Written by Nick Heer.

Prompt Injection Attacks Against GPT-3

A fascinating series of posts from Simon Willison about attacks with malicious prompts for automated responses based on machine learning — the second and third parts are linked in the sidebar.

Fascinating and troubling to consider this as a parallel to social engineering attacks on real, living people. It is not a stretch to imagine more call centre tasks being offloaded to automated systems — regrettably.1 Agents are trained to avoid divulging information like the customer’s address or partial credit card number, but too heavy reliance on prompt-based tasks might result in an uptick of these kinds of attacks.


  1. The loss of employment for millions is an obvious concern. On the other side of the phone line, there is a satisfaction difference. I have spent the past couple of weeks on the phone with various call centres, and there is a vast gulf in my level of happiness between speaking with a real person and speaking with a robot for even part of it. ↩︎

The Apple Watch Ultra Is a Good Start, but Falls Short in More Intensive Testing

I have read many reviews of the Apple Watch Ultra and seen a few videos, but I do not think anyone gets as close to testing its capabilities as Ray Maker:

Whether or not the Apple Watch Ultra is for you, depends largely on what you plan to use it for. If you had or wanted an Apple Watch, but were held back by battery life, and perhaps button usability – then the Ultra largely solves that. Similarly, if you wanted more advanced running/workout metrics, then WatchOS 9 on the Apple Watch Ultra also solves that too. And, if you never knew you wanted an emergency siren on your wrist for when you fall off an embankment, then the Ultra is for you too (but seriously, that feature is surprisingly well executed).

However, as good as Ultra is for most existing Apple Watch users (or more mainstream prospective users), it falls short when it comes to features that you would need to complete an actual ‘ultra’ – that is, a long distance running race, or trek, or really any adventure in the backcountry. These gaps fall into a couple of different camps. Sure, there’s the bugs like the openwater swim one, or the disappearing compass backtrack one. I’m less concerned about those at the moment. Instead, it’s the navigational feature gaps, and sensor pairing/broadcasting gaps that are more key for Apple.

I am not in the target market for the Apple Watch Ultra; my most backcountry hikes are still within a couple hours’ drive of a decent espresso. But I have a few friends who do more extreme sports and they have expressed similar questions as Maker about its endurance and navigation capabilities. Its marketing may have oversold it somewhat. I look forward to learning more from real-world users about what it is actually like in the most hardcore circumstances.

Team Cymru’s Mass Surveillance Products Are Like the NSA With Even Fewer Warrants

Do you remember having the capacity for shock?

To be fair, it may have been muted by years of relentless news stories exploring an entire industry of privacy invasions. Some of these articles might involve subjects familiar to you; perhaps you were an early worrier about how Facebook apps could harvest data on users’ friends, a capability which the company later found was happening at shocking scale. Unfortunately, most of the general-audience press began paying attention to these concerns after the 2016 U.S. election, when that Facebook scandal was disproportionately blamed for a particularly idiotic presidency. But, at last, mainstream newsrooms did cover these problems, and they brought the budget, sources, and access to uncover some truly horrifying news items, with such regularity that my ability to be shocked has been blunted.

This made my jaw drop.

Joseph Cox, Vice:

Multiple branches of the U.S. military have bought access to a powerful internet monitoring tool that claims to cover over 90 percent of the world’s internet traffic, and which in some cases provides access to people’s email data, browsing history, and other information such as their sensitive internet cookies, according to contracting data and other documents reviewed by Motherboard.

[…]

“The network data includes data from over 550 collection points worldwide, to include collection points in Europe, the Middle East, North/South America, Africa and Asia, and is updated with at least 100 billion new records each day,” a description of the Augury platform in a U.S. government procurement record reviewed by Motherboard reads. It adds that Augury provides access to “petabytes” of current and historical data.

The NSA and GCHQ have, for years, intercepted and ingested data as it flows from server farms through fibre optic cables and across the internet. These programs built upon previous general surveillance efforts like the FBI’s Carnivore software.

These wildly intrusive and untargeted capabilities, once the domain of government intelligence gathering efforts, now appear to be offered to anyone who can afford whatever Team Cymru is charging. Regardless of your opinion of the programs operated by the NSA and GCHQ, at least they had the appearance of formal controls and specific goals. As Cox reports, now that the monitoring is done by a private business, it eliminates the need for pesky roadblocks like warrants.

This is wild, too:

Beyond his day job as CEO of Team Cymru, Rabbi Rob Thomas also sits on the board of the Tor Project, a privacy focused non-profit that maintains the Tor software. That software is what underpins the Tor anonymity network, a collection of thousands of volunteer-run servers that allow anyone to anonymously browse the internet.

I am not sure if the dissidents and drug seekers who rely on Tor should be worried, but I do not know what to make of this conflict. The Tor Project says there is no conflict of interest, though, so I feel silly.

On ‘Good’ Coffee

Jason Diamond, the Melt:

That was always my problem with the rise of the coffee snob. And, again, I’m not saying you, the person with all your gadgets at home to make your perfect French press or espresso on your machine. The real-life versions of Ari Spyros from Billions, the compliance officer obsessed with his office setup is, honestly, goals. I wish that I took that much interest in the coffee I make. But I don’t. I do buy certain beans and I researched my grinder and coffee maker, but the truth is that I live in a city with countless options to just walk outside my door and get a coffee from and the idea is that since they all charge the same price that they should all serve good coffee.

And yet, that’s never the case. This is a very arbitrary assessment, but of the six (yes, six (I do live in Brooklyn, remember) places I could count that are all within eight minutes of my home (I timed these and rounded down to eight, I swear I didn’t just pick a number at random) that serve “specialty” coffee from roasters like Sey or Counter Culture, Partners or Intelligentsia, where the average price of a small coffee is four dollars, I’d say that four of those places just aren’t worth the cost. The coffee just isn’t that good. The two-dollar cup I get at the bodega does the trick.

I have a similar number of “good” coffee places within a short walk of my house. As with Diamond’s experience, only a few of these are actually decent. There are many places which have good beans from roasters I trust, made on all the “right” equipment by people who appear to care — and it just comes out all wrong. The atmosphere is wrong, too: one of the places near me has Edison bulbs and reclaimed wood everywhere, and it feels like it came from a kit; another place is a mix of a coffee shop, coworking space, and retail for clothing and knick-knacks. You do not need to be a snob to recognize that beneath the pastiche of specialty coffee is a seeming lack of care from the top down.

The iPhone 14 Is Easier to Repair

Matthew Panzarino, TechCrunch:

Apple says that all of the iPhone 14 models have a new internal structure that allows for better thermals and heat dissipation. It’s next to impossible to determine if there is any real benefit here in my testing, though I’m sure that a teardown will display whatever architectural changes Apple has made. Whatever has changed, it is significant, because the iPhone 14’s back glass can now be replaced without having to disassemble the phone, something that was not possible before.

Kyle Wiens, iFixit:

The best feature of the iPhone 14 is one that Apple didn’t tell you about. Forget satellite SOS and the larger camera, the headline is this: Apple has completely redesigned the internals of the iPhone 14 to make it easier to repair. It is not at all visible from the outside, but this is a big deal. It’s the most significant design change to the iPhone in a long time. The iPhone 14 Pro and Pro Max models still have the old architecture, so if you’re thinking about buying a new phone, and you want an iPhone that really lasts, you should keep reading.

Rare praise from iFixit for Apple’s assembly choices. It is not all good news; Wiens speculates Apple will require software pairing of the back glass to the phone’s chassis, for some reason. But changes like these and Apple’s self-service repair program go a long way to permit more people to avoid long lines at an Apple Store they may live far away from.

It also means device owners get more say in what parts can be replaced and when. I sure would love to have Apple repair my deeply scratched iPhone 12 Pro display — especially since I have AppleCare Plus — but the company has so far refused because it may reduce the phone’s water resistance. Apple has not launched self-repair in Canada, so I must either be comfortable with components of unknown provenance or delude myself into not seeing the gash in my screen.

Indie Anniversaries

Michael Tsai put together a great collection of notable indie developer anniversaries, including one from Ken Case of the Omni Group:

Speaking of time flying, today marks the 30-year anniversary of the day we started doing business together as “the Omni Group.” We registered the omnigroup.com domain on September 8, 1992 — thirty (30) years ago — back when having an Internet domain had nothing to do with having a website.

And here is one more — Rogue Amoeba is celebrating its twentieth birthday. Paul Kafasis:

20 years ago this month, Rogue Amoeba unveiled Audio Hijack 1.0.0, the very first version of what has become our flagship product. To celebrate that anniversary, we’ve got a great deal to share with you. But first, take a gander at what things looked like way back on September 30, 2002: […]

I am trying to decide whether I prefer the early Aqua stripes in the Audio Hijack screenshot, or the marble-textured Omni logo in Case’s post. Both have their appeal.

There is something very special about using products made by independent developers like these. It is software with personality, driven by a level of care and passion that is understandably lost in larger organizations. When I am having trouble or want to request a feature enhancement, I can send an email from somewhere in the application and receive a response from a real person who has the power to make things happen. Institutional developers have their place, but I feel an level of individual care from the indie software projects I use on a daily basis. Congratulations to the Omni Group, Rogue Amoeba, and the many other indie developers who make the software many of us rely on.

‘The Most Angrily Incoherent First Amendment Decision’

I try to stay away from writing about American laws and policies; there are enough American journalists doing that, and a Canadian’s voice is probably unhelpful. But I carve out an exception for myself when the law is particularly heinous or when it might have an impact outside the country. Today’s legal decision, from Fifth Circuit Court of Appeals Judge Andy Oldham, unfortunately satisfies both criteria.

First, a little history: about a year ago, the Texas House of Representatives voted to pass H.B. 20, a law which would effectively prevent online platforms from moderating users’ posts except as legally required — for example, against CSAM — or for imminent threats of violence. It also required platforms to not geofence Texan users or stop operating in the state. In effect, it is a Texan law that would impact users at least across the U.S., if not the world. In May, after much legal back-and-forth, the Fifth Circuit decided that Texas H.B. 20 was enforceable — even though a similar but less authoritarian law in Florida was ruled mostly unconstitutional — but did not provide a legal rationale for why platforms should be compelled to act as though they are common carriers, even though they are not.

Today, after about four months of waiting, the Court dropped its ruling (PDF) with all the subtlety of Wile E. Coyote pushing an anvil off a cliff.

Mike Masnick, Techdirt:

It is difficult to state how completely disconnected from reality this ruling is, and how dangerously incoherent it is. It effectively says that companies no longer have a 1st Amendment right to their own editorial policies. Under this ruling, any state in the 5th Circuit could, in theory, mandate that news organizations must cover certain politicians or certain other content. It could, in theory, allow a state to mandate that any news organization must publish opinion pieces by politicians. It completely flies in the face of the 1st Amendment’s association rights and the right to editorial discretion.

There’s going to be plenty to say about this ruling, which will go down in the annals of history as a complete embarrassment to the judiciary, but let’s hit the lowest points.

Ken “Popehat” White:

It really is the most angrily incoherent First Amendment decision I think I’ve ever read.

This ruling treats internet platforms — not internet service providers, which it explicitly excludes, but individual websites — as though they are a common carrier, like a phone company. If you are worried about a 4chan-like future for every platform you like today, you are painfully optimistic. 4chan would be exempt from this law because it falls below the monthly user threshold, but a version of its scant rules (safe for work) would be difficult to enforce by Twitter or Facebook or Instagram for fear of lawsuits. A scorned user or the Texas Attorney General could make the case their post was removed or demoted from the website because of that user’s viewpoint. It sounds ridiculous because it is.

This seems like the kind of law that, barring action from the U.S. Supreme Court, will fundamentally change the way the internet works for the worse.

Update: More from Masnick on September 23:

Anyway, it’s possible this means that Wikipedia can no longer stop people from adding more and more content (true or not) to Judge Andy Oldham’s profile, because having users take it down would potentially violate the law (but don’t do that: vandalizing Wikipedia is always bad, even if you’re trying to make a point).

The entire law is based on the idea that all moderation takes place by the company itself, and not by users.

Masnick also sees potential issues with Reddit and the job board Indeed.

The Follower

Dries Depoorter:

How does this work?

  • Recorded a selection of open cameras for weeks.

  • Scraped all Instagram photos tagged with the locations of the open cameras.

  • Software compares the Instagram with the recorded footage.

Smart surveillance art. The video of this project was removed from YouTube because of a nonsense copyright claim by EarthCam, even though Depoorter’s work is derivative and clearly of artistic merit.

The discussion on Twitter is unfortunately focused on the risks that Depoorter’s work would somehow be duplicated by governments or is more intrusive than the existing surveillance state. I disagree. It sure seems creepier than its elements suggest. The webcams are all public and in public places, and the Instagram photos are all public and location tagged. Tying these things together is a good illustration of how individual pieces of data are irrelevant, but collectively powerful.

Like Kyle McDonald reflected on the ten-year anniversary of his “People Staring at Computers” project, I think the time for shocking people with privacy-violations-as-art is drawing to a close. Merely showing the invasions we are routinely subjected to is no longer enough. It must be framed more carefully and respectfully. I think Depoorter’s work generally considers these factors, but I wish there were another layer to explore.

Because Design Professionals Need Fewer Software Choices and Less Competition, Adobe Will Acquire Figma

Adobe:

Today, Adobe announced it has entered into a definitive merger agreement to acquire Figma, a leading web-first collaborative design platform, for approximately $20 billion in cash and stock. The combination of Adobe and Figma will usher in a new era of collaborative creativity.

Why am I reminded of Adobe’s 2005 acquisition of Macromedia? In the decade after, Adobe shored up its dominance in the creative software industry. There have been some apparent benefits, like a more comprehensive and integrated suite, but I question whether a company is required to become a monolith to achieve that.

Enter Figma. I do not love the software; I much prefer a fully native Mac app like Sketch to Figma’s slower and multitasking-unfriendly web app. But everyone has different preferences and I get its appeal, especially since it is cross-platform. Its growth created real competition to Adobe’s products for the first time in a while because it is focused on vector editing tools for digital applications. Web and application designers loved it. It was certainly a better option than trying to design user interfaces in Photoshop or Illustrator, and it pushed Adobe to try to compete by building XD.

That was a good thing, too. If you just look at feature checklists, you could argue Adobe still innovated in its post-Macromedia years. But most any user of the company’s products can tell you the reality: Adobe Creative Cloud is a suite of bug-infested, unreliable, bloated, and slow software that makes being a designer uniquely frustrating, and it is downright embarrassing how few choices we have for tools in this industry. While I have already mentioned most of the big vector editor and UI builder choices, there are a couple of non-Adobe options for raster editing, like Acorn and Pixelmator; Affinity makes a comprehensive suite of tools, too.

This industry still, by and large, relies on Adobe’s products. Now that it has eliminated a distracting competitor, it can get back to doing what it is best at: making its customers’ jobs harder through less dependable software.

What Is in a Name?

The headline of Alison Johnson’s otherwise informative review of the iPhone 14, for the Verge, caught my eye this morning:

Apple iPhone 14 review: meet the iPhone 13S

Johnson nearly repeated that line in the video version of the review, asking why Apple would even “call it a 14 when you could just call it a 13S?”

This sentence illustrates a marketing and branding conundrum Apple faced since the third-ever iPhone: how does it communicate a new iPhone where everything except its physical design has been upgraded? Apple’s solution was to add an “S” suffix, resulting in the iPhone 3GS, and beginning a pattern that would carry it through 2017. The iPhone model of one year, sporting a new industrial design and usually modest technical updates, would be followed by an iPhone the next year sporting significant changes to its SoC and camera, and maybe a handful of other goodies. The iPhone 5S was the first with TouchID; the iPhone 6S was the first with 3D Touch, may it rest in peace; the iPhone XS was the first iPhone — though certainly not the first phone — to feature dual SIM support.

But the S-model phones have always received a pretty lukewarm reception by the tech press, perhaps because their updates are solely about what is inside the phone. There is little to nothing for a reviewer to write about how the phone looks or feels; it looks and feels the same. It also has the same name but for the suffix which can make it seem like a more subtle update than it really is.

Apple knew this ever since it began that naming scheme, but stuck with it. After a brief flirtation with dropping its use in the iPhone 8, the iPhone XS was the last of the S-model flagship phones. Apple simply increments the number for each successive model, and puts on any number of its new favourite descriptors — “Plus”, “Pro”, “Max” — to describe its size and class.

The reason I wanted to write about this is because the iPhone 14 does not follow this pattern at all. Its branding is actually quite strange. Like an S-model, it lacks a new industrial design; unlike an S-model, it also lacks the technical upgrades that line was known for. As Johnson writes in her review, it carries basically the same SoC, the same display, and most of the same internals. Its camera upgrades are more substantial for a non-Pro iPhone model but, like the iPhone 13, are really hand-me-downs from the previous year’s Pro line. The biggest changes are the edge-case technologies it shares with the iPhone 14 Pro and newest Apple Watch models: car crash detection and emergency satellite connectivity. Are those things worthy of the “S” nomenclature?

The whole iPhone lineup clearly has more delineation now than it used to. Where Apple once sold a flagship model — and later in two different sizes — and then those from the two previous years at lower price points, it has since added to that at the bottom end with the iPhone SE and at the top end with the Pro line. That means the plain “iPhone” released every year is not packed full of the latest ideas and technology. Some of those things — increasingly more of those things — are only done on the Pro line.

All of this is to say that the iPhone line has become a little more complicated and Apple’s strategy is less straightforward than it used to be. When the iPhone 12 and 12 Pro brought back the slab-sided industrial design language last seen on the iPhone 5S, they were common in every way except their material and camera system — and, even then, only the Pro Max actually received notably different cameras. The 13 and 13 Pro mostly carried that physical design but updated the internals — more like an S-year iPhone. This year’s models are not like that at all. They are both named “iPhone 14”, but are radically different from each other. Their displays are different, their camera systems are different, their SoCs are different, and the enhancements to each are very different. Neither set of phones really fits into the historic mould of either an S-model or an all-new product number. You could make a case for the cutout display of the Pro to be either of those things, I think, but the regular iPhone 14 is just a new iPhone.

That is totally okay with me. This is not a “good” or “bad” thing; it is barely even newsworthy. But these branding choices and the way Apple positions its iPhone lineup are a curiosity. Apple is often very deliberate in the way it names stuff, often choosing to give something an Apple-y name to call specific attention to it. The cutout display of the iPhone 14 Pro is called the “Dynamic Island” because it is part of the phone’s user interface. Apple can sometimes stray into innovation speak that disguises rather than illuminates a choice it made. You could make a case for that with the iPhone 14 which, on paper, has fewer differences from its predecessor than it has similarities. I do not think this is bad, per se; most people do not get a new phone every year, and that is likely even more true for those shopping the non-Pro line.

What is in a name? The iPhone 14 is not a radically new device on the outside, and it is not that different on the inside either. The iPhone 14 Pro is more obviously differentiated from its predecessor. Neither one advertises its newness as loudly as new number iPhones were several years ago, nor as quietly radical as the S-year products were. Apple has simplified its naming, but the iPhone lineup is more complicated than ever in its details.

What3Words Is a Mess

The promise of What3Words is appealing. Sometimes, you need to reference a location, but you might not know the address or it may not have one. GPS coordinates are precise, but long strings of numbers are cumbersome to read aloud. Would it not be great if you could just read three English-language words to someone, like an emergency operator? I thought so.

But I stumbled across this amazing catalogue of how What3Words is insufficient for emergency use. This comes by way of a Twitter thread where the queue to see Queen Elizabeth’s coffin has apparently stretched as far away as North Carolina and California.

The website documents the kind of problems which, in hindsight, are pretty obvious for a location service built around English-language words. There are homophones that point to wildly different locations — a big problem if you are reading a location over a phone or radio. There are issues with text-based modes, too, like a subtle spelling change in a text message, perhaps a result of an automatic correction, pointing emergency services to a different place. Plurals are a problem in either application.

Google Pays ‘Enormous’ Sums to Maintain Its Search Engine Dominance

Leah Nylen, Bloomberg:

DOJ attorney Kenneth Dintzer didn’t disclose how much Google spends to be the default search engine on most browsers and all US mobile phones, but described the payments as “enormous numbers.” 

“Google invests billions in defaults, knowing people won’t change them,” Dintzer told Judge Amit Mehta during a hearing in Washington that marked the first major face-off in the case and drew top DOJ antitrust officials and Nebraska’s attorney general among the spectators. “They are buying default exclusivity because defaults matter a lot.”

Google is rumoured to pay Apple $15 billion per year to be the default search engine across its devices, including in Siri, representing over thirty percent of the profit Apple books as “Services”. I am not one to doubt Google’s research — it must get a decent return to keep paying that sum — but, anecdotally, even though I switched my browsers to use DuckDuckGo, I still find myself using Google for at least a third of my web searches. No matter how the quality of Google’s results seems to have declined, I find its results are often more relevant, closer to the source, and more complete than those from DuckDuckGo.

Nylen on Twitter:

The other one: you may recall how in 2012 Apple (infamously) changed the default on its map from Google Maps to Apple Maps. There was resulting outrage, Apple CEO Tim Cook apologized etc. but Apple never changed it back.

DOJ said that the majority of iPhone users may have grumbled but didn’t switch their map default back to Google.

Fast forward to 2016, Google did an internal analysis: if Apple were to switch away from Google as the default search engine on iPhone, how much revenue would that cost Google? According to DOJ, a significant amount (presented to the judge but redacted for the rest of us)

I am just guessing here, but one reason users may not have switched their iPhone’s default maps app to Google is because they cannot — as in, it is not possible to force all location and wayfinding behaviours to use Google Maps instead of Apple Maps. If given the option, I imagine many users would prefer Google Maps. Apple began allowing users to change their default web browser and email app with iOS 14 in 2020; two years later, Apple has not extended that capability to new categories of apps.

Again, I am sure Google has done the research and found its search engine would find declining use from the apparently valuable iPhone demographic. Still, I have to imagine the internet would be littered with tutorials for changing Safari’s search engine back to Google if Apple severed its agreement and made Yahoo or Bing the default. This case is interesting because Google really does seem to maintain dominance through exclusivity agreements like these, but it is also still the best general knowledge search engine for most people.

Apple Releases iOS 16

Apple is, I think, rightly proud of the new Lock Screen options, which is a little funny because the best part of this update is how much it permits users to customize for themselves.

Federico Viticci in his usual longform review:

To be fair, we’ve always been able to customize the Lock Screen, even in the very early days of the iPhone and iPhone OS 1.0.

The customization we have in iOS 16 includes wallpapers – and in fact goes above and beyond anything Apple ever offered for wallpapers on iOS – but that’s only one component of a larger system. A good way to think about it is the following: customizing the Lock Screen is now very similar to customizing your watch face on the Apple Watch.

Apple insists on calling different Lock Screen variants a “Wallpaper Pair”. If you add a widget to your current Lock Screen, it will ask whether you want to “set [it] as a Wallpaper Pair”, which never feels normal no matter how often I have seen it the past few months.

Speaking of widgets, there are some baffling limitations. The widget row below the clock can best be thought of as four cells, and widgets for it can be one or two cells wide. But a widget two cells wide must live in the first two cells; a user cannot place a one-cell widget to the left of a two-cell widget.

That said, this is a phenomenal update. My iPhone feels more like my own iPhone, not just any one of a billion. I can finally launch the camera app I actually use from the Lock Screen. There are many smaller changes in iOS 16 that are worth this update — and many that I find questionable, like the new scrubber bars, and the many widths of Lock Screen elements — but these customization options are an impressive achievement. They allow more individual personality without losing a sense of iOS-iness.

At Code, TikTok Unites Primarily American Tech Factions Against It

Ina Fried, Axios:

While TikTok had no official presence at the Code Conference, the Chinese-owned firm was the talk of the annual gathering of tech world notables this week — serving as the foil of choice for a parade of tech executives, pundits and even some government officials.

[…]

[Scott] Galloway, who took every chance to call out the dangers of TikTok, was the sharpest critic in calling for it to be banned, but others were happy to join in.

Galloway repeated that demand on “Real Time with Bill Maher”. In fairness to Galloway, his disagreement with TikTok’s practices is not unique. He has repeatedly treated Facebook with disdain and dislikes surveillance advertising. But his claims about the control impressed by TikTok is on another level.

Taylor Lorenz on Twitter [sic]:

“Tiktok is flooding our children with Chinese propaganda all day” mf have u been on tiktok like once ever please stop. And before ppl come and twist my words, I’m not saying tiktok is “good” just that there’s no evidence of what he’s constantly alleging

Karl Bode, Techdirt:

As we’ve noted several times, you could ban TikTok tomorrow with a giant patriotic hammer and the Chinese government could nab all the same U.S. consumer data from just an absolute parade of companies and dodgy data brokers. And they can do that because U.S. privacy and security standards have been a trash fire for decades, especially when it comes to things like sensitive user location data.

And they’ve been a trash fire for decades because most of the same folks crying about TikTok prioritized making money over consumer privacy standards. None of these folks, nor the operators of conferences like Code, seem particularly keyed in to any of this.

I am certain some people are truly concerned about an internet where an autocratic state has an increased presence. I get it. I do not think everyone with these worries is xenophobic. I also do not believe an American-dominated internet is a universally acceptable variant. But it is the status quo, and a lot of the world’s private data is held by U.S. companies with few regulations and little oversight.

It would be worrisome for TikTok fears to be used as an excuse against U.S. privacy regulations on competition grounds. Unfortunately, that is the case being made by advocacy firms working on behalf of big American technology companies.

Instagram Users Are Avoiding Reels

Salvador Rodriguez, Meghan Bobrowsky, and Jeff Horwitz, Wall Street Journal:

Instagram users cumulatively are spending 17.6 million hours a day watching Reels, less than one-tenth of the 197.8 million hours TikTok users spend each day on that platform, according to a document reviewed by The Wall Street Journal that summarizes internal Meta research.

The document, titled “Creators x Reels State of the Union 2022,” was published internally in August. It said that Reels engagement had been falling — down 13.6% over the previous four weeks — and that “most Reels users have no engagement whatsoever.”

This is particularly impressive as Reels are being pushed into all parts of Instagram, making them almost impossible to ignore. Brutal.

Meta is a scatter-brained company. Its few near-term ideas are alienating users, and the long-term prospects of its virtual reality projects are not compelling. Maybe I am wrong. Maybe Instagram simply looks like it is frantically chasing TikTok’s clout, and its parent company actually has really great plans for a virtual world which even the most Facebook averse person will want to explore. Maybe what looks like its blunder years will actually prove to be a decade of growth and reinvention.

Or maybe all of this is just as it seems: Meta’s best products are the things it can easily duplicate or acquire, and the well is dry.

Wikipedia’s Secret Sauce

Dan Lewis, Now I Know:

A few minutes after my son made this observation, I noticed this thread on Twitter (from the fantastic “Depths of Wikipedia” account) that also marveled about how quickly Wikipedia’s editors updated the page. But unlike my son, the author of that thread also detailed how it happened. It’s a really interesting read in its own right, and you should probably spend a few minutes going through it. But I want to point out one thing she said, because it resonated with me: “A six-membered task force called WikiProject London Bridge cropped up to maintain the following articles. [A] reminder that everyone is doing this for free. They just think it’s fun and important.”

“They just think it’s fun and important.”

This “secret sauce”, as Lewis puts it, is Wikipedia’s blessing and curse. There are the half-dozen significant contributors who volunteered to make all these changes as quickly as possible because they just decided to. But the editors on Wikipedia do not reflect a generalized and fulsome view of the world. Its articles about computer science and mathematics are comprehensive, but articles about Indigenous communities in Canada, for example, are often not. Wikipedia is the sum of the biases of its user base. As impressive as it is for so many pages to be updated so quickly following Queen Elizabeth’s death — and it is very impressive — is is also reflective of editors’ interests and geography.

Queen Elizabeth’s Death

Elamin Abdelmahmoud, Buzzfeed News:

But what the sarcastic posters miss is mourners’ heartfelt connection to a figure who has managed to remain relevant and central to public life for seven decades. The Queen was a continuously visible figure during many major world events, and people’s relationship to her was personal. She transcended the royal family and even transcended the monarchy itselfshe became the fixation. It’s why, perhaps, she was more popular than ever this year, even as the institution was in turmoil. The rifts in the family have become the primary story of the royals, especially in the wake of Prince Harry and Meghan, Duchess of Sussex, publicly breaking from the monarchy. The Queen was the last vestige of royal stability, and the future of the firm now seems unknown.

This rather terrific piece of writing is the closest representation I have found for my own feelings.

Modular Smartphone Dreams and Practical Compromises

Brian X. Chen, New York Times:

What would a smartphone look like if it could last for 10 years?

It’s a question that most of us have not had the luxury of pondering. That’s because many smartphones are designed to be replaced every two or three years. And Apple, Samsung and other handset makers unveil new models — along with big marketing campaigns — each year, encouraging us to upgrade.

It has become something of a September tradition for Chen to publish an article, tied to the launch of new iPhones, questioning whether people should really buy the latest smartphone models. “You can always just use flash”, the “most incremental update ever”, and so on.

But this seems like a genuinely good question worth pondering — what if smartphones were designed in a more modular fashion?

If a smartphone were designed to last a decade, it would probably be made so that we could simply open it up to replace a part like a depleted battery or a cracked screen. Many of its components would be able to be upgraded — if you wanted a better camera, you could just swap out the old one for a newer, more powerful one. You could also download software updates from the phone’s maker indefinitely.

Chen acknowledges smartphone makers get partway to this imagined decade lifespan by providing software updates for several years — five, in the case of an iPhone. But he was not impressed by how difficult he found his iPhone self-repair process:

When I took the Apple device apart during a previous test, it involved removing the proprietary screws with a special screwdriver and melting the glue that held the case together. To remove the battery, I had to use tweezers to yank on the tiny strips of glue underneath it. Even though I eventually succeeded in replacing the battery, I broke the iPhone’s screen in the process — and a replacement display cost about $300.

What Chen does not say here is that he broke the display because he did not follow the repair instructions by failing to remove screws securing the display to the case. His complaint about the adhesive on the edges of the display also rings hollow because it creates a seal against water and dust, rated to IP-68.

For contrast, Chen holds up the Fairphone 4, which comes with a screwdriver to encourage self-repair. The Fairphone company also sells spare parts. This is where the article begins to fall apart.

Remember how Chen fantasized about a way to upgrade just the camera module, for example, to a newer and better component without having to change the entire phone? Even the Fairphone does not support such an arrangement. A rear camera assembly for the Fairphone 4 is incompatible with the company’s previous three models. It is the same story for the front-facing camera, display, and all the rest of the parts the company sells.

Fairphone did release an updated Fairphone 2 camera module permitting owners of that device to get a better camera without changing their entire device. But that was shipped less than two years after the Fairphone 2’s release and I cannot find a more recent example of the company doing something similar.

That makes sense. Technology products are increasingly designed as singular units instead of collections of discrete components. Apple has arguably been a trendsetter, but most others have followed. And I am not a knee-jerk defender of this practice; I like my AirPods but I think it is ridiculous to trash perfectly good speakers and audio components because the battery no longer holds a charge. I care about this stuff too.

But the idea of making a shell into which a mix-and-match arrangement of components can be placed is a throwback to an era of tower PCs and driver incompatibilities. The apparent delight of this modular fantasy is belied by the multiple failed attempts at making it reality: remember Phonebloks, Project Ara, the Essential, and Moto Mods?

I would not go so far as to predict there will never be a successful modular phone. But there are real compromises to that approach. Remember how the gasket on Chen’s iPhone 12 was rated to IP-68, which means it can be fullly immersion in water? The Fairphone 4 is only rated to IP-54, allowing it to be splashed by water but not immersed in it. The easier repairability of the Fairphone seems to come at a cost to durability. I think that is a fine trade-off to make, but I do not think it is fair to directly compare the repair experience for each without mentioning this compromise. These measures seemingly necessary for waterproofing are not evidence of a deliberate effort to create products that, in Chen’s words, “become harder to repair and adding features that hasten obsolescence”.

I do not think Chen truly answered the kinds of questions he posed at the beginning of this Times story. What if smartphones lasted a decade? What if, indeed. I think most of us would love if we could just swap out the parts that failed, get ourselves a better camera every year without changing anything else, and hang onto the same well-weathered shell for ten full years. But it is worth pondering why this has not yet been done with a meaningful level of success, and I do not think it can be blamed solely on capitalist incentives.

The Steve Jobs Archive

Alex Heath, in the Verge’s liveblog coverage of Code yesterday, where Tim Cook, Laurene Powell Jobs, and Jony Ive were interviewed by Kara Swisher:

Here is some news: Laurene says that they’ve been working with an archivist to establish the Steve Jobs Archive, a collection of artifacts about him. Says it’s “really rooted in ideas” and human-centered design.

Laurene says a “very brilliant,” unnamed documentarian has been interviewing hundreds of people who knew Steve for what sounds like a documentary that is coming out.

John Voorhees, MacStories:

The simple, chronologically organized website features quotes and other materials from Jobs’ life, including some that have never been published before. There are written materials, like an email message Jobs sent to himself reflecting on his respect for humanity, along with audio and video clips.

On the website, an email from Jobs to himself:

I did not invent the transistor, the microprocessor, object oriented programming, or most of the technology I work with.

I love and admire my species, living and dead, and am totally dependent on them for my life and well being.

It appears Ive’s LoveFrom agency is working with the Jobs family on this archive. The serif typeface used for the logo and some of the body text is “LoveFromSJA”.

You Can Get an OLED iPhone for $600

Juli Clover, MacRumors:

With the launch of the iPhone 14 and iPhone 14 Pro, Apple has discontinued some older iPhones that were available as low-cost options. Apple is no longer selling the iPhone 11, and the iPhone 12 mini has also been discontinued. The iPhone 13 mini remains in the lineup for those who want a smaller iPhone.

For people who do not demand the latest and greatest, this may be the best news from today’s announcements. The iPhone 12 is just $600, and so is the iPhone 13 Mini. The Mini is an even better deal than you might think because it includes 128 GB of storage at that price compared to the iPhone 12’s 64 GB.

If you are hoping for the next iPhone SE to be a Mini-sized iPhone, the relatively modest $120 price difference between a 128 GB third-generation iPhone SE and equivalent-capacity iPhone 13 Mini makes that idea more credible. But I still think it is more likely the next iPhone SE is, more-or-less, an iPhone 11.

Second-Generation AirPods Pro

Certainly not the biggest announcement today next to the flagship products, but the second-generation AirPods Pro do look like a solid update. Contrary to rumours, it does not appear they will support lossless playback, though perhaps the new H2 chip is hiding some secrets to be revealed later.

The headphones also do not have replaceable batteries. I get it, but it is still a bummer that a $250 set of headphones has a more-or-less fixed lifespan based on its most consumable component.

Apple’s Dynamic Island

Amanda Silberling, TechCrunch:

That awkward cutout is a still-awkward, pill-shaped cut-out at the top of the iPhone 14 Pro screen. But now, the notch actually serves a dual purpose. In this new design, Apple dubs the cut-out/notch a “dynamic island.”

As Gavin Nelson says, this is a great example of working with a constraint rather than ignoring it. It is a smart, effective way to use the area around and between the cutouts.

Interestingly, until just before WWDC, the Human Interface Guidelines read:

Don’t mask or call special attention to key display features. Don’t attempt to hide a device’s rounded corners, sensor housing, or indicator for accessing the Home screen by placing black bars at the top and bottom of the screen. Don’t use visual adornments like brackets, bezels, shapes, or instructional text to call special attention to these areas, either.

Apple’s advice to developers was to, in effect, simply ignore the notch and pretend it does not exist. But then WWDC this year brought a brand new HIG and, while we were all distracted by its redesign, Apple subtly updated its layout guidance to remove restrictions on how to deal with sensor housings. Now, Apple simply advises designers and developers to “[r]espect key display and system features in each platform” by following its recommended safe areas.

Most Pantone Libraries Are Being Removed from Adobe Creative Cloud Apps

Adobe last month:

Standardized pre-loaded Color libraries, also known as Pantone Color books, will be phased out of Illustrator, InDesign, and Photoshop in software updates released after August 16, 2022.

After November 2022, the only Pantone Color books that will remain are:

  • Pantone + CYMK Coated

  • Pantone + CYMK Uncoated

  • Pantone + Metallic Coated

This change was supposed to happen in March, but I only saw the notice when I opened Illustrator today. Existing files will apparently be unaffected unless spot channels are used. Designers who rely on Pantone will be required to purchase a separate license at $60 per year. No word on whether Adobe will drop its subscriptions by an equivalent amount to compensate.

A classy move, completely in character for both companies, to reach into users’ machines and remove stuff they had paid for and may rely on because of some licensing spat.

Cloudflare Denies Business to Organized Griefing and Targeted Harrassment Website Kiwi Farms

The topics of this story unfortunately but necessarily include targeted harassment and suicide.

Ben Collins and Kat Tenbarge, reporting for NBC News on Friday this week:

Kiwi Farms is an internet message board known for being an epicenter of vicious, anti-trans harassment campaigns. It has operated for nearly a decade with the backing of some tech companies that refuse to drop services for it. But now, as the site’s users launch a wave of anti-trans attacks, a trans Twitch streamer targeted by Kiwi Farms is spearheading an unprecedented campaign to take down the fringe website.

Clara Sorrenti and those supporting her are hoping to open up Kiwi Farms to debilitating virtual attacks by demanding Cloudflare, one of its internet security service vendors, drop the site. Cloudflare has so far refused to budge.

Matthew Prince and Alissa Starzak of Cloudflare on Wednesday:

Some argue that we should terminate these services to content we find reprehensible so that others can launch attacks to knock it offline. That is the equivalent argument in the physical world that the fire department shouldn’t respond to fires in the homes of people who do not possess sufficient moral character. Both in the physical world and online, that is a dangerous precedent, and one that is over the long term most likely to disproportionately harm vulnerable and marginalized communities.

Today, more than 20 percent of the web uses Cloudflare’s security services. When considering our policies we need to be mindful of the impact we have and precedent we set for the Internet as a whole. Terminating security services for content that our team personally feels is disgusting and immoral would be the popular choice. But, in the long term, such choices make it more difficult to protect content that supports oppressed and marginalized voices against attacks.

Alex Stamos in a Twitter thread posted early Saturday critical of Cloudflare’s stance:

Cloudflare is not just a shield standing in front of KF, stopping attacks. Cloudflare reaches out to the KF origin host, likely* at a RU bulletproof hosting provider, and makes thousands of copies of the site that are then stored physically (in RAM) very close to end users.

*Another benefit Cloudflare provides KF is anonymization of the origin host, so while the blog post talks about hosting as the appropriate place to enforce more aggressive content moderation the practical impact is that CF makes hosting in non-responsive providers practical.

Prince announced the discontinuation of Cloudflare’s provision of security services to Kiwi Farms later on Saturday:

This is an extraordinary decision for us to make and, given Cloudflare’s role as an Internet infrastructure provider, a dangerous one that we are not comfortable with. However, the rhetoric on the Kiwifarms site and specific, targeted threats have escalated over the last 48 hours to the point that we believe there is an unprecedented emergency and immediate threat to human life unlike we have previously seen from Kiwifarms or any other customer before.

It is unclear to me what threats, specifically, prompted Cloudflare to reverse its de facto support of Kiwi Farms’ worldwide availability. As usual for forums, there are many discussion areas, but its user base has long treated it as a platform for organizing targeted attacks, often focusing on marginalized and vulnerable people. Campaigns on the website have been a factor in the suicides of three people.

I do not understand why Cloudflare is making this out to be more complicated than it actually is. The question has always been pretty simple: does Cloudflare want to have a business relationship with Kiwi Farms? That is it. It is not a slippery slope. The demands for Cloudflare to act are not coming from a government; it is a public campaign focusing on those most affected by large-scale harassment organized on Kiwi Farms. But Prince is spinning this into a debate about free speech and whether it is right for the company to be making a decision about what to defend online.

The idea that Cloudflare is being the good guy and taking the heat of DDoS attacks against legitimate if abhorrent speech is, frankly, hogwash. The justification Prince laid out in the Wednesday Cloudflare post is, I think, an elaborate framework that disguises simpler questions.

Cloudflare should absolutely be standing up for oppressed people the world over — and it frequently does. If a civil rights activist is relying on its services for preventing an attack by those in greater positions of power, I celebrate Cloudflare’s efforts. But Kiwi Farms is objectively not that. It is a small but committed gathering of people who are dedicated to making the lives worse of already marginalized people. That Prince would rather people discuss their differences rather than DDoS websites like Kiwi Farms is a red herring — and, frankly, an offensive one at that. Without Cloudflare’s protection, Kiwi Farms may become more susceptible to electronic attacks, though there are several service providers Kiwi Farms could choose from. With Cloudflare’s protection, Kiwi Farms’ targets face real-life targeted attacks on their person.

It is painfully difficult to keep anything truly disconnected from the internet. Even if every commercial hosting provider has denied someone service, they could still build their own server and be their own host. Cloudflare’s decision does not mean the end of Kiwi Farms just as — as Prince points out — hate sites like the Daily Stormer and 8kun still exist after Cloudflare’s discontinuation of service to each of them. But there is no reason to legitimize these sites by treating a business relationship as a civil rights issue. Maybe you think the continued availability of these websites really is an issue of free speech; I disagree, but I see where that argument comes from. But Cloudflare does not have to help these websites succeed. Nobody has that obligation.

Moderation Standards on Google Play and Apple’s App Store

Helen Costner, Reuters:

Former U.S. President Donald Trump’s social media platform Truth Social has not yet been approved for distribution on Alphabet Inc’s Google Play Store due to insufficient content moderation, according to a Google spokesperson on Tuesday.

Sara Fischer, Axios:

A year and a half after it was removed from Google’s Play Store, Parler, a Twitter alternative that attracts conservatives, has returned to the showcase for Android apps.

[…]

The app is being reinstated in response to a slew of measures Parler has taken to moderate the content on its app, including allowing users to block and report other users and actively monitoring content for things like violent speech.

Truth Social has been available on the App Store in the U.S. since at least February which, according to the version history log, was its first release. It is not available in any other country. As Fischer reports, Apple removed Parler following the insurrection on January 6 2021, but it was allowed to return to the store in April the same year. It is curious to me that both of these apps have faced a harder time getting into Google’s marketplace than Apple’s, given the reputation of both companies. I doubt Google is really holding these apps to a higher standard; its policies for social networks are similar to Apple’s.