Gian Volpicelli and Samuel Stolton, Bloomberg:

Under the EU’s Digital Services Act, the bloc can slap online platforms with fines of as much as 6% of their yearly global revenue for failing to tackle illegal content and disinformation or follow transparency rules. Regulators are considering whether sales from SpaceX, Neuralink, xAI and the Boring Company, in addition to revenue generated from the social network, should be included to determine potential fines against X, people familiar with the matter said, asking not to be identified because the information isn’t public.

These are all businesses privately owned by Elon Musk; Tesla, as a publicly traded company, is reportedly not being factored into the calculation. According to a Bloomberg source, the Commission is trying to decide if they should be penalizing the owner of the business and not the business itself.

Matt Levine, in Bloomberg’s Money Stuff newsletter:

See, you’re not really supposed to do that: X is its own company, with its own corporate structure and owners; 6% of X’s revenue is 6% of X’s revenue, not 6% of the revenue of Musk’s other companies. But if everyone thinks of the Musk Mars Conglomerate as a single company, then there’s a risk that it will be treated that way.

I can see how the penalty formula should not be stymied by carefully structured corporations. There should be a way to fine businesses breaking the law, even if their ownership is obfuscated.

But that is not what is happening here. As reported, this seems like an overreach to me. Even though Musk himself disregards barriers between his companies, as Levine also documents, a penalty for the allegedly illegal behaviour of X should probably be levied only against X.

Dominic Wellington responded thoughtfully to speculation, including my own that a device management key for suppressing screen recording alerts in MacOS Sequoia was added in part because of employee monitoring software:

[…] I know perfectly well that these sorts of tools exist and are deployed by companies, but I suspect they are more prevalent in the sorts of lower-paid jobs that don’t rate fancy expensive Macs. This is why I don’t think employee surveillance (or test proctoring, which is Nick Heer’s other example) can be sufficient explanation for Apple walking back the frequency of this notification. Meanwhile, Zoom et al are near-universal on corporate Macs, and are going to be correspondingly closer to top of mind for administrators of Mac fleets.

This is a fair and considered response, and I think Wellington is right. Even though screen recording capabilities are widespread in employee surveillance products, I do not know that they are very popular. I oversold the likelihood of this being a reflection of that software.

Joe Rossignol, MacRumors:

Apple sells two external displays, including the Pro Display XDR and the Studio Display, but neither has received hardware upgrades in years. In fact, the Pro Display XDR is nearly five years old, having been released all the way back in December 2019.

Via Michael Tsai:

This is not surprising, since Apple has historically taken a long time to update its displays. I don’t think the panels necessarily need to be updated. But it’s disappointing because the Studio Display has well documented camera problems and power issues. I had high hopes that, coming from Apple, it would be reliable as a USB hub, but I end up directly connecting as many storage devices as possible to the meager ports on my MacBook Pro.

Displays are a product category conducive to infrequent updates. The plentiful problems I have been reading with the Studio Display, in particular, worry me. Most sound like software problems, but that is not consolation. Apple’s software quality has been insufficiently great for years and, so, it does not surprise me that a display running iOS is not as reliable as a display that does not use an entire mobile operating system.

Charlie Warzel, the Atlantic:

Even in a decade marred by online grifters, shameless politicians, and an alternative right-wing-media complex pushing anti-science fringe theories, the events of the past few weeks stand out for their depravity and nihilism. As two catastrophic storms upended American cities, a patchwork network of influencers and fake-news peddlers have done their best to sow distrust, stoke resentment, and interfere with relief efforts. But this is more than just a misinformation crisis. To watch as real information is overwhelmed by crank theories and public servants battle death threats is to confront two alarming facts: first, that a durable ecosystem exists to ensconce citizens in an alternate reality, and second, that the people consuming and amplifying those lies are not helpless dupes but willing participants.

On one of the bonus episodes of “If Books Could Kill”, the hosts discuss Harry Frankfurt’s “On Bullshit” which, after they re-read it, disappointed them. They thought the idea was interesting but were frustrated by the lack of examples and, in trying to find examples of their own, found it difficult to find those which were only bullshit and not lies.

I feel as though they missed the most obvious family of examples: all conspiracy theories necessarily become bullshit, if they did not already begin that way. Consider how the theories cited by Warzel begin with a nugget of truth, from which a theory is extrapolated to serve a narrative role — against (typically) Democratic Party politicians, against Jewish people, against scientific understanding, in favour of a grand unifying order that purportedly explains everything. The absence of evidence for a conspiracy theory is, itself, evidence to believers. All of this is steeped in bullshit. Believers in these things do not care to find understanding in known facts; rather, they perceive the world through this lens and bullshit until it all fits.

This story by Warzel documents that trajectory with perfect pitch. It is now politically incorrect in many circles to have beliefs that align with those of experts in their fields. Regardless of what is being discussed, the only safe speech is aggrieved bullshit. In a disaster, however, such speech can be dangerous if people believe it.

Apple in the release notes for MacOS 15.1 beta:

Applications using our deprecated content capture technologies now have enhanced user awareness policies. Users will see fewer dialogs if they regularly use apps in which they have already acknowledged and accepted the risks.

John Gruber:

Why in the world didn’t Apple take regular use of a screen-recording app into account all along?

Benjamin Brooks:

I think this is the question you ask when you have not used a Corporate Mac in the last 4-5 years. For those who are, you know that companies install applications which take screenshots and screen recordings of certain or all activities being done on the Mac. You know, for security.

When users began noticing the screen recording permissions prompt over the summer, I remember lots of people speculating Apple added it because of possible spyware or domestic violence behaviour. That is a plausible explanation.

But Brooks’ keen observation is something I, in hindsight, should have also considered, and I am kicking myself for forgetting about the possibility. I now remember linking to things like employee surveillance software and online test proctoring — applications which monitor users’ screens effectively by force, something one will agree to unless they want to change jobs or not complete an exam. I believe this is supported by — and casts a new light upon — a device management key available to system administrators for suppressing those permissions prompts.

I am not much of a true crime podcast listener, but the first three episodes of “Kill List” — Overcast link — have transfixed me.

Jamie Bartlett:

Besa Mafia was a dark net site offering hitmen for hire. It worked something like this: a user could connect to the site using the Tor browser and request a hit. They’d send over some bitcoin (prices started from $5,000 USD for ‘death by shotgun’). Then they’d upload the name, address, photographs, of who they wanted killed. Plus any extra requests: make it look like a bungled robbery; need it done next week, etc. The website owner, a mysterious Romanian called ‘Yura’ would then connect them with a specialist hitman to carry out the commission.

[…]

In the end, Carl investigated one hundred and seventy five kill requests. Each one a wannabe murderer. Each one a potential victim — who Carl often phones and break the crazy news. “The hardest calls I’ve ever made” Carl tells me. “How do you explain that someone wants you dead?!” (Carl would be indirect, gentle. He tried to make sure the victim felt in control. But often they hung up. “They didn’t believe me. They thought I was a scammer”).

I am not sure I agree with Bartlett’s conclusion — “more and more complex crimes will be solved by podcast journalists” is only true to the extent any crime is “solved” by any journalist — but it does appear this particular podcast has had quite the impact already. What a fascinating and dark story this is.

A bit of background, for those not steeped in the world of WordPress development: there exists a plugin called Advanced Custom Fields (ACF) which allows developers to create near-endless customization options for end clients in the standard page and post editor. It is hard to explain in a single paragraph — the WordPress.com guide is a good overview — but its utility is so singular as to be an essential component for many WordPress developers.

ACF was created by Elliot Condon who, in 2021, sold it to Delicious Brains. At this point, it was used on millions of websites, a few of which I built. I consider it near-irreplaceable for some specific and tricky development tasks. A year later, the entire Delicious Brains plugin catalogue was sold to WPEngine.

Matt Mullenweg:

On behalf of the WordPress security team, I am announcing that we are invoking point 18 of the plugin directory guidelines and are forking Advanced Custom Fields (ACF) into a new plugin, Secure Custom Fields. SCF has been updated to remove commercial upsells and fix a security problem.

[…]

Similar situations have happened before, but not at this scale. This is a rare and unusual situation brought on by WP Engine’s legal attacks, we do not anticipate this happening for other plugins.

This is an awfully casual way of announcing WordPress is hijacking one of the most popular third-party plugins in the directory. Mullenweg cites policy for doing so — WordPress can “make changes to a plugin, without developer consent, in the interest of public safety” — but the latter paragraph I quoted above makes clear the actual motive here. The “security problem” triggering this extraordinary action is a real but modest change to expand a patch from a previous update. But WordPress has removed the ability for WPEngine to make money off its own plugin — and if users have automatic plugin updates turned on, their ACF installation will be overwritten with WordPress’ unauthorized copy.

Iain Poulson, of ACF:

The change to our published distribution, and under our ‘slug’ which uniquely identifies the ACF plugin and code that our users trust in the WordPress.org plugin repository, is inconsistent with open source values and principles. The change made by Mullenweg is maliciously being used to update millions of existing installations of ACF with code that is unapproved and untrusted by the Advanced Custom Fields team.

It is nearly impossible to get me to feel sympathetic for anything touched by private equity, but Mullenweg has done just that. He really is burning all goodwill for reasons I cannot quite understand. I do understand the message he is sending, though: Mullenweg is prepared to use the web’s most popular CMS and any third-party contributions as his personal weapon. Your carefully developed plugin is not safe in the WordPress ecosystem if you dare cross him or Automattic.

I have been trying to stay informed of the hostile relationship between WordPress, Automattic, and Matt Mullenweg, and third-party hosting company WPEngine. Aram Zucker-Scharff put together a helpful and massive set of links to news coverage. Michael Tsai has a good collection of links, too, and Emma Roth and Samantha Cole have published notable articles.

From a distance, it looks like an expensive pissing match between a bunch of increasingly unlikable parties, and I would very much appreciate if it never affects my self-hosted version of WordPress. Maybe it is a little confusing that WPEngine is not affiliated with WordPress, but I only learned this week that WordPress.org is personally owned by Mullenweg and is not actually affiliated with Automattic or WordPress.com. From Mullenweg’s perspective, this confusion is beneficial, but the confusion with WPEngine is not. From my perspective, I would not like to be confused.

Also, if Mullenweg is mad about WPEngine — and Silver Lake, its private equity owner — benefitting from the open source nature of WordPress without what he feels is adequate compensation, I am not sure he has a leg to stand on. It does not sound like WPEngine is doing anything illegal. It is perhaps rude or immoral to build a private business named after and on the back of an open source project without significantly contributing, but surely that is the risk of developing software with that license. I am probably missing something here.

Well, add XOXO to the list of conferences I was never able to attend. The final edition occurred this year and it looked pretty special.

Happily, if you — as I — were unable to attend in person, Andy Baio has begun uploading videos of this year’s talks. I have watched those from Cabel Sasser, Dan Olson, Molly White, and Sarah Jeong. These are all worth your time — and so are, I am sure, the ones I have not yet seen.

Update: Be sure to watch Sasser’s talk before exploring an amazing archive he is assembling. Seriously — watch first, then click.

Jonathan M. Gitlin, Ars Technica:

Last night, after a wait of roughly an hour after the official start time, Elon Musk spoke to a crowd of Tesla fans and some journalists on a film studio backlot in California to give us an update on the company’s much-talked-about pivot to robotics. […]

[…]

After promising that “unsupervised FSD” is coming to all of Tesla’s five models — “now’s not the time for nuance,” Musk told a fan — he showed off a driverless minibus and then a horde of humanoid robots, which apparently leverage the same technology that Tesla says will be ready for autonomous driving with no supervision. These robots — “your own personal R2-D2,” he said — will apparently cost less than “$30,000” “long-term,” Musk claimed, adding that these would be the biggest product of all time, as all 8 billion people on earth would want one, then two, he predicted.

These announcements are almost certainly bullshit, and correctly contextualized by Gitlin. Mix the axiom “what can be asserted without evidence can also be dismissed without evidence” with the boy who cried “wolf!”, and the result is this media event — and that is without factoring in the usual Tesla sloppiness. These are three brand new products, all of which are purportedly future-defining, rambled about in the span of about thirty minutes on a random Thursday in October. Nothing is finished. Musk called two of the products “Cybercab” and “Optimus Robots”, but the company’s website refers to them as “Robotaxi” and “Tesla Bot”. Everything is hypothetical until proven otherwise.

The robot is particularly galling. The automotive industry has a long history of building humanoid robots: Honda’s ASIMO, Toyota’s Partner series, and General Motors’ work on NASA’s Robonaut 2. Some of these perform more specialized tasks. All of them have been around for a while. None of them are in widespread use. Tesla’s should be treated as an elaborate fiction until anyone outside the company can confirm even the most fundamental qualities it is claimed to possess.

Oh, and speaking of claims on the website, I want to address this:

To create a sustainable future, we must democratize transportation. We do this by making driving more efficient, affordable and safe. Autonomy makes this future possible, today.

Musk — for the featherweight of his words — said the Robotaxi would cost “less than $30,000” and be available “before 2027” — that is, to be clear, not “today”. If this thing ever ships, it will still require car-like infrastructure and ample space, even though it carries only two people.

Public transit, which is available today, is the very definition of democratized transportation, especially if it has been carefully considered for the needs of people with disabilities. It is inexpensive for end users, requires less space per person than any car, and has a beneficial feedback loop of safety and usage. I am not arguing the two cannot coexist; perhaps some of this stuff makes sense in low-density sprawl. But I have little confidence the future will look like Musk’s vision, or that Tesla will be delivering it. Why would anyone still believe this too-rich carnival barker who lies all the time?

Want to experience twice as fast load times in Safari on your iPhone, iPad and Mac?

Then download Magic Lasso Adblock — the ad blocker designed for you.

Magic Lasso Adblock: browse 2.0x faster

As an efficient, high performance, and native Safari ad blocker, Magic Lasso blocks all intrusive ads, trackers, and annoyances – delivering a faster, cleaner, and more secure web browsing experience.

By cutting down on ads and trackers, common news websites load 2× faster and browsing uses less data while saving energy and battery life.

Rely on Magic Lasso Adblock to:

  • Improve your privacy and security by removing ad trackers

  • Block all YouTube ads, including pre-roll video ads

  • Block annoying cookie notices and privacy prompts

  • Double battery life during heavy web browsing

  • Lower data usage when on the go

With over 5,000 five star reviews; it’s simply the best ad blocker for your iPhone, iPad. and Mac.

And unlike some other ad blockers, Magic Lasso Adblock respects your privacy, doesn’t accept payment from advertisers, and is 100% supported by its community of users.

So, join over 350,000 users and download Magic Lasso Adblock today.

Apple is a famously tight-knit business. Its press releases and media conferences routinely drum the integration of hardware, software, and services as something only Apple is capable of doing. So it sticks out when features feel like they were developed by people who do not know what another part of the company is doing. This happened to me twice in the past week.

Several years ago, Apple added a very nice quality-of-life improvement to the Mac operating system: software installers began offering to delete themselves after they had done their job. This was a good idea.

In the ensuing years, Apple made some other changes to MacOS in an effort to — it says — improve privacy and security. One of the new rules it imposed was requiring the user to grant apps specific permission to access certain folders; another was a requirement to allow one app to modify or delete another.

And, so, when I installed an application earlier this month, I was shown an out-of-context dialog at the end of the process asking for access to my Downloads folder. I granted it. Then I got a notification that the Installer app was blocked from modifying or deleting another file. To change it, I had to open System Settings, toggle the switch, enter my password, and then I was prompted to restart the Installer application — but it seemed to delete itself just fine without my doing so.

This is a built-in feature, triggered by where the installer has been downloaded, using an Apple-provided installation packaging system.1 But it is stymied by a different set of system rules and unexpected permissions requests.


Another oddity is in Apple’s two-factor authentication system. Because Apple controls so much about its platforms, authentication codes are delivered through a system prompt on trusted devices. Preceding the code is a notification informing the user their “Apple Account is being used to sign in”, and it includes a map of where that is.

This map is geolocated based on the device’s IP address, which can be inaccurate for many reasons — something Apple discloses in its documentation:

This location is based on the new device’s IP address and might reflect the network that it’s connected to, rather than the exact physical location. If you know that you’re the person trying to sign in but don’t recognize the location, you can still tap Allow and view the verification code.

It turns out one of the reasons the network might think you are located somewhere other than where you are is because you may be using iCloud Private Relay. Even if you have set it to “maintain general location”, it can sometimes be incredibly inaccurate. I was alarmed to see a recent attempt from Toronto when I was trying to sign into iCloud at home in Calgary — a difference of over 3,000 kilometres.

The map gives me an impression of precision and security. But if it is made less accurate in part because of a feature Apple created and markets, it is misleading and — at times — a cause of momentary anxiety.

What is more, Safari supports automatically filling authentication codes delivered by text message. Apple’s own codes, though, cannot be automatically filled.


These are small things — barely worth the bug report. They also show how features introduced one year are subverted by those added later, almost like nobody is keeping track of all of the different capabilities in Apple’s platforms. I am sure there are more examples; these are just the ones which happened in the past week, and which I have been thinking about. They expose little cracks in what is supposed to be a tight, coherent package of software.


  1. Thanks to Keir Ansell for tracking down this documentation for me. ↥︎

Speaking of the Internet Archive, Matt Sephton, in August, posted about the surprise loss of his account there:

Recently at Internet Archive a “glitch” (their choice of word) deleted a great many accounts, including my account that had been at archive.org/details/@gingerbeardman since 2015.

I had meant to post this nearer to when it happened but, like others, my requests for comment went unanswered, even when sent directly to an organization representative instead of a generic media inbox. Parts of Sephton’s account were thankfully restored, but only after this post was sent to Hacker News.

I find the Internet Archive’s utility unparalleled. I find some of its recent behaviour frustrating.

Brendan Jones:

The rise of Mastodon has made me so much more aware of government services requiring us to use private companies’ systems to communicate with them and access services.

Sitting on a Dutch train just now I was shown on a screen “feeling unsafe in the train? Contact us via WhatsApp”.

Jones says the railway operator’s website also contains SMS reporting instructions, but that was not shown on the train itself.

One of the side effects of the decline of née Twitter is in the splintering of its de facto customer support and alert capabilities. Plenty of organizations still use it that way. But it should only be one option. Apps like WhatsApp should not be the preferred contact method, either. Private companies’ contact methods should be available, sure — meet people where they are — but a standard method should always be as easily available.

Jason Scott:

Someone is DDOSing the internet archive, so we’ve been down for hours. According to their twitter, they’re doing it just to do it. Just because they can. No statement, no idea, no demands.

An X account claiming responsibility says it is a politically motivated attack. If that is true, it is an awfully stupid rationale and a poor choice of target.

Wes Davis, the Verge:

Here’s what the popup said:

“Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!”

HIBP refers to Have I Been Pwned?, a website where people can look up whether or not their information has been published in data leaked from cyber attacks. It’s unclear what is happening with the site, but attacks on services like TweetDeck have exploited XSS or cross-site scripting vulnerabilities with similar effects.

I have no idea if this group actually obtained any Internet Archive user data. The site has only a placeholder page directing visitors to its X account for status updates, but I see nothing there or on Brewster Kahle’s personal one.

Update: Three minutes after publishing this post, I received an alert from Have I Been Pwned that my Internet Archive account was one of over 31 million total which had been exposed. Troy Hunt, who runs HIBP, and Lawrence Abrams of Bleeping Computer both tried contacting the Internet Archive with no response.

Sarah Krouse, Dustin Volz, Aruna Viswanatha, and Robert McMillan, Wall Street Journal (probably paywalled; sorry):

A cyberattack tied to the Chinese government penetrated the networks of a swath of U.S. broadband providers, potentially accessing information from systems the federal government uses for court-authorized network wiretapping requests.

For months or longer, the hackers might have held access to network infrastructure used to cooperate with lawful U.S. requests for communications data, according to people familiar with the matter, which amounts to a major national security risk. The attackers also had access to other tranches of more generic internet traffic, they said.

Zack Whittaker, TechCrunch:

The 30-year-old law that set the stage for recent backdoor abuse is the Communications Assistance for Law Enforcement Act, or CALEA, which became law in 1994 at a time when cell phones were a rarity and the internet was still in its infancy.

CALEA requires that any “communications provider,” such as a phone company or internet provider, must provide the government all necessary assistance to access a customer’s information when presented with a lawful order. In other words, if there is a means to access a customer’s data, the phone companies and internet providers must provide it.

Bruce Schneier:

For years, the security community has pushed back against these backdoors, pointing out that the technical capability cannot differentiate between good guys and bad guys. And here is one more example of a backdoor access mechanism being targeted by the “wrong” eavesdroppers.

Riana Pfefferkorn:

It is not the ‘90s anymore, when CALEA got enacted, the law requiring telecom wiretappability for law enforcement. China and Russia and DPRK are formidable cyber foes now. DOJ, FBI, etc. want to change CALEA so that encrypted apps like Signal or WhatsApp aren’t exempt from it anymore. But this hack shows that if anything, the law needs to change in the *other* direction. The hack needs to be a wake-up call to law enforcement that as long as they keep opposing encryption for communications, they’re enabling China to smack us in the face with our own hand while saying “stop hitting yourself!”

According to a 2016 paper from Public Safety Canada, “Australia, the U.S., the UK and many other European nations require CSPs [Communications Service Providers] to have an interception capability”; it also notes Canada does not. Such a requirement is understandable from an investigative perspective. But, as Pfefferkorn says, capabilities like these have been exploited before, and it will happen again. These are big targets and there are no safe backdoors.

That brings me — for the second time today — to the need for comprehensive privacy legislation basically everywhere but, in particular, in the United States, the hub of the world’s communications. Protecting private data would dramatically curtail this kind of access violation by removing backdoors, restrict one aspect of TikTok panic, and reduce the exploitation of our behavioural data by creepy ad tech businesses. It is not a panacea and I am sure there are worrisome side effects for law enforcement, but it would likely be more effective than tackling these problems on an individual basis.

I have to say, it is quite an odd thing to be listening to a podcast and hear one’s own name. This recently happened to me on the latest episode of “Upgrade”. It feels like I am about to be called to the principal’s office or something. But I was not.

Myke Hurley and Jason Snell discussed an article I wrote about the more granular control available to users in iOS 18 when apps request access to their contacts. (My piece is a response to a New York Times story; Snell also linked to both with some commentary.) Their chat centres Apple’s scale and influence. Even little decisions the company makes are capable of transforming entire industries.

Hurley raises an apt comparison to App Tracking Transparency, which is exactly what I was thinking about when I wrote my piece. I am similarly unsympathetic to corporate empires built on illicitly obtained data. If you cannot make money when users are given a choice to consent, your business model probably sucks. But I do think it is concerning how powerful both of the major players were in the aftermath of that announcement: Meta, for hoarding behavioural data on billions of people; and Apple, for its ability to give users options.

I see parallels to Google’s power over the web. The near-uniform layout and structure of webpages is thanks to Google’s specific suggestions for improving the likelihood of ranking higher. The main difference is Google’s suggestions are sort of optional; if a website’s owner does not care much about search traffic, they can do whatever they want. The prompts on iOS, on the other hand, are baked into the system.

As Snell says, these apps “have to make the case” for granting permission. I do not think that is such a bad thing, and I am amenable to their suggestion of Apple’s built-in apps being placed on a level playing field. I think a lot of this would be more predictable if privacy laws were stronger. A basic level of privacy protections should not be a competitive advantage, nor should users be required to navigate either unceasing permissions dialogs or terms of service agreements to understand the myriad ways their personal information is being exploited — because their personal information should not be exploited.

Karl Bode, Techdirt:

Scientists say that low earth orbit (LEO) satellite constellations being built by Amazon, Starlink, and AT&T pose a dire threat to astronomy and scientific research, and that too little is being done to address the issue.

There are costs to suddenly widespread satellite connectivity. Apple’s partner in its offering, Globalstar, operates a constellation of satellites which would similarly be concerning to scientists.

It is a tricky balance. Adding redundant communications layers in our everyday devices can be useful and is, plausibly, of lifesaving consequence. Yet it also means the sky is littered with fields of objects which interfere with ground-based instruments. The needs of scientists might seem more abstract and less dire than, say, people seeking help in a natural disaster — I understand that. But I am not certain we will be proud of ourselves fifty years from now if we realize astronomical research has been severely curtailed because a bunch of private companies decided to compete in our shared sky. There is surely a balance to be struck.

As smartphones began competing on satellite connectivity, I had my doubts. Sure, I could imagine a dire emergency situation where it would be lifesaving, but would I ever use it? I hike a little and I cycle a lot, often without cell connectivity, and I feel completely comfortable. I am by no means an extreme sports enthusiast or adventurer. When would I need this stuff?

Well, the Messages via Satellite capability — new for iPhone users in iOS 18 — sure was handy this weekend. I was cycling a light trail in Kananaskis with a friend when I had a low-speed fall in a rock field. It was embarrassing. It also gave me a deep, five centimetre-long cut on my knee. It was not bad enough to need medical attention — I was able to keep cycling just fine — but it was good to know I would be able to get help if I needed it in an area without any cellular reception. And, at the trailhead, I was able to let my wife know I was fine via satellite-sent text message.

Of course, it can also be used in more dire circumstances, as many are finding out.

Ryan Christoffel, 9to5Mac:

Hurricane Helene has caused massive damage and taken over 100 lives across several US states. Many thousands of people are without power and/or cell service. But in the wake of the storm, reports have surfaced about a key iOS 18 feature that has been a lifeline for survivors: Messages via satellite.

In my case, useful; in the case of many people, a truly lifesaving addition. You know those graphics of everything smartphones replaced? Satellite phones surely have not been replaced for the avid adventurer, but they can probably be added to that graphic for a lot of us. Smartphone makers seem to have gone through the list of everyday necessities, then the weekly or monthly ones, and now are at a point where they are adding features we may use only once — but we are glad when we do.