Written by Nick Heer.

Archive for December, 2015

HIV-Positive Dating App Leaked User Data

Stephanie M. Lee, Buzzfeed:

The leaks, which were both repaired as of Monday, are believed to have left the personal information of Hzone and iFit users vulnerable since at least late November and last week, respectively, according to the cybersecurity blog DataBreaches.net, which first reported them. […]

In the case of Hzone, such information included names, email addresses, birthdays, relationship statuses, number of children, sexual orientation, sexual experiences, and messages like this, according to DataBreaches.net: “Hi. I was diagnosed 3 years ago now. CD4 and Viral Load is relatively good. I’m therefore not on Meds yet. My 6-monthly blood tests are due in June. Planning to go in meds. I’m worried about the side effects. What kinds of side effect have you experienced? Xx.” As many as 5,000 users appeared in the breach.

That’s not as many affected users as the 13 million exposed by MacKeeper, but the information collected by Hzone and iFit is far more sensitive and personal. It’s unconscionable that these apps are practically unregulated; even if they were subject to HIPAA requirements, that law largely protects information subject to doctor-patient confidentiality, not medical information itself.

Reference Design

Jack Wellborn:

As a long time Mac user, I have no qualms saying that Windows has gotten leaps and bounds better in the last 5 years, but those significant improvements have been largely erased by mediocre hardware, penny pinching IT departments, and the continued horrible practice of crapware. I am sure no one is more frustrated by this fact than Microsoft, who I believe has been desperately trying to elevate the PC back to respectability. I think the Surface exists as part of that strategy to help the rest of PC industry with a unique reference model not entirely owned by PC’s oldest and now biggest competitor.

This observation is nearly entirely echoed by Consumer Reports’ findings as to why Apple’s MacBooks are far more reliable than their Windows-based counterparts. Robin Harris, for ZDNet:

When I left Silicon Valley for the mountains of northern Arizona 10 years ago, I was startled at how differently “everyday” people saw computers. It’s binary: work; or, not work.

They don’t say – “oh it’s a hardware problem, no bad on Microsoft.” No, they say “my Windows notebook stinks ’cause it broke.” CR is doing the absolute right thing. […]

If I were running Microsoft’s Windows customer sat group, I’d be on this like a dog on a bone. MS is only supplying the software, but their OEMs are killing the MS brand with reliability that is half of what Apple achieves.

The prose is worse than Wellborn’s, but the sentiment is the same: by choosing to license their operating system in a loose way, Microsoft places the reputation of their software in their licensee’s hands. Those licensees are part of what is corrupting Microsoft’s reputation, and the Surface partially exists for Microsoft to gain greater control of that.

On Intersectionality in Tech

Smart article from Megan Rose Dickey at TechCrunch:

The intersection of racism, sexism, transphobia and other oppressive institutions influence perceptions and experiences of people in the tech industry. It also serves as a potential barrier to those who want to enter tech but can’t because the industry isn’t built with intersectionality in mind. In fact, the tech industry seems to turn a blind eye to it.

It’s worth noting that the vast majority of the world is not white, and certainly not white and male. The tech industry impacts the entire globe, but is designed and created by a body of people that is not representative of those it affects.

Being a Better Ally to Women and People of Colour in Tech

Really great article from Victoria Kirst, writing for Ntrsctn:

… ‘Are you sure it was sexism?’ is a pointless question because the answer is always the same: No, I’m not sure. I can’t be sure. It’s impossible to be sure.

Engineers solve technical problems at work every day, so it’s tempting for us to solve all of life’s problems using the same approach. But it’s ridiculous to apply engineering techniques to social problems, where it’s impossible to get the evidence we would normally demand to solve them. We need a different approach.

Empathy is a very powerful tool here. The better we understand the abuse, discrimination, and oppression that women and people of colour face — often daily — the better we can be an ally. The only way we can even begin to understand this, though, is to listen, and that’s something we’re not doing very well right now.

Apple Is Placing Popup Ads for the iPhone 6S in the App Store

Roger Fingas, AppleInsider:

The ad presents a graphic with the slogan “ridiculously powerful,” and highlighted options to “learn more” or “upgrade now,” according to posts on sites like Twitter and Reddit. An option to skip to the regular App Store interface is found in the upper-right corner of the screen.

The pop-ups appear to be targeted at people using an iPhone 5s or earlier, and may have been enabled with Tuesday’s release of iOS 9.2.

Interstitial advertising is obnoxious, and Apple is already too keen on self-promotion in iOS for my liking — you can’t hide the Watch app if you don’t own an Apple Watch, for example. But, at least, the Watch app’s presence doesn’t interfere with the functionality of the phone. This ad does. It’s gross.

Probably Not Wright

Unmasking Satoshi Nakamoto is the media world’s objet petit a, at least for now. Many have tried and failed, the latest being Andy Greenberg and Gwern Branwen of Wired, and Sam Biddle and Andy Cush of Gizmodo. Both exposés are brimming with confidence — Greenberg and Branwen’s is titled “Bitcoin’s Creator Satoshi Nakamoto Is Probably This Unknown Australian Genius”, while Biddle and Cush’s includes this passage:1

Writing about Satoshi Nakamoto, the Bitcoin originator’s pseudonym, is a treacherous exercise. Publications like the New York Times, Fast Company, and the New Yorker have taken unsuccessful stabs at Satoshi’s identity. In every instance, the evidence either hasn’t added up or those implicated have issued public denials. And then there was Newsweek, whose 2014 story “The Face Behind Bitcoin” is easily the most disastrous attempt at revealing the identity of Satoshi. The magazine identified a modest California engineer, whose birth name was Satoshi Nakamoto but who went by Dorian, as the creator of Bitcoin. The story resulted in a worldwide media frenzy, a car chase, and — after Dorian’s repeated denials and legal threats — a great deal of embarrassment for Newsweek.

I’m not sure if these exposés surpass Newsweek’s, in terms of how embarrassing they are, but it’s close. First, there’s the little matter of the PGP keys, so critical to both stories. Sarah Jeong, writing for Vice:

Both Wired and Gizmodo outline Wright’s qualifications and accomplishments in detail, aside from pointing to emails and other documents that seem to nail Wright as once-and-future Bitcoin king Satoshi Nakamoto.

A lot of this evidence isn’t authenticated, so there’s that. But there’s one really big problem with the case for Craig S. Wright as Satoshi: at least one of the key pieces of evidence appears to be fake. The “Satoshi” PGP keys associated with the Wired and Gizmodo stories were probably generated after 2009 and uploaded after 2011.

That seems fairly problematic for documentation that was apparently created in 2008.

Today, Gizmodo and Wired have each published separate stories acknowledging that their exposés were likely wrong; they’d been duped. Andy Cush of Gizmodo:

Since our story was published (along with subsequent profiles of both Wright and Kleiman) things have only gotten weirder. Wright’s home was raided by police due to an investigation by the Australian Tax Office that’s reportedly unrelated to Tuesday’s articles. Wright himself has pretty much disappeared. And several outlets have done even more digging to try and figure out whether Wright and Kleiman were, in fact, closely involved in creating Bitcoin.

Andy Greenberg, Wired:

Wright’s colleague Ian Grigg, a financial cryptographer whom Wright has cited as writing a paper that helped inspire Wright’s bitcoin work, wrote Wednesday on Twitter that he’d learned Wright had been hacked and extorted for money, and that the extortionist had given documents to the media (presumably meaning Wired and/or Gizmodo).

Embarrassing for the two publications that broke the news, and the countless more that failed to do their own research or verify the stories.

But this could turn out to be a far more bizarre, interesting — and, perhaps, darker — story than initially reported. Unmasking a pseudonymous Bitcoin creator satisfies a small amount of our curiosity, but telling the story of someone who has claimed to friends that he created Bitcoin and conning a bunch of reporters into believing it, despite not doing so? That’s an angle worth exploring.


  1. Biddle was very confident on Twitter and in Marketplace, but also admitted that it could be a long con. ↩︎

Young ‘Digital Natives’ Naïve About Internet Advertising

Henry Mance for the Financial Times:

In Ofcom’s research, children were shown a list of search results for the term “trainers”, and directed towards the top two results — which were in an orange box with the word “Ad” written in it.

Only 31 per cent of those aged 12 to 15 identified the sponsored links as advertising. Among those aged 8 to 11, the proportion was even lower — 16 per cent.

Google ads are looking more like native advertising with each iteration. Older results pages used to separate the ads and more clearly delineate what was sponsored and what was organic. Google has slowly but deliberately eroded that line by making ads look more like native search results, and by manually promoting its own products.

I wonder how these findings will affect the pending E.U. anti-competition case.

A New Remote App Is Coming

The tvOS 9.1 update released yesterday added support for the iOS Remote app. Joe Rosensteel:

For me, the Apple TV was recognized by the Remote app on my iPhone 6 and I was able to use direction, menu, play/pause, and — most important of all — the iPhone’s virtual keyboard. This does not cover the full range of features that the Siri Remote can handle, and there are interface bits that the 4th generation Apple TV does not support (the options element does nothing).

Nice. But:

There was no update at all to the Remote app. Not even for branding. As Robb Lewis pointed out on Twitter, this is rather absurd and unhelpful. Instructions for pairing are different for the fourth generation, and the icon the iTunes is even 3 years-old. […]

Also, since it’s not an updated Remote app, there are several things it can’t do that your Siri Remote can do:

  • Use Siri to do searches or control the TV.

John Paczkowski reports for Buzzfeed:

“We’re working on a new Apple TV remote app that will give you the full functionality of the Siri Remote on your iPhone,” [Eddy] Cue said. “We’re hoping to ship that in the first half of next year.”

Good stuff. Here’s hoping for dictation on the Apple TV’s keyboard soon, too.

U.S. Senator Pursues Legislation to Cripple Encryption

Patrick Howell O’Neill, writing for the Daily Dot:

Sen. Dianne Feinstein (D-Calif.) told the Senate Judiciary Committee on Wednesday that she would seek a bill that would give police armed with a warrant based on probable cause the ability “to look into an encrypted Web.” […]

[FBI Director James Comey insisted] that the encryption debate is “not a technical issue” because “there are plenty of companies today who provide secure services to their customers and still comply with court orders.”

Oh, Comey: this is a technical issue. The only way this is possible is with a mandated “back door”, and the minute one of those is added, the encryption becomes meaningless. It’s only a matter of time, effort, and means for an unauthorized person or party to use that back door. This is counterproductive, especially considering Feinstein previously argued for more robust electronic security protections.

Apple Releases iOS 9.2, OS X 10.11.2, tvOS 9.1, and watchOS 2.1

Some good updates all around: tvOS now supports Siri for controlling Apple Music and the iOS Remote app, and Mac OS X, iOS, and watchOS include lots of bug fixes.

I’d like to draw your attention to one bug in particular that was marked as fixed. In the watchOS 2.1 release notes, Apple says:1

Addresses issues that could prevent third party apps from launching

This isn’t fixed for me; I am unable to launch any third-party native watchOS app from the App Store, and this has affected myself and others since watchOS 2 was released. It’s a bug in the handling of Apple’s FairPlay DRM that’s somewhat similar to the corrupted App Store binaries issue from three years ago.

Here’s what it looks like in the console when I launch a native watchOS 2 app:

Dec  8 22:55:48 Nicks-AppleWatch kernel[0] <Notice>: AppleFairplayTextCrypterSession::fairplayOpen() failed, error -42004
Dec  8 22:55:48 Nicks-AppleWatch gizmoappd[92] <Warning>: plugin com.flexibits.fantastical2.iphone.watchkitapp.ext interrupted
Dec  8 22:55:48 Nicks-AppleWatch com.apple.xpc.launchd[1] (com.flexibits.fantastical2.iphone.watchkitapp.ext[235]) <Warning>: FairPlay decryption failed on binary.

Depending on what the system feels like doing, this either causes an immediate crash of the app, or the loading indicator spins within the app for about a minute before it crashes.

I didn’t notice this while watchOS 2 was in beta because this doesn’t seem to affect apps distributed via TestFlight, nor does it affect WatchKit apps. As more of my favourite apps have been updated to become native, fewer of them remain functional, and it’s driving me crazy.

I filed this as a bug with Apple a couple of months ago. It was marked as a duplicate.

Update: Michael Tsai:

iOS 9.2 unfortunately doesn’t fix the three most annoying iOS 9 issues for me: […]

I could swear this was fixed in one of the 9.2 betas, and then was un-done in the final release.


  1. Release notes for updates must be put together by a bunch of different departments. They use both “fixing” and “fixes” to start sentences, and are inconsistent with the use of a hyphen in the phrase “third party”. ↩︎

Confidential and Proprietary

Really interesting article from Yoni Heisler at BGR, listing and explaining all of the very confidential and proprietary stuff made public during Apple v. Samsung. I have to wonder how difficult it was for Apple’s top executives to reveal parts of their secret sauce, how valuable they consider the information they provided, and whether the litigation was ultimately worth it. To my eyes, there’s not a lot here that’s valuable in isolation; everything is ultimately dependent upon talent and execution.

Apple Says That Its Maps App Is Used Three Times as Often as Google’s on iPhones

Someone in Apple’s PR office1 gave Anick Jesdanun of the Associated Press a bit of information:

Apple says its mapping service is now used more than three times as often as its next leading competitor on iPhones and iPads, with more than 5 billion map-related requests each week. Research firm comScore says Apple has a modest lead over Google on iPhones in the US, though comScore measures how many people use a service in a given month rather than how often.

I have no doubt many of the built-in location-based features in iOS 9 help more users (re)discover Apple Maps, and I don’t doubt that it has gotten better.

But I have this test that I run every time I hear about an improvement to Maps, and Apple Maps still fails. Here’s the test: I search “wine market” and note the results list. There is a store called “Kensington Wine Market” just a few hundred metres from my apartment, yet the top result in Maps has always been a restaurant in Baltimore, which makes no sense. Unless I’m searching a region, city, or an address, Maps should always prioritize local results. By contrast, Google Maps suggests a search for “wine market calgary” as the top result. Tapping “Search” used to perform flawlessly, but now also zooms to the restaurant in Baltimore.

Your results will vary greatly depending on where you live. In Indonesia, Apple Maps was barren while Google returned plenty of local landmarks and points of interest. Apple seems to have improved their mapping technology in Canada, the U.S., and China, but I’m not sure about the rest of the world.


  1. Or, perhaps, Greg Joswiak — he’s quoted in the article. ↩︎

Low-Hanging Fruit

Brent Simmons, closing out a short list of fairly basic bugs:

So we have Apple Watch and Apple TV now. What I’m hoping for — what I’m nearly begging for, more as a user than as developer — is that Apple spend a year making things better. Nothing new. Just make things work better.

Even the new Apple TV and Watch have obvious shortcomings. The former has a bright white UI, which is pretty blinding in the kind of darkened room many people watch movies in. Siri also fails in places where you’d hope it would work, there’s no dictation for the keyboard, and the keyboard itself is an awkward long strip.

The Watch, meanwhile, doesn’t launch either first- or third-party apps fast enough to entirely work as a “glanceable” device.

Meanwhile, on my Macs at home and at work, twitter.com and t.co links regularly fail to load in Safari. It’s only those URLs, only since upgrading to El Capitan, and only in Safari — Tweetbot works fine. Baffling.

But I hold out hope. Earlier this year, Apple released an update to iTunes that made any database edit last about a minute. Change a straight prime to a curly quote? That’ll cause iTunes to hang for a minute. Making sure A$AP Rocky is listed as “ASAP Rocky” by editing the sort artist? Another minute of hanging. Deleting a track? That’ll cause another hang. Though this bug is at least five months old, I was very happy to discover this weekend that it has been fixed.

Similarly, I’ve found Mail on Yosemite and El Capitan to be way better than previous versions, and iOS 9 fixes a lot of the issues I ran into on iOS 8. I know not everyone’s experience has improved, but mine certainly has across all of my Apple devices.

My pet theory is that Apple is seeing fewer bug reports and support calls these days than, say, five years ago, but the bugs users are running into are more noticeable. I’m guessing the fallout from discoveryd didn’t spike Apple’s bug reporting system that much, but the issues it caused were infuriating, considering just how much of our computing is dependent on an internet connection.

Facebook Shutters Creative Labs

Sad news from Facebook, too: the part of the company that was responsible for a bunch of fairly unpopular but rather nice apps has been shut down. Most notably, Creative Labs is behind Paper, which has always been a far better Facebook experience than the official Facebook app. It was last updated in March, yet it still doesn’t support interactive notifications or any other recent iOS features. It doesn’t support many of Facebook’s most recent features, either, like Instant Articles.

Facebook has pulled a bunch of Creative Labs’ apps from the App Store, but Paper remains. I don’t think it’s going to last much longer.

Dropbox to Shut Down Mailbox, Carousel

Drew Houston and Arash Ferdowsi of Dropbox:

In 2013, we acquired Mailbox because we believed in the way it was making mobile email better. In 2014, we launched Carousel to create a new way to experience and share photos. With both, we aspired to extend the simplicity of Dropbox to other parts of our users’ lives.

Building new products is about learning as much as it’s about making. It’s also about tough choices. Over the past few months, we’ve increased our team’s focus on collaboration and simplifying the way people work together. In light of that, we’ve made the difficult decision to shut down Carousel and Mailbox.

No big surprise. It’s disappointing, though, and it’s compounded by Mailbox’s reliance upon a third-party server: it’s not email; it’s a proprietary backend with an email-like front-end. No matter how much I liked Mailbox — and I really like lots of what Mailbox does — this dependency has always been an inherent flaw, and I don’t think this is adequately explained when setting it up. Most people who use it probably have no idea that their email messages live on a third-party server in between their mail host and their phone.

If you’re aching for a replacement, Spark by Readdle has always been very good, and they’re working on iPad and OS X versions. The Sweet Setup recommends Dispach for iPhone and Airmail for the Mac. I’ve been very content with the default Mail app on all my devices for the last while, though.

Apple Sneaks a USB 3.0-Compatible Lightning Port Into the iPad Pro

Andrew Cunningham, Ars Technica:

Our full review of the iPad Pro covers a lot of ground, but there is one small item that escaped our notice. When iFixit tore the device apart, it found a USB 3.0 controller, and Apple has confirmed to us that the new iPad Pro will in fact support USB 3.0 transfer speeds over its Lightning port. USB 3.0 supports theoretical transfer speeds of up to 5Gbps, a little over 10 times faster than USB 2.0’s 480Mbps.

Via John Gruber, who notes:

I don’t know when we’ll see Apple take advantage of this new Lightning port (the cable that ships with the iPad Pro is still just USB 2), but I think it’s every bit as capable as USB-C. I bet it can handle not just USB 3, but also Thunderbolt and DisplayPort/HDMI 4K.

The upcoming Thunderbolt 3 takes advantage of a USB-C connector, replacing the DisplayPort-style connector of Thunderbolts 1 and 2. And it has another advantage, too:

Previous iterations of the Thunderbolt were costly because they required an “active” cable, which has a chip in it to boost performance. The move to a USB Type-C connector, plus the ability of Thunderbolt 3 to work with both fast, active cables (40 Gb/s) and less-expensive, passive cables (up to 20 Gb/s), means that cost will be less of an issue this time around.

I think there’s a good chance that the Lightning port within the iPad Pro and 2016 model iPads1 could take advantage of the USB 3 and potential Thunderbolt capabilities. I’m less certain about the iPhones; I think they could retain the current-style Lightning port for a while yet.


  1. The iPad Mini 4, also refreshed this year, retains the older-style Lightning port. ↩︎