Month: February 2020

Reflective Satellite Clusters Created by Private Companies Are Impeding Astronomers’ Work and Altering the Night Sky theatlantic.com

Marina Koren, the Atlantic:

Before Starlink launched, SpaceX coordinated with the National Science Foundation and its radio-astronomy observatories to make sure there wouldn’t be any overlap. Unfortunately for optical astronomers, there is no such framework when it comes to the brightness of satellites — no international body in Geneva, let alone a dedicated agency in the United States. The Federal Communications Commission’s regulatory realm spans communication networks across multiple industries, which means its oversight includes, oddly enough, both satellites and offensive Super Bowl commercials. But while American satellites need the agency’s permission to launch, the FCC does not regulate the appearance of those satellites once they’re in orbit.

[…]

In the months since they first launched, the Starlink satellites have been essentially photobombing ground-based telescopes. Their reflectiveness can saturate detectors, overwhelming them, which can ruin frames and leave ghost imprints on others. Vivienne Baldassare’s work depends on comparing images taken night after night and looking for nearly imperceptible variations in light; the slightest shifts could reveal the existence of a black hole at the center of a glittering, distant galaxy. Baldassare, an astronomer at Yale, can’t see behind the streak of a satellite. “You can’t just subtract that off,” she says. Some objects, such as comets, are better viewed during dawn and dusk, when there’s just enough sunlight to illuminate them. But because they orbit close to Earth, the Starlink satellites can be seen during these hours, too; imagine missing a comet as it passes uncomfortably close to Earth because of too many satellites.

Koren says that SpaceX will launch over a thousand satellites just this year, while Amazon wants to launch over three thousand in the coming years, and OneWeb is launching a little over six hundred. There are presently only about two thousand artificial satellites orbiting the Earth right now; the additions from just the three aforementioned companies would triple the number of orbiting satellites, and that doesn’t count the ones that SpaceX has already launched.

It is impressive that it is somehow becoming increasingly trivial to get a robot orbiting the Earth. But I’m tangentially reminded of the incident at WWDC 2010 where there were hundreds of spontaneous WiFi networks that interrupted Steve Jobs’ iPhone 4 demo. What happens when we blanket the globe in private satellites with little accountability for their live operation and eventual death as space junk?

An Analysis of the App That Failed the Iowa Democratic Caucus vice.com

Jason Koebler, Joseph Cox, and Emanuel Maiberg, Vice:

The app used to report early results in Iowa’s Democratic Presidential primary caucus was rudimentary in many ways, according to analyses by multiple Android app development experts and cybersecurity professionals who decompiled and studied the app after it was obtained by Motherboard.

The app, called IowaReporterApp and developed by a company called Shadow Inc., malfunctioned during the caucus, causing mass chaos and delaying the public reporting of results until Tuesday evening. The app was designed to rapidly report early results, not tabulate final vote counts. That means its failure will not result in the election result being altered.

Jane Manchun Wong:

The backend of Iowa Caucus app is named “idp-2020-dev”

People usually only name the non-production backend as “dev”

I have a feeling they might be out of time and had to ship the dev build straight to prod for democracy

Some consultant is probably sitting on a beach somewhere in awe of their bank balance after they managed to convince party and election officials that digital tabulation would be so much simpler and faster than pen and paper.

Peek-a-View caseyliss.com

Casey Liss has a new app:

Peek-a-View is, at its core, a read-only photo browser.

It is designed to be safe to hand to anyone, and know that you’re not going to need to worry about the safety of your photos.

This app was an instant purchase for me. It’s ridiculously simple to use and does exactly what I often need when I want to show just a single album or a handful of photos on my phone.

Great purchase model, too: a free download that allows you to show only the twenty most recent photos, with an in-app purchase to unlock selecting other albums with more photos.

Google and YouTube Join Twitter in Telling Clearview AI to Stop Scraping User Data cbsnews.com

CBS News, in an un-bylined story:

Google and YouTube have sent a cease-and-desist letter to Clearview AI, a facial recognition app that scrapes images from websites and social media platforms, CBS News has learned. The tech companies join Twitter, which sent a similar letter in January, in trying to block the app from taking pictures from their platforms.

[…]

Ton-That argued that Clearview AI has a First Amendment right to access public data. “The way we have built our system is to only take publicly available information and index it that way,” he said.

I’m no lawyer, but that’s certainly a creative interpretation of the First Amendment.

For what it’s worth, a 2018 ruling indicates that website scraping does have some First Amendment protections, but that was decided in the context of research. But it’s unclear whether that would extend to copying third-party materials for first-party profit.

Facebook and Venmo also said scraping was against their policies, but have so far not sent cease-and-desist letters.

Peter Thiel sits on Facebook’s board and is also an investor in Clearview. You’d think he could pass along the message.

MacOS Will Soon Support Universal Apps, Enabling a Single Purchase for Mac, iPhone, and iPad Apps macstories.net

Ryan Christoffel, MacStories:

As first spotted by Steve Troughton-Smith, release notes for the latest beta build of Xcode include a major development: Mac apps can soon be included as universal purchases with their iPhone and iPad companions.

Apple:

Starting in March 2020, you’ll be able to distribute iOS, iPadOS, macOS, and tvOS versions of your app as a universal purchase, allowing customers to enjoy your app and in‑app purchases across platforms by purchasing only once. You can choose to create a new app for these platforms using a single app record in App Store Connect or add platforms to your existing app record. Get started by building and testing your apps using a single bundle ID with Xcode 11.4 beta.

This has the potential to be great news for MacOS developers who want to create iOS apps and don’t want to devalue the products on either platform. I could imagine a situation where a Mac developer sells an app for $50 and wants to create an iOS app, but might struggle to find buyers for it at $10. Instead, they could charge $70 or $80 for the bundle. The Mac apps don’t have to be Catalyst apps, either.

This is interesting, too, in Apple’s notes:

In addition, App Store categories will be unified across the App Store and Mac App Store to align with this change, and to help make your apps more discoverable. The following changes will be made.

  • You’ll be able to select the following categories for iOS apps: “Developer Tools” and “Graphics & Design”.

I’m not sure it means anything beyond unification that the iOS App Store will now have a Developer Tools section, but it’s promising.

Apple News Plus Is Not a Great Standalone Product, but Could Be a Good Component of a Bundle 500ish.com

Mark Gurman and Gerry Smith, Bloomberg:

The head of business for Apple Inc.’s news app stepped down less than a year after launching a high-profile subscription product that has struggled to attract paying readers.

Liz Schimel, the outgoing executive, joined in mid-2018 after serving as the president of international business at magazine publisher Conde Nast, said people familiar with the move who asked not to be identified discussing personnel matters. At Apple, Schimel oversaw relationships with advertisers and news publishers.

MG Siegler:

I may have one magazine or newspaper that I love. Or maybe two or three. And maybe I’m happy to pay for each of those. And it’s awesome that News+ may have those packaged together for one low price, but it also has a basically infinite supply of other content to read. And reading isn’t watching. This isn’t Netflix or Amazon where more is obviously better. I know it may have seemed like it would be, that curation would be the key. But in the order of things, TV trumps magazines and newspapers. You may not like that, I may not like that, but this is the way.

So, what to do?

It’s so obvious that it’s already rumored. Make News+ a part of an Apple bundle. Yes, yes, “Apple Prime” as it were. Flip the script so that News+ isn’t yet another cognitive load on us. Something that may be a good deal but will I really have time for that? To: oh wow, this is included in what I already pay for? Awesome.

It’s very hard to make the case for Apple News Plus as a standalone service. In fact, I think it’s hard to make the case for many of Apple’s services to be so independent of each other. It feels very strange that Apple bills me multiple times every month, each time for a different service.

It’s also a bit weird that Apple, a technology and design company, is now a conduit for publishers, a movie and television house, and a credit card company — but I guess shareholders are happy.

Examining the Terraced Privacy Policies of the Hundreds of Companies With Which a Website May Share Your Data garwarner.blogspot.com

Gary Warner:

But that isn’t today’s topic. Today, we look at how GDPR is being interpreted to require websites to share information about their cookie policies. This morning as I was reading the news, The Guardian popped up a little box on my iPad asking me if I’d like to consent to their Cookie Policy.

[…]

There are 577 Vendors to whom this policy applies.

And guess what, each of them helpfully has a Privacy Policy of their own! If you would like to see what each of THEM are going to do with your data, you need to read an additional 577 Privacy Policies.

Imagine doing that for every single widely-used website.

Bottom line? GDPR is not protecting you from ANYTHING. It has created an impossible legal hurdle which guarantees that you will NEVER HAVE PRIVACY AGAIN. (While simultaneous [sic] GRANTING privacy to those drug dealers, malware distributors, and human traffickers that we are trying to identify.)

I’m not sure where Warner gets the idea that GDPR grants enhanced privacy to criminals, but I sympathize with his claim that it isn’t adequately protecting users — though I do not fully agree. For a start, it seems unlikely that we would be having this conversation without awareness of the issue, which few people would have if not for the debate over GDPR and its subsequent enactment.

More relevant, however, is that many of these consent notices violate the law, according to reporting by Natasha Lomas of TechCrunch:

For the study, the researchers scraped the top 10,000 U.K. websites, as ranked by Alexa, to gather data on the most prevalent [consent management platforms, or CMPs] in the market — which are made by five companies: QuantCast, OneTrust, TrustArc, Cookiebot and Crownpeak — and analyzed how the design and configurations of these tools affected internet users’ choices. (They obtained a data set of 680 CMP instances via their method — a sample they calculate is representative of at least 57% of the total population of the top 10,000 sites that run a CMP, given prior research found only around a fifth do so.)

Implicit consent — aka (illegally) inferring consent via non-affirmative user actions (such as the user visiting or scrolling on the website or a failure to respond to a consent pop-up or closing it without a response) — was found to be common (32.5%) among the studied sites.

[…]

They also found that the vast majority of CMPs make rejecting all tracking “substantially more difficult than accepting it” — with a majority (50.1%) of studied sites not having a “reject all” button. While only a tiny minority (12.6%) of sites had a ‘reject all’ button accessible with the same or fewer number of clicks as an “accept all” button.

As Lomas points out, enforcement of GDPR’s policies remains lax and compliance continues to be poor. Despite these weaknesses, GDPR and its Californian cousin are having a limited positive effect. Better regulatory frameworks are needed to govern the storage and use of personal data, and reduce its ability to be hoarded by monolithic companies.

Who knows? Maybe we’ll get to a point where people can once again visit websites with the confidence that they are not being mined, stalked, preyed upon, or taken advantage of.

Researchers Find ‘Anonymized’ Data Can Easily Be Combined With Leaked Personal Information From Major Data Breaches vice.com

Karl Bode, Vice:

Dasha Metropolitansky and Kian Attari, two students at the Harvard John A. Paulson School of Engineering and Applied Sciences, recently built a tool that combs through vast troves of consumer datasets exposed from breaches for a class paper they’ve yet to publish.

“The program takes in a list of personally identifiable information, such as a list of emails or usernames, and searches across the leaks for all the credential data it can find for each person,” Attari said in a press release.

They told Motherboard their tool analyzed thousands of datasets from data scandals ranging from the 2015 hack of Experian, to the hacks and breaches that have plagued services from MyHeritage to porn websites. Despite many of these datasets containing “anonymized” data, the students say that identifying actual users wasn’t all that difficult.

There is probably no reason why a massive company would want to identify an individual person, but there is every reason why they would want to find many individual persons. Advertising, marketing, and analytics companies routinely flout the difference between targeting users in very small groups and targeting them individually. That’s gross — and there are far more dangerous possibilities for those who may have vast troves of personal details individually linked.

The studies compiled by Bode show why:

  • it is vital for the least possible amount of information to be given to any company;

  • there should be limits on how long non-offered data may be stored;

  • anything retained must be encrypted;

  • there must be serious repercussions for failing to adequately secure data, even if no breach has occurred; and,

  • individualized data must generally be devalued.

Redesigned Apple Maps Now Covers United States, Except Territories, With Europe Launching in 2020 apple.com

Apple:

Apple today announced that all users in the United States can now experience a redesigned Maps with faster and more accurate navigation and comprehensive views of roads, buildings, parks, airports, malls and more, making it easier and more enjoyable to map out any journey. Apple completed the rollout of this new Maps experience in the United States and will begin rolling it out across Europe in the coming months.

“We set out to create the best and most private maps app on the planet that is reflective of how people explore the world today,” said Eddy Cue, Apple’s senior vice president of Internet Software and Services. “It is an effort we are deeply invested in and required that we rebuild the map from the ground up to reimagine how Maps enhances people’s lives — from navigating to work or school or planning an important vacation — all with privacy at its core. The completion of the new map in the United States and delivering new features like Look Around and Collections are important steps in bringing that vision to life. We look forward to bringing this new map to the rest of the world starting with Europe later this year.”

Matthew Panzarino:

Maps is probably the biggest software turnaround in Apple’s modern era — an interesting case study for a company that rarely needs turnaround efforts.

Justin O’Beirne has, as usual, assembled a second-to-none catalogue of examples; if you’re not following his posts on digital maps, you’re missing out.

I use Apple Maps almost exclusively for finding places and getting directions; I know it’s highly variable around the world, but its wayfinding abilities and read-aloud instructions have been tremendous in the past year. When I’m monkeying around and trying to figure out what a place looks like, however, I still turn to Google Maps. Of all the things I’m most excited about in this new Apple Maps, a competitor to Street View is high on that list — especially since, in recent years, Google Maps has become more difficult to use.