I don’t think anyone does WatchOS reviews as well as Matt Birchler, and this year’s is no exception. I’ve been running the beta all summer, because I am a demonstrably stupid person, and I learned a few of the more hidden updates to WatchOS in Birchler’s review. For example, the Siri watch face now supports automatic sports alerts:
This is kind of a weird one, but I’m happy to see cards about my favorite sports teams appear on the Siri watch face. It’s weird because your favorite teams are set up in the…TV app. You’d think this might be in the main settings app or something, but yeah, any teams you have set as favorites in the TV app will show on your Siri watch face when they have games going on.
So, to recap: Apple’s house-brand TV shows are available in Apple Music, and Apple Watch alerts for sports are set up in the TV app on your iPhone.
My favourite new feature in WatchOS 5 is probably automatic workout detection. Birchler:
Usually it just takes a few minutes of working out for it to notice that you’re doing something and present the notification. The good news is that it gives you credit for the entire workout, not just from when you confirm you are indeed working out. So when it asks you 5 minutes into a run if you are indeed in a workout, you get credit for the time, distance, and calories burned for those 5 minutes. It’s pretty slick.
The sensitivity of workout detection has been fine-tuned throughout different builds and I think Apple hit a sweet spot by the time WatchOS 5 shipped. Every so often, it doesn’t detect my twenty minute walk to or from work until I’m about halfway, but it doesn’t matter because it typically gives me credit for most of that journey. However, I’ve found it’s not always terrifically accurate at figuring out what kind of workout I’m doing: instead of an outdoor walk, it often thinks I’m running and, a couple of days ago, it thought I was using an elliptical machine.
Updating an Apple Watch is still a gigantic pain in the ass — though the overnight update mechanism, new in WatchOS 5, does help with that — but it’s totally worth it for this version of the software. If you haven’t updated yet, I strongly suggest you do. Apple is honing in on what the Watch is good at, and making it truly excel in those areas.
There aren’t many companies that would construct enormous scaled-up shells of a product to create custom videos specifically for it. Also, consider that each of these effects had to be created a second time with a different model, because these faces behave completely differently on pre-Series 4 watches. It looks like there’s an older-model Apple Watch rig at about twenty-five seconds into this video.
Dave Seglins, Rachel Houlihan, and Laura Clementson, CBC News:
In July, the news outlets sent a pair of reporters undercover to Ticket Summit 2018, a ticketing and live entertainment convention at Caesars Palace in Las Vegas.
Posing as scalpers and equipped with hidden cameras, the journalists were pitched on Ticketmaster’s professional reseller program.
Company representatives told them Ticketmaster’s resale division turns a blind eye to scalpers who use ticket-buying bots and fake identities to snatch up tickets and then resell them on the site for inflated prices. Those pricey resale tickets include extra fees for Ticketmaster.
“I have brokers that have literally a couple of hundred accounts,” one sales representative said. “It’s not something that we look at or report.”
Not only does Ticketmaster ignore scalpers’ tactics, this report reveals that the company effectively encourages them to exploit potential buyers with its TradeDesk software. The software’s description in the App Store indicates that it’s built for high-volume resellers, with features like bulk price adjustments and large-scale inventory management.
This is why Ticketmaster does such a terrible job at stopping automated purchases: the fee that they get from direct sales is large, but the commission they get from the reseller platforms that they own is extraordinary. Meanwhile, artists get none of the markup, their fans get bilked into paying obscene ticket prices, and Live Nation — Ticketmaster’s parent company — has a near-monopoly on large-scale tours, events, and venues. That’s not right.
Here’s a fascinating new report (PDF) by Rebecca Lewis. From its executive summary:
This report presents data from approximately 65 political influencers across 81 channels. This network is connected through a dense system of guest appearances, mixing content from a variety of ideologies. This cross-promotion of ideas forms a broader “reactionary” position: a general opposition to feminism, social justice, or left-wing politics.
When viewers engage with this content, it is framed as lighthearted, entertaining, rebellious, and fun. This fundamentally obscures the impact that issues have on vulnerable and underrepresented populations — the LGBTQ community, women, immigrants, and people of color. And in many ways, YouTube is built to incentivize this behavior. The platform needs to not only assess what channels say in their content, but also who they host and what their guests say. In a media environment consisting of networked influencers, YouTube must respond with policies that account for influence and amplification, as well as social networks.
When I was in elementary and junior high during the early days of the World Wide Web, I was reminded regularly not to trust poorly-sourced or single-sourced information I found on the web. The situation now is completely different: these videos feature ostensibly intelligent and well-sourced individuals interviewed in a slick style aping that of legitimate news shows.
Similarly, earlier this month, Chris Hayes started a short thread on Twitter about how a simple query about the Federal Reserve quickly leads YouTube viewers down a conspiratorial tunnel.
Many of the iPhone XS reviews I’ve read today have repeated effectively the same thing: it’s an “S” year; this is an incremental update; the big one is really big. Well, yeah.
But John Gruber has, as usual, the best review of the new iPhones — largely because of his explanation of why the new camera system is so different despite seemingly-identical tech specs. And, as a bonus, it includes new information:
[…] I checked, and Apple confirmed that the iPhone XS wide-angle sensor is in fact 32 percent larger. That the pixels on the sensor are deeper, too, is what allows this sensor to gather 50 percent more light. This exemplifies why more “megapixels” are not necessarily better. One way to make a sensor bigger is to add more pixels. But what Apple’s done here is use the same number — 12 megapixels — and make the pixels themselves bigger. 12 megapixels are plenty — what phone cameras need are bigger pixels.
I think what makes this 32 percent increase in sensor size hard to believe, especially combined with a slightly longer lens, is that by necessity, this combination means the sensor must be further away from the lens. This basic necessity of moving the lens further from the sensor (or film) is why DSLRs are so big compared to a phone. But the iPhone XS is exactly the same thickness as the iPhone X, including the camera bump. (Apple doesn’t publish the bump thickness but I measured with precision calipers.) So somehow Apple managed not only to put a 32 percent larger sensor in the iPhone XS wide-angle camera, but also moved the sensor deeper into the body of the phone, further from the lens.
You can see the results of the bigger sensor and better HDR performance in Rafael Zeier’s comparison between the iPhone X and iPhone XS. Judging by the reviews I’ve seen so far, it looks like the result of that is, in part, more detail in images, though I’m not sure how much of that can be attributed solely to the larger sensor and not it in combination with adjusted noise reduction. I bet you’ll get some killer RAW photos on this thing.
Many reviewers are advising readers to wait for the iPhone XR, coming next month. I totally get that — in part, because it’s much less expensive, but also because you’ll get nearly everything that the iPhone XS has. But one thing you won’t get is the telephoto camera. I’ve used that camera for probably half of the pictures I’ve taken on my iPhone X since I got it, and I don’t think I could go back to a single-camera phone. If I were upgrading this year, I’d go for the XS in a heartbeat — just because it has a telephoto camera. In fact, I’d be comfortable with a single-camera iPhone that only had an approximately 56mm-equivalent camera. But that’s just me.
Also, it looks like most, if not all, writers received gold review units. I’m not sure the saturated colour of the steel frame fits my taste, but the cream-coloured back is gorgeous.
With the move of Apple’s headquarters from the Infinite Loop campus to Apple Park, Steven Levy interviewed several current and former Apple employees — including high-ranking individuals like Tim Cook, Phil Schiller, Eddy Cue, and Scott Forstall — about their memories of Infinite Loop. This one’s pretty good:
[Tony Fadell]: When I arrived in 2001 [to lead the iPod project], it still felt like a campus that wasn’t filled. There were all these empty offices everywhere in every building. All of the furnishings and everything had not been updated since it opened.
Cook: It was an awful time. The stock crashed, it goes down by 60 to 70 percent. We get a call from Ted Waitt, founder of Gateway. He wants to talk about acquiring Apple. Steve and I went to a meeting with Waitt and their CEO, and it’s a different Steve. Very calm, listening to the comments they made, how they’d probably keep the Apple brand. I was sitting there feeling like my organs were being cut out. Then they said maybe they could come up with a role for Steve, and I’m thinking—he’s going to blow! He’s going to blow any minute! Then they start talking about price. And Steve looks at them—he could look at you with eyes that just penetrated your soul—and says, “Who do you think is worth more, Apple or Gateway?” The meeting lasted only two or three minutes more. And in a few weeks they had some accounting scandal, and their stock crashed.
It’s odd to reflect that many of the products that have defined Apple’s renaissance and Steve Jobs’ legacy were created at a campus that he had no part in designing and, according to this profile, he disliked. Now, Apple is based out of a campus that was his dream; yet, he’s not around to take advantage of it, or be a physical part of this chapter in the company’s legacy.
As has become a bit of a tradition around here, I have a review of iOS 12 coming; however, it won’t be out today. Turns out trying to find an apartment in Calgary right now is difficult and time consuming.
In the interim, please read Federico Viticci’s excellent deep dive into iOS 12. It’s far more detailed than mine will ever be and, as the iOS automation expert, he’s uniquely gifted in explaining this update’s improvements to Siri and the new Shortcuts app.
Sources familiar with the project said that prototypes of the search engine linked the search app on a user’s Android smartphone with their phone number. This means individual people’s searches could be easily tracked – and any user seeking out information banned by the government could potentially be at risk of interrogation or detention if security agencies were to obtain the search records from Google.
Sources familiar with Dragonfly said the search platform also appeared to have been tailored to replace weather and air pollution data with information provided directly by an unnamed source in Beijing. The Chinese government has a record of manipulating details about pollution in the country’s cities. One Google source said the company had built a system, integrated as part of Dragonfly, that was “essentially hardcoded to force their [Chinese-provided] data.” The source raised concerns that the Dragonfly search system would be providing false pollution data that downplayed the amount of toxins in the air.
If this reporting is correct, there’s simply no other way to cut this: Google is exploring a deeper entry into the Chinese market by agreeing to assist in that government’s oppression and misinformation. I wonder how Google will respond the first time a report is released that implicates them in the imprisonment of an activist or a journalist in China, especially as it’s completely incongruous with their publicly-stated positions. It’s not a perfect comparison, but do you remember how “outraged” they were after reporting in the Washington Post implied that the NSA had a backdoor into their infrastructure? They responded by increasing their use of encryption within their own network over time.
Instead of fighting government surveillance, Google is apparently trying to be of assistance, and they’re dragging their employees into this mess. How many Google employees want to have such a toxic product on their resume? Apparently, several staffers, including senior engineers, have decided that this is too much to bear, and have consequently quit.
China is, of course, an enormous potential market for Google. By not being there, they’re leaving potentially billions of dollars of revenue on the table. However, they would also not be complicit in human rights abuses. How much is that worth? For a company with strict values and some semblance of ethics and morals, it should be a no-brainer.
Anyway, I’m cleaning out my Keychain right now and it reminded me of this idea. I came across login items for websites I don’t visit any more, and accounts I created for a specific purpose long ago. But I also found my login details for websites that were a huge part of my online life for a long time and no longer exist, like dznr and FFFFOUND. I have real memories tied to many of these accounts — even tangible products, in some cases: I created a Club Monaco account to buy a pair of boots that I still wear, but I haven’t used the account since.
It’s striking how something as simple as a list of websites and user names can trigger a similar level of nostalgia as, for example, a photograph.
As someone who doesn’t value his cell phone as much as the next Apple nerd, the iPhone SE has been an important product for me because of its price. The iPhone SE kept me invested in the iOS ecosystem, and enabled me to purchase a Apple Watch without approaching the ~$700 iPhone ASP I normally attribute to laptop computers. Now that an updated iPhone SE is no longer an option, I am evaluating alternative cell phone platforms. I am sure I am not alone.
The smallest and cheapest iPhone that Apple now sells is the iPhone 7, which is a 4.7-inch device that fills out a typical pants pocket and starts at $449. But, as a two-year-old iPhone, it’s likely that it will support three more years’ worth of software updates (iOS 12 supports up to the five-year-old iPhone 5S). To be clear, that’s more than you can expect of practically any Android phone, but it’s also less than you might expect of an iPhone purchased today.
I’ve seen a lot of people on Twitter and across the web unhappy with the discontinuation of the iPhone SE. For a lot of people, it was a perfectly-sized device — the last one that many people could comfortably reach with their thumbs across the entire display without doing a little shimmy with their hand, and the last one with flattened sides that made it easier to hold for photos. The SE was a really good product, and it’s unfortunate that Apple has chosen to stop making it instead of releasing a successor. It’s one of the few bum notes from yesterday’s event, but it is perhaps the loudest.
If you were paying attention to rumour blogs prior to today’s event, you knew the names of the products announced today as well as what the iPhone XS and new Watch looked like. Those were not surprises; yet, even so, today’s event managed to pack in a lot of big news.
First up, the Apple Watch Series 4, with a bigger display, richer faces, and — amazingly — an FDA-certified electrocardiogram on the sapphire and ceramic back, which now appears on all models.
There are also a bunch of new faces that they say “react uniquely with the curved edges of the case”. This is curious to me because the Apple Watch HIG and the overall design of WatchOS has generally created the impression that there is no boundary around the display. For instance, the “honeycomb” home screen treats app icons almost like bubbles that float against a black backdrop and aren’t cut off. Or, recall the way Jony Ive described, in its introductory video, that “you can’t determine a boundary between the physical object and the software”. Much like the notch on the iPhone, it appears that they’re embracing the limitations of the hardware, which feels more honest to me.
I remember having an initially negative reaction to the Apple Watch when it was introduced. Now that I have owned the product for a few years and Apple has made radical improvements to the software, though, it’s one of my favourite personal technology things that I own, but neither the Series 2 nor the Series 3 compelled me to upgrade. Based on what I’ve seen so far, I’m sold on this new one. It is to the Apple Watch what the iPhone 4 is to the history of that product: a culmination of several years of learning, and leaving everything else in the dust.
Then there’s the iPhone XS and XS Max. Both are a substantial upgrade from the iPhone X, but — more importantly, as most people probably don’t upgrade every year — a huge leap from the iPhone 7 and 7 Plus: a faster processor, better Face ID, better displays, dual SIM capabilities, better battery life, and better camera processing. The Max model should satisfy those who are aching for an even bigger variant with features specific to it, like split views in some apps.
Finally, they launched the iPhone XR, which is a fascinating product once you get past Apple’s naming foibles. Apart from Apple employees, nobody is actually going to pronounce it “ten-arr”; likewise, most people are probably going to say “excess” rather than “ten-ess”. Also, it turns out that the “R” — and “S”, for that matter, in “iPhone XS” — is neither uppercase nor lowercase but, rather, small caps, because Apple’s marketing team apparently hates everyone who writes about their products. They will be “XS” and “XR” here.
The XR sits at the bottom end of Apple’s pricing range; but, at 6.1 inches diagonally, it’s in the middle of the 5.8-inch iPhone XS and 6.5-inch iPhone XS Max. Its display is an LCD at 326 pixels per inch — exactly the same pixel density as the iPhone 8, and with very similar technical specifications.1 However, its introduction means that Apple’s new iPhone lineup entirely follows the modern gesture-driven design language started by the iPhone X. Unlike the iPhone X and XS, it has some of the same software capabilities as iPhones with Plus- or, now, Max-sized displays, such as split screen in supported apps.
The iPhone XR also marks the first iPhone launched since the SE without 3D Touch. Instead, it has something they’re calling “Haptic Touch”, which appears to simply be haptic feedback triggered by long presses in certain 3D Touch-like contexts.2
I have complaints about that.
For a start, it’s confusing: there are maybe eight people on Earth who can adequately articulate the differences between Haptic Touch, 3D Touch, and Force Touch, which is still what Apple calls the display on the Apple Watch. In the keynote presentation, Phil Schiller compared it to the trackpad in the MacBook Pro, but that’s marketed as a Force Touch thing. I might be an idiot, but this is unfathomable.3
Second, it’s conceptually muddy. There seemed to be specific rules Apple was adhering to with their use of 3D Touch on past iPhones — it opens app menus on the home screen, for instance, or allows you to preview something in a list before opening it. But this indicates that there’s either no difference between a long press and a Force/3D/Haptic Touch press, or there’s no consistency in Apple’s application of it. If Apple doesn’t know what the standards should be, users can’t even begin to understand what they should be doing. I like 3D Touch a lot, but if Apple continues to be confused by their own technology after it has been on the market for three years, I don’t think they should keep it around.
Inside, it features the same A12 SoC as the iPhone XS and XS Max and has a similar wide angle camera, but it does not have a telephoto camera. Even so, it can apparently do the same Portrait Mode and three of the five Portrait Lighting effects.
Its body is made of aluminum, and it’s offered in six gorgeous colours. I’m looking forward to seeing these in person — the vibrant peach-like “Coral” colour, in particular, looks beautiful. I bet these will be hot sellers: they’re colourful, they have the gesture-driven design, and they start at $250 less than the XS. They don’t go on sale until next month, however.
There’s always a catch — in this case, there are three. This iPhone lineup no longer includes the headphone jack adaptor; all iPhones still come with a five-watt charger; and all iPhones still ship with only a USB-A cable instead of a USB-C cable. I don’t get it.
While many of the announcements today were revealed early, one surprise is that there was absolutely no mention of the AirPower. There’s nothing about it on the new iPhone marketing pages, and John Gruber tweeted that nobody at Apple is talking about it. Something clearly went deeply wrong in its development and Apple seems to have no idea when — or if — it will be launched.
Apple bills this display as a “Liquid Retina” display but, even after watching the keynote and reading all about it, I still have no idea what this means or what sets it apart. The only reason to give it a cool marketing name, that I can think of, is if it’s going to be used repeatedly. So, I expect to see references to a “Liquid Retina” display in upcoming iPad marketing materials as well. ↩︎
I also think we’ll see this “Haptic Touch” language used in new iPad marketing materials. ↩︎
Also, they call it “Haptic Touch” but it’s powered by the “Taptic Engine”. Gah. ↩︎
The European Parliament has just voted to back controversial proposals to reform online copyright — including supporting an extension to cover snippets of publishers content (Article 11), and to make platforms that hold significant amounts of content liable for copyright violations by their users (Article 13).
BEUC, the European Consumer Organisation, also denounced the result of the plenary vote, warning that if the plans MEPs backed today become EU law the “benefits of the Internet for consumers will be at risk”.
“It is beyond comprehension that time and again EU policy makers refuse to bring copyright law into the 21st century. Consumers nowadays express themselves by sampling, creating and mixing music, videos and pictures, then sharing their creations online. MEPs have decided to thwart this freedom of expression which is dangerous for creativity and innovation,” said Monique Goyens, director general of BEUC, in a statement.
I understand the impetus for stricter adherence to copyright law by forcing platforms to be responsible for users’ uploads, but it’s hard to see how rights-holders will actually benefit from these new laws. A smarter way to update copyright law for the internet wouldn’t look like a giant filter between users and platforms, nor would it charge a fee for merely linking to or citing news stories.
However, this legislation isn’t the law yet:
While the parliament has now agreed its position on the reform the process is not yet over. There will be trilogue negotiations with Member State representatives, via the European Council, and a final vote — likely early next year.
If you live in the E.U., please call or write your local representative and urge them to find a way to make these reforms — since they are likely to pass — less stupid.
While the old artist page design of Apple Music mixed albums, singles, EPs, live albums, and more under the same ‘Albums’ section, the new Apple Music features separate sections for different types of music releases. The new sections include singles and EPs, live albums, essential albums recommended by Apple Music editors, compilations, and appearances by an artist on other albums. As pictured above, Apple Music now also highlights an artist’s latest or upcoming release at the top of the page.
Separation between albums and other releases isn’t a new idea. Beats Music, the streaming service Apple acquired in 2014 and subsequently relaunched as Apple Music in 2015, featured separate views for albums, EPs, and compilations. Three years after its relaunch, it appears Apple has implemented most of Beats Music’s organization of artist releases, which was arguably one of the original service’s most useful and innovative functionalities.
There’s an interesting little side story regarding this news and the last three Nine Inch Nails releases. All three are about half an hour long but, while the first two are classified as EPs — as you might expect for five-track sets — the most recent, released in June, is listed as an LP. The reason for that, according to NIN frontman Trent Reznor, is because streaming services treat EPs as “lesser” albums. Beats Music, which Reznor was heavily involved in the design of, used to do that, but Apple Music didn’t until just recently.
And, strangely, all three recent NIN releases are classified as “Albums” in Apple Music; in Spotify, the two EPs are buried as “Singles”.
EPs are often just as important to an artist’s repertoire as LPs. While I think separating them can be beneficial from a categorization perspective, I would hate to see an artist’s recent release buried just because it’s listed as an EP.
I’d still like to see better grouping options for different editions of the same album: while Beats Music used to group explicit, remastered, and re-issued albums under a single sub-section, these versions aren’t grouped by Apple Music yet.
While we’re at it, I would love to be able to hide clean releases across Apple Music, and have Siri default to the explicit — read: canonical — version of any request.
This is a long profile by Evan Osnos in the New Yorker and, while it paints a well-researched vignette of Zuckerberg, it’s also confirmation of what you had already probably seen or expected. For example, it catalogues Facebook’s internal belief that if they launch a new feature that has negative reactions, users will eventually come around, even on issues of privacy — the withdrawal of Beacon being one notable exception where user feedback was actually listened to. And on the Alex Jones debacle:
Facebook relented, somewhat. On July 27th, it took down four of Jones’s videos and suspended him for a month. But public pressure did not let up. On August 5th, the dam broke after Apple, saying that the company “does not tolerate hate speech,” stopped distributing five podcasts associated with Jones. Facebook shut down four of Jones’s pages for “repeatedly” violating rules against hate speech and bullying. I asked Zuckerberg why Facebook had wavered in its handling of the situation. He was prickly about the suggestion: “I don’t believe that it is the right thing to ban a person for saying something that is factually incorrect.”
Jones seemed a lot more than factually incorrect, I said.
“O.K., but I think the facts here are pretty clear,” he said, homing in. “The initial questions were around misinformation.” He added, “We don’t take it down and ban people unless it’s directly inciting violence.” He told me that, after Jones was reduced, more complaints about him flooded in, alerting Facebook to older posts, and that the company was debating what to do when Apple announced its ban. Zuckerberg said, “When they moved, it was, like, O.K., we shouldn’t just be sitting on this content and these enforcement decisions. We should move on what we know violates the policy. We need to make a decision now.”
This confirms reporting by Charlie Warzel and Dylan Byers that Apple’s decision was the impetus for Facebook, among other companies, to make a move. Last week, Apple also banned Jones’ company from the App Store. “De-platforming” — as it is known — works, and it’s a decision that Apple, Facebook, and other companies should have made a long time ago.
This irks me:
For many years, Zuckerberg ended Facebook meetings with the half-joking exhortation “Domination!” Although he eventually stopped doing this (in European legal systems, “dominance” refers to corporate monopoly), his discomfort with losing is undimmed. A few years ago, he played Scrabble on a corporate jet with a friend’s daughter, who was in high school at the time. She won. Before they played a second game, he wrote a simple computer program that would look up his letters in the dictionary so that he could choose from all possible words. Zuckerberg’s program had a narrow lead when the flight landed. The girl told me, “During the game in which I was playing the program, everyone around us was taking sides: Team Human and Team Machine.”
I’m a hundred percent sure this was done in good fun. Nevertheless, it reminds me of something that has been rattling around in my head for a while. I’m a competitive person and I want to win at board games; but, I also want to have fun. I like playing with people who also make an effort to win, because it challenges me. Even when I know I’m going to lose, I still have a great time. But I dislike playing with people who need to win. They’re the kind of people who deliberately block all your routes in Ticket to Ride, or buy up one of every property colour in Monopoly. It’s not wrong to do those things, but it doesn’t actually make the game any good. People who have a problem with losing or being wrong sometimes are, generally speaking, destructive assholes.
The New Yorker can spill thousands of words probing Zuckerberg’s psyche and speaking to colleagues about how he’s growing in his unprecedented role of social media Pope to 2.2 billion users, but it’s still the same Zuckerberg who would apparently rather think about scaling and “community” than real-world consequences his company might be involved in.
Facebook has been aware of its role in violence and ethnic cleansing in Myanmar since at least 2014. It entered a market that it knew little about, where traditional media to inform the public was extremely limited, and found that it had built the perfect weapon for organizing mob violence and propaganda. We’ve seen similar situations in Sri Lanka, Libya, the Philippines, and India. One Sri Lankan official characterized the situation to the New York Times, “The germs are ours, but Facebook is the wind.”
But Zuckerberg keeps repeating the same talking points about being “slow” to recognize the problem and how it’s going to take time to fix it. He told the New Yorker that he plans to have 100 people working on translating and moderation in Myanmar by the end of the year. The fact that a company can connect 2 billion people in a little over a decade but can’t hire 100 people over the course of a few years is telling. But the real issue is scale, and the inability of current technology to keep up with that scale.
Facebook can’t play dumb here. According to Osnos’ profile, the “growth” team was the most celebrated and admired inside the company, and their goals were the company’s goals. If they wanted to “dominate” — as Zuckerberg half-jokingly closed every meeting with — they have no excuse for being bad at it when they actually started to do so, and continuing to be terrible years later.
Thomas Reed of Malwarebytes, with a small collection of apps available on the Mac App Store that exfiltrate user data:
It’s blindingly obvious at this point that the Mac App Store is not the safe haven of reputable software that Apple wants it to be. I’ve been saying this for several years now, as we’ve been detecting junk software in the App Store for almost as long as I’ve been at Malwarebytes. This is not new information, but these issues reveal a depth to the problem that most people are unaware of.
We’ve reported software like this to Apple for years, via a variety of channels, and there is rarely any immediate effect. In some cases, we’ve seen offending apps removed quickly, although sometimes those same apps have come back quickly (as was the case with Adware Doctor). In other cases, it has taken as long as six months for a reported app to be removed.
In many cases, apps that we have reported are still in the store.
These are exactly the kinds of things I expect the app review process should catch before apps like these and the aforementioned Adware Doctor make it into the store. The Mac App Store should, if nothing else, be a place for any user to find safe software. Ideally, it’s also one with high-quality, useful, top-tier apps, but security and privacy ought to be the baseline.
There’s an argument to be made about social media as a force for political mobilization — or, say, making friends, whom I may speak to multiple times a week but see only two or three times a year, if ever; research shows shared hatreds are more binding than shared interests — but first I’d like to talk a little bit more about myself. When I wake up every morning I look at my phone to see what has transpired in the night, the final waking moment of which is usually the last time I looked at my phone. This is bad for my sleep cycle, I know, and for the nerves in my hands — I refuse to get one of those knobs you can put on the back of your phone to make it easier to hold, which I see as not just admitting I have a problem but resigning myself to it, as well as broadcasting to strangers who see me using my phone in public that I am a Phone Person (worse: a Phone Woman) — but more important, it is just bad. What I dislike about my life are not the facts of it but its texture, the false tension and paranoia and twitchiness. I exist in a state of “might always be checking something,” and along with being unpleasant, it’s embarrassing.
The sentence I quoted for this link’s title comes in the last paragraph of this essay, but it’s not exactly in the context as you might expect from an essay questioning the substantive value of constant connection. It’s very good.
[Security researcher Patrick Wardle], who shared his findings with TechCrunch, found that Adware Doctor requested access to users’ home directory and files — not unusual for an anti-malware or adware app that scans computers for malicious code — and used that access to collect Chrome, Safari, and Firefox browsing history, and recent App Store searches. The data is then zipped in a file called “history.zip” and sent to a server based in China via “adscan.yelabapp.com.” Two independent security researchers confirmed to Motherboard that Wardle’s report was accurate.
In his blog post, Wardle noted, “The fact that application has been surreptitiously exfiltrating users’ browsing history, possibly for years, is, to put it mildly, rather f#@&’d up!”
Security researcher Privacy 1st tweeted that they initially contacted Apple about the Adware Doctor issue on Aug. 12.
One of the theoretical advantages of the Mac App Store — or any app marketplace with a review process — is that spyware like this could be caught before it is published. Yet Adware Doctor has been in the Mac App Store for years and it could have been pilfering user data for any amount of that time. Apple was even notified about it last month, but it was not removed until today. Either Apple dropped the ball hard here, or there’s something missing to explain why it was apparently not a high priority investigation.
mSpy, the makers of a software-as-a-service product that claims to help more than a million paying customers spy on the mobile devices of their kids and partners, has leaked millions of sensitive records online, including passwords, call logs, text messages, contacts, notes and location data secretly collected from phones running the stealthy spyware.
Less than a week ago, security researcher Nitish Shah directed KrebsOnSecurity to an open database on the Web that allowed anyone to query up-to-the-minute mSpy records for both customer transactions at mSpy’s site and for mobile phone data collected by mSpy’s software. The database required no authentication.
This kind of software is pretty gross to begin with. I’m not a parent, so I might be completely off-base here, but it seems to me that there’s an extraordinary amount of risk that is assumed in collecting everything your kid does relative to the actual benefits you might get out of doing so. Spying on your partner — or, potentially, employees — seems completely unethical.
Shah said when he tried to alert mSpy of his findings, the company’s support personnel ignored him.
“I was chatting with their live support, until they blocked me when I asked them to get me in contact with their CTO or head of security,” Shah said.
KrebsOnSecurity alerted mSpy about the exposed database on Aug. 30. This morning I received an email from mSpy’s chief security officer, who gave only his first name, “Andrew.”
This is a chickenshit response. Regardless of the ethical implications of mSpy’s spyware, a report of a security breach should be treated with more gravity than this. Why wouldn’t they prioritize this? Are they so afraid of making mistakes that they evade acknowledging, fixing, or apologizing for them?
In general, it is appalling to me the lengths that individuals and organizations alike will go to in order to cover up or hide from a mistake or a controversy. If you have any integrity whatsoever, you own your values and your actions. If they are seen as problematic, you try to understand why. If you want to stand by those actions, you should be able to produce evidence for your defence. But change can also be cathartic for everyone involved. There is no honour or benefit in trying to hide from actions that are being questioned.
The editors over at the Sweet Setup asked me to write a short piece on taking pictures with Halide and editing them in Darkroom. It’s the first thing I’ve written in which I specifically recommend not trespassing, so I think it’s worth reading for those curious about jumping beyond the built-in Camera and Photos apps for shooting and editing.
Alphabet Inc.’s Google and Mastercard Inc. brokered a business partnership during about four years of negotiations, according to four people with knowledge of the deal, three of whom worked on it directly. The alliance gave Google an unprecedented asset for measuring retail spending, part of the search giant’s strategy to fortify its primary business against onslaughts from Amazon.com Inc. and others.
Through this test program, Google can anonymously match these existing user profiles to purchases made in physical stores. The result is powerful: Google knows that people clicked on ads and can now tell advertisers that this activity led to actual store sales.
Google is testing the data service with a “small group” of advertisers in the U.S., according to a spokeswoman. With it, marketers see aggregate sales figures and estimates of how many they can attribute to Google ads — but they don’t see a shoppers’ personal information, how much they spend or what exactly they buy. The tests are only available for retailers, not the companies that make the items sold inside stores, the spokeswoman said. The service only applies to its search and shopping ads, she said.
This appears to be part of the data set that the Washington Postpreviously reported was being used to attribute purchases to ads.
Initially, Google devised its own solution, a mobile payments service first called Google Wallet. Part of the original goal was to tie clicks on ads to purchases in physical stores, according to someone who worked on the product. But adoption never took off, so Google began looking for allies. A spokeswoman said its payments service was never used for ads measurement.
Since 2014, Google has flagged for advertisers when someone who clicked an ad visits a physical store, using the Location History feature in Google Maps. Still, the advertiser didn’t know if the shopper made a purchase. So Google added more. A tool, introduced the following year, let advertisers upload email addresses of customers they’ve collected into Google’s ad-buying system, which then encrypted them. Additionally, Google layered on inputs from third-party data brokers, such as Experian Plc and Acxiom Corp., which draw in demographic and financial information for marketers.
This entire program — but particularly these two paragraphs — indicates so much about how all of these companies view the consumer landscape. The solution to not-quite-precise-enough numbers has been to collect more data, and the response to privacy concerns is to fuzz that data a little bit when it’s shared between companies. Based on the actions the surveillance capitalism industry has taken, they have not chosen the correct response of collecting less data.
It is worth noting that privacy was one of Apple’s goals for the design of Apple Pay. According to this Bloomberg report, the complete opposite was true of Google Wallet. As much as we view decisions by any companies as financially-motivated, we should remember to also think of Google’s moves — and those of credit card companies, data brokers, and so forth — as inherently creepy, invasive, and also likely not in the best interests of consumers.
The Outline, the Joshua Topolsky-founded culture website, laid off the last of its two remaining staff writers today. On Twitter, one staff writer, Paris Martineau, announced the shakeup. I’ve confirmed that the other full-time staff member, Ann-Derrick Gaillot, has also been let go. And other non-editorial employees seem to be impacted too. Editors appear to be the only full-time editorial staff the site has left.
The source also noted that The Outline plans to slash its freelance budget despite the dearth of staff writers. The site will likely move from its current Lower East Side office to an undisclosed WeWork location.
These are worrying signs — an online magazine without writers is hardly encouraging. I hope they can recover; the Outline is a particularly interesting publication, and Martineau was one of my favourite writers there.
Anyone who isn’t an expert on the internet would be hard-pressed to explain how tracking on the internet actually works. Some of the negative effects of unchecked tracking are easy to notice, namely eerily-specific targeted advertising and a loss of performance on the web. However, many of the harms of unchecked data collection are completely opaque to users and experts alike, only to be revealed piecemeal by major data breaches. In the near future, Firefox will — by default — protect users by blocking tracking while also offering a clear set of controls to give our users more choice over what information they share with sites.
This will be rolled out in two stages: Firefox 63 — two major releases away from the current build — will start blocking slow-loading trackers, while Firefox 65 will block cross-site tracking. The latter sounds a little bit like Safari’s Intelligent Tracking Prevention feature. However, instead of blocking scripts based on behaviour, Firefox will rely upon a list of trackers created by Disconnect Me.
When pop-ups got out of control in the early ’00s Firefox took a stand and killed them all dead. Now Firefox is taking a stand against tracking on the web because it too has gotten out of control.
Firefox also spearheaded the renaissance of web standards over the past fifteen years or so, but I’m not sure whether it has the kind of sway it once did. Even so, the combination of Apple’s and Mozilla’s prioritization of user privacy is a formidable one.
Of course, Google still makes the world’s most popular browser. There’s simply no way they can join the club of companies that actually care about user privacy with their current business model.
You’ve probably seen the images of the new Apple Watch and iPhones published by 9to5Mac. Unlike most leaks, these aren’t parts or sketchy spy photos, nor are they firmware or operating system leaks — these are promotional images designed to be used on Apple’s website and in marketing materials. They’re also noteworthy for another reason: neither Zac Hall nor Guilherme Rambo disclosed their source for these images in any capacity.
Transparency means show your work so readers can decide for themselves why they should believe it.
Don’t allow your audience to be deceived by acts of omission — tell them as much as you can about the story they are reading.
Tell the audience what you know and what you don’t know. Never imply that you have more knowledge than you actually do.
Tell the audience who your sources are, how they are in a position to know something, and what their potential biases might be.
In other words, reporters are obligated to tell readers what they know, and also how they know it. It is only in very rare cases that this guideline will be broken. I don’t see anyone doubting the veracity of these images, and I certainly am not, so their validity is entirely driven by the credibility of the reporters.
Rambo is uniquely gifted at picking through Apple’s software releases for information about forthcoming products, but these images didn’t come from software. These are graphics that you can expect on Apple’s marketing webpages for these products, and I don’t think it’s a coincidence they were leaked on the same day as the company announced the event where they will, presumably, officially unveil these products. This is entirely speculative; I don’t have any more specific information directly about these graphics. It’s just an especially curious situation because Apple’s marketing team pretty much never leaks.1 Final product names are only known by a relatively small group of people until they’re said on stage, and they, too, almost never leak. The team at 9to5Mac is reasonably confident that “iPhone Xs” is the name of the next iPhone.2 My guess is that these images were loaded onto an obscure-but-unprotected CDN and someone told 9to5Mac or Rambo, directly, where to look — perhaps not even an Apple employee, but someone very well-placed.
I’m not trying to out a source here. I’m curious about the way such a surprisingly thorough leak could occur. I’m also trying to understand why other forthcoming products, like the rumoured 6.1-inch LCD-based iPhone and the new all-screen iPad Pro, were not leaked at the same time.
You probably know that I’ve been working on a free and open source reader named Evergreen. Evergreen 1.0 will be renamed NetNewsWire 5.0 — in other words, I’ve been working on NetNewsWire 5.0 all this time without knowing it!
It will remain free and open source, and it will remain my side project. (By day I’m a Marketing Human at The Omni Group, and I love my job.)
Black Pixel will stop selling their versions of the app, and will turn off the syncing system and end customer support — all of which is detailed in their announcement. (Important note: I will not get any customer data from them, nor will I be doing support for Black Pixel’s NetNewsWire.).
I’ve been using Evergreen for about a year now and it feels similar to how NetNewsWire felt when I first started using it in 2007. It’s vibrant, exciting, and makes RSS feel appropriately simple. This announcement feels completely right to me.
There’s some good discussion in this video, but this part from Nilay Patel is wonderful:
I think one of the major things we need to shift our thinking about is [that] regulating individual pieces of speech is very difficult. Regulating behaviour is probably a better approach, where you can say “well, these people are consistently behaving in a way that goes against our values, and we don’t have to, like, write A.I. that finds words. We can actually look holistically at behaviour.” None of the platforms seem to be ready to do that. They are not willing to articulate strong values that they stand for — Twitter, in particular, seems to be very hands-off. Mark Zuckerberg is talking about a Facebook court.
Those are all very legalistic interpretations. I think they’re not going to work unless these companies have strong values that they believe in, and the government decides it wants to pursue a non-discriminatory approach. […]
The most awful corners of Twitter have gotten very good at evading automatic detection of targeted harassment and discriminatory language, even though it’s clear that their behaviour, as a whole, is harassing and discriminatory. When you report a user to Twitter for this kind of behaviour, they ask that you add up to five relevant tweets even when their entire account is a problem. Twitter’s rules prohibit targeted abuse, but you can still find plenty of users who reference who reference the “fourteen words” and “blood and soil” in their bios, or any of the other coded language used in the context of white supremacy and white nationalism.
Banning Nazism is, for me, the baseline of good platform moderation — if a company can’t or won’t prioritize removing Nazis from their platform, who will they remove?