Pixel Envy

Written by Nick Heer.

Archive for March, 2022

Meta’s Dirty Tricks Campaign Against TikTok

Taylor Lorenz and Drew Harwell, the Washington Post:

Facebook parent company Meta is paying one of the biggest Republican consulting firms in the country to orchestrate a nationwide campaign seeking to turn the public against TikTok.

The campaign includes placing op-eds and letters to the editor in major regional news outlets, promoting dubious stories about alleged TikTok trends that actually originated on Facebook, and pushing to draw political reporters and local politicians into helping take down its biggest competitor. These bare-knuckle tactics, long commonplace in the world of politics, have become increasingly noticeable within a tech industry where companies vie for cultural relevance and come at a time when Facebook is under pressure to win back young users.

Employees with the firm, Targeted Victory, worked to undermine TikTok through a nationwide media and lobbying campaign portraying the fast-growing app, owned by the Beijing-based company ByteDance, as a danger to American children and society, according to internal emails shared with The Washington Post.

Zac Moffatt, Targeted Victory’s CEO, disputed this reporting on Twitter, but many of his complaints are effectively invalid. He complains that only part of the company’s statement was included by the Post, but the full statement fits into a tweet and is pretty vacuous. The Post says the company refused to answer specific questions, which Moffatt has not disputed.

Moffatt also says the Post called two letters to the editor a “scorched earth campaign”, but the oldest copy of the story I could find, captured just twenty minutes after publishing and well before Moffatt tweeted, does not contain that phrasing, and neither does the current copy. I am not sure where that is from.

But one thing Moffatt does nail the Post on, a little bit, is its own reporting on TikTok moral panics. For example, the “slap a teacher challenge” was roundly debunked when it began making headlines in early October 2021 and was traced back to rumours appearing on Facebook a month earlier, but that did not stop the Post from reporting on it. It appears Targeted Victory used the Post’s reporting, among that from other publications, to further concerns about this entirely fictional story. That is embarrassing for the Post, which cited teachers and school administrators for its story.

The Post should do better. But it is agencies like Targeted Victory that the Post and other media outlets should be steeling themselves against, as well as in-house corporate public relations teams. When reporters receive a tip about a company’s behaviour — positive or negative — the source of that information can matter as much as the story itself. It is why I still want more information about the Campaign for Accountability’s funders: it has been successful in getting media outlets to cover its research critical of tech companies, but its history with Oracle has muddied the waters of its ostensibly pure concern. Oracle also tipped off Quartz reporters to that big Google location data scandal a few years ago. These sources are not neutral. While the stories may be valid, readers should not be misled about their origin.

Facebook News Feed Bug Mistakenly Elevated Misinformation for Months Instead of Demoting It

Alex Heath, the Verge:

A group of Facebook engineers identified a “massive ranking failure” that exposed as much as half of all News Feed views to potential “integrity risks” over the past six months, according to an internal report on the incident obtained by The Verge.

The engineers first noticed the issue last October, when a sudden surge of misinformation began flowing through the News Feed, notes the report, which was shared inside the company last week. Instead of suppressing posts from repeat misinformation offenders that were reviewed by the company’s network of outside fact-checkers, the News Feed was instead giving the posts distribution, spiking views by as much as 30 percent globally. Unable to find the root cause, the engineers watched the surge subside a few weeks later and then flare up repeatedly until the ranking issue was fixed on March 11th.

One of the things I think about a lot is why problems such as this one have basically no repercussions for the companies that create them. In this case, this bug was only made public because someone leaked the internal report, and its possible consequence was significant — Heath writes that it “impacted up to half of News Feed views over a period of months”. But it does not matter, not really. Facebook’s reputation is in the tank and it will not lose users because of this, nor will advertisers pull funds. It does not matter that Facebook increased the spread of bullshit instead of responsibly slowing it, apart from in all the subtle ways it does matter that its massive user base was increasingly misinformed.

It is amazing the harm that can be excused by attributing it to machine learning or algorithmic flaws.

Apple Updates Its Entitlement Rules for Using External Payments in Dutch Dating Apps

Apple:

Since February of this year, developers of dating apps on the App Store in the Netherlands have been able to use the StoreKit External Purchase Entitlement or the StoreKit External Purchase Link Entitlement to enable the capability to sell services through a payment system other than Apple’s in-app purchase system. Apple established these entitlements as part of our plan to comply with a recent Netherlands Authority for Consumers and Markets (ACM) order. Today we’ve introduced changes to these entitlements, which include:

[…]

[…] Consumer Disclosures: Apps that use either entitlement need to include an in-app modal sheet that explains to users that they’re going to make purchases through an external payment system, and the potential impact that choice could have on the user. Apple is adjusting the language on the modal sheet and reducing the number of times the sheet must be displayed.

The new language is more subdued than its misleading predecessor, and it is one of three modest changes made to this entitlement’s use. The biggest change is that developers no longer have to submit an entirely separate binary for using this entitlement in the Dutch App Store. The big question for Apple is whether this will appease regulators there.

The big question for me is whether this purchase flow will be expanded beyond dating apps and outside of the Netherlands. It is becoming quite polished, and permitting it within an existing binary seems like a possible — albeit unlikely — path toward broader use. Of course, Apple also makes it know that it continues to disagree with the ruling and is appealing it, so my question is probably answered.

Hackers Gaining Power of Subpoena via Fake ‘Emergency Data Requests’

Brian Krebs:

There is a terrifying and highly effective “method” that criminal hackers are now using to harvest sensitive customer data from Internet service providers, phone companies and social media firms. It involves compromising email accounts and websites tied to police departments and government agencies, and then sending unauthorized demands for subscriber data while claiming the information being requested can’t wait for a court order because it relates to an urgent matter of life and death.

Bold. Yet again, the most effective techniques for illicitly obtaining information are confidence tricks, not technical expertise. People Krebs interviewed acknowledge this kind of attack is virtually impossible to defend against without, in the words of one security specialist, “completely redoing how we think about identity on the internet on a national scale”. I am sure that is true an international scale, too; these requests are sent by law enforcement agencies around the world in a legitimate capacity, which opens them all up to fraud.

William Turton, Bloomberg:

Apple and Meta provided basic subscriber details, such as a customer’s address, phone number and IP address, in mid-2021 in response to the forged “emergency data requests.” Normally, such requests are only provided with a search warrant or subpoena signed by a judge, according to the people. However, the emergency requests don’t require a court order.

Snap Inc. received a forged legal request from the same hackers, but it isn’t known whether the company provided data in response. It’s also not clear how many times the companies provided data prompted by forged legal requests.

Discord also provided data, according to Krebs.

Moderation Supports the Principles of Free Speech

Mike Masnick, of Techdirt, with a full-throated defence of the concepts of society and context in general:

The internet itself is an incredible platform for free speech, and we should be fighting to keep that wider internet open and free from too much regulatory burden and limits. But part of the reason the internet is such an incredible platform is that on the internet, anyone is able to find different communities that they feel are appropriate for them. Or to create their own without first having to get permission.

The people who demand that someone else’s community must conform to their standards aren’t supporting “principles of free speech,” they’re demanding others bend to their wills.

Exactly right.

Privileged App Store Behaviour for Disney Plus Subscriptions

Max Seelemann:

iOS biz people… Subscription price increase as mere NOTICE instead of having to confirm, else subs expires.

Is this new behavior for everyone or exclusive to Disney+?

Normally when developers increase the price of a subscription, the user is supposed to be prompted several times to agree to the new rate. If they do not, their subscription will not automatically renew.

In this case, an App Store sheet is informing users that a price change is happening. The most obvious action is an “OK” button on the sheet. There is no “Cancel” button, but there is tiny text above the “OK” button that says “review your subscription” if someone wants to cancel.

This is not generally available to developers.

Michael Tsai:

In a few years, we’ll be told there was already an “established program” for this.

Yet another special arrangement between large companies. Does anyone still think it is a mystery why developers do not trust the App Store process?

The problem is not that Apple gives special privileges to larger or more trusted developers. That can make sense — can you imagine how many crappy CarPlay apps would distract drivers if any app could use that entitlement? The problem is that Apple continues to peddle the lie that it treats every developer the same. That is completely untrue, and Apple’s representatives know it is untrue.

Update: Nikhil Nigade:

Every one seems to be missing an important bit here: this was ready to go when Disney wanted it.

Did it ship with iOS 15.4? Prior to that?

Excellent questions. Has this quietly been in iOS for years, or was this behaviour created between Apple and Disney specifically for this circumstance?

The Possible Impact of the Digital Markets Act on Messaging Privacy

Casey Newton interviewed Will Cathcart, who runs WhatsApp, about the unknown effects of the E.U.’s recently advanced Digital Markets Act. Cathcart has concerns about what this means for the ability of a specific platform to control for spam, and is one of many who worries about what messaging service interoperability may mean for security and privacy:

Over the weekend, cryptography experts sounded the alarm about this idea, saying that platforms might not be able to do this in a way that leaves messages encrypted. As Alex Stamos of the Stanford Internet Observatory put it to me: “Writing the law to say ‘You should allow for total interoperability without creating any privacy or security risks’ is like just ordering doctors to cure cancer.”

[…]

[…] it’s clear that, to the extent that there might be a way for services like iMessage and WhatsApp to interoperate and preserve encryption, that way has yet to be invented.

At the very least, it hasn’t yet been built.

To be clear, it does not appear that the draft law mandates the creation of no privacy or security risks; the segment posted by Benedict Evans — the full draft text is currently confidential — says platform providers must create a “high level of security and personal data protection”. It is about finding an appropriate level of risk with the caveat that it will never get to zero. But the core of the question seems correct: is there a way to make encrypted messaging services work together while ensuring negligible difference in security and privacy levels?

It is worth reading Newton’s piece in full because it is quite good, but this paragraph bugged me:

It’s also worth asking what interoperability will actually do to make the messaging market more competitive. Email is an open, interoperable standard and has been for decades; but today, Apple, Google, and Microsoft own around 90 percent of the market. Meanwhile, the market for messaging apps is much more dynamic even without interoperability: it includes apps from Meta, Telegram, Signal, Snap, and others.

In the second sentence, Newton conflates the open protocol of email with the market share of email clients. These are not comparable — at least, not in this way. For what it is worth, in terms of email servers that W3 Techs is able to query, Google and Microsoft do indeed dominate, but the third most popular provider is Newfold Digital Group, better known as the worst collection of hosts on the web. This is followed by a list of over a hundred other providers used by at least 0.1% of all domains.

Since it is an open standard, anyone with the technical knowledge can deploy an email server or create a client to improve upon it. That benefits users because the ability to use email is not tied to any specific company, and someone may use a client with a feature set that is more appealing to their needs. Imagine if you could download an iMessage client that gave you capabilities Apple’s own app does not, or removes unnecessary features.

In the final quoted sentence above, Newton says the messaging market is more competitive. I am not sure that is correct — it is not possible to separate protocol from client, so a direct comparison is not fair. But it is possible there are so many messaging clients used by so many people because each of our friends use a different mix. We are never trying to use messaging apps; we are only trying to communicate with people. It would be great if all of my messages from any provider could be collected in a single application in much the same way that my emails from different accounts on different hosts all appear in the same inbox. I would prefer that. But it is not possible with today’s applications, so I must switch between a handful of apps to chat with all of my friends.

Remember Adium? That is a great piece of software I have not touched in about ten years as phone-centred messaging clients have replaced desktop-based ones. Something like that could be possible again. If that is possible, it cannot be at the expense of privacy and security.

The EFF Calls on U.S. Policymakers to Ban Online Behavioural Advertising

Bennett Cyphers and Adam Schwartz of the Electronic Frontier Foundation:

Given these severe harms, EFF calls on Congress and the states to ban the targeting of ads to people based on their online behavior. This ban must be narrowly tailored to protect privacy and equity without placing unnecessary burdens on speech and innovation.

Legislators should focus on the personal data most central to targeted ads: our online behavior. This includes the web searches we conduct, the web pages we visit, the mobile apps we use, the digital content we view or create, and the hour we go online. It also includes the ways our online devices document our offline lives, such as our phones using GPS to track our geolocation or fitness trackers monitoring our health.

I see this going nowhere in the real world, but it is a good summary of the harms caused by behaviourally-targeted advertising and a strong call to action. One thing I fail to see in this document is a response for small business owners who have been lured by the possibility of cheap and precise ads. Though I understand why these ads are appreciated by those with limited budgets, I think this entire industry is built on flawed principles. It is not fair for everyone online to be required to forego any sense of privacy so our neighbourhoods can continue to have independently-owned businesses. But there needs to be a better answer.

Power for Everyone, for Some Flexible Definition of ‘Everyone’

Joshua Ginter, responding to my question about what capabilities are unlocked by increasingly powerful computers in the hands of more people:

In real life, there are other real jobs that benefit from new technology too. Plumbers and electricians. Carpenters. Oil rig workers. Farmers. Each benefit from new technology in their own way. I’d love to hear from these sorts of folks — stories about how their working lives have changed due to a new Mac, a new iPhone, or a new iPad.

I put my question about this in the context of creative professionals because that is what I am and that is how Apple is positioning the Mac Studio, though I am also curious about the many things powerful computers like these will unlock for other professions. I remember when my Twitter timeline would explode in mockery when those marketing films would play during an Apple keynote, showing people using iPads in wind turbines and rescue helicopters. It was a vision of what became possible with a different form factor, high-resolution displays, cellular connectivity, and a great tablet operating system.

I am excited to see what is enabled by the Mac Studio and products like it. It performs comparably to the highest-end Intel Mac Pro at a fraction of its cost. Making extraordinary computing power more accessible will surely have some fascinating consequences.

Good Luck Owning a Copy of This Year’s ‘Best Picture’ Winner

Clayton Davis, Variety:

It’s been no secret that Netflix has long harbored ambitions to be the first digital video player to take home the Academy Awards’ most prestigious honor, spending lavishly to promote the likes of Alfonso Cuarón’s “Roma” (2018), Martin Scorsese’s “The Irishman” (2019) and David Fincher’s “Mank” (2020). The investment has yielded lots of nominations, but has not paid off with the major recognition that Netflix was seeking. Instead, the Netflix team had to clap as Apple Original Films, one of the scores of new streaming players that have launched in recent years, got Best Picture bragging rights.

nougatmachine”:

This is a legal, officially sanctioned DVD of the movie Coda, an Apple Original (Apple Inc.’s name for their exclusive original movies on the Apple TV+ streaming service). This is not just any DVD, this is a DVD from the consumer electronics company that arguably has done more to bury DVDs than any other.

[…]

The Oscars’ theatrical requirements have been an infamous bone of contention for streaming media, but industry insiders have long been able to prepare for awards season at home. Distributors seeking votes send the “screeners” you may have heard of to members of the production guilds, critic associations, academy members, etc — any organization with members voting in film awards. While the option to stream screeners now exists, DVD screeners remain a product in the industry’s lineup. Presumably, the stereotypical 85 year-old Oscar voter can’t be trusted to have good internet, and so the discs keep coming. As a member of the illuminati one of these groups, I was bemused to see that Apple’s quest for awards show clout has led to me receiving a DVD of an Apple Original in my latest screener haul. Like all Apple products, it deserves a thorough review.

As far as I can tell, this is the only legal way to own a copy of “Coda” — and, even then, recipients of this are told to destroy it after “the awards season is over”. Not just a physical copy, either; as far as I can tell, the only way to watch “Coda” is by streaming it. The TV app has a big Oscars feature section right now, which I cannot find a way to link to, and it seems that every movie can be purchased except “Coda”.

It is not an isolated case. Movies and serial productions from streaming services generally do not have physical copies, which sucks for archival purposes and, also, if you just want to watch something without dealing with software updates and server problems. But Apple has an online store that sells movies. Surely it can find a way to sell this movie — the one where the first fifteen seconds of runtime is an “Apple Original Films” logo.

Update: Depending on where you are in the world, you may find that “Coda” is only available for purchase and cannot be streamed.

Confessions of a Digital Hoarder

Charlie Warzel, Galaxy Brain:

I know I’m not alone. In a paper published in 2019 in the journal World Psychiatry, titled “The ‘Online Brain’: How the Internet May be Changing Our Cognition,” the researchers suggest that “the Internet is becoming a ‘supernormal stimulus’ for transactive memory — making all other options for cognitive offloading (including books, friends, and community) become redundant, as they are outcompeted by the novel capabilities for external information storage and retrieval made possible by the Internet.”

That sure sounds bad. But in reality, it’s probably good and bad. The paper suggests that “reliance on online searching may impede memory retrieval by reducing the functional connectivity and synchronization of associated brain regions.” But it also notes that this process might also free up cognitive space in other parts of our brain. At one point, the paper’s authors posit that “increasing reliance on the Internet for information may cause individuals to ‘blur the lines’ between their own capabilities and their devices.” This is likely what I’m doing by saving information for later, and mistaking that filing away for a kind of uploading into my own memory.

How curious it was for me when this appeared in NetNewsWire at about the same time as Matt Sephton tweeted about a long-forgotten app. It is one I recognize, too — it captures screenshots as you use your Mac and makes them searchable, all locally. But I searched my Pinboard, which is where I offload these sorts of things, and cannot find it.

Update: The software Sephton was looking for is probably Savant.

The Big Tech Antitrust Movement Is Finally Showing Results

The European Council:

The Council and the Parliament today reached a provisional political agreement on the Digital Markets Act (DMA), which aims to make the digital sector fairer and more competitive. Final technical work will make it possible to finalise the text in the coming days.

Alex Kantrowitz, Big Technology:

For years, a chorus of critics has argued Big Tech is too powerful, unaccountable, and anti-competitive. And for years, it’s seemed like they were shouting into a pillow. Antitrust legislation meandered in Congress, the tech giants continued to squeeze their competitors, and they added trillions in market cap in the process.

But now, the Big Tech antitrust movement is actually making real progress. On Thursday, the EU adopted the Digital Markets Act, a landmark piece of legislation aimed at restoring the market competitiveness that the tech giants have hindered. One day earlier, Google said it would allow some Android app developers to take payments directly, avoiding its Play Store’s processing and fees. After a long period of stagnation, these moves are breakthroughs.

There will doubtless be teething problems with these changes and cases that will need to be clarified. But I am also optimistic about how this will play out over time if it is able to accomplish even a subset of its intended goals, and whether the “gatekeeper” companies — as the E.U. refers to them — will apply similar policies worldwide.

There are also well-founded concerns from those who worry about overregulation to those who say it does not go far enough. I am not applying some false “both sides” narrative here — I really think there are good arguments to be made about whether this act will strike the right balance. I still think it is strange that one of the most headline-making qualities of this act is messenger app interoperability, even though that market is thriving.

Oh, and before I forget, from Kantrowitz’s article:

[…] One day earlier, Google said it would allow some Android app developers to take payments directly, avoiding its Play Store’s processing and fees. […]

Spotify is still paying Google a commission on every sale. Neither party has said what that commission is, but Google’s policy in South Korea is to take four percentage points off the standard rate when using third-party billing, and I bet this would be a similar arrangement. This experiment does not “avoid” Play Store fees, but it does reduce them.

The Mac Studio and Studio Display for Creative Professionals

Peter Wiggins, FCP.co:

We sat down with Xander Soren, Director of Product Marketing, Pro Apps, Tom Boger, Vice President of Mac & iPad Product Marketing and Shelly Goldberg, Senior Director, Mac & iPad Product Design. 

Shortly after the announcement of the Mac Studio and Studio Display at the Peak Performance Apple event, we had the pleasure of talking to three Apple executives about the new machine and how the creative pro would benefit.

This is a good and wide-ranging interview that dances around a question I have been thinking about for a while now: what capabilities do high-performance products like these unlock for a creative professional? It is great to see how much faster they are at compiling applications or rendering video, but I wonder what new things people will attempt on machines like these which may have been too daunting before.

Here is a little example from my own work that is nowhere near as computationally demanding: I often receive vector drawings as Adobe Illustrator files, but I prefer working in Sketch. Sometimes, these drawings will have thousands of points, particularly if it is a vector object that is supposed to resemble a more analogue style. While Illustrator handles these files easily, it is one of the things that Sketch struggles with on my iMac, so I am disincentivized to use this style of illustration. If I had a faster Mac, I bet I would have an easier time manipulating these objects in Sketch, and would use this style more often.

I wonder what the equivalent of that is in terms the higher-end Mac Studio customer may grapple with. What style of 3D modelling will be enabled by these faster computers? What motion graphics will someone be encouraged to explore now that their computer does not hang every time they attempt an effect? That is the sort of thing I am curious about.

Also, I thought Boger’s description of the Studio Display was funny:

It’s the best display we’ve ever made for the Mac, it also makes it a great display for the rest of our Mac product line at an accessible price point.

Sorry to anyone who bought a Pro Display XDR.

Clearview Is Laundering Its Reputation in Ukraine

Thomas Brewster, Forbes:

[…] On Wednesday, deputy prime minister and head of the Digital Transformation Ministry in Ukraine, Mykhailo Fedorov, confirmed on his Telegram profile that surveillance technology was being used in this way, a matter of weeks after Clearview AI, the New York-based facial recognition provider, started offering its services to Ukraine for those same purposes. Fedorov didn’t say what brand of artificial intelligence was being used in this way, but his department later confirmed to Forbes that it was Clearview AI, which is providing its software for free. They’ll have a good chance of getting some matches: In an interview with Reuters earlier this month, Clearview CEO Hoan Ton-That said the company had a store of 10 billion users’ faces scraped from social media, including 2 billion from Russian Facebook alternative Vkontakte. Fedorov wrote in a Telegram post that the ultimate aim was to “dispel the myth of a ‘special operation’ in which there are ‘no conscripts’ and ‘no one dies.’”

Tim Cushing, Techdirt:

Or maybe it’s just Clearview jumping on the bandwagon by supporting a country that already has the support of the most powerful governments in the world. Grabbing onto passing coattails and contacting journalists to get the word out about the company’s reverse-heel turn is savvy marketing. But it’s little more than that. The tech may prove useful (if the Ukraine government is even using it), but that shouldn’t be allowed to whitewash Clearview’s (completely earned) terrible reputation. Even if it’s useful, it’s only useful because the company was willing to do what no other company was: scrape millions of websites and sell access to the scraped data to anyone willing to pay for it.

It has been abundantly clear for a long time that accurate facial recognition can have its benefits, just as recording everyone’s browser history could make it easier to investigate crime. Even if this seems helpful, it is still an uneasy technology developed by ethically bankrupt company. It is hard for me to see this as much more than Clearview cynically using a war as a marketing opportunity given that it spread news of its participation weeks before anyone in the Ukrainian government confirmed it.

Print-on-Demand Services Are a Boon for Enterprising Exploiters of Political Division

Nasmul Ahasan, the San Francisco Chronicle:

In early February, Facebook removed two large pro-convoy groups after inquiries from the news site Grid, which had found that Bangladeshis were managing the groups. When a spinoff trucker convoy launched in Australia, it was also propped up by deceptive Facebook groups, including those run by Bangladeshi spammers, the news site Crikey reported.

The motives of these groups are not always easy to pin down. Some have diverted followers to digital donation sites organized by real protesters, others to “content mills” filled with pay-per-click ads.

But The Chronicle uncovered an extraordinary new set of players in the battle: Internet entrepreneurs in developing countries who take advantage of Western political division — and inflame it — with the sole aim of juicing sales of customized T-shirts, mugs, tumblers, ballcaps, tote bags, pillows and phone cases, with the profits shared by American companies.

I had wondered what benefits were being reaped by people elsewhere promoting groups like these. Now I know: the merch, stupid. Some of the protesters contributed thousands of dollars to these efforts, so maybe they would also buy an overpriced t-shirt and phone case.

Still, the Chronicle is likely exaggerating the influence of these groups. It says that one of the biggest had about 15,000 members, but the groups profiled by the Grid had memberships in the hundreds of thousands. It also says it did not know how many sales were made.

This article is an interesting look behind the scenes of these Facebook groups, but I do not think the takeaway is that some entrepreneurs in Bangladesh are manipulating the political process in Canada or doing anything particularly untoward. There are merch tents at all these demonstrations.

A Real-World Comparison of Photos From the iPhone 7 and iPhone 12

In March 2021, John Nack shot a series of photos on an iPhone 7 Plus and a similar series on an iPhone 12 Pro Max — the same comparison as Kyle Chayka wrote about earlier this week. It is pretty clear to me how much better the iPhone 12’s photos are compared to those from the iPhone 7. They are more colourful, especially in the warmer red and yellow tones — sorry to that person from the New Yorker article — and much sharper.

Despite their technical excellence, I also find myself appreciating the more muted images from the iPhone 7. I wonder if some people prefer an imperfect and perhaps nostalgic image. It may be one reason film photos are seen by some as superior to digital, or why vinyl is loved by many in a way CDs never have been. Or think about the difference between movies shown at 24 frames per second compared to those shown at 60. The digital or newer versions are all technically superior, but they can sometimes feel cold or less satisfying.

I do not think Apple should aim to replicate analogue imperfections, nor do I think the company should slow progress on its cameras. It is one of the main reasons I look forward to buying a new iPhone every few years. In these examples, I prefer the photos from the 12 Pro, but I find myself drawn in by the slightly hazy quality of those from the iPhone 7.

(Via John Gruber.)

Teenager Suspected by Cyber Researchers of Being Lapsus$ Mastermind

William Turton and Jordan Robertson, Bloomberg:

Cybersecurity researchers investigating a string of hacks against technology companies, including Microsoft Corp. and Nvidia Corp., have traced the attacks to a 16-year-old living at his mother’s house near Oxford, England. 

Four researchers investigating the hacking group Lapsus$, on behalf of companies that were attacked, said they believe the teenager is the mastermind.

Lapsus$ has befuddled cybersecurity experts as it has embarked on a rampage of high-profile hacks. The motivation behind the attacks is still unclear, but some cybersecurity researchers say they believe the group is motivated by money and notoriety.

Microsoft yesterday explained some of the group’s methods as it also announced it was a victim:

Unlike most activity groups that stay under the radar, DEV-0537 doesn’t seem to cover its tracks. They go as far as announcing their attacks on social media or advertising their intent to buy credentials from employees of target organizations. DEV-0537 also uses several tactics that are less frequently used by other threat actors tracked by Microsoft. Their tactics include phone-based social engineering; SIM-swapping to facilitate account takeover; accessing personal email accounts of employees at target organizations; paying employees, suppliers, or business partners of target organizations for access to credentials and multifactor authentication (MFA) approval; and intruding in the ongoing crisis-communication calls of their targets.

It really is a higher-end version of that famous Saturday Morning Breakfast Cereal strip.

Apple’s Online Services Are Experiencing Downtime for the Second Day Running

Juli Clover, MacRumors:

Apple’s services and apps appear to be experiencing yet another outage, with complaints on Twitter about problems with Apple Maps, the App Store, Apple Music, Weather, Podcasts, the Apple online store, and more.

Om Malik, in a tweet posted during yesterday’s outages:

What are the odds that this will be “misconfiguration” and “human error” or something like that? Time and time again, digital-first companies worth trillions don’t account for the fact we live digital. […]

I understand this must be harrowing for the individuals who are responsible for keeping Apple’s services up and running. But this is the world’s most valuable company, running services depended upon by hundreds of millions of paying subscribers. It is not unreasonable to expect better — far better.