Month: October 2016

Matthew Panzarino, TechCrunch:

What professional users would like — what I know I would like if I were still editing thousands of photos a week as a photographer — is a way to surface buried commands and make them ready for you. (As a side note, I think Apple is doing future generations a great service in sublimating the importance of keyboard shortcuts, which are arcane and difficult to discover and use.)

John Gruber:

The Touch Bar is not the answer to “How do we bring touchscreens to the Mac?”, because that question is not actually a problem. The Touch Bar is the answer to “These keyboard F-keys are cryptic and inflexible — what can we replace them with that’s better?” That’s an actual problem.

Keyboard shortcuts can be great in applications that you use all of the time, but they’re hard to discover. This is particularly true when the command is buried in some tertiary-level menu, or if the software doesn’t use system conventions: VLC’s ⌘N shortcut for opening a file from a URL instead of creating a new window or document, for example, or Photoshop’s ⌘K shortcut for preferences instead of the more typical ⌘,.

The Touch Bar solves buried shortcuts by elevating contextually-related commands to a visual foreground. Pro users may scoff that they don’t need it for the applications they use regularly, but that’s missing the point. The Touch Bar is for the applications or commands that you use less frequently.

The non-Retina 13-inch model was the last MacBook Pro — actually, the last computer — that Apple sold with a disc drive. It also happens to be the last MacBook with storage and RAM that can be upgraded after purchase.

The part of me that loves a singular and complete computer is thrilled with the new MacBook Pros, but the part of me that has regularly upgraded my computers doesn’t seem ready just yet.

Update: Looks like the new MacBook Pros have a swappable SSD after all. My apology for being incorrect, but this is excellent news.

Alex Kantrowitz, Buzzfeed:

The platform similarly became a critical source for updates on the Brexit fallout and the invasion of Mosul, along with the usual celebrity spats and sports commentary. No other service possesses the fast-moving, real-time environment of Twitter, and the platform provides an unparalleled window into unfolding world events. The worst corporate turbulence, it seems, can’t shatter the glass around the lightning it caught in its bottle a decade ago now, which no other company, service, or product has been able to duplicate.

I don’t think there’s a bigger disconnect between company and product at any company than there is at Twitter. The company has a long way to go to improve their record of allowing abuse and intimidation on their platform, but the core of the idea is solid, unique, and — dare I say — irreplaceable.

Just before today’s Apple event, Twitter announced that Vine would, effectively, be shutting down “in the coming months”.

Brian Feldman wrote a bit of a eulogy for New York magazine:

But the point of Vine was never to generate the next Fellini. It was to have dumb, stupid free play on an internet increasingly hostile to that kind of freedom, whether because of surveillance or heavy-handed advertiser presence or trolls. The lack of adult supervision or corporate culture may have made it somewhat impenetrable, but it also made it feel free in a way no other social network really does. And that freedom paid off. In terms of creating phrases, ideas, and images that made it into mainstream culture — that is, memes — Vine was unparalleled. If you’ve heard, or said, or been baffled by “I was told by Apple Care!” or “on fleek” or “what are those,” you’ve encountered a Vine in the wild.

The best Vines had more creativity and laughs per second than most sitcoms or movies.

This is also notable:

Most important, the engines of this creativity were groups poorly served by, and often shut out from, mainstream cultural creation and consumption. Vine wasn’t just dominated by teenagers — it was dominated by teenagers of color. Especially black teens, who created a disproportionate number of popular Vines and used the social network to demonstrate wit, intelligence, creativity, and comic timing that was rarely given a spotlight elsewhere.

Shara Tibken and Connie Guglielmo of CNet scored an exclusive pre-launch interview with Phil Schiller, Craig Federighi, and Jony Ive about the new MacBook Pros. They cover much the same ground as in today’s keynote, but Schiller also addressed the pricing of the products head-on:

Affordability is “absolutely something we care about,” Schiller says. “But we don’t design for price, we design for the experience and the quality people expect from Mac. Sometimes that means we end up at the higher end of the range, but not on purpose, just because that’s what it costs.”

No matter the reason why, it still stings a little, particularly for those of us with weaker currencies than the American dollar.

After a year and a half without an update, there are — finally — new MacBook Pros, and they look really damn good. And expensive.

The new OLED contextual Touch Bar is, of course, the standout feature of these new Macs. I’m definitely the kind of user who has memorized the keyboard shortcuts for everything I do regularly, but a feature like this is going to be perfect for apps that I don’t use very often. Pro apps, in particular, tend to cram a lot of functionality into the UI — something which becomes increasingly problematic as the display size shrinks. The Touch Bar looks like a very good solution to that, by providing contextual controls within the reach of your fingers.1

There’s lots else to love about these Pros. The display now has a P3 colour gamut, there are four Thunderbolt 3 ports2 — any of which can charge the Mac — and it comes in silver and Space Grey.

But there’s one thing I’ve seen that’s rather blunted the praise for these new Macs: a not-insignificant price jump. The outgoing 13-inch Retina MacBook Pro started in Canada at $1,549, while the 15-inch was $2,449 Canadian. With the Touch Bar, the 13-inch now starts at $2,299, while the 15-inch is $2,999. In the U.S., the price differences are around $300-400.

To try to close the chasm between the new Pros and the 13-inch MacBook Air, Apple has a version of the 13-inch MacBook Pro without the Touch Bar, less-powerful processor, less-powerful graphics, and just two Thunderbolt 3 ports. As my existing Air is frequently connected to my Thunderbolt Display, this is virtually the perfect Mac for me. However, even this one starts at $1,899 in Canada. Speccing it up the way I’d want to — 16 GB of RAM and a 1 TB drive, because it now appears to be soldered and therefore can’t be upgraded — would run me a bill of $2,859.

Make no mistake: I’m not complaining about the new MacBook Pros. They look incredibly powerful, ridiculously thin, and have amazing displays. But they are very spendy right now, and that’s an especially hard pill to swallow when the Mac seems to receive less attention than it used to. I think the 13-inch MacBook Pro is my next computer, but I’ll be saving enough money to buy it until the next time they update it.

  1. By the way, the Touch Bar finish shows how great a matte Retina display would look on pretty much any device. ↥︎

  2. These are now in the USB-C connector shape, bringing them in line with the MacBook. Apple’s updated MacBook lineup — excluding carryover older products at reduced price points — is now entirely USB-C, yet iPhones still come with a USB-A to Lightning cable. ↥︎

Daniel Jalkut points out that the highly-performative updated logging infrastructure in iOS 10 and MacOS Sierra is now almost too explanatory:

Apple has dramatically revamped its standard logging mechanism. Unified Logging, available in macOS 10.12 and iOS 10, replaces various file-based logging approaches with a centralized, database-backed repository for log information of all levels of interest.


The two big losses, in my opinion, are that the sheer size, number, and variety of logging messages makes it impractical for users to skim the console for “real problems,” and that the resulting logging archives are so large that it’s impractical to casually include them with bug reports to Apple or 3rd party developers.

I’ve had to upload a few sysdiagnose archives to the Bug Reporter this week. Each was over 300 MB, which is about six times the size of previous sysdiagnose files.

But that’s nothing compared to the logs generated when using Apple’s data capture tool issued when requesting support via their more consumer-level help channels. I only left the “capture default information” option checked, as it cannot be unchecked, and it generated 2.16 GB of logs. Incidentally, this log file turned out to be entirely useless because the web-based uploader only allows files up to 1 GB.

I think it’s great that I don’t have to install all kinds of profiles to log critical debugging information, like I typically have to on iOS. But having too much data is equally dangerous: users won’t or can’t upload files, and it’s too much to sift through for power users and developers. Jalkut has some terrific ideas on how to fix this without impacting privacy or the usefulness of the logs.

Zac Hall, 9to5Mac:

Nikkei Asian Review is adding to recent reports that Apple will move to an all-glass design with the iPhone 8 next year, while reporting that the lineup will add a 5-inch model. Apple previously used an all-glass design with the iPhone 4 and iPhone 4s, but switched to aluminum backs with the iPhone 5 through iPhone 7. And a 5-inch iPhone 8 would add a new option to the current lineup which includes 4.7-inch and 5.5-inch flagship models.

I don’t know anything about this, but adding a third iPhone model makes no sense to me. Much like the rumoured 10.5-inch iPad, my guess is that this is a misinterpretation by a source or an analyst.

Ming-Chi Kuo claimed in March that Apple has been working on a 5.8-inch model, which is the same 0.3-inch difference as between the rumoured 5-inch model and the existing 4.7-inch model. My hunch, for what it’s worth, is that these rumours describe larger displays that sit within the same two case sizes as the existing lineup.

Matthew Panzarino, TechCrunch:

“The early response to AirPods has been incredible. We don’t believe in shipping a product before it’s ready, and we need a little more time before AirPods are ready for our customers,” an Apple spokesperson said to TechCrunch.

Apple did not say whether hardware or software updates are what is at the heart of the delay so I couldn’t conjecture which. My experiences with the AirPods have been very positive this far but the pre production units that were given out to press are not without their foibles and bugs. I have seen a variety of small software/hardware interaction issues that have caused some frustration – but have taken them in stride because they are not final products.

What a pisser.

Such is the danger of announcing products before they’re ready, something which has happened a couple of times in the past two years: the Retina iMac in 2014, and now the AirPods. You could also argue that launching the iPhone 7 Plus without its standout Portrait mode feature could constitute a “delay” of sorts.

Back in 2012, Apple delayed the release of iTunes 11 for about a month. When it was released, though, it was one of the best versions of iTunes in a long time. Postponing a product launch sucks, but it’s better that it’s released right instead of quickly.

No word on whether any Beats models are also being delayed, though their release dates have always been a more nebulous “this autumn”.

Update: The Beats Solo and Powerbeats models with W1 chips have been shipping for a while, apparently — thanks Erik. The BeatsX in-ear headphones — the ones I was looking at — haven’t been released yet.

Apple’s reported numbers were well within — and even at the upper bounds of — their guidance from last quarter, but that doesn’t make for a stellar quarter. They sold fewer iPads this quarter than in any quarter since 2011, while “other” product revenue, which includes the Apple Watch, was down year over yearno surprises there.

But it’s not all bad news. CFO Luca Maestri said that iPhone sales were mostly supply-constrained:

We’ve seen a strong iPhone growth in many markets around the world including Canada, Latin America, Western Europe, Eastern Europe, the Middle East, India, and South Asia. iPhone sales in Greater China declined during the quarter, but initial customer response to iPhone 7 and 7 Plus gives us confidence that our December quarter performance in China will be significantly better on a year-over-year basis than our September quarter results, even as we lap the all-time-record period from a year ago.

Worldwide demand for iPhone 7 and 7 Plus has significantly outpaces supply, particularly on iPhone 7 Plus. And we’re working very hard to get the new iPhones into the hands of our customers as quickly as possible.

Pretty solid for a phone derided by plenty of tech journalists as a recycled design. And — did you hear? — it doesn’t have a headphone jack. Crazy. Apple also reported solid growth in services, though they didn’t release an updated subscriber count for Apple Music.

Guidance for Q1 2017 forecasts revenue of $76–78 billion, which is a similar range to their Q1 2016 forecast, and slightly above actual revenue for that quarter.

Kara Swisher, as quoted by Karis Hustad at Harvard’s Tech Conference 22:

When you look up at a board room and you look around and you see 10 white men and you don’t understand you have a problem, I want to know what happens to you. How can’t you see it? It’s a huge problem, and from a business point of view it is ridiculous. If half the women are using the Internet and half of people of color are using it, that’s how it should be represented. My god, how can you make a product for half the human race and not have half the human race be represented?

The goal is not just about numbers, but about equal representation of ideas and equal consideration to issues raised. But it is impossible to get to a point where equal thought is given to the specific concerns of women or people of colour if boards and employees are overwhelmingly white and male. Diversity is not — and cannot — be a checkbox item, as Swisher points out:

They’re not trying. They’re not looking hard enough. [They say] “Oh, it’s hard.” I don’t care. I don’t give a fuck if it’s hard. You need to bring me 10 great candidates and you have to be thinking hard about different kinds of candidates, different ages, different races — and we’re not always going to be successful, but I think from the very top you have to say, you’re being lazy about this. You’re being easy. You’re pattern matching.

Matt Haughey:

I’ve spent the last seventeen years blogging, and for some of that time I ran PVRblog and for 15 years I ran MetaFilter, both of which are ad-supported sites. I’ve had lots of ups and downs with both, and at some point in the mid-2000s I built a whole Amazon product recommendation subsite for MetaFilter that never launched. Readers of PVRblog back in its heyday used to ask me to write a “buyers guide” every holiday season and though I recognized the utility of such a thing, I never made one, fearing it would constantly need updating to stay current with the latest news.

I don’t think I’ve ever met Brian Lam face to face, but we’ve talked online a handful of times but I’m immensely impressed with what he’s built. I don’t think any news I read today about this deal gave him enough credit for what he did, so I want to break it down.

I used the word “atypical” in the title of this post very deliberately. The Wirecutter and the Sweethome didn’t create a brand new business model, but they managed to become one of the most effective implementations of affiliate linking — something which has been around for ages. But it is a model that’s atypical amongst today’s VC-and-PPC-ad-funded media companies. Lam deserves a lot of credit.

Earlier today, Apple released software updates for the Mac, Watch, iOS devices, and Apple TV. iOS 10.1 includes the new Depth Effect mode and brings public transit to major Japanese cities, amongst lots of other bug fixes and adjustments. I’ve also noticed better battery life over iOS 10.

WatchOS 3.1 mostly has “bug fixes and performance improvements”. I’ve noticed a significant improvement in battery life compared to 3.0. I recommend installing this at your earliest convenience, provided you don’t fuck up your stand goal.

MacOS 10.12.1 contains all sorts of tweaks, including improvements that will become relevant on the MacBook Pros that will be unveiled on Thursday. However, adjustments to the keyboard framework seems to have messed with some third-party keyboards. You can try restoring defaults in your keyboard preferences to fix it; if that doesn’t work, you can roll back IOHIDKeyboardFilter.plugin.

Also in this release:

Adds an automatic smart album in Photos for Depth Effect images taken on iPhone 7 Plus

A smart album is still missing for Live Photos on iOS and MacOS. I get the implication that Apple wants you to leave it turned on all of the time, but I don’t think most people keep it on. Regardless, it remains unforgivable that you can’t search for photos by type: screenshot, panorama, Live Photo, and so on.

Sarah Perez, TechCrunch:

Maybe not everyone is convinced they need a smartwatch? According to a new industry report from IDC out this morning, smartwatch shipments experienced “significant” declines in the third quarter, as total shipments were down 51.6 percent from the same time last year. Just 2.7 million units were shipped in Q3 2016 versus 5.6 million in Q3 2015. While IDC offers several explanations as to why sales are dropping – including issues related to launch timings, Android Wear delays, and more – the numbers still indicate how smartwatches are having a hard time finding traction among a majority of consumers.

Of course, we need to keep in mind that Apple Watch is the market leader among smartwatches – its Series One device accounted for the majority of shipments in the quarter (1.1 million units shipped, a 72 percent year-over-year decline). That means its ups and downs will have an outsize impact on the industry’s numbers at large.

To make matters worse, the new Apple Watches didn’t go on sale until two weeks before the end of the third quarter, and the Nike+ model won’t be available until this Friday.

Still, these numbers aren’t great. I still think it’s a nascent market, the potential for which will be revealed over time as more people get their hands on smartwatches — or, well, smartwatches on their wrists. It’s certainly not a market that’s going to be a smartphone-sized yet or, possibly, ever, but there’s definitely something catching buyers’ eyes. Anecdotally, I’ve had more people ask me about how much I wear and like my first-generation Apple Watch over the past month than I had in the previous year.

After last week’s massive web outage was understood to have been the result of a botnet originating from insecure web-connected devices — DVRs and cameras, mostly — a number of people, including me, pointed to Bruce Schneier’s Vice article on why it’s important to regulate the security of these devices. In short:

The market can’t fix this because neither the buyer nor the seller cares. Think of all the CCTV cameras and DVRs used in the attack against Brian Krebs. The owners of those devices don’t care. Their devices were cheap to buy, they still work, and they don’t even know Brian. The sellers of those devices don’t care: they’re now selling newer and better models, and the original buyers only cared about price and features. There is no market solution because the insecurity is what economists call an externality: it’s an effect of the purchasing decision that affects other people. Think of it kind of like invisible pollution.

Robert Graham of Errata Security disagrees with Schneier:

The persistent rumor is that an IoT botnet is being used. So everything is calling for regulations to secure IoT devices. This is extraordinarily bad. First of all, most of the devices are made in China and shipped to countries not in the United States, so there’s little effect our regulations can have. Except they would essentially kill the Kickstarter community coming up with innovative IoT devices. Only very large corporations can afford the regulatory burden involved.

Like public school textbooks in Texas, regulating large markets can have the effect of regulating every market. There are lots of significant markets for these devices, but the United States and Europe are certainly two of the biggest. If those two regions — and, ideally, China and Korea — were to impose security screenings for these devices, manufacturers would likely comply worldwide, since it costs less for them to deploy the same software in every sales region.

Of course, this raises the question of how it would be most efficient to secure devices like these. A penetration test before an import certificate is granted would probably do a good job of weeding out the less-secure products, but it’s unrealistic for such a test to be imposed with every software update.

It’s a tricky problem. The solution that Graham tweeted is to have the NSA brick vulnerable devices, but that seems like a hard overreach of power. The influence of imposing regulations is softer, but I think it reduces the “Team America” feeling of the NSA acting as the global internet police.

Thomas Gryta and Keach Hagey, Wall Street Jorunal:

AT&T Inc. has reached an agreement to buy Time Warner Inc. for between $105 and $110 a share, with a deal likely to be announced as soon as Saturday evening, according to people familiar with the plans.

The boards of the two companies are meeting on Saturday to approve the transaction, the people said. The deal is half cash and half stock, according to one of the people.

Of note, this does not include Time Warner Cable, which was acquired by Charter Communications. Time Warner owns CNN, HBO, DC Entertainment, and 10% of Hulu, amongst a huge list of other brands. It is one of the largest media conglomerates in the world.

AT&T, meanwhile, is the highest-earning telecommunications company in the world, with over 130 million customers (PDF) and a market capitalization of $226 billion. Should that remain consistent, the combined valuation of over $300 billion would make the resulting company worth more than Comcast and Disney combined.

Meanwhile, CBS and Viacom are reportedly exploring a merger that would create a company with a combined worth of $40 billion, and just three years ago, Comcast completed their acquisition of NBC.

I’m unconvinced that the slow merging of many news and media organizations is in the best interests of the general public. What net positive arises for consumers from having large telecommunications companies also in control of what gets delivered over their wires? If anything, the effect of this will be to create a vastly larger, more powerful, and more influential entity, capable of gobbling up some of the largest companies in the world.

Update: Dennis K. Berman has posted a graphic of the composition of today’s AT&T. The near-reversal of the 1982 breakup of Bell’s monopoly is pretty astonishing.

Brian Krebs:

Criminals this morning massively attacked Dyn, a company that provides core Internet services for Twitter, SoundCloud, Spotify, Reddit and a host of other sites, causing outages and slowness for many of Dyn’s customers.

It’s incredible — and more than a little irresponsible — that we’ve taken something as decentralized as the web and made it largely dependent upon a handful of popular providers.

Krebs, on the cause of today’s attacks:

According to researchers at security firm Flashpoint, today’s attack was launched at least in part by a Mirai-based botnet. Allison Nixon, director of research at Flashpoint, said the botnet used in today’s ongoing attack is built on the backs of hacked IoT devices — mainly compromised digital video recorders (DVRs) and IP cameras made by a Chinese hi-tech company called XiongMai Technologies. The components that XiongMai makes are sold downstream to vendors who then use it in their own products.

“It’s remarkable that virtually an entire company’s product line has just been turned into a botnet that is now attacking the United States,” Nixon said, noting that Flashpoint hasn’t ruled out the possibility of multiple botnets being involved in the attack on Dyn.

Bruce Schneier just two weeks ago for Vice:

What this all means is that the IoT will remain insecure unless government steps in and fixes the problem. When we have market failures, government is the only solution. The government could impose security regulations on IoT manufacturers, forcing them to make their devices secure even though their customers don’t care. They could impose liabilities on manufacturers, allowing people like Brian Krebs to sue them. Any of these would raise the cost of insecurity and give companies incentives to spend money making their devices secure.

Of course, this would only be a domestic solution to an international problem. The internet is global, and attackers can just as easily build a botnet out of IoT devices from Asia as from the United States. Long term, we need to build an internet that is resilient against attacks like this. But that’s a long time coming. In the meantime, you can expect more attacks that leverage insecure IoT devices.

Be sure to read Krebs’ article on the cause of today’s attack. In it, he notes that many of the devices used in the attack are vulnerable to a ridiculously obvious flaw: a hardcoded root password for Telnet and SSH. Any security researcher worth their salt would find this problem in a heartbeat, but it’s up to the manufacturers of these devices to do their due diligence in getting them tested. Perhaps a rudimental penetration test should be part of the certification process by consumer protection agencies.

Julia Angwin, ProPublica:

The practical result of the change is that the DoubleClick ads that follow people around on the web may now be customized to them based on the keywords they used in their Gmail. It also means that Google could now, if it wished to, build a complete portrait of a user by name, based on everything they write in email, every website they visit and the searches they conduct.

Google also happens to run the most popular website analytics suite, estimated to be used on tens of millions of websites. They say that they are currently keeping browsing data separate from other Google activity, but they’re leaving the door open for that to change in the future.

I’m not trying to spread F.U.D., but Google’s change to their integration of DoubleClick data is significant. Datanyze estimates that DoubleClick holds a 75% market share within the top million websites, as ranked by Alexa. That’s more than enough to get a remarkably accurate picture of a user’s browsing history. If you use Chrome in signed-in mode, there’s already an option to make the websites you visit part of your Google profile. If Google is willing to reverse their stance on DoubleClick and has an option to track your Chrome history, a quiet policy shift towards blending analytics data doesn’t seem that far off.

There is no company that can do a better job of tying your name to nearly everything you do online. If any other company — or, indeed, a government — were to do this, there would be outrage. Yet, Google has largely managed to avoid deep concerns. Most people still use Google search, Android phones, watch YouTube videos, and trust Google Maps to get them where they’re going. What would it take for users to recognize just how risky this is? If this year has shown us anything, it’s that even the largest companies are susceptible to catestrophic breaches of security.