Pixel Envy

Written by Nick Heer.

Archive for August, 2019

Jack Dorsey’s Twitter Account Compromised

Janelle Griffith and Ben Collins, NBC News:

The official Twitter account of Jack Dorsey, the co-founder of the social media platform, was hacked on Friday.

One of the first tweets sent from his “compromised” account was the N-word. Another, sent minutes later, praised Hitler.

More than a dozen racist or otherwise offensive original tweets were sent within 20 minutes from the account.

It would be pretty terrifying if there were a world leader that used their Twitter account as a primary means of broadcasting barely-literate official announcements, racist commentary, and off-the-cuff nonsense that swings markets worldwide.

That would be scary, wouldn’t it?

Teens Are Making Short Cinematic Videos on TikTok

Brad Esposito, Pedestrian:

The genres of TikTok become quickly apparent to anyone who spends upwards of 30 minutes scrolling on the app. In many ways, it’s just a regurgitation of what already works: prank videos, funny skits, a few lingering lip-sync efforts, still holding on to what the app used to be.

But Cinematic TikToks have arrived somewhat rapidly, tapping into the innate pop culture knowledge of teenagers everywhere. They are a generation that has spent years with access to every piece of content imaginable. That has left a mark, one they farm within themselves to create content that often even they can’t explain. It’s a feeling, it’s a vibe. It reminds them of someone else’s work, or a movie they saw. They don’t know what to call it. It just is.

It’s been said before, but TikTok is very much the spiritual successor to Vine. It’s fascinating to see the creative output encouraged by the thirty second maximum video length.

A Very Deep Dive Into iOS Exploit Chains Found in the Wild

Ian Beer of Google’s Project Zero team:

Earlier this year Google’s Threat Analysis Group (TAG) discovered a small collection of hacked websites. The hacked sites were being used in indiscriminate watering hole attacks against their visitors, using iPhone 0-day.  

There was no target discrimination; simply visiting the hacked site was enough for the exploit server to attack your device, and if it was successful, install a monitoring implant. We estimate that these sites receive thousands of visitors per week.  

TAG was able to collect five separate, complete and unique iPhone exploit chains, covering almost every version from iOS 10 through to the latest version of iOS 12. This indicated a group making a sustained effort to hack the users of iPhones in certain communities over a period of at least two years.

I’ll investigate what I assess to be the root causes of the vulnerabilities and discuss some insights we can gain into Apple’s software development lifecycle. The root causes I highlight here are not novel and are often overlooked: we’ll see cases of code which seems to have never worked, code that likely skipped QA or likely had little testing or review before being shipped to users.

The posts in this series truly are a deep dive — each post is technically dense with exploit code and explanations of how they worked. That doesn’t mean that these methods are advanced, but they are exploit chains and, given what the implant pilfers, I wouldn’t be surprised if these attacks were the fault of state actors intending to hit specific targets. Beer doesn’t say exactly that, but he hints at its possibility:

Let’s also keep in mind that this was a failure case for the attacker: for this one campaign that we’ve seen, there are almost certainly others that are yet to be seen.

Real users make risk decisions based on the public perception of the security of these devices. The reality remains that security protections will never eliminate the risk of attack if you’re being targeted. […]

If you aren’t interested in reading the entire series, this introductory post and the description of the payload are worth spending some time with.

Update: Zack Whittaker of TechCrunch is reporting that these exploit chains were deployed by the Chinese government to target Uyghur Muslims.

Apple’s New Independent Repair Provider Program

Apple:

Apple today announced a new repair program, offering customers additional options for the most common out-of-warranty iPhone repairs. Apple will provide more independent repair businesses — large or small — with the same genuine parts, tools, training, repair manuals and diagnostics as its Apple Authorized Service Providers (AASPs). The program is launching in the US with plans to expand to other countries.

“To better meet our customers’ needs, we’re making it easier for independent providers across the US to tap into the same resources as our Apple Authorized Service Provider network,” said Jeff Williams, Apple’s chief operating officer. “When a repair is needed, a customer should have confidence the repair is done right. We believe the safest and most reliable repair is one handled by a trained technician using genuine parts that have been properly engineered and rigorously tested.”

This appears to be the program that the company has quietly been testing for about a year, and it sounds great. Joining the IRP program is free, though it is limited to commercial addresses. That should mean that mall kiosks and smaller repair shops can perform repairs to the same grade and with the same parts as an Apple Store or an Authorized Service Provider. I think this is an excellent change.

Apple Announces Changes to Siri Privacy, Audio Review, and Data Retention

Apple issued this press release this morning, and I think it’s appropriately apologetic:

As a result of our review, we realize we haven’t been fully living up to our high ideals, and for that we apologize. As we previously announced, we halted the Siri grading program. We plan to resume later this fall when software updates are released to our users — but only after making the following changes:

  • First, by default, we will no longer retain audio recordings of Siri interactions. We will continue to use computer-generated transcripts to help Siri improve.

  • Second, users will be able to opt in to help Siri improve by learning from the audio samples of their requests. We hope that many people will choose to help Siri get better, knowing that Apple respects their data and has strong privacy controls in place. Those who choose to participate will be able to opt out at any time.

  • Third, when customers opt in, only Apple employees will be allowed to listen to audio samples of the Siri interactions. Our team will work to delete any recording which is determined to be an inadvertent trigger of Siri.

Asking users whether they want their requests to be used for Siri improvements and leaving the choice off by default is exactly the right response. Allowing only Apple employees to review the recordings of anyone who has opted in is also important; sensitive data should not be delegated to contractors.

But not having an option to opt out of transcripts is the weakest part of this response. On a separate FAQ page, Apple says that the only way to disable transcripts is to turn off Siri and dictation features entirely. I get that these are basically bug reports, but there’s something inherently queasy about automatic transcription of audio from a home or workplace being submitted to a company. I think transcripts could be lumped in with Apple’s opt-in analytics submission option as a reasonable middle ground.

Otherwise, this response is contrite and privacy-focused. They fucked up, they’re sorry, and they promise they will do better. That’s the best anyone could have hoped for.

A ramification of these changes is that hundreds of contracted workers in Ireland were laid off. That’s a horrible result for so many people. It reinforces that employees at tech companies need to carefully consider the impact of their product or service.

Every Credit Card Transaction Leaves a Trail of Data Sharing

Geoffrey A. Fowler, Washington Post:

I recently used my credit card to buy a banana. Then I tried to figure out how my credit card let companies buy me.

You might think my 29-cent swipe at Target would be just between me and my bank. Heavens, no. My banana generated data that’s probably worth more than the banana itself. It ended up with marketers, Target, Amazon, Google and hedge funds, to name a few.

Oh, the places a banana will go in the sprawling card-data economy. Despite a federal privacy law covering cards, I found that six types of businesses could mine and share elements of my purchase, multiplied untold times by other companies they might have passed it to. Credit cards are a spy in your wallet — and it’s time that we add privacy, alongside rewards and rates, to how we evaluate them.

All of the possible touch points for a single purchase gives the surveillance economy plenty of opportunity to scoop up whatever information it can without your knowledge or explicit approval. Apple has been touting the privacy advantages of its credit card, but it really only secures two of the six categories identified by Fowler — and that’s fine. That’s about as much as they can possibly control without, as Fowler suggests, using a different card number for every transaction.

All of this is to say that people just aren’t protected from near-constant privacy intrusions. To do so requires a level of awareness bordering on paranoia. It means distancing yourself from the services of anything with an AC adapter. We’re increasingly aware that we live in a world that operates under the assumption that everything that can be tracked — and collected, associated, shared, resold, combined, and kept — ought to be.

Old-Media Celebrities are Vlogging on YouTube

Sophie Kleeman, Vice:

“Am I crazy?” Naomi Campbell asks in her very first vlog. “I’m opening my life to YouTube!” Campbell snaps a movie slate and laughs. She’s wearing an oyster-colored turtleneck sweater. Her hair is long, pin-straight, and parted perfectly down the middle. She sits on a grey couch in what appears to be her home, or at least a very good approximation of what one assumes the home of a brilliant supermodel must look like, with bright pink flowers, gentle lighting, and soft throw pillows.

She’s not crazy. But she’s also not alone. Campbell has joined a growing handful of very famous, very mainstream celebrities who have ventured into the wilds of YouTube, a platform known more than a smidge dismissively for sugary makeup gurus and Casey Neistat, and decidedly more seriously for extremism and the people who weaponize it. But over the past 20 months, Campbell — along with Will Smith, Jack Black, Zac Efron, Victoria Beckham, Jennifer Lopez, Alexa Chung, and Jason Momoa, among others — have ostensibly opened up their lives to the site’s 2 billion monthly users. Others, like prodigal YouTube son Justin Bieber, are working with the company on “top-secret” original content.

This article transported me back to when celebrities first joined Twitter and spoke with fans and followers directly. It brought those celebrities back down to Earth — until, of course, you remembered that most of what gets posted to their account has a full production crew of photographers, makeup artists, technicians, public relations professionals, and social media managers behind it. Even if you know that, though, it still creates an illusion of being more honest than it is, while simultaneously lending YouTube greater legitimacy and prestige.

The Many Problems With Facebook’s Tool to Dissociate Off-Facebook Behavioural Data

Erin Egan, Facebook’s Chief Privacy Officer, in May 2018:

Today, we’re announcing plans to build Clear History. This feature will enable you to see the websites and apps that send us information when you use them, delete this information from your account, and turn off our ability to store it associated with your account going forward. […]

It will take a few months to build Clear History.

Nicole Nguyen and Ryan Mac, reporting for Buzzfeed News last week, which — and I’m sure I don’t need to mention this to my very astute audience, but I feel like emphasizing the point — is a shade more than “a few months”:

Facebook collects information about its users in two ways: first, through the information you input into its website and apps, and second, by tracking which websites you visit while you’re not on Facebook. That’s why, after you visit a clothing retailer’s website, you’ll likely see an ad for it in your Facebook News Feed or Instagram feed. Basically, Facebook monitors where you go, all across the internet, and uses your digital footprints to target you with ads. But Facebook users have never been able to view this external data Facebook collected about them, until now.

Facebook tracks your browsing history via the “Login with Facebook” button, the “like” button, Facebook comments, and little bits of invisible code, called the Facebook pixel, embedded on other sites (including BuzzFeed News). Today the company will start to roll out a feature called “Off-Facebook Activity” that allows people to manage that external browsing data — finally delivering on a promise it made over a year ago when CEO Mark Zuckerberg announced at a company event that it would develop a feature then called “Clear History.”

[…]

However, the data isn’t being removed from Facebook servers. Just as Facebook still collects aggregated, anonymous browsing information from people who are logged out or don’t have Facebook accounts, Facebook will treat people who have opted out of external website tracking similarly, a Facebook spokesperson confirmed to BuzzFeed News.

Far from being a “clear history” feature, this is simply a way for Facebook to collect the same data it always has, except it promises it won’t tie your very personal browsing data with all of the information you’ve given Facebook, like your name and occupation. That’s not “deleting” anything.

Also, while I don’t like to argue with FUD, I will note that Facebook rarely announces that a bug or privacy exploit it found is not as catastrophic as it estimated.

If you’re interested in using this new tool, you should know that it has only launched in three countries so far: Ireland, Spain, and South Korea.

Robert Burnson, Bloomberg:

A state judge in Texas on Thursday temporarily blocked the planned rollout of the Off-Facebook Activity feature in the U.S. at the request of a woman who claims in a lawsuit the company didn’t do enough to save her from being trafficked after meeting predators on the social network as a teenager.

[…]

Lawyers for the woman who is suing, identified only as Jane Doe, asked Facebook to provide them with the browsing history of her alleged pimp, which the attorneys expected would reveal his ties to sex-trafficking sites. They said in a court filing that Facebook didn’t turn over the data they sought and that the history-clearing feature would allow the pimp to destroy evidence of his role in Doe’s exploitation.

Facebook’s company-wide pivot to privacy is going well.

‘The HomePod’s Fancy Technology Is Wasted’

This post from Kirk McElhearn runs through a litany of complaints he has with the HomePod, but the one that has stuck out to me is how much high technology is in every HomePod for what is effectively a niche product. I’m not sure whether the HomePod is a failure — there are plenty of people I know who love theirs; and, at any rate, it’s hard to know whether Apple intended this to be anything more than a small-scale early-stage experiment. But I wonder if some of this advanced speaker technology is being prototyped for a wider rollout in the company’s more mainstream products. Perhaps this is a test bed for getting impossibly good sound out of the speakers in a MacBook or an iMac, for example.

Apple’s Iterative Approach with Maps Contrasts with the Many Services Google Has Shut Down

Bradley Chambers, 9to5Mac:

Apple wants to own its future of mapping to be able to make changes quickly, protect user privacy, and create the best overall mapping experience for customers. One of the things I’ve often heard about Apple vs. Google is that Google is willing to do the dirty work of projects like book scanning where Apple isn’t. That might be true, but with Apple Maps, they’ve shown a persistence to stay focused on a product that clearly wasn’t the best in its field.

Google’s product strategy has often been to throw a lot of things at the wall to see what sticks and kill the rest (see Google Buzz, Wave, Google+, etc.). If Google had launched a mapping product in 2012 with the same problems as Apple, they would have canned the project within a year. Apple had a vision of what they wanted mapping on their platform to be, and they weren’t going to be stopped until that vision was a reality. When was the last time Google showed that focus with a product?

I don’t necessarily disagree with Chambers, but I think this is more reflective of the value of owning maps data, and how tech firms have changed in the past decade. The Google of 2005 could get away with more experimental projects than the Google of 2012 or 2019, and it grew Maps into an industry leader over that time. Apple needed something competitive because mapping data is inherently valuable for the myriad services it enables, and it didn’t matter how long it took to build it.

Focus remains an issue for Google, however: in addition to Google Maps, their roster of location-based products include Google Earth, Waze, and Google Travel, and they just recently shut down Google Trips.

Exploring Google’s Flimsy Proposal for Web Privacy Protections

I’m sure many of you have already read this piece by Jonathan Mayer and Arvind Narayanan on Freedom to Tinker regarding Google’s proposal for a “privacy budget” to allow them to keep tracking users with something resembling privacy in mind, but I thought it was worth linking to for this paragraph alone:

Apple and Mozilla have tracking protection enabled, by default, today. And Apple is already testing privacy-preserving ad measurement. Meanwhile, Google is talking about a multi-year process for a watered-down form of privacy protection. And even that is uncertain — advertising platforms dragged out the Do Not Track standardization process for over six years, without any meaningful output. If history is any indication, launching a standards process is an effective way for Google to appear to be doing something on web privacy, but without actually delivering.

Something that occurred to me after I read several articles about this proposal is that Google wins with any outcome, so long as Chrome remains the world’s most popular browser and we exclude the possibility of regulatory action. If it gets stuck in standards processing hell or gets rejected, Google gets to keep abusing users’ privacy in exactly the same way; if it gets approved, Google gets a slightly different way of targeting users with privacy-robbing ads.

Of course, if cookie-blocking practices and technologies similar to Safari’s Intelligent Tracking Prevention were more widespread, and people chose a non-Chrome browser, it could critically impact Google’s business model and perhaps prompt them to think harder about the tradeoffs they’re expecting web users to make.

The Adults in the Room

Today was Megan Greenwell’s last day at Deadspin — a decision she made after the private equity firm that bought the Gizmodo Media websites from Univision tried to change things up in a really stupid way.

Her last piece for the website is brilliant:

There is a version of the story of this company in which idealistic journalists, unconcerned with profit, are posed against ruthless business-doers, concerned about profit above all else. That would be a convenient story, pitching me and my colleagues and friends as people who just care too much about The Truth to yield before the gale-force winds of Capitalism, but it wouldn’t be a true one.

The real and less romantic story is this: The journalists at Deadspin and its sister sites, like most journalists I know, are eager to do work that makes money; we are even willing to compromise for it, knowing that our jobs and futures rest on it. An ever-growing number of media owners, meanwhile, are so exceedingly unwilling to reckon with the particulars of their own business that they refuse to accept our eagerness to help them make money. They’re speaking a language no one else does, proud of their own inability not just to not fail, but to not understand the terms on which they’re failing. The tragedy of digital media isn’t that it’s run by ruthless, profiteering guys in ill-fitting suits; it’s that the people posing as the experts know less about how to make money than their employees, to whom they won’t listen.

Greenwell is moving to Wired, and I imagine that their output will continue to improve because of it. As a daily reader of Deadspin, I sincerely hope that the person who takes her place has a similar approach to the job; I hope they do not cave to management’s wishes that they “stick to sports”.

DoorDash Announces It Will No Longer Skim Tips From Workers

Amrita Khalid, Engadget:

DoorDash drivers will earn 100 percent of tips under a revamped set of rules on pay. The delivery service today announced a new tipping and earnings policy that it claims will lead to drivers earning more on average. The development comes more than a month after news reports exposed the company for pocketing its driver’s tips. In response to the widespread backlash, DoorDash CEO Tony Xu promised it would reevaluate how it pays its workers.

I think tipping is a silly practice that should be abandoned, but barring that, at least a policy like this no longer allows DoorDash to use tips to replace worker wages.

Update: Amazon also announced that it will stop skimming tips, thus also meeting basic ethical expectations.

Google Proposes New Privacy and Anti-Fingerprinting Controls for the Web

Frederic Lardinois, TechCrunch:

What Google basically wants to do here is change the incentive structure for the advertising ecosystem. Instead of trying to circumvent a browser’s cookie and fingerprinting restrictions, the privacy budget, in combination with the industry’s work on federated learning and differential privacy, this is meant to give advertisers the tools they need without hurting publishers, while still respecting the users’ privacy. That’s not an easy switch and something that, as Google freely acknowledges, will take years.

An independent study from earlier this year by Carnegie Mellon found that publishers lose only 4% of their revenue when cookies are blocked by users. Google cites their own study finding that dropping the “behavioural” part of behavioural advertising cost publishers over 50% of their revenue. Those are remarkably different figures, and Google’s result will be tainted by its inherent conflict of interest.

For what it’s worth, the New York Times dropped ad exchanges entirely for European visitors after GDPR took effect, preferring to sell ads directly, and digital advertising revenue grew.

For the time being, though, there’s nothing here for you to try out or any bits being shipped in the Chrome browser. For now, this is simply a proposal and an effort on the Chrome team’s part to start a conversation. We should expect the company to start experimenting with some of these ideas in the near future, though.

Mat Marquis:

Imagine, if you will, a glorious future where Google, the advertising company known for massive privacy violations, building you a special private Google-controlled web where the icky bad guys can’t track you! Lucky you.

There are things in Google’s proposal that require broader support from ad tech companies and browser vendors, but there’s a lot Google could do today with its market dominating position in both industries. Like Facebook, Google is attempting to distort the definition of privacy beyond what any user would expect so that its core business is not impacted by increased scrutiny.

Now AMP Runs Scripts

Google’s AMP Project has announced that the platform will now run arbitrary site-defined scripts in a special <amp-script> tag, albeit with some caveats: scripts are limited to 150 KB each, and redrawing after the page has loaded isn’t possible without a precipitating user action. It says that this is to preserve the speed of an AMP page, and I believe this argument — generally, the less bytes a page transfers, the faster it is. This follows the project’s recent announcement of sending markup to client browsers instead of unpacking pages with a required 100 KB JavaScript file.

The AMP team has not yet confirmed a date at which it expects to entirely replicate HTML in its proprietary language, but all signs point to Google continuing to use its influence to coax publishers into running a second version of their websites entirely tailored for the company’s needs.

Nation Stunned by Support Document Explaning Ways in Which an Apple Card May Not Look New Forever

Apple:

If your titanium Apple Card comes into contact with hard surfaces or materials, it’s possible that the coating can be damaged.

[…]

Some fabrics, like leather and denim, might cause permanent discoloration that will not wash off.

Dr. Drang:

My complaint is not that the Apple Card may lose its luster in a wallet. I’m not sure anything will maintain its looks when put between sheets of leather and compressed by my butt. My complaint is that Apple wrote a support document that looks absurd and invites snarky comments. Everything Apple does generates derision from Apple haters; this generated derision from Apple’s best customers.

There are many reasons to criticize Apple’s credit card, including its very concept. But its propensity for becoming stained is a remarkably silly complaint. Everything that has been in my wallet for more than a few months looks a little worn, and I wouldn’t expect anything sandwiched in leather and sat on for eight hours a day to behave differently.

If you’ve exhausted a list of possible things to do in the world to the point where you’re spending time cleaning your credit cards, this support article is for you.

Teslas Can’t Drive Autonomously Around Parking Lots, but the Company Thinks That It Will Ship Full Automation by Early Next Year

Timothy B. Lee, Ars Technica:

In July, Tesla was still struggling to get the technology working. “Parking lots are a remarkably hard problem,” Musk tweeted. “Doing an in-depth engineering review of Enhanced Summon later today.” Three days later, he announced an August 16 price hike of $1,000 for the full self-driving package, adding, “that’s approximately date when we expect Enhanced Summon to be in wide release.”

But August 16 came and went with no price hike and no release of smart, enhanced, or advanced summon technology. Now Musk admits that the technology is still a month or two away.

Tesla is far from the only company to miss a self-imposed technology deadline — especially in the self-driving sector. We certainly don’t fault the company for delaying release of a safety-sensitive technology that’s not ready for prime time. But we do wonder if Musk should be more cautious about projecting technology release dates.

Elon Musk said in a 2015 interview that self-driving cars are “a much easier problem than people think” they are, and predicted fully-autonomous vehicles would be on the road within two to three years. He has made similar predictions that downplay the difficulty of shipping a car that can accelerate, brake, steer, change lanes, merge, navigate complex intersections, handle tricky terrain, and anticipate the actions of other drivers. Teslas can’t reliably navigate a parking lot in California, let alone the traffic circle around Arc de Triomphe — or worse.

This stuff is obviously hard. It’s possible that a fully-autonomous vehicle is decades away, if one will ever ship. Why does Musk so eagerly promise deadlines that I am sure he recognizes are impossible to meet? After all, it’s not just customers that he needs to avoid misleading.

Opting Out of Binding Arbitration Isn’t Just an Apple Card Thing

Apple Card’s binding arbitration clause is something I’ve written about before, but I wanted to re-up it in the wake of the broader launch of the credit card for two main reasons.

The first thing I think you should know is that, while everyone has been discussing this in the context of the Apple Card, mandatory arbitration is by no means exclusive to that product. It is increasingly likely that most of the contracts you’ve either signed or agreed to electronically have bound you to resolving disputes through arbitration rather than a lawsuit.1 What’s worse, these clauses must be opted out of within a specified time frame from when the agreement became active. For Apple’s credit card, it’s within ninety days (PDF), while American Express gives new cardholders just forty-five days (PDF) to maintain their right to file a class action suit.

It’s not just payment card companies that include an arbitration provision. I found binding arbitration clauses in the terms and conditions documents of various internet service providers, cell carriers, eyewear companies, consumer electronics companies, and subscription boxes for clothing, grooming products, and food. That’s right: food subscriptions have a mandatory arbitration clause. And if you’re a HelloFresh customer and you’d like to retain your right to join a class action lawsuit, you’d have to opt out by mailing a letter to the company within sixty days of agreeing to their terms — which, of course, you had to do when you signed up.

In fact, most of the time, you’ll have to physically mail something to these companies; you usually cannot opt out electronically. Buy some stamps. But, while it may be easier to opt out of the Apple Card arbitration agreement than most others, it does have a caveat, and that’s the second thing I wanted to make note of.

Barbara Krasnoff, the Verge:

[A] couple of readers have reported that if you opt out of the arbitration agreement using Messages, you will not get any type of confirmation. Instead, the representative at the other end of the line will recommend that you take screenshots of your conversation. Needless to say, until the company changes that policy, screenshots are an excellent idea — just in case.

Make sure you keep a record of this conversation in a safe place. Chances are, you’ll never need to use it; but, if you do, it will be for a very good reason and you won’t want to have lost this admittedly minimal documentation.

Update: As Lawrence Velázquez points out, most companies do not provide confirmation of your request to opt out of binding arbitration. Keep a paper trail as best you can.


  1. I think the Economic Policy Institute’s report on mandatory arbitration is a well-rounded explanation of why this is often highly beneficial to companies at huge loss to consumers and employees. ↩︎

The Fate of the iTunes Store in MacOS Catalina

Kirk McElhearn:

In early betas of macOS Catalina, the iTunes Store was visible, but in recent betas it did not show up in the sidebar of the Music app if the user was signed into Apple Music. That seems to be the default now: if a user has an Apple Music account, they won’t see the iTunes Store. You can display it, if you wish, in the Music app’s Preferences, on the General pane, but if you’re a streamer, you won’t see it by default.

This seems like a graceful way to handle the virtually-complete transition of listeners from purchasers to streamers. For those of us who do both, it’s a preference change. Pretty straightforward.

What this means for the future of the iTunes Store seems obvious, but it is not a future I’m willing or eager to accept.