Month: October 2024

Apple in the release notes for MacOS 15.1 beta:

Applications using our deprecated content capture technologies now have enhanced user awareness policies. Users will see fewer dialogs if they regularly use apps in which they have already acknowledged and accepted the risks.

John Gruber:

Why in the world didn’t Apple take regular use of a screen-recording app into account all along?

Benjamin Brooks:

I think this is the question you ask when you have not used a Corporate Mac in the last 4-5 years. For those who are, you know that companies install applications which take screenshots and screen recordings of certain or all activities being done on the Mac. You know, for security.

When users began noticing the screen recording permissions prompt over the summer, I remember lots of people speculating Apple added it because of possible spyware or domestic violence behaviour. That is a plausible explanation.

But Brooks’ keen observation is something I, in hindsight, should have also considered, and I am kicking myself for forgetting about the possibility. I now remember linking to things like employee surveillance software and online test proctoring — applications which monitor users’ screens effectively by force, something one will agree to unless they want to change jobs or not complete an exam. I believe this is supported by — and casts a new light upon — a device management key available to system administrators for suppressing those permissions prompts.

I am not much of a true crime podcast listener, but the first three episodes of “Kill List” — Overcast link — have transfixed me.

Jamie Bartlett:

Besa Mafia was a dark net site offering hitmen for hire. It worked something like this: a user could connect to the site using the Tor browser and request a hit. They’d send over some bitcoin (prices started from $5,000 USD for ‘death by shotgun’). Then they’d upload the name, address, photographs, of who they wanted killed. Plus any extra requests: make it look like a bungled robbery; need it done next week, etc. The website owner, a mysterious Romanian called ‘Yura’ would then connect them with a specialist hitman to carry out the commission.

[…]

In the end, Carl investigated one hundred and seventy five kill requests. Each one a wannabe murderer. Each one a potential victim — who Carl often phones and break the crazy news. “The hardest calls I’ve ever made” Carl tells me. “How do you explain that someone wants you dead?!” (Carl would be indirect, gentle. He tried to make sure the victim felt in control. But often they hung up. “They didn’t believe me. They thought I was a scammer”).

I am not sure I agree with Bartlett’s conclusion — “more and more complex crimes will be solved by podcast journalists” is only true to the extent any crime is “solved” by any journalist — but it does appear this particular podcast has had quite the impact already. What a fascinating and dark story this is.

A bit of background, for those not steeped in the world of WordPress development: there exists a plugin called Advanced Custom Fields (ACF) which allows developers to create near-endless customization options for end clients in the standard page and post editor. It is hard to explain in a single paragraph — the WordPress.com guide is a good overview — but its utility is so singular as to be an essential component for many WordPress developers.

ACF was created by Elliot Condon who, in 2021, sold it to Delicious Brains. At this point, it was used on millions of websites, a few of which I built. I consider it near-irreplaceable for some specific and tricky development tasks. A year later, the entire Delicious Brains plugin catalogue was sold to WPEngine.

Matt Mullenweg:

On behalf of the WordPress security team, I am announcing that we are invoking point 18 of the plugin directory guidelines and are forking Advanced Custom Fields (ACF) into a new plugin, Secure Custom Fields. SCF has been updated to remove commercial upsells and fix a security problem.

[…]

Similar situations have happened before, but not at this scale. This is a rare and unusual situation brought on by WP Engine’s legal attacks, we do not anticipate this happening for other plugins.

This is an awfully casual way of announcing WordPress is hijacking one of the most popular third-party plugins in the directory. Mullenweg cites policy for doing so — WordPress can “make changes to a plugin, without developer consent, in the interest of public safety” — but the latter paragraph I quoted above makes clear the actual motive here. The “security problem” triggering this extraordinary action is a real but modest change to expand a patch from a previous update. But WordPress has removed the ability for WPEngine to make money off its own plugin — and if users have automatic plugin updates turned on, their ACF installation will be overwritten with WordPress’ unauthorized copy.

Iain Poulson, of ACF:

The change to our published distribution, and under our ‘slug’ which uniquely identifies the ACF plugin and code that our users trust in the WordPress.org plugin repository, is inconsistent with open source values and principles. The change made by Mullenweg is maliciously being used to update millions of existing installations of ACF with code that is unapproved and untrusted by the Advanced Custom Fields team.

It is nearly impossible to get me to feel sympathetic for anything touched by private equity, but Mullenweg has done just that. He really is burning all goodwill for reasons I cannot quite understand. I do understand the message he is sending, though: Mullenweg is prepared to use the web’s most popular CMS and any third-party contributions as his personal weapon. Your carefully developed plugin is not safe in the WordPress ecosystem if you dare cross him or Automattic.

I have been trying to stay informed of the hostile relationship between WordPress, Automattic, and Matt Mullenweg, and third-party hosting company WPEngine. Aram Zucker-Scharff put together a helpful and massive set of links to news coverage. Michael Tsai has a good collection of links, too, and Emma Roth and Samantha Cole have published notable articles.

From a distance, it looks like an expensive pissing match between a bunch of increasingly unlikable parties, and I would very much appreciate if it never affects my self-hosted version of WordPress. Maybe it is a little confusing that WPEngine is not affiliated with WordPress, but I only learned this week that WordPress.org is personally owned by Mullenweg and is not actually affiliated with Automattic or WordPress.com. From Mullenweg’s perspective, this confusion is beneficial, but the confusion with WPEngine is not. From my perspective, I would not like to be confused.

Also, if Mullenweg is mad about WPEngine — and Silver Lake, its private equity owner — benefitting from the open source nature of WordPress without what he feels is adequate compensation, I am not sure he has a leg to stand on. It does not sound like WPEngine is doing anything illegal. It is perhaps rude or immoral to build a private business named after and on the back of an open source project without significantly contributing, but surely that is the risk of developing software with that license. I am probably missing something here.

Well, add XOXO to the list of conferences I was never able to attend. The final edition occurred this year and it looked pretty special.

Happily, if you — as I — were unable to attend in person, Andy Baio has begun uploading videos of this year’s talks. I have watched those from Cabel Sasser, Dan Olson, Molly White, and Sarah Jeong. These are all worth your time — and so are, I am sure, the ones I have not yet seen.

Update: Be sure to watch Sasser’s talk before exploring an amazing archive he is assembling. Seriously — watch first, then click.

Jonathan M. Gitlin, Ars Technica:

Last night, after a wait of roughly an hour after the official start time, Elon Musk spoke to a crowd of Tesla fans and some journalists on a film studio backlot in California to give us an update on the company’s much-talked-about pivot to robotics. […]

[…]

After promising that “unsupervised FSD” is coming to all of Tesla’s five models — “now’s not the time for nuance,” Musk told a fan — he showed off a driverless minibus and then a horde of humanoid robots, which apparently leverage the same technology that Tesla says will be ready for autonomous driving with no supervision. These robots — “your own personal R2-D2,” he said — will apparently cost less than “$30,000” “long-term,” Musk claimed, adding that these would be the biggest product of all time, as all 8 billion people on earth would want one, then two, he predicted.

These announcements are almost certainly bullshit, and correctly contextualized by Gitlin. Mix the axiom “what can be asserted without evidence can also be dismissed without evidence” with the boy who cried “wolf!”, and the result is this media event — and that is without factoring in the usual Tesla sloppiness. These are three brand new products, all of which are purportedly future-defining, rambled about in the span of about thirty minutes on a random Thursday in October. Nothing is finished. Musk called two of the products “Cybercab” and “Optimus Robots”, but the company’s website refers to them as “Robotaxi” and “Tesla Bot”. Everything is hypothetical until proven otherwise.

The robot is particularly galling. The automotive industry has a long history of building humanoid robots: Honda’s ASIMO, Toyota’s Partner series, and General Motors’ work on NASA’s Robonaut 2. Some of these perform more specialized tasks. All of them have been around for a while. None of them are in widespread use. Tesla’s should be treated as an elaborate fiction until anyone outside the company can confirm even the most fundamental qualities it is claimed to possess.

Oh, and speaking of claims on the website, I want to address this:

To create a sustainable future, we must democratize transportation. We do this by making driving more efficient, affordable and safe. Autonomy makes this future possible, today.

Musk — for the featherweight of his words — said the Robotaxi would cost “less than $30,000” and be available “before 2027” — that is, to be clear, not “today”. If this thing ever ships, it will still require car-like infrastructure and ample space, even though it carries only two people.

Public transit, which is available today, is the very definition of democratized transportation, especially if it has been carefully considered for the needs of people with disabilities. It is inexpensive for end users, requires less space per person than any car, and has a beneficial feedback loop of safety and usage. I am not arguing the two cannot coexist; perhaps some of this stuff makes sense in low-density sprawl. But I have little confidence the future will look like Musk’s vision, or that Tesla will be delivering it. Why would anyone still believe this too-rich carnival barker who lies all the time?

Want to experience twice as fast load times in Safari on your iPhone, iPad and Mac?

Then download Magic Lasso Adblock — the ad blocker designed for you.

Magic Lasso Adblock: browse 2.0x faster

As an efficient, high performance, and native Safari ad blocker, Magic Lasso blocks all intrusive ads, trackers, and annoyances – delivering a faster, cleaner, and more secure web browsing experience.

By cutting down on ads and trackers, common news websites load 2× faster and browsing uses less data while saving energy and battery life.

Rely on Magic Lasso Adblock to:

  • Improve your privacy and security by removing ad trackers

  • Block all YouTube ads, including pre-roll video ads

  • Block annoying cookie notices and privacy prompts

  • Double battery life during heavy web browsing

  • Lower data usage when on the go

With over 5,000 five star reviews; it’s simply the best ad blocker for your iPhone, iPad. and Mac.

And unlike some other ad blockers, Magic Lasso Adblock respects your privacy, doesn’t accept payment from advertisers, and is 100% supported by its community of users.

So, join over 350,000 users and download Magic Lasso Adblock today.

Apple is a famously tight-knit business. Its press releases and media conferences routinely drum the integration of hardware, software, and services as something only Apple is capable of doing. So it sticks out when features feel like they were developed by people who do not know what another part of the company is doing. This happened to me twice in the past week.

Several years ago, Apple added a very nice quality-of-life improvement to the Mac operating system: software installers began offering to delete themselves after they had done their job. This was a good idea.

In the ensuing years, Apple made some other changes to MacOS in an effort to — it says — improve privacy and security. One of the new rules it imposed was requiring the user to grant apps specific permission to access certain folders; another was a requirement to allow one app to modify or delete another.

And, so, when I installed an application earlier this month, I was shown an out-of-context dialog at the end of the process asking for access to my Downloads folder. I granted it. Then I got a notification that the Installer app was blocked from modifying or deleting another file. To change it, I had to open System Settings, toggle the switch, enter my password, and then I was prompted to restart the Installer application — but it seemed to delete itself just fine without my doing so.

This is a built-in feature, triggered by where the installer has been downloaded, using an Apple-provided installation packaging system.1 But it is stymied by a different set of system rules and unexpected permissions requests.


Another oddity is in Apple’s two-factor authentication system. Because Apple controls so much about its platforms, authentication codes are delivered through a system prompt on trusted devices. Preceding the code is a notification informing the user their “Apple Account is being used to sign in”, and it includes a map of where that is.

This map is geolocated based on the device’s IP address, which can be inaccurate for many reasons — something Apple discloses in its documentation:

This location is based on the new device’s IP address and might reflect the network that it’s connected to, rather than the exact physical location. If you know that you’re the person trying to sign in but don’t recognize the location, you can still tap Allow and view the verification code.

It turns out one of the reasons the network might think you are located somewhere other than where you are is because you may be using iCloud Private Relay. Even if you have set it to “maintain general location”, it can sometimes be incredibly inaccurate. I was alarmed to see a recent attempt from Toronto when I was trying to sign into iCloud at home in Calgary — a difference of over 3,000 kilometres.

The map gives me an impression of precision and security. But if it is made less accurate in part because of a feature Apple created and markets, it is misleading and — at times — a cause of momentary anxiety.

What is more, Safari supports automatically filling authentication codes delivered by text message. Apple’s own codes, though, cannot be automatically filled.


These are small things — barely worth the bug report. They also show how features introduced one year are subverted by those added later, almost like nobody is keeping track of all of the different capabilities in Apple’s platforms. I am sure there are more examples; these are just the ones which happened in the past week, and which I have been thinking about. They expose little cracks in what is supposed to be a tight, coherent package of software.


  1. Thanks to Keir Ansell for tracking down this documentation for me. ↥︎

Speaking of the Internet Archive, Matt Sephton, in August, posted about the surprise loss of his account there:

Recently at Internet Archive a “glitch” (their choice of word) deleted a great many accounts, including my account that had been at archive.org/details/@gingerbeardman since 2015.

I had meant to post this nearer to when it happened but, like others, my requests for comment went unanswered, even when sent directly to an organization representative instead of a generic media inbox. Parts of Sephton’s account were thankfully restored, but only after this post was sent to Hacker News.

I find the Internet Archive’s utility unparalleled. I find some of its recent behaviour frustrating.

Brendan Jones:

The rise of Mastodon has made me so much more aware of government services requiring us to use private companies’ systems to communicate with them and access services.

Sitting on a Dutch train just now I was shown on a screen “feeling unsafe in the train? Contact us via WhatsApp”.

Jones says the railway operator’s website also contains SMS reporting instructions, but that was not shown on the train itself.

One of the side effects of the decline of née Twitter is in the splintering of its de facto customer support and alert capabilities. Plenty of organizations still use it that way. But it should only be one option. Apps like WhatsApp should not be the preferred contact method, either. Private companies’ contact methods should be available, sure — meet people where they are — but a standard method should always be as easily available.

Jason Scott:

Someone is DDOSing the internet archive, so we’ve been down for hours. According to their twitter, they’re doing it just to do it. Just because they can. No statement, no idea, no demands.

An X account claiming responsibility says it is a politically motivated attack. If that is true, it is an awfully stupid rationale and a poor choice of target.

Wes Davis, the Verge:

Here’s what the popup said:

“Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!”

HIBP refers to Have I Been Pwned?, a website where people can look up whether or not their information has been published in data leaked from cyber attacks. It’s unclear what is happening with the site, but attacks on services like TweetDeck have exploited XSS or cross-site scripting vulnerabilities with similar effects.

I have no idea if this group actually obtained any Internet Archive user data. The site has only a placeholder page directing visitors to its X account for status updates, but I see nothing there or on Brewster Kahle’s personal one.

Update: Three minutes after publishing this post, I received an alert from Have I Been Pwned that my Internet Archive account was one of over 31 million total which had been exposed. Troy Hunt, who runs HIBP, and Lawrence Abrams of Bleeping Computer both tried contacting the Internet Archive with no response.

Sarah Krouse, Dustin Volz, Aruna Viswanatha, and Robert McMillan, Wall Street Journal (probably paywalled; sorry):

A cyberattack tied to the Chinese government penetrated the networks of a swath of U.S. broadband providers, potentially accessing information from systems the federal government uses for court-authorized network wiretapping requests.

For months or longer, the hackers might have held access to network infrastructure used to cooperate with lawful U.S. requests for communications data, according to people familiar with the matter, which amounts to a major national security risk. The attackers also had access to other tranches of more generic internet traffic, they said.

Zack Whittaker, TechCrunch:

The 30-year-old law that set the stage for recent backdoor abuse is the Communications Assistance for Law Enforcement Act, or CALEA, which became law in 1994 at a time when cell phones were a rarity and the internet was still in its infancy.

CALEA requires that any “communications provider,” such as a phone company or internet provider, must provide the government all necessary assistance to access a customer’s information when presented with a lawful order. In other words, if there is a means to access a customer’s data, the phone companies and internet providers must provide it.

Bruce Schneier:

For years, the security community has pushed back against these backdoors, pointing out that the technical capability cannot differentiate between good guys and bad guys. And here is one more example of a backdoor access mechanism being targeted by the “wrong” eavesdroppers.

Riana Pfefferkorn:

It is not the ‘90s anymore, when CALEA got enacted, the law requiring telecom wiretappability for law enforcement. China and Russia and DPRK are formidable cyber foes now. DOJ, FBI, etc. want to change CALEA so that encrypted apps like Signal or WhatsApp aren’t exempt from it anymore. But this hack shows that if anything, the law needs to change in the *other* direction. The hack needs to be a wake-up call to law enforcement that as long as they keep opposing encryption for communications, they’re enabling China to smack us in the face with our own hand while saying “stop hitting yourself!”

According to a 2016 paper from Public Safety Canada, “Australia, the U.S., the UK and many other European nations require CSPs [Communications Service Providers] to have an interception capability”; it also notes Canada does not. Such a requirement is understandable from an investigative perspective. But, as Pfefferkorn says, capabilities like these have been exploited before, and it will happen again. These are big targets and there are no safe backdoors.

That brings me — for the second time today — to the need for comprehensive privacy legislation basically everywhere but, in particular, in the United States, the hub of the world’s communications. Protecting private data would dramatically curtail this kind of access violation by removing backdoors, restrict one aspect of TikTok panic, and reduce the exploitation of our behavioural data by creepy ad tech businesses. It is not a panacea and I am sure there are worrisome side effects for law enforcement, but it would likely be more effective than tackling these problems on an individual basis.

I have to say, it is quite an odd thing to be listening to a podcast and hear one’s own name. This recently happened to me on the latest episode of “Upgrade”. It feels like I am about to be called to the principal’s office or something. But I was not.

Myke Hurley and Jason Snell discussed an article I wrote about the more granular control available to users in iOS 18 when apps request access to their contacts. (My piece is a response to a New York Times story; Snell also linked to both with some commentary.) Their chat centres Apple’s scale and influence. Even little decisions the company makes are capable of transforming entire industries.

Hurley raises an apt comparison to App Tracking Transparency, which is exactly what I was thinking about when I wrote my piece. I am similarly unsympathetic to corporate empires built on illicitly obtained data. If you cannot make money when users are given a choice to consent, your business model probably sucks. But I do think it is concerning how powerful both of the major players were in the aftermath of that announcement: Meta, for hoarding behavioural data on billions of people; and Apple, for its ability to give users options.

I see parallels to Google’s power over the web. The near-uniform layout and structure of webpages is thanks to Google’s specific suggestions for improving the likelihood of ranking higher. The main difference is Google’s suggestions are sort of optional; if a website’s owner does not care much about search traffic, they can do whatever they want. The prompts on iOS, on the other hand, are baked into the system.

As Snell says, these apps “have to make the case” for granting permission. I do not think that is such a bad thing, and I am amenable to their suggestion of Apple’s built-in apps being placed on a level playing field. I think a lot of this would be more predictable if privacy laws were stronger. A basic level of privacy protections should not be a competitive advantage, nor should users be required to navigate either unceasing permissions dialogs or terms of service agreements to understand the myriad ways their personal information is being exploited — because their personal information should not be exploited.

Karl Bode, Techdirt:

Scientists say that low earth orbit (LEO) satellite constellations being built by Amazon, Starlink, and AT&T pose a dire threat to astronomy and scientific research, and that too little is being done to address the issue.

There are costs to suddenly widespread satellite connectivity. Apple’s partner in its offering, Globalstar, operates a constellation of satellites which would similarly be concerning to scientists.

It is a tricky balance. Adding redundant communications layers in our everyday devices can be useful and is, plausibly, of lifesaving consequence. Yet it also means the sky is littered with fields of objects which interfere with ground-based instruments. The needs of scientists might seem more abstract and less dire than, say, people seeking help in a natural disaster — I understand that. But I am not certain we will be proud of ourselves fifty years from now if we realize astronomical research has been severely curtailed because a bunch of private companies decided to compete in our shared sky. There is surely a balance to be struck.

As smartphones began competing on satellite connectivity, I had my doubts. Sure, I could imagine a dire emergency situation where it would be lifesaving, but would I ever use it? I hike a little and I cycle a lot, often without cell connectivity, and I feel completely comfortable. I am by no means an extreme sports enthusiast or adventurer. When would I need this stuff?

Well, the Messages via Satellite capability — new for iPhone users in iOS 18 — sure was handy this weekend. I was cycling a light trail in Kananaskis with a friend when I had a low-speed fall in a rock field. It was embarrassing. It also gave me a deep, five centimetre-long cut on my knee. It was not bad enough to need medical attention — I was able to keep cycling just fine — but it was good to know I would be able to get help if I needed it in an area without any cellular reception. And, at the trailhead, I was able to let my wife know I was fine via satellite-sent text message.

Of course, it can also be used in more dire circumstances, as many are finding out.

Ryan Christoffel, 9to5Mac:

Hurricane Helene has caused massive damage and taken over 100 lives across several US states. Many thousands of people are without power and/or cell service. But in the wake of the storm, reports have surfaced about a key iOS 18 feature that has been a lifeline for survivors: Messages via satellite.

In my case, useful; in the case of many people, a truly lifesaving addition. You know those graphics of everything smartphones replaced? Satellite phones surely have not been replaced for the avid adventurer, but they can probably be added to that graphic for a lot of us. Smartphone makers seem to have gone through the list of everyday necessities, then the weekly or monthly ones, and now are at a point where they are adding features we may use only once — but we are glad when we do.

Do you want to block all YouTube ads in Safari on your iPhone, iPad and Mac?

Then download Magic Lasso Adblock – the ad blocker designed for you.

Magic Lasso Adblock - best in class YouTube ad blocking

As an efficient, high performance, and native Safari ad blocker, Magic Lasso blocks all intrusive ads, trackers, and annoyances – delivering a faster, cleaner, and more secure web browsing experience.

Magic Lasso Adblock is easy to setup, doubles the speed at which Safari loads, and also blocks all YouTube ads; including all:

  • video ads

  • pop up banner ads

  • search ads

  • plus many more

With over 5,000 five star reviews; it’s simply the best ad blocker for your iPhone, iPad, and Mac.

And unlike some other ad blockers, Magic Lasso Adblock respects your privacy, doesn’t accept payment from advertisers, and is 100% supported by its community of users.

So, join over 350,000 users and download Magic Lasso Adblock today.

The New York Times recently ran a one–two punch of stories about the ostensibly softening political involvement of Mark Zuckerberg and Meta — where by “punch”, I mean “gentle caress”.

Sheera Frenkel and Mike Isaac on Meta “distanc[ing] itself from politics”:

On Facebook, Instagram and Threads, political content is less heavily featured. App settings have been automatically set to de-emphasize the posts that users see about campaigns and candidates. And political misinformation is harder to track on the platforms after Meta removed transparency tools that journalists and researchers used to monitor the sites.

[…]

“It’s quite the pendulum swing because a decade ago, everyone at Facebook was desperate to be the face of elections,” said Katie Harbath, chief executive of Anchor Change, a tech consulting firm, who previously worked at Facebook.

Facebook used to have an entire category of “Government and Politics” advertising case studies through 2016 and 2017; it was removed by early 2018. I wonder if anything of note happened in the intervening months. Anything at all.

All of this discussion has so far centred U.S. politics; due to the nature of reporting, that will continue for the remainder of this piece. I wonder if Meta is ostensibly minimizing politics everywhere. What are the limits of that policy? Its U.S. influence is obviously very loud and notable, but its services have taken hold — with help — around the world. No matter whether it moderates those platforms aggressively or it deprioritizes what it identifies as politically sensitive posts, the power remains U.S.-based.

Theodore Schleifer and Mike Isaac, in the other Times article about Zuckerberg personally, under a headline claiming he “is done with politics”, wrote about the arc of his philanthropic work, which he does with his wife, Dr. Priscilla Chan:

Two years later, taking inspiration from Bill Gates, Mr. Zuckerberg and Dr. Chan established the Chan Zuckerberg Initiative, a philanthropic organization that poured $436 million over five years into issues such as legalizing drugs and reducing incarceration.

[…]

Mr. Zuckerberg and Dr. Chan were caught off guard by activism at their philanthropy, according to people close to them. After the protests over the police killing of George Floyd in 2020, a C.Z.I. employee asked Mr. Zuckerberg during a staff meeting to resign from Facebook or the initiative because of his unwillingness at the time to moderate comments from Mr. Trump.

The incident, and others like it, upset Mr. Zuckerberg, the people said, pushing him away from the foundation’s progressive political work. He came to view one of the three central divisions at the initiative — the Justice and Opportunity team — as a distraction from the organization’s overall work and a poor reflection of his bipartisan point-of-view, the people said.

This foundation, like similar ones backed by other billionaires, appears to be a mix of legitimate interests for Chan and Zuckerberg, and a vehicle for tax avoidance. I get that its leadership tries to limit its goals and focus on specific areas. But to be in any way alarmed by internal campaigning? Of course there are activists there! One cannot run a charitable organization claiming to be “building a better future for everyone” without activism. That Zuckerberg’s policies at Meta is an issue for foundation staff points to the murky reality of billionaire-controlled charitable initiatives.

Other incidents piled up. After the 2020 election, Mr. Zuckerberg and Dr. Chan were criticized for donating $400 million to the nonprofit Center for Tech and Civic Life to help promote safety at voting booths during pandemic lockdowns. Mr. Zuckerberg and Dr. Chan viewed their contributions as a nonpartisan effort, though advisers warned them that they would be criticized for taking sides.

The donations came to be known as “Zuckerbucks” in Republican circles. Conservatives, including Mr. Trump and Representative Jim Jordan of Ohio, a Republican who is chairman of the House Judiciary Committee, blasted Mr. Zuckerberg for what they said was an attempt to increase voter turnout in Democratic areas.

This is obviously a bad faith criticism. In what healthy democracy would lawmakers actively campaign against voter encouragement? Zuckerberg ought to have stood firm. But it is one of many recent clues as to Zuckerberg’s thinking.

My pet theory is Zuckerberg is not realigning on politics — either personally or as CEO of Meta — out of principle; I am not even sure he is changing at all. He has always been sympathetic to more conservative voices. Even so, it is important for him to show he is moving toward overt libertarianism. In the United States, politicians of both major parties have been investigating Meta for antitrust concerns. Whether the effort by Democrats is in earnest is a good question. But the Republican efforts have long been dominated by a persecution complex where they believe U.S. conservative voices are being censored — something which has been repeatedly shown to be untrue or, at least, lacking context. If Zuckerberg can convince Republican lawmakers he is listening to their concerns, maybe he can alleviate the bad faith antitrust concerns emanating from the party.

I would not be surprised if Zuckerberg’s statements encourage Republican critics to relent. Unfortunately, as in 2016, that is likely to taint any other justifiable qualms with Meta as politically motivated. Recall how even longstanding complaints about Facebook’s practices, privacy-hostile business, and moderation turned into a partisan argument. The giants of Silicon Valley have every reason to expect ongoing scrutiny. After Meta’s difficult 2022, it is now worth more than ever before — the larger and more influential it becomes, the more skepticism it should expect.

Hannah Murphy, Financial Times:

Some suggest Zuckerberg has been emboldened by X’s Musk.

“With Elon Musk coming and literally saying ‘fuck you’ to people who think he shouldn’t run Twitter the way he has, he is dramatically lowering the bar for what is acceptable behaviour for a social media platform,” said David Evan Harris, the Chancellor’s public scholar at California University, Berkeley and a former Meta staffer. “He gives Mark Zuckerberg a lot of permission and leeway to be defiant.”

This is super cynical. It also feels, unfortunately, plausible for both Zuckerberg and Meta as a company. There is a vast chasm of responsible corporate behaviour which opened up in the past two years and it seems like it is giving room to already unethical players to shine.

See Also: Karl Bode was a guest on “Tech Won’t Save Us” to discuss Zuckerberg’s P.R. campaign with Paris Marx.

It has been a little more than a month since Telegram CEO Pavel Durov was arrested and charged in France, and he has spent September trying to explain authorities’ interest and Telegram’s response.

Only one problem: I am not sure how much I can believe him. But I can only explain that by starting with his most recent posts.

Durov, on September 23:

To further deter criminals from abusing Telegram Search, we have updated our Terms of Service and Privacy Policy, ensuring they are consistent across the world. We’ve made it clear that the IP addresses and phone numbers of those who violate our rules can be disclosed to relevant authorities in response to valid legal requests.

And on October 2:

Since 2018, Telegram has been able to disclose IP addresses/phone numbers of criminals to authorities, according to our Privacy Policy in most countries.

Whenever we received a properly formed legal request via relevant communication lines, we would verify it and disclose the IP addresses/phone numbers of dangerous criminals. This process had been in place long before last week.

According to Durov, this is not “a major shift in how Telegram works”. It lines up with reporting in Der Spiegel, though further reporting called into question Telegram’s ongoing compliance with investigations. But earlier this year, Telegram claimed in its FAQ to reveal nothing at all about its users ever:

To this day, we have disclosed 0 bytes of user data to third parties, including governments.

Today, the same frequently asked question has a different word in it. See if you can spot it:

To this day, we have disclosed 0 bytes of user messages to third parties, including governments.

I do not know what to make of this. There is a vast difference, in my mind, between “0 bytes of user data” — which would include things like IP addresses and phone numbers — and “0 bytes of user messages”. Perhaps this was just poor wording in the earlier version — if so, it feels misleading. If I were some crime lord, I would see that as reassurance Telegram reveals nothing, especially with its reputation.

Let us now rewind to Durov on September 5:

Last month I got interviewed by police for 4 days after arriving in Paris. I was told I may be personally responsible for other people’s illegal use of Telegram, because the French authorities didn’t receive responses from Telegram.

Durov says, in effect, this is the fault of the French government because it did not use the correct channels for information requests, and French law enforcement could have just chatted with him to find out more.

I do not know whether I can believe him. From the outside, it looks like Telegram was habitually uncooperative with law enforcement on legitimate investigative grounds. It turned over some data to German authorities but realized users hated that, so it did one of two things: it deceived authorities, or it deceived users. Neither one is good. But I bet French authorities would not be charging a high-profile executive with such egregious crimes if they did not think they could prove it. I understand being skeptical of charges like these and I am not condemning Durov without proof. But I do not believe Durov either.

Sarah Perez, TechCrunch:

iOS apps that build their own social networks on the back of users’ address books may soon become a thing of the past. In iOS 18, Apple is cracking down on the social apps that ask users’ permission to access their contacts — something social apps often do to connect users with their friends or make suggestions for who to follow. Now, Apple is adding a new two-step permissions pop-up screen that will first ask users to allow or deny access to their contacts, as before, and then, if the user allows access, will allow them to choose which contacts they want to share, if not all.

Kevin Roose, New York Times, in an article with the headline “Did Apple Just Kill Social Apps?”:

Now, some developers are worried that they may struggle to get new apps off the ground. Nikita Bier, a start-up founder and advisor who has created and sold several viral apps aimed at young people, has called the iOS 18 changes “the end of the world,” and said they could render new friend-based social apps “dead on arrival.”

That might be a little melodramatic. I recently spent some time talking to Mr. Bier and other app developers and digging into the changes. I also heard from Apple about why they believe the changes are good for users’ privacy, and from some of Apple’s rivals, who see it as an underhanded move intended to hurt competitors. And I came away with mixed feelings.

Leaving aside the obviously incendiary title, I think this article’s framing is pretty misleading. Apple’s corporate stance is the only one favourable to these limitations. Bier is the only on-the-record developer who thinks these changes are bad; while Roose interviewed others who said contact uploads had slowed since iOS 18’s release, they were not quoted “out of fear of angering the Cupertino colossus”. I suppose that is fair — Apple’s current relationship with developers seems to be pretty rocky. But this article ends up poorly litigating Bier’s desires against Apple giving more control to users.

Bier explicitly markets himself as a “growth expert”; his bio on X is “I make apps grow really fast”. He has, to quote Roose, “created and sold several viral apps” in part by getting users to share their contact list, even children. Bier’s first hit app, TBH, was marketed to teenagers and — according to several sources I could find, including a LinkedIn post by Kevin Natanzon — it “requested address book access before actually being able to use the app”. A more respectful way of offering this feature would be to ask for contacts permission only when users want to add friends. Bier’s reputation for success is built on this growth hacking technique, so I understand why he is upset.

What I do not understand is granting Bier’s objections the imprimatur of a New York Times story when one can see the full picture of Bier’s track record. On the merits, I am unsympathetic to his complaints. Users can still submit their full contact list if they so choose, but now they have the option of permitting only some access to an app I have not even decided I trust.

Roose:

Apple’s stated rationale for these changes is simple: Users shouldn’t be forced to make an all-or-nothing choice. Many users have hundreds or thousands of contacts on their iPhones, including some they’d rather not share. (A therapist, an ex, a random person they met in a bar in 2013.) iOS has allowed users to give apps selective access to their photos for years; shouldn’t the same principle apply to their contacts?

The surprise is not that Apple is allowing more granular contacts access, it is that it has taken this long for the company to do so. Developers big and small have abused this feature to a shocking degree. Facebook ingested the contact lists of a million and a half users unintentionally — and millions of users intentionally — a massive collection of data which was used to inform its People You May Know feature. LinkedIn is famously creepy and does basically the same thing. Clubhouse borrowed from the TBH playbook by slurping up contacts before you could use the app.1 This has real consequences in surfacing hidden connections many people would want to stay hidden.

Even a limited capacity of allowing users to more easily invite friends can go wrong. When Tribe offered such a feature, it spammed users’ contacts. It settled a resulting class action suit in 2018 for $200,000 without admitting wrongdoing. That may have been accidental. Circle, on the other hand, was deliberate in its 2013 campaign.

Apple’s position is, therefore, a reasonable one, but it is strange to see no voices from third-party experts favourable to this change. Well-known iOS security researchers Mysk celebrated it; why did Roose not talk to them? I am sure there are others who would happily adjudicate Apple’s claims. The cool thing about a New York Times email address is that people will probably reply, so it seems like a good idea to put that power to use. Instead, all we get is this milquetoast company-versus-growth-hacker narrative, with some antitrust questions thrown in toward the end.

Roose:

Some developers also pointed out that the iOS 18 changes don’t apply to Apple’s own services. iMessage, for example, doesn’t have to ask for permission to access users’ contacts the way WhatsApp, Signal, WeChat and other third-party messaging apps do. They see that as fundamentally anti-competitive — a clear-cut example of the kind of self-preferencing that antitrust regulators have objected to in other contexts.

I am not sure this is entirely invalid, but it seems like an overreach. The logic of requiring built-in apps to request the same permissions as third-party apps is, I think, understandable on fairness grounds, but there is a reasonable argument to be made for implied consent as well. Assessing this is a whole different article.

But Messages accesses the contacts directory on-device, while many other apps will transport the list off-device. That is a huge difference. Your contact list is almost certainly unique. The specific combination of records is a goldmine for social networks and data brokers wishing to individually identify you, and understand your social graph.

I have previously argued that permission to access contacts is conceptually being presented to the wrong person — it ought to, in theory, be required by the people in your contacts instead. Obviously that would be a terrible idea in practice. Yet each of us has only given our contact information to a person; we may not expect them to share it more widely.

As in so many other cases, the answer here is found in comprehensive privacy legislation. You should not have to worry that your phone number in a contact list or used for two-factor authentication is going to determine your place in the global social graph. You should not have to be concerned that sharing your own contact list in a third-party app will expose connections or send an unintended text to someone you have not spoken with in a decade. Data collected for a purpose should only be used for that purpose; violating that trust should come with immediate penalties, not piecemeal class action settlements and FTC cases.

Apple’s solution is imperfect. But if it stops the Biers of the world from building apps which ingest wholesale the contact lists of teenagers, I find it difficult to object.


  1. Remember when Clubhouse was the next big thing, and going to provide serious competition to incumbent giants? ↥︎