussing women in gaming.

Do we think any of these issues would have occurred if any of these companies hired more people of colour, more women, or more people who live at the intersection of multiple sources of discrimination?

Excuse Season Rapidly Approaches

As we move into the second half of July, tech companies are probably preparing their public diversity reports, as they’ve done for the past two years. Last year’s numbers were a scant improvement across the board from the previous year’s figures, with Facebook — in particular — performing poorly. Yours truly:

More companies released their full EEO-1 reports this year than last year, demonstrating a desire for more transparency but also revealing in much greater detail just how few improvements they’ve made. Facebook, for example, hired precisely 36 black Americans this year, out of over a thousand new employees.

Based on a report yesterday in the Wall Street Journal, those numbers aren’t much better this year. Georgia Wells writes:

The share of Hispanic and black employees in the company’s U.S. workforce didn’t budge from a year ago, remaining at 4% and 2%, respectively. The percentage of women at Facebook inched up 1 percentage point to 33%.

Facebook blamed its problem on the “pipeline,” meaning the number of women and minorities entering the tech industry.

That’s bullshit. The Washington Post busted this myth almost exactly one year ago. Cecilia Kang and Todd C. Frankel reported then:

“It’s not even remotely a pipeline issue,” said Andrea Hoffman, who runs Culture Shift Labs, which helps companies find minority and female talent. Her company recently hosted a brunch in Palo Alto, Calif., for minority job-seekers in tech and finance. The 200 seats were snapped up, and she had to make a waiting list for 200 more.

“For anybody to tell me the talent isn’t out there,” she said, “I know emphatically that’s not true.”

Wells asked a similar expert the same thing this year and got a near-identical response:

“There are a ton of opportunities to increase demographic representation in tech companies with the people that already exist in the workforce,” said Joelle Emerson, chief executive of Paradigm, a diversity consultancy that works with many Silicon Valley firms.

She added that there are more black and Hispanic computer-science graduates than are offered jobs with tech firms in the U.S.

It might be another year of middling progress in corporate diversity in the tech sector. Brace yourself for recycled excuses.

The Playlist Makers

Reggie Ugwu of Buzzfeed scored interviews with the teams who make the playlists for Apple Music, Spotify, and Google Play, and the resulting article is a fascinating look inside our expectations for what playlists should be:

Music fans, [Apple Music curator Scott Plagenhoef] argues, echoing Iovine, can smell the difference between a service where much of the product is dictated by algorithms or charts and one that is guided by more knowledgeable but equally passionate versions of themselves. By building its house on a foundation of experts, Apple Music has bet that it can be marginally more trustworthy to users than the competition, and that that margin could make a tie-breaking difference.

“Music taste is so nuanced, it’s so personal,” Plagenhoef says. “I think one of the worst things you can do to somebody is get really close to who they are and then present them with something that’s close to what they want but not quite there. You don’t want to be the people who say, ‘Well, you like Fleet Foxes, so you must like Mumford & Sons.’”

Plagenhoef’s statement is rather peculiar considering the number of times I — and other Apple Music users — have seen “Intro To…” playlists for artists that we’re deeply familiar with. The title of this kind of playlist has since been changed to “Essentials”, but it amounts to the same thing. Spotify’s playlists aren’t much better for me, though that’s likely because I use it far less than I do Apple Music. The playlists may be made by hand, but the method by which they’re served is still entirely automated, and it doesn’t work well enough.

Back in the days of iTunes Radio, there used to be a slider that would allow you to set whether you’d prefer to discover new music or listen to more familiar songs. I’d love to see that in Apple Music, too, but as a setting within For You. And I would really like for Apple Music to use my Genius library data.

U.S. Federal Court Rules That Home Computer Users Have No Expectation of Privacy

Mark Rumold of the Electronic Frontier Foundation (via Michael Tsai):

In a dangerously flawed decision unsealed today, a federal district court in Virginia ruled that a criminal defendant has no “reasonable expectation of privacy” in his personal computer, located inside his home. According to the court, the federal government does not need a warrant to hack into an individual’s computer.

I’m not sure how I missed this news, nor why it isn’t being plastered everywhere. The EFF notes that it’s unlikely to hold up on appeal, but there is now a case that states that you have no privacy on your own computer in your own home. Unreal.

Remember the Halcyon Days of Facebook Bots?

The Washington Post just launched their first bot, joining 11,000 others on Facebook Messenger. And, well, it’s not great. Joseph Lichterman, Nieman Lab:

For instance, I asked it for coverage about Pokémon Go — but it gave me stories on Evan Bayh’s Indiana Senate bid, an op-ed from a mom about why she doesn’t limit her kids’ screen time, a piece from April listing online April Fools hoaxes, a story about a D.C. kidnapping, and a review of the X-Factor TV show.

Marburger acknowledged the issue, and said those language processing issues are the main thing the Post is trying to work out now as it rolls the bot out to users.

That’s Joey Marburger, the Post’s head of product. Facebook has got media companies trying to develop natural language processing.

More to the point, are people actually using Facebook Messenger bots? Back in March, they were the new apps that Apple absolutely had to respond to. Between then and now, I’ve tried a few of the popular bots and beta tested a couple of other ones, and it’s been underwhelming. In the early days of the App Store, I remember everyone rushing to try as many apps as they could. Facebook’s bots don’t seem to have that effect.

Maybe Facebook Messenger bots will behave like the Amazon Echo: starting quietly and gradually growing to define a niche. But if the language processing must be handled on an individual developer basis, I bet users will continue to find these bots more of a nuisance than helpful.

Registration for XOXO 2016 Is Now Open

XOXO Festival has been one of the best on the circuit since its inception in 2012. This year’s lineup of speakers is especially more notable for being more diverse than XOXO or, indeed, almost any conference with a tech focus. Speakers include people you probably know — like Sarah Jeong, Talia Jane, and John Roderick — and others that you may not.

Unfortunately, there’s a bittersweet note to this year’s edition:

First, some big news: XOXO will not be returning in 2017.

We haven’t yet decided if this is the last one for now, or the last one ever, but we can say with 100% certainty that there will not be a festival next year. Certainly if XOXO does return, it’s likely that it will look very different to the event we’ve been running for the last five years.

Unfortunately, it seems that so many of the best indie conferences have a four-to-five-year lifespan. Çingleton lasted for four years; before it, the C4 Conference was also four years old when it was shuttered. XOXO has, so far, outlasted either of those by one year. I’m unable to make it this year, so I hope it comes back in 2018. It would be a shame if it doesn’t.

Attendance is by random selection via a registration survey. Registration is open until Monday, July 18.

IDC Estimates That Macintosh Sales Slipped at Nearly Twice the Market Rate

Joe Rossignol, MacRumors:

The latest numbers from market research firm IDC reveal that Mac sales experienced a slight year-over-year decline in the second quarter, dropping to 4.4 million from 4.8 million during the year-ago period.


Overall PC sales totaled an estimated 62.4 million worldwide in the second quarter, a year-over-year decline of 4.5 percent, as the PC market continues to decline. Nevertheless, North American PC shipments increased for the first time in five quarters, reflecting the strength of the U.S. dollar and “relative market stability.”

Apple’s sales decline is an 8.3% reduction compared to the year-ago quarter. Given that the most recent Macintosh news — the discontinuation of the Thunderbolt Display notwithstanding — was a spec bump of the MacBook, this is completely unsurprising. MacRumors’ own buyers’ guide shows a “Don’t Buy” indicator below every Mac except the MacBook.

Of the current lineup, fully half of all Macs — the Mac Pro, the Retina MacBook Pro, and the MacBook Air — are the most stale that those products have ever been.1 I’m not counting the non-Retina MacBook Pro as part of the Mac lineup because Apple seems to be winding down their promotion of the product. For the record, though, it would be the most stale product in Apple’s lineup by far: it hasn’t been refreshed in 1492 days, or just over four years.

The Mac Pro hasn’t been substantially updated since the new cylindrical model launched in December of 2013. The pro Macintosh situation is so dire that some designers and developers, like Mike Rundle and Sebastiaan de With, have opted to deal with the moderate hassle of building a “hackintosh” in order to get the performance they need for their work. Critical products like the MacBook Air and Retina MacBook Pro are well over a year old, too.

I look at models like the iMac and the MacBook and I see investment in the Macintosh. They’re beautiful and capable machines. But then I gaze over the rest of the lineup, and I’m disheartened. My MacBook Air turns four next month and, while it’s still humming along nicely, I am interested in replacing it with something that has a high-resolution display and greater performance. I’m not sure I see enough value in replacing it with a computer that is over a year old, fresh out of the box.

  1. Okay, the Air is out by eight days: 491 days since the last update, compared to its previous record of 499. ↩︎

Seeking Theresa May’s Web Browsing History

Theresa May is set to become the next Prime Minister of the ironically-named United Kingdom on Wednesday, after David Cameron’s resignation. Under the Investigatory Powers Bill, proposed by May last year and passed earlier this year, the web browsing history of all Britons will be available to law enforcement without a warrant for up to a year.

So, back when this was announced in November, the Independent asked to see Theresa May’s browsing history. Jon Stone quotes their predictable denial of the request:

“We have decided that your request is vexatious because it places an unreasonable burden on the department, because it has adopted a scattergun approach and seems solely designed for the purpose of ‘fishing’ for information without any idea of what might be revealed.”

I wonder if the Home Office realizes that they’ve provided the perfect opposing argument to the Bill in question. “Scattergun”, “vexatious”, and burdensome are precise descriptors of mass surveillance and intelligence-gathering activities.

Facebook Starts Testing End-to-End Encryption in Messenger

Facebook PR:

We put people first in everything we do at Messenger, and today we are beginning to roll out a new option within Messenger to better support conversations about sensitive topics. Your messages and calls on Messenger already benefit from strong security systems — Messenger uses secure communications channels (just like banking and shopping websites) as well as Facebook’s powerful tools to help block spam and malware. We’ve heard from you that there are times when you want additional safeguards — perhaps when discussing private information like an illness or a health issue with trusted friends and family, or sending financial information to an accountant.

To enable you to do this we are starting to test the ability to create one-to-one secret conversations in Messenger that will be end-to-end encrypted and which can only be read on one device of the person you’re communicating with. […]

Given that their entire business model is built on exploiting users’ privacy, Facebook has been making some significant investments in securing some aspects of what they do. Last year, they introduced PGP-encrypted emails; now, they’ve added end-to-end encrypted conversations in Messenger.

I have a problem with the naming of this feature: “secret conversations”. This phrase is repeated throughout their press release, so it doesn’t seem like a throwaway remark. It implies that there isn’t an expectation of privacy within a regular conversation. Enabling end-to-end encryption is not “secretive”, nor does it indicate that one is hiding something — it should be expected that a chat is private.

Starting a secret conversation with someone is optional. That’s because many people want Messenger to work when you switch between devices, such as a tablet, desktop computer or phone. Secret conversations can only be read on one device and we recognize that experience may not be right for everyone. It’s also important to note that in secret conversations we don’t currently support rich content like GIFs and videos, making payments, or other popular Messenger features.

iMessages are end-to-end encrypted, sync between devices,1 and support GIFs and videos. I’m not sure why Facebook couldn’t make this work, though it might have something to do with iMessage being hardware-integrated — a given Apple device’s UDID can register up to five iMessage accounts, for example, so there might reasonably be deeper-level verification at play. Facebook has released a full technical whitepaper (PDF) if you’d like to learn more.

  1. Not well, mind you, but they try. ↩︎

Samsung Galaxy S7 Active Fails Water Resistance Test

Jerry Beilinson of Consumer Reports:

Commercials for the Samsung Galaxy S7 Edge showed hip-hop’s Lil Wayne pouring Champagne over the phone and dunking it in a fish tank.

You can tell the reviewer is an older white guy because a reference to Lil Wayne doesn’t really need to be clarified as “hip-hop’s Lil Wayne”, as if there were another one. I digress.

The Active version of the S7, which is available to AT&T customers for $800 and up, is being marketed as equally water-resistant. While Consumer Reports generally doesn’t evaluate phones for this feature, we do perform an immersion test when a manufacturer claims that its product is water-resistant. When we recently evaluated the Galaxy S7 Active, it failed this test.

Companies that label their devices “water-resistant” can cite a variety of benchmarks. In this case, Samsung says its phone follows an engineering standard called IP68 that covers both dust- and water-resistance, and that the phone is designed to survive immersion in five feet of water for 30 minutes. That’s the spec we used in testing the Galaxy S7 Active.

Bizarrely, the only model that failed was the sports-marketed Active variant; the other Galaxy S7 models performed fine in the same water resistance test. You’d think that the one ostensibly designed for an active lifestyle would be even more water resistant than their counterparts.

For comparison, the Apple Watch is only rated as IPX7 water resistant, which means that it may be submerged in shallower water — just three feet — for up to thirty minutes, yet Craig Hockenberry swims with his. I have also swum with mine for about an hour at a time, and it’s fine, though I wouldn’t necessarily recommend it.

Meanwhile, the iPhone 6S has been widely speculated to be water resistant, with a YouTube video emerging last year showing both models submerged underwater for over an hour, while powered on and running a timer. One of the reasons often cited for the rumoured removal of the headphone jack in the next iPhone is to make it waterproof.

Just goes to show that under-promising and over-delivering is still a far better product decision than the opposite.

Update: As of July 21, Samsung says that they’ve fixed a manufacturing defect that was affecting the Active model, and they’ll replace any previous S7 Active affected by water damage. A good, timely response.