Pixel Envy

Written by Nick Heer.

Archive for May, 2019

WWDC 2019 Prelude

I’m not a developer for any of Apple’s software platforms; and, so, WWDC usually comes every year as a welcome annual indication of where their platforms are headed, but I’m not compelled to fly down to San Jose, book a hotel room, and file for bankruptcy. This year, though, I’m getting the feeling that I should be there. I don’t know why, but there’s something in the air this year that seems just a little different — and I like it.

For old times’ sake, I wanted to put together one of those part-retrospective part-speculative pieces where I point out some of the new things I’d like to see this year. Maybe some of these things will be introduced, and that would be cool; I wouldn’t bet on too much of this list, though. These are just a few things that have been swirling in my head.

iOS, Visually

Here’s something remarkable: the design language that emerged from the iOS 7 upheaval has now been with us for the same amount of time as its glossier and more colourful predecessor on iOS. Of course, that alone should not dictate whether it is time for a new coat of paint — to my eyes, this aesthetic is holding up far better than the last one at about the same time in its life.1 In part, that’s because Apple has done a good job updating it in the intervening years: switching to their custom San Francisco typeface, for example, and introducing some big, bold typography in iOS 11. Since iOS 7’s ship date, there’s nothing in the system that has felt so instantly tacky as, say, the metallic action buttons in the iOS 6 sharing sheet.

Yet, for everything that iOS 7 did right in setting Apple up for creating software that looks and works like it matches their hardware, there are some things that have never sat right with me. I don’t think shapeless buttons have ever been a good idea. They look unfinished, unanchored, and uncharacteristically sloppy; I am dismayed that they have stayed virtually the same for six years. I’ve also never been fond of any of the glyph-on-a-white-background icons that shipped in iOS 7, save for Photos. That is a beautiful illustration. The rest — Music, Reminders, Home, Calendar, Files, Health, Find My iPhone, and (if we’re being generous with the definition of “white background”) Calculator — are drab things that I have mostly buried in assorted folders on the second through fourth pages of my iPhone’s home screen.

I also think this would be a great time to revisit some of the more delightful spit-and-polish qualities of visual interface design. I was thinking recently about Time Machine — more on that below. Backing up a computer is a mundane task; finding and restoring a deleted file can be very stressful, particularly if it’s an important document. Time Machine somehow made this dreadful part of computing enjoyable. But, not everything about Time Machine was good. I remember my irritation any time I accidentally clicked on its Dock icon and watching helplessly as my entire computer — a mid-2007 MacBook Pro; so, brand new when Leopard shipped — ground to a halt to render some stars over a swirling nebula backdrop.

So, while I am not necessarily eager to return to an era of photorealistically-rendered window textures and glossy everything, I would love to see a middle ground. The “card” that pops up when you connect your AirPods or share a WiFi network’s password is, I think, very elegant, particularly on my iPhone X where the corner radius is matched to the screen’s, making it feel like an extension of the phone itself. I do wish the button were a gorgeous saturated blue, though. The revised design of Wallet in iOS 12.2 is also very nice; I welcome the return of enclosed cells in table views. Refinement throughout the system to add a little more colour and visual cues would also be delightful. The “Backup and Restore” section of Apple’s iCloud marketing webpage includes screenshots of some of the most dreary visual patterns in iOS. More spit-and-polish, better use of colour, and more elegance will always be welcomed in visual design.

I’d also like to see more attention to detail in not allowing obvious sloppiness to be shipped.

We’ve had an era of sorely needed recalibration from excessive and overwrought visual design patterns. Let’s inject a feeling of craft and beauty back into the software we use, though. Apps like Things illustrate a fantastic interpretation of how a less decorative design language can still be lively and tactile.

iOS, Functionally

Beyond the more surface-level stuff, there are some functional changes I’d like to see in iOS. More specifically, I have different hopes for each the iPhone and the iPad.

First, a quick observation: it’s remarkable just how much Apple got completely right with the first iPhone’s user interface. The tab bar that runs across the bottom of many apps is, I think, a brilliant piece of foresight. From the 3.5-inch displays of the first four generations of iPhone to the windowpane of glass that is the iPhone XS Max, it has scaled beautifully.

But the stuff at the top of the display — app toolbars, notifications, Notification Centre, and Control Centre — is something I think sorely needs reconsidering. There have been moves made to this effect for several years. Keen observers of third-party app design trends on iOS will remember that the downfall of the then-ubiquitous “hamburger” menu began around the time that Plus-model iPhones became popular. iOS 7 also launched a universal gesture for paging back by swiping from the left edge of the screen, which became immensely useful on larger-screened iPhones.

But that still leaves a few remaining gestures that require a telescopic thumb. And, I should point out, I still think it’s ridiculous that notifications are positioned to overlap the upper toolbar of pretty much every app. On a semi-frequent basis, my thumb will go to hit some control at the top of the display only to have a notification pop in, so when my thumb contacts the display, I get whisked off to some other app. It’s not a very good game.

On the bigger side of the iOS device spectrum, I am anticipating improvements to the iPad’s home screen and its multitasking capabilities. As was reported early last year by Mark Gurman — and which I have heard separately as well — the iPad improvements that were supposed to debut with iOS 12 were bumped as a result of that update’s increased focus on stability and speed. With another year of polish, I’m looking forward to seeing what may be in store.

Perhaps better indication of which app in a split view is foregrounded, particularly when an external keyboard is used.

Maybe the home screen will have more flexibility in what can be placed on it and how those items can be arranged.

Or maybe it will soon be possible to run more than one instance of an app, so you can pull up a couple of Pages documents side-by-side to more easily work with both of them. Even having more complex layouts like that which recently debuted in Fiery Feeds would be a boon.

This would be really a great year for Siri, Notification Centre, and Control Centre to stop taking over the entire display when invoked, and the same for the whole-screen dominance of an incoming phone call. Hey, a guy can dream.

Overall, I’d like to see great understanding that a single task often requires referencing multiple things across several apps. Part of that can be resolved through UI changes. However, I’d also like the system to do a better job of holding multiple apps in memory. iOS, as I understand it, has a far more limited virtual memory system than MacOS. That, combined with less RAM, means that apps in the background are frequently kicked out of memory and must be reloaded. This can be deeply interruptive when working in multiple apps at once, and it’s something I’ve never seen on MacOS. It’s so interruptive to me that I will often be working on something on my iPad only to find it has, once again, kicked all my Safari tabs out of memory after I checked my email or responded to a text; at that point, I find it easier to simply switch to my Mac.

The Mac

The biggest Mac news of WWDC this year will almost certainly be a new Mac Pro. It makes total sense to introduce it to a developer audience, even if it isn’t available soon after — though I hope it is. While I doubt they will acknowledge the failure of the last Mac Pro, I hope to hear Apple make the case for the feasibility of updating the new one more frequently than once every seven years.

I am also looking forward to the display that it will reportedly be paired with. Fifteen years ago, Apple defined what a professional-grade desktop display ought to be with the 30-inch Cinema Display. I would not be disappointed if the new display is a 5K 27-inch model — there is certainly a dearth of those — but I would love to be surprised by a product that’s the spiritual successor of the 30-inch Cinema Display: some gigantic, high-resolution thing with that isn’t available anywhere else. Technology permitting, of course.

It’s unlikely, but I would also like to see an acknowledgement of the failure of their “butterfly” keyboard design that is currently shipping in every portable Mac they make. These keyboards are terrible. I’ve seen frustration with these keyboards referenced increasingly in non-tech circles, so news is spreading that Apple’s laptops aren’t fully reliable.

On the software front, I am mostly concerned about the next stage of the so-called “Marzipan” apps. The four apps that have been released so far are not good, and are poor examples for the developer community. I am cautiously optimistic about what we could see this year, though. These apps were clearly stopgap proofs-of-concept that, arguably, shouldn’t have shipped, and my hope is that we’ll see truly Mac-like iterations of these and other apps this year. I don’t want iOS apps running with a MacOS title bar to be the new standard.

That’s not to say that all things from iOS do not or could not work on the Mac. In particular, the effects introduced in Messages and FaceTime on iOS should absolutely be brought to the Mac as well. I get why Animoji and Memoji can’t be on the Mac — yet — but surely I should be able to send and receive messages with the laser effect, or use some goofy FaceTime filters.

From a services perspective, I hope this is the year that we see an iCloud-powered Time Machine backup option. It has always struck me as very odd how Apple banged the drum for years about how easy backups are on the Mac with Time Machine, but never evolved it. Even if you count document versioning as an update to Time Machine, there have been virtually no updates to it since the version that shipped with Lion eight years ago. In that time, the biggest Time Machine-related news was the discontinuation of the Time Capsule a couple of years back. That means that users of Apple’s notebooks either need to remember to plug in a hard drive, or they need to know about Backblaze or another third-party remote backup service. Yet, Apple sells iCloud plans offering up to two terabytes of storage, and recommends switching on iCloud backups for iOS devices when they are set up. I want the same thing for my Mac.

Finally, there are still features that haven’t made their way into iCloud despite being available in Apple’s previous online subscription services. Because I now have two Macs, it would be great to be able to sync everything from app preferences to my Dock layout between both machines. These are things that don’t often change but, when they do, it’s likely that I want that setting applied on both. iCloud is most of the way there already, with features like Documents and Desktop syncing, iCloud Keychain, and automatic downloads from Apple’s stores — I’d just like to see a last push.

Apple TV, HomePod, and More

Something I’m aching for with my Apple TV is better support for multiple users. I know this has been a perennial request by owners of family-used iPads, but I think it makes even more sense on the Apple TV and, presumably, HomePod, as they are inherently communal devices. The Apple TV in our house is signed into my Apple ID because it was the one with the Apple Music subscription before we sorted all that out. Both my partner and I play music with the Apple Music app and, while we have similar tastes in a lot of areas, her picks have definitely skewed my recommendations a little.

Netflix solves this by allowing one account to have several profiles. I wish Apple’s apps would allow switching between accounts in the same iCloud Family.

I also think Apple could do a better job of defining what makes a great app for tvOS. I’ve previously complained about the YouTube app and I still feel very strongly that it is a bad app. But so, too, is Music in its own way: when it resumes, it bumps whatever album was last playing to the front of your Recently Played list, even if that album is paused or stopped; the For You page reloads as you move around; the entire app is slow and navigating it is poor.

Finally, one thing I’d like to see more generally is a greater focus on unification of product and service availability no matter where users live. I recognize that there are regulatory hurdles and licensing restrictions that make this difficult — if not impossible — but, as a non-American, this is important to me.


  1. A caveat: the original iPhone UI was clearly a descendent of the Aqua design language that was Apple’s standard since Mac OS X debuted in 2001. So perhaps it’s a bit premature to declare the iOS 7 visual language the same age; but, on the iPhone, it is. Also, the iOS 7 language was never named. ↩︎

On the Apparently Unmoving FCC Investigation Into Phone Carriers Selling Subscriber Location Data

Dell Cameron, Gizmodo:

How the intimate data exchanging hands in these back-alley deals compares in size and scale to, say, what Cambridge Analytica acquired on Facebook users in 2016 is ultimately made irrelevant by the fact that it’s a thousand times more sensitive. This is data meant for hunting people down. In the most outrageous case documented by the press so far, a Motherboard reporter managed to pay a bounty hunter $300 to put a trace on a cellphone in New York. The coordinates he received provided accurate up to around a quarter mile. As one Democrat on the FCC put it, the trade in Americans’ location data is “a personal and national security issue that affects every American with a cell phone.”

There’s little evidence that it’s being treated as such. Lawmakers on Wednesday openly scolded [FCC Chairman Ajit] Pai over his handling of the investigation, which is thought to be nearing the end of its first year. (It remains unclear when the investigation was actually started.) During questioning, he refused outright to say whether he’d share basic information about the investigation with the FCC’s two Democratic commissioners, Jessica Rosenworcel and Geoffrey Starks.

Who knows? This could all be nothing; Pai’s office could just be bad at email. In that case, I sympathize.

But if this is a case of what appears to be partisan nonsense, it’s deeply troubling. These carriers were providing third parties access to customers’ real-time location data. That’s an unconscionable violation of privacy; I don’t think anyone would disagree. It would be an egregious breach of duty for the FCC investigate this without urgency or priority.

Of course, this is the Republican Party serving the doctrine of Donald Trump, so there are always gratuitous conflicts of interest or the potential for grift:

Statutorily, the FCC has one year in most cases from the date of a violation to issue a notice of apparent liability. Neither commissioner can say whether the statute of limitation has expired on any particular infraction. But notably, more than a year has passed since Senator Ron Wyden first wrote to the FCC demanding this investigation take place. A New York Times expose about a business that sold phone-tracking services to state law enforcement officials without a warrant turned a year old last week. (Pai, incidentally, represented that business — Securus Technologies — seven years ago, while working in private practice.)

Shocking.

A Report From the AMP Advisory Committee Meeting

Terence Eden:

I don’t like AMP. I think that Google’s Accelerated Mobile Pages are a bad idea, poorly executed, and almost-certainly anti-competitive.

So, I decided to join the AC (Advisory Committee) for AMP. I don’t want them surrounded with sycophants and yes-men. A few weeks ago, a bunch of the AC met in London for our first physical meeting after several exploratory video calls.

I maintain that AMP is antithetical to the open web, and a stealthy anticompetitive threat. If Google did not restrict the top “carousel” of news results on mobile to AMP pages, I doubt it would have ever caught on. It has few merits of its own and is popular solely because it has been given undue weight due to Google’s influence.

Scrap it. Take what good albeit obvious lessons have been learned from AMP — limits on asset size, no arbitrary scripts, simpler page structures — and sink its corpse to the seabed of our collective conscience.

The Night the Lights Went Out

Drew Magary, Deadspin:

I remember hosting the Deadspin Awards in New York the night of December 5th and then heading over to a karaoke bar for a staff after-party, where I ate some pizza, drank a beer, sang one song (Tom Petty’s “You Got Lucky,” which would soon prove either fitting or ironic, depending upon your perspective), and that’s it. After that comes a great void. I don’t remember inexplicably collapsing in a hallway, fracturing my skull because I had no way to brace myself for the impact. I don’t remember sitting up after that, my co-workers alarmed at the sight of blood trickling out of the back of my head. I don’t remember puking all over Barry Petchesky’s pants, vomit being one of many fun side effects of your brain exploding, as he held my head upright to keep me from choking on my own barf. I don’t remember Kiran Chitanvis quickly calling 911 to get me help. I don’t remember getting into an ambulance with Victor Jeffreys and riding to an uptown hospital, with Victor begging me for the passcode to my phone so that he could call my wife. He says I made an honest effort to help, but my circuits had already shorted out and I ended up giving him sequences of four digits that had NOTHING to do with the code. Flustered, he asked me for my wife’s phone number outright. Instead, I unwittingly gave him a series of 10 digits unrelated to the number he sought.

I don’t remember that. I don’t remember bosswoman Megan Greenwell trailing behind the ambulance in a cab with her husband and staying at the hospital ALL NIGHT to plead with them to give me a closer look (at first, the staff thought I was simply inebriated; my injury had left me incoherent enough to pass as loaded) because she suspected, rightly, that something was very wrong with me. I don’t remember doctors finally determining that I had suffered a subdural hematoma, or a severe brain bleed: A pool of blood had collected in my brain and was pressing against my brain stem. I was then rushed to another hospital for surgery, where doctors removed a piece of my skull, drained the rogue blood, implanted a small galaxy in my brain to make sure my opinions remain suitably vast, put the hunk of skull back in, and also drilled a hole in the TOP of my head to relieve the pressure. They also pried my eyes open and peeled the contact lenses off my eyeballs. They then put me into a medically-induced coma (SO METAL) so that my brain could rest and heal without Awake Drew barging in and fucking everything up.

I don’t remember any of that. I told you I wouldn’t be a very reliable narrator.

This is many things. It is gutting, inspiring, saddening, frustrating, at times very funny because Drew Magary wrote it so of course it is, illuminating, and moving. But, as a piece of writing, it’s perfect. Put this on your reading list for the weekend, or read it now. I don’t care which; it’s worth your time.

A History of Data Collection in Mobile Games

Kaitlyn Tiffany, Vox:

So what do these third-party advertisers do that’s so bad? A study conducted last year by security researchers at UC Berkeley gives us some insight.

The study focused on children’s privacy and resettable advertising IDs —the string of numbers and letters that identify you and keep a log of your clicks, searches, purchases, and sometimes geographic location as you move through various apps — in contrast with non-resettable, persistent identifiers. Phone security experts recommend regularly resetting it to limit advertisers’ ability to track you. (You can do that in the Advertising section at the bottom of the Privacy settings on an iPhone, or in the Ads menu in the Services section of an Android device’s settings.)

The study found something alarming: Of 3,454 children’s apps that share resettable advertising IDs, 66 percent were sharing persistent identifiers as well. You could reset the advertising ID every 20 minutes on the device your child is using, if you wanted to, but it wouldn’t do anything to clear their history. The only way to reset that device ID is by factory-resetting the phone or tablet and starting from scratch. More importantly, the study found that 19 percent of children’s apps contained ad-targeting software with terms of service so predatory that they’re not even legal to include in apps designed for children. Kids under 13 aren’t supposed to be tracked between apps at all, especially for advertising purposes, and especially as part of a permanent history of their digital lives.

This is the kind of thing that I would like to see sifted out of apps before they make it into the App Store. There are honest justifications for developers to use an analytics framework to sort out bugs within their apps or figure out how often a feature is being used. Still, I would like to see more limitations placed on the monetization of data collected from app usage, and on persistent identifiers — particularly when they’re operated by a third party and can therefore be used to track users across multiple apps and even across devices.

By the way, do yourself a favour and opt out of ad targeting on your iOS devices.

Consistently Stupid U.S. Administration Solicits Complaints of ‘Bias’ by Websites

Tony Romm, Washington Post:

The White House on Wednesday escalated its war against Silicon Valley when it announced an unprecedented campaign asking Internet users to share if they had been censored on Facebook, Google and Twitter, tapping into President Trump’s long-running claim that tech giants are biased against conservatives.

The effort, which the White House said on Twitter was directed at users “no matter your views,” seeks to collect names, contact information and other details from Americans. The survey asks whether they have encountered problems on Facebook, Instagram, Google-owned YouTube, Twitter or other social media sites — companies the president frequently takes aim at for alleged political censorship.

This, on the very same day that the Trump administration announced it would not sign a statement pledging to take action to combat and avoid amplifying violent extremist rhetoric on what is ostensibly First Amendment grounds. I’m not saying that they should necessarily sign such a statement as I understand the free speech concerns — though the pledge does not require that government signatories do anything that would curtail freedom of expression — but the contrast is notable.

It’s horseshit anyway because this is pretty obviously a means to build the Trump 2020 campaign’s email list. Also, the U.S. government can’t require private companies to change how they moderate user behaviour because that would be a violation of the First Amendment — but you knew that.

Update: Casey Newton:

In the meantime, “bias” is defined ever downward. In conservative parlance, it now refers to any instance in which the user of a social platform did not have a desired outcome. You didn’t appear high enough in search results? Your video wasn’t promoted by an algorithm? You were suspended for threatening to kill someone? It’s all just “bias” now.

Far enough down the conspiracy hole, everything has meaning, which means nothing really does.

Throw Your Laptop Into the Sea, but the Surveillance Economy Will Still Win

Maciej Cegłowski:

In the regulatory context, discussion of privacy invariably means data privacy—the idea of protecting designated sensitive material from unauthorized access.

[…]

But there is a second, more fundamental sense of the word privacy, one which until recently was so common and unremarkable that it would have made no sense to try to describe it.

That is the idea that there exists a sphere of life that should remain outside public scrutiny, in which we can be sure that our words, actions, thoughts and feelings are not being indelibly recorded. This includes not only intimate spaces like the home, but also the many semi-private places where people gather and engage with one another in the common activities of daily life—the workplace, church, club or union hall. As these interactions move online, our privacy in this deeper sense withers away.

Young people already understand this second definition very well. They have separate private accounts on social networks, and they’re more careful about what they share online than many older people give them credit for.

Charlie Warzel, New York Times:

I called up Ceglowski after his trip to Washington to inquire about the experience and what he thinks we can do to make opting out less of a pipe dream. Like anyone with a decent understanding of how the web works, he has a healthy skepticism that we’ll rein in privacy violations, but his one potential area of optimism really stuck with me. It’s the concept of positive regulation.

[…]

Over the phone, he explained that, while it might seem small, if real people on the internet vote with their wallets to use privacy-focused services over big data-sucking platforms like Facebook and Google, the effect could be profound. He cited the telemarketing wars of the early 2000s as an example.

“When telemarketers were fighting the ‘do not call’ list they argued that people loved having the opportunity to hear about great deals and products via phone during dinner time,” he said. “But once the regulation passed, everyone signed up for that list and it became obvious that the industry’s argument was laughable.”

After years of relentless scandals driven by the surveillance economy,1 I think there are plenty of users out there who would be interested enough in greater privacy to pay for it. But that’s only likely to be successful if the purveyors of privacy-robbing services are held accountable for their behaviour. So far, that just isn’t happening.


  1. Many of which, by the way, were reported in stories published on websites like the New York Times’, which share visitor data with Facebook and Google, as well as lots of other third-party tracking and advertising vendors.

    For example, if I visit Warzel’s article with my content blockers turned off, over fifty more HTTP requests are made and it takes three times as long to load the page. The additional requests include trackers from Optimizely, Scorecard Research, Oracle, and ChartBeat; there are also several advertising scripts which are loaded from several vendors, and they also function as trackers.

    I’m not innocent of this either. If you’re reading this on the web — as opposed to, say, in a feed reader — there’s an analytics script running on this page and an ad in the righthand column. In my pathetic defence, my analytics script does not share anything with third parties, it minimizes information collection and fuzzes IP addresses, and you can entirely opt out of it. As far as the ad goes, it is not behavioural, my Content Security Policy prevents any extra scripts or images of unknown origin from loading — like a Google tracking pixel, for instance — and it’s my understanding that the ad network does not collect any information from my readers unless the ad is clicked. ↩︎

Reuters Source: Facebook Facing 20-Year FTC Privacy Consent Agreement

Just a reminder that every Facebook privacy scandal you’ve heard about for the past seven years — Cambridge Analytica, passwords stored in plain text, that thing where they were demanding email account passwords, using two-factor phone numbers for user account lookup, the private data sent to Facebook by developers using the company’s SDK, and so on; I could do this all day — was committed while the company was already promising the FTC to not violate users’ privacy.

Why I (Still) Love Tech

This essay by Paul Ford, published in Wired, is magnificent. I’ve been letting it stew all day, re-reading it a couple of times here and there. It’s beautiful, haunting, gutting, and romantic. Two excerpts from a dozen or more I could have picked to share here. First:

I keep meeting people out in the world who want to get into this industry. Some have even gone to coding boot camp. They did all the exercises. They tell me about their React apps and their Rails APIs and their page design skills. They’ve spent their money and time to gain access to the global economy in short order, and often it hasn’t worked.

I offer my card, promise to answer their emails. It is my responsibility. We need to get more people into this industry.

But I also see them asking, with their eyes, “Why not me?”

And here I squirm and twist. Because— because we have judged you and found you wanting. Because you do not speak with a confident cadence, because you cannot show us how to balance a binary tree on a whiteboard, because you overlabored the difference between UI and UX, because you do not light up in the way that we light up when hearing about some obscure bug, some bad button, the latest bit of outrageousness on Hacker News. Because the things you learned are already, six months later, not exactly what we need. Because the industry is still overlorded by people like me, who were lucky enough to have learned the etiquette early, to even know there was an etiquette.

Tech is, of course, not the sole industry with an insular and specific culture; but, it is something that can be changed by readers of websites like this one, or Wired. Technology has been commoditized so that you see people of every age, race, gender, and personality walking around with a smartphone or a DSLR or a smartwatch or wireless headphones, but the creation of these things haven’t followed suit at the same rate.

The second excerpt:

I have no desire to retreat to the woods and hear the bark of the fox. I like selling, hustling, and making new digital things. I like ordering hard drives in the mail. But I also increasingly enjoy the regular old networks: school, PTA, the neighbors who gave us their kids’ old bikes. The bikes represent a global supply chain; when I touch them, I can feel the hum of enterprise resource planning software, millions of lines of logistics code executed on a global scale, bringing the handlebars together with the brakes and the saddle onto its post. Then two kids ride in circles in the supermarket parking lot, yawping in delight. I have no desire to disrupt these platforms. I owe my neighbors a nice bottle of wine for the bikes. My children don’t seem to love computers as I do, and I doubt they will in the same way, because computers are everywhere, and nearly free. They will ride on different waves. Software has eaten the world, and yet the world remains.

This sounds dour and miserable but it isn’t all that — I promise. As much as Ford examines the failings of the industry in this essay, there’s an undercurrent of optimism.

In some ways, Ford’s piece reminds me of Frank Chimero’s 2018 essay about how web development is increasingly like building software instead of just writing a document. I remember when I learned that I could view the source of a webpage, and that’s how I began to learn how to build stuff for the web. That foundation drove my career and a passion for learning how things are made. Things are different now, of course. Common toolchains now generate gnarly HTML and indecipherable CSS; the web is less elegant and human-driven. But I’m not sure that different and harder are necessarily worse.

Thinking more comprehensively about Ford’s essay, perhaps there’s a new perspective that can be brought only by those new to tech. After growing up with the stratospheric rise of the industry and seeing how it has strained, maybe that context will inform how they read this piece.

AT&T to Pull WarnerMedia Shows from Competing Streaming Services

Melissa Repko, Dallas News:

AT&T chief executive Randall Stephenson said Tuesday that the company will pull popular TV shows and movies from streaming rivals and “bring that content back into the fold” as it launches its own Netflix-like video service.

AT&T “will be bringing a lot of these media rights, licensing rights back to ourselves to put on our own SVOD (subscription video-on-demand) product,” Stephenson said Tuesday morning at the JPMorgan Global Technology, Media and Communications Conference in Boston.

AT&T’s new subscription video service is expected to launch in late 2019. It will be anchored by HBO TV shows and movies, along with content from Warner Bros. studios and Turner Networks. AT&T became the owner of the valuable entertainment library last June when it bought Time Warner in a deal valued at about $108.7 billion, including debt.

This new era of media conglomerates is dismal for American consumers who will have fewer choices and greater opportunity for exploitation. There is a conscious push to move away from the channel-free future that was hoped for in favour of more expensive siloed options.

Leonid Bershidsky Wrote Maybe the Dumbest Take on This WhatsApp Spyware Story

Leonid Bershidsky, writing for Bloomberg because of course a horrible infosec article will be published by Bloomberg:

The discovery that hackers could snoop on WhatsApp should alert users of supposedly secure messaging apps to an uncomfortable truth: “End-to-end encryption” sounds nice — but if anyone can get into your phone’s operating system, they will be able to read your messages without having to decrypt them.

In related news, your text messages are also less private if someone is looking at your screen over your shoulder.

These are merely applications running on top of an operating system, and once a piece of malware gets into the latter it can control the device in a multitude of ways. With a keylogger, a hacker can see only one side of a conversation. Add the ability to capture a user’s screen, and they can see the full discussion regardless of what security precautions are built into the app you are using.

“End-to-end encryption” is a marketing device used by companies such as Facebook to lull consumers wary about cyber-surveillance into a false sense of security.

End-to-end encryption is not mere marketing; everyone knows this, and it’s a jackass move to suggest otherwise. Vulnerabilities that are able to gain system-wide access, like those used by NSO Group, are exceedingly rare. It is far more likely that data can be intercepted in transit. Encrypting anything as it travels across the world is not lip service or marketing — it’s good sense.

It’s foolish for Bershidsky to have written this terrible article, and it beggars belief that any editor who has the first inkling of knowledge about encryption or information security would choose to run it. Alas, this is Bloomberg.

WhatsApp Voice Calls Used to Inject NSO Group Spyware on Phones

Mehul Srivastava, Financial Times:

WhatsApp, which is used by 1.5bn people worldwide, discovered in early May that attackers were able to install surveillance software on to both iPhones and Android phones by ringing up targets using the app’s phone call function. 

The malicious code, developed by the secretive Israeli company NSO Group, could be transmitted even if users did not answer their phones, and the calls often disappeared from call logs, said the spyware dealer, who was recently briefed on the WhatsApp hack.

This vulnerability feels a little like an echo of Apple’s FaceTime bug from earlier this year, except it’s much, much worse. All a recipient needed to do was to have WhatsApp installed and connected to their phone number; with just those factors, according to this report, an attacker could remotely install NSO Group’s Pegasus spyware.

The good news is that unless you’re a journalist, an activist, or a tech CEO exposing corruption in Saudi Arabia, in particular, you likely won’t be targeted with Pegasus spyware. Still, keep your devices up to date; Apple released iOS 12.3 today with a bunch of security fixes.

Update: The Dumpster Fire on Twitter:

So, Saudi Arabia has and has used the WhatsApp malware — which spies on phones, can even record audio and video — and Trump’s senior advisor/son-in-law Jared Kushner uses the app to communicate with the Crown Prince of Saudi Arabia… cool cool cool

Neat.

Lawsuit Targeting Apple’s 30% App Store Levy Is Allowed to Proceed, U.S. Supreme Court Rules

Bill Chappell and Nina Totenberg, NPR:

The theory of the lawsuit is that Apple’s 30% commission charge to app developers is often passed on to consumers — creating a higher-than-competitive price — and that competitors are shut out because Apple prevents iPhone owners from buying apps anywhere other than its App Store.

Apple sought to block the lawsuit, asserting that it had not set the prices on the apps and thus the iPhone owners had no standing to sue.

But the 9th Circuit Court of Appeals ruled against Apple, and on Monday the Supreme Court agreed.

This one is worth keeping an eye on, particularly as the E.U. also begins its examination into Spotify’s claims alleging anticompetitive behaviours.

Questions About 5G Safety Are Being Politicized

Parked atop the New York Times’ homepage right now — arguably one of the most influential positions in English-language media for any news story — is this story by William J. Broad about the framing by RT America of questions about the safety of 5G networking. Here’s a taste:

The Russian network RT America aired the segment, titled “A Dangerous ‘Experiment on Humanity,’” in covering what its guest experts call 5G’s dire health threats. U.S. intelligence agencies identified the network as a principal meddler in the 2016 presidential election. Now, it is linking 5G signals to brain cancer, infertility, autism, heart tumors and Alzheimer’s disease — claims that lack scientific support.

Yet even as RT America, the cat’s paw of Russia’s president, Vladimir Putin, has been doing its best to stoke the fears of American viewers, Mr. Putin, on Feb. 20, ordered the launch of Russian 5G networks in a tone evoking optimism rather than doom.

[…]

Hundreds of blogs and websites appear to be picking up the network’s 5G alarms, seldom if ever noting the Russian origins. Analysts call it a treacherous fog.

This story is right in claiming that RT’s let’s-call-it-reporting vastly overstates any known concerns about 5G networking. It’s fair to assume that RT, owing to its Kremlin connection and eagerness to hype conspiracy theories, is happy to exploit scientific illiteracy as a way to stoke fear. Broad explains the loaded terminology used by the network, and cites good sources and knowledgeable individuals that see little health concern in the frequencies used by 5G.

However, this article also gets carried away in definitively stating the safety of 5G by too readily ascribing concerns to Russian propaganda.

An article published last month in Computer Weekly by a coalition of investigative journalists cited several scientific bodies and research institutes that have questions about the safety of 5G. They also quote David Carpenter who, as the Times explained, is an inaccurate alarmist. Susan Crawford, in a piece for Wired, pointed out that the FCC’s health testing standards are possibly outdated, being based on thirty year old German research; but, she also uses the “some say” weasel words to insinuate connections between the telecom industry and the German research institute. An article by Mark Hertsgaard and Mark Dowie, published by the Nation last year, explored the wireless industry’s successful lobbying efforts.

Meanwhile, the source for Broad’s claim that RT’s propaganda is being widely circulated is a Google search for "RT America" "5G". Yeah, really. The way that sentence is phrased, you’d think that RT citations are appearing in loads of mainstream blogs. But, right now, that Google search is returning results for: this Times story; a bunch of stories and videos from RT America, of course; and several conspiracy websites. No mainstream blog or website that I can find has so far decided to use RT as a source for questions about 5G safety. On the contrary, bigger publications are asking scientists and industry representatives for their thoughts, as is responsible. The fact that RT’s stories are being circulated by idiots who would trust the network if it reported that the Pacific and Atlantic oceans had swapped places is not indicative of a successful propaganda campaign.

All of this is not to say that the Times’ story is wrong. Nor is it to establish false equivalency — there are not two equal sides here. There are thousands of scientists working around the world to try to answer the questions of whether wireless networking has any health risks, and whether 5G has any specific concerns. But the headline used by the Times — “Your 5G Phone Won’t Hurt You. But Russia Wants You to Think Otherwise.” — is another entry in a series of headlines that oversimplify a nuanced story, and the article itself and its push notification are too quick to blame questions about 5G’s safety on Russian propaganda.

It’s Not Enough to Break Up Tech Giants

Here’s something that rarely happens: I agree with Alex Stamos. Or, at least, I agree with his argument that we should not consider a breakup of Facebook as a panacea to its ills.

Facebook’s market domination is dangerous from a privacy perspective — in as much as it collects a lot of data about a lot of people — and it is ultimately helpful for the company for its size to be inherently influential when it attempts to push the limits of what is socially acceptable.

Trevor Callaghan on Twitter:

I’ve always taken the view that access to information is the key power dynamic. [Facebook, Google, Amazon] and others all have unique, entirely proprietary stores of information that they use. On the one hand, you can (and should) regulate that where it intersects with privacy.

On the other, continue to be concerned about that information only being processed/controlled by those entities. If we really want to break control then you can certainly regulate use, but you ultimately need to either take control back entirely to the individual, or find a way to make those assets non-rivalrous. This is often dismissed as an extremist position, but think about what would happen if, for example, any other company (with your consent) could build a product with the social graph and interests [Facebook] have for you or a search engine tailored to your interests from [Google] data, but on a web index that was part of a data commons?

I think this is a fascinating idea worth discussing, but I also think that there’s a simpler option already available: interpret antitrust laws that are already on the books with more than the financial cost of goods and services in mind. Consider user data and anti-privacy business models as costs, as well. Google and Facebook already do.

Google’s New Privacy Features Put the Responsibility on Users

Lauren Goode, Wired:

But as Google increases the number of privacy features — part of an attempt to scrub its reputation clean of data-tracking dirt — the setup of the settings, toggles, and dashboards within its apps seems to put more responsibility on the individual user rather than the platform. As Pichai himself said, Google aims to give people “choices.” So it’s your choice if you want to take the time to adjust, monitor, take out, or toggle something off. Just like it’s Google’s choice to not change its fundamental approach to gathering data to help better target advertising and thus make heaps of money.

Google is fully aware that most people will not choose to go spelunking around their privacy settings to get things configured just so. Most people are just going to stick with the defaults. And those defaults will, for the foreseeable future, be skewed to protect Google’s data collection interests.

Taking Stock of Subscriptions

Joanna Stern, writing in the Wall Street Journal which, yes, you need a subscription to read:

The technology industry loves the term SaaS, or Software as a Service. It’s the idea that software isn’t just bought once and installed, but rather is subscribed to and always updating. Microsoft Office 365? SaaS. Google Drive? SaaS. Your kid’s coding app? SaaS again.

There’s also CaaS, Content as a Service. Netflix ? Hulu? Spotify? Apple News+? All CaaS. And then there’s HaaS, hardware as a service. Your connected door lock, thermostat, security camera, maybe even your car or your toothbrush, now come with subscriptions.

Throw it all into one basket and call it Everything as a Service or — don’t hate me — “EaaS.”

I completely get the short-term allure of this from the perspective of platforms and accountants. It’s a steady, predictable, easy revenue stream — particularly if users are locked into year-long contracts.

But, especially over the long term, I think users will find it fatiguing — at best — to live in a world where we pay hundreds of dollars a month to listen to music, use software, and store files. There are advantages: we can listen to most music of our choosing on demand; our software is constantly up to date and regularly has new features; the files we store are synced across our devices.

Extrapolated over a longer term, however, these niceties start to feel like lock-in. What if your music listening habits don’t change all that much? What if you don’t really need all those new features, or you’re frustrated that you feel forced to relearn a piece of software you’ve relied upon for years because an update changed the UI dramatically? What if you only edit most of your files from the same device?

There are records that I’ve listened to a hundred times that I paid for once. That’s amazing to me. So is the fact that I paid for a license for Photoshop eight years ago and have consistently used it over that time. Now, it’s a subscription product.

More than anything, I submit to you that the things we are obligated to pay for on a set date every month are generally the things that we are least excited to spend our money on. Rent, utilities, insurance — these are things we need, but do not do anything themselves. An apartment is least exciting for what it is on its own; it’s only made interesting by how we use it and make it our home. An internet connection is just a wire to some panel somewhere until we start using it for other stuff.

I get excited when I sit down to listen to a new record or use new software. I’m not excited to pay bills.

See Also:Hi, it’s me, the app you’ve never used that’s still billing you”.

Update: Matt Roszak received an email from Adobe stating that they’re discontinuing the older version of Animate — formerly Flash CC — that he uses. They have informed him that if he continues to use it, it is a violation of their terms and he could be sued.

Chris Hughes, a Facebook Co-Founder, Argues for the Breakup of Facebook

Chris Hughes in an op-ed for the New York Times:

Facebook’s dominance is not an accident of history. The company’s strategy was to beat every competitor in plain view, and regulators and the government tacitly — and at times explicitly — approved. In one of the government’s few attempts to rein in the company, the F.T.C. in 2011 issued a consent decree that Facebook not share any private information beyond what users already agreed to. Facebook largely ignored the decree. Last month, the day after the company predicted in an earnings call that it would need to pay up to $5 billion as a penalty for its negligence — a slap on the wrist — Facebook’s shares surged 7 percent, adding $30 billion to its value, six times the size of the fine.

The F.T.C.’s biggest mistake was to allow Facebook to acquire Instagram and WhatsApp. In 2012, the newer platforms were nipping at Facebook’s heels because they had been built for the smartphone, where Facebook was still struggling to gain traction. Mark responded by buying them, and the F.T.C. approved.

[…]

The alternative is bleak. If we do not take action, Facebook’s monopoly will become even more entrenched. With much of the world’s personal communications in hand, it can mine that data for patterns and trends, giving it an advantage over competitors for decades to come.

Mike Masnick of Techdirt wrote a counterargument to this piece which, I think, rather misses the point while pointing out many of the errors in Hughes’ piece. Yes, Hughes mixes up patents and copyright infringement, and he employs flawed readings of CDA 230 and the First Amendment.

But the bulk of Hughes’ argument is strong: Facebook grew by acquiring competitors to establish an enormous user base over which it wields control of communications to an unprecedented degree. Breaking the company into greater subsidiary companies would allow users to join multiple platforms if they’d like, remain on a single one if that’s what pleases them, and prevent a mass singular collection of data.

Facebook spokesperson and former Deputy Prime Minister of the U.K. Nick Clegg read Hughes’ editorial and responded predictably. Of course Facebook wants to muddy the waters by positioning themselves as just another tech company because, if all “big tech” companies are treated the same and Facebook gets to help write the rules on that, they can give themselves an advantage.

Driving Change

M. R. O’Connor, for in the New Yorker, reviewed the idea of living in a shifting era of what it means to be a driver (the Roy here is Alex Roy, who you may know for his Polizei 144 antics or for driving across the United States in just over 31 hours):

Finally, Roy points out that many of the problems autonomous cars promise to solve also have simpler, non-technological solutions. (This is true, of course, only if one assumes that driving isn’t a problem in itself.) To reduce traffic, governments can invest in mass-transit and road infrastructure. To diminish pollution, they can build bike lanes and encourage the adoption of electric cars. In Roy’s opinion, the best way to make driving safer has nothing to do with technology: it’s to raise licensing standards and improve driver education. Over lunch — a Niçoise salad — Roy argued that our fixation on driverless cars flows from our civic laziness. “It’s easier to imagine that technology can solve a problem that education or regulation could also fix,” he said. In place of the driverless utopia that technologists often picture, he asked me to consider another possibility: a congested urban hellscape in which autonomous vehicles are subsidized by companies that pump them full of advertising; in exchange for free rides, companies might require you to pass by particular stores or watch commercial messages displayed on the vehicles’ windows. (A future very much like this was recently imagined by T. Coraghessan Boyle, in his short story “Asleep at the Wheel.”) In such a world, Roy said, “The joy of the ride is taken away.”

[…]

Perhaps it was inevitable that a nascent right-to-drive movement would spring up in America, where — as fervent gun-rights advocates and anti-vaccinators have shown — we seem intent on preserving freedom of choice even if it kills us. “People outside the United States look at it with bewilderment,” Toby Walsh, an Australian artificial-intelligence researcher, told me. In his book “Machines That Think: The Future of Artificial Intelligence,” from 2018, Walsh predicts that, by 2050, autonomous vehicles will be so safe that we won’t be allowed to drive our own cars. Unlike Roy, he believes that we will neither notice nor care. In Walsh’s view, a constitutional amendment protecting the right to drive would be as misguided as the Second Amendment. “We will look back on this time in fifty years and think it was the Wild West,” he went on. “The only challenge is, how do we get to zero road deaths? We’re only going to get there by removing the human.”

I would love to hear from readers around the world whether Walsh’s perspective is the case. Is the apprehension to self-driving cars or the desire to have human rights to control autonomous vehicles a mostly American stance? For what it’s worth, it was a software control that could not easily be overridden that brought down two 737 Max airplanes.

Also, I thought this was an insightful observation in the context of platform freedom, obfuscated code, and increasingly locked-down hardware:

In his book “Shop Class as Soulcraft: An Inquiry Into the Value of Work,” from 2009, the political philosopher and motorcycle mechanic Matthew B. Crawford argues that manual competence — our ability to repair the machines and devices in our lives—is a kind of ethical practice. Knowing how to fix things ourselves creates opportunities for meaningful work and individual agency; it allows us to grasp more deeply the built world around us. The mass-market economy, Crawford writes, produces devices that are practically impenetrable. If we try to repair our microwaves or printers, we’ll quickly be discouraged by their complexity; many cars produced today lack even dipsticks to check their oil levels. Driving the Tesla Model 3 has been compared to using a giant iPhone: instead of controlling the car directly, one seems to pilot it by means of a user interface.

This is a great essay.