Pixel Envy

Written by Nick Heer.

Google Sued by D.C. and Three States for ‘Deceptive’ Android Location Tracking

In August 2018, Ryan Nakashima of the Associated Press reported that Google’s location tracking settings were deceptive. Now, the company is being sued over these practices around the United States.

Adi Robertson, the Verge:

The attorneys general of three states and the District of Columbia are suing Google for the allegedly deceptive collection of location data on Android. The complaints, which build on a 2020 lawsuit filed by the Arizona Attorney General, allege that Google’s “complex web” of settings obfuscated whether users were sharing their location at a given moment. Furthermore, they allege Google pushed Android users with “repeated nudging, misleading pressure tactics, and evasive and deceptive descriptions” to share more information either “inadvertently or out of frustration.”

The complaint is redacted in key parts, unfortunately. Even something as simple as the before-and-after of text in a permissions dialog box has been erased. But even reading between the solid bars of removed text yields some choice findings like this:

Within Google, a self-titled “Oh Shit” meeting was convened the day the AP story was published to begin brainstorming responses to the article. […]

I would not like to accept any meeting invitation labelled “Oh Shit”.

More substantively, the suit argues that Google’s control over Android and its ads business overlap to reduce user privacy. These claims are similar — but perhaps stronger — to those made in the June 2020 class action suit alleging it tracked people in Chrome’s “Incognito” mode because it also receives Google Analytics data.

Robertson:

Reached for comment, Google denied the claims in the suit, pointing to recent changes like the ability to auto-delete location history.

“The attorneys general are bringing a case based on inaccurate claims and outdated assertions about our settings,” said Google policy spokesperson José Castañeda. “We have always built privacy features into our products and provided robust controls for location data.”

Not mentioned by Castañeda is how the policies were in place for nearly ten years, that they were changed only after the company was caught, and how there is no indication the company erased all location data collected during this period in an arguably illegitimate way. Businesses should not be immune from the legal consequences of their actions.

Some Jerk Has Built a Twitter Bot to Spoil the Next Day’s Wordle Puzzle

I do not think I will ever understand what motivates some people to take something that is, at worst, harmless and take pleasure in ruining it for everyone else. Wordle is a nice, harmless thing; the nice thing to do is to block the “wordlinator” account on Twitter. If you do it from Twitter’s website, you do not even have to see the account’s spoilers.

Update: It is worth thinking about how Twitter is designed to permit communication from some griefer bot like this — or, far worse, automated harassment — and it is up to each of us to block it on an individual account level.

The Inside Story of iBeer

Speaking of the early days of iPhone apps, here is Quinn Myers, writing for Mel:

On July 10, 2008, Steve Jobs teased the opening of Apple’s highly anticipated App Store. “The quality and the sophistication of the applications you can write for the iPhone is in a different class,” he told the New York Times. The next day, the App Store launched with more than 500 apps curated for the iPhone’s groundbreaking technology, but only the app of the highest quality and most sophistication would rise to the top: iBeer, an app that kind of made it look like your phone was a glass of beer.

Remarkably, the app is still on the App Store.

MacOS Widgets Deserve Better

Stephen Hackett:

Notification Center is a real mess. Even on a Pro Display XDR, you get three visible notifications. That’s it. Anything older is hidden behind a button, regardless of how many widgets you may have in the lower section of the Notification Center column.

Apple needs to rethink this and let this new class of widgets breathe, being able to use the entire screen like the widgets of yore could. Bringing back Dashboard is an obvious solution here, and I’d love to see it make a return.

Hackett’s screenshots of Dashboard make me nostalgic for that uniquely mid-2000s blending of pseudo-realistic textures and clean formatting. Dashboard was the epitome of that sort of thing — remember the water ripple effect when you dropped a widget onto the Dashboard layer? That made no sense but was absolutely perfect. I miss subtler textural elements like that or the perforated metal tray of available widgets. Sheets of frosted glass have run their course.

Anyway, I am not sure that bringing Dashboard back to life is the right direction, but I would love to see something happen to make widgets and Notification Centre feel more considered and less of a junk drawer. I feel similarly about the many spatial layers of MacOS, like Launchpad and Mission Control — something about them has not quite solidified for me.1

One more thing: in a footnote, Hackett points out how these widgets were interactive. They were interesting in other ways, too. All of them were built with web technologies using a specific IDE Apple created called Dashcode, which it launched in 2006. At WWDC 2007, when Steve Jobs announced the “sweet solution” for iPhone apps, Dashcode was envisioned as a way to build those web apps. The idea was that developers could take their existing Mac OS X widget and convert it to work as an iPhone web app. That, obviously, was not well-received, and an official SDK for native apps was launched the following year. Dashboard withered and died, but not before Dashcode bit the dust. Yet, it took until just a couple of years ago for widgets to once again be a multi-platform effort, now with SwiftUI and, as Hackett wrote, without interactivity. Curious.


  1. I really like Apple’s trackpad gestures for all of these things, especially since they became tracked to your fingers entirely in real-time several years ago. It would be cool if the full-hand pinch gesture was used for something Dashboard-esque. ↩︎

Apple Moved Quickly to Clean Up the Wordle Clones in the App Store, but There Is Still Far to Go

This article by Jason Cross, writing in Macworld, is harsh but mostly fair. The last line of this paragraph, in particular, stood out to me:

It would be a trivially small amount of money for Apple to create an internal group dedicated to proactively finding and eliminating scam, copycat, infringing, exploitive apps. But every one it finds costs Apple money. And doing nothing isn’t hurting sales, not when it’s so much cheaper to just market the App Store as so secure and trustworthy. Apple seems to view App Store trust and quality as a marketing activity more than a real technical or service problem.

It is hard not to feel the same way after years of this same sort of complaint. Apple often says the App Store is trustworthy, and that every app is “held to the highest standards”. But it does not take much digging to find apps that fail to uphold those promises. For example, an App Store search for “who blocks me” finds apps that promise to reveal who views your social media profiles and who is blocking you. Neither of those capabilities are supported by the APIs of Facebook, Instagram, or Twitter. But there are dozens of apps that claim to offer that functionality, most of which require the purchase of an expensive subscription.

Apple Confirms It Has Stopped Issuing iOS 14 Security Updates

Andrew Cunningham, Ars Technica:

Apple told Ars that it always intended the iOS 14 security update option to be temporary. Essentially, people could have a short grace period while Apple worked out the worst of the new operating system’s early bugs, but you would always eventually have to upgrade to stay patched.

The features page for iOS 15 merely says that users can “continue on iOS 14 and still get important security updates,” with no mention of any sort of time limit, though this support page published after iOS 15’s release does mention that iOS 14 security updates will only be available for a vague “period of time.” This approach isn’t consistent with how Apple handles macOS, where the two previous versions of the OS continue to receive security updates in (albeit imperfect) lockstep with the latest macOS version.

When it was released, iOS 15 was given secondary billing as a version that was “also available” on the Software Updates screen. The assumption by many — including me — was that Apple might support the previous year’s version of iOS for about a year.

Alas, just four months later, Apple has already pulled the plug on iOS 14 updates. All the company had to do is be specific and clear in its communications with users still on iOS 14, but there was no notification; iOS 14.8.1, which was released in October, just one day stopped being unavailable. If something like degraded battery performance throttling created a big dent in Apple’s reputation, this sort of thing is chipping its paint: it may be easy to miss, but it also eats away at customers’ trust.

Technology Trade Group Issues Statement on the ‘Banning Surveillance Advertising Act’

This statement from Information Technology and Innovation Foundation VP Daniel Castro is a ride:

Online advertising pays for the vast majority of free online services. Banning targeted ads would make online advertising much less effective, so advertisers will pay less for them and those who display ads — including app developers, media companies, and content creators — will earn significantly less revenue. Faced with a budget shortfall, many online services will have few options other than to either reduce the quality of their services or charge their users fees.

It will not surprise you to know that this group is funded by basically every major technology company, including Amazon, Apple, Facebook, Google, and Microsoft.

But let us engage with this argument on its merits, and not which ostensibly independent voices are making it. One reason highly-targeted ads cost more than less targeted ones is because there are more companies involved in their delivery and each one gets its cut. Another reason is, allegedly, because Google overcharged advertisers, paid publishers a lower rate, and kept the difference.

And while some wealthier households might be willing to pay for ad-free Internet services, millions of American families would be hurt by this policy as they find themselves cut off from key parts of the digital economy. Indeed, this policy would be equivalent to telling the millions of American households who watch ad-supported broadcast television that, to protect them from advertising, they will have to sign up for premium cable and streaming subscriptions instead.

This is some race-to-the-bottom nonsense that conflates less-targeted advertising with a ban on ads altogether — a confused argument this industry loves to make because its actual practices are indefensible. Non-creepy advertising is completely fine. Just do that.

It is worth Americans’ time to question the efficacy of the bill’s text and look for unintended consequences. But this trade group assumes everyone is a sucker and will fall for its misleading arguments.

Lawmakers Propose Legislation to ‘Ban Surveillance Advertising’

Joseph Cox, Vice:

“The Banning Surveillance Advertising Act does what its title suggests. The legislation prohibits advertising facilitators (e.g., Facebook, Google DoubleClick, data brokers) from targeting ads with the exception of broad location targeting to a recognized place (e.g., municipality),” a press release announcing the proposed legislation reads. “The bill also prohibits advertisers from targeting ads based on protected class information and any information they purchase. Violations can be enforced by the Federal Trade Commission, state attorneys general, or private lawsuits,” it adds. The legislation would also prohibit targeted advertisements based on protected class attributes such as race, gender, and religion.

Reps. Anna G. Eshoo of California and Jan Schakowsky of Illinois, and Sen. Cory Booker of New Jersey are the Democratic lawmakers behind the proposed legislation.

Can Duruk:

My hope is that we will look back at the current state of the internet, funded solely by adtech, like when we used asbestos for insulation, lead for toys, and land mines for defense.

There is no chance that this bill becomes law in the U.S., thereby causing the world’s ad tech market to adjust to a better model, but a simple Canadian boy can dream.

U.K. Home Office Launches Anti-Encryption ‘No Place to Hide’ Ad Campaign

James Ball, Rolling Stone:

The UK government is set to launch a multi-pronged publicity attack on end-to-end encryption, Rolling Stone has learned. One key objective: mobilizing public opinion against Facebook’s decision to encrypt its Messenger app.

The Home Office has hired the M&C Saatchi advertising agency — a spin-off of Saatchi and Saatchi, which made the “Labour Isn’t Working” election posters, among the most famous in UK political history — to plan the campaign, using public funds.

According to documents reviewed by Rolling Stone, one the activities considered as part of the publicity offensive is a striking stunt — placing an adult and child (both actors) in a glass box, with the adult looking “knowingly” at the child as the glass fades to black. Multiple sources confirmed the campaign was due to start this month, with privacy groups already planning a counter-campaign.

Hannah Bowler of the Drum — a publication I had not heard of until I began researching this story specifically, and which does not seem like the most trustworthy source for original information given that it claims to be the “third-biggest marketing website in the world” but does not have a Wikipedia page — speculates that this could also be intended to counter WhatsApp’s “Message Privately” ads. That seems entirely plausible to me. Whatever the case, it launched today.

The Home Office claims that 14 million fewer reports of possible abuse may be filed every year if unspecified social media companies, which clearly refers to Facebook, enable end-to-end encryption. It cites data from NCMEC in making this assertion. But I looked through that organization’s releases and could not figure out from where the Home Office drew its conclusions. The NCMEC says that, in 2020, it received 21.4 million reports (PDF) from platforms like Facebook and Google. Facebook’s platforms provided 20.3 million of those reports; NCMEC does not publish more granular data for Facebook. Perhaps 14 million of those reports were from Facebook and Instagram direct messages — WhatsApp messages are already encrypted — and the remaining six million came from other sources on Facebook’s platforms, like posts and Facebook Groups. But it is entirely unclear, and the “14 million” number appears nowhere I can find on NCMEC’s website. This may be nitpicking, but I think it is important that if we are using numbers to illustrate the scope of a problem, that they should be right.

Everyone who is reading this with some knowledge of end-to-end encryption is surely thinking the same thing: it is awful to know that encrypted messaging can be used for heinous purposes, but it comes with tremendous security and privacy benefits for the rest of us. But this campaign is clearly not for well-informed people, as Ball reports:

One key slide notes that “most of the public have never heard” of end-to-end encryption – adding that this means “people can be easily swayed” on the issue. The same slide notes that the campaign “must not start a privacy vs safety debate.”

What a cynical viewpoint the Home Office and M&C Saatchi must have. Privacy is absolutely a factor, and the Home Office agrees:

[…] End-to-end encryption is valuable technology designed to keep our data and conversations safe. We are not opposed to end-to-encryption in principle and fully support the importance of strong user privacy. […]

Unfortunately, the Home Office goes on to ask for an untenable compromise position. The closest we have seen to a middle ground is Apple’s on-device detection of child abuse materials destined for iCloud — and the backlash was so striking that those plans have been indefinitely delayed.

This is a hard problem to contend with, but the solution cannot be to ban anything that does not leave a trail of evidence, as though such an effort would be possible. The rest of us do not want the GCHQ spying on our messages. Besides, it is not as though law enforcement is actually as “in the dark” as they like to claim.

Safari 15 Does Not Respect Same-Origin Policy for IndexedDB, Permitting Extraordinary Cross-Site Tracking

Martin Bajanik, of FingerprintJS:

In Safari 15 on macOS, and in all browsers on iOS and iPadOS 15, the IndexedDB API is violating the same-origin policy. Every time a website interacts with a database, a new (empty) database with the same name is created in all other active frames, tabs, and windows within the same browser session. Windows and tabs usually share the same session, unless you switch to a different profile, in Chrome for example, or open a private window. For clarity, we will refer to the newly created databases as “cross-origin-duplicated databases” for the remainder of the article.

I know I just wrote it in the headline, but this is an extraordinary bug. Michael Tsai points to a November 2021 WebKit bug report that has since been access-restricted.

You know what is most wild about this for me? I came across this bug when working on some web development last autumn, but I assumed I must be misinterpreting what I was seeing because there was no way such a critical vulnerability would be so transparently visible. Alas.

According to Bajanik, some patches were committed to WebKit this weekend that should fix this bug. That is the good news. The bad news is that this same bug is present in every implementation of Safari 15’s engine, including every iOS browser since they all use the same engine, and no software updates have been issued to fix this vulnerability.

Update: The updates to MacOS, iOS, and iPadOS that will be released shortly contain a fix for this bug.

Custom 3D Landmarks in Apple Maps

Justin O’Beirne:

As part of its 2021 cartographic redesign, Apple replaced 213 of its existing 3D models of landmarks and other venues with new, artist-created models.

[…]

These new custom landmark models are currently available in seven areas: the San Francisco Bay Area, Greater Los Angeles, New York City, London, Washington, San Diego, and Philadelphia.

The San Francisco Bay Area has the most models (60 models total), while the San Diego area has the least (11 models total).

Compare this list against two of O’Beirne’s other catalogues: feature availability in top metro areas and priority countries. I am especially interested in countries with large metro areas and many iOS users, yet with few Apple Maps features. Seoul is located within a country of, according to O’Beirne’s calculations, at least ten million iOS users, but only has a city guide and some landmark icons, and not even the 3D landmarks of London or Washington. It is a similar story in Moscow — Russia has at least 29 million iOS users — and São Paulo — Brazil has an estimated 16 million.

In New York or London, Apple Maps probably feels pretty feature-rich. But elsewhere it is patchier, even in cities like Calgary which are comparatively well-covered. There are surely different teams working on 3D landmarks and more fundamental features but, from a distance, it can feel like Apple is lavishing attention solely on U.S. population centres — and London — and filling in fine details in those cities at the expense of some basic functionality elsewhere. I would love cycling directions, or even some more consistent labelling — a selection of Calgary streets in the same area are referred to as “15 ST SW”, “16TH ST SW”, “EIGHTH ST SW”, and “8 ST SW”. It is eye-opening to know this is considered good coverage for Apple Maps; major commercial areas are not marked on the streets of Paris, not even the Champs-Élysées.

I often wonder if it makes sense that there are basically two major efforts in digitizing the world’s cartography for commercial purposes, and both are fronted by companies based in the same part of the United States. The expense of such a wide-reaching project is surely a hurdle, but it would be great if others could offer a more local solution. Perhaps one reason there is not as much competition in this space is, in part, because iOS users cannot change their default maps app. I am not sure it makes sense to modernize the in-car GPS systems that required a different disc for each region, but I also have to wonder if Apple or Google can deliver worldwide cartography that is accurate and not encumbered by their myriad other business interests.

User-Friendly Diagnostics Should Be a Core Part of Any System

Howard Oakley:

Software engineers are hopeless optimists when they design and code only for success. There’s much more to handling errors than displaying a couple of phrases of in-house jargon and fobbing the user off with a magic number. It’s high time that designing error-handling to help the user became a central tenet of macOS.

My only quibble with Oakley’s conclusion here is that it should not be limited to MacOS; I expect better diagnostics across all of Apple’s operating systems. Otherwise, this is spot on.

It is bananas that the best error messages users will encounter are those with an inscrutable code — “the best” because it is at least something which can begin a web search for answers. But a Mac is not a microwave; it has a very large display and can display more information than an error code of a few characters. Worse still are errors which have no information — Oakley’s example is a MacOS installer with the error “This copy of the Install macOS Big Sur.app application is damaged, and can’t be used to install macOS.” has only an “OK” button, as though that is an acceptable response1 — or silent failure where no message is displayed to the user at all.

There is no way this is the best that can be done, nor is it what we should expect out of our ostensibly modern families of operating systems.


  1. Since this is a MacOS installer, a better error message would have an option to fix the application, or at least re-download it in full. ↩︎

‘Modern’ Browsers

Jim Nielsen’s mom could not access a website from her computer or iPad to register for volunteering:

So I looked at the version of Chrome on my parent’s computer. Version 76! I knew we were at ninety-something in 2022, so I figured that was the culprit. “I’ll just update Chrome,” I thought.

Turns out, you can’t. From what I could gather, the version of Chrome was tied to ChromeOS which couldn’t be updated because of the hardware. No new ChromeOS meant no new Chrome which meant stuck at version 76.

But what about the iPad? I discovered that my Mom’s iPad was a 1st generation iPad Air. Apple stopped supporting that device in iOS 12, which means it was stuck with whatever version of Safari last shipped with iOS 12.

So I had two older browsers that couldn’t be updated. It was device obsolescence because you couldn’t install the latest browser.

I ran into a similar issue when I tried booting into Mac OS X Lion — the version that shipped with my 2012 MacBook Air — and found that many websites, including my own, refuse to load because of incompatibilities with modern SSL certificates or HTTPS standards, I think. This laptop is officially obsolete in Apple’s terms; it can only be upgraded to Catalina. It will stop working eventually, but I wonder if the hardware will give out first or if it is more likely that I will sooner be unable to use it for day-to-day tasks.

Even on the most basic of document-based websites, there are technical hurdles that prove the web is little without the right web browser. I like a lot of the work done by the Electronic Frontier Foundation, but one of the quieter drawbacks of its leadership in encrypting the web is that many websites can only be accessed through newer browsers.

Faking an iPhone Reboot

ZecOps, a security research company (via Bruce Schneier):

We’ll dissect the iOS system and show how it’s possible to alter a shutdown event, tricking a user that got infected into thinking that the phone has been powered off, but in fact, it’s still running. The “NoReboot” approach simulates a real shutdown. The user cannot feel a difference between a real shutdown and a “fake shutdown”. There is no user-interface or any button feedback until the user turns the phone back “on”.

To demonstrate this technique, we’ll show a remote microphone & camera accessed after “turning off” the phone, and “persisting” when the phone will get back to a “powered on” state.

This is one of those things that is as clever as it is worrying. Imagine if you thought your iPhone was the target of a spyware attack, so you try turning it off and back on — except your phone never switched off and all of that behaviour was faked. Extraordinary.

More Details Revealed in States’ Antitrust Suit Against Google

Russell Brandom, the Verge:

On Friday, a coalition of state attorneys general led by Texas Attorney General Ken Paxton released a new antitrust complaint (PDF) against Google, giving more details into the company’s alleged collusion with Facebook in programmatic ad markets. The filing was first reported by Politico.

… which put the public document behind its paywall, is how that sentence should end. The full docket is on Court Listener, and that would also be an acceptable link. Making people hunt for court filings — or pay Politico, for some reason — is inexcusable.

At least Brandom posted it, and reports:

In one particularly uncomfortable passage, the complaint quotes a 2015 email in which “Google employees expressed fear that Google’s exchange might ‘actually have to compete’ with other exchanges at some point in the future.

Much of the case rests on the concessions Google allegedly made to Facebook in the wake of the Jedi Blue arrangement, including lower fees and longer timeout limits in exchange bidding. One newly unredacted portion of the complaint claims that the concessions gave Facebook a clear advantage in winning auctions.

Tripp Mickle and Keach Hagey, of the Wall Street Journal, document an offence a little more grievous than their refusal to link to the updated filing anywhere in this article:

Google misled publishers and advertisers for years about the pricing and processes of its ad auctions, creating secret programs that deflated sales for some companies while increasing prices for buyers, according to newly unredacted allegations and details in a lawsuit by state attorneys general.

Meanwhile, Google pocketed the difference between what it told publishers and advertisers that an ad cost and used the pool of money to manipulate future auctions to expand its digital monopoly, the newly unredacted complaint alleges. The documents cite internal correspondence in which Google employees said some of these practices amounted to growing its business through “insider information.”

The allegations as presented by the attorneys general make my eyes glaze over a little because of the many acronyms and technologies involved. I should also note they have not yet been tested in court. But if they are true, it means the online advertising duopoly is rigged to the detriment of advertisers, the web, and our privacy. Remember: both Facebook and Google claim they need to build behavioural profiles on each of us for targeting purposes. But they are allegedly exploiting their position to configure the market for their benefit and nobody else’s.

I tried checking for differences between this filing and the last, but no tool I used did a great job because there are so many changes. One little thing I noticed is that Missouri’s Attorney General is a guy named Eric Schmitt. Nice touch.

Update: Leah Nylen put together a good — and mercifully short — Twitter thread about the allegations in that Journal article.

New U.S. ‘TLDR’ Bill Would Require Simplified Versions of Service and Privacy Agreements

Makena Kelly, the Verge:

The Terms-of-service Labeling, Design and Readability Act – or TLDR for short – would require websites to provide a “summary statement” for users before they opt in to a terms of service agreement. The statement would summarize the legal jargon into something more easily understood by the average user, along with disclosing any recent data breaches (from the three years) and the types of sensitive data the site may collect. The summary would also explain “whether a consumer can delete their data, and if so, provide instructions on how.”

Cute name. It seems like a generally good thing to provide users with a more digestible version of the painful legal contracts we are expected to read and understand before agreeing to use, well, just about anything.

For the past couple of years, the Verge has tried to help readers see how many terms and conditions are required of devices by including an “Agree to Continue” section in its reviews:

Every smart device now requires you to agree to a series of terms and conditions before you can use it — contracts that no one actually reads. It’s impossible for us to read and analyze every single one of these agreements. But we started counting exactly how many times you have to hit “agree” to use devices when we review them since these are agreements most people don’t read and definitely can’t negotiate.

That is all fine and wonderful. But I am not really sure what meaningful changes will be accomplished by these ideas given what many of us already know about our lack of privacy online. Google, for example, already has a simplified privacy policy. I appreciate the effort, but do most users actually read it? Even if someone does, can they understand the long-term implications of allowing Google to amass a record of your online interactions? Can they change settings before Google begins collecting usage information?

People already have a sense of how much is collected; what they lack is control. Very few people are going to behave differently because they read more privacy policies. It would be a different story if there were restrictions covering the collection and retention of user information and users were allowed to change settings before using a company’s products.

German Company’s Use of Google Analytics ‘Breached GDPR’

Lindsay Clark, the Register:

Datenschutzbehörde, or DSB, has found that a German publisher, not named in the case, was in breach of Article 44 of the General Data Protection Regulation (GDPR) in the use and operation of Google Analytics – commonly used throughout web publishing and ecommerce – because of its movement of personal data to the United States.

In 2020, the EU Court of Justice struck down the so-called Privacy Shield data protection arrangements between the bloc and the US in what is now known as the Schrems II ruling, which has ramifications for US cloud providers, social media sites, and providers of online tools.

Datenschutzbehörde, Austria’s data protection authority, specifically cited the risk of espionage by U.S. intelligence agencies as a reason why this publisher’s use of Google Analytics violates GDPR rules. That is not an unreasonable concern. While users in some countries may benefit from having the protections of the U.S. legal system to avoid domestic overreaches, it is detrimental for users in Canada and many European countries.

An Early Look at Leica’s New M11

A new Leica flagship means there is a lot to be dreaming of if you are the kind of person who, like me, are charmed by the particular blend of new and classic that only Leica really delivers. And it would not be an “M” camera without some quirks.

Barney Britton and Richard Butler, DPReview:

This USB-C socket can be used for charging the camera and for rapid offload of data, from a memory card or the 64Gb of internal storage built into the camera. The camera comes with an Apple certified USB-C to Lightning lead for connection to iPhones and iPads.

It is a little funny to me that it comes with a USB-C to Lightning cable, even though the Apple device you would probably want to use for editing these massive files is the iPad Pro, which has a USB-C port at the bottom. Standards are great, that is why we have so many of them.

Calgary’s own Chris Niccolls and Jordan Drake, also of DPReview, have a lovely video overview, too.

Responsible

I cannot remember controversy over one of Apple’s products like that which it is experiencing from AirTags. Apple is no stranger to controversy, of course — how many “–gate”s have bubbled up over product quality shortcomings, real and exaggerated? — but this is different. It is the first time I can think of where the fundamental function of the product is seen to be causing real harm.

To paraphrase one of the better lines from a mediocre series, Apple has a public relations problem because its product has an actual problem, and its product has an actual problem because the world has a problem. Apple has control over perhaps two of those problem strata; it cannot fix the objectification of women in society. But it should not be releasing products that directly exacerbate those known issues.

You could perhaps make a similar argument about a product like the iPhone: the camera could be used for surreptitious photography, for example. But that is not the sole purpose of the iPhone. It is not like Apple is selling some super tiny camera accessory.

It is also true that this is not specific to AirTags. In addition to the well-known Tile tracker, there are plenty of cheap tiny location beacons on the market, not to mention the ultra-precise GPS trackers available on Amazon and at your local spy and surveillance shop.1

But there is something different when the world’s most valuable company introduces a miniaturized beacon that uses others’ devices as a pinpointing mechanism. I am not sure what it is, but I do not think the specifics matter. I do not think there is much point in getting bogged down in exactly why there is concern about AirTags specifically because the effects are right there: women are finding these things being used to track their location. We can quarrel over specifics and wonder why Tile trackers rarely received this kind of negative press.

But maybe all of this is actually very simple: maybe this just is not something Apple needs to be offering. I know I am a mere observer and that a multi-trillion-dollar — holy shit — company can figure this stuff out but, as a layperson, it really does seem this straightforward. Perhaps there need to be greater protections before Apple could offer these kinds of products once again, but I do not see why it should ever be gambling its reputation on a cheap accessory similar to those already available while providing assistance to terrible people.

There are advantages to the vast Find My network, and perhaps Apple should explore ways to make it more appealing to third-parties. Clearly, Apple thought it could do something different and better here. But I see shades of the live audio chat room in the concerns over AirTags: just because something can be done, that does not necessarily mean it ought to be. In both cases, there are societal-level concerns these products will exacerbate or, at the very least, be an accessory to.

Perhaps the responsible thing is to not launch them at all.


  1. I am not sure how common these are where you live, but there are a couple in Calgary. I get an involuntary neck tilt every time I drive by one of them because it has a big banner outside that reads, simply, Spy Store. Good luck to our local Bonds, Bournes, Hunts, Salts, and Archers. ↩︎

Consistency Sin

Craig Hockenberry:

My answer is something I call “consistency sin”. Understanding the cause lets us avoid similar situations in the future.

Your first reaction to this nomenclature may be, “Isn’t consistency a good thing in user interfaces?”

Absolutely! Colors, fonts, and other assets should be similar within an app. Combined they help give the user a sense of place and act as a guide through an interface. And in many, cases these similarities should be maintained across platforms. There’s no sin there.

But you can get into trouble when this consistency starts to affect the user experience.

There is an article about consistency I have been putting together for months and have not figured out a great angle. I think Hockenberry’s piece is what I was trying to write.

Consistency exists on so many levels: within a particular window or area of an application, within the application, between applications from the same company, between applications on the same platform, within the platform, and between platforms — and then, consistency between how elements look and how they work. MacOS would be worse if every button looked completely different, and it would also be worse if everything looked and worked the same as it does in iPadOS. I feel like the era of MacOS we are in now has strayed over that line. Dialog boxes are harder to read; notifications are worse; translucency makes things harder to read. I have not heard a satisfactory justification for any of these changes, but all of the excuses I have seen boil down to consistency. All of these elements have been updated to be more like the way things look and work on iOS and iPadOS, but I do not think that is a laudable goal unto itself.

Facebook Loses Second Attempt to Dismiss FTC Antitrust Case

Hannah Murphy and Kiran Stacey, Financial Times:

A US judge has denied Facebook’s attempt to dismiss for a second time the antitrust lawsuit brought by the US Federal Trade Commission seeking to force the social media company to unwind its acquisitions of Instagram and WhatsApp.

“Second time lucky?” began the opinion on Tuesday from Judge James Boasberg in Washington, who concluded that the lawsuit, which accuses Facebook of conducting a “course of anti-competitive conduct”, could proceed.

The rejection of Facebook’s motion is a victory for the FTC after its original lawsuit was dismissed by Boasberg last year.

[…]

However, the judge said he would not let the FTC pursue allegations that the company changed its platform policies to cut off services to rivals, because the conduct was too far in the past.

The first version of this suit — the one that was dismissed — was filed in December 2020 under the previous FTC administration. There are many remaining questions about the amended complaint, created under Lina Khan’s leadership, but at least the FTC now has the opportunity to fully vet its concerns.

U.S. Federal Spending on Facial Recognition Tech Expands

Tonya Riley, CyberScoop:

In fact, CyberScoop identified more than 20 federal law enforcement contracts with a total overall ceiling of over $7 million that included facial recognition in the award description or to companies whose primary product is facial recognition technology since June, when a government watchdog released a report warning about the unmitigated technology. Even that number, which was compiled from a database of government contracts created by transparency nonprofit Tech Inquiry and confirmed with federal contracting records, is likely incomplete. Procurement awards often use imprecise descriptions and sometimes the true beneficiary of the award is obscured by subcontractor status.

Among the contracts CyberScoop cites is one between the FBI and Clearview AI. Quite a stark contrast compared to countries like Canada and France that have banned the company from operating within their borders or using any citizens’ data.

AirTags Are a Classic Story of a New Technology With Benefits That Are Also Concerns

Lucas Matney, TechCrunch:

Apple has arranged so much of their wearable product marketing over the last few years on how their devices function in edge use cases. The Apple Watch’s last several generations have focused on health tracking features that could help identify rare conditions or help users in a life-threatening situation. TV commercials have documented the individual stories of users who have found the Apple Watch to be a life-saving tool. With AirTags, there’s potential for some of that same good, but there’s also much more downside. In the next year, we’re undoubtedly going to see examples of AirTags being used in nefarious ways that bundled together serve as the antithesis of one of these Apple Watch commercials. It may end up being a product defined by its gross shortcomings.

AirTags are not a complex product. They are small location beacons — everything that makes them effective for finding lost keys or a stolen bicycle makes them pretty effective for tracking someone’s whereabouts. How does any company correct the course of a product like that? An optional app is insufficient.