Written by Nick Heer.

Archive for January, 2022

The New York Times Buys Wordle

Josh Wardle, in a tweeted screenshot:

It has been incredible to watch a game bring so much joy to so many, and I feel so grateful for the personal stories some of you have shared with me — from Wordle uniting distant family members, to provoking friendly rivalries, to supporting medical recoveries.

On the flip side, I’d be lying if I said this hasn’t been a little overwhelming. After all, I am just one person, and it is important to me that, as Wordle grows, it continues to provide a great experience to everyone.

The New York Times Company:

As The Times looks to entertain more solvers with puzzles every day — especially during these anxious times — we’re thrilled to announce that we’ve acquired Wordle, the stimulating and wildly popular daily word game that has become a cultural phenomenon. Wordle, which gives players six tries to guess a five-letter mystery word, will join New York Times Games’s portfolio of original, engaging puzzle games that delight and challenge solvers every day.

Congratulations are owed to Wardle for building a delightful game that respects its players, and being able to sell it when it felt right. The games section of the Times app is a natural home for Wordle. I just hope the company knows how to maintain it without destroying the simple joy that makes it great.

Davey Alba:

Hot take I wish NYT would be as generous to its employees on raises as it’s been in offering various companies $$$$$ to acquire em.

The Times dragged its feet on a deal with Wirecutter employees, and is apparently playing dirty to dissuade technology workers from unionizing.

Substack, Spotify, Speech

On Wednesday, I linked to an analysis, from the Institute for Strategic Dialogue, of Substack’s hosting of fringe and extremist publications. I had been sitting on that story for a week or so as I was trying to gather some thoughts. Conveniently, similar research from the Center for Countering Digital Hate was being shown to publications like the Washington Post around the same time — stories which Substack tried to preempt:

This point rings true to us. That’s why, as we face growing pressure to censor content published on Substack that to some seems dubious or objectionable, our answer remains the same: we make decisions based on principles not PR, we will defend free expression, and we will stick to our hands-off approach to content moderation. While we have content guidelines that allow us to protect the platform at the extremes, we will always view censorship as a last resort, because we believe open discourse is better for writers and better for society.

This position has some uncomfortable consequences. It means we allow writers to publish what they want and readers to decide for themselves what to read, even when that content is wrong or offensive, and even when it means putting up with the presence of writers with whom we strongly disagree. But we believe this approach is a necessary precondition for building trust in the information ecosystem as a whole. The more that powerful institutions attempt to control what can and cannot be said in public, the more people there will be who are ready to create alternative narratives about what’s “true,” spurred by a belief that there’s a conspiracy to suppress important information. When you look at the data, it is clear that these effects are already in full force in society.

Every time I read a paragraph like the latter from a platform justifying its light touch approach to moderation, I understand it as a way to grow first and solve harder problems later. Facebook and Twitter and YouTube have gone through this exact same learning curve; those “free speech” Twitter clones are just as favourable to moderation as any of the giants. The differences lay mostly in what is permissible on each platform: users on Twitter are prohibited from spreading most popular conspiracy theories about COVID-19, but there is no similar prohibition for Substack publishers.

Lulu Cheng Meservey, Substack’s vice president of communications, defended this position in a Twitter thread, part of which read:

If everyone who has ever been wrong about this pandemic were silenced, there would be no one left talking about it at all.

I think this is where I started thinking I had to write about this, because this position entirely misrepresents how writers like Alex Berenson and Joseph Mercola use their platform. Nobody reads Mercola to get a more well-rounded explanation of the side effects of vaccines. They read his stuff because they want to feel justified in refusing to get vaccinated by soaking up his entirely fictional claims. These writers are not trying to be right and failing; they are trying to counter all available facts and succeeding — and Substack is happy to help them out.

But Substack is also the platform that hosts great newsletters like Katelyn Jetelina’s Your Local Epidemiologist. Does that mean the two writers look at similar data and make different but equally valid conclusions?

Of course not.

Jetelina carefully explains the latest figures, research, and science involved in this pandemic. Berenson distorts and misreads statistics to discourage vaccination because that is what he has built his base around. Berenson and those like him are not miseducated; no proof of vaccine efficacy or safety will ever be enough. Readers who have no intention of getting vaccinated and want to feel reassured in their stubbornness are a huge market, so many pay Berenson for giving them what they crave — and Substack takes its cut.

You can see this eagerness for community reinforcement in the comments for both newsletters. Jetelina’s evidence-based articles have, like Berenson’s daily dose of misinformation, “tens of thousands” of subscribers. But even on her most popular post — a November entry explaining the then-unnamed Omicron variant — has just 52 comments, many of which are precise questions about sequencing and testing. Meanwhile, any random Berenson post has thousands of comments, many of which delve into doomsday cult conspiracy theories and pandemic denial. This is the audience each has cultivated.1

At any time, Substack could implement editorial policies that could help curtail the inventive but baseless theories espoused by some of its more prominent writers. It could require that medical information — that is, information about medicine itself or medical practices — is written or edited by professionals in the field chosen by Substack for this purpose. This process would certainly slow down publishing, but it would reduce the spread of inaccurate information on Substack and improve the platform’s overall quality. This is not censorship. Anyone who believes in building opinions from facts should welcome a better quality of information. Advice about human health deserves a greater degree of scrutiny from its publishers.

Substack is also home to a newsletter from Patrick Casey, an unabashed white supremacist who only publishes half of each article on the platform and directs users to a Patreon-like paywall to read the rest.

I do not see a particularly good moral case for Substack’s continued distribution of this nonsense, but I do see a good business case. I am not arguing Substack is primarily motivated by its cut of subscribers’ payments. But I do think it wants to be the biggest tent, its brand synonymous with the concept of paid email newsletters. An independent bookstore carry a diverse range of opinions without stocking a single copy of one of Mercola’s books; many of my local bookstores do just that. But that strategy works less well if you want to be Amazon.

Concurrent with COVID concerns at Substack are similar worries about Spotify, and political censorship in U.S. schools. The first is about the real-life Jonny Edgelord that is Joe Rogan. In May 2020, months into this pandemic, Spotify decided to give him one hundred million dollars for exclusive distribution rights to his wildly popular show. Rogan interviews a lot of different kinds of people, and some of those discussions are enjoyable. But he also likes to chat with the small number of loud doctors who contradict widely-accepted advice. In a ten minute video, Rogan leaned heavily on their credentials to rationalize why he invited them on the show, and how he is “interested in finding out what is correct”. But one does not invite onto their massive platform — of tens of millions of listeners per episode — someone like Peter McCullough, who claims that COVID-19 was a “planned” pandemic and reliably misuses VAERS data. That is not broadening listeners’ understanding of this pandemic or vaccines, it is undermining it with fictions. Spotify, meanwhile, was not content with merely indexing Rogan’s editorial judgement — it wanted to own his show.

Elizabeth Spiers:

I’ll stipulate first that because Spotify is paying Rogan to air his show on their platform exclusively, they are acting as a publisher. This isn’t the case for everything they distribute. If they’re simply allowing a podcast to utilize the platform for distribution, they’re more akin to a social platform. But in Rogan’s case specifically, they can’t argue that they’re not invested in the specific content he’s producing, because they literally are.

Ryan Broderick:

This isn’t content moderation. It isn’t censorship. It’s an editorial choice. [Spotify] paid $100 million to be Joe Rogan’s publisher and this is what that entails.

Neither Spiers nor Broderick are making a legal argument, but they are making a sound ethical one. Spotify owns this podcast and the resulting consequences.

Neither of these questions are meaningfully comparable to the book bans sweeping school boards across the U.S., even though some are drawing a connection. For one, deciding to make the editorial boundaries of specific platforms more fact-based is more-or-less the opposite of making it harder for children to learn about historical events.

Another difference is that those books are being banned or withdrawn from the curriculum not because they are wrong, but because they are politically inconvenient. The primary messages spread by Mercola on Substack and the disgraced doctors Rogan brings onto his show are not facts that have failed to gain appropriate attention, but misleading and inaccurate claims.

Timothy Caulfield, in an editorial for the Globe and Mail:

The conspiracy theorists aren’t constructively questioning the science – which is what good scientists do daily – they are denying the science. To put an even finer point on it: those pushing misinformation about these topics are either wilfully ignoring the mountain of relevant evidence, or they are lying.

If Rogan were indeed the noble truth-seeker he claims to be, he would call out the red flags in his interview subjects. When Robert Malone was on the Experience in an episode recorded in December 2021, he claimed that “probably half a million excess deaths” occurred just in the U.S. because those with COVID-19 were not given a cocktail of hydroxychloroquine and ivermectin. That is well over half of the total deaths in the U.S. from COVID-19, but you have to do some sketchy math and overstate even the most optimistic efficacy estimates of those drugs — to a level not borne out by reputable studies — to arrive at that number. Surely, even without knowing those specifics, Rogan could press Malone to prove such an audacious claim, which Malone uses as a launching point for other conspiracy theories. Or he could have edited the show to either add a dispute, or to remove things later found not to be true.

But Rogan did neither of those things. He just let Malone ramble on making claim after claim. Malone recycled the claim debunked in April 2020 that hospitals get $30,000 in extra funding if they say someone has COVID-19. He Gish Galloped his way through the entire interview, with Rogan asking mostly perfunctory questions to try to clarify Malone’s position or data. This is one of the reasons why media outlets generally edit interviews before they are broadcast, and it is because people are not always correctly relaying facts, whether deliberately or accidentally.

It is real easy to get stuck in the details of stuff like this. A Rogan interview can run for hours and guests can make dozens of individual claims. If he were responsible, Rogan would not be publishing these interviews in their entirety. And if Spotify were being a studious broadcaster, they would catch these things too. But neither party wants to take responsibility for the outlandish and often easily-disproved claims guests make: Rogan says that he is just having conversations, and Spotify wants to pretend that this is similar to Facebook’s moderation problems.

Substack’s position is somewhat different, since it is a platform where anyone can publish. It does not have the editorial responsibility that ought to be carried by Spotify in the distribution of its own media. But Substack has been made aware of the cranks using its platform, and it has every right to act against them if it wants to.

We are never going to get rid of people who make a living by broadcasting things they know are not true to an eager audience. In the words of John DeVore, there are few things as satiating as “being told by someone with a microphone that you are right, that your angst is special, that they’re totally 100% out to get you”. But perhaps we should not indulge them through readymade platforms and lucrative contracts.

If the quacks were kicked off Substack tomorrow, they could always run their own paid newsletter system on their own website. The conscience of Substack’s executives could be clearer, and its platform could not be used for discovery. If Spotify disassociated itself from Rogan’s show, he could go back to running things on his own terms.

Better still, in all cases, would be for these platforms to exercise greater editorial discretion, particularly when it comes to health topics. Information about COVID-19 may be changing frequently and things may be contradictory, but it is long past time to be honest about who is trying to find overlooked or buried truths in research, and who is exploiting this pandemic for their personal gain.

Update, February 6: In a town hall meeting, Spotify CEO Daniel Ek sought to create a division between the company’s full control over its in-house podcast studios — like Gimlet and the Ringer — and Rogan’s podcast. I call bullshit. A company does not get to put $100 million behind a creator, demand exclusivity, and still have editorial distance.


  1. I cannot view the comments on Joseph Mercola’s almost entirely paywalled Substack, which I am also prohibited from linking to without his permission, according to the terms and conditions. Oops. ↩︎

Old Man Yells at Cloud

Hinted at earlier this week and made official today, MacOS 12.3 will be dropping support for the kernel extension used by cloud storage providers like Dropbox and Microsoft OneDrive. They will instead be required to use Apple’s File Provider extension, originally created for iOS’ Files app and integrated into MacOS since Catalina. It is a change that Apple has been hinting at for about a year.

The only third-party cloud storage provider I use is OneDrive, which I have to use for work, so I was hopeful this framework would help Microsoft improve the performance of its sync client without requiring too much adaptation on my part.

I was exactly wrong.

My desktop OneDrive client updated itself to the newest build this morning and the changes are manifold:

  • Instead of a folder in my Home directory, OneDrive now appears under the “Locations” section in Finder like a networked drive might, though it cannot be ejected.

  • The first run experience is extremely slow. It took about an hour to reconcile the local contents of my OneDrive with remote copies. It did not seem to be downloading or uploading files, only checking their validity and status, but it was not quick. Even several hours later, opening any folder for the first time takes many seconds to load.

  • Every application I use to work with files in my OneDrive now needs to be authorized to do so, which is wild. It only happens one time for each application, but it was utterly bizarre to see a permissions request after opening a Sketch document for the first time: of course I want Sketch to be able to work with files in OneDrive because that is exactly what I just asked it to do.

    When I was in elementary school, we had to raise our hands and ask to go to the bathroom. By the time I got to high school, we could just walk out of class and come back because everyone has to pee sometimes. I know it is just the first run experience for each application, but this is like being back in elementary school again.

  • Backblaze saw the new OneDrive directory as a “drive” and started to back it up. This may be helpful to some people, but I do not want to create a personal backup of my employer’s files. I excluded the OneDrive directory from Backblaze, but about an hour later, I saw the bztransmit process creeping up the list in Activity Monitor. Turns out it is necessary to also exclude ~/Library/Group Containers/UBF8T346G9.OneDriveStandaloneSuite, which I am documenting for future searchers.

These are changes that interrupt users’ workflow and move files around without explicit permission — and they are delivered in an automatic update. To its credit, Microsoft attempted to soften these issues by communicating what was different before widely rolling out the update, and it created a same-named symlink in the user’s Home folder so linked files should continue to work correctly.

It is also hard to blame this change on Microsoft. Sure, it could have made this change earlier, but there is no incremental process for each user. If Microsoft had released this update a year ago, I would have still had the same issues. It is also hard to fault Microsoft for making a potentially breaking change any earlier than required.

Similarly, I can imagine Apple has good reasons for requiring the use of its File Provider extension instead of legacy kernel extensions. Apple says that the latter “risk the integrity and reliability of the operating system” and “recommends users select solutions that don’t require extending the kernel”; presumably, it also recommends developers avoid distributing kernel extending software, too. It also appears to make fuller use of APFS features.

It is the combination of these changes, delivered through automatic software updates, that compelled me to write about this in more detail. Much of the software I use is now delivered through a service-based model, where I have no control over which version I am using. There are clear benefits, like reduced version incompatibility and guaranteed security fixes, but it comes at the cost of user control. Sometimes, that means my workflow will get interrupted by a change I did not explicitly request, and that will mean spending a great deal of time adjusting. If it were only in one or two applications — and only sometimes — this would bug me less, but it is the new standard, and I am increasingly frustrated by it.

The new version of OneDrive no longer has a global preference for retaining a local copy of all files. Deleting a file now makes it vanish entirely after confirming this action — the file is no longer moved into MacOS’ Trash, nor is it in the OneDrive Recycle Bin on the web. It is simply gone. I do not know if these are choices Microsoft made or if they are side effects of the File Provider transition, but they are regressions nevertheless, and appear to only affect the MacOS client. And, as a user, I have virtually no control over these changes. It is no longer limited to specific software or specific vendors — updates that are interruptive are now everywhere. It makes using the tools for my job a never-ending process of relearning with few rewards.

Also, as a slap in the face, the OneDrive for Mac client still sometimes idles at 90% CPU consumption, and records around 200% while syncing some files. Neither MacOS nor OneDrive is a beta version, yet everything I use seems to behave as though I am testing it. Nothing seems to carry a seal of quality or any kind of guarantee. I sure wish software vendors — particularly the biggest companies in the industry — would stand behind their software products like they do their hardware.

Universal Control in the Newest MacOS and iPadOS Betas

Juli Clover, MacRumors:

The iPadOS 15.4 and macOS Monterey 12.3 betas that Apple released today introduce support for Universal Control, the long-awaited feature that’s designed to allow multiple Macs and iPads to be controlled with a single mouse and keyboard.

There are Universal Control settings available on both the Mac and the iPad, and the feature is enabled by default after updating to the new betas. On the Mac, the settings can be found under Displays > Advanced, and on the iPad, the AirPlay & Handoff section under General has a new “Cursor and Keyboard (Beta)” option.

Notably, these settings come with a “beta” label within the developer seed of MacOS, which suggests to me that Universal Control will launch as a beta even when the software ships to consumers.

I hope that does not come as a downer. In all of the demos I have seen so far, it works like magic. You may have seen Federico Viticci’s preview on Twitter. A friend of mine in Slack posted a video of them dragging a photo from a Mac, through an iPad, to copy it onto a different Mac. And it apparently requires no setup, though you may wish to check the hardware requirements.

If Universal Control ships with this level of quality to end users, it is an absolute jewel in Apple’s cross-device functionality crown.

iOS 15.4, Now in Developer Beta, Has an Option to Use Face ID With a Mask

First spotted by Brandon Butch, iOS 15.4 will offer support for Face ID while wearing a mask. The text on the setup screen implies that it focuses more on the area around a user’s eyes to make a match. As Federico Viticci documented, it allows you to add pairs of glasses too, which makes sense for greater sensitivity around that specific area.

For what it is worth, I just set it up and it works perfectly. It may have been a long time coming for those of us who do not wear an Apple Watch, but I am glad to have this now.

The Curious Case of MacOS 12.3

Joe Rossignol, MacRumors:

Dropbox today announced that users who update to macOS 12.3 once that software version becomes available may temporarily encounter issues with opening online-only files in some third-party apps on their Mac.

[…]

Dropbox did not provide any further details, but Microsoft recently said macOS 12.2 will be the last version that supports its own cloud storage service OneDrive’s current online-only files implementation. Microsoft said OneDrive will be getting a new online-only files experience that is “more integrated with macOS” and “will have long-term support from Apple,” adding that the current version is built on several technologies that are “now deprecated.”

Stephen Hackett:

I don’t know why Apple would change this feature, but it’s not hard to look at this as a move against services that compete with its own iCloud Drive feature. Given the scrutiny the company already faces when it comes to anti-competitive behavior, I’d sure like to see a better reason for this change, especially if iCloud Drive retains features similar to what Dropbox and Microsoft offer.

I am curious to see what changes are coming in MacOS 12.3 that necessitates these kinds of advisories. It is also interesting to see Dropbox and Microsoft making similar but different announcements: the former says that applications may not open online-only files, while the latter is forcing users to work with Files on Demand instead of always retaining a local copy.

I am already a user of Files on Demand in OneDrive, and I hope this revised client is wholly native and more resource friendly. The existing OneDrive client likes to eat up an entire CPU core just to sync files. I do not like Apple’s questionable behaviour, but I also like to get work done without my computer’s fans whirring for no good reason.

Months-Old iCloud Bug Causing Syncing Issues for Third-Party Apps Fixed

Sorry for the heavier posts today. My mind has been churning on some stuff for a while.

So how about the iCloud problems that have apparently persisted for some users since December, November, or even May? That is pretty wild. It got widespread coverage earlier this week, and good news: going to the press works.

Juli Clover, MacRumors:

Apple appears to have fixed an ongoing iCloud server issue that was causing some apps that have implemented iCloud support to fail to sync properly. The bug has persisted since November, and app developers were becoming increasingly upset with Apple’s lack of effort to address the problem.

Apple also rolled out system updates today which fix that Safari cross-site tracking bug reported in November. Also included in these updates is a patch for IOMobileFrameBuffer, which allowed arbitrary code and “may have been actively exploited”. Reports suggest the problem is limited to iOS 15 and MacOS Monterey, but it appears MacOS Big Sur is also vulnerable.

Substack Remains Permissive to Health Woo, White Nationalism, and Conspiracy Theories

Elise Thomas, of the Institute for Strategic Dialogue:

Malone is not the only high profile anti-vaccine advocate currently building his brand – and his bank account – on Substack. As of January 11th, 2021 Substack’s list of top paid political newsletters features prominent COVID-19 misinformation spreaders Alex Berenson at number 6, and Steven Kirsch at number 19.

At number 13 was Joseph Mercola, who has become infamous as one of the most influential voices spreading misinformation about COVID-19 and vaccines during the pandemic. While it is not clear exactly how much money Mercola is making from Substack, the platform indicates he has ‘thousands of subscribers’ paying $5 a month (Image 1).

Mercola is a particularly egregious example — the guy thinks eyeglasses are harmful. But it is not like Substack is unique in its mainstreaming of fringe and crackpot ideas: a subsidiary of HarperCollins publishes his books.1

Thomas:

The migration of users who have been banned on other platforms to Substack appears to be playing out in other contexts as well. The QAnon conspiracy community, banned from most mainstream platforms, is developing a growing foothold on Substack.

[…]

White nationalists who have been banned from other platforms are also making a home for themselves. In October 2021, white nationalist group Europa Invicta posted excitedly that, “What we like most about Substack is that we can now communicate with you directly… Our ability to bring you more is amplified now – new and multiple types of content can be shared and accessed all from one place” (Image 3). And in November 2021, Patrick Casey, formerly a leader of white nationalist group Identity Evropa, also began actively using Substack.

What Europa Invicta actually wrote, after the ellipsis, is that there is “no middle-man platform”, which is obviously untrue: Substack is a platform. It can choose what to permit and deny just as much as any other service provider.

Should it? Should HarperCollins, for that matter, or any of the other number of companies involved in spreading views ranging from deliberately misleading to explicitly hateful? It seems to depend on the issue. A recent literature review by the Royal Society suggests that deplatforming hate groups is a viable means of minimizing their influence, but doing the same for health misinformation leads some people to seek it out at increasingly fringe parts of the web.

Besides, it is not as though this is solely an online phenomenon. Tucker Carlson, the most popular host on the biggest cable “news” channel in the United States, regularly spreads lies either personally or through guests like Alex Berenson. This is not new behaviour for Fox hosts, and it is not isolated to health misinformation.

The marketplace of products and services has mechanisms to handle fraud, but the marketplace of ideas does not.2 Nobody is punished simply for lying to someone else, not without some direct material consequence. On the contrary, liars are among the most successful broadcasters around. That is not something platforms can moderate away. But one wonders if Substack is comfortable hosting information its executives must know is truly harmful.


  1. HarperCollins also published O.J. Simpson’s “If I Did It”. ↩︎

  2. One notable exception is the alternative health and wellness product category. Even when the capsules in a bottle of supplements match what is on the label, they often do not have the desired effect suggested on the label or in mass media. I dislike this visualization, but it gives some sense of popular supplements and how effective they may be. ↩︎

Spotify to Honour Neil Young’s Request to Pull His Music

Andy Greene, Rolling Stone:

Neil Young posted a since-deleted letter to his management team and record label demanding that they remove his music from Spotify. “I am doing this because Spotify is spreading fake information about vaccines – potentially causing death to those who believe the disinformation being spread by them,” he wrote. “Please act on this immediately today and keep me informed of the time schedule.”

“I want you to let Spotify know immediately TODAY that I want all my music off their platform,” he continued. “They can have [Joe] Rogan or Young. Not both.” Young is referencing the steady stream of misinformation about vaccines that Joe Rogan has peddled on The Joe Rogan Experience. Last month, 270 doctors, physicians, and science educators signed an open letter asking Spotify to stop spreading Rogan’s baseless claims.

Young posted his letter on Monday; today, he announced that Warner Brothers would acquiesce to his demands and pull his catalogue from Spotify. But much of the coverage does not frame it this way — at least, not in headlines. The New York Times, Wall Street Journal, Guardian, and Hollywood Reporter — among others — all chose to frame the story as Spotify removing Young’s music from its library. It is a subtle difference, but I think it meaningfully shifts the interpretation of this story from Young’s impetus to Spotify’s. I think a headline like the one Buzzfeed News ran with is more accurate.

It is another example of a company’s many interests becoming a source of intra-corporate risk.

Previously: Spotify removed a bunch of episodes of Rogan’s podcast in April, shortly after acquiring it.

British Law Commissions Propose Immunity From Some Driving Offences by Users of Self-Driving Cars

Haroon Siddique, the Guardian:

Users of self-driving cars should have immunity from a wide range of motoring offences, including dangerous driving, speeding and jumping red lights, Britain’s law commissions have jointly recommended.

The Law Commission for England and Wales and the Scottish Law Commission propose creation of an Automated Vehicles Act to reflect the “profound legal consequences” of self-driving cars. The person in the driving seat would no longer responsible for how the car drives; instead, the company or body that obtained authorisation for the self-driving vehicle would face regulatory sanctions if anything went wrong.

On its face, this sounds right to me. Either a car is autonomous, or it is equipped with driver aids that do not replace the human behind the wheel. It is cowardly to imply a more advanced technology capable of absolving drivers of active control while still holding them liable for the car’s poor or inattentive behaviour.

The devil is in the details, though, and what separates a driver aid from an autonomous driving technology is a blurry line.

Google Abandons FLoC, Replaces It With a Similar Topics-Based System

Frederic Lardinois, TechCrunch:

FLoC (Federated Learning of Cohorts), Google’s controversial project for replacing cookies for interest-based advertising by instead grouping users into groups of users with comparable interests, is dead. In its place, Google today announced a new proposal: Topics.

The idea here is that your browser will learn about your interests as you move around the web. It’ll keep data for the last three weeks of your browsing history and as of now, Google is restricting the number of topics to 300, with plans to extend this over time. Google notes that these topics will not include any sensitive categories like gender or race.

Daisuke Wakabayashi, Kate Conger, and Brian X. Chen, New York Times:

Google said there had been tens of thousands of potential cohorts under the previous plan, but that it would reduce the number of Topics to fewer than a few thousand. The company said users would be able to see what topics were associated with them, and remove them if they chose.

Google said Topics would use human curators rather than allow machine learning technology to generate user groups, as the FLoC plan did. This will eliminate the possibility that groups might be based on sensitive characteristics like sexual orientation or race, Google said.

I am amazed that it only took widespread concerns from researchers, outrage by privacy activists, and the prospect of an E.U. antitrust investigation for Google to reconsider FLoC.

I have my doubts about whether this fully resolves complaints about FLoC, even as it may minimize them. Going from “tens of thousands” of FLoC cohorts to only about three hundred topics seems like progress. But eventually expanding to “fewer than a few thousand” is similarly worrisome, albeit to a lesser degree.

Sara Fischer, Axios:

With Topics, it’s harder for anyone to map user data back to a user because the topics are updated so frequently. Google said it also sends fake topics to about 5% of the websites to make sure topic generation is too random to trace.

Surely a positive sign as well.

This all sounds like Google remaining reluctant to rethink its business model, even as it is listening to criticism. Topics is one way of making behaviourally targeted advertising less damaging instead of acknowledging its fundamental ethical flaws.

Google Ends Security Updates for Its Pixel 3 Line Just Three Years After Launch

Aaron Gordon, Vice:

I think of phones in much the same way I think of refrigerators or stoves. It’s an appliance, something I need but feel no attachment to, and as long as it keeps fulfilling that need, I don’t want to spend money replacing it for no real reason. The Pixel 3 fulfills my needs, so I don’t want to spend $600 on the Pixel 6, which seems to be just another phone that does all the phone things.

But I have to get rid of it because Google has stopped supporting all Pixel 3s. Despite being just three years old, no Pixel 3 will ever receive another official security update. Installing security updates is the one basic thing everyone needs to do for their own digital security. If you don’t even get them, then you’re vulnerable to every security flaw discovered since your last patch. In response to an email asking Google why it stopped supporting the Pixel 3, a Googles spokesperson said, “We find that three years of security and OS updates still provides users with a great experience for their device.”

Conspiracy theories about planned obsolescence in Apple’s lineup appear like clockwork, but 2015’s iPhone 6S supports all the same security patches in iOS 15 as the newest iPhone models. My iPhone X, released one year before the Pixel 3, is running just fine with the latest software updates.

Meanwhile, Google declares Pixel models unsupported after just three years, which seems to be something of a standard among Android manufacturers.

Google Sued by D.C. and Three States for ‘Deceptive’ Android Location Tracking

In August 2018, Ryan Nakashima of the Associated Press reported that Google’s location tracking settings were deceptive. Now, the company is being sued over these practices around the United States.

Adi Robertson, the Verge:

The attorneys general of three states and the District of Columbia are suing Google for the allegedly deceptive collection of location data on Android. The complaints, which build on a 2020 lawsuit filed by the Arizona Attorney General, allege that Google’s “complex web” of settings obfuscated whether users were sharing their location at a given moment. Furthermore, they allege Google pushed Android users with “repeated nudging, misleading pressure tactics, and evasive and deceptive descriptions” to share more information either “inadvertently or out of frustration.”

The complaint is redacted in key parts, unfortunately. Even something as simple as the before-and-after of text in a permissions dialog box has been erased. But even reading between the solid bars of removed text yields some choice findings like this:

Within Google, a self-titled “Oh Shit” meeting was convened the day the AP story was published to begin brainstorming responses to the article. […]

I would not like to accept any meeting invitation labelled “Oh Shit”.

More substantively, the suit argues that Google’s control over Android and its ads business overlap to reduce user privacy. These claims are similar — but perhaps stronger — to those made in the June 2020 class action suit alleging it tracked people in Chrome’s “Incognito” mode because it also receives Google Analytics data.

Robertson:

Reached for comment, Google denied the claims in the suit, pointing to recent changes like the ability to auto-delete location history.

“The attorneys general are bringing a case based on inaccurate claims and outdated assertions about our settings,” said Google policy spokesperson José Castañeda. “We have always built privacy features into our products and provided robust controls for location data.”

Not mentioned by Castañeda is how the policies were in place for nearly ten years, that they were changed only after the company was caught, and how there is no indication the company erased all location data collected during this period in an arguably illegitimate way. Businesses should not be immune from the legal consequences of their actions.

Some Jerk Has Built a Twitter Bot to Spoil the Next Day’s Wordle Puzzle

I do not think I will ever understand what motivates some people to take something that is, at worst, harmless and take pleasure in ruining it for everyone else. Wordle is a nice, harmless thing; the nice thing to do is to block the “wordlinator” account on Twitter. If you do it from Twitter’s website, you do not even have to see the account’s spoilers.

Update: It is worth thinking about how Twitter is designed to permit communication from some griefer bot like this — or, far worse, automated harassment — and it is up to each of us to block it on an individual account level.

The Inside Story of iBeer

Speaking of the early days of iPhone apps, here is Quinn Myers, writing for Mel:

On July 10, 2008, Steve Jobs teased the opening of Apple’s highly anticipated App Store. “The quality and the sophistication of the applications you can write for the iPhone is in a different class,” he told the New York Times. The next day, the App Store launched with more than 500 apps curated for the iPhone’s groundbreaking technology, but only the app of the highest quality and most sophistication would rise to the top: iBeer, an app that kind of made it look like your phone was a glass of beer.

Remarkably, the app is still on the App Store.

MacOS Widgets Deserve Better

Stephen Hackett:

Notification Center is a real mess. Even on a Pro Display XDR, you get three visible notifications. That’s it. Anything older is hidden behind a button, regardless of how many widgets you may have in the lower section of the Notification Center column.

Apple needs to rethink this and let this new class of widgets breathe, being able to use the entire screen like the widgets of yore could. Bringing back Dashboard is an obvious solution here, and I’d love to see it make a return.

Hackett’s screenshots of Dashboard make me nostalgic for that uniquely mid-2000s blending of pseudo-realistic textures and clean formatting. Dashboard was the epitome of that sort of thing — remember the water ripple effect when you dropped a widget onto the Dashboard layer? That made no sense but was absolutely perfect. I miss subtler textural elements like that or the perforated metal tray of available widgets. Sheets of frosted glass have run their course.

Anyway, I am not sure that bringing Dashboard back to life is the right direction, but I would love to see something happen to make widgets and Notification Centre feel more considered and less of a junk drawer. I feel similarly about the many spatial layers of MacOS, like Launchpad and Mission Control — something about them has not quite solidified for me.1

One more thing: in a footnote, Hackett points out how these widgets were interactive. They were interesting in other ways, too. All of them were built with web technologies using a specific IDE Apple created called Dashcode, which it launched in 2006. At WWDC 2007, when Steve Jobs announced the “sweet solution” for iPhone apps, Dashcode was envisioned as a way to build those web apps. The idea was that developers could take their existing Mac OS X widget and convert it to work as an iPhone web app. That, obviously, was not well-received, and an official SDK for native apps was launched the following year. Dashboard withered and died, but not before Dashcode bit the dust. Yet, it took until just a couple of years ago for widgets to once again be a multi-platform effort, now with SwiftUI and, as Hackett wrote, without interactivity. Curious.


  1. I really like Apple’s trackpad gestures for all of these things, especially since they became tracked to your fingers entirely in real-time several years ago. It would be cool if the full-hand pinch gesture was used for something Dashboard-esque. ↩︎

Apple Moved Quickly to Clean Up the Wordle Clones in the App Store, but There Is Still Far to Go

This article by Jason Cross, writing in Macworld, is harsh but mostly fair. The last line of this paragraph, in particular, stood out to me:

It would be a trivially small amount of money for Apple to create an internal group dedicated to proactively finding and eliminating scam, copycat, infringing, exploitive apps. But every one it finds costs Apple money. And doing nothing isn’t hurting sales, not when it’s so much cheaper to just market the App Store as so secure and trustworthy. Apple seems to view App Store trust and quality as a marketing activity more than a real technical or service problem.

It is hard not to feel the same way after years of this same sort of complaint. Apple often says the App Store is trustworthy, and that every app is “held to the highest standards”. But it does not take much digging to find apps that fail to uphold those promises. For example, an App Store search for “who blocks me” finds apps that promise to reveal who views your social media profiles and who is blocking you. Neither of those capabilities are supported by the APIs of Facebook, Instagram, or Twitter. But there are dozens of apps that claim to offer that functionality, most of which require the purchase of an expensive subscription.

Apple Confirms It Has Stopped Issuing iOS 14 Security Updates

Andrew Cunningham, Ars Technica:

Apple told Ars that it always intended the iOS 14 security update option to be temporary. Essentially, people could have a short grace period while Apple worked out the worst of the new operating system’s early bugs, but you would always eventually have to upgrade to stay patched.

The features page for iOS 15 merely says that users can “continue on iOS 14 and still get important security updates,” with no mention of any sort of time limit, though this support page published after iOS 15’s release does mention that iOS 14 security updates will only be available for a vague “period of time.” This approach isn’t consistent with how Apple handles macOS, where the two previous versions of the OS continue to receive security updates in (albeit imperfect) lockstep with the latest macOS version.

When it was released, iOS 15 was given secondary billing as a version that was “also available” on the Software Updates screen. The assumption by many — including me — was that Apple might support the previous year’s version of iOS for about a year.

Alas, just four months later, Apple has already pulled the plug on iOS 14 updates. All the company had to do is be specific and clear in its communications with users still on iOS 14, but there was no notification; iOS 14.8.1, which was released in October, just one day stopped being unavailable. If something like degraded battery performance throttling created a big dent in Apple’s reputation, this sort of thing is chipping its paint: it may be easy to miss, but it also eats away at customers’ trust.

Technology Trade Group Issues Statement on the ‘Banning Surveillance Advertising Act’

This statement from Information Technology and Innovation Foundation VP Daniel Castro is a ride:

Online advertising pays for the vast majority of free online services. Banning targeted ads would make online advertising much less effective, so advertisers will pay less for them and those who display ads — including app developers, media companies, and content creators — will earn significantly less revenue. Faced with a budget shortfall, many online services will have few options other than to either reduce the quality of their services or charge their users fees.

It will not surprise you to know that this group is funded by basically every major technology company, including Amazon, Apple, Facebook, Google, and Microsoft.

But let us engage with this argument on its merits, and not which ostensibly independent voices are making it. One reason highly-targeted ads cost more than less targeted ones is because there are more companies involved in their delivery and each one gets its cut. Another reason is, allegedly, because Google overcharged advertisers, paid publishers a lower rate, and kept the difference.

And while some wealthier households might be willing to pay for ad-free Internet services, millions of American families would be hurt by this policy as they find themselves cut off from key parts of the digital economy. Indeed, this policy would be equivalent to telling the millions of American households who watch ad-supported broadcast television that, to protect them from advertising, they will have to sign up for premium cable and streaming subscriptions instead.

This is some race-to-the-bottom nonsense that conflates less-targeted advertising with a ban on ads altogether — a confused argument this industry loves to make because its actual practices are indefensible. Non-creepy advertising is completely fine. Just do that.

It is worth Americans’ time to question the efficacy of the bill’s text and look for unintended consequences. But this trade group assumes everyone is a sucker and will fall for its misleading arguments.