Month: March 2018

FBI Director Imagines a World of Unicorns, Dragons, and Secure Encryption That Can Be Sidestepped by Law Enforcement techdirt.com

Tim Cushing of Techdirt, responding to FBI Director Chris Wray:

We have a whole bunch of folks at FBI Headquarters devoted to explaining this challenge and working with stakeholders to find a way forward. But we need and want the private sector’s help. We need them to respond to lawfully issued court orders, in a way that is consistent with both the rule of law and strong cybersecurity. We need to have both, and can have both. I recognize this entails varying degrees of innovation by the industry to ensure lawful access is available. But I just don’t buy the claim that it’s impossible.

It really doesn’t matter whether or not Wray “buys” this claim. If you deliberately weaken encryption — either through key escrow or by making it easier to bypass — the encryption no longer offers the protection it did before it was compromised. That’s the thing about facts. They’re not like cult leaders. They don’t need a bunch of true believers hanging around to retain their strength.

The thing that bothers me most about Wray’s insistence that a magical “secure but accessible only by law enforcement” encryption standard is that technical experts at the FBI surely know that it isn’t possible, yet he keeps making the claim that it is. Does Wray simply not pay attention to his employees?

In Defence of Surfing the Insecure Web

Dave Winer opposes Google’s plan to effectively deprecate HTTP by discriminating against non-HTTPS websites in Chrome:

I don’t think the explosion is over. I want to make it easier and easier for people to run their own web servers. Google is doing what the programming priesthood always does, building the barrier to entry higher, making things more complicated, giving themselves an exclusive. This means only super nerds will be able to put up sites. And we will lose a lot of sites that were quickly posted on a whim, over the 25 years the web has existed, by people that didn’t fully understand what they were doing. That’s also the glory of the web. Fumbling around in the dark actually gets you somewhere. In worlds created by corporate programmers, it’s often impossible to find your way around, by design.

The web is a social agreement not to break things. It’s served us for 25 years. I don’t want to give it up because a bunch of nerds at Google think they know best.

Mozilla has indicated that they are doing the same. But Eric Mill wrote a piece a couple of years ago about this very topic, and he appreciates the deprecation of HTTP:

I understand the fear of raising the barriers to entry. As a child, I too fell in love with an internet made by everyone, and have spent my career, my volunteer work, and my hobbies trying to share what that love has taught me. I want children everywhere in the world to grow up feeling like the internet that permeates their lives is also in their service — a lego set in real life that you can buy with a week’s allowance.

Yet as an adult, I also understand that power for ordinary people is hard to come by and hard to keep. The path of least resistance for human society is for money to buy more money, and might to demand more might. Democracy is designed not so much to expand freedom as it is to give people tools to desperately hold onto the freedom they have.

Put another way: power has a way of flowing away from the varied, strange, beautiful little leaf nodes on the outer edges and into the unaccountable, unimaginative, ever-hungry center.

Mill actually uses the enforcement of HTTPS by browser vendors as a knock against big companies like Verizon and Comcast that inject ads into HTTP-served websites, and spy agencies like the NSA and the GCHQ:

What animates me is knowing that we can actually change this dynamic by making strong encryption ubiquitous. We can force online surveillance to be as narrowly targeted and inconvenient as law enforcement was always meant to be. We can force ISPs to be the neutral commodity pipes they were always meant to be. On the web, that means HTTPS.

As Mill points out in his article, there are great reasons to add an HTTPS certificate to a website that has no interactive elements beyond links. It makes sense to me to generally prefer HTTPS going forward, but I have concerns about two browser vendors working to effectively eliminate the non-HTTPS web; or, at least, to put barriers between it and users.

I like the way Firefox attempts to educate users directly adjacent to insecure password fields; I also don’t mind the way Chrome handles notifications of HTTP-only webpages today. But the changes coming in July that will mark all HTTP webpages as “not secure”, and that will make a large — if hardly-trafficked — part of the web feel like it’s diseased. And what will Google do in the future, I wonder? If they’re going to progressively increase their warnings on HTTP webpages, what’s next?

I also agree with Winer on another key point: enforcing a pseudo-mandatory policy on HTTPS makes it that much harder for someone new to this stuff to even begin to understand it. As Frank Chimero recently wrote, building stuff for the web has become vastly more complicated since even five years ago. I’m happy to keep learning new skills and growing my understanding of what the web can do, but I don’t know where to begin on this modern web. I don’t intend to hold myself up as a barometer of the complexities of modern web programming or anything — I just don’t know what’s going on any more. I’ve been doing this stuff for nearly twenty years. I don’t know how someone who is eight years old could start digging into React, or Node.js, or any of the other modern JavaScript-based ways of writing <h1>hello world</h1>.

I’m sure the kids will figure it out — they always do. However, I worry that introducing more requirements, even something as simple as HTTPS, can be discouraging. That’s the last thing HTTP/HTML web should be: discouraging. It is one of the greatest enablers of communication in human history. Let’s not allow its future to be dictated by browser vendors.

Or, in Mill’s language: let’s make sure we encourage building more leaf nodes by making their creation easier and more fun, instead of allowing a much stronger centre to form.

The Ways in Which Facebook Builds User Data Profiles for Targeted Advertising t.co

Joanna Stern, Wall Street Journal:

A conspiracy theory has spread among Facebook and Instagram users: The company is tapping our microphones to target ads. It’s not.

[…]

I believe them, but for another reason: Facebook is now so good at watching what we do online — and even offline, wandering around the physical world — it doesn’t need to hear us. After digging into the various bits of info Facebook and its advertisers collect and the bits I’ve actually handed over myself, I can now explain why I got each of those eerily relevant ads. (Facebook ads themselves offer limited explanations when you click “Why am I seeing this?”)

Advertising is an important staple of the free internet, but the companies buying and selling ads are turning into stalkers. We need to understand what they’re doing, and what we can — or can’t — do to limit them.

Think about how quickly we’ve accepted this as the new normal, and why. Do we really prefer highly-specific advertising, as Facebook and Google say we do, or is it simply very creepy? Even if you don’t have a Facebook or Google account, you’re using Safari — which limits ad tracking by default — and have all sorts of silly settings to limit your exposure to trackers, there are still an extraordinary number of ways that your information can be acquired for highly-targeted advertising, almost always without your explicit permission.

California Becomes Eighteenth State to Introduce ‘Right to Repair’ Legislation motherboard.vice.com

Jason Koebler, Vice:

“The Right to Repair Act will provide consumers with the freedom to have their electronic products and appliances fixed by a repair shop or service provider of their choice, a practice that was taken for granted a generation ago but is now becoming increasingly rare in a world of planned obsolescence,” Susan Talamantes Eggman, a Democrat from Stockton who introduced the bill said in a statement.

The announcement had been rumored for about a week but became official Wednesday. The bill would require electronics manufacturers to make repair guides and repair parts available to the public and independent repair professionals and would also would make diagnostic software and tools that are available to authorized and first-party repair technicians available to independent companies.

I’m intrigued by this wave of “right to repair” legislation — much of which has been pushed by Repair.org, a repair industry trade group — but I’m curious about what parts must be repairable, especially in consumer electronics. The full text of the California bill hasn’t been posted publicly, as far as I can see, but Minnesota’s has and it’s fairly nonspecific. I’m all for batteries being designed to be more replaceable, even if it takes popping a few screws out, but what about trickier components, like chips that are soldered to the board? Would a manufacturer be required to provide full board component repairability, or just the ability to replace the board itself?

Selfishly, I hope this legislation leads to more upgradable MacBooks, especially the Pro. I don’t think a professional notebook designed to last several years should have its internal storage capacity capped at time of purchase.

Notes on Analytics and Tracking in Onavo Protect for iOS medium.com

Will Strafach:

Recent media coverage of Onavo Protect encouraged me to investigate the code for the iOS version of their app. I wanted to determine what types of data is collected in addition to the alleged per-app-MAU tracking performed server-side.

I found that Onavo Protect uses a Packet Tunnel Provider app extension, which should consistently run for as long as the VPN is connected, in order to periodically send the following data to Facebook (graph.facebook.com) as the user goes about their day:

  • When user’s mobile device screen is turned on and turned off

  • Total daily Wi-Fi data usage in bytes (Even when VPN is turned off)

  • Total daily cellular data usage in bytes (Even when VPN is turned off)

  • Periodic beacon containing an “uptime” to indicate how long the VPN has been connected

If I’m reading this right, Strafach hasn’t found indications — yet? — that Onavo sends app usage data to graph.facebook.com, but we know Onavo collects that data.

What he has found so far doesn’t appear to be nearly that intrusive, but it’s also bizarre. For example, why does Facebook need to know when your phone’s display is on?

Tangentially, Onavo’s behaviour is the kind of thing I wish App Review was more strict towards. There’s perhaps a thin line between analytics packages that developers sometimes use and what Onavo does; similarly, there’s a thin line between Onavo’s data collection and Facebook’s entire business model. But this app is just skeevy — it buries its Facebook affiliation1 and data gathering behind a different brand and the promise of protecting you from phishing.

  1. The only mention of Facebook on their website is on the about page, and in the App Store, the Facebook affiliation is in a large paragraph of text in the initially hidden area of the app description. ↥︎

iTunes LP and the iPad mjtsai.com

David Millar:

“Apple to Discontinue ‘fancy HTML in a zip file’ Format”

Michael Tsai:

I’m not quite sure whether iTunes LP was a bad idea or simply one that neither Apple (aside from Steve Jobs?) nor the music producers actually had much interest in. How else to explain that Apple never brought it to iPad?

I think iTunes LP was a fine enough idea; ultimately, though, I can’t imagine that many people went out of their way to buy iTunes LPs instead of the usually-cheaper non-LP version of the album.

They were built using an extraordinarily flexible and easy-to-use SDK by way of TuneKit, which was basically just a website. Theoretically, that simplicity should mean that they should have worked perfectly okay on the iPad that shipped just six months after iTunes LP was introduced, and that the number of iTunes LPs created should have been more than could easily be catalogued on Wikipedia. If lots of people truly cared about them, there would be an easy way to find them in a user’s iTunes library and in the iTunes Store.

Amazon Admits Alexa Is Creepily Laughing at People and Is Working on a Fix theverge.com

Shannon Liao, the Verge:

Over the past few days, users with Alexa-enabled devices have reported hearing strange, unprompted laughter. Amazon responded to the creepiness in a statement to The Verge, saying, “We’re aware of this and working to fix it.”

As noted in media reports and a trending Twitter moment, Alexa laughs without being prompted to wake. People on Twitter and Reddit reported that they thought it was an actual person laughing near them, which can be scary when you’re home alone. Many responded to the cackling sounds by unplugging their Alexa-enabled devices.

Just one more thing Amazon’s virtual assistants can do that the HomePod cannot.

But why is this possible at all? Is there some sort of hidden maniacal laughter mode? Is that something people would ever want to trigger intentionally, let alone have the device invoke accidentally? Is this a prank? And could you trust Amazon’s virtual assistant to not do anything like this again?

Apple to Discontinue ‘iTunes LP’ Format theverge.com

Remember iTunes LP? Here’s how a 2009 Apple press release described the then-new format:

iTunes LP is the next evolution of the music album delivering a rich, immersive experience for select albums on the iTunes Store by combining beautiful design with expanded visual features like live performance videos, lyrics, artwork, liner notes, interviews, photos, album credits and more.

At the time, Steve Jobs described it as a way to replicate an album-like experience digitally.

As of the end of this month, though, Apple will no longer accept new iTunes LP releases. Dani Deahl, the Verge:

Earlier today, UK-based website Metro claimed to have a leaked internal email from Apple sent to music producers titled “The End of iTunes LPs.” The email supposedly stated that “Apple will no longer accept new submissions of iTunes LPs after March 2018,” and that “existing LPs will be deprecated from the store during the remainder of 2018. Customers who have previously purchased an album containing an iTunes LP will still be able to download the additional content using iTunes Match.”

While iTunes LP submissions will end this month, existing iTunes LPs will not be depreciated. Not only will these iTunes LPs continue to be available, but users will still be able to download any previous or new purchases of iTunes LPs at any time via iTunes.

I have a few iTunes LPs, but I also have a ton of actual LPs. One thing that network-accessed music will always lack, whether it is streamed or purchased, is the physicality of an album. Apple’s attempt at replicating it was a good effort and allowed them to do things that you simply can’t do with album art and liner notes, like including music videos, or behind-the-scenes films of the recording process.

But, these days, those extras don’t require a specific packaged format. Videos are streamed for the one or two times most people watch them, and lyrics are just a scroll away for many Apple Music tracks. The world moved beyond iTunes LP. And the remaining things it offered — like exquisite artwork on gorgeous poet, and that sense of a packaged product — simply can’t be replicated effectively on a screen. The weight of an LP still means something, and bytes simply don’t weigh anything.

By the way, I see a lot of stories right now forecasting the end of the iTunes Store based, in part, on this announcement. The original Metro story, for example, mis-quotes the email in its headline, and Cult of Mac jumped right on that bandwagon. I wouldn’t read too much into those. If Apple were killing music sales, they would just come out and say that.

European Union Plans to Tax Tech Giants on Local Revenue beta.techcrunch.com

Romain Dillet, TechCrunch:

Google, Amazon, Apple and Facebook have all faced different issues when it comes to tax optimizations. They’ve been routing their revenue through Ireland, Luxembourg, the Netherlands and other countries with a low corporate tax. Sometimes the money end up in Bermuda or the tiny island of Jersey.

[…]

That’s why Europe’s economy ministers wanted to find a way to tax them properly that is easy to implement. And Le Maire confirmed that Europe will look at the overall revenue of tech giants in each country and tax them based on that figure.

This makes complete sense to me. As Tim Cook once wrote:

Taxes for multinational companies are complex, yet a fundamental principle is recognized around the world: A company’s profits should be taxed in the country where the value is created.

This is a tax that will be assessed in each country based on companies’ earnings in each country — that seems fair enough. What’s strange, though, is that the original article off which TechCrunch’s report is based indicates that this is a tax specifically on tech companies. Perhaps it’s just a lack of context created by a poor automatic translation, but that seems silly to me. As virtually all multinational companies practice various forms of tax avoidance, why not apply this strategy to all companies operating across the E.U.?

In Addition to Cellebrite, a Second Firm Offers Late-Model iPhone Unlocking Services forbes.com

Thomas Fox-Brewster, Forbes:

Just a week after Forbes reported on the claim of Israeli U.S. government manufacturer Cellebrite that it could unlock the latest Apple iPhone models, another service has emerged promising much the same. Except this time it comes from an unkown entity, an obscure American startup named Grayshift, which appears to be run by long-time U.S. intelligence agency contractors and an ex-Apple security engineer.

In recent weeks, its marketing materials have been disseminated around private online police and forensics groups, offering a $15,000 iPhone unlock tool named GrayKey, which permits 300 uses. That’s for the online mode that requires constant connectivity at the customer end, whilst an offline version costs $30,000. The latter comes with unlimited uses.

I don’t imagine Apple’s legal department is particularly thrilled that one of their ex-employees is helping crack device security measures.

At any rate, that’s now two firms that have similar intrusion capabilities using methods that they won’t report to Apple because their business models depend on their not doing so. That means that all iPhone owners are walking around with serious — albeit perhaps hard-to-exploit — vulnerabilities in their device’s security architecture. At least Apple may be able to surreptitiously acquire a copy of GrayKey and patch the vulnerabilities it uses.

Facebook Surveys Users to Find Out Whether Men Soliciting Sexual Images of Children Should Be Allowed on the Platform theguardian.com

Alex Hern, with one hell of a lede in the Guardian:

Facebook has admitted it was a “mistake” to ask users whether paedophiles requesting sexual pictures from children should be allowed on its website.

You don’t say.

On Sunday, the social network ran a survey for some users asking how they thought the company should handle grooming behaviour. “There are a wide range of topics and behaviours that appear on Facebook,” one question began. “In thinking about an ideal world where you could set Facebook’s policies, how would you handle the following: a private message in which an adult man asks a 14-year-old girl for sexual pictures.”

The options available to respondents ranged from “this content should not be allowed on Facebook, and no one should be able to see it” to “this content should be allowed on Facebook, and I would not mind seeing it”.

I don’t know how something like this could be possible, unless Facebook is somehow running this survey in an entirely automated way, including in writing the questions. Maybe they are, but I think someone — a human being — must have written this question and someone else must have seen it before it was published. Either there was an over-reliance in automated tools, nobody working on this survey caught such a blatantly stupid question, or someone genuinely believed this was something worth asking.

Delayed Disgratification macworld.com

The Macalope, commenting on this tragedy of an article by the Motley Fool’s Ashra’s Eassa:

The phone was shipped “on time.” It was shipped when it was announced to ship and when Apple was able to meet enough demand. Your imaginary ship dates do not enter into this equation.

Eassa thinks there are people who looked at the later release date for the iPhone X and were “discouraged at having to wait until November to buy an iPhone that would ultimately be replaced by a newer, better model in about 10 months” and therefore didn’t buy an iPhone this year at all.

That seems like a very small set of people. And it’s quite likely that the 2018 release schedule will be exactly the same as the 2017 release schedule, with a base phone coming first and a higher end model coming second. So it’s a very small set of people who are very bad at evaluating choices.

Interestingly, one year ago — nearly to the day — Eassa argued that releasing the then-rumoured OLED iPhone in November was preferable:

Of course, Apple is better off delaying a product a smidgen to make sure it’s ready to go and if the redesigned fingerprint scanner meaningfully enhances the user experience, then the delay is probably worth it.

Three things about last year’s article:

  1. This was published when some rumours still claimed that the OLED iPhone would ship with a fingerprint scanner, hence that reference.

  2. Its headline frames this as “bad news”, so it sounds like Eassa is just sticking with that narrative rather than revising it in the face of facts.

  3. In interviews about the iPhone X, Apple executives have claimed that it actually shipped early — internally, they were apparently targeting a 2018 release.

Jack and the Mean Talk twitter.com

Jack Dorsey:

We love instant, public, global messaging and conversation. It’s what Twitter is and it’s why we‘re here. But we didn’t fully predict or understand the real-world negative consequences. We acknowledge that now, and are determined to find holistic and fair solutions.

We have witnessed abuse, harassment, troll armies, manipulation through bots and human-coordination, misinformation campaigns, and increasingly divisive echo chambers. We aren’t proud of how people have taken advantage of our service, or our inability to address it fast enough.

That’s an extraordinarily frank admission. I admire that. So what will Twitter do about it?

Dorsey:

Recently we were asked a simple question: could we measure the “health” of conversation on Twitter? This felt immediately tangible as it spoke to understanding a holistic system rather than just the problematic parts.

Dorsey points to an article from Cortico,1 a nonprofit firm that “aims to strengthen an American public sphere weakened by political, cultural and socioeconomic isolation“:

This experience led us to the idea that perhaps we could measure aspects of the health of the public sphere—in terms of communication exchanges between groups or tribes—grounded in data from public social media and other public media sources. As a starting point, we are developing a set of health indicators for the U.S. (with the potential to expand to other nations) aligned with four principles of a healthy public sphere:

  1. Shared Attention: Is there overlap in what we are talking about?

  2. Shared Reality: Are we using the same facts?

  3. Variety: Are we exposed to different opinions grounded in shared reality?

  4. Receptivity: Are we open, civil, and listening to different opinions?

This sounds a lot like Twitter will reference Cortico’s techniques to try to automate the hate away from conversations, but a post on Twitter’s blog indicates that they have no idea how to do this. I’m skeptical of its success. I’m concerned that Dorsey sees it as a problem, but has waited too long to do anything about it and now wants to invent a way to do it automatically, like a university student who waited to start writing their ten-thousand word essay until the night before it’s due. It seems earnest, but also a bit desperate.

I think that a better start would be to ban Nazis. I mean that literally. Flag any account where its name, handle, location, bio, or recent tweets contain allusions to Hitler normally used by white supremacist groups: “1488”, “HH”, “14 words”, and other hate symbols in context. That gives human operators the ability to sift through heaps of these accounts and ban the ones that are clearly and obviously Nazis, of which there are frighteningly many. This isn’t a perfect solution; it’s barely scratching the surface. But it would be a material change in how Twitter operates and a clear line as to what they do not tolerate. “No Nazis” should not be a controversial point of view.

  1. I had never heard of Cortico before Dorsey posted this, so I went to Wikipedia. There’s no entry for the company; there is, however, an entry for cortiço, a term used in Portugal and Brazil to describe ultra high density housing with poor sanitary conditions. I don’t know where the American firm got their name, but that’s a hell of an association. ↥︎

Twitter Launches Bookmarks blog.twitter.com

Jesar Shah, product manager at Twitter:

Today, we’re introducing Bookmarks, an easy way to save Tweets for quick access later. But wait, there’s more! Today’s update makes sharing better, too. With our new “share” icon on every Tweet, you’ll be able to bookmark a Tweet, share via Direct Message, or share off of Twitter any number of ways. Because we put all sharing actions together in one place, it’s easier to save and share privately or publicly — in the moment, or later.

This looks great. Bookmarking is easily one-third to one-half of how I use the “like” button. A key difference between the two is that bookmarks are private; likes are public and, for a few years now, followed users’ likes have been inserted at the top of the algorithmic timeline. If Twitter were driven less by juicing “engagement” metrics, this feature might not be necessary.

Unfortunately, there’s nothing in this announcement nor anything in Twitter’s documentation that suggests they’re making this available to third-party developers; I hope they do.