Pixel Envy

Written by Nick Heer.

‘Hey’ Used to Be for Horses

M.G. Siegler:

I live in a house with both the Echo and the Home. And I’m always testing out Siri to see what she can and cannot do in relation to the competition. It’s just so much nicer to invoke Alexa than the others. And I’m certain a part of it is not having to add that extra wake word.

It also happens to be an awful word. Hey. Every time I hear it, I think back to growing up when my parents would make the dreadful parenting joke — which was really more of a reprimand. “‘Hey’ is for horses.” These days, we’re not only letting our children say “hey”, we’re basically forcing them to.

Not only that, but with the anthropomorphization of assistant software, I think the “Hey” can be a little demeaning as well.

There’s something about all of this software that feels like it’s still a prototype. A proof of concept, and little more. It’s not just Siri — it’s everything. And, while today’s virtual assistants are better at parsing natural language commands, they’re still more verbose and far more particular than how we actually speak to other people. Alexa’s new brief mode is a step in the right direction, I think, as is its lack of a “Hey”. But there’s still so far to go.

Fifty Million Facebook Profiles Harvested for Cambridge Analytica

Matthew Rosenberg, Nicholas Confessore, and Carole Cadwalladr, New York Times:

[Cambridge Analytica] had secured a $15 million investment from Robert Mercer, the wealthy Republican donor, and wooed his political adviser, Stephen K. Bannon, with the promise of tools that could identify the personalities of American voters and influence their behavior. But it did not have the data to make its new products work.

So the firm harvested private information from the Facebook profiles of more than 50 million users without their permission, according to former Cambridge employees, associates and documents, making it one of the largest data leaks in the social network’s history. The breach allowed the company to exploit the private social media activity of a huge swath of the American electorate, developing techniques that underpinned its work on President Trump’s campaign in 2016.

Carole Cadwalladr and Emma Graham-Harrison, the Guardian:

The data was collected through an app called thisisyourdigitallife, built by academic Aleksandr Kogan, separately from his work at Cambridge University. Through his company Global Science Research (GSR), in collaboration with Cambridge Analytica, hundreds of thousands of users were paid to take a personality test and agreed to have their data collected for academic use.

However, the app also collected the information of the test-takers’ Facebook friends, leading to the accumulation of a data pool tens of millions-strong. Facebook’s “platform policy” allowed only collection of friends’ data to improve user experience in the app and barred it being sold on or used for advertising. The discovery of the unprecedented data harvesting, and the use to which it was put, raises urgent new questions about Facebook’s role in targeting voters in the US presidential election. It comes only weeks after indictments of 13 Russians by the special counsel Robert Mueller which stated they had used the platform to perpetrate “information warfare” against the US.

Both the Times and the Guardian describe this as a “data breach”, but I don’t think that’s entirely descriptive of what went on here. When I hear “data breach”, I think that a password got stolen or a system was hacked into. But Facebook VP Andrew Bosworth tweeted that there was nothing that was stolen — users willingly gave their information to an app, which went behind their backs to use the information in a somewhat sketchy way that users did not expect.

Which, when you think about it, is kind of Facebook’s business model. Maciej Cegłowski:

The data that Facebook leaked to Cambridge Analytica is the same data Facebook retains on everyone and sells targeting services around. The problem is not shady Russian researchers; it’s Facebook’s core business model of collect, store, analyze, exploit.

Facebook preempted the publication of both of these stories with a press release indicating that they’ve suspended Strategic Communications Laboratories — Cambridge Analytica’s parent — from accessing Facebook, including the properties of any of their clients.

However, the reason for that suspension is not what you may think: it isn’t because Kogan, the developer of the thisisyourdigitallife app, passed information to Cambridge Analytica, but rather because he did not delete all of the data after Facebook told him to.

Also, from that press release:

We are constantly working to improve the safety and experience of everyone on Facebook. In the past five years, we have made significant improvements in our ability to detect and prevent violations by app developers. Now all apps requesting detailed user information go through our App Review process, which requires developers to justify the data they’re looking to collect and how they’re going to use it – before they’re allowed to even ask people for it.

Of course, this kind of review process doesn’t exist for new projects created by Facebook itself, beyond the company’s blanket privacy policy.1 When Facebook starts analyzing user photos for facial recognition purposes without telling users first, that’s a similar violation of expectations and trust.

Marco Rogers:

Today, Facebook execs are going out of their way to let us know that this is the intended purpose of the platform. This isn’t unexpected. This is why they built it. They just didn’t expect to be held accountable.

Facebook can make all the policy changes it likes, but I don’t see any reason why something like this can’t happen again at some point in the future. Something will slip through the cracks and create unintended consequences of third-party companies having extraordinary access to one of the largest databases of people anywhere.

Facebook is more than happy to collect the world’s information, but it is clear to me that they have no intention for taking full responsibility for what that entails.

  1. Which users often don’t understand the implications of before accepting. ↩︎

Alexa’s New ‘Brief Mode’

Sarah Perez, TechCrunch:

Amazon confirmed it’s rolling out an optional “Brief Mode” that lets Alexa users configure their Echo devices to use chimes and sounds for confirmations, instead of having Alexa respond with her voice. For example, if you ask Alexa to turn on your lights today, she will respond “okay” as she does so. But with Brief Mode enabled, Alexa will instead emit a small chime as she performs the task.

The mode would be beneficial to someone who appreciates being able to control their smart home via voice, but doesn’t necessarily need to have Alexa verbally confirming that she took action with each command. This is especially helpful for those who have voice-enabled a range of smart home accessories, and have gotten a little tired of hearing Alexa answer back.

I would love an option like this for Siri on all of my devices. It indicates a great deal of trust Amazon has in its own product for them to reduce Alexa’s feedback to a simple audio chime. They must be convinced that users will have enough confidence in Alexa’s abilities for its feedback to be truncated to such an extreme.

Protecting Against HSTS Abuse

Brent Fulgham of the WebKit team:

HTTP Strict Transport Security (HSTS) is a security standard that provides a mechanism for web sites to declare themselves accessible only via secure connections, and to tell web browsers where to go to get that secure version. Web browsers that honor the HSTS standard also prevent users from ignoring server certificate errors.


What could be wrong with that?

Well, the HSTS standard describes that web browsers should remember when redirected to a secure location, and to automatically make that conversion on behalf of the user if they attempt an insecure connection in the future. This creates information that can be stored on the user’s device and referenced later. And this can be used to create a “super cookie” that can be read by cross-site trackers.

I already think that most trackers are installed unethically, as users frequently aren’t aware of the implications of different cookie policies and privacy settings. But this is a special level of intrusive. At what point does a company offering a user tracking solution go beyond what is reasonably expected by customers from software like that and create something downright abusive to users’ rights? I’d argue that this is pretty close.

HomePod as a Personal Apple Hub

Thoughtful article by Ryan Christoffel at MacStories:

HomePod succeeds as a music speaker, but it’s not the device we expected – at least not yet. Due to its arrival date more than three years after the birth of Alexa, we expected a smarter, more capable product. We expected the kind of product the HomePod should be: a smart speaker that’s heavy on the smarts. Apple nailed certain aspects with its 1.0: the design, sound quality, and setup are all excellent. But that’s not enough.

HomePod isn’t a bad product today, but it could become a great one.


By becoming a true hub for all our Apple-centric needs.

I love the idea of the HomePod becoming a sort of “source of truth” in the home. It could know a lot more about each family member’s devices, and perhaps use the voice “fingerprint” created for “Hey Siri” to figure out which family member is using it. Due to Apple’s unique stance on user privacy, I would even feel comfortable with keeping my tailored Siri profile, if you will — my Siri history, things I usually request, knowledge about my particular music library, and so on — in iCloud, and synced between all my devices and a HomePod or two. That’s a big ask, but something like that would make it feel more complete — more of an Only Apple can do this kind of a product.

The World Wide Web Turns Twenty-Nine

Sir Tim Berners-Lee:

The web that many connected to years ago is not what new users will find today. What was once a rich selection of blogs and websites has been compressed under the powerful weight of a few dominant platforms. This concentration of power creates a new set of gatekeepers, allowing a handful of platforms to control which ideas and opinions are seen and shared.

These dominant platforms are able to lock in their position by creating barriers for competitors. They acquire startup challengers, buy up new innovations and hire the industry’s top talent. Add to this the competitive advantage that their user data gives them and we can expect the next 20 years to be far less innovative than the last.

It’s worthwhile asking just what is needed to — *sigh* — disrupt the business of companies like Facebook, Google, and Amazon, especially if they’re simply going to buy or copy potential threats. A little part of me worries that it isn’t enough to create a different site or app to reduce the influence of today’s dominant web companies.

After Washington State Passes Net Neutrality Laws, California Proposes Its Own

Rachel La Corte of the Seattle Times, last week:

Washington became the first state Monday to set up its own net-neutrality requirements after U.S. regulators repealed Obama-era rules that banned internet providers from blocking content or interfering with online traffic.


The new law also requires internet providers to disclose information about their management practices, performance and commercial terms. Violations would be enforceable under the state’s Consumer Protection Act.

“But wait,” you may be thinking, “didn’t the FCC ban states from enacting net neutrality laws of their own, just as Comcast and Verizon asked them to do?”

Jon Brodkin of Ars Technica, in an article today about California’s tough new net neutrality proposal:

[Stanford law professor Barbara Van Schewick] argues that the FCC’s preemption claims are invalid.

“While the FCC’s 2017 Order explicitly bans states from adopting their own net neutrality laws, that preemption is invalid,” she wrote. “According to case law, an agency that does not have the power to regulate does not have the power to preempt. That means the FCC can only prevent the states from adopting net neutrality protections if the FCC has authority to adopt net neutrality protections itself.”


The California proposal is remarkably strong, by the way. It isn’t just a copy of the FCC’s 2015 rules; it’s much more comprehensive than that, mandating tight restrictions on interconnection and zero-rating. Brodkin again:

Van Schewick said the California bill is notable for prohibiting ISPs from charging “access fees” that online services would have to pay in order to send data to broadband consumers. “None of the other [state] bills have done this and it’s one of the loopholes that ISPs will use (if it’s not closed) to extract payments from edge providers,” van Schewick told Ars.

From the reporting I’ve read in Ars and other publications, this bill ticks a lot of boxes for effective legislation of ISPs as de facto common carriers.

The Information Looks at the History of Siri

Aaron Tilley and Kevin McLaughlin of the Information (this article is behind a paywall):

To determine how Apple squandered its own head start over rivals Amazon and Google in the digital assistant realm, The Information interviewed a dozen former employees who worked on various teams responsible for creating Siri or integrating it into Apple’s ecosystem. Most of them agreed to speak only on the condition that they not be named, citing non-disclosure agreements they had signed or concerns about retaliation from Apple executives.


Many of the former employees acknowledged for the first time that Apple rushed Siri into the iPhone 4s before the technology was fully baked, setting up an internal debate that has raged since Siri’s inception over whether to continue patching up a flawed build or to rip it up and start from scratch. And that debate was just one of many, as Siri’s various teams morphed into an unwieldy apparatus that engaged in petty turf battles and heated arguments over what an ideal version of Siri should be — a quick and accurate information fetcher or a conversant and intuitive assistant capable of complex tasks.

Even if you view this as a half-true gossip piece — and I don’t think it is, for what it’s worth — it’s still a fascinating look into the struggles Apple has faced with improving Siri’s capabilities.

For example, Tilley and McLaughlin report that separate teams worked on Siri and Spotlight’s suggested answers, which explains why the same query would sometimes return different results in each. On iOS, Apple rebranded some Spotlight features as Siri features: Siri App Suggestions, and Siri Search Suggestions, for example.

And then there’s Apple’s acquisition of VocalIQ two and a half years ago:

The VocalIQ team viewed Siri as a “manually-crafted system” and felt their technology could help improve it, said a former VocalIQ employee. VocalIQ’s technology is designed to continually finetune its accuracy by ingesting and analyzing data from voice interactions, he said. Apple has successfully integrated the VocalIQ technology into Siri’s calendar capabilities, sources familiar with the project said.

It’s interesting that Siri’s capabilities are set up in such a way that something like VocalIQ can be applied to just one feature. I don’t know how much this says, if anything, about why Siri often feels like its capabilities are so fragmented, but it struck me as odd.

Siri has been the responsibility of Craig Federighi since last year, transferred from Eddy Cue’s online services oversight. This year’s WWDC seems too soon to see that particular branch of discussion bear fruit; but, then again, the inconsistencies and general untrustworthiness of Siri make it feel like it cannot be soon enough for real changes to be made.

Update: The mysterious ATP Tipster:

The only thing you need to know about Siri is that the people who used to build it feel the need to absolve themselves of personal responsibility for the state that it is in. That they are doing so in the press is almost an implementation detail.


YouTube, the Great Radicalizer

Eye-opening op-ed by Zeynep Tufekci, in the New York Times:

Human beings have many natural tendencies that need to be vigilantly monitored in the context of modern life. For example, our craving for fat, salt and sugar, which served us well when food was scarce, can lead us astray in an environment in which fat, salt and sugar are all too plentiful and heavily marketed to us. So too our natural curiosity about the unknown can lead us astray on a website that leads us too much in the direction of lies, hoaxes and misinformation.

In effect, YouTube has created a restaurant that serves us increasingly sugary, fatty foods, loading up our plates as soon as we are finished with the last meal. Over time, our tastes adjust, and we seek even more sugary, fatty foods, which the restaurant dutifully provides. When confronted about this by the health department and concerned citizens, the restaurant managers reply that they are merely serving us what we want.

I’ve been paying attention to the examples of this that Tufekci has been collecting on Twitter and it’s eye-opening. Even videos about relatively mundane topics lead users down a rabbit hole of bullshit. I’m not one to play the “think of the children” card but, in this instance, I strongly believe that it’s a concern.

The Original Siri App Compared to Siri Today

In 2010, Tom Gruber created an impressive demo video of Siri, his company’s new app. It showed how someone could use relatively natural language requests to get things done on an iPhone using little more than their voice, and effectively kicked off the virtual assistant wave since.

Kevin Clark reflected on that video today:

It’s fascinating that the original Siri demo is still better than today’s Siri in a few aspects.

For fun and frustration, I tried all of the original commands featured in that eight year old video on my iPhone:

  • I’d like a romantic place for Italian food near my office”: Siri today correctly parses everything up until “near my office”, which it interprets as near me. I tried using the name of the organization that I work for instead of my office and it also interpreted that as near me.

    Then I tried asking Siri to find me restaurants near the address of my office. It interpreted that as an instruction to find restaurants in Cranbrook, BC — about 400 kilometres or four hours away. I don’t see why I should have to specify that I’m looking for restaurants in Calgary.

  • I’d like a table for two at Il Fornaio in San Jose tomorrow night at 7:30”: I tried using this exact phrasing — of course, swapping out Il Fornaio for a restaurant near me — and I was told that Siri “can’t book a table right now”. That felt like a failure until I tried rephrasing asking it “how about next Friday?”, at which point I was prompted to continue making the reservation using OpenTable. I was impressed that it kept the context intact.

    However, when I tried again with the request, “I’d like a table for two at Model Milk next Friday at 7:30”, I received the same “can’t book a table right now” error, and I can’t seem to reproduce the apparent success I had earlier. That’s frustrating; I was very impressed with the first apparent success, despite the vague error message.

  • Where can I see Avatar in 3D IMAX?”: I swapped “Avatar” for a better film but otherwise kept the request the same. Siri successfully found a theatre showing it in 3D — as far as I know, there isn’t a 3D IMAX showing near me — but I wasn’t able to buy tickets through Siri and it doesn’t check the showtimes against other calendar events, like a dinner reservation. To be fair, Siri has never allowed you to buy movie tickets in Canada because Fandango isn’t available here, but I also have the (terrible) Cineplex app installed — I wish there were some connection between the two.

    One thing I noticed when I tested several phrasings of this is that Siri only responds to full theatre names. All of the theatres near me have very long names, but nobody here actually uses the full name. For example, when I tried asking for “showtimes for Black Panther at Eau Claire”, Siri got confused. It also transcribed Eau Claire wrong most times I tried it, but that’s not necessarily relevant here. It wasn’t until I asked for “showtimes for Black Panther at Cineplex Odeon Eau Claire Market” that I got an answer. I wish it responded to fuzzier matches.

  • What’s happening this weekend around here?”: Siri interprets this as a request for news headlines, not events as in the original Siri app.

    When I tried rephrasing this question to “what events are happening this weekend”, it did a web search in Google, but without my location. It wasn’t until I asked “what events are happening in Calgary this weekend” that I got a web search with links to local event calendars.

    In the original Siri demo, they extend this by asking “how about San Francisco?”, so I did the same. It returned the weather forecast for this evening in San Francisco.

  • Take me drunk I’m home”: Today’s Siri did well here, responding “I can’t be your designated driver”, and offering to call me a taxi.

All of this may vary depending on where you’re located, what Siri localization you have, and even what device you use Siri on.

What’s clear to me is that the Siri of eight years ago was, in some circumstances, more capable than the Siri of today. That could simply be because the demo video was created in Silicon Valley, and things tend to perform better there than almost anywhere else. But it’s been eight years since that was created, and over seven since Siri was integrated into the iPhone. One would think that it should be at least as capable as it was when Apple bought it.

It’s no secret that Siri often feels like it has languished, and almost nothing demonstrates that more than the original demo. I’m sure there are domains where it performs better than the original — for example, it works, to varying extents, in countries outside of the United States. It works with more languages than just English, too. That’s all very important, but it boggles my mind that even some of the simpler stuff — like asking for restaurants near a different location — fails today, even in English.

I’d like to hear from readers who have time to attempt this same demo where they live. Please let me know if you give it a try; I would love to know the results.

Farhad Manjoo Unplugged From the Internet for His News Apart From in All of the Ways He Didn’t

Farhad Manjoo, New York Times:

This has been my life for nearly two months. In January, after the breaking-newsiest year in recent memory, I decided to travel back in time. I turned off my digital news notifications, unplugged from Twitter and other social networks, and subscribed to home delivery of three print newspapers — The Times, The Wall Street Journal and my local paper, The San Francisco Chronicle — plus a weekly newsmagazine, The Economist.

Dan Mitchell, Columbia Journalism Review:

But he didn’t really unplug from social media at all. The evidence is right there in his Twitter feed, just below where he tweeted out his column: Manjoo remained a daily, active Twitter user throughout the two months he claims to have gone cold turkey, tweeting many hundreds of times, perhaps more than 1,000. In an email interview on Thursday, he stuck to his story, essentially arguing that the gist of what he wrote remains true, despite the tweets throughout his self-imposed hiatus.

The biggest problem with Manjoo’s piece is that it is framed as “unplugging” from social media, when it’s really just a reduction in using it as a primary source for news. It’s more subtle and makes for a way less interesting headline, but it’s more honest.

By the way, I find the entire genre of tech writers writing about not using technology so trite. Beyond that, it’s 2018 — telling people not to follow news accounts on Twitter is just yelling into the wind. Want a few tips for reading the news? Here are four things I try to do, for whatever it’s worth:

  • Resist the urge to react immediately.

  • Resist the urge to refresh feeds and news sources when bored. News will happen regardless.

  • During a breaking news event, nothing makes sense to anyone, so keep that in mind when reading the first wave of reporting on it.

  • Twitter threads tend to be tedious and unnecessary.

Maybe those tips will be useful to you; maybe they won’t. Maybe they’re things you do already without thinking about it. But at least you didn’t have to pretend to stop using Twitter for two months to figure it out.

FBI Director Imagines a World of Unicorns, Dragons, and Secure Encryption That Can Be Sidestepped by Law Enforcement

Tim Cushing of Techdirt, responding to FBI Director Chris Wray:

We have a whole bunch of folks at FBI Headquarters devoted to explaining this challenge and working with stakeholders to find a way forward. But we need and want the private sector’s help. We need them to respond to lawfully issued court orders, in a way that is consistent with both the rule of law and strong cybersecurity. We need to have both, and can have both. I recognize this entails varying degrees of innovation by the industry to ensure lawful access is available. But I just don’t buy the claim that it’s impossible.

It really doesn’t matter whether or not Wray “buys” this claim. If you deliberately weaken encryption — either through key escrow or by making it easier to bypass — the encryption no longer offers the protection it did before it was compromised. That’s the thing about facts. They’re not like cult leaders. They don’t need a bunch of true believers hanging around to retain their strength.

The thing that bothers me most about Wray’s insistence that a magical “secure but accessible only by law enforcement” encryption standard is that technical experts at the FBI surely know that it isn’t possible, yet he keeps making the claim that it is. Does Wray simply not pay attention to his employees?

In Defence of Surfing the Insecure Web

Dave Winer opposes Google’s plan to effectively deprecate HTTP by discriminating against non-HTTPS websites in Chrome:

I don’t think the explosion is over. I want to make it easier and easier for people to run their own web servers. Google is doing what the programming priesthood always does, building the barrier to entry higher, making things more complicated, giving themselves an exclusive. This means only super nerds will be able to put up sites. And we will lose a lot of sites that were quickly posted on a whim, over the 25 years the web has existed, by people that didn’t fully understand what they were doing. That’s also the glory of the web. Fumbling around in the dark actually gets you somewhere. In worlds created by corporate programmers, it’s often impossible to find your way around, by design.

The web is a social agreement not to break things. It’s served us for 25 years. I don’t want to give it up because a bunch of nerds at Google think they know best.

Mozilla has indicated that they are doing the same. But Eric Mill wrote a piece a couple of years ago about this very topic, and he appreciates the deprecation of HTTP:

I understand the fear of raising the barriers to entry. As a child, I too fell in love with an internet made by everyone, and have spent my career, my volunteer work, and my hobbies trying to share what that love has taught me. I want children everywhere in the world to grow up feeling like the internet that permeates their lives is also in their service — a lego set in real life that you can buy with a week’s allowance.

Yet as an adult, I also understand that power for ordinary people is hard to come by and hard to keep. The path of least resistance for human society is for money to buy more money, and might to demand more might. Democracy is designed not so much to expand freedom as it is to give people tools to desperately hold onto the freedom they have.

Put another way: power has a way of flowing away from the varied, strange, beautiful little leaf nodes on the outer edges and into the unaccountable, unimaginative, ever-hungry center.

Mill actually uses the enforcement of HTTPS by browser vendors as a knock against big companies like Verizon and Comcast that inject ads into HTTP-served websites, and spy agencies like the NSA and the GCHQ:

What animates me is knowing that we can actually change this dynamic by making strong encryption ubiquitous. We can force online surveillance to be as narrowly targeted and inconvenient as law enforcement was always meant to be. We can force ISPs to be the neutral commodity pipes they were always meant to be. On the web, that means HTTPS.

As Mill points out in his article, there are great reasons to add an HTTPS certificate to a website that has no interactive elements beyond links. It makes sense to me to generally prefer HTTPS going forward, but I have concerns about two browser vendors working to effectively eliminate the non-HTTPS web; or, at least, to put barriers between it and users.

I like the way Firefox attempts to educate users directly adjacent to insecure password fields; I also don’t mind the way Chrome handles notifications of HTTP-only webpages today. But the changes coming in July that will mark all HTTP webpages as “not secure”, and that will make a large — if hardly-trafficked — part of the web feel like it’s diseased. And what will Google do in the future, I wonder? If they’re going to progressively increase their warnings on HTTP webpages, what’s next?

I also agree with Winer on another key point: enforcing a pseudo-mandatory policy on HTTPS makes it that much harder for someone new to this stuff to even begin to understand it. As Frank Chimero recently wrote, building stuff for the web has become vastly more complicated since even five years ago. I’m happy to keep learning new skills and growing my understanding of what the web can do, but I don’t know where to begin on this modern web. I don’t intend to hold myself up as a barometer of the complexities of modern web programming or anything — I just don’t know what’s going on any more. I’ve been doing this stuff for nearly twenty years. I don’t know how someone who is eight years old could start digging into React, or Node.js, or any of the other modern JavaScript-based ways of writing <h1>hello world</h1>.

I’m sure the kids will figure it out — they always do. However, I worry that introducing more requirements, even something as simple as HTTPS, can be discouraging. That’s the last thing HTTP/HTML web should be: discouraging. It is one of the greatest enablers of communication in human history. Let’s not allow its future to be dictated by browser vendors.

Or, in Mill’s language: let’s make sure we encourage building more leaf nodes by making their creation easier and more fun, instead of allowing a much stronger centre to form.

The Ways in Which Facebook Builds User Data Profiles for Targeted Advertising

Joanna Stern, Wall Street Journal:

A conspiracy theory has spread among Facebook and Instagram users: The company is tapping our microphones to target ads. It’s not.


I believe them, but for another reason: Facebook is now so good at watching what we do online — and even offline, wandering around the physical world — it doesn’t need to hear us. After digging into the various bits of info Facebook and its advertisers collect and the bits I’ve actually handed over myself, I can now explain why I got each of those eerily relevant ads. (Facebook ads themselves offer limited explanations when you click “Why am I seeing this?”)

Advertising is an important staple of the free internet, but the companies buying and selling ads are turning into stalkers. We need to understand what they’re doing, and what we can — or can’t — do to limit them.

Think about how quickly we’ve accepted this as the new normal, and why. Do we really prefer highly-specific advertising, as Facebook and Google say we do, or is it simply very creepy? Even if you don’t have a Facebook or Google account, you’re using Safari — which limits ad tracking by default — and have all sorts of silly settings to limit your exposure to trackers, there are still an extraordinary number of ways that your information can be acquired for highly-targeted advertising, almost always without your explicit permission.

California Becomes Eighteenth State to Introduce ‘Right to Repair’ Legislation

Jason Koebler, Vice:

“The Right to Repair Act will provide consumers with the freedom to have their electronic products and appliances fixed by a repair shop or service provider of their choice, a practice that was taken for granted a generation ago but is now becoming increasingly rare in a world of planned obsolescence,” Susan Talamantes Eggman, a Democrat from Stockton who introduced the bill said in a statement.

The announcement had been rumored for about a week but became official Wednesday. The bill would require electronics manufacturers to make repair guides and repair parts available to the public and independent repair professionals and would also would make diagnostic software and tools that are available to authorized and first-party repair technicians available to independent companies.

I’m intrigued by this wave of “right to repair” legislation — much of which has been pushed by Repair.org, a repair industry trade group — but I’m curious about what parts must be repairable, especially in consumer electronics. The full text of the California bill hasn’t been posted publicly, as far as I can see, but Minnesota’s has and it’s fairly nonspecific. I’m all for batteries being designed to be more replaceable, even if it takes popping a few screws out, but what about trickier components, like chips that are soldered to the board? Would a manufacturer be required to provide full board component repairability, or just the ability to replace the board itself?

Selfishly, I hope this legislation leads to more upgradable MacBooks, especially the Pro. I don’t think a professional notebook designed to last several years should have its internal storage capacity capped at time of purchase.

Notes on Analytics and Tracking in Onavo Protect for iOS

Will Strafach:

Recent media coverage of Onavo Protect encouraged me to investigate the code for the iOS version of their app. I wanted to determine what types of data is collected in addition to the alleged per-app-MAU tracking performed server-side.

I found that Onavo Protect uses a Packet Tunnel Provider app extension, which should consistently run for as long as the VPN is connected, in order to periodically send the following data to Facebook (graph.facebook.com) as the user goes about their day:

  • When user’s mobile device screen is turned on and turned off

  • Total daily Wi-Fi data usage in bytes (Even when VPN is turned off)

  • Total daily cellular data usage in bytes (Even when VPN is turned off)

  • Periodic beacon containing an “uptime” to indicate how long the VPN has been connected

If I’m reading this right, Strafach hasn’t found indications — yet? — that Onavo sends app usage data to graph.facebook.com, but we know Onavo collects that data.

What he has found so far doesn’t appear to be nearly that intrusive, but it’s also bizarre. For example, why does Facebook need to know when your phone’s display is on?

Tangentially, Onavo’s behaviour is the kind of thing I wish App Review was more strict towards. There’s perhaps a thin line between analytics packages that developers sometimes use and what Onavo does; similarly, there’s a thin line between Onavo’s data collection and Facebook’s entire business model. But this app is just skeevy — it buries its Facebook affiliation1 and data gathering behind a different brand and the promise of protecting you from phishing.

  1. The only mention of Facebook on their website is on the about page, and in the App Store, the Facebook affiliation is in a large paragraph of text in the initially hidden area of the app description. ↩︎

iTunes LP and the iPad

David Millar:

“Apple to Discontinue ‘fancy HTML in a zip file’ Format”

Michael Tsai:

I’m not quite sure whether iTunes LP was a bad idea or simply one that neither Apple (aside from Steve Jobs?) nor the music producers actually had much interest in. How else to explain that Apple never brought it to iPad?

I think iTunes LP was a fine enough idea; ultimately, though, I can’t imagine that many people went out of their way to buy iTunes LPs instead of the usually-cheaper non-LP version of the album.

They were built using an extraordinarily flexible and easy-to-use SDK by way of TuneKit, which was basically just a website. Theoretically, that simplicity should mean that they should have worked perfectly okay on the iPad that shipped just six months after iTunes LP was introduced, and that the number of iTunes LPs created should have been more than could easily be catalogued on Wikipedia. If lots of people truly cared about them, there would be an easy way to find them in a user’s iTunes library and in the iTunes Store.

Amazon Admits Alexa Is Creepily Laughing at People and Is Working on a Fix

Shannon Liao, the Verge:

Over the past few days, users with Alexa-enabled devices have reported hearing strange, unprompted laughter. Amazon responded to the creepiness in a statement to The Verge, saying, “We’re aware of this and working to fix it.”

As noted in media reports and a trending Twitter moment, Alexa laughs without being prompted to wake. People on Twitter and Reddit reported that they thought it was an actual person laughing near them, which can be scary when you’re home alone. Many responded to the cackling sounds by unplugging their Alexa-enabled devices.

Just one more thing Amazon’s virtual assistants can do that the HomePod cannot.

But why is this possible at all? Is there some sort of hidden maniacal laughter mode? Is that something people would ever want to trigger intentionally, let alone have the device invoke accidentally? Is this a prank? And could you trust Amazon’s virtual assistant to not do anything like this again?

Apple to Discontinue ‘iTunes LP’ Format

Remember iTunes LP? Here’s how a 2009 Apple press release described the then-new format:

iTunes LP is the next evolution of the music album delivering a rich, immersive experience for select albums on the iTunes Store by combining beautiful design with expanded visual features like live performance videos, lyrics, artwork, liner notes, interviews, photos, album credits and more.

At the time, Steve Jobs described it as a way to replicate an album-like experience digitally.

As of the end of this month, though, Apple will no longer accept new iTunes LP releases. Dani Deahl, the Verge:

Earlier today, UK-based website Metro claimed to have a leaked internal email from Apple sent to music producers titled “The End of iTunes LPs.” The email supposedly stated that “Apple will no longer accept new submissions of iTunes LPs after March 2018,” and that “existing LPs will be deprecated from the store during the remainder of 2018. Customers who have previously purchased an album containing an iTunes LP will still be able to download the additional content using iTunes Match.”

While iTunes LP submissions will end this month, existing iTunes LPs will not be depreciated. Not only will these iTunes LPs continue to be available, but users will still be able to download any previous or new purchases of iTunes LPs at any time via iTunes.

I have a few iTunes LPs, but I also have a ton of actual LPs. One thing that network-accessed music will always lack, whether it is streamed or purchased, is the physicality of an album. Apple’s attempt at replicating it was a good effort and allowed them to do things that you simply can’t do with album art and liner notes, like including music videos, or behind-the-scenes films of the recording process.

But, these days, those extras don’t require a specific packaged format. Videos are streamed for the one or two times most people watch them, and lyrics are just a scroll away for many Apple Music tracks. The world moved beyond iTunes LP. And the remaining things it offered — like exquisite artwork on gorgeous poet, and that sense of a packaged product — simply can’t be replicated effectively on a screen. The weight of an LP still means something, and bytes simply don’t weigh anything.

By the way, I see a lot of stories right now forecasting the end of the iTunes Store based, in part, on this announcement. The original Metro story, for example, mis-quotes the email in its headline, and Cult of Mac jumped right on that bandwagon. I wouldn’t read too much into those. If Apple were killing music sales, they would just come out and say that.

European Union Plans to Tax Tech Giants on Local Revenue

Romain Dillet, TechCrunch:

Google, Amazon, Apple and Facebook have all faced different issues when it comes to tax optimizations. They’ve been routing their revenue through Ireland, Luxembourg, the Netherlands and other countries with a low corporate tax. Sometimes the money end up in Bermuda or the tiny island of Jersey.


That’s why Europe’s economy ministers wanted to find a way to tax them properly that is easy to implement. And Le Maire confirmed that Europe will look at the overall revenue of tech giants in each country and tax them based on that figure.

This makes complete sense to me. As Tim Cook once wrote:

Taxes for multinational companies are complex, yet a fundamental principle is recognized around the world: A company’s profits should be taxed in the country where the value is created.

This is a tax that will be assessed in each country based on companies’ earnings in each country — that seems fair enough. What’s strange, though, is that the original article off which TechCrunch’s report is based indicates that this is a tax specifically on tech companies. Perhaps it’s just a lack of context created by a poor automatic translation, but that seems silly to me. As virtually all multinational companies practice various forms of tax avoidance, why not apply this strategy to all companies operating across the E.U.?

In Addition to Cellebrite, a Second Firm Offers Late-Model iPhone Unlocking Services

Thomas Fox-Brewster, Forbes:

Just a week after Forbes reported on the claim of Israeli U.S. government manufacturer Cellebrite that it could unlock the latest Apple iPhone models, another service has emerged promising much the same. Except this time it comes from an unkown entity, an obscure American startup named Grayshift, which appears to be run by long-time U.S. intelligence agency contractors and an ex-Apple security engineer.

In recent weeks, its marketing materials have been disseminated around private online police and forensics groups, offering a $15,000 iPhone unlock tool named GrayKey, which permits 300 uses. That’s for the online mode that requires constant connectivity at the customer end, whilst an offline version costs $30,000. The latter comes with unlimited uses.

I don’t imagine Apple’s legal department is particularly thrilled that one of their ex-employees is helping crack device security measures.

At any rate, that’s now two firms that have similar intrusion capabilities using methods that they won’t report to Apple because their business models depend on their not doing so. That means that all iPhone owners are walking around with serious — albeit perhaps hard-to-exploit — vulnerabilities in their device’s security architecture. At least Apple may be able to surreptitiously acquire a copy of GrayKey and patch the vulnerabilities it uses.

Facebook Surveys Users to Find Out Whether Men Soliciting Sexual Images of Children Should Be Allowed on the Platform

Alex Hern, with one hell of a lede in the Guardian:

Facebook has admitted it was a “mistake” to ask users whether paedophiles requesting sexual pictures from children should be allowed on its website.

You don’t say.

On Sunday, the social network ran a survey for some users asking how they thought the company should handle grooming behaviour. “There are a wide range of topics and behaviours that appear on Facebook,” one question began. “In thinking about an ideal world where you could set Facebook’s policies, how would you handle the following: a private message in which an adult man asks a 14-year-old girl for sexual pictures.”

The options available to respondents ranged from “this content should not be allowed on Facebook, and no one should be able to see it” to “this content should be allowed on Facebook, and I would not mind seeing it”.

I don’t know how something like this could be possible, unless Facebook is somehow running this survey in an entirely automated way, including in writing the questions. Maybe they are, but I think someone — a human being — must have written this question and someone else must have seen it before it was published. Either there was an over-reliance in automated tools, nobody working on this survey caught such a blatantly stupid question, or someone genuinely believed this was something worth asking.

Delayed Disgratification

The Macalope, commenting on this tragedy of an article by the Motley Fool’s Ashra’s Eassa:

The phone was shipped “on time.” It was shipped when it was announced to ship and when Apple was able to meet enough demand. Your imaginary ship dates do not enter into this equation.

Eassa thinks there are people who looked at the later release date for the iPhone X and were “discouraged at having to wait until November to buy an iPhone that would ultimately be replaced by a newer, better model in about 10 months” and therefore didn’t buy an iPhone this year at all.

That seems like a very small set of people. And it’s quite likely that the 2018 release schedule will be exactly the same as the 2017 release schedule, with a base phone coming first and a higher end model coming second. So it’s a very small set of people who are very bad at evaluating choices.

Interestingly, one year ago — nearly to the day — Eassa argued that releasing the then-rumoured OLED iPhone in November was preferable:

Of course, Apple is better off delaying a product a smidgen to make sure it’s ready to go and if the redesigned fingerprint scanner meaningfully enhances the user experience, then the delay is probably worth it.

Three things about last year’s article:

  1. This was published when some rumours still claimed that the OLED iPhone would ship with a fingerprint scanner, hence that reference.

  2. Its headline frames this as “bad news”, so it sounds like Eassa is just sticking with that narrative rather than revising it in the face of facts.

  3. In interviews about the iPhone X, Apple executives have claimed that it actually shipped early — internally, they were apparently targeting a 2018 release.

Jack and the Mean Talk

Jack Dorsey:

We love instant, public, global messaging and conversation. It’s what Twitter is and it’s why we‘re here. But we didn’t fully predict or understand the real-world negative consequences. We acknowledge that now, and are determined to find holistic and fair solutions.

We have witnessed abuse, harassment, troll armies, manipulation through bots and human-coordination, misinformation campaigns, and increasingly divisive echo chambers. We aren’t proud of how people have taken advantage of our service, or our inability to address it fast enough.

That’s an extraordinarily frank admission. I admire that. So what will Twitter do about it?


Recently we were asked a simple question: could we measure the “health” of conversation on Twitter? This felt immediately tangible as it spoke to understanding a holistic system rather than just the problematic parts.

Dorsey points to an article from Cortico,1 a nonprofit firm that “aims to strengthen an American public sphere weakened by political, cultural and socioeconomic isolation“:

This experience led us to the idea that perhaps we could measure aspects of the health of the public sphere—in terms of communication exchanges between groups or tribes—grounded in data from public social media and other public media sources. As a starting point, we are developing a set of health indicators for the U.S. (with the potential to expand to other nations) aligned with four principles of a healthy public sphere:

  1. Shared Attention: Is there overlap in what we are talking about?

  2. Shared Reality: Are we using the same facts?

  3. Variety: Are we exposed to different opinions grounded in shared reality?

  4. Receptivity: Are we open, civil, and listening to different opinions?

This sounds a lot like Twitter will reference Cortico’s techniques to try to automate the hate away from conversations, but a post on Twitter’s blog indicates that they have no idea how to do this. I’m skeptical of its success. I’m concerned that Dorsey sees it as a problem, but has waited too long to do anything about it and now wants to invent a way to do it automatically, like a university student who waited to start writing their ten-thousand word essay until the night before it’s due. It seems earnest, but also a bit desperate.

I think that a better start would be to ban Nazis. I mean that literally. Flag any account where its name, handle, location, bio, or recent tweets contain allusions to Hitler normally used by white supremacist groups: “1488”, “HH”, “14 words”, and other hate symbols in context. That gives human operators the ability to sift through heaps of these accounts and ban the ones that are clearly and obviously Nazis, of which there are frighteningly many. This isn’t a perfect solution; it’s barely scratching the surface. But it would be a material change in how Twitter operates and a clear line as to what they do not tolerate. “No Nazis” should not be a controversial point of view.

  1. I had never heard of Cortico before Dorsey posted this, so I went to Wikipedia. There’s no entry for the company; there is, however, an entry for cortiço, a term used in Portugal and Brazil to describe ultra high density housing with poor sanitary conditions. I don’t know where the American firm got their name, but that’s a hell of an association. ↩︎

Twitter Launches Bookmarks

Jesar Shah, product manager at Twitter:

Today, we’re introducing Bookmarks, an easy way to save Tweets for quick access later. But wait, there’s more! Today’s update makes sharing better, too. With our new “share” icon on every Tweet, you’ll be able to bookmark a Tweet, share via Direct Message, or share off of Twitter any number of ways. Because we put all sharing actions together in one place, it’s easier to save and share privately or publicly — in the moment, or later.

This looks great. Bookmarking is easily one-third to one-half of how I use the “like” button. A key difference between the two is that bookmarks are private; likes are public and, for a few years now, followed users’ likes have been inserted at the top of the algorithmic timeline. If Twitter were driven less by juicing “engagement” metrics, this feature might not be necessary.

Unfortunately, there’s nothing in this announcement nor anything in Twitter’s documentation that suggests they’re making this available to third-party developers; I hope they do.

Forbes: Cellebrite Can Now Unlock Recent iPhones, Including the iPhone X

Thomas Fox-Brewster, Forbes:

Cellebrite, a Petah Tikva, Israel-based vendor that’s become the U.S. government’s company of choice when it comes to unlocking mobile devices, is this month telling customers its engineers currently have the ability to get around the security of devices running iOS 11. That includes the iPhone X, a model that Forbes has learned was successfully raided for data by the Department for Homeland Security back in November 2017, most likely with Cellebrite technology.

The Israeli firm, a subsidiary of Japan’s Sun Corporation, hasn’t made any major public announcement about its new iOS capabilities. But Forbes was told by sources (who asked to remain anonymous as they weren’t authorized to talk on the matter) that in the last few months the company has developed undisclosed techniques to get into iOS 11 and is advertising them to law enforcement and private forensics folk across the globe. […]

On some level, this is extremely impressive. The iPhone is the gold standard in consumer smartphone security — possibly in smartphone security period — and they keep improving with every generation. A flaw that allows someone to bypass an iPhone’s hardware-enforced encryption is very rare indeed; that’s why some security firms will pay up to a million dollars for that kind of an exploit.

But it is deeply troubling as well. While we don’t know anything about Cellebrite’s technique for breaching an iPhone’s security — including whether their method has been patched in an iOS 11 update — it is notable that a security firm has found an exploit but is unlikely to tell Apple about it. It’s concerning that three-letter agencies are hoarding zero-days, but at least those agencies are ostensibly publicly accountable. That doesn’t make it right, but it does make it slightly easier to stomach than a for-profit company charging $1,500 a pop to law enforcement agencies worldwide — some of which are less reputable than others, mind you — and not disclosing vulnerabilities to software vendors is callous. It puts users worldwide at risk for their financial gain.

Update: If you are worried about the possibility of Cellebrite — or anyone else who figures out their PIN cracking methodology — breaking into your phone, Ray “Redacted” has a good tip:

If you are concerned by this then one thing you can due to mitigate it is to change your iPhone PIN from a six digit number to an alphanumeric passphrase. The cellebrite exploit involves a brute force PIN trick that allows unlimited attempts without wiping.

Like any passphrase, it should contain a mix of lowercase and uppercase letters, numbers, and symbols. It can even be of a similar length, but a greater combination of character options means a longer cracking process.

Update: Fox-Brewster has confirmed with Cellebrite that their method can unlock iPhones running up to iOS 11.2.6, the latest public release.

Timers, Reminders, and Alarms

Dr. Drang explored all the conceivable ways you can tell your Apple devices to notify you about something at a specific time, and it’s quite the mess. There are huge inconsistencies between devices, basic failures in Siri’s competence, and baffling shortcomings to nearly every approach.

One thing I wanted to draw attention to, though, was this observation:

The number of alerts that can be set was the starting point for the last post. People want multiple timers in their HomePods. That’s great, but Apple’s never had multiple timers in any iOS device, which is why I’ve always used reminders instead.

This is true. But, while I don’t think Drang is framing this as a rebuttal, per se, to critics who have pointed out that the HomePod supports only a single timer, I think it’s much more glaring on that device for a good reason: it’s an appliance. All smart speakers1 are designed to be placed on a table or a desk, and many will be used in or near the kitchen. If you have two or three different dishes on the go, you may want two or three different timers, and a smart speaker seems like it should be able to provide that. It would be nice — very nice, at that — if the iPhone supported multiple timers; it’s almost an expectation for the HomePod to. And, for what it’s worth, I think the Apple Watch also ought to do that by now.

  1. Apple can emphasize the audio quality all they like, but by putting Siri in the HomePod, they opened it up to direct comparison against the Google Home and Amazon Echo. ↩︎

Some iCloud Storage Infrastrucure Has Been Switched From Microsoft Azure to Google Cloud

Jordan Novet, CNBC:

Apple periodically publishes new versions of a PDF called the iOS Security Guide. For years the document contained language indicating that iCloud services were relying on remote data storage systems from Amazon Web Services, as well as Microsoft’s Azure.

But in the latest version, the Microsoft Azure reference is gone, and in its place is Google Cloud Platform. Before the January update, Apple most recently updated the iOS Security Guide in March.

When news of this deal first broke nearly two years ago, I was surprised that Apple was still so dependent on third parties for iCloud storage. I understand that these things take time, but iCloud is seven years old this year, and Apple has been providing various internet services for decades.

Apple maintains that they control the encryption keys and that Google cannot possibly intercept iCloud users’ data, which is true — with the possible exception of email, since it is stored unencrypted — but I don’t think that iCloud users expect their data to be stored in ways not entirely controlled by Apple, especially given the company’s emphasis on privacy.

For Chinese Users, Apple Moves to Store iCloud Keys in China

Stephen Nellis and Cate Cadell, Reuters:

When Apple Inc begins hosting Chinese users’ iCloud accounts in a new Chinese data center at the end of this month to comply with new laws there, Chinese authorities will have far easier access to text messages, email and other data stored in the cloud.

That’s because of a change to how the company handles the cryptographic keys needed to unlock an iCloud account. Until now, such keys have always been stored in the United States, meaning that any government or law enforcement authority seeking access to a Chinese iCloud account needed to go through the U.S. legal system.

Now, according to Apple, for the first time the company will store the keys for Chinese iCloud accounts in China itself. That means Chinese authorities will no longer have to use the U.S. courts to seek information on iCloud users and can instead use their own legal system to ask Apple to hand over iCloud data for Chinese users, legal experts said.

Nothing about this is good news, but it’s very hard to see what alternatives there are in this case. They could threaten to pull out of the Chinese market unless the law is changed, but that would do more damage to Apple than it would the Chinese government, with likely little effect. Also, it’s likely that iCloud not being offered in China would motivate people there to switch to a less secure alternative.

It’s difficult to reconcile this forced hand with Apple’s overall commitment to user privacy:

In a statement, Apple said it had to comply with recently introduced Chinese laws that require cloud services offered to Chinese citizens be operated by Chinese companies and that the data be stored in China. It said that while the company’s values don’t change in different parts of the world, it is subject to each country’s laws.

I’ve written several times previously about my discomfort with a handful of predominantly Californian companies controlling the flow and storage of much of the world’s data. For Chinese citizens, though, it was potentially beneficial to have the American legal system as a barrier for information requests.

See Also: Apple’s iCloud security overview, which appears to be the same in China, but also hasn’t been updated in about six months.

On the ‘Marketplace of Ideas’

Paris Martineau, the Outline:

Years of outbursts from hate group after hate group have forced these companies to realize that the laissez-faire attitude they’ve leaned on for so long doesn’t actually work, but rather, makes the entire thing rot from the inside. But the fact that platforms won’t fully commit to managing the content that people spew on these platforms leaves a vacuum of confusion and hypotheticals, which generally (like all things nowadays) lead to conspiracies and misinformation.

In all this time, no company has actually tried totally depriving bad ideas of oxygen. Trust me, this is a sentence I never thought I’d say, but in times like these, Twitter (and the tech world as a whole, really) could learn a thing or two from Medium.

Part of the reason that the marketplace of ideas often fails to return more intelligent and ethically cognizant discussions is because it is subsidizing sensationalism.

I also think one aspect of Twitter’s hesitance to ban nazis and other contemptible parties that is often ignored is that this is, in part, a side effect of the company being based in the United States, and run by ambassadors for that country’s extraordinarily permissive free speech laws. I recognize that I’m treading between broken glass here with some of my American readers, in particular, but it’s worth recognizing that unrestricted speech in all its forms is a uniquely American concept. Other developed nations also have a marketplace of ideas, but with restrictions — as in the marketplace of goods and services.

Something that is perhaps most notable about social platforms like Twitter is how they have packaged and exported the First Amendment. But the weird thing is that they don’t have to do that: they’re a private company, and they can make their own rules as they see fit. Martineau’s piece is a wise argument in favour of this.

The cynical part of me thinks that Twitter’s staunch adherence to and promotion of extremely permissive free speech is not a conscious philosophy, but simply a convenient way to avoid having to invest in moderating it.

Happy ‘International Blog Remembrance Day’, a New, Made-Up Holiday

Jason Koebler, Vice:

The general decline of the blog—not the news blog, but the BLOG BLOG—is a bummer. No offense to the many cool and worthwhile bloggers still posting to WordPress, Tumblr, XANGA(?), and good ol’-fashioned websites, but for the most part, the best blogs of our generation are being wasted in tweetstorms, Facebook rants, and reddit comments. I am not just making this up: There are entire conferences dedicated to preserving Web 1.0, back before our computers had become Facebook and Twitter machines.

On a related note, Laura Hazard Owen interviewed Jason Kottke for Nieman Lab:

[…] The way I’ve been thinking about it lately is that I am like a vaudevillian. I’m the last guy dancing on the stage, by myself, and everyone else has moved on to movies and television. The Awl and The Hairpin have folded. Gawker’s gone, though it would probably still be around if it hadn’t gotten sued out of existence.

On the other hand, blogging is kind of everywhere. Everyone who’s updating their Facebook pages and tweeting and posting on Instagram and Pinterest is performing a bloggish act.

Unlike a blog, though, the format of these posts often cannot be controlled by the author, and the author often doesn’t actually own what they’ve just published. The loss of the importance of actual blogs is a real sucker punch for the web.

The FCC’s Order Gutting Net Neutrality Is Now Official

Devin Coldewey, TechCrunch:

The FCC’s “Restoring Internet Freedom” order, which vastly curtails the agency’s 2015 net neutrality rules, has officially taken effect by being entered the Federal Register.

The order, published Thursday morning, may sound like the end of the line, but in fact this is the green light for everyone in the country, from citizens to attorney generals to governors and senators, to begin the official battle against the FCC’s ill-advised, technically backwards, and deeply unpopular rule.

Today also marks the first day that ISPs can legally discriminate against or promote any data they transmit as they wish. The day after the FCC voted to dismantle net neutrality legislation, Ajit Pai made an appearance on Fox & Friends to defend the decision he led:

John Bowden, the Hill:

Federal Communications Commission (FCC) Chairman Ajit Pai said Friday that supporters of net neutrality provisions that were repealed Thursday have been proven wrong, as internet users wake up still able to send emails and use Twitter after the regulations were struck down.

Of course, Pai isn’t stupid, and he knows that this is a completely disingenuous defence. For one thing, it will take sixty days after the repeal is published in the Federal Registry for it to take effect.

I should have written “for it to take permanent effect”.

So, now that Pai and the other Republicans on the FCC have killed net neutrality in the United States, what are companies doing on what is supposedly the first day they can invest more in their infrastructure and give consumers a better deal, as Pai repeatedly claimed?

Jacob Kastrenakes, the Verge:

AT&T has expanded its “sponsored data” program to cover customers on its prepaid wireless plans, offering them the ability to stream content from select partners without counting toward their data cap. The program was previously available to postpaid customers, but it now seems to apply to most AT&T wireless users.


Not coincidentally, the only three services I could find that support AT&T’s sponsored data are owned by AT&T: DirecTV, U-verse, and Fullscreen, all video services. If you’re an AT&T wireless customer deciding between DirecTV Now and a competitor, like Hulu or Sling TV, this program gives the AT&T-owned service a huge advantage.

What a surprise.

‘Trending’ on Social Media Is Worthless

Brian Feldman, New York magazine:

This is the other problem of “trending,” conceptually: It’s eminently gameable, but the platforms that use the term never make the rules clear. “Trending” is given the imprimatur of authority — videos or topics handed down from on high, scientifically determined to have trended — when really it’s a cobbled-together list of content being obsessively shared or tweeted about by people who love Justin Bieber. Or Logan Paul. Or who believe in crisis actors.

I increasingly believe that the code that drives social networks is built largely on an assumption of good user intentions. Yes, there are rudimentary tools to block users or report an offending post, but a lot of what makes these services so popular is that they assume that whatever you’re doing is probably okay. And there is nothing wrong with that, provided these services also aren’t: a) massively influential, and b) capable of having this philosophy exploited by bad-faith trolls, bots, and other bad actors. I don’t necessarily think that this is a naïve way to build a platform; I really do think that people are generally good, but it’s asking a lot for the handful of people who run these platforms to solve for integrity. Difficult as it may be, it’s necessary.

Bloomberg: Apple Is Negotiating the Purchase of Cobalt Directly From Miners

Jack Farchy and Mark Gurman, Bloomberg:

Apple Inc. is in talks to buy long-term supplies of cobalt directly from miners for the first time, according to people familiar with the matter, seeking to ensure it will have enough of the key battery ingredient amid industry fears of a shortage driven by the electric vehicle boom. 

The iPhone maker is one of the world’s largest end users of cobalt for the batteries in its gadgets, but until now it has left the business of buying the metal to the companies that make its batteries.

Normally, this is the kind of supply chain rumour that would put me to sleep halfway through reading the headline, but there’s a good reason why I’m sharing this.

You may remember a report from a couple of years ago about persistent child and illegal labour in the cobalt mining industry. After the Washington Post ran that story, Apple began treating cobalt similarly to the way they treat conflict minerals like tin and gold. By buying directly from the miners, Apple now has the opportunity to transparently verify the source of the cobalt they use.

Your ‘Lite’ App Should Be Your Only App

K.Q. Dreger, on the recent wave of so-called “lite” variants of increasingly-bloated apps:

What part of being fast, data conscious, and reliable is exclusive to old devices or those on poor networks? Why does Twitter Lite feel more like Twitter than anything the company’s done with their main website or app over the past few years? Are Facebook, Twitter, and Google truly so married to ads, analytics, and A/B testing frameworks that their only shot at making a reasonably sized, fast app is to start fresh? Will these lite variants actually stay that way, or will the bloat slowly creep back in?

I get the allure of building apps and operating systems that take advantage of the latest and greatest hardware, or to try to build up the app’s experience with more stuff. But maybe — just maybe — if a company feels like they need to release a “lite” version of their app to tidily deliver what they consider its core experience, maybe that app has become way too bloated.

‘Loading Accessories and Scenes’

From an Apple support document about troubleshooting HomePod setup problems:

Open the Home app on your iOS device and check that you see your accessories and scenes. If you see a message that says loading accessories and scenes, wait for the Home app to finish loading. If the Home app stays in a loading state for 30 minutes or longer, you should see an option to erase and reset the Home app.

First of all, I think the timeout for triggering this debugging mode for HomeKit accessories should be much shorter than thirty minutes.

But, as someone impacted by this problem since the developer betas of iOS 10, I kept my iPhone awake and running the Home app for half an hour. Twice. Both times, I did not see any option appear that would allow me to reset the Home app, its settings, or anything in iCloud. I also cannot find any additional options in Settings to reset any data.

Trusting Third Party Code

Felix Krause:

Third-party SDKs can often easily be modified while you download them! Using a simple person-in-the-middle attack, anyone in the same network can insert malicious code into the library, and with that into your application, as a result running in your user’s pockets.

31% of the most popular closed-source iOS SDKs are vulnerable to this attack, as well as a total of 623 libraries on CocoaPods. As part of this research I notified the affected parties, and submitted patches to CocoaPods to warn developers and SDK providers.

Last week, news broke that a third-party screen reading script often used by government and public websites was surreptitiously mining a cryptocurrency. A couple of years ago, a programmer pulled several of his scripts from a JavaScript registry; several applications that were dependent on one of these packages, in particular, subsequently failed to compile.

Even this very website has been susceptible to failures in third-party code, albeit on a minor scale: most ads are loaded from Carbon’s CDN; but, occasionally, they have served ad images from those advertisers’ servers. You may have seen the result of this when the ad image is blank, owing to the content security policy I’ve implemented here.

In response to the cryptocurrency mining screen reading script revealed last week, I wrote that we ought to treat third-party code as though it will, at some point, be carrying malware. I feel like that might be too generous. It is not realistic to tell developers to stop using third-party code, but they should not trust it.

Ad Filtering in Google Chrome

Dare Obasanjo (via Michael Tsai):

Chrome starts blocking ads unless they meet its rules. This is driving publishers to switch to “compliant” ad networks.

Would love to see stats on how many such publishers move to Google’s ad network. The strong arming so blatant.

Google’s ad network is the most popular in the world; Chrome is the most widely-used web browser.

Every so often, I get emails from readers implying that I’m treating Google’s attempts at creating silos or lock-in differently from Apple’s. I am, and there’s a very good reason for that: Google is using the web, an open platform, to strong-arm competitors and entangle users in their products. They are treating the web as though it were their private domain. We ought to reject these attempts.

AMP for Email Is a Terrible Idea

Devin Coldewey, TechCrunch:

The excuse that the mobile web isn’t fast enough is threadbare, and the solution of a special Google-designed sub-web transparently self-serving. It’s like someone who sells bottled water telling you your tap runs too slow.

AMP for email is just an extension of that principle. People leave Gmail all the time to go to airline webpages, online shops, social media, and other places. Places that have created their own user environments, with their own analytics, their own processes that may or may not be beneficial or even visible to Google. Can’t have that!

But if these everyday tasks take place inside Gmail, Google exerts control over the intimate details, defining what other companies can and can’t do inside the email system — rather than using the natural limitations of email, which I hasten to reiterate are a feature, not a bug.

If AMP is, indeed, a new thing for the open web — as Google has framed it — then it should be entirely separated from Google’s control and submitted to standards bodies for a more democratic development process. I have zero expectations of them doing so.

Chartbeat: Google AMP Traffic Has Doubled Since January 2017

Sara Fischer, Axios:

According to new data from Chartbeat, the vast majority of traffic growth publishers are seeing from platforms is now coming from Google AMP (Accelerated Mobile Pages) — or fast-loading mobile article pages on Google Search and Google News.


According to the data, mobile is driving almost all traffic growth for publishers from platforms, and has been since at least early 2017. And traffic to publishers using AMP specifically is up 100% since 2017.

Traffic to publishers from non-AMP Google referrals is nearly 65% less than traffic from AMP Google referrals. Google is digging even deeper into this proprietary format. That’s not good for the future of the web, nor is it good for the future of publishing. We’ve seen how news organizations too dependent on Facebook can see their traffic tank after an adjustment to the way News Feed works. Publishers should not tie their success to that of AMP, nor Google’s bias towards it.

Good vs. Better at Bad

Joe Cieplinski:

I say this with no small amount of respect for how hard this technology is and how far it has come recently. I’m as excited as the next geek when it comes to the future of AI and voice recognition. I think it’s all super cool.

But it’s not good. Not for most people. It’s barely past the point of being a parlor trick, if we’re being honest. Answering trivia questions? Turning on the lights? There’s a reason even early adopters generally resort to using these devices for a small set of simple tasks. That’s about all they can do reliably.

This is a fair point in the battle between virtual assistant technologies. We’re a long way from being able to treat them as actual assistants, rather than voice-based ways to add items to a list of reminders.

But I maintain that, even if Amazon and Google aren’t that much closer to a fully assistive software or hardware product, the ways in which Siri frequently fails are unacceptable. It does not maintain context; it is often disobedient, inexplicable, and incompetent. This stuff is hard, absolutely, but it also fails far too often — and inconsistently — at things that ought to be entirely trivial.

Uber Lost $4.5 Billion in 2017

Eric Newcomer, Bloomberg:

Adjusted net revenue last quarter increased 61 percent to $2.22 billion from the same period in 2016. Meanwhile, the total value of fares grew to $11 billion that quarter. It was the first full quarter under Dara Khosrowshahi, who took over the troubled business in September.

Despite a turbulent year for the ride-hailing company, sales were $7.5 billion. But the company also posted a substantial loss of $4.5 billion. There are few historical precedents for the scale of its loss.

In 2016, Pixel Envy earned $3 billion more than Uber, and I’m thrilled to report that the delta between me and Uber for 2017 was 50% greater.

A reminder that no taxi company could survive losses like those Uber has been posting; also, that the reason a fare with an Uber driver is cheaper is because it’s subsidized at below-market rates by venture capital firms; and that, despite some benefits for gig economy workers in the new tax code, Uber is among many gig-type companies that does not provide health coverage for their American drivers.

Under the Guise of Security, Facebook is Promoting Their VPN in Their iOS App

Sarah Perez, TechCrunch:

Marketing Onavo within Facebook itself could lead to a boost in users for the VPN app, which promises to warn users of malicious websites and keep information secure – like bank account and credit card numbers – as you browse. But Facebook didn’t buy Onavo for its security protections.

Instead, Onavo’s VPN allow Facebook to monitor user activity across apps, giving Facebook a big advantage in terms of spotting new trends across the larger mobile ecosystem. For example, Facebook gets an early heads up about apps that are becoming breakout hits; it can tell which are seeing slowing user growth; it sees which apps’ new features appear to be resonating with their users, and much more.

This data has already helped Facebook in a number of ways, most notably in its battle with Snapchat. At The WSJ reported last August, Facebook could tell that Instagram’s launch of Stories – a Snapchat-like feature – was working to slow Snapchat’s user growth, before the company itself even publicly disclosed this fact.

Think about that: Facebook has one of the largest platforms in the world, and is using that influence to promote a service that they control to spot and preemptively eliminate potential competitors. The reason they’re able to do all of these things is because of their size and dominance.

I understand the reluctance by many regulators and industry observers to say that Facebook ought to be broken up into smaller, unaffiliated companies, but I’m struggling to see many other ways to keep the company’s influence in check. Largely ignoring it, as has been done so far, is bad for competition. Even if you ignore potential anticompetitive issues, there’s still a question of whether users of Facebook’s VPN are adequately aware of how the company accessed and uses their data.

Google Announces AMP For Email Spec

Gmail engineer Raymond Wainman:

You may have heard of the open-source framework, Accelerated Mobile Pages (AMP). It’s a framework for developers to create faster-loading mobile content on the web. Beyond simply loading pages faster, AMP now supports building a wide range of rich pages for the web. Today, we’re announcing AMP for Email so that emails can be formatted and sent as AMP documents. As a part of this, we’re also kicking off the Gmail Developer Preview of AMP for Email — so once you’ve built your emails, you’ll be able to test them in Gmail.

Not content with bifurcating the web with the introduction of a proprietary HTML-like webpage format, Google is now trying to split email clients into Gmail and everybody else. Gmail is already an email-like product and has some of the worst CSS support of mainstream email clients.

Of course, there’s a good chance the advanced capabilities of this format won’t catch on because email clients are already pretty fragmented as things stand today. It’s an area of the web where the lowest common denominators — HTML tables and old-school tags like <font> — are used with disturbing regularity, simply because it’s the only markup that works well in all clients. It’s frustrating enough to build emails as things are; I imagine many developers will reject this because it adds yet another layer of complexity to their workflow that may not be used by a large number of recipients.

Developers shouldn’t reject this on those grounds alone, however. Google’s increasing demands to bend open formats with proprietary variations is a fantastic reason to avoid AMP in email messages.

Apple Reportedly Focusing Less on Monolithic Annual iOS Updates

Mark Gurman, Bloomberg:

Apple’s annual software upgrade this fall will offer users plenty of new features: enabling a single set of apps to work across iPhones, iPads and Macs, a Digital Health tool to show parents how much time their children have been staring at their screen and improvements to Animojis, those cartoon characters controlled by the iPhone X’s facial recognition sensor.

But just as important this year will be what Apple doesn’t introduce: redesigned home screens for the iPhone, iPad and CarPlay, and a revamped Photos app that can suggest which images to view.

These features were delayed after Apple Inc. concluded it needed its own major upgrade in the way the company develops and introduces new products. Instead of keeping engineers on a relentless annual schedule and cramming features into a single update, Apple will start focusing on the next two years of updates for its iPhone and iPad operating system, according to people familiar with the change. The company will continue to update its software annually, but internally engineers will have more discretion to push back features that aren’t as polished to the following year. 

The biggest news here is that Apple is reportedly adjusting their internal processes to try to reduce the demands of an annual update. But I’m not sure how much will change externally because this sounds a lot like the way they presently release iOS updates: still a focus on new features in the autumn, with some features debuting later in that major version’s release cycle. Apple Pay Cash, for instance, was announced at WWDC in June with the implication that it would be release with iOS 11.0, but it wasn’t launched until November with iOS 11.2.

If the changes are as modest as this report makes them out to be, how much of an improvement can we realistically expect in software quality?

Autocorrect Based on Contacts and Apps

Wil Shipley:

Imagine being in charge of an algorithm that hundreds of millions of users depend on every day and saying, “Hey, let’s take any word that’s capitalized in your contacts and just always capitalize it in text messages!”

It’s not just contact names that inform the autocorrect dictionary: any capitalized word in a contact record will be fed into the dictionary, as will installed apps. So, if you know someone who works at, say, Apple, or you have the Transit app installed, you will find yourself regularly undoing the automatic capitalization of those words when talking about fruit or the very concept of public transit. Sometimes, autocorrect will fix its aggressive capitalization after it is given more context by typing several more words; but, frequently, it does not.

A Third-Party Script Used by Government Websites Was Compromised to Mine Cryptocurrency

Scott Helme:

I had a friend of mine get in touch about his AV program throwing a warning when visiting the ICO website. The ICO bill themselves as:

The UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals.

They’re the people we complain to when companies do bad things with our data. It was pretty alarming to realise that they were running a crypto miner on their site, their whole site, every single page.

At first the obvious thought is that the ICO were compromised so I immediately started digging into this after firing off a few emails to contact people who may be able to help me with disclosure. I quickly realised though that this script, whilst present on the ICO website, was not being hosted by the ICO, it was included by a 3rd party library they loaded.

Scary as it is, this is arguably relatively minor incident; imagine if it were a more malicious script — something like a keylogger. It would be wise for web developers reliant upon third-party scripts to treat them as though they will, at some point, carry malware.

Equifax Continues to Be Useless and Terrible at Absolutely Everything

Zack Whittaker, ZDNet:

Hackers stole more data from Equifax in a breach last year than initially thought.


A letter published Friday by committee member Sen. Elizabeth Warren (D-MA) to acting Equifax chief executive Paulino do Rego Barros summarized the senator’s five-month investigation into the Equifax breach, which said tax identification numbers (TINs), email addresses, and additional license information — such as issue dates and by which state — were not originally disclosed.

A reminder that Reuters reported earlier this month that the CFPB investigation into the Equifax breach is “on ice”.

An Apple Intern Reportedly Stole iOS Source Code and Leaked It to His Friends

Lorenzo Franceschi-Bicchierai, Vice:

According to these sources, the person who stole the code didn’t have an axe to grind with Apple. Instead, while working at Apple, friends of the employee encouraged the worker to leak internal Apple code. Those friends were in the jailbreaking community and wanted the source code for their security research.

The person took the iBoot source code—and additional code that has yet to be widely leaked—and shared it with a small group of five people.

“He pulled everything, all sorts of Apple internal tools and whatnot,” a friend of the intern told me. Motherboard saw screenshots of additional source code and file names that were not included in the GitHub leak and were dated from around the time of this first leak.

Baseband code from the same time period has also been leaked publicly.

Everything Easy is Hard Again

Frank Chimero:

If you go talk to a senior software developer, you’ll probably hear them complain about spaghetti code. This is when code is overwrought, unorganized, opaque, and snarled with dependencies. I perked up when I heard the term used for the first time, because, while I can’t identify spaghetti code as a designer, I sure as hell know about spaghetti workflows and spaghetti toolchains. It feels like we’re there now on the web.


I wonder what young designers think of this situation and how they are educating themselves in a complicated field. How do they learn if the code is illegible? Does it seem like more experienced people are pulling up the ladder of opportunity by doing this? Twenty years ago, I decided to make my own website, because I saw an example of HTML and I could read it. Many of my design peers are the same. We possess skills to make websites, but we stopped there. We stuck with markup and never progressed into full-on programming, because we were only willing to go as far as things were legible.

This essay resonated deeply with me. I wrote my first line of HTML about twenty years ago. I remember editing the Yahoo homepage in Netscape Composer around that time, and building a Geocities website not that long after. It felt easy and approachable, even if <table> syntax was often inscrutable and unpredictable. A few years later, the CSS wave hit the web and I learned about why it was appropriate to separate presentational code from the page’s markup.1 CSS has become more complicated since then, but it continues to make sense to me, even though I need to look up the flexbox syntax every time I use it.

Over the last five years or so, even the most basic website stopped being treated as a collection of documents and started being thought of as software. Over the same period of time, I have gone from thinking that I know how to build a website quickly and efficiently to having absolutely no clue where to start learning about any of this stuff. I can’t imagine being eight years old again and being interested in the web as something anyone can contribute to.

See Also: Chimero’s spoken, longer-form version of this essay, given as a talk at Mirror Conf.

  1. And, yet, the easiest way to make a few boxes side-by-side that have the same resulting height despite allowing a flexible amount of text in each remains display: table-cell. The same technique allows perhaps the easiest way to vertically centre an unpredictable amount of text. Like tables for layout purposes, it still isn’t semantically correct, but we use it anyway. ↩︎

Reports of Google’s Newfound Design Prowess Have Been Greatly Exaggerated

There is something unique about deliberately contrarian-for-the-sake-of-being-contrarian positions that irks me so much, and I’m not sure what it is. I don’t know that it’s because these arguments are poor so much as it is that they’re easily shown to be poor. Maybe it’s the author’s optimism that convinces them that their piece is worth publishing, or maybe it’s just provocative for its own sake — the latter of which is even more irritating for me because I know that my frustration with the argument is entirely the author’s intention, and I’d rather not play into that. Whatever the case, it’s the sort of thing that rattles around inside my head.

Which brings me to two pieces written by Joshua Topolsky last autumn. The first, “Apple is Really Bad at Design”, posits that Apple’s recent products no longer represent the pinnacle of design in the industry. To be fair to Topolsky, he may sincerely believe that there’s value in challenging the assumption that these products are well-designed, and I think that’s completely reasonable. It’s that article’s companion piece, “Google is Really Good at Design”, that occasionally creeps up in my mind.


The concepts inherent in Material Design — a system of literal layers that evoke the tactility of a stack of paper, but offers the flexibility of digital spaces; a responsive layout concept that assumes no two devices may be exactly the same size or shape; a bold use of typography, motion, and color — showcase a decidedly different approach than Apple has taken. Where Jony Ive and company have produced a scattered, visually unmoored solution that seems to be solving small problems bite-by-bite, Google essentially blew up what had come before and reset. This radical rethink has spread into Google’s deep web pockets, meaning that a logical system of navigation and connectivity not only informs what you see on your phone when you interact with apps and services, but what you get on the web, on a laptop, or on a TV. Gmail is Gmail is Gmail, responding to whatever screen it’s on. And sometimes, thanks to Google’s deep machine learning and natural language chops, Gmail is also the disembodied voice you talk to while you’re driving. In Google’s universe, its voice-activated Assistant isn’t middleware — it’s everyware, tapping deeply and natively into all of the company’s nodes.

Topolsky is generally right in saying that Google’s approach to user interfaces is remarkably consistent across everything, but I would argue that it represents why their products are often so frustrating and cumbersome to use.

Case in point: their new YouTube app for tvOS. The last version didn’t represent a dramatic design statement or look particularly special — it was pretty much the same as any of the default tvOS apps — but it worked, for the most part. It was the only app I’ve used on my Apple TV that would regularly kick me back to the tvOS home screen instead of the last screen in the app when I pressed the remote’s menu button while watching a video, and it had stability problems when searching, but it wasn’t terrible.

The new app, though, represents everything wrong with Google’s present UI design philosophy. It follows virtually none of the Apple TV platform conventions:

  • There’s a sidebar on the left that looks like an Android action bar.

  • Swiping to the left on the touch pad from any of the app’s menu screens will open a main menu panel, with navigation options for your subscriptions, video history, and own video library.

  • There’s also a horizontal navigation element, similar to the type that you would find in a default tvOS app.

  • None of these elements behaves as you might expect, primarily because the YouTube app doesn’t interpret swipes and scrolls like any other app. There’s no audible blip whenever you select something, and swiping around manages to be both sluggish and jerky.

    The frustratingly slow scrolling is especially pronounced on the aforementioned horizontal navigation element because swiping just a little too far to the left will open the modal main menu panel that covers a third of the screen.

    The slow scrolling is also apparent in the main menu panel. The scrolling “friction”, for lack of a better term, is such that swiping down just a little is unlikely to have any effect, and swiping down just a little bit more will move the selector down two menu items. It can be very difficult to get it to move one menu item at a time.

  • There’s no sense of transition between screens or states. Instead of fading, screens simply change; instead of smoothly sliding left or right when scrolling across thumbnails, there will often be a sudden jump to load the new set of thumbnails.

  • Swiping horizontally across the remote while a video is playing will scrub the video. This is something Apple quickly changed after the fourth-generation Apple TV debuted because of how easy it was to accidentally invoke it.

  • Tapping on the remote’s touch pad to display onscreen controls automatically selects the play/pause button instead of the scrubber, as in other tvOS apps, and there are two levels of controls in the custom player.

  • The app is also an ugly sea of mid-tone greys.

It isn’t unheard-of for an Apple TV app from a major third party to fail to adhere to platform conventions. The Amazon Prime app doesn’t look or behave anything like a native app because it’s basically a web app. Hulu and Netflix also have some pretty crappy apps that don’t really function like a tvOS app ought to.

But this also isn’t unlike Google, which has completely disregarded platform standards with their major iOS apps for years. There’s nothing wrong with making apps of a particular style — my favourite developers all have their unique quirks and styles that help identify their apps as theirs — but Google’s apps frequently feel less like they’re trying to create branded iOS apps and more like they want their Android apps to run on iOS.

This isn’t a new argument, and Google has become a moderately better citizen on iOS over the past couple of years: their sharing glyph now looks like the system standard one instead of lazily copying the shape they use on Android, for example. This new YouTube app for tvOS is a step back, however. It feels like a half-assed port. When there’s no clear effort by a huge company like Google to even try to make their products fit a different platform, it indicates a lack of care and attention to detail. It also demonstrates that users’ expectations and learned behaviours are less important than self-promotion and branding.

What it shows, ultimately, is a lack of consideration for design.

The Facebook Flattening

Matt Klinman of Funny or Die, in an interview with Sarah Aswell of Splitsider on the effect of Facebook’s algorithmic timeline changes on independent media:

This writer John Herrman writes about this a lot — he used to write for The Awl, rest in peace — he talks about how Facebook flattens everything out and makes it the same. That’s how we have a Russian propaganda problem. An article from something like, I don’t know, Rebel Patriot News written by a Macedonian teen or something looks exactly the same as a New York Times article. It’s the same for comedy websites. There’s a reason that Mad magazine looks different from Vanity Fair. They need to convey a different aesthetic and a different tone for their content to really pop. Facebook is the great de-contextualizer. There’s no more feeling of jumping into a whole new world on the internet anymore — everything looks exactly the same.

The premise of this piece is that “Facebook is killing comedy” — Funny or Die had to lay off a bunch of writers because of reduced traffic from Facebook. I’ve written about that before because, while I think websites like Funny or Die should be less dependent on traffic from any one source, but Facebook is not entirely blameless either.

This pullquote, though, is one of the best encapsulations I’ve seen of the effects of Facebook’s ecosystem, particularly its ability to erase context.

FCC Says Releasing ‘Jokes’ It Wrote About Ajit Pai Colluding With Verizon Would ‘Harm’ Agency

Dell Cameron, Gizmodo:

At its own discretion, the Federal Communications Commission has chosen to block the release of records related to a video produced last year in which FCC Chairman Ajit Pai and a Verizon executive joke about installing a “Verizon puppet” as head of the FCC.

In a letter to Gizmodo last week, the agency said it was withholding the records from the public in order to prevent harm to the agency — an excuse experts say is a flagrant attempt to skirt federal transparency law.

I’m not certain internal records are required to damage the agency’s reputation these days.

The Apple Music Long Game

Kirk McElhearn:

As streaming takes over from buying music, what’s the endgame? If Apple rolls in a major video offering – either as part of the Apple Music service, or as an add-on – then will Spotify be bought out by, say, Netflix? Amazon already has both, and there probably won’t be room for more than two or three players in that market.

Netflix doesn’t offer a free tier. Why would Apple offer one with a subscription to streaming music — and so far, at least — original video programming?

Apple’s Mysterious Search Engine Already Exists

Something fishy is going on in the world of Apple-centric websites. Yesterday, I posted a link to a silly piece arguing that Apple Music needs a free tier. Today, Dennis Sellers of Apple World Today is surprised by the idea that Apple might be working on a search engine:

A couple of years ago, Apple posted a listing to its Jobs at Apple page describing an engineering project manager position for “Apple Search.” Could the company could be working on a full-fledged search engine for use on macOS and iOS platforms?

This already exists. It’s built into Spotlight on MacOS and the iOS search function that used to be called Spotlight. It’s also baked into Safari and Siri, the latter of which Sellers notes in his article.

It’s almost like both of these pieces were written by people completely unfamiliar with Apple’s ecosystem. Maybe I’m wrong — maybe I’m just being cocky, and Apple is working on a rival to Google.com. Maybe I’m completely misguided here. But I don’t think so; both of these articles seem pretty boneheaded.

HomePod Review Roundup

Reviews of the HomePod are going live across the web this morning ahead of its release this Friday, and it seems like it’s living up to what was promised: a very good speaker with extraordinary audio engineering and limited Siri capabilities.

Nicole Nguyen, Buzzfeed:

[Kate Bergeron, vice president of hardware engineering,] was speaking to a small group of tech bloggers, including myself, last Monday in Apple’s Cupertino, CA-based audio lab, just minutes from the new Apple Park spaceship campus. About six years ago, according to Bergeron, the company began working on HomePod by attempting to answer this question: “What if we decided to design a loudspeaker that we could put in any room, and it wouldn’t affect the sound?”

This question is very different from the question the Amazon Echo and Google Home are trying to address. Those speakers’ primary aim is to offer hands-free help, by way of turning on the lights in the living room, telling you what traffic to work is like, setting timers, and playing podcasts while you’re busy cooking breakfast.

Matthew Panzarino, TechCrunch:

The sound that comes from the HomePod can best be described as precise. It’s not as loud as some others like Google Home Max or as bright (and versatile) as the Sonos Play 1, but it destroys the muddy sound of less sophisticated options like the Amazon Echo. To genuinely fill a large room you need two but anyone in a small house or apartment will get great sound from one.


While you can send texts and take notes and set reminders and handle phone calls begun on your iPhone, that’s about all of the extracurriculars and they’re all focused on single-user experiences. If you’re logged in to your iCloud account, all of the messages and calls are yours and come from you. That’s great if you’re a single dude living alone, but it completely falls apart in a family environment. Apple allows you to toggle these options off as the iCloud account owner and I recommend you do before it all ends in tears. Unless you live alone in which case Mazel, it sounds peaceful.

Joanna Stern, Wall Street Journal:

There are other problems I won’t shut up about: Many people will put a HomePod in the kitchen, yet it can’t set two simultaneous cooking timers. It can’t wake me up to “Wake Me Up Before You Go-Go,” either. Echo and Google Home can do both. Apple says it is improving Siri all the time.


Siri turns out to be quite a good butler. Through the Home app, you can set up various HomeKit-compatible smart-home devices, and the voice prompts to control them. With Philips Hue lightbulbs and three iHome smart plugs, I was quickly commanding Siri to change my nightlight to a fuchsia hue, make tea via my electric kettle and turn on the humidifier.

Brian X. Chen:

Most bizarre thing about HomePod: It didn’t play music relevant to my listening history or prefs when asked “Hey Siri, Play some music.”

Siri should be better on HomePod because it’s the primary way to control it. But yeah, it’s worse.

I don’t think it’s a mistake to question whether Siri’s lacklustre abilities will be a hindrance to the success of the HomePod. Apple may be positioning it as a great speaker first and a smart speaker second, and the market will get to tell them whether that’s a reasonable way to judge the product. And, perhaps, people will love it for a speaker alone — it’s clearly a very good one. The more damning thing to consider about Siri is not that it is poor on the HomePod, but that it is poor everywhere. Fortunately, software can be updated, so that just means that we need to see some commitment from Apple that Siri is a high priority.

Ajit Pai’s FCC Cites Obama-Era Broadband Investments

Stop me if you’ve heard this one before, but an assessment made based on the actions of the current American administration has been undermined by their complete lack of scruples.

Crazy, I know.

Earlier this year, the FCC voted to retain a faster definition of broadband established by the previous administration. As far as I could tell, the defeated proposal was simply a way to broaden the definition of broadband and give the impression in reports that access to broadband had improved for Americans without doing the work of actually, you know, investing in better networks. After it was voted down, I figured that this FCC administration would, at least, avoid resorting to ridiculous tactics to gain the impression of a policy win without any actually good policy. But I should have known better.

Jon Brodkin, Ars Technica:

Anyone who is familiar with the FCC chairman’s rhetoric over the past few years could make two safe predictions about this report. The report would conclude that broadband deployment in the US is going just fine and that the repeal of net neutrality rules is largely responsible for any new broadband deployment.

But the FCC’s actual data—based on the extensive Form 477 data submissions Internet service providers must make on a regular basis—only covers broadband deployments through December 2016. Pai wasn’t elevated from commissioner to chairman until January 2017, and he didn’t lead the vote to repeal the net neutrality rules until December 2017. And, technically, those rules are still on the books because the repeal won’t take effect for at least another two months.

The timing means that it would be impossible for Pai to present evidence today that broadband deployment is increasing as a result of the net neutrality repeal. But the report claims that’s exactly what happened anyway and says that future data will bear that out. To support its argument, the report claims that broadband deployment projects that were started during the Obama administration were somehow caused by Pai’s deregulatory policies.

Not only are they counting Obama-era — and net neutrality-era — investment plans as evidence of improved broadband deployment thanks to rules friendly to giant ISPs, they’re also citing past investments that have since been curtailed due to policies implemented by this FCC administration. That’s some bullshit anti-consumer behaviour.

In the U.S., Apple Music is Growing Faster Than Spotify in Paid Users

Michael Simon, Macworld:

According to The Wall Street Journal, Apple is on track to overtake Spotify in U.S. paid subscribers, a sign that the three-year-old music service is making serious inroads in a highly competitive landscape. The report states that Apple Music has been gaining U.S. subscribers at a 3 percent higher clip than Spotify, a trend that would give Apple’s music service a higher subscriber rate by the summer, assuming it continues.

That’s terrific news for Apple Music, especially considering that it is only available as a paid service. I wouldn’t be surprised if many users are paying more for music now than they have for a long time. You might think — quite reasonably, I believe — that this indicates that Apple’s strategy is working well.

But not Simon:

With a free Apple Music tier, Apple would not only get music fans to flock to its service in droves, it could also use it as a way to advertise HomePod as the best way to listen to Apple Music at home and AirPods as the ultimate on-the-go solution. With quick ads between songs, it would be speaking directly to a captive audience who shares a love for music. Simply put, there’s no better way to advertise.

Without trying to predict the future, I don’t think this fits the existing Apple Music strategy. The HomePod’s integration is clearly best with Apple Music, but I’m not sure that’s a reason to provide a free tier; the free trial more aptly demonstrates the advantages of subscribing to Apple Music.

More than anything, I think Simon falls into the same trap many others do: Apple isn’t setting out to build the biggest user base, but a large paying user base. A free trial accomplishes that goal; a free tier does not.

Reuters: CFPB Investigation Into Equifax ‘Put on Ice’

Patrick Rucker, Reuters:

The CFPB has the tools to examine a data breach like Equifax, said John Czwartacki, a spokesman, but the agency is not permitted to acknowledge an open investigation. “The bureau has the desire, expertise, and know-how in-house to vigorously pursue hypothetical matters such as these,” he said.

Three sources say, though, Mulvaney, the new CFPB chief, has not ordered subpoenas against Equifax or sought sworn testimony from executives, routine steps when launching a full-scale probe. Meanwhile the CFPB has shelved plans for on-the-ground tests of how Equifax protects data, an idea backed by Cordray.

The CFPB also recently rebuffed bank regulators at the Federal Reserve, Federal Deposit Insurance Corp and Office of the Comptroller of the Currency when they offered to help with on-site exams of credit bureaus, said two sources familiar with the matter.

An investigation of this size and scope will, of course, take lots of time and may not always take a linear direction, but there should never be a question about whether it is proceeding at all. Consumers should never have to wonder whether the Bureau is operating in their best interests, especially given the impact of the Equifax breach on virtually every American adult with a credit card, mortgage, or car.

Major Publishers Are Turning Away From Facebook Instant Articles

Pete Brown, Columbia Journalism Review:

Of 72 publishers that Facebook identified as original partners in May and October 2015, our analysis of 2,308 links posted to their Facebook pages on January 17, 2018, finds that 38 publications did not post a single Instant Article — the platform’s fast-loading, native format. In the meantime, Facebook has continued to tout Instant Articles as a success among its journalism efforts. Instant Articles enjoyed rapid expansion in 2017, it says. But if many of the largest reputable outlets are falling out, which publications are driving that growth?

Do we think Facebook admits that Google AMP is winning the incredibly dumb race for proprietary news article format, that they keep trying to make Instant Articles work, or that they just give up on news altogether?

Women Once Ruled Silicon Valley

Emily Chang of Bloomberg has a new book coming out next week:

I’ve spent the last eight years covering Silicon Valley, most recently as the anchor of Bloomberg Technology. During that time, gender disparities have always hung in the background, present but often unacknowledged. Off-camera, guests would sometimes complain about a Silicon Ceiling — a sense that women’s opportunities in the tech world are severely limited — but they rarely wanted to discuss the subject on the record. And so, two years ago, I set out to investigate the problem and, more important, try to understand what the industry can do about it. The tragedy, as I argue in my book, Brotopia, is it didn’t have to be this way. The exclusion of women from technology wasn’t inevitable. The industry, it turns out, sabotaged itself and its own pipeline of female talent.

An excerpt from “Brotopia” was published earlier this year in Vanity Fair; in it, Chang lifted the lid on the drug-induced orgies thrown by prominent venture capitalists and attended by their clients.

WeChat, Already Deeply Entrenched in China, Begins Program to Integrate With National ID

Shannon Liao, the Verge:

China’s most popular messaging app, WeChat, has always had a close relationship with the Chinese government. The app has been subsidized by the government since its creation in 2011, and it’s an accepted reality that officials censor and monitor users. Now, WeChat is poised to take on an even greater role: an initiative is underway to integrate WeChat with China’s electronic ID system.

It may be hard for people outside of China to grasp just how influential WeChat has become there. “For all intents and purposes WeChat is your phone, and to a far greater extent in China than anywhere else, your phone is everything,” wrote Ben Thompson, consultant and founder of the blog Stratechery. “There is nothing in any other country that is comparable: not LINE, not WhatsApp, not Facebook.”

Here’s something that news stories like these make me increasingly convinced about: progress on the exciting parts of sci-fi — instant transportation to the other side of the world, flying cars, and the near-eradication of hunger and diseases in developing nations, for example — feels impossibly slow, but the scary and dystopian parts are already here.

Increase in Apple Music Commission Rate, But Decrease for iTunes Music


As Apple Music continues to grow we are enhancing the affiliate program by increasing commissions for members of the base program. Beginning April 5th, 2018, we will increase payments to affiliates on Apple Music globally, paying twice as much as we do today. You will earn a one time 100% commission on the first month of a user’s subscription to Apple Music; this is twice the existing rate which pays 50%.


Also beginning in April, iTunes Music commissions will be reduced from 7% to 2.5% globally. The commission rate on movies, books, and TV will remain at the current 7% commission.

It isn’t notable that Apple is pushing Apple Music; it is notable, I think, that they’re pushing away from music sales on iTunes. I don’t think it necessarily betrays some hypothetical strategy of discontinuing music sales, but it’s a sign of the times. Remember when people wanted to own their music? That time is over — at least, for most.

Wired Launches Their Paywall

Wired has been one of the worst offenders for intrusive ads and overly-aggressive anti-ad blocking scripts that prevent you from reading the article. Subscribing online will drop all ads from their website, which is terrific, but there’s no word on whether non-subscribers will have a better reading experience to entice them to sign up. Based on what I’ve seen so far today, they don’t seem very worried that readers’ initial impression will still be pretty poor.

Nintendo Comfirms Mario Kart Tour Game for Smartphones

Sam Machkovech, Ars Technica:

Following a release of Switch sales information earlier on Wednesday, Nintendo closed the day by confirming two major releases coming by the end of the company’s current fiscal year: the paid Nintendo Switch Online service, and the first version of Mario Kart for smartphones.

The latter, currently titled Mario Kart Tour, will launch “in the fiscal year ending in March 2019,” according to both the company’s Wednesday investor call and a brief announcement on Nintendo’s social media channels. The only information we have about the game thus far is the logo you can see at the top of this article.

In their previous earnings report, Nintendo said that Super Mario Run for iOS yielded disappointing revenue. I don’t think you can expect the same business model for Mario Kart Tour.

The Mac, the Myth, the Legend

Michael Steeber, 9to5Mac:

Following the news that Apple had refocused their plans for iOS 12 around stability and performance over new features, many were quick to liken the move to a “Snow Leopard release” of iOS. In recent years, the phrase has reached mythological status in the Apple community, a catch-all referring to stable software and “the good ol’ days” of the Mac.

But how did this perception develop? Was Mac OS X Snow Leopard really the gold standard of software releases, an undefeated champion in the halls of computing history? Believe it or not, the meme is almost as old as the software itself.

Snow Leopard practically set the template for the tick-tock MacOS release cycle: Leopard followed by Snow Leopard; Lion followed by Mountain Lion; Yosemite followed by El Capitan; Sierra followed by High Sierra.1 All of these names — and, indeed, many of these releases’ marketing pitches — imply that nearly every major new release since Leopard has been followed by a refined version of that release. However, the ostensibly refinement-type releases haven’t always been markedly faster or more stable — at least, in the x.0 release of each.

I wonder if this is partially or even largely a perception problem. If MacOS had been on a two year cycle — e.g. every refinement-type release and its associated updates were instead delivered as standard software updates — I wonder whether the bad reputation of some releases would be less pronounced. Or, perhaps, if it would simply feel like each version of MacOS is simply unreliable over a greater period of time.

  1. Mavericks being the exception to this pattern. ↩︎

Counterpoint to Rumours of the Nature of a Snow Leopard-Esque iOS Release

Stephen Hackett, on Ina Fried’s report earlier today that some iOS 12 features would be delayed until next year so the development team can focus more on reliability and quality:

That would be a bold choice in the mobile space, but in taking their foot of the gas, I hope Apple can address some core issues in iOS. That said, High Sierra was a release framed this way, and it has had a litany of problems since its launch in the fall.

And Michael Tsai:

I imagine that it’s normal for some features to get cut, so it’s not clear how much of a change this is.


All of this is to say that this sounds good on the surface, but I would have preferred to hear about schedule changes rather than feature cuts. I would be more excited about a 10.13.11 than a less ambitious 10.14.0.

While High Sierra experienced a couple of fairly serious security vulnerabilities and has its share of irritating bugs, Snow Leopard — the go-to example of a refinement-oriented release — wasn’t exactly immune. It shipped with a bug that sometimes wiped user data after logging into a guest account, a bug which took months to fix; and, like High Sierra, Snow Leopard experienced a text rendering bug as well. We should hope software gets better over time, of course, but you can look back at every single new version of MacOS and find bugs that categorically should not have shipped. I don’t expect the next version of iOS — or MacOS, for that matter — to be an exception, but I hope it is.

Telephone X

Remember that Ming-Chi Kuo investor note that was republished by AppleInsider last week, which claimed that Apple might not reduce the price of the current-generation iPhone X come September, but instead discontinue it? Well, that fairly mundane rumour was spun by all sorts of writers into an apocalyptic nightmare scenario where Apple’s flagship iPhone is barely selling and would be cancelled.

An Elite Daily writer interpreted this investor note as though no future iPhones would look or feel like the iPhone X, but Kuo’s note says that Apple will have three iPhones shipping this year with Face ID and iPhone X-like screens. A Complex writer even went so far as to claim that the iPhone X is “dead”.

The Macalope:

The Macalope isn’t surprised by what Kuo actually said at all. To him the idea behind the iPhone X has been to serve as an advanced technology release. Of course, pundits have long been after Apple to update the iPhone form factor more frequently. So it makes perfect sense they’d use a rumor of Apple updating the form factor more frequently against the company at the first chance.

I don’t think there’s a vendetta against Apple here, or anything like that. I just think some hack writers love the idea, however imaginary, of Apple’s flagship release being a complete bust. If you were to play a game of Telephone with a bunch of bad-faith writers and Kuo’s note, you’d get a similar result.

Axios: Apple Is Delaying iOS Features Previously Planned for This Year and Prioritizing Quality

Ina Fried, Axios:

Apple has shaken up its iOS software plans for 2018, delaying some features to next year in an effort to put more focus on addressing performance and quality issues, Axios has learned.


Software head Craig Federighi announced the revised plan to employees at a meeting earlier this month, shortly before he and some top lieutenants headed to a company offsite.

Pushed into 2019 are a number of features including a refresh of the home screen and in-car user interfaces, improvements to core apps like mail and updates to the picture-taking, photo editing and sharing experiences.

Reliability and quality may not be as easily saleable in the short-term compared to new features, but it can pay off in the long run as a big deposit in Apple’s so-called “brand bank”. And, for what it’s worth, there are lots of people outside Silicon Valley who struggle to keep up with the rapid pace of software changes as it is.

For me, the big question is whether MacOS will also get a quality and reliability-focused release this year, too.

Update: Mark Gurman at Bloomberg is confirming Ina Fried’s report with some additional information about what features have been delayed.

Virtual Assistants and Voice Feedback Verbosity

Paris Martineau, the Outline:

Why do voice assistants need to talk so much? If you’ve ever used one of Amazon’s ridiculous, yet rather addictive (I have two) Echo products, you know what I’m talking about: Whether you’re setting a timer, or asking her to play a podcast, Alexa just won’t shut the fuck up. Even when you give it a relatively simple command (like, “Alexa, set an alarm for 6 a.m.,” or “Alexa, set timer for five minutes” it always responds with either a partial or total repetition of your phrase (“Okay, alarm set for 6 a.m. tomorrow,” or “Timer set for five minutes”), which can be more than a little annoying when it’s two in the morning and you don’t exactly want a booming robot voice waking your roommates up a wall over.

Siri does this too, but it’s smart when used on an iPhone: voice feedback is much less verbose if you activate Siri by using a hardware button instead of saying “Hey, Siri”. Of course, it’s only able to be smarter because it has a screen.

Audio-based feedback is helpful for confirming requests on a screen-less voice-driven interaction, but I often wish these replies could be faster and less wordy. As Martineau says, it is a bit annoying when the virtual assistants get the request right, but I think it’s even more irritating when something is interpreted incorrectly. I’m sure there are some users who love the attempt at personality, but I’m sure I’m not the only one who would love a sliding scale where I could reduce its veneer of humanity. More generally, I’m not convinced that attempts at anthropomorphizing technology actually makes it any more useful or trustworthy.

Toggling iCloud Requires a Full Sync of iCloud Photo Library

Adam C. Engst, TidBits:

However, there’s a nasty side effect of turning iCloud off and back on: iCloud Photo Library needs to re-upload all your photos. It does this in order to compare the library’s contents to the synchronization “truth” at iCloud. Fair enough, except that this process can take days, depending on the size of your Photos library and the speed of your Internet connection. Bad Apple! We don’t see that sort of poor performance with Dropbox or Google Drive, and this behavior is both unnecessary and driving people away from iCloud Photo Library.

It turns out that there are quite a few actions that can cause your entire Photos library to be re-uploaded to iCloud […]

I keep over 350 GB of photos stored in iCloud, which would take me nearly a full week to re-upload — assuming I did not want to do anything else on my home internet connection at the time.

This is an especially bad behaviour because toggling iCloud is one of the first troubleshooting steps you’ll encounter when you try to fix anything related to iCloud or syncing. Oddly enough, both behaviours should be fixed: iCloud Photo Library should be able to more efficiently compare local and remote libraries, and toggling iCloud should not be seen as a troubleshooting step due to how interruptive it is.

Update: Whether your iCloud Photo Library is entirely re-uploaded is unclear at the moment. Engst says that his re-sync was faster than the initial iCloud Photo Library upload, so he’s not sure that it’s re-uploading everything. But Apple’s documentation indicates that it is a “re-upload”, and Kirk McElhearn (via Michael Tsai) also says that his library was re-uploaded as well.

App Annie’s Comparison of App Downloads and Revenue on Google Play and the App Store

Sarah Perez, TechCrunch:

Smartphone adoption in emerging markets just delivered the highest number of app downloads Google Play has ever seen in a quarter. According to today’s report from App Annie, Google Play app downloads topped 19 billion in Q4 2017, a new record. That also makes Google Play’s download lead over iOS its largest ever, at 145 percent.


iOS, as is typical, led Google Play by a wide margin – nearly a 2x lead – with $11.5 billion in worldwide consumer spend in the quarter, the report found. This was driven in large part by the U.S, which was number one in consumer spend market share in Q4 2017 across iOS and Google Play.

If you keep in mind that App Store downloads were less than half of Google Play downloads, that means that the earnings per app download are close to five times greater on the App Store.

Apple themselves announced several weeks ago that they saw record App Store revenues in the holiday quarter and across 2017 as a whole. That, and this report from App Annie, should mean that the App Store is a good place for developers to make money. But the money doesn’t seem to flow to independent developers; based on App Annie’s report, it seems to be going primarily to game developers in the form of in-app purchases, and subscriptions to media services like Netflix and Spotify.

Google to Let Users Hide Individual Remarketing Ads

Jon Krafcik of Google:

You visit Snow Boot Co.’s website, add a pair of boots to your shopping cart, but you don’t buy them because you want to keep looking around. The next time that you’re shopping online, Snow Boot Co. might show you ads that encourage you to come back to their site and buy those boots.

Reminder ads like these can be useful, but if you aren’t shopping for Snow Boot Co.’s boots anymore, then you don’t need a reminder about them. A new control within Ads Settings will enable you to mute Snow Boot Co.’s reminder ads. Today, we’re rolling out the ability to mute the reminder ads in apps and on websites that partner with us to show ads. We plan to expand this tool to control ads on YouTube, Search, and Gmail in the coming months. […]

“Reminder ads” is a hell of a euphemism for having a picture hawking a pair of boots follow you across every website you visit.

I find this entire announcement disingenuous. I doubt users are telling Google that they don’t want to see specific remarketing ads; I bet most users simply don’t want to be tracked across the web. This feature does nothing to address the latter. It’s a veneer of respect for users’ wishes overtop a business model built on questionable privacy practices and still-creepy behaviour.

By the way, I bet users’ “mutes” will be used to inform their ad targeting profiles. What they don’t want to see can be just as valuable to advertisers as what they would ostensibly like to see.

Grading Apple’s 2017

Jason Snell:

It’s time for our annual look back on Apple’s performance during the past year, as seen through the eyes of writers, editors, developers, podcasters, and other people who spend an awful lot of time thinking about Apple.


Judging by my panel’s responses, 2017 was something of a bounce-back year for most of Apple’s core platforms. But there was still plenty of concern to go around, especially when it came to the quality of Apple’s software.

This whole thing is worth reading, but there are some responses I’d like to highlight.

On the iPhone (responders graded products, services, and initiatives on a scale of 1–5):

“iPhone X is a 5. Apple’s messaging on the battery issues was a 1,” wrote iMore’s Serenity Caldwell. “A year that should have been a slam dunk for the company was marred by security issues and battery concerns.”

If it weren’t for Apple’s inadequate initial responses to their degraded battery mitigation software, the biggest iPhone PR problem they would have faced in 2017 would likely have been the pricing of the iPhone X — and I think that would have been almost a non-issue.

On iCloud:

“While I am happy I can finally share my storage with my family, I think Apple has still a lot of work to do when it comes to cloud,” wrote Carolina Milanesi. “Collaboration on iWork is very rudimental compared to Google Docs.”


“2017 is the year I stopped worrying about data syncing — iCloud works consistently for me,” wrote Gabe Weatherhead. “Unlike previous years, I’m actually looking forward to more things moving to iCloud. I’d like to see Apple add more Dropbox-like options but I’m pretty happy where they are going with the service.”

It is remarkable just how far iCloud has come in the past few years. If you had asked me five years ago whether I’d want Apple hosting my photo library, I’d unequivocally say “no”. These days, though, I have little concern about storing my photos in iCloud, syncing all sorts of stuff, and even switching on the Messages in the Cloud feature in the latest iOS beta release. It really is very good.

iWork is still a weak point, though. The desktop apps remain buggy, and the collaborative features aren’t as nice as those in Google Docs.1 It’s frustrating because Google Docs’ web apps are horrible compared to any iWork app, bugs and all. Right now, I don’t think there is a suite of Office-like productivity apps that’s both really nice to use and has great collaborative features.

On HomeKit:

“I’m still satisfied with walking over to the switch to turn my lights on and off,” wrote Dr. Drang. “Quite reliable.”

Me too.

On software quality:

“Dear Apple: release less frequently and release better,” wrote Jessica Dennis. “Consumers don’t really mind more time between major revisions; we vastly prefer reliability and stability.”


“Many apps and areas of the operating systems are in disrepair,” wrote Michael Tsai. “With the tradeoff triangle of schedule/features/quality, Apple has clearly been prioritizing the schedule and (to a lesser extent) features. Major OS releases ship with large numbers of bugs, and there isn’t time to fix them all before the next major release, which introduces more.”

When I posted last year’s report card, I noted that 2016 was a bad year for software quality. 2017 makes 2016 look alright by comparison.

I don’t know what’s going on at Apple. Tsai’s hypothesis makes the most sense to me, but I have no idea if it’s reflective of what’s going on inside Apple. Maybe they’re preparing major platform changes that have impacted their ability to deliver reliable software; but, even if that’s the case, currently-shipping products should take priority, right? Maybe it has become too easy to release smaller patches, so bugs are shipped because they’re comfortable fixing them post-launch to meet a schedule.

There’s one thing I’m sure has had an impact for users who actually report bugs: all bug reports must now include a sysdiagnose file and, as of a couple of iOS and MacOS versions ago, those files are hundreds of megabytes large. When I filed a report a few days ago against a relatively minor Spotlight bug in MacOS,2 I had to upload a near-400 MB sysdiagnose file and a 120 MB Spotlight diagnostics file. Both of these failed to send on the first attempt so, in the end, I had to upload over a gigabyte of data. That’s discouraging. I understand the value of diagnostic files and weeding out people who aren’t committed to filing bug reports, but you’ve got to be really committed these days if you want to file a bug report. It means that if you don’t have half an hour to commit to filing a report, you’re probably just going to ignore it; that means Apple might not be aware of it, and it might not get fixed.3

I don’t disagree with the panel’s overall scoring. Their average grades for the Mac, Apple Watch, cloud services, and internet-of-things devices ticked up marginally; but software quality really took a beating. I hope that’s a priority this year, if not the priority.

  1. We use Google Docs where I work. ↩︎

  2. When I do a unit conversion from inches to meters, I get a result; if I try from inches to metres, I don’t. rdar://36716925↩︎

  3. I filed a tech note requesting a “slim” version of sysdiagnose that would give Apple enough information for bug reporting purposes without requiring so much user commitment. If you’d like to dupe it, it’s rdar://36717471. Update: This request was closed. Apple maintains that it’s more efficient to require huge sysdiagnose files. ↩︎

AT&T’s Push for a Fake Net Neutrality Law Begins in Earnest

Karl Bode, Vice:

After successfully lobbying to kill net neutrality and broadband privacy protections, the company this week took out a full page ad (embedded below) in papers ranging from the New York Times to the Washington Post. In it, AT&T CEO Randall Stephenson insists AT&T is so concerned about consumer welfare, it’s backing a new effort for an “internet bill of rights.”


In just the last few years, the company has been fined $18.6 million for helping rip off programs for the hearing impaired; fined $10.4 million for ripping off a program for low-income families; and fined $105 million for helping “crammers” by intentionally making fraudulent charges more difficult to see on customer bills.

This is the same company that also charged broadband subscribers more money simply to protect their own privacy, was caught ignoring drug dealers running a directory assistance scam, and has repeatedly been busted violating net neutrality.

Consumers certainly do need a “bill of rights” to protect them from the business-as-usual actions of AT&T and its competitors. For that reason, they shouldn’t get to write the law. Their lobbyists are hard at work getting representatives like Marsha Blackburn to introduce favourable legislation, and that’s why Americans need to speak up, and speak loudly. A collective voice that will not tolerate the loss of net neutrality is something a congressperson isn’t eager to fight.

Government Accountability Office to Investigate Sketchy Net Neutrality Comments Left on the FCC’s Website

Tom McKay, Gizmodo:

Under the tenure of its new Donald Trump-appointed chair Ajit Pai, the Federal Communications Commission recently revoked Barack Obama-era regulations mandating service providers abide by net neutrality rules. But on the way there, the agency had to overlook millions of allegedly fraudulent comments submitted to its Electronic Comment Filing System — likely corrupting one of the only methods for the public to make its voice heard during the rule-making process.

Now, the Government Accountability Office has said it will investigate the “possibility of fraud and identify theft” in the public comments on the FCC’s decision to eliminate the net neutrality rules, TechCrunch reported on Tuesday. But there’s one major caveat: It won’t do so for five months.

A reminder that an unnamed senior FCC official specifically cited spam during a press briefing as a reason why the commission ignored effectively all of the comments they received.

Coding as a Universal Language

Another great piece by Riccardo Mori:

Somehow I had missed this Tim Cook interview on The Guardian, but fortunately I have Kirk McElhearn in my RSS feeds, and his recent article The Tech Industry’s Tunnel Vision about Coding and Language has brought that interview to my attention.

Irritatingly, the article doesn’t present the full text of Cook’s contribution, just a series of quotes. And, like Kirk, I was a bit let down by this one in particular:

I think if you had to make a choice, it’s more important to learn coding than a foreign language. I know people who disagree with me on that. But coding is a global language; it’s the way you can converse with 7 billion people.

It’s easy to forget that most programming languages — and certainly all of the major ones — are written in entirely English words: if, then, while, and even shortened versions of English words like var for a variable. It’s not enough to know what words to put where; good programmers understand the specific use of these words, and that requires an understanding of the grammatical syntax of English.

What would it take for a programming language — like, say, Swift — to be translated into multiple human languages? That would be a remarkable feat, and if it truly is more important to be able to write software than to learn a second language — and I’m not convinced it is — it would open doors to lots of non-English speakers who are aching to code.

More Secure Email Isn’t Ready for Consumers Yet

Jon Christian of the Outline tried jettisoning Google for the secure confines of ProtonMail, only to find a poorly-functioning search feature ostensibly because of encrypted messages. And:

It’s worth noting that the lack of a robust search feature isn’t the only criticism of ProtonMail. Whether it provides better security depends largely on what sort of threats you’re worried about. While ProtonMail might provide some advantages to people who are concerned about government snooping, Google’s vast expertise and computing infrastructure arguably mean that it’s better equipped to defend against garden-variety hackers.

Even if you were concerned about state actors gaining access to your email, you may also be better served by a company as large as Google or Microsoft. Although they do grant many government information requests, both companies also have teams of lawyers who fight back.

In any case, email simply isn’t secure. If you’re worried about an advertising company holding onto your email, fine: use ProtonMail or, if you need full message search, try something like iCloud Mail, FastMail, or even hosting your own. If you’re worried about hackers, a bigger company is probably going to serve you better than a smaller one, assuming you have a secure, unique password for your email account. If you’re concerned about an IT manager at your organization noticing that you’re leaking confidential information to journalists, PGP-encrypted emails might help. If you have reason to believe the government really is snooping your email account, it doesn’t really matter which email provider you use.

HomePod Preorders Begin January 26 for February 9 Availability in U.S., U.K., and Australia

What a confusing and confused product launch this is. There’s very little additional information beyond what was announced at WWDC, with the exception of a feature and a technology being postponed:

Coming this year in a free software update, users will be able to play music throughout the house with multi-room audio. If HomePod is in the kitchen, users can ask Siri to play jazz in the dining room, or play the same song in each room — perfectly in sync. If there’s more than one HomePod set up in the same room, the speakers can be set up as a stereo pair for an even more immersive sound experience.

Connectivity between multiple HomePods requires AirPlay 2, which has also been postponed from its intended iOS 11.0 ship date.

Nobody likes an armchair quarterback, but hopefully you’ll forgive me for briefly indulging.

The announcement of this product at WWDC has confused me from the start. Some reports have compared the HomePod’s delay to that of the AirPods but, while the shipping delay on the latter product was regrettable, its announcement alongside the iPhone 7 — the first iPhone without a headphone jack — made complete sense. It finished the story.

This, though, is just bizarre. All things considered, a delay of about a month and a half isn’t terrible. But what difference would there have been if Apple had announced the HomePod when it was ready and simply pending regulatory approval? I don’t see any reason why the HomePod had to be announced at WWDC last June.

It might be unfair of me to suggest this. Perhaps the reason I’m so skeptical of this launch is that the HomePod was not demonstrated onstage when it was announced. Its features were described publicly; after the keynote, journalists were given small, limited demos. That’s the extent of public information on this product. I’m especially curious to know if it will be demoed at all in Apple’s retail stores — and how.

The HomePod could be a good — even great — product. But it’s not confidence-inspiring for Apple to set a public deadline, miss it, then launch the product with key features missing and almost no demonstrated capabilities of it performing as expected.

A bit of good news, though: Apple says that the HomePod will be available in France and Germany “this spring”.

FCC Report Keeps Faster Definition of Broadband

Devin Coldewey, TechCrunch:

Broadband will continue to be defined as a connection with speeds of 25 megabits down and 3 megabits up. Another proposed definition of 10 down and 1 up was decried by critics as unrealistic for several reasons; not only is it insufficient for many ordinary internet applications, but it would let providers off the hook, because they would be counted as having deployed broadband if it met this lowered standard.

Fortunately, that isn’t the case, and the 25/3 standard remains in place.

To my eyes, this proposal was clearly an effort by the current Republican-led FCC to bend the numbers and give the impression of greater broadband competition than truly exists.

The iPad’s Graduation

Ryan Christoffel wrote a great article for MacStories covering the features he’d like to see in future iOS versions for the iPad. I love a lot of his ideas — persistent background “daemons” and multiple instances of the same app, in particular — but its his conclusion that I want to draw attention to:

The iPad is already proving a formidable Mac-alternative for some users – what happens if it continues closing the gap by adopting the Mac strengths I’ve listed? If the iPad offered support for multiple instances of an app, was available in a more diverse array of hardware, allowed apps to get things done persistently in the background, was home to Xcode, Final Cut Pro, and Logic Pro equivalents, and became a proper shared device with multiple user accounts – why would people continue using the Mac?

The Mac will always have a base of users who are most comfortable with it and don’t want to transition to a new thing. But that base, in this hypothetical advanced-iPad future, likely wouldn’t be big enough to merit continued investment from Apple into the platform.

Sales of iPads are already many times greater than sales of Macs, at least in units, but the Mac has generated more revenue over the past couple of years at least. But that’s okay — I think Apple would be completely happy to cannibalize lower-end Macs by selling more iPads.

But I don’t think that necessarily means investment in the Mac will be destroyed. If anything, it could allow Apple to focus on the development of higher-end Macs. Even if everything on Christoffel’s wishlist were to appear across an iPad lineup that spans the gamut between the entry-level $329 model and some crazy $2,000 high-end iPad Pro Pro, I’m not yet convinced that investment in the Mac line would be impacted for the users who most need a more traditional computer. I think Apple would be thrilled to have two platforms that people immediately think of when they think about getting things done.

For what it’s worth, I’m also not yet convinced that it will be easy or smooth to transition to an iPad for Mac users in the awkward not-quite-Pro middle ground — for example, me. But I will be concerned about that if and when it happens for me.

iOS 11 Adoption Reaches 65%

Juli Clover, MacRumors:

iOS 11 is now installed on 65 percent of iOS devices, according to new statistics Apple shared yesterday on its App Store support page for developers.


28 percent of devices continue to use iOS 10, while earlier versions of iOS are installed on seven percent of iOS devices.

Since iOS 11 was released, its adoption rate has been quite a bit slower than iOS 10 adoption rates in 2017. In January of 2017, for example, iOS 10 was installed on 76 percent of iOS devices.

Via Michael Tsai:

This is curious because iOS has gotten more pushy about getting you to update. iOS 11 still supports the iPhone 5s, so I don’t think the difference is due to old devices that can’t update. It sounds like a large number of users are choosing not to, and living with the annoying notification prompts.

Perhaps the reason for this is that iOS 11 simply isn’t as compelling of a software update for iPhone users as was iOS 10; but hypothetically lax iPhone upgrades should, theoretically, be offset by rapid adoption on the iPad, where iOS 11 was a massive release. Or maybe fewer iOS devices have been sold with iOS 11 preinstalled, but that would conflict with Apple’s earnings forecast — they haven’t issued revised guidance on the Q1 2018 numbers that they are scheduled to announce on February 1.

While it’s still well ahead of Android update rates, I would love to know why iOS 11 has such comparatively lax adoption.1 It must be frustrating for developers who are aching to update their apps with new capabilities and more efficient API use.

Update: Farhad on Twitter:

One big thing you’re leaving out in your analysis is that many people still have 16GB iPhones and can’t be bothered to clear the ~3-5GB they need to to install the update…

This is probably true as well — even though Apple stopped selling new 16 GB iPhones with the iPhone 7, it’s going to take a long time to flush smaller-capacity devices out of the market.

Update: Another factor might be that iOS 11 dropped support for 32-bit devices and apps.

  1. My hunch — and this is just a hunch — is that reports of bugginess and instability made users wary of upgrading. The last time upgrades to a new version of iOS lagged so far behind the past major update was with iOS 8, initial releases of which were plagued by bugs. Every new iOS release has also seen breathless reporting on bugs, but it felt more widespread this year. ↩︎

Once There Was an Internet We Were Happy to Be On

Without equating or taking advantage of several unrelated and heartbreaking events — the end of the Awl and the Hairpin, 2016’s shuttering of the Toast, the destruction of Gawker the consolidation of much of our media diets behind a handful of algorithmically-served feeds, and so on — I’ve been thinking constantly about this excellent piece from two years ago by Alex Balk. Appropriately enough, it was published in the Awl:

Remember how the Internet used to be good? If you’re below a certain age you do not. Sorry. It must be awful to hear old people always going on about how the Internet once brought things other than pain, despair and a self-loathing so refined that its shame is only surpassed by the way the very idea of diving into the Internet’s bottomless well of sewage sickens you even as you leap, which you do each day despite of the vomitty feeling it inspires before, during and after. Just take my word for it, young people, there was a time when the Internet was a thing you were excited to be a part of. […]

I don’t know how accurate this is, but it certainly feels right — perhaps even more so as of late than it did when it was published.

Tim Cook Promises That a Future iOS Update Will Allow Users to Disable Degraded Battery-Triggered Performance Throttling

Benjamin Mayo, 9to5Mac:

Apple had already said that a future iOS update will give users more insight into the state of their battery. In an interview with ABC News, Tim Cook was asked for his take on Apple slowing down iPhones with degraded batteries. He revealed that the developer beta including these features will be released next month, with a public release to follow after.

Moreover, he says that this forthcoming update will give users the option to disable the throttling to maintain normal CPU performance, but will be at risk of unexpected shutdowns.

This is a bizarre decision. Mayo on his own website:

I struggle to see the motivation for Apple to go further and make the behaviour optional. The existence of this setting, which will be available in a iOS developer beta released next month, is a contradiction of what Apple said in the public apology letter. The letter intelligently argues that the throttling was put in place to improve the user experience. With that context taken as truth, this revelation from Cook is essentially an announcement of a feature that users can enable to make their experience worse.

Users quite rightly felt that Apple did not clearly communicate this behaviour, but allowing users to increase the likelihood their iPhone randomly shuts off seems like a decision that’s only there to ward off complaints — and lawsuits — claiming that Apple is coaxing you to pay them to swap your battery. That justification isn’t stellar; you and I both know that the kind of people who force quit all their apps are going to recommend to their friends that they just toggle turbo mode on.

See Also: Michael Tsai’s roundup.

BMW’s Apple CarPlay Annual Fee Is Next-Level Gouging

Tim Stevens of CNet has been digging more into BMW’s annual CarPlay fee:

And then I read that Matt Bubbers, an automotive journalist for the Globe & Mail, was given a curious statement by a representative from BMW Canada. He was told that Apple will be changing its fee structure such that manufacturers would need to pay on a per-car, per-annum basis to keep CarPlay running. That statement has since been retracted and a BMW Canada representative told me that Mr. Bubbers was given “inaccurate information.” However, in the confused hours in between initial statement and subsequent retraction, I was left wondering: just what does Apple charge for CarPlay, and indeed what does Google charge for Android Auto?

The answer, as I’d find out, is basically nothing — though it is a little more complicated than that.

In speaking with multiple sources at various manufacturers who offer cars with Apple CarPlay and/or Android Auto, I was quickly able to confirm that such fees, at least right now, do not exist. CarPlay and Android Auto, which are free for we consumers to use, are also provided for free for manufacturers to embed into their cars.

Here’s the crazy thing: even if Apple were not currently waiving the MFi per-device licensing fee, my understanding is that automakers would still only have to pay for the cost of a single Lightning connector component — which includes Apple’s royalty — per car, if they supplied their own connector cables. If they mount a USB port in the car instead and require drivers to supply their own Lightning-to-USB cable, I don’t believe that Apple would charge a royalty anyway. There are additional development costs for automakers to integrate and test CarPlay with their own system, and Stevens says that Apple charges a fee to participate in the MFi/Made for Apple accessory program.

Even with those costs, though, I can’t see a reasonable justification for BMW to charge owners $80 per year to use CarPlay — other than, of course, because they can.

Update: There is an authentication co-processor component as well.

On the Receiving End of Being De-Prioritized in Facebook’s News Feed

Filip Struhárik, editor and social media manager at Slovakia’s Denník N newspaper:

Our traffic decreased by three percent in November and by nearly six percent in December 2017 (real users, year-on-year). Traffic to some other (mostly smaller) sites fell by tens of percentage points after the Explore Feed test started.

For a long time, Facebook was a main source of traffic for Denník N — around 40 percent of our readers came from Facebook. But this has changed. In December, less than 30 percent of our traffic came from Facebook. In November and December 2017, we had more visitors from Google than from Facebook for the first time (and it’s happening everywhere).

Although our reach, engagement, interactions and consumption have fallen dramatically, something interesting is happening. When we look at our “Reach Engagement Rate”, we can see that it‘s growing, especially after the Explore Feed test started.

What this suggests is that Facebook is concentrating visitors into audiences. This may reduce traffic and minimize the spread of biased and misleading news links amongst casually-interested users, but Struhárik’s post indicates that it could reinforce more active users’ news bubbles too.

BMW to Make Apple CarPlay a Subscription Service on New Models

Alanis King, Jalopnik:

While a lot of manufacturers stick Apple CarPlay into their vehicles as standard equipment these days, The Verge reports that it’s been a one-time $300 charge for BMW buyers since BMW started offering it on cars with built-in navigation in 2017. But BMW North America’s technology product manager Don Smith told The Verge that’ll change next year, and CarPlay will cost owners $80 a year.

To be clear, there’s nothing remotely subscription-based in CarPlay from a consumer’s perspective. The phone connects to the car’s screen, displays its own UI, and routes its audio through the car’s speakers — that’s pretty much it. There’s no justification for this other than nickel-and-diming iPhone users.

Apple Announces a New U.S. Campus and Increased Manufacturing Investment Fund


Combining new investments and Apple’s current pace of spending with domestic suppliers and manufacturers — an estimated $55 billion for 2018 — Apple’s direct contribution to the US economy will be more than $350 billion over the next five years, not including Apple’s ongoing tax payments, the tax revenues generated from employees’ wages and the sale of Apple products.

Planned capital expenditures in the US, investments in American manufacturing over five years and a record tax payment upon repatriation of overseas profits will account for approximately $75 billion of Apple’s direct contribution.

As of right now, I am no longer paying my taxes like everyone else. I am contributing to the Canadian economy, and will be issuing a self-congratulatory press release every April.

By the way, Apple estimates that they will pay $38 billion to repatriate $245 billion in income stored internationally, so the actual increase in expenditures and investments in American manufacturing will be $37 billion over five years, or about $7.2 billion per year.

Apple expects to invest over $30 billion in capital expenditures in the US over the next five years and create over 20,000 new jobs through hiring at existing campuses and opening a new one. Apple already employs 84,000 people in all 50 states.

The company plans to establish an Apple campus in a new location, which will initially house technical support for customers. The location of this new facility will be announced later in the year.

This is pretty big news. I’ve seen a handful of reports stating that this will be Apple’s “second” campus. It is not. Apple already has two well-known campuses — Infinite Loop and Apple Park — plus at least one more, in Austin, Texas.

There’s a lot to love about this press release; but, like many of the corporate gestures following last month’s U.S. tax cuts, I don’t see anything here that couldn’t have been done at the previous tax rate if companies like Apple were unable to withhold income internationally. I’m going to get emails for writing that, right?

Update: Tim Bradshaw of the Financial Times breaks down how Apple is calculating their $350 billion economic contribution:

Wednesday’s headline $350bn figure, though, does not include that kind of thing. What it does include is its annual spending with US-based suppliers and manufacturers over five years, capital expenditure plans for its new campus and data centres and a record tax payment related to its repatriation of overseas profits.

Spending with US suppliers was $50bn last year and will be $55bn this year, Apple says. Cynics might argue that this is money Apple would have spent anyway.

Bradshaw on Twitter:

Breaking down Apple’s $350bn “direct contribution” to US:
$275bn+ of spending with US suppliers at $55bn+/year
+$38bn tax bill (estimated) for repatriation of overseas profits
+$30bn capex on new campus, data centres etc
+$5bn adv manuf fund

A 10% year-over-year increase in supplier spending certainly doesn’t have the impression of that eye-popping $350 billion figure, but it’s nothing to sneeze at either.

I’m interested to see how — if — Apple’s competitors respond.

A Brief Critique of the Horrible UI of Hawaii’s EMA Alert System

Ever since Amy Wang published these two paragraphs in the Washington Post, my Twitter timeline has been lit up with UI designers wanting to know how what is described here is possible:

Shortly after 8 a.m. local time Saturday, an employee at the Hawaii Emergency Management Agency settled in at the start of his shift. Among his duties that day was to initiate an internal test of the emergency missile warning system: essentially, to practice sending an emergency alert to the public without actually sending it to the public.


Around 8:05 a.m., the Hawaii emergency employee initiated the internal test, according to a timeline released by the state. From a drop-down menu on a computer program, he saw two options: “Test missile alert” and “Missile alert.” He was supposed to choose the former; as much of the world now knows, he chose the latter, an initiation of a real-life missile alert.

Today, the Honolulu Civil Beat published a photo of this menu. I’ve reproduced it here for ease of discussion:

Photo of Hawaii Emergency Management alert screen by Honolulu Civil Beat.
Hawaii Emergency Management alerts screen

Look at this list. I mean really look at it. The link that the operator clicked is marked “PACOM (CDW) – STATE ONLY”; the one that they should have clicked is marked “DRILL – PACOM (CDW) – STATE ONLY”.

  1. This list appears to be in no particular order. The link to initiate an internal test is not beside the one for a live, public alert, nor is grouped with other internal tests.

  2. The use of uppercase text is inconsistent. In some instances — “PACOM” and “CAE” — it is used for initialisms, but in others — “DRILL” and “TEST” — it is used for emphasis. In the case of the two links here, uppercase is used for both emphasis and an initialism.

  3. On a related note, uppercase text is harder to read than mixed-case text.

  4. Aside from the text itself, here are no visual clues in this list to differentiate a test alert from a live alert.

Without knowing how this system is built, it would be ridiculous to suggest they modernize it or create separate menus for test and live alerts. In fact, I think the simplicity of this menu is a strength, not a weakness. But there are some steps that I think the Emergency Management Agency could take to reduce the likelihood of this happening again:

  1. Reorder the list so that test alerts are grouped together, and clearly separated from live alerts.

  2. Clarify the use of uppercase words. Because government agencies love to use initialisms, that is, by default, the only instance in which uppercase words should be used. All other words should be in sentence or title case.

  3. Differentiate test and live alerts further. If it is not possible to change their colour, perhaps it is possible to add a symbol in front, even something as simple as three exclamation marks to indicate that the alert will be sent to the public. Test alerts should also be more clear; perhaps prefacing each one with something as simple as “Internal Only:” would make it easier to understand that those alerts won’t be public.

    I know I’m making it sound trivial to differentiate each kind of alert, but it isn’t — it needs to be something that’s clear in both a calm test-only environment and in an emergency.

  4. More clearly indicate the false alarm option, as it is neither a test nor an emergency live alert. It undoes a previous live alert, and should more clearly indicate that.

As I wrote above, I don’t know what is possible within the existing emergency system; even something as apparently simple as reordering the list may require many hours of work. But I don’t think the options above are entirely unreasonable and, in conjunction with requiring that more than one person sign off on issuing an alert, would add an extra layer of safety by reducing complexity in this UI.

Update: Marcel Honore of the Honolulu Civil Beat reports that the UI shown above is not, in fact, identical to the UI that an operator would see:

However, state officials now say that image was merely an example that showed more options than the employee had on the actual screen.

“We asked (Hawaii Emergency Management Agency) for a screenshot and that’s what they gave us,” Ige spokeswoman Jodi Leong told Civil Beat on Tuesday. “At no time did anybody tell me it wasn’t a screenshot.”

Honore obtained a different screenshot which, while prettier, still has the same problems as the example screenshot above.

Thanks to Kyle Dreger for pointing me to this update.

The Awl Ends

The Awl and the Hairpin announced today that, as of the end of this month, both will stop publishing. I’m gutted. Both have been a must-read for me every single day for years. They will be missed.

Update: Christina Warren:

As we saw with Gawker, DNA Info/Gothamist, and now The Awl sites, independent media needs support more than ever. These voices are too important to just disappear.

All of these publications have been shuttered for different reasons. None were, as far as I know, heavily buoyed by Facebook referral traffic. But with Facebook deemphasizing publisher pages you can expect to see more independent media organizations losing staff or shutting down from a raw decline in traffic. Independent publishers — this aspiring one included — need to find a more sustainable revenue source.

See Also: Writers published in the Awl nominate their favourite Awl pieces.

Apple Music’s Album View

Dave Mark:

Over the weekend, someone started a thread asking why an artist’s album view in Apple Music has gotten so cluttered.

To see this for yourself, pick a relatively modern artist and check out their list of albums in the Music app. For example, fire up Siri and say:

Show me all the Bruno Mars albums

When the Bruno Mars page appears, scroll down to the Albums section and tap See All. Amongst the actual Bruno Mars albums, you’ll find a lot of singles and EPs. Way more singles and EPs than actual albums, in fact.

It gets worse than that — many artists list both clean and explicit versions of each release, which means that the Album view in Apple Music is often twice the apparent size.

Mark and Kirk McElhearn put the blame on the ID3 audio metadata standard, and that’s fair: ID3 doesn’t have a field to distinguish between LPs, EPs, singles, and other release types.

The iTunes Store worked around the ID3’s limitations by sorting releases by popularity — I presume — instead of reverse chronologically. Compare, for example, Kanye West’s albums on the iTunes Store and Apple Music. The iTunes Store fits one more release onscreen than Apple Music but, more importantly, everything shown on the iTunes Store is a full-length album; on Apple Music, all six releases shown at the top of the Albums screen are singles.1 I don’t know if sorting by popularity is translatable to Apple Music and its users’ listening patterns, but it is perhaps worth investigating.2

Of note, Spotify does not have this problem; it correctly separates albums and singles. I don’t know how they do this — manually, perhaps? — but it makes Apple Music look sloppy by comparison.

  1. And five of them are collaborations where West is only a featured artist on the track. ↩︎

  2. I’d also like to see separate clean and explicit releases consolidated in Apple Music, with a toggle at the bottom of the album page to show one or the other. Showing both and effectively treating them as separate releases just creates clutter. ↩︎

Facebook’s News Feed to Deemphasize Publishers, Video

Alex Kantrowitz, Buzzfeed:

Facebook on Thursday introduced major changes to its News Feed that will prioritize content it hopes will spark meaningful conversations between friends while deprioritizing content from businesses, brands, and media. The move is widely expected to hurt publishers that rely on traffic from Facebook.

Fred Vogelstein interviewed Adam Mosseri of Facebook for Wired:

FV: Talk to me about like the evolution of this. What’s changed over the course of the past 18 months to make you feel like this is something worth doing?

AM: The biggest thing has been just the explosion of video. Video is a paradigm shift in a lot of different ways. We’ve done a lot to try and nurture it. We think video is going to continue to be a more and more important part about how people communicate with each other, and how publishers communicate with people.

But as video has grown on Facebook, it has changed the nature of how people interact with the platform in a lot of different ways. Video is, primarily, a passive experience. You tend to just sit back and watch it. And while you’re watching it, you’re not usually liking or comment or speaking with friends. So this change is, in part, a reaction to how the ecosystem has shifted around us.

Less than a year ago, Facebook was actively encouraging publishers to create video specifically for their platform. Entire companies laid off employees and began a “pivot to video”, to the extent that even that phrase became a cliché in publisher circles, but most of the videos were lightly edited ads that — unsurprisingly — failed to find an audience. In a handful of markets, Facebook already moved publishers’ posts to a secondary news feed, with predictable consequences.

It is absolutely critical for publishers to disconnect from their reliance upon major referrers like Facebook and Google. And, yet, I’m not sure that’s realistic for a lot of major media organizations. Referral traffic remains a massive source of visitors — as Casey Newton points out, however, visitors are not the same thing as an audience. And, as I wrote six months ago, I think it’s a mistake to write off changes by referral sources as the fault of the publisher for relying upon that traffic:

As companies like Facebook and Google increasingly dominate actual publishers for how users get their news, even creating proprietary formats like Instant Stories and AMP for preferential treatment, shouldn’t their practices be scrutinized to a greater degree? Is it really fair for the rug to be pulled out from under publishers’ feet when their primary referrer decides it’s convenient for their business model? Does it make sense for the future of the worldwide digital media economy to be decided by a few young men in California? To return to the argument against publishers’ reliance upon traffic sources like Facebook and Google, is it possible to build a successful new publication without them?

Publishers shouldn’t be reliant upon Facebook and Google sending them traffic,1 but that truth also abdicates the responsibility of large tech companies.

Joshua Topolsky of the Outline is optimistic that the hit to publishers from a lack of Facebook traffic won’t be as significant as the hit to Facebook from a lack of news posts:

Facebook, despite all its best intentions, is still just a dumb pipe — a thing that delivers, not the thing itself. The pipe must be filled up, yes, with stuff like groups you belong to and photos of new babies, yes with Messenger conversations and events and fundraisers. But information is currency, and what is valuable to most people is to know what the fuck is going on in the world and to try and understand it. That doesn’t go away because Facebook wants to keep its hands clean. It simply goes somewhere else. Even the market had a negative reaction to this news, stripping around $25 billion off the network’s market cap following the announcement. I don’t think that’s a fluke — I think Facebook doesn’t know what its product really is.


Frankly, any publisher relying on Facebook for survival fucked up. But there’s a flip side to this. There’s the opportunity for outlets willing to rely less on social networks to set their fate, publishers who have diversified their traffic sources, who have pushed back on Facebook’s News Feed carrots, who have built (or are building) brands that resonate with audiences beyond what can be bought or given. Value not gifted by Facebook could be a very good thing for publishers. (And yes, I get that I’m also talking about The Outline, which is fighting for its right to survive in a very uncertain landscape every single day.)

I hope this means a new dawn for good publications, and an awakening to build a dedicated audience instead of simply driving traffic.2 I also think that this unfairly excuses Facebook from building their business on publishers and media for years. A consequence Facebook would understand is if their active users dropped — unfortunately, even if you, I, and most of the people we know stopped using Facebook, their Borg-like dominance on the web is unparalleled. But we can make a difference in the fortunes of publishers: support them financially by subscribing.

Update: Borzou Daragahi:

Terrifying to think how much one rich man’s decision on what direction he wants to take his company will have an impact on people’s epistemological sense of self – how they perceive the world. It’s too much power.

  1. In fact, publications that are entirely dependent on traffic from Facebook or Google are, typically, nothing you’d actually want to read anyway. ↩︎

  2. Covering websites in ads that generate money solely based on the number of views and clicks likely has a significant role in this. ↩︎

Missed Click Panic in Hawaii

Graham Cluley:

The Washington Post sheds some more light on what went wrong:

Shortly after 8 a.m. local time Saturday morning, an employee at the Hawaii Emergency Management Agency settled in at the start of his shift. Among his duties that day was to initiate an internal test of the emergency missile warning system: essentially, to practice sending an emergency alert to the public without actually sending it to the public.

Around 8:05 a.m., the Hawaii emergency employee initiated the internal test, according to a timeline released by the state. From a drop-down menu on a computer program, he saw two options: “Test missile alert” and “Missile alert.”

This sounds like terrible user interface design to me. Why have the genuine “Jeez Louise! Freak out everybody!” option slap-bang next to the harmless one labelled “Test the brown alert”?

Even though the menu option still required confirmation that the user really wanted to send an alert, that wasn’t enough, on this occasion, to prevent the worker from robotically clicking onwards.

How on Earth were those buttons next to each other? And why can just one person send an alert like this to millions of people? And, finally, why weren’t the local authorities authorized to send out a retraction of this alert for thirty-eight minutes?

Birdcage Liners

Joel Spolsky:

Both Twitter and Facebook’s selfish algorithms, optimized solely for increasing the number of hours I spend on their services, are kind of destroying civil society at the same time. Researchers also discovered that the algorithms served to divide up the world into partisan groups. So even though I was following hundreds of people on social networks, I noticed that the political pieces which I saw were nevertheless directionally aligned with my own political beliefs. But to be honest they were much… shriller. Every day the Twitter told me about something that The Other Side did that was Outrageous and Awful (or, at least, this was reported), and everyone was screeching in sync and self-organizing in a lynch mob, and I would have to click LIKE or RETWEET just to feel like I had done something about it, but I hadn’t actually done anything about it. I had just slacktivated.

What is the lesson? The lesson here is that when you design software, you create the future.

The public awakening in the past year to the more toxic and unethical effects of Silicon Valley firms, generally, is long overdue. The tech industry should have done a better job of regulating themselves for years, but they now have an opportunity to make up for their delinquency. I worry that they are incapable of doing so, and could be answering to the current U.S. administration instead.

Update:Market forces” isn’t a good answer to any of this.

Google’s Increasingly Creepy Suggestions

Brad Frost:

But ultimately, Facebook is a place you go to. You can decide whether you want to visit the restaurant, or just continue throwing their flyers in the recycling bin alongside the coupon-stuffed weekly circulars and junk mail.

Google is equally needy, but feels a lot more insidious than Facebook. Unlike Facebook, Google isn’t just a place you go. It’s built into the infrastructure of your life. It’s your house. It’s the roads and sidewalks you travel on. Google is a lot more infrastructural than Facebook, which is why breeches of trust feel a lot weirder and scarier.

Turns out that if you buy a smartphone that runs an operating system made by an advertising company that loves to scoop up as much user data as it can, it’s going to endlessly nag you to provide more information to that company. That’s not to say that anyone who buys an Android phone is an idiot for expecting otherwise; on the contrary, users’ expectations should guide Google’s actions.

Also, always remember that someone actually built this stuff. There are, of course, employees in every industry who hang their souls up when they walk into their office, but very few have the kind of power and responsibility of a global tech giant.

See Also:Death to Bullshit”, also by Frost.

The Biggest Tech Show in the World Is Hopelessly Retrograde

Maya Kosoff, Vanity Fair:

The stagnation goes beyond C.E.S.’s scant diversity and casual sexism, extending to the products themselves, which feel like rehashed versions of the same technologies, packaged and presented in only slightly new ways. Year after year, the show produces more of the same from headlining companies: Internet-connected refrigerators (which have been around since 1998 but have failed to take off, despite their persistent presence on showroom floors); self-driving cars; and virtual- and augmented-reality technology. It’s telling that the most interesting thing that has happened so far this year was the show’s complete loss of power on Wednesday, which offered a brief, terrifying preview of the sort of Stone Age hysteria we can expect if the Internet of Things ever takes down the power grid.

Ben Bajarin published a decent piece today about Apple’s fading influence at CES. He has theories on why that may be, like Amazon’s Alexa devices dominating the smart speaker space, and a more mature consumer electronics market. But I have another theory: maybe CES is full of companies trying to carve their own little space with expensive gadgets that don’t work well and, ultimately, are of little relevance to what consumers will actually want or buy. Sure, there were plenty of products shown that work with Apple’s ecosystem — mostly HomeKit — but so much of what is shown at CES is just gadgetry for the sake of gadgetry. Does it matter how much Apple’s influence is felt at a showcase of stuff that’s mostly irrelevant?

Apple Starts Selling Linksys Mesh WiFi System, Comments on AirPort Lineup

Zac Hall, 9to5Mac:

When asked about the move to sell a third-party mesh system and the future of the AirPort line, an Apple spokesperson shared this with 9to5Mac:

People love our AirPort products and we continue to sell them. Connectivity is important in the home and we are giving customers yet another option that is well suited for larger homes.

Apple’s choice for that option is the Linksys Velop Whole Home Mesh Wi-Fi System which comes in two flavors: $350 for a 2-pack system or $500 for a 3-pack solution. The Tri-Band Wi-Fi system is rated to provide coverage for 2,000 square feet with each Node which can be configured from the Linksys iPhone and iPad app.

There are non-answers, and then there are Apple-grade non-answers. That statement confirms that WiFi is basically an expectation these days — duh — and that they are presently selling their AirPort lineup. More telling, though, is what they don’t say: there’s no confirmation that they’re even remotely interested in continuing to offer their own base station, which is remarkable even less commitment than they made to updating the Mac Mini.

In addition to this move, Mark Gurman’s reported in 2016 that Apple had disbanded the AirPort team, and I’ve heard thirdhand that no updates are planned.1 I’m convinced that the AirPort lineup is dead and will quietly be removed from Apple’s store and website in the not-too-distant future.

Update: Good question from Al Rumball-Smith:

I’ve been trying to work out what’s the future for Time Capsule then? iCloud?

I think something like Time Machine in the Cloud is a reasonable guess. I could also see more third-party routers supporting Time Machine via a USB-connected hard drive — apparently, some Netgear and Asus routers have done so for a while.

Update: A reader email reminded me that Apple took at least two months to patch their base station products to protect against a significant WiFi vulnerability. iOS and MacOS were updated within two weeks. I don’t know if the thirdhand information I have is right, of course, but the general thrust of the reports I’ve seen and moves Apple has made when it comes to their AirPort lineup strongly suggests that they’re not interested in the WiFi router market much longer.

  1. They haven’t even bothered to update the iOS app with support for the iPhone X’s display. ↩︎