Pixel Envy

Written by Nick Heer.

Archive for August, 2019

The Adults in the Room

Today was Megan Greenwell’s last day at Deadspin — a decision she made after the private equity firm that bought the Gizmodo Media websites from Univision tried to change things up in a really stupid way.

Her last piece for the website is brilliant:

There is a version of the story of this company in which idealistic journalists, unconcerned with profit, are posed against ruthless business-doers, concerned about profit above all else. That would be a convenient story, pitching me and my colleagues and friends as people who just care too much about The Truth to yield before the gale-force winds of Capitalism, but it wouldn’t be a true one.

The real and less romantic story is this: The journalists at Deadspin and its sister sites, like most journalists I know, are eager to do work that makes money; we are even willing to compromise for it, knowing that our jobs and futures rest on it. An ever-growing number of media owners, meanwhile, are so exceedingly unwilling to reckon with the particulars of their own business that they refuse to accept our eagerness to help them make money. They’re speaking a language no one else does, proud of their own inability not just to not fail, but to not understand the terms on which they’re failing. The tragedy of digital media isn’t that it’s run by ruthless, profiteering guys in ill-fitting suits; it’s that the people posing as the experts know less about how to make money than their employees, to whom they won’t listen.

Greenwell is moving to Wired, and I imagine that their output will continue to improve because of it. As a daily reader of Deadspin, I sincerely hope that the person who takes her place has a similar approach to the job; I hope they do not cave to management’s wishes that they “stick to sports”.

DoorDash Announces It Will No Longer Skim Tips From Workers

Amrita Khalid, Engadget:

DoorDash drivers will earn 100 percent of tips under a revamped set of rules on pay. The delivery service today announced a new tipping and earnings policy that it claims will lead to drivers earning more on average. The development comes more than a month after news reports exposed the company for pocketing its driver’s tips. In response to the widespread backlash, DoorDash CEO Tony Xu promised it would reevaluate how it pays its workers.

I think tipping is a silly practice that should be abandoned, but barring that, at least a policy like this no longer allows DoorDash to use tips to replace worker wages.

Update: Amazon also announced that it will stop skimming tips, thus also meeting basic ethical expectations.

Google Proposes New Privacy and Anti-Fingerprinting Controls for the Web

Frederic Lardinois, TechCrunch:

What Google basically wants to do here is change the incentive structure for the advertising ecosystem. Instead of trying to circumvent a browser’s cookie and fingerprinting restrictions, the privacy budget, in combination with the industry’s work on federated learning and differential privacy, this is meant to give advertisers the tools they need without hurting publishers, while still respecting the users’ privacy. That’s not an easy switch and something that, as Google freely acknowledges, will take years.

An independent study from earlier this year by Carnegie Mellon found that publishers lose only 4% of their revenue when cookies are blocked by users. Google cites their own study finding that dropping the “behavioural” part of behavioural advertising cost publishers over 50% of their revenue. Those are remarkably different figures, and Google’s result will be tainted by its inherent conflict of interest.

For what it’s worth, the New York Times dropped ad exchanges entirely for European visitors after GDPR took effect, preferring to sell ads directly, and digital advertising revenue grew.

For the time being, though, there’s nothing here for you to try out or any bits being shipped in the Chrome browser. For now, this is simply a proposal and an effort on the Chrome team’s part to start a conversation. We should expect the company to start experimenting with some of these ideas in the near future, though.

Mat Marquis:

Imagine, if you will, a glorious future where Google, the advertising company known for massive privacy violations, building you a special private Google-controlled web where the icky bad guys can’t track you! Lucky you.

There are things in Google’s proposal that require broader support from ad tech companies and browser vendors, but there’s a lot Google could do today with its market dominating position in both industries. Like Facebook, Google is attempting to distort the definition of privacy beyond what any user would expect so that its core business is not impacted by increased scrutiny.

Now AMP Runs Scripts

Google’s AMP Project has announced that the platform will now run arbitrary site-defined scripts in a special <amp-script> tag, albeit with some caveats: scripts are limited to 150 KB each, and redrawing after the page has loaded isn’t possible without a precipitating user action. It says that this is to preserve the speed of an AMP page, and I believe this argument — generally, the less bytes a page transfers, the faster it is. This follows the project’s recent announcement of sending markup to client browsers instead of unpacking pages with a required 100 KB JavaScript file.

The AMP team has not yet confirmed a date at which it expects to entirely replicate HTML in its proprietary language, but all signs point to Google continuing to use its influence to coax publishers into running a second version of their websites entirely tailored for the company’s needs.

Nation Stunned by Support Document Explaning Ways in Which an Apple Card May Not Look New Forever

Apple:

If your titanium Apple Card comes into contact with hard surfaces or materials, it’s possible that the coating can be damaged.

[…]

Some fabrics, like leather and denim, might cause permanent discoloration that will not wash off.

Dr. Drang:

My complaint is not that the Apple Card may lose its luster in a wallet. I’m not sure anything will maintain its looks when put between sheets of leather and compressed by my butt. My complaint is that Apple wrote a support document that looks absurd and invites snarky comments. Everything Apple does generates derision from Apple haters; this generated derision from Apple’s best customers.

There are many reasons to criticize Apple’s credit card, including its very concept. But its propensity for becoming stained is a remarkably silly complaint. Everything that has been in my wallet for more than a few months looks a little worn, and I wouldn’t expect anything sandwiched in leather and sat on for eight hours a day to behave differently.

If you’ve exhausted a list of possible things to do in the world to the point where you’re spending time cleaning your credit cards, this support article is for you.

Teslas Can’t Drive Autonomously Around Parking Lots, but the Company Thinks That It Will Ship Full Automation by Early Next Year

Timothy B. Lee, Ars Technica:

In July, Tesla was still struggling to get the technology working. “Parking lots are a remarkably hard problem,” Musk tweeted. “Doing an in-depth engineering review of Enhanced Summon later today.” Three days later, he announced an August 16 price hike of $1,000 for the full self-driving package, adding, “that’s approximately date when we expect Enhanced Summon to be in wide release.”

But August 16 came and went with no price hike and no release of smart, enhanced, or advanced summon technology. Now Musk admits that the technology is still a month or two away.

Tesla is far from the only company to miss a self-imposed technology deadline — especially in the self-driving sector. We certainly don’t fault the company for delaying release of a safety-sensitive technology that’s not ready for prime time. But we do wonder if Musk should be more cautious about projecting technology release dates.

Elon Musk said in a 2015 interview that self-driving cars are “a much easier problem than people think” they are, and predicted fully-autonomous vehicles would be on the road within two to three years. He has made similar predictions that downplay the difficulty of shipping a car that can accelerate, brake, steer, change lanes, merge, navigate complex intersections, handle tricky terrain, and anticipate the actions of other drivers. Teslas can’t reliably navigate a parking lot in California, let alone the traffic circle around Arc de Triomphe — or worse.

This stuff is obviously hard. It’s possible that a fully-autonomous vehicle is decades away, if one will ever ship. Why does Musk so eagerly promise deadlines that I am sure he recognizes are impossible to meet? After all, it’s not just customers that he needs to avoid misleading.

Opting Out of Binding Arbitration Isn’t Just an Apple Card Thing

Apple Card’s binding arbitration clause is something I’ve written about before, but I wanted to re-up it in the wake of the broader launch of the credit card for two main reasons.

The first thing I think you should know is that, while everyone has been discussing this in the context of the Apple Card, mandatory arbitration is by no means exclusive to that product. It is increasingly likely that most of the contracts you’ve either signed or agreed to electronically have bound you to resolving disputes through arbitration rather than a lawsuit.1 What’s worse, these clauses must be opted out of within a specified time frame from when the agreement became active. For Apple’s credit card, it’s within ninety days (PDF), while American Express gives new cardholders just forty-five days (PDF) to maintain their right to file a class action suit.

It’s not just payment card companies that include an arbitration provision. I found binding arbitration clauses in the terms and conditions documents of various internet service providers, cell carriers, eyewear companies, consumer electronics companies, and subscription boxes for clothing, grooming products, and food. That’s right: food subscriptions have a mandatory arbitration clause. And if you’re a HelloFresh customer and you’d like to retain your right to join a class action lawsuit, you’d have to opt out by mailing a letter to the company within sixty days of agreeing to their terms — which, of course, you had to do when you signed up.

In fact, most of the time, you’ll have to physically mail something to these companies; you usually cannot opt out electronically. Buy some stamps. But, while it may be easier to opt out of the Apple Card arbitration agreement than most others, it does have a caveat, and that’s the second thing I wanted to make note of.

Barbara Krasnoff, the Verge:

[A] couple of readers have reported that if you opt out of the arbitration agreement using Messages, you will not get any type of confirmation. Instead, the representative at the other end of the line will recommend that you take screenshots of your conversation. Needless to say, until the company changes that policy, screenshots are an excellent idea — just in case.

Make sure you keep a record of this conversation in a safe place. Chances are, you’ll never need to use it; but, if you do, it will be for a very good reason and you won’t want to have lost this admittedly minimal documentation.

Update: As Lawrence Velázquez points out, most companies do not provide confirmation of your request to opt out of binding arbitration. Keep a paper trail as best you can.


  1. I think the Economic Policy Institute’s report on mandatory arbitration is a well-rounded explanation of why this is often highly beneficial to companies at huge loss to consumers and employees. ↩︎

The Fate of the iTunes Store in MacOS Catalina

Kirk McElhearn:

In early betas of macOS Catalina, the iTunes Store was visible, but in recent betas it did not show up in the sidebar of the Music app if the user was signed into Apple Music. That seems to be the default now: if a user has an Apple Music account, they won’t see the iTunes Store. You can display it, if you wish, in the Music app’s Preferences, on the General pane, but if you’re a streamer, you won’t see it by default.

This seems like a graceful way to handle the virtually-complete transition of listeners from purchasers to streamers. For those of us who do both, it’s a preference change. Pretty straightforward.

What this means for the future of the iTunes Store seems obvious, but it is not a future I’m willing or eager to accept.

Disinformation Campaigns Targeting Hong Kong Protesters Run Rampant on Twitter

Maciej Cegłowski in a Twitter thread:

Every day I go out and see stuff with my own eyes, and then I go to report it on Twitter and see promoted tweets saying the opposite of what I saw. Twitter is taking money from Chinese propaganda outfits and running these promoted tweets against the top Hong Kong protest hashtags

What China is doing is clear. If these peaceful, extremely self-disciplined protesters who enjoy the clear backing of the overwhelming majority of Hong Kongers can be discredited, it will be easier to crack down. What the fuck Twitter thinks it’s doing is less clear.

Ryan Mac and Rosalind Adams, Buzzfeed News:

The Chinese government has struggled to contain the narrative of the months-long protests, which have seen pro-democracy activists face increasingly aggressive police tactics in the streets. Though Twitter and Facebook are banned in China, the Chinese state media runs several English-language accounts to present its views to the outside world.

“It’s very clear that the Chinese state media is essentially buying ads on Twitter and Facebook for the purpose of reaching an international audience as part of China’s effort to ‘tell its story better,’” said Adam Ni, a China researcher at Macquarie University in Sydney. The Communist Party sees this “as critical in the battle of hearts and minds,” he added.

In a similar vein, Ryan Gallagher of the Intercept reported that the Chinese government was also buying ads on Twitter that served as propaganda against the Uighur people of Xinjiang.

Twitter responded:

Today, we are updating our advertising policies with respect to state media. Going forward, we will not accept advertising from state-controlled news media entities. Any affected accounts will be free to continue to use Twitter to engage in public conversation, just not our advertising products.

This is a global approach and will be enforced across our entire business.

The turnaround on this policy change was just a few days from when Cegłowski began tweeting about it, indicating that Twitter can change quickly when it needs to, and tacitly raising the question of why it takes so long for the company to react to other obvious shortcomings in its product.

Twitter also disclosed today that there was a coordinated astroturfing campaign of propaganda that used a little over 900 accounts in an effort to surreptitiously manipulate opinion and coverage of the demonstrations in Hong Kong.

Facebook has said that it won’t ban state-run media advertisers on its platform.

Media’s Mega-Mergers Are Already Having an Impact on Storytelling

Alex Cranz, io9:

Now imagine what’s happening right this moment. The House of Mouse may already be self-censoring because it has a brand image to uphold. That self-censorship will now be applied to nearly 40 percent all the movies you watch, and between ABC and Hulu and Disney+ it will own a whole heckuva lot of the TV you consume too. AT&T is cutting costs and killing favorites to try and build a popular and inoffensive rival to the other big streamers (and Disney’s looming giant). CBS and Viacom have only just begun their own plans for streaming domination, but already people are noting, and/or hoping, for reboots and continuations of their favorites.

Cranz’s piece illustrates the necessary impact on storytelling when new films and television shows are run through the machinations of a shrinking number of large studio, the largest of which has a particularly sensitive approach to more challenging topics. But because these companies also control many of the distribution channels to the greatest degree since United States v. Paramount, it’s possible that independent films would find themselves shut out of an audience even if they could be financed.

Or, perhaps the combined bureaucratic weight of these mega-studios will cause them to collapse on themselves; they may find it difficult to produce captivating new works. That doesn’t seem to be likely. When all but a couple of the twenty highest-grossing films of the year are either franchise tie-ins or sequels, we’ve demonstrated a booming market for mediocrity.

AT&T, Disney, and CBS haven’t been as explicit in noting their desire for our viewing habits, but it’s absolutely one reason they’re pushing into the streaming space and trying to gobble up as much of the pie as they can. “Basically, sign up as many subscribers as possible and get them into the service, and give them a chance to enjoy the great intellectual property and product that will be part of that service,” Disney CEO Bob Iger told a group of analysts and reporters last week, per a CNBC report.

Nothing would warm my heart and disrupt my stomach more than for “intellectual property” to replace the current miserable term for anything made by anyone in any context.

Server-Side Rendering With AMP

Let me get this straight: Google launched AMP as a way to speed up the web by, somehow, adding a hundred kilobytes of JavaScript as an intermediary for all pages created with its language. It then realized that this was not as fast as serving plain markup, so it’s now extolling the virtues of adding a server-side rendering process, which — and I promise that I am not making this up — breaks the AMP spec. And, somehow, this is all better and more logical than sending some standard HTML down the pipe.

I guess that it must be, so long as Google keeps manipulating search results for mobile users to favour its own AMP project over any normal webpage, even very fast ones.

WebKit Publishes Tracking Prevention Policy

Earlier this week, Apple’s WebKit team announced its strong Tracking Prevention Policy:

This document describes the web tracking practices that WebKit believes, as a matter of policy, should be prevented by default by web browsers. These practices are harmful to users because they infringe on a user’s privacy without giving users the ability to identify, understand, consent to, or control them.

[…]

We treat circumvention of shipping anti-tracking measures with the same seriousness as exploitation of security vulnerabilities.

This is the correct position. Kudos.

Reflecting on the Targeted Harassment of Women on the Internet, Five Years After ‘Gamergate’

It is very hard to come to terms with the brutality of the tactics honed by abusive people — nearly entirely men — during the “Gamergate” saga, and now used constantly to dehumanize women, queer individuals, and non-white people.

Sarah Jeong was targeted last year for some decontextualized Twitter jokes:

Tucker Carlson did a segment about me on Fox News. The president called me “disgusting” in a tweet. Shortly after the arrest of Mr. Sayoc, the MAGA bomber, the media discovered that he had sent me a death threat on Twitter.

Of the many threats of rape, dismemberment and murder sent to me and to my workplace, at least one was concerning enough that The New York Times filed a police report. But Mr. Sayoc’s tweet at me — a bizarre, confusing insinuation that my corpse was going to be dumped in the Everglades — barely pinged anyone’s radar, let alone my own, until he made the news for mailing pipe bombs.

Charlie Warzel contributed an article documenting the myriad influences on broader culture that are directly linked to the reaction on Reddit and 4chan to a crappy blog post. But the pieces from Jeong and Brianna Wu reflect on the terrible effects these harassment techniques have had on the women who experience them, and they are absolutely worth your time and reflection.

The Cost of Cross-Platform Code Sharing

Eyal Guthmann of Dropbox:

Until very recently, Dropbox had a technical strategy on mobile of sharing code between iOS and Android via C++. The idea behind this strategy was simple—write the code once in C++ instead of twice in Java and Objective C. We adopted this C++ strategy back in 2013, when our mobile engineering team was relatively small and needed to support a fast growing mobile roadmap. We needed to find a way to leverage this small team to quickly ship lots of code on both Android and iOS.

We have now completely backed off from this strategy in favor of using each platforms’ native languages (primarily Swift and Kotlin, which didn’t exist when we started out). This decision was due to the (not so) hidden cost associated with code sharing. Here are some of the things we learned as a company on what it costs to effectively share code. And they all stem from the same basic issue:

By writing code in a non-standard fashion, we took on overhead that we would have not had to worry about had we stayed with the widely used platform defaults. This overhead ended up being more expensive than just writing the code twice.

Fascinating stuff from a company that is about to launch an Electron-based desktop client.

Amazon’s Bezos Brigade Unleashed On Twitter

Aric Toler, Bellingcat:

On August 14, a Twitter thread that included a small army of “Amazon FC Ambassadors” went viral, bringing to light Amazon’s year-long social media brand ambassador program.

[…]

Last year, Amazon rolled out a program where employees at these fulfillment centers (warehouses) are able to also work as brand ambassadors to describe their experiences working at Amazon. A number of media outlets reported on this new program last year after the first wave of Ambassadors sent out bizarre tweets promoting Amazon’s workplace conditions.

Per the 2018 reports, these Ambassadors were given “an extra paid day off and a [$50] gift card” for their efforts in volunteering to defend Amazon from their online detractors.

If employees want to defend their employer against criticism — online or offline, I don’t care — that’s their jam. But they shouldn’t be paid to be a public relations prop when they’re clearly not an official representative. This is a dismal practice that I hope does not spread.

Tech Companies Should Be More Upfront and Plain-Spoken with Practices That Could Violate Users’ Privacy

Nicole Nguyen, Buzzfeed News:

As we found out yesterday, Facebook paid outside contractors to transcribe voice memos from users who turned on chat transcription in the Messenger app. The company is the latest in a string, including Amazon, Google, Apple, and Microsoft, caught sending users’ audio to third-party firms for analysis.

[…]

Most folks buying Google Homes and Echos from a mall kiosk aren’t aware. That’s in part because of the products’ “just like that!” marketing, but largely because Amazon, Google, Apple, Microsoft, and Facebook haven’t clearly told consumers what they do with their voice and video information. None of those companies’ data policies state that what we say and do in front of our voice assistants, internet-connected cameras, and messaging apps can be shown to strangers employed by the companies or their contractors.

Plain-language explanations of practices that may be compromising to users’ privacy can be hard to write. I am certain that the opt-in rate would be extremely low if these devices asked users — during the onboarding process, for example — whether a selection of their voice recordings can be retained and later reviewed by a human being.

Nevertheless, it is unquestionably the right thing to do.

Companies should be able to educate customers on why they should opt-in. They should be upfront and direct about what they will do with recordings. They should go to great lengths to explain how recordings will be de-identified, processed anonymously, and removed within days. That builds confidence that users’ recordings will not be exploited, and that a small compromise of their privacy will lead to better results, should they so choose. Of course the opt-in rate for this will be low — but that’s how it should be. Better that then having these shady practices exposed, with users left feeling violated.

Suprema’s Biometrics Database with Fingerprints, Face Photos, and Plain Text Passwords Found to Be Publicly Accessible

Josh Taylor, the Guardian:

The Israeli security researchers Noam Rotem and Ran Locar working with vpnmentor, a service that reviews virtual private network services, have been running a side project to scans ports looking for familiar IP blocks, and then use these blocks to find holes in companies’ systems that could potentially lead to data breaches.

In a search last week, the researchers found Biostar 2’s database was unprotected and mostly unencrypted. They were able to search the database by manipulating the URL search criteria in Elasticsearch to gain access to data.

The researchers had access to over 27.8m records, and 23 gigabytes-worth of data including admin panels, dashboards, fingerprint data, facial recognition data, face photos of users, unencrypted usernames and passwords, logs of facility access, security levels and clearance, and personal details of staff.

Biostar 2 is operated by Suprema, a Korean company, which means that this breach should be investigated under the country’s strict Personal Information Protection Act. If this report is true, it’s shocking that they did not bother to encrypt fingerprint data, staff details, or administrative usernames and passwords.

Apple Card’s Targeted Ads May Be Non-Creepy, But They’re Still Unexpected

Steve Moser (via Michael Tsai):

Apple will target users for marketing emails and push notifications based on their transaction history. “For example, Apple may send a message to your device that is relevant to people who typically purchase travel.” Apple might have been able to negotiate reduced fees by agreeing to allow advertising to Apple Card users.

Moser posted a copy of the on-boarding text in full, which describes this in more detail:

Apple may use your Apple Card account status, such as whether you have applied for or have a current Apple Card account, to determine whether a message is relevant to you, including a marketing message. Apple may also send messages to your device, which may use information known only to you and your device, such as your transaction history and location, to help determine whether a message is relevant to you. For example, Apple may send a message to your device that is relevant to people who typically purchase travel. Apple does not need to know whether you purchased travel. Your device can use your transaction history to decide whether the message is relevant to you. This helps to ensure that you receive relevant communications, while protecting your privacy. Apple does not know which messages you see on your device.

Anonymous and aggregate information that cannot be tied to you may also be used for Apple Card marketing and other messaging. You may opt out of marketing messages by clicking the unsubscribe link in a marketing email or by turning off notifications for Apple Card.

Based on what I’m reading here, it sounds like Apple is sending push notification message text to all Apple Card users, but only displaying it if it’s relevant to a specific user. It’s a clever way of doing semi-targeted ads without violating users’ privacy.

I think that’s less relevant to users than whether they expect to receive ads in their email account and on their lock screen because they signed up for Apple’s credit card. The more nihilistic user might, but Apple is supposed to be the company that doesn’t point to some clause in their terms and conditions as a free pass to exploit users.

Apple’s marketing website:

At Apple, we firmly believe in your right to privacy. That’s why we created a unique architecture for Apple Card that generates things like your transaction history and spending summaries right in the Wallet app on your iPhone.

Of course, Goldman Sachs will use your data to operate Apple Card. But they will never share or sell your data to third parties for marketing or advertising.

Apple’s solution is in agreement with the letter of these statements, but certainly not the spirit.1

There is are parts of this product that are distinctly un-Apple-like, but none more so than the use of push notifications to send targeted advertisements. I do not believe that Apple must compromise its advantages and expectations to compete effectively in the services business; but, if it feels like it does, why should I choose its offerings over those from competitors?


  1. Also, I thought that using push notifications to deliver advertisements was against Apple’s policies. It certainly was. But a 2018 rewrite of the App Review policies document indicates a softer stance (italics mine):

    4.5.4 Push Notifications must not be required for the app to function, and should not be used for advertising, promotions, or direct marketing purposes or to send sensitive personal or confidential information. Abuse of these services may result in revocation of your privileges.

    “Must not” indicates an outright ban on app functionality being dependent on enabling push notifications, but “should not” is basically just a recommendation. Gross.

    Update: The allowance of push notification advertising actually dates back to 2016. Thanks, George↩︎

Netflix Is Starting to Behave a Lot More Like a Traditional Big Studio

Natalie Jarvey, Hollywood Reporter:

With a market-leading 152 million global subscribers, 10 percent of TV screen time in the U.S. and a several-year head start, Netflix may be too big to fail. But that hasn’t stopped a growing chorus of questions over how long the “Netflix bubble” can last. Its ballooning costs — analysts estimate that it will spend between $10 billion and $15 billion on content this year — means it burns through cash ($3 billion in 2018). Its current debt load is $12 billion.

Worries ratcheted up July 17 when the company reported its first subscriber loss in the U.S. in eight years. Its high-flying stock came crashing down 15 percent, erasing $24 billion in value in less than a week. “It’s notable that they lost subscribers before they lost a meaningful amount of content and before there was direct competition from their suppliers,” says Wedbush’s Michael Pachter, a noted Netflix bear. “This suggests they will face additional pressure when they lose content later this year and as their current [licensing] contracts with Warner Bros., Fox, Disney and NBCU expire.”

Once the studios figured out that they, too, could sign a contract with AWS and build a streaming media player, they replaced Netflix’s big advantage with an even worse version of the old cable television model. If you’re a film or television buff and want to maintain a moral and legal high ground, there’s no question in my mind that you’ll pay more for a combination of streaming services than you used to for cable.

But if I were an executive at one of these conglomerates, I’m not sure I’d wager too much on the inability for users to remember how their torrent client works.