Pixel Envy

Written by Nick Heer.

Archive for May, 2020

MacOS Catalina’s Hidden Additional Typeface Families

Ralf Herrmann (via Michael Tsai):

Apple has recently licensed fonts from type foundries such as Commercial Type, Klim Type Foundry and Mark Simonson Studio to be used as system fonts on Mac OS Catalina. But since these fonts are an optional download, many users of Mac OS X are not even aware they have access to them for free.

I had no clue that so many great type families were made available for free to Catalina users. Interestingly, they aren’t stored in the typical folders for fonts — /Library/Fonts or ~/Library/Fonts; instead, they are downloaded to /​System/Library/AssetsV2/com_apple_MobileAsset_Font6. However, they appear to be saved as standard TrueType containers, and I don’t see any restrictions on their use for commercial projects in their metadata or the Catalina EULA (PDF).

Grubhub Should Be Thriving Due to the Pandemic’s Restrictions — But It’s Not

There is a lot in this report from Adrianne Jeffries, writing at the Markup, about the ways that food delivery services are struggling during the pandemic, but I wanted to direct your attention to this:

Grubhub has acknowledged that it makes more money from independent restaurants and small chains. A February 2020 shareholder letter explained that a typical order from an independent restaurant that uses Grubhub for marketing and delivery generates $4 of profit for Grubhub, while an order from a national chain generates $0. 

The independent restaurant “values our demand generation capabilities and utilizes our delivery services; we have a higher take-rate and collect the diner delivery fee,” Grubhub wrote, while the profit from the national brand “is significantly lower because the commission rate is lower AND the order size is smaller.”

For the independents, though, the delivery fees were too high “even in a strong market,” said Andrew Rigie, the executive director of the New York Hospitality Alliance. In a pandemic, they could put restaurants out of business — which would in turn put delivery apps out of business.

The letter illustrates the difference by comparing a $38 order from an independent restaurant and a $25 order from a chain. Grubhub’s commission on the first order is apparently between $6 and $8; its commission on the chain order is $2 to $4. Perhaps the delivery model doesn’t work as well for fast food chains, and perhaps you believe Grubhub’s argument that the attraction of a big chain will draw some customers to also order from places they otherwise wouldn’t. The effect is the same, however: Grubhub uses the higher fees paid by independent neighbourhood restaurants to subsidize deliveries for huge chains.

Three-Judge Panel Dismisses Nonsense Lawsuit Alleging Infringement of First Amendment Rights by Tech Companies

Erik Larson, Bloomberg:

A federal appeals court rejected claims that tech giants Twitter Inc., Facebook Inc., Apple Inc. and Alphabet Inc.’s Google conspired to suppress conservative views online.

The U.S. Court of Appeals in Washington on Wednesday affirmed the dismissal of a lawsuit by the nonprofit group Freedom Watch and the right-wing YouTube personality Laura Loomer, who accused the companies of violating antitrust laws and the First Amendment in a coordinated political plot.

[…]

Larry Klayman, a lawyer for Freedom Watch and Loomer, said in an interview that he’d file a petition to have the case reheard by an enlarged, “en banc” panel of the court’s judges and take the case to the Supreme Court if necessary. He said he believes the court chose Wednesday to issue its decision as a response to President Donald Trump’s threat to regulate or shutter social media companies for their alleged anticonservative bias.

Klayman is an entire jackass who has been banned from several courtrooms, and has repeatedly faced the prospect of having his law license suspended — most recently for pursuing a romantic relationship with a client. Meanwhile, the U.S. President thinks that he has the capacity to “close down” companies because they dare attempt to correct his dangerous lies that delegitimize this year’s election. Twitter, meanwhile, has decided to allow the use of its platform by the President for slandering a television host by accusing him of murder.

This “flooding the zone with shit” tactic is disastrous at any time, but is contemptible without compare during a pandemic that has now killed a hundred thousand Americans and over three hundred thousand worldwide.

Recent Firmware Updates for Texas Instrument Graphing Calculators Removes ASM Support

Matthew Wille, Input:

Texas Instruments is pulling support for C-based and assembly-based programs on both the TI-84 Plus CE — the most popular calculator for sideloading — and the TI-83 Premium CE, its French sibling. The latest firmware for each completely removes the capability and leaves users with no way to roll back to previous versions of the firmware.

This will pose a huge shift in the TI-calculator community — a relatively small but ultimately very dedicated group of programmers. Texas Instruments has shown love for this community in the past, and the company even provides advanced copies of firmware for them to beta test. Now it seems the company is ready to rebrand as more secure, even if that means leaving behind its most passionate fanbase.

Before every math and physics exam, I remember a teacher going around the room to make sure all of us cleared the memory on our graphing calculators. One of the very first programs I created was a lookalike version of the TI-83’s “RAM cleared” screen — similar to Fake but nowhere near as clever — so that I could keep all of the games I had installed and, occasionally, contraband notes. I am sure that my calculator helped me learn more about programming than it did my actual schoolwork. This is a pretty lame move on the part of Texas Instruments.

WWDC 2020 Wish Lists

Becky Hansmeyer included a bunch of SwiftUI wishes, but I picked a couple of things from the “Everything Else” section that I am also hoping to see this year:

A system-wide color picker in iOS. It’s bananas that I can’t select some text in Apple Notes on my iPad and change its color. From what I can tell, every single Mac app has access to the color picker.

The MacOS colour picker is a gem of a system component and something I miss dearly when working on any other operating system. Yes, please.

A revamped iPad multitasking system (yep, just do it again until it’s right) that isn’t big ol’ hot mess. Make it so my 4-year-old can figure it out.

I desperately want to see this cracked. I wonder how many users of moderate technical literacy can figure out how the current multitasking system works — not many, I bet. I’m not sure it will ever be usable by young children, but I’m not confident that I fully understand the current system, and I use my iPad a lot.

Stuart Breckenridge (via Michael Tsai):

  • Messages should have feature parity with its iOS counterpart, and improved search

  • FaceTime Group Calling needs an overhaul to match group calling features of competitors (at the very least, a static grid view)

These are both off Breckenridge’s MacOS wish list, which he guesses will be named Anacapa. My money is on Avalon.

Gus Mueller kept it simple:

My WWDC 2020 MacOS Wishlist

It’s now spelled with a capital M.

The true crime is the capitalization of “iPadOS”.

For what it’s worth, there are a couple of things that I would like to see this year:

  • Some indication — anything — that Siri is a priority. The wholly-generated voice that shipped with iOS 13 is a welcome improvement; it sounds so much better, particularly with more complex words.

    But Siri’s ability to respond accurately and as expected remains terrible. I know that all voice-based assistants have their weak spots, but my experience with Siri is that it cannot be trusted to do anything more than set timers and create reminders.

    Also, given its intentions and promised capabilities, Siri ought to be a tentpole feature for accessibility. Given its proclivity to behave unexpectedly, it’s just not there yet. Voice Control is wildly impressive; Siri ought to be, too.

  • An indication that “iPadOS” is more than just a name. It seems to me that a great reason to rename the iPad’s operating system is to indicate that it is no longer a bigger and slightly different version of the operating system that’s used on the iPhone. I’d like to see evidence of this.

    A great place to start might be in the management of background tasks. Here is an example I’m sure I’ve used before but cannot seem to find right now: I had three tabs open in Safari when an email came in with an attached contract I needed to sign. I switched over to Mail to save the PDF locally, switched to Files to put it in the correct place, signed it using the Markup extension, then switched back to Mail to reply with the signed copy. And then I switched back to Safari and all my tabs had to reload.

    I try to be cautious with how Mac-like the iPad should be. I recognize that it is a different platform with different expectations, so I don’t necessarily think that the iPad should just clone everything the Mac does. There are plenty of great reasons this does not happen and ought to be avoided. But, still, I have never switched between a few Mac apps and had Safari behave as though it was freshly launched. I would like to be able to switch between apps on my iPad without frequently triggering full reloads.

    Another pet peeve of mine is how poorly many system features use the space offered by today’s giant iPad displays. Siri should not consume the entire screen; neither should Notification Centre, for that matter, with a single column of summarized banners.

These are two areas that Apple often pushes as being emblematic of its strategy for the future, but which it has struggled to move forward in my view. My experiences with Siri and my iPad are not nearly as optimistic as Apple projects.

My other wish for WWDC is a noticeable focus on quality: fewer bugs, less waiting, better fit and finish, and no catastrophes when upgrading. The tick-tock cycle of feature-heavy releases followed by refinement versions is a horrible strategy that does neither effectively. I would like to see this acknowledged in some regard as an ongoing priority for every release. That’s not going to happen, but that’s what wish lists are for: the things you really want.

Local U.S. News Stations Aired an Amazon-Produced Promotional Video, Most Without Acknowledging Its Source

Zach Rael of KOCO 5:

Just got an email from Amazon’s PR team with a pre-edited news story and script to run in our shows. They are selling this as giving our viewers an “inside look” at the company’s response to COVID‑19.

Tim Burke, Courier:

While most TV news professionals have scoffed at the idea of running Amazon-provided content as news, at least 11 stations across the country ran some form of the package on their news broadcasts. The package — you can view the script Amazon provided to news stations here — was produced by Amazon spokesperson Todd Walker. Only one station, Toledo ABC affiliate WTVG, acknowledged that Walker was an Amazon employee, not a news reporter, and that the content had come from Amazon.

[…]

Amazon responded by stating the video and script were published to Business Wire as are many other companies’ in-house produced content for media organizations.

While it’s true that many companies use Business Wire to distribute press releases, it’s rare to see news-lookalike materials for broadcasters to simply drop in. It’s kind of gross for Amazon to be creating material that is clearly intended to be used, in full, as a news item, but that’s nothing on how unprofessional and embarrassing it is for even a handful of broadcasters run it without disclosing its source.

Update: Al Tompkins, Poynter:

In the TV business, these so-called video news releases, or VNRs, are so 1998. Frankly, I have not heard of anybody using such things on the air in years because they have been around since the early 1990s and have been loudly condemned as commercials disguised as news stories.

[…]

Journalism organizations like the Radio Television Digital News Association have spoken to the problems that come with VNRs for years. It is not to say a station can never ethically use a company-supplied video or even a statement, but the public has to understand where the video came from and why we are using it rather than verifying the content with our own eyes and lenses. But even using the video with attribution does not release journalists from pointing out that Amazon’s safety claims are at odds with warehouse worker’s claims.

David Barstow and Robin Stein, reporting for the New York Times in 2005:

To a viewer, each report looked like any other 90-second segment on the local news. In fact, the federal government produced all three. The report from Kansas City was made by the State Department. The “reporter” covering airport safety was actually a public relations professional working under a false name for the Transportation Security Administration. The farming segment was done by the Agriculture Department’s office of communications.

Under the Bush administration, the federal government has aggressively used a well-established tool of public relations: the prepackaged, ready-to-serve news report that major corporations have long distributed to TV stations to pitch everything from headache remedies to auto insurance. In all, at least 20 federal agencies, including the Defense Department and the Census Bureau, have made and distributed hundreds of television news segments in the past four years, records and interviews show. Many were subsequently broadcast on local stations across the country without any acknowledgement of the government’s role in their production.

It is sometimes hard to remember the failures of past administrations when the current one eagerly sheds itself of all ethics.

Amnesty’s Security Lab Finds Qatari Mandatory Contact Tracing App Exposed Sensitive Data Such Like Name and Location

Amnesty, in an un-bylined report:

The investigation by Amnesty Security Lab found Qatar’s EHTERAZ app requested a QR code from the central server by providing the national ID the user registered with. No additional authentication was required, so anyone could have requested a QR code for any EHTERAZ user.

The lack of authentication and the fact that Qatari national IDs follow a consistent format meant it was possible to automatically generate all possible combinations of national IDs and retrieve the sensitive data that EHTERAZ stores.

[…]

Before the authorities took action to address the vulnerability, sensitive personal information contained in the QR code included names in English and Arabic, location of confinement, as well as the name of medical facilities in which an individual diagnosed with COVID-19 is being treated. Last Friday, the authorities immediately took action to mitigate the exposure of data by stripping out names and location data. They subsequently released an update for the EHTERAZ app on Sunday which appears to add a new layer of authentication to prevent harvesting of data. While these changes appear to fix the issue, Amnesty International has been unable to verify whether these changes meet sufficient security standards.

This app is mandatory for everyone in Qatar, and its poor centralized design meant that highly sensitive information was trivial to look up. I remain stumped why Apple and Google chose to create the framework for decentralized systems that do not allow location data collection, contrary to the suggestions of the Washington Post.

Prime Minister Justin Trudeau Announces Canada Will Adopt Apple–Google Exposure Notification API

Gary Ng, iPhone in Canada:

Prime Minister Justin Trudeau today revealed during his daily COVID-19 press conference the Canadian government is working with Apple and Google in regards to a contact tracing app, or Exposure Notification solution.

Trudeau mentioned how other jurisdictions, such as Singapore and Australia, have contact tracing apps running in the foreground, which can drain battery life. But Apple and Google’s next June update will bake the joint COVID-19 contact tracing solution into the mobile operating systems, allowing Bluetooth to be used anonymously in the background.

The existing app being promoted across Alberta is based on Singapore’s TraceTogether app, but it has notable problems. If the Canadian app gains widespread adoption, it seems like it could be helpful to human contact tracers.

Ng:

Apple and Google are limiting one API use per country to so apps aren’t fragmented and also increase adoption. The Exposure Notification API will not use a device’s location services.

I must have missed this announcement from a few weeks ago but it makes sense and ought to clean up the current mess of incompatible exposure notification apps.

The Early Build of iOS 14 That’s Floating Around Was Likely Extracted From a Stolen Development iPhone

Remember when, a few months ago, MacRumors and 9to5Mac independently dropped a whole bunch of iOS 14 details without disclosing a source beyond “leaked code”? Even for a necessarily discreet acknowledgement, that barely counts as explaining how much of the OS had leaked and why either publication believed the code to be genuine.

A new report today from Lorenzo Franceschi-Bicchierai of Vice helps answer those questions:

Motherboard has not been able to independently verify exactly how it leaked, but five sources in the jailbreaking community familiar with the leak told us they think that someone obtained a development iPhone 11 running a version of iOS 14 dated December 2019, which was made to be used only by Apple developers. According to those sources, someone purchased it from vendors in China for thousands of dollars, and then extracted the iOS 14 internal build and distributed it in the iPhone jailbreaking and hacking community.

[…]

Leaked Apple code, documentation, and hardware is often traded on Twitter using a hashtag called #AppleInternals. The people trading or selling this information are often pseudonymous, but have proven time and time again to have legitimate Apple information or hardware. This particular version of iOS 14 has been traded on Twitter but also among networks of jailbreakers and security researchers. Two security researchers told Motherboard they have (and are probing) iOS 14, and two said they heard it was being offered but were staying away from it, fearing repercussions from Apple.

For what it’s worth, the hashtag is #AppleInternal, not #AppleInternals. Also, I don’t think it’s a big shock that Apple is not too thrilled that a stolen copy of a very early build of iOS 14 is being shared publicly and probed by unauthorized people. It’s one thing for a public or semi-public copy to be explored for vulnerabilities; it is entirely another to be researching an unfinished build intended solely for internal use.

Last year, a Motherboard investigation revealed the existence of a gray market where smugglers steal early prototypes, or “dev-fused” iPhones from factories in China and then sell them to security researchers and collectors around the world. In the past, Apple has gone after leakers and even a Gizmodo journalist, who found a prototype of an iPhone 4 in a San Francisco bar. It’s unclear what the company will do about this incident, but some in the industry are expecting the worst.

This whole article paints Apple as unreasonably protective of its confidential property, verging on vindictive. This paragraph, specifically, ties the purchase of the unreleased build of iOS 14 to the Gizmodo iPhone 4 case, implying that Apple will, I guess, exact revenge upon MacRumors and 9to5Mac reporters who wrote about the code they obtained.

But the angle of this article depends on how the Gizmodo case is described — and, here, it is reported inaccurately. A Gizmodo journalist did not find a prototype. Gizmodo bought the prototype for $5,000 after being contacted by the guy who stole it from an Apple engineer’s bag. Is it such a surprise that a company — any company — does not take kindly to having its stolen goods trafficked?

I would be surprised and dismayed if Apple attempted to search or press charges against the reporters writing about the iOS 14 builds that were leaked to them. I do not think it is outrageous for Apple to go after whatever source bought the stolen iPhone that contained the code, nor do I think it was wrong when the police investigated Gizmodo’s purchase of a stolen prototype. Those are vastly different things from both a reporter’s ethical perspective, as well as a more obvious legal perspective.

Sandwich Made a New Ad for Slack, Using Slack

Don’t miss the behind-the-scenes video with the Sandwich team explaining how they made all this happen without being able to leave their houses.

If you look closely at Adam’s jacket, you’ll see that he has his iPhone upside down in his chest pocket with the Voice Memos app used to record his audio. I don’t know if that audio made the final cut or if it was a backup, but it would not surprise me if it’s from the iPhone. (Update: The iPhone was a backup.) At my day job, I sometimes have to make videos, and there have been plenty of times I’ve used cleaned-up recordings from an iPhone positioned like that, with perfectly acceptable quality.

It’s amazing how far all of these tools have come. The ad is a video that requires no caveats or asterisks to excuse its work-from-home production, and the behind-the-scenes video shows how much is possible with the tools many of us already have.

Siri Turns Nine This Year

Nilay Patel asked his Apple Watch what time it was in London, and it responded with the current time in London, Ontario. Assuming Patel asked in New York, where his Twitter bio indicates that he lives, that would be the closest London, but almost certainly not the one he’s thinking of.

John Gruber asked the same question on two different devices. His iPhone also responded with the time in London, Ontario, but his HomePod told him the time in London, U.K.

This is clearly madness on every possible level. Why would Siri respond differently on different devices? Why would it not choose the more obvious geographic choice, rather than the small Canadian city that is in the same time zone as where Patel was asking from? If you want to be absolutely pedantic about it, Siri already has a way of clarifying ambiguity — but it should just assume that you want the time in one of the world’s most well-known cities.

What bugged me most about this, though, is that searching Maps locations through Siri and by keyboard entry frequently requires an unnecessary amount of precision. For years, getting directions to the Ikea location here in Calgary required typing “Ikea Calgary, Alberta”, otherwise it would consistently get directions to Ikea in Edmonton, about three hours away. Apple has fixed that now, but there are plenty of other times where it has directed me to similarly-named pizza joints and dry cleaners in the southern United States instead of mere blocks away. Why is Siri so eager to prioritize proximity for a query that is about time difference by distance, yet Maps search reliably thinks I want to travel many hours to get furniture or dinner?

Most egregious to me was that time, earlier this year, when Siri suggested an inconceivable day-long road trip instead of a route to my office. It got every possible aspect wrong of something I do with scheduled regularity. Given its age, inconsistency, slow response times, and unreliability, there is little doubt in my mind that Siri is one of modern Apple’s greatest software failures. I do not understand how, after a decade of development, it still struggles with fundamental expectations.

Contact Tracing App Used by North and South Dakota Shares Location Data With Foursquare and Google

Steven Melendez, Fast Company:

The app, called Care19, and produced by a company called ProudCrowd that also makes a location-based social networking app for North Dakota State sports fans, generates a random ID number for each person who uses it. […]

According to the app’s privacy policy, “location data is private to you and is stored securely on ProudCrowd, LLC servers” and won’t be shared with third parties “unless you consent or ProudCrowd is compelled under federal regulations.”

But according to the Jumbo report, the app sends the random ID number, along with a phone ID used for advertising purposes and apparent latitudes and longitudes of places visited by the user, to Foursquare, a leading location-data provider. The app also sends the random ID to servers run by Bugfender, a Barcelona-based service used by app makers to track and diagnose software malfunctions, according to Jumbo, which monitored internet traffic generated by the app. It’s accompanied by the phone’s name, which often includes the device owner’s first name, according to the report. The phone’s advertising ID is also sent to Google servers that appear to be affiliated with Google’s Firebase service, Jumbo found.

Hard to imagine why Apple and Google designed an API specifically for contact tracing with stricter privacy provisions instead of simply allowing indiscriminate location data collection like that recent Washington Post story suggested they ought to do.

Twitter Is Testing Settings That Allow Users to Limit Who Can Reply to Individual Tweets

Alison DeNisco Rayome and Queenie Wong, CNet:

Twitter is testing new settings that let you choose who can reply to your tweet and join in on your conversation, the company said in a Wednesday blog post. Before you send a tweet, you’ll be able to choose who can reply from three options: everyone on Twitter (which will be the default setting), only people you follow, or only people you mention. 

If you choose one of the latter two options, your tweets will be labeled and the reply icon will be grayed out, so people will see that they can’t reply. However, those that can’t reply will still be able to view, retweet, retweet with comment or like your tweets. 

Only a limited group of people on Twitter’s iOS and Android apps as well as its website can currently send tweets that limit replies, but everyone can still see those conversations. It’s unclear if or when the feature would roll out more generally.

This seems like yet another Twitter feature that will sharply bifurcate discussion on the site rather than assisting it. Those making bad faith arguments can avoid being fact-checked. Those who are more honest can eliminate trolls in direct replies, but their post can still be quote-tweeted by bad actors.

Sure seems like it will appeal to public figures and companies that want to treat Twitter as a pure broadcast platform, though.

How to Decode a Data Breach Notice

Zack Whittaker, TechCrunch:

Data breach notifications are meant to tell you what happened, when and what impact it may have on you. You’ve probably already seen a few this year. That’s because most U.S. states have laws that compel companies to publicly disclose security incidents, like a data breach, as soon as possible. Europe’s rules are stricter, and fines can be a common occurrence if breaches aren’t disclosed.

But data breach notifications have become an all-too-regular exercise in crisis communications. These notices increasingly try to deflect blame, obfuscate important details and omit important facts. After all, it’s in a company’s best interest to keep the stock markets happy, investors satisfied and regulators off their backs. Why would it want to say anything to the contrary?

The next time you get a data breach notification, read between the lines. By knowing the common bullshit lines to avoid, you can understand the questions you need to ask.

A good guide to the language used in these announcements. Data breach notifications are, after all, just a form of press release, and should be viewed through the same skeptical lens.

National Advertising Review Board Recommends AT&T Discontinue Fake 5G Branding

Jeremy Horwitz, VentureBeat:

[…] Based on challenges brought by T-Mobile, the NARB said that AT&T should discontinue references to both “5G Evolution” and “5G Evolution, The First Step to 5G,” which a panel determined would “mislead reasonable consumers into believing that AT&T is offering a 5G network” when it was undisputed that AT&T’s 5GE was “not a 5G network.”

[…]

While AT&T said that it “respectfully disagrees” with the NARB’s decision, it will apparently comply with the decision, though it’s unclear at this point whether it will discontinue both the 5G Evolution advertisements and on-device branding, or just the ads. In addition to its 4G network, the carrier currently advertises “5GE,” “5G,” and “5G+” services that continue to be confusing and in some cases elusive to consumers, as there are still no maps for AT&T’s millimeter wave-based 5G+ in cities or states a year and a half after the service supposedly launched.

In addition to being half-baked pixie dust, 5G is also confused by AT&T’s deliberately misleading branding.

Update: AT&T confirms that it will not change the “5G E” symbol on phones. Though the NARB has a very official sounding name, it is merely a wing of the private Better Business Bureau organization, and has no regulatory power. The term “5G” has an unambiguous definition, but AT&T’s misuse of it to falsely advertise its 4G network withstood a Sprint lawsuit and has not been meaningfully objected to by any regulatory body.

New York Times to Stop Using Third-Party User Data for Advertising by 2021

Sara Fischer, Axios:

The New York Times will no longer use 3rd-party data to target ads come 2021, executives tell Axios, and it is building out a proprietary first-party data platform.

[…]

Beginning in July, The Times will begin to offer clients 45 new proprietary first-party audience segments to target ads.

Those segments are broken up into 6 categories: age (age ranges, generation), income (HHI, investable assets, etc.), business (level, industry, retirement, etc.), demo (gender, education, marital status, etc.) and interest (fashion, etc.)

By the second half of the year, The Times plans to introduce at least 30 more interest segments.

I don’t fully understand why Times executives anonymously break news like this, and a similar story last year, through Axios rather than through their own newspaper or a corporate press release.

Zack Kanter:

Wow. Adtech giant NYT ($800m ARR, $6B valuation) to begin selling user data directly to advertisers. Scary, anticompetitive trend led by corporate journalism – local news outlets just can’t compete with closed tech platforms like this.

Amee Vanderpool:

The New York Times will no longer use 3rd-party data to target ads come 2021 and it is building out a proprietary first-party data platform that will force them to rely on data that they collect directly from their users. YOUR DATA.

Antonio García Martínez:

Due to GDPR penalizing third-party data, and due to the advantages granted thereby to large first-party repositories of data, the NYT is *precisely* emulating FB and becoming a data collector (but with worse privacy probably).

These simplistic interpretations of privacy arguments are, at best, unhelpful, and are obnoxious in their laziness at worst.

The personalized advertising model of the last decade or so is toxic to the web. It incentivizes surveillance of users to create highly granular categories of behaviour and interests because there is the assumption that more data points lead to better targeting which, I guess, is supposed to mean a greater likelihood of conversion into ad clicks. In return, users are supposed to be comfortable with their every click and scroll being tracked from website to website — all for only about 4% greater ad revenue than non-tracking ads with relevant context.

In short: selling ads based on where they will be shown is just about as effective as selling ads based on who they will be shown to. That is how print advertising has been sold for ages. Recall, for example, the subscription cards that come with magazines: in addition to the bare minimum contact and billing details required to deliver each issue, there is often a demographic survey asking about age, household income, and so on. None of these fields are required, but many people fill them in anyway. The publisher uses this information to set rates and give advertisers a broad idea of the magazine’s readership.

Today’s Times announcement is almost a hybrid of those two worlds. It uses the proprietary data of the paper’s readership to build profiles without the use of third parties, and none of that data leaves the Times’ properties. I do not understand what Kanter is referring to when he describes this arrangement as “selling user data directly to advertisers” — either that is an accidentally wild misreading, or a deceptive statement.

This is a far more honest way of targeting advertising. It isn’t at all like the hundreds of ad tech companies that receive much of a typical user’s browsing history without their knowledge. If you visit the Times’ website, it will collect some information about you; if you don’t want it to, you don’t have to visit the Times’ website. It won’t be collecting behavioural data about you if you don’t.

I would vastly prefer to revert to a pre-personalized ad world, but I still see this move as a step in the right direction. It may still collect data for targeting, but at least it does not involve the near-universal surveillance of companies like Facebook and Google. Reducing their ability to conduct broad and intrusive behavioural data collection is an important step towards a more private web.

Spotify Pays Good Money to Stop Seeing Joe Rogan’s Face Everywhere

For several years now, visiting the YouTube homepage or opening the directory in just about any podcast client was an exercise in Spot Joe Rogan’s Face. His podcast is wildly popular for reasons that escape me; all fourteen hundred episodes are on YouTube, too, where they rack up millions of views.

Anyway, Spotify must have gotten as tired of seeing Rogan’s face on every platform because it has bought exclusive rights to his podcast. Ashley Carman, the Verge:

The show will become available on Spotify globally starting on September 1st, and it’ll become an exclusive sometime after that point. Listeners won’t have to pay to access the episodes, but they will have to become Spotify users. Spotify said in a press release that Rogan retains creative control over his show. It didn’t disclose how much it spent on the deal. The company will also work with an ad agency to jointly sell ads against the program. Rogan said last year his show reached about 190 million downloads a month.

[…]

This is a massive get for Spotify, which has made podcasting a core focus. It acquired Gimlet Media, Anchor, and Parcast last year, to start, and then signed more Spotify-exclusive deals. It’s working with the Obamas’ production company exclusively and committed to deals with other big names, like Joe Budden and Amy Schumer, and acquired The Ringer.

Exclusivity plays by podcast platforms — Apple reportedly included — are a predictable but concerning development. I don’t think it is necessary for podcasts to be free, but it is important that they do not become part of a siloed system. As much as websites should be browser agnostic and purchased music should be able to be played anywhere,1 podcasts should also work with any client.


  1. Purchased movies and TV shows should work the same way, but executives in charge of those industries would rather spend millions of dollars annually on lobbying for increasingly outrageous copyright laws↩︎

MusicSmart Puts the Spotlight on Music Credits

Federico Viticci:

Here’s the amazing part — the “aha” moment that brought back the same feelings I had as a kid when reading through liner notes: in the Tracks section, you can tap any of the listed songs to view detailed credits for the selected song. These go beyond the standard “written by” credits you see in Apple Music: MusicSmart lists engineers (including mixing, mastering, and assistant engineers), producers, and even the name of the label and studio where the song was mastered. But there’s more: MusicSmart can show you the names of all the artists credited for the creation of a song even if they’re not core members of a band, including backing vocalists, percussionists, keyboard players, saxophonists – you name it. If a music video has been released for the selected track, the video director’s name will be listed by MusicSmart too.

This amount of detail is incredible in its own right, and, personally speaking, it makes me happy to see that someone else still cares about credits and wanted to write an app for them. The ability to learn the names of people who played an important role in the making of my favorite songs has already led to fascinating discoveries I wouldn’t have made with Apple Music alone. […]

I’ve been aching for something like this for years. Just two bucks in the United States — or whatever the equivalent is where you live.

Apple’s Statement Regarding the FBI’s Successful Unlocking of the Pensacola Shooter’s iPhone

From Apple’s statement, as posted by Chris Welch of the Verge:

On this and many thousands of other cases, we continue to work around-the-clock with the FBI and other investigators who keep Americans safe and bring criminals to justice. As a proud American company, we consider supporting law enforcement’s important work our responsibility. The false claims made about our company are an excuse to weaken encryption and other security measures that protect millions of users and our national security.

This rebuke appears to be targeted at the many criticisms of Apple’s conduct made today by Attorney General William Barr and FBI Director Christopher Wray:

Both officials say that encryption on the gunman’s devices severely hampered the investigation. “Thanks to the great work of the FBI — and no thanks to Apple — we were able to unlock Alshamrani’s phones,” said Barr, who lamented the months and “large sums of tax-payer dollars” it took to get into devices of Mohammed Saeed Alshamrani, who killed three US sailors and injured eight other people on December 6th.

Apple says that it provided everything it had related to Alshamrani’s iPhones, including iCloud backups.

Thomas Brewster, Forbes:

[Barr] even laid into Apple for working with China and Russia to relocate data centers to help those countries carry out surveillance. “If tech companies are willing to oblige the demands of authoritarian regimes they have no excuse to cooperate with rule of law nations with… privacy rights.”

Apple’s compliance with the demands of Russia and China has been disheartening and it has robbed the company of some of its credibility on privacy. But it is a mystery to me why Barr would see obsequious behaviour to these countries as something to be admired and emulated. If it is reasonable to criticize Apple for complying in authoritarian states, then surely what is so upsetting is that it amounts to a loss of personal privacy and security for users in those countries.