Month: October 2021

A Decade Later, Steve Jobs Is Still Paving Apple’s Path to Success macworld.com

Steve Jobs died ten years ago yesterday. Jason Snell wrote a particularly nice piece for Macworld acknowledging the anniversary:

The fact that so much of Apple’s growth has happened since Jobs’s departure hasn’t reduced him at all. It would be relatively easy to argue that the success of Tim Cook’s Apple suggests that, despite everyone’s concern in the late days of 2011, the company actually could go on without Jobs at the helm. But that’s not what anyone thinks. Instead, Jobs is credited for putting Apple on the path that led to it becoming what it is today.

The acquisition of NeXT — a technology company with subdued success — by Apple Computer Inc. in 1997, a once-influential company that was weeks away from bankruptcy, is one of the greatest business success stories of all time. On paper, it is the merger of a niche company and a has-been; in practice, it changed the world — mostly because of Jobs.

I think Marco Arment put it well:

He wasn’t taken from us after a long, complete life — he was taken in his prime.

He had so much more to offer the world.

True. Yet his impact is so great that Jobs still offers the world more, long after his death.

A Dependency on Facebook in Developing Nations is the Company’s Strategy restofworld.org

Vittoria Elliott, Rest of World:

Facebook’s products are more than just a social network for hundreds of millions of people globally. Beyond being communication tools, the company’s platforms are e-commerce resources, storefronts, and health and emergency aids. In some regions, Facebook is the internet. Seven users from around the world described the impact of the seven-hour shortage to Rest of World, and a user from Nigeria said, “It’s painful.”

Facebook’s reach and dominance in much of the world is largely by design. As part of its strategy for exponential growth, the company has made internet access in the Global South — through the use of Facebook products — a priority.

It is easy to criticize a dependence on Facebook’s products from the perspective of someone who sees them as lightweight social apps, interchangeable with many others. But many of these regions engrained WhatsApp into their commerce systems before it was acquired by Facebook, and found the company digging deeper as it scored preferential treatment by local providers for its Basics product.

When WhatsApp Was Down, It Halted the Worlds of Many washingtonpost.com

Amy Cheng, Washington Post:

WhatsApp has emerged as a popular alternative to text messages, especially in developing nations where telecommunications services can be prohibitively expensive. But it is more than just a messaging platform: In Lebanon, for instance, coronavirus tests can be ordered — and results received — via WhatsApp. A Philippine diplomatic mission in the United Arab Emirates operates a WhatsApp hotline to communicate with its citizens in that country. And users in Brazil can use an in-app business directory to search for thousands of food and retail providers.

I am not sure the people snarking yesterday about Facebook’s outage fully recognize how deeply integrated WhatsApp is in the day-to-day commerce of so many countries. We can argue about the wisdom of dependency on single points of failure, but the lack of any warranty or guarantee on the infrastructure we use every day seems similarly flawed.

Facebook Releases More Details About the Cause of Yesterday’s Six-Hour Outage engineering.fb.com

Santosh Janardhan, VP of engineering and infrastructure at Facebook:

This was the source of yesterday’s outage. During one of these routine maintenance jobs, a command was issued with the intention to assess the availability of global backbone capacity, which unintentionally took down all the connections in our backbone network, effectively disconnecting Facebook data centers globally. Our systems are designed to audit commands like these to prevent mistakes like this, but a bug in that audit tool didn’t properly stop the command.

This change caused a complete disconnection of our server connections between our data centers and the internet. And that total loss of connection caused a second issue that made things worse.

These sorts of posts always go through legal and public relations teams, so it is hard to know how complete an accounting of yesterday’s outage it is. But what is written here is pretty embarrassing for Facebook — not the outage itself, but that a routine maintenance misconfiguration took out a single point of failure that rendered the entire company’s infrastructure inaccessible. Whether this actually makes sense as presented is something best judged by networking professionals operating at Facebook’s scale.

That said, I think it is commendable that Facebook issued an explanation for its outage under a VP’s name. It could have had its communications team issue a typically pissy statement attributed only to the company. When Google services were down in December, it was similarly transparent. I wish this could be the standard rather than the exception. It builds confidence.

For comparison, as I write this, Apple’s System Status page shows a resolved outage in Apple Pay and Wallet. For over seven hours yesterday, “users were not able to add, suspend, or remove existing cards to Apple Pay”, and this issue has simply been marked as “Resolved” but there are no more details. This explanation-free status update has been the standard for every iCloud-related outage, including serious incidents. It does not build confidence.

Siri’s Ten-Year Anniversary Is a Reminder of Apple’s Wasted Head Start theverge.com

James Vincent, the Verge:

A decade later, the sheen has worn off Siri’s star. “It is such a letdown,” was how Schiller described the promise of voice interfaces past, and such a description could easily be applied to Apple’s contribution to the genre. Everyone who uses Siri has their own tales of frustration — times when they’ve been surprised not by the intelligence but the stupidity of Apple’s assistant, when it fails to carry out a simple command or mishears a clear instruction. And while voice interfaces have indeed become widespread, Apple, despite being first to market, no longer leads. Its “humble personal assistant” remains humble indeed: inferior to Google Assistant on mobile and outmaneuvered by Amazon’s Alexa in the home.

Looking back on a decade of development for Apple’s personal assistant, there’s one question that seems worth asking: hey Siri, what happened?

Siri in iOS 15 is not without its improvements, but it is still frustratingly limited. It refuses to maintain context, it took until iOS 14.5 — released this April — to fix that thing where you tell Siri to remind you of something “at three” and it sets a reminder for 3:00 in the morning, and it has regressed in some areas.

Vincent:

When Schiller introduced Siri in 2011, he stressed time and time again that Siri would understand users — that it knows what they are saying, just like a real person. This set the bar too high for Siri’s functionality. If you treat voice interfaces as if they have the same level of fluency and knowledge as a human being, you will always be disappointed. We speak, and they stumble. We guess what they’re capable of, and they disappoint. Usually because they don’t support the app or command we thought they would. Each failed interaction then teaches users: don’t trust this feature. By comparison, screens and displays tell us clearly what we can and cannot do. They offer menus, directions, and buttons. A voice offers only itself and our projections of intelligence. For Siri, users have been guided by Apple’s flair for the theatrical. They expect too much, and Apple delivers too little.

That is where I am at. Every Siri command — beyond adding Reminders and setting timers — feels like a tightrope walk I should attempt rarely. Sometimes, I am rewarded, like when I told Siri to add something to an existing note titled “Sept 26” and it completed the task successfully. But those moments of delight are often paired with feelings of failure and punishment, like when I told Siri to add something to an existing note titled “Oct 3” and it responded that no such note existed or, on a second attempt, that it could not do that. Why should I try repeatedly if it feels like a waste-of-time crapshoot?

Apple has improved Siri immensely by tying it to Shortcuts. You can build entirely custom Siri commands that are tailored just for your usage; I have created a few for myself. But being able to build your own is no match for a mythical version of Siri that built upon the momentum of the one revealed on this day a decade ago.

A few years ago, I tried a bunch of the commands shown in the original Siri demo video from before Apple acquired the company. It did poorly. I ran through the same commands just now, and saw broadly similar results as I did then:

  • “I’d like a romantic place for Italian food near my office” now seems to be parsed more-or-less correctly. Siri shows five restaurant suggestions that match the search, and it seems to consistently prioritize ones near my work’s address. When I change the command to “… near my home”, the sort order changes. Good.

  • “I’d like a table for two at Il Fornaio in San Jose tomorrow night at 7:30”, when converted for a restaurant in Calgary that I know uses OpenTable, now simply shows a Maps result with a checkmark indicating that reservations are accepted. Tapping on it brings me to the Maps entry, and if I tap the “Reserve” button, I see an OpenTable card with a preselected date of tomorrow, and a table for two people. The 7:30 time was not selected, but I thought Siri had this one licked.

    That is, until I tried changing the request to a table for four on Friday night. Going through the same flow still showed an OpenTable card for a table for two tomorrow night. I was also unable to complete this task using only my voice and a “hey, Siri” command.

  • “Where can I see Avatar in 3D IMAX?”, swapping “Avatar” for a currently-playing film, just showed me web results. Similar queries for theatre showtimes near me also just displayed a web search.

  • “What’s happening this weekend around here?” thankfully no longer displays news headlines, but it also returned a web search. Three suggestions were displayed: the first two websites were generic event aggregator pages not specific to Calgary, and the third result was for event listings in Ottawa, on the other side of the country. The location indicator in my iPhone’s status bar was solid, so I assume Siri was aware of my physical location, yet chose to ignore it.

  • “Take me drunk I’m home” still suggests calling a taxi.

Siri’s development cycle seems defined by a geological time scale. I know I just recently complained about bugginess in Apple’s current software releases that seems to be driven by a relentless and speedy release cycle but, from the outside, Siri languishes for exactly the opposite reason.

Users Can Now Report Scams and Frauds in the App Store theverge.com

Earlier this year, I was among many people who reacted to Kosta Eleftheriou’s documentation of App Store scams. Remember X-Gate VPN? Well, in linking to that, I documented the nonexistent mechanisms for reporting fraudulent or scam apps. Well, Apple has finally remedied that problem.

Sean Hollister, the Verge:

As Richard Mazkewich and scam hunter Kosta Eleftheriou point out on Twitter, the [Report a Problem] button has not only returned to individual app listings for the first time in years, it now includes a dedicated “Report a scam or fraud” option in the drop-down menu.

Truly, the scantest sign of effort, but a good step forward.

Frances Haugen Reveals Herself as the Facebook Whistleblower cbsnews.com

In a remarkable and, I think, poetic coincidence, Facebook spent hours today being completely unreachable, just one day after the whistleblower exposing new information about the company’s wrongdoing went public and one day before she is set to testify before Congress. I really do think it was coincidental, for what it is worth. Facebook’s problems also brought Instagram and WhatsApp down, and all of these are critical infrastructure in different parts of the world by default. We should probably reconsider having mostly private and mostly American companies running the world’s internet, but that is a matter for another time.

At any rate, Facebook is back, so let’s talk about it.

Scott Pelley, correspondant for CBC News’ 60 Minutes:

Her name is Frances Haugen. That is a fact that Facebook has been anxious to know since last month when an anonymous former employee filed complaints with federal law enforcement. The complaints say Facebook’s own research shows that it amplifies hate, misinformation and political unrest—but the company hides what it knows. One complaint alleges that Facebook’s Instagram harms teenage girls. What makes Haugen’s complaints unprecedented is the trove of private Facebook research she took when she quit in May. The documents appeared first, last month, in the Wall Street Journal. But tonight, Frances Haugen is revealing her identity to explain why she became the Facebook whistleblower.

Frances Haugen: The thing I saw at Facebook over and over again was there were conflicts of interest between what was good for the public and what was good for Facebook. And Facebook, over and over again, chose to optimize for its own interests, like making more money.

“The Social Dilemma” may have been oversimplified, but these documents and interviews with Haugen indicate its broad strokes are closer to the truth than not. Facebook has historically optimized for engagement metrics and, as also reported by Karen Hao for MIT Technology Review earlier this year, changes that reduce engagement are kneecapped internally. During the 2020 U.S. election, Facebook adjusted its News Feed algorithm to preference links to reputable news sources over bullshit, but it rolled back that change shortly afterward. Kevin Roose of the New York Times, who first reported the rollback, noted that this reversal was likely because prioritizing newsworthiness either hurt partisan publishers, or because it reduced key usage figures.

The documents sourced by Haugen seem to reinforce this narrative. One interpretation is that engagement is so deeply-engrained into Facebook’s culture that it robs the company of its social responsibility. I think this is very possible — likely, even.

But Hanlon’s Razor instructs us not to assume malicious intent when ignorance or incompetence explains the same — or, perhaps, fear. That is more-or-less what Times reporter Kevin Roose argues these documents illustrate:

It has become fashionable among Facebook critics to emphasize the company’s size and dominance while bashing its missteps. In a Senate hearing on Thursday, lawmakers grilled Antigone Davis, Facebook’s global head of safety, with questions about the company’s addictive product design and the influence it has over its billions of users. Many of the questions to Ms. Davis were hostile, but as with most Big Tech hearings, there was an odd sort of deference in the air, as if the lawmakers were asking: Hey, Godzilla, would you please stop stomping on Tokyo?

But if these leaked documents proved anything, it is how un-Godzilla-like Facebook feels. Internally, the company worries that it is losing power and influence, not gaining it, and its own research shows that many of its products aren’t thriving organically. Instead, it is going to increasingly extreme lengths to improve its toxic image, and to stop users from abandoning its apps in favor of more compelling alternatives.

The thing is that Facebook, the company, may be “for old people”, as a kid responded in internal research. But older people are still people, and much of the world’s communications still depend on the stability of Facebook as a company. I do not think it is as fragile as Roose believes, but it is awfully defensive and sensitive for being one of the most valuable companies ever to exist.

Safari Bookmarks, History, and iCloud Tabs Are All End-to-End Encrypted macrumors.com

SoleSolace on Reddit, via Sami Fathi of MacRumors:

Safari Bookmarks are now listed as end-to-end encrypted on Apple’s iCloud security overview. Previously, only Safari History and iCloud Tabs were. The update was between September 19 and September 25 (presumably with the iOS 15 release).

Via Michael Tsai:

It’s not clear to me when the history became end-to-end encrypted. I’ve heard that this was mentioned at WWDC 2019 for iOS 13 and macOS Catalina. Apple’s iCloud Security Overview also now says iOS 13, but it wasn’t updated to say that until March 2020, long after iOS 13 shipped.

I missed that history and tabs became end-to-end encrypted last year — Apple is not great at communicating these things — but it is long past time all of these things were given the highest privacy protections. Apple treats iCloud syncing of Safari data as an all-or-nothing affair, which has long meant that Apple held unencrypted copies of the complete browsing history of everyone who enabled Safari syncing features, private windows aside. There is no evidence, best I can tell, of any nefarious use or intent, but it is the principle that matters. Safari does a lot to protect users against inherently creepy trackers; it should also, itself, be as secure and private as possible.

And it should have better-designed tabs.

In SEC Filing, Telecom Router Syniverse Reveals Its Security Was Breached for Five Years vice.com

Lorenzo Franceschi-Bicchierai, Vice:

Syniverse repeatedly declined to answer specific questions from Motherboard about the scale of the breach and what specific data was affected, but according to a person who works at a telephone carrier, whoever hacked Syniverse could have had access to metadata such as length and cost, caller and receiver’s numbers, the location of the parties in the call, as well as the content of SMS text messages.

[…]

“Syniverse has access to the communication of hundreds of millions, if not billions, of people around the world. A five-year breach of one of Syniverse’s main systems is a global privacy disaster,” Karsten Nohl, a security researcher who has studied global cellphone networks for a decade, told Motherboard in an email. “Syniverse systems have direct access to phone call records and text messaging, and indirect access to a large range of Internet accounts protected with SMS 2-factor authentication. Hacking Syniverse will ease access to Google, Microsoft, Facebook, Twitter, Amazon and all kinds of other accounts, all at once.”

A failure of security with potentially staggering consequences for years to come. Syniverse did not disclose any of this publicly, and was apparently closed in May 2021. It was only revealed in an SEC filing last week as the company prepares to go public. This breach occurred under its current ownership by the Carlyle Group, a private equity firm.

Great reporting from Franceschi-Bicchierai, and a cowardly response from Syniverse.

Update: I recommend reading Matt Stoller’s piece, which you may remember from earlier this year, about how private equity’s financialization of industries squeezes their contingency planning in favour of easier profits.

There Is a Multibillion-Dollar Market for Your Phone’s Location Data themarkup.org

Jon Keegan and Alfred Ng, the Markup:

In an effort to shed light on this little-monitored industry, The Markup has identified 47 companies that harvest, sell, or trade in mobile phone location data. While hardly comprehensive, the list begins to paint a picture of the interconnected players that do everything from providing code to app developers to monetize user data to offering analytics from “1.9 billion devices” and access to datasets on hundreds of millions of people. Six companies claimed more than a billion devices in their data, and at least four claimed their data was the “most accurate” in the industry.

[…]

Companies like Adsquare and Cuebiq told The Markup that they don’t publicly disclose what apps they get location data from to keep a competitive advantage but maintained that their process of obtaining location data was transparent and with clear consent from app users. 

“It is all extremely transparent,” said Bill Daddi, a spokesperson for Cuebiq.

Aside from Amazon, Foursquare, and Oracle, have you heard of any of the forty-seven companies identified by the Markup? Some of them likely have your phone’s location if you use third-party apps, and there are effectively no restrictions on how they collect it or who they share it with. This is what the ad tech industry calls “transparent”.