A.I. and Art newyorker.com

Ted Chiang, the New Yorker:

It’s harder to imagine a program that, over many sessions, helps you write a good novel. This hypothetical writing program might require you to enter a hundred thousand words of prompts in order for it to generate an entirely different hundred thousand words that make up the novel you’re envisioning. It’s not clear to me what such a program would look like. Theoretically, if such a program existed, the user could perhaps deserve to be called the author. But, again, I don’t think companies like OpenAI want to create versions of ChatGPT that require just as much effort from users as writing a novel from scratch. The selling point of generative A.I. is that these programs generate vastly more than you put into them, and that is precisely what prevents them from being effective tools for artists.

Matt Muir, writer of the excellent Web Curios newsletter:

[…] Broadly speaking I agree with some of the points he makes, specifically about the requirement for art to have an element of intentionality which is necessarily absent from anything made by (current generative) AI being as all it is is maths, and maths cannot have intent. Equally, though, Chiang concedes that artists have made, are making, and will continue to make, work *in conjunction with* non-intentional systems, and that these works are perfectly capable of being considered as ‘art’. […]

Adi Robertson on Bluesky:

I can hazard lots of guesses why, but it’s striking that virtually none of the “can AI do art” conversation focuses on the most interesting examples I’ve seen, in which the interactive conversation between user and machine — rather than the end output — *is* the art.

Robertson points to the Are You the Asshole bot and the Hey Robot game as two examples, both of which are creative explorations of human–A.I. interaction. Whether those conversations are considered “art” is something I will leave others to decide because I spent a bachelor’s degree hearing hundreds of people asking that question and I lost my patience for it.

Robertson’s observation is a spiritual successor to my issue with Instagram bait art installations: neither are necessarily cheapening art, but I wish artists treated social media and, now, A.I. with less formalism and more conceptualism. Artists can eke compelling works out of any medium. In fact, the very suspicion of A.I.’s involvement in art seems likely to lend itself to surprising and moving works, with suitably talented artists.

Grain2Pixel, a Photoshop Script for Converting Film Negative Scans grain2pixel.com

I got a batch of film scans from the developer today and realized I needed a better process for converting them — better, that is, than the way I had been doing it, which was to flip the curves in Lightroom and then do all my corrections in reverse.

I played around with the Filmomat SmartConvert demo but I did not like the workflow enough to consider paying for it. I really like the results I got from Negative Lab Pro and I think the USD $99 price tag is reasonable. However, its main selling point — that DNG scans remain in DNG format — is also its drawback: your workflow is still going to be the reverse of what you expect because, under the hood, the image is still a negative.

That pushed me to trying Grain2Pixel which, from a getting-started perspective, is more cumbersome than the other two options, particularly as MacOS is alarmed you are trying to use unsigned software.

But once you get that sorted out and install the script, it makes quick work out of batch processing a folder of DNGs into TIFF images. Then you can import them into Lightroom and make corrections in positive colour. You do not need to worry too much about a loss of range — TIFF is plenty flexible in post, at least for my amateur purposes. I am very happy with the resulting images.

The Surprisingly Big Business of Library Ebooks newyorker.com

Danielle Deschamps, in the conclusion to a rather interesting chapter from “Contemporary Issues in Collection Management”, hosted by Open Education Alberta:

Ebook licensing agreements have become the widespread norm for library ebook access. Yet, between libraries and publishers, these agreements, the terms of which are set by publishers, have devolved to an extent that libraries are struggling to maintain their access to ecollections. Publishers perceive libraries as harming their bottom lines and libraries are in a particularly vulnerable place, without much negotiating power. However, there are several optional ways for public libraries to move forward, in effort of balancing their financial capacity while maintaining their ethical principle of respecting intellectual property rights. […]

The subsequent chapter specifically about ebook pricing is also a terrific primer.

Daniel A. Gross, writing in September 2021, in the New Yorker:

To illustrate the economics of e-book lending, the N.Y.P.L. sent me its January, 2021, figures for “A Promised Land,” the memoir by Barack Obama that had been published a few months earlier by Penguin Random House. At that point, the library system had purchased three hundred and ten perpetual audiobook licenses at ninety-five dollars each, for a total of $29,450, and had bought six hundred and thirty-nine one- and two-year licenses for the e-book, for a total of $22,512. Taken together, these digital rights cost about as much as three thousand copies of the consumer e-book, which sells for about eighteen dollars per copy. As of August, 2021, the library has spent less than ten thousand dollars on two hundred and twenty-six copies of the hardcover edition, which has a list price of forty-five dollars but sells for $23.23 on Amazon. A few thousand people had checked out digital copies in the book’s first three months, and thousands more were on the waiting list. (Several librarians told me that they monitor hold requests, including for books that have not yet been released, to decide how many licenses to acquire.)

If you want to know why publishers so aggressively fought the Internet Archive on its model of lending out scanned copies of physical books, this is the reason. Publishers have created a model which fundamentally upsets a library’s ability to function. There is no scarcity in bytes, so publishers have created a way to charge more for something limitless, weightless, with nearly no storage costs.

What the Internet Archive did was perhaps a legal long-shot, and I worry about the effects of this suit and the one over shellac 78s. But it is hard not to see publishers as the real villains in this mess. They are consolidating power and charging even legitimate libraries unreasonable amounts of money for electronic copies of books which the publishers and their intermediaries ultimately still control.

RationalWiki Is Being Sued rationalwiki.org

At the beginning of August, Nassim Haramein sued RationalWiki on charges of defamation, conspiracy, and invasion of privacy. Regardless of the merits of the suit — I write, trying not to fall afoul of an obviously litigious individual — RationalWiki is a small, volunteer-run operation and will need legal representation to avoid losing next week by default. The site is currently soliciting donations.

I think the world is better for having RationalWiki in it. If you have the means and would like to chip in, I am sure the administrators there would appreciate it.

Update: RationalWiki has been SLAPP-ed into settling. Donations will go toward a proper legal fund.

Here Are Over Twenty Examples of Google Employees Trying to Avoid Creating Antitrust Evidence 404media.co

Jason Koebler, 404 Media:

The chats show 22 instances in which one Google employee told another Google employee to turn chat history off. In total, the court has dozens of specific employees who have told others to turn history off in DMs or broader group chats and channels. The document includes exchanges like this (each exchange includes different employees) […]

These examples are equal parts amusing, blatant, and telling. I doubt this is isolated; there are probably similar policies standard at other companies. But apparently this was part of Google’s new employee training.

The Economist: Big, Heavy Cars Are Killing More People economist.com

The Economist:

So how big is too big? At what point do the costs of the heaviest vehicles — measured in lives lost — vastly exceed their benefits? To answer this question, The Economist compiled ten years’ worth of crash data from more than a dozen states. Like the data compiled by Messrs Anderson and Auffhammer, our figures come from reports filed by police officers, who are tasked with recording information about car crashes when called to the scene. Although all states collect such data, we focus on those that collect the most detailed figures and share them with researchers. The resulting dataset, which covers more than a third of America’s population, provides us with a sample that is both big and representative.

The results? According to the Economist, “if the heaviest tenth of vehicles in America’s fleet were downsized […] road fatalities in multi-car crashes — which totaled 19,081 in 2023 — could be reduced by 12%, or 2,300, without sacrificing the safety of any cars involved”.

Andre Mayer and Emily Chung, reporting for CBC News in June:

But the ubiquity of SUVs and trucks isn’t an accurate reflection of what people want to drive, say industry analysts.

The trend has been greatly influenced by a combination of savvy marketing, government regulations that incentivize bigger vehicles and limited supply of more modest ones.

Indeed, much of it is driven by one simple economic fact.

“Smaller cars are less profitable,” said Stephanie Brinley, associate director at U.S.-based transportation consultancy S&P Global Mobility.

People are guided to purchase an SUV or truck in the United States and Canada because most cities oblige us to own a vehicle of some kind, but inexpensive cars are not generally available, and other people drive oversized SUVs and trucks which makes us scared of driving anything smaller. Repeat until around 80% of new vehicle sales are various kinds of SUVs and trucks.

This forced market is dangerous for everybody except for those who are inside a large SUV or truck. It means headlights from oncoming traffic at eye level. It means small roads are less navigable and parking spaces need to be made larger. It means roads feel more dangerous so fewer people feel comfortable walking or cycling. It means more people are seriously injured and die. All because these vehicles are more profitable, many cities are inaccessible by other means, automakers have artificially constrained their wares, and people feel roads are competitive instead of cooperative.

Brazil Bans X nucleo.jor.br

Sérgio Spagnuolo, Sofia Schurig, and Pedro Nakamura, Núcleo:

A Supreme Court Justice ordered, on Friday (August 30, 2024), the complete suspension of all access to X (formerly Twitter) across the entire Brazilian territory, in an unprecedented ruling against the social platform.

[…]

In a ruling issued on the afternoon of Aug. 31, Justice Alexandre de Moraes ordered the president of Brazil’s telecom regulator, Anatel, Carlos Manuel Baigorri, to ensure that necessary measures are taken and that internet companies are notified to block the application within 24 hours.

An un-bylined report from Al Jazeera:

At the core of the dispute, de Moraes argues that Musk refused earlier this year to block accounts responsible for the spread of fake news, hate speech and attacks on the rule of law.

At the time, Musk denounced the order as censorship and responded by closing the company’s offices in Brazil while ensuring the platform was still available in the country.

Mike Masnick, Techdirt:

And, of course, as a reminder, before Elon took over Twitter (but while he was in a legal fight about it), he accused the company of violating the agreement because of its legal fight against the Modi government over their censorship demands. I know it’s long forgotten now, but one of the excuses Elon used in trying to kill the Twitter deal was that the company was fighting too hard to protect free speech in India.

And then, once he took over, he not only caved immediately to Modi’s demands, he agreed to block the content that the Modi government ordered blocked globally, not just in India.

So Elon isn’t even consistent on this point. He folds to governments when he likes the leadership and fights them when he doesn’t. It’s not a principled stance. It’s a cynical, opportunistic one.

This is being compared by some to the arrest of Pavel Durov but, again, I am not sure I see direct parallels. This Brazilian law seems, from my Canadian perspective, more onerous and restrictive than those from most other liberal democracies. But I do not know much of anything about Brazilian policy, and perhaps this is in line with local expectations.

This is probably not the reason Bluesky wanted for growing by two million new users in one week.

Elon Musk Is an Influential Idiot Who Should Not Be Arrested for Being Dumb theguardian.com

Robert Reich, former U.S. Secretary of Labor for the Clinton administration and Sam Reich’s dad, wrote about Elon Musk’s political influence in an editorial for the Guardian. It begins as a decent piece, comparing the power of owning a social media platform with Musk’s childlike gullibility — my words, not Reich’s. But, in a section of ideas about what to do, one suggestion seems particularly harmful:

3. Regulators around the world should threaten Musk with arrest if he doesn’t stop disseminating lies and hate on X.

Global regulators may be on the way to doing this, as evidenced by the 24 August arrest in France of Pavel Durov, who founded the online communications tool Telegram, which French authorities have found complicit in hate crimes and disinformation. Like Musk, Durov has styled himself as a free speech absolutist.

There are places where U.S.-style interpretation of free expression is contradicted by local laws and, so, X’s operations must comply. Maybe Musk could be legally responsible in some jurisdiction for things he has said, or for things hosted on a platform he owns. But we should almost never encourage the idea of arresting people for things they say. Yes, there are limits: threats of violence and fraud are both types of generally illegal speech. Yet charging Musk for being a loud public idiot is a very bad idea.

Also, while details about Pavel Durov’s arrest are still solidifying, it does not yet appear he is being held responsible for “hate crimes and disinformation”. According to French prosecutors (PDF), which I translated with DeepL, his charges are mostly about failing to comply with subpoenas and other legitimate legal demands. If X follows legal avenues for either complying with or disputing government demands, then I do not see how Durov’s arrest is even relevant. And, for what it is worth, neither Durov nor Telegram have been “found complicit” in anything. The United States is not the only country which has legal procedures.

In response to Reich’s article, a troll X account posted a screenshot of a 4chan post about “low T men”, itself containing an arguably antisemitic meme, which was quoted by Musk calling it an “interesting observation”. Just more evidence Musk is a big, dumb, rich, influential moron.

Third Circuit’s Section 230 TikTok Ruling techdirt.com

Maryclaire Dale, Associated Press:

A U.S. appeals court revived on Tuesday a lawsuit filed by the mother of a 10-year-old Pennsylvania girl who died attempting a viral challenge she allegedly saw on TikTok that dared people to choke themselves until they lost consciousness.

While federal law generally protects online publishers from liability for content posted by others, the court said TikTok could potentially be found liable for promoting the content or using an algorithm to steer it to children.

Notably, the “Blackout Challenge” or the “Choking Game” is one of few internet challenges for teenagers which is neither a media-boosted fiction nor relatively harmless. It has been circulating for decades, and was connected with 82 deaths in the United States alone between 1995–2007. Which, yes, is before TikTok or even social media as we know it today. Melissa Chan reported in a 2018 Time article that its origins go back to at least the 1930s.

Mike Masnick, of Techdirt, not only points out the extensive Section 230 precedent ignored by the Third Circuit in its decision, he also highlights the legal limits of publisher responsibility:

We have some caselaw on this kind of thing even outside of the internet context. In Winter v. GP Putnam’s Sons, it was found that the publisher of an encyclopedia of mushrooms was not liable for “mushroom enthusiasts who became severely ill from picking and eating mushrooms after relying on information” in the book. The information turned out to be wrong, but the court held that the publisher could not be held liable for those harms because it had no duty to carefully investigate each entry.

Matt Stoller, on the other hand, celebrates the Third Circuit’s ruling as an end to “big tech’s free ride on Section 230”:

Because TikTok’s “algorithm curates and recommends a tailored compilation of videos for a user’s FYP based on a variety of factors, including the user’s age and other demographics, online interactions, and other metadata,” it becomes TikTok’s own speech. And now TikTok has to answer for it in court. Basically, the court ruled that when a company is choosing what to show kids and elderly parents, and seeks to keep them addicted to sell more ads, they can’t pretend it’s everyone else’s fault when the inevitable horrible thing happens.

And that’s a huge rollback of Section 230.

On a legal level, both Masnick and Stoller agree the Third Circuit’s ruling creates a massive change in U.S. internet policy and, because of current structures, the world. But their interpretations of this are in vehement disagreement on whether this is a good thing. Masnick says it is not, and I am inclined to agree. Not only is there legal precedent on his side, there are plenty of very good reasons for why Section 230 is important to preserve more-or-less the way it has existed for decades.

However, it seems unethical for TikTok to have no culpability for how users’ dangerous posts are recommended, especially to children. Perhaps legal recourse is wrong in this case and others like it, yet it just feels wrong for this case to eventually — after appeals and escalation to, probably, the Supreme Court — be summarily dismissed on the grounds that corporations have little responsibility or care for automated recommendations. There is a real difference between teenagers spreading this challenge one-on-one for decades and teenagers broadcasting it — or, at least, there ought to be a difference.

I Think the iPhone Is Getting a Little Bit Harder to Use Because of a Few Small Decisions

I do not wish to make a whole big thing out of this, but I have noticed a bunch of little things which make my iPhone a little bit harder to use. For this, I am setting aside things like rearranging the Home Screen, which still feels like playing Tetris with an adversarial board. These are all things which are relatively new, beginning with the always-on display and the Island in particular, neither of which I had on my last iPhone.

The always-on display is a little bit useful and a little bit of a gimmick. I have mine set to hide the wallpaper and notifications. In this setup, however, the position of media controls becomes unpredictable. Imagine you are listening to music when someone wishes to talk to you. You reach down to the visible media controls and tap where the pause button is, knowing that this only wakes the display. You go in for another tap to pause but — surprise — you got a notification at some point and, so, now that you have woken up the display, the notification slides in from the bottom and moves the media controls up, so you have now tapped on a notification instead.

I can resolve this by enabling notifications on the dimmed lock screen view, but that seems more like a workaround than a solution to this unexpected behaviour. A simple way to fix this would be to not show media controls when the phone is locked and the display is asleep. They are not functional, but they create an expectation for where those controls will be, which is not necessarily the case.

The Dynamic Island is fussy, too. I frequently interact with it for media playback, but it has a very short time-out. That is, if I pause media from the Dynamic Island, the ability to resume playback disappears after just a few seconds; I find this a little disorientating.

I do not understand how to swap the priority or visibility of Dynamic Island Live Activities. That is to say the Dynamic Island will show up to two persistent items, one of which will be minimized into a little circular icon, while the other will wrap around the display cutout. Apple says I should be able to swap the position of these by swiping horizontally, but I can only seem to make one of the Activities disappear no matter how I swipe. And, when I do make an Activity disappear, I do not know how I can restore it.

I find a lot of the horizontal swiping gestures too easy to activate in the Dynamic Island — I have unintentionally made an Activity disappear more than once — and across the system generally. It seems only a slightly off-centre angle is needed to transform a vertical scrolling action into a horizontal swiping one. Many apps make use of “sloppy” swiping — being able to swipe horizontally anywhere on the display to move through sequential items or different pages — and vertical scrolling in the same view, but the former is too easy for me to trigger when I intend the latter.

I also find the area above the Dynamic Island too easy to touch when I am intending to expand the current Live Activity. This will be interpreted as touching the Status Bar, which will jump the scroll position of the current view to the top.

Lastly, the number of unintended taps I make has, anecdotally, skyrocketed. One reason for this is a change made several iOS versions ago to recognize touches more immediately. If I am scrolling a long list and I tap the display to stop the scroll in-place, resting my thumb onscreen is sometimes read as a tap action on whatever control is below it. Another reason for accidental touches is that pressing the sleep/wake button does not immediately stop interpreting taps on the display. You can try this now: open Mail, press the sleep/wake button, then — without waiting for the display to fall asleep — tap some message in the list. It is easy to do this accidentally when I return my phone to my pocket, for example.

These are all little things but they are a cumulative irritation. I do not think my motor skills have substantially changed in the past seventeen years of iOS device use, though I concede they have perhaps deteriorated a little. I do notice more things behaving unexpectedly. I think part of the reason is this two-dimensional slab of glass is being asked to interpret a bunch of gestures in some pretty small areas.

Johnny and Matthew Gaudreau Were Killed by a Driver While Cycling defector.com

Lauren Theisen, Defector:

Columbus Blue Jackets winger Johnny Gaudreau and his brother Matthew were killed by a car while biking in Oldmans Township, New Jersey on Thursday night, according to New Jersey State Police. Johnny was 31, and Matthew was 29.

The brothers, originally from New Jersey, were in the area for their sister Katie’s wedding, which was scheduled for Friday. Around 8:00 p.m., police say, the driver of a Jeep Grand Cherokee hit them from behind while trying to pass an SUV that had made room for the bikers. The driver has been charged with two counts of death by auto, and police suspect that the driver had been drinking.

I am not much of a sports person; I do not really follow hockey. But I knew of Gaudreau as a longtime Calgary Flames player. His death and that of his brother were completely avoidable if this driver had not been drinking, had not attempted to pass so recklessly, or was not driving an SUV.

As Theisen writes, over a thousand cyclists were killed by drivers in 2022 in the United States alone. This is a high-profile tragedy, but not an outlier.

A Blog Post Laments the Widening and Grade Separation of Technology at Its Intersection With Liberal Arts isfeeling.social

Juli Clover, MacRumors:

With the third beta of iOS 18.1, Apple has introduced new Apple Intelligence features for notifications. The notification summarization option that was previously available for the Mail and Messages apps now works with all of your apps.

Matt Birchler posted a video of the screen advertising this feature, showing how the “crazy ones” script could be summarized:

Woof, come up with a better example for this during iOS 18.1 startup, Apple. Sucking all the life out of the “here’s to the crazy ones” piece is a bad look.

Not the worst crime of all time or anything, but not great for those who are upset about AI feature sucking the humanity out of art.

Aside from the gall of simplifying an iconic ad campaign to a single-sentence description, this screen barely makes sense. I am guessing few people receive poems or creative writing in an application’s notifications. Those who do would probably prefer it not be summarized. Surely the whole point of a feature like this is to remove the corporate mumbo jumbo from an executive’s email, or to condense a set of alerts from the same app into a single notification.

Sometimes, it is worth taking a second to think about how things look. Part of what makes new technologies special is how they enable human creativity and expression. Not every new invention will be to that end, but surely technology should not be treated as a goal unto itself. If the showcase use of A.I. summarization is to strip a poem — albeit one written for an ad — down to its literal message, what are we even trying to do here?

Telegram CEO Pavel Durov Formally Charged in France lemonde.fr

Cyrille Louis, Le Figaro, originally in French and translated here with DeepL:

After four days in police custody, Pavel Dourov, founder and boss of the encrypted messaging service Telegram, was indicted in Paris on Wednesday evening by two examining magistrates for a litany of offences relating to organised crime, Paris prosecutor Laure Beccuau announced in a statement. The 39-year-old entrepreneur was released under a strict judicial supervision order, which includes the obligation to post a €5 million bond, to report to the police twice a week and to refrain from leaving French territory.

The charges are related to criminal uses of Telegram’s platform and its refusal to cooperate with authorities. I know there are some people who are worried about the potential implications of this for other services. I am not yet sure whether these concerns are merited.

TJ McIntyre:

Anyway, what legal issues arise from the investigation? The content moderation ones are easiest; if Telegram has been notified of CSAM, etc. and has failed to act then it loses the hosting immunity under Art 6 DSA and may be liable under French law on complicity.

The issue of failure to respond to official requests for data may be more difficult. The Telegram entities seem to be based in multiple non-EU jurisdictions, including the British Virgin Islands and Dubai, and Telegram may attempt to argue that French orders do not have extraterritorial effect.

Adam Satariano and Cecilia Kang, of the New York Times, compared Durov’s arrest to those of Megaupload’s Kim Dotcom and the Silk Road’s Ross Ulbricht, neither of which I find particularly controversial. Perhaps I should; let me know if you think either arrest was unjustified. If Durov knew about criminal activity on Telegram and took little action to curtail it — which seems to be the case — it seems reasonable to hold him accountable for his company’s facilitation of that activity.

And from an un-bylined story in Le Monde:

His [Durov’s] lawyer David-Olivier Kaminski said it was “absurd” to suggest Durov could be implicated in any crime committed on the app, adding: “Telegram complies in all respects with European rules concerning digital technology.”

Separately, Durov is also being investigated on suspicion of “serious acts of violence” towards one of his children while he and an ex-partner, the boy’s mother, were in Paris, a source said. She also filed another complaint against Durov in Switzerland last year.

Maybe Durov is a piece of shit and Telegram sucks and this is also worrisome for civil liberties. But we do not yet have evidence for any of these things yet.

Bluesky’s New ‘Anti-Toxicity’ Features bsky.social

Paul Frazee, on Bluesky’s blog, announced a set of new “anti-toxicity” features. This one seems particularly good:

As of the latest app version, released today (version 1.90), users can view all the quote posts on a given post. Paired with that, you can detach your original post from someone’s quote post.

Quoted posts are a good feature, says someone who writes a website largely built around quotes from others, and I appreciate the benefits they provide. But there are also times when someone could be inundated with hostile mentions because they were quoted by someone with a large audience. This is a good way of allowing them to back out while retaining the feature.

Bluesky continues to do some really interesting stuff — from new things like Starter Packs, to rethinking established norms of social media platforms. I hope it succeeds.

More About Telegram and Pavel Durov’s Arrest techdirt.com

French magistrate Laure Beccuau (PDF) on Monday disclosed the reasons for Pavel Durov’s arrest and detainment. The first two pages are in French; the last two are in English.

Mike Masnick, Techdirt:

In the end, though, a lot of this does seem potentially very problematic. So far, there’s been no revelation of anything that makes me say “oh, well, that seems obviously illegal.” A lot of the things listed in the charge sheet are things that lots of websites and communications providers could be said to have done themselves, though perhaps to a different degree.

Among the things being investigated by French authorities “against person unnamed” — not necessarily Durov — are “complicity” with various illegal communications, money laundering, and providing cryptography tools without authorization or registration. The latter category has raised the eyebrows of many but, I believe, must be read in the context of the whole list of charges. That is, this is not a pure objection to encrypted communications — to the extent Telegram chats may be encrypted — but unauthorized encryption used in complicity with other crimes.

In a way, that might be worse — all forms of communication, no matter whether they are encrypted, are used to facilitate crime. But providers of end-to-end encryption are facing seemingly endless proposals to weaken its protections. I do not think this is France trying to create a backdoor.

I think France is trying to pressure one of its own — Durov is a French citizen — to moderate the massive social network he runs within sensible boundaries. It is proudly carefree, which means it ignores CSAM reports and, according to an April report (PDF) from the Stanford Internet Observatory, does not appear to scan for known CSAM at all.

Telegram appears to believe it is a dumb pipe for users no matter whether they are communicating one-on-one or to a crowd of hundreds of thousands. It seems to think it has no obligation to cooperate with law enforcement in almost any circumstance.

Casey Newton, Platformer:

Anticipating these requests, Telegram created a kind of jurisdictional obstacle course for law enforcement that (it says) none of them have successfully navigated so far. From the FAQ again:

To protect the data that is not covered by end-to-end encryption, Telegram uses a distributed infrastructure. Cloud chat data is stored in multiple data centers around the globe that are controlled by different legal entities spread across different jurisdictions. The relevant decryption keys are split into parts and are never kept in the same place as the data they protect. As a result, several court orders from different jurisdictions are required to force us to give up any data. […] To this day, we have disclosed 0 bytes of user data to third parties, including governments.

It is important to more fully contextualize Telegram’s claim since it does not seem to be truthful. In 2022, Der Spiegel reported Telegram had turned over data to German authorities about users who had abused its platform. However, following an in-app user vote, it seems Telegram’s token willingness to cooperate with law enforcement on even the most serious of issues dried up.

I question whether Telegram’s multi-jurisdiction infrastructure promise is even real, much less protective against legal demands, given it says so in the same FAQ section as its probably wrong “0 bytes of user data” claim. Even so, Telegram says it “can be forced to give up data only if an issue is grave and universal enough” for several unrelated and possibly adversarial governments to agree on the threat. CSAM is globally reviled. Surely even hostile governments could agree on tracking those predators. Yet it seems Telegram, by its own suspicious “0 bytes” statistic, has not complied with even those requests.

Durov’s arrest presents an internal conflict for me. A world in which facilitators of user-created data are responsible for their every action is not conducive to effective internet policy. On the other hand, I think corporate executives should be more accountable for how they run their businesses. If Durov knew about severe abuse and impeded investigations by refusing to cooperate with information the company possessed, that should be penalized.

As of right now, though, all we have are a lot of questions about what this arrest means. There is simply little good information right now, and what crumbs are available lead to yet more confusion.

Mark Zuckerberg Ingratiates Himself With U.S. Republican Politicians ft.com

The extremely normal U.S. House Committee on the Judiciary posted a letter sent from Mark Zuckerberg to Chairman Jim Jordan.1 In it, Zuckerberg says Meta felt “pressured” by the Biden administration to more aggressively moderate users’ posts during the COVID-19 pandemic, that the administration was “wrong” for doing so, and says he “regret[s] that we were not more outspoken about it”.

This is substantially not news. Ryan Tracy of the Wall Street Journal reported last June the existence of these grievances within Meta. To be clear, this is contrition over Meta’s reluctance to more forcefully respond to government complaints about platform moderation. Nevertheless, it set off a wave of coverage about the Biden administration’s social media complaints during the pandemic.

Look a little closer, though, and it is a fairly embarrassing message which comes across less as a “big win for free speech”, as the Committee called it, and more like sophistry. Zuckerberg admits Meta decided its own moderation policy. It chose which actions to take, including issuing a direct response to the administration at the time. The government’s actions were also not as chilling as they sound. Indeed, many of the same issues were raised in Murthy v. Missouri, and were grossly misrepresented to portray U.S. officials as censorial and threatening instead of tense conversations made during a global pandemic.

But I wanted to draw your attention to something specific in Zuckerberg’s letter, as summarized by Hannah Murphy, of the Financial Times:

Zuckerberg also said he would no longer make a contribution to support electoral infrastructure via the Chan Zuckerberg Initiative, his philanthropic group, as he had previously done. The donations totalled more than $400mn and were made to non-profit groups including the Chicago-based Center for Tech and Civic Life. They were intended to make sure local election jurisdictions would have appropriate voting resources during the pandemic, he said. But he added that they had been interpreted as “benefiting one party over the other”.

Zuckerberg does not say who, specifically, interpreted his foundation’s contributions toward promoting information about voting as a somehow partisan effort, nor does Zuckerberg question the validity of these ridiculous complaints. But his concerns about the appearance of personal partisanship do not seem to carry over to his company. To name just one example, Meta is listed as a sponsor of the 2024 Canada Strong and Free Regional Networking Conference, a conservative activist event which this year is hosting Chris Rufo. That sponsorship is what kicked me into writing this whole thing instead of being satisfied with a couple of snarky posts. How is it that Meta will happily contribute to an explicitly partisan group, but Zuckerberg’s foundation promoting the general concept of voting is beyond the pale?

This letter is Zuckerberg ingratiating himself with lawmakers investigating a supposed conspiracy between tech companies, watchdog organizations, and an opposition political party. It is politically beneficial to a specific party and viewpoint. For Zuckerberg, whose objective is nominally to “not play a role one way or another — or to even appear to be playing a role”, this seems like a dishonest choice.


  1. The letter’s paragraphs are fully justified but hyphenation has not been enabled, so it looks like crap and readability is impacted. ↥︎

Here’s the Pitch Deck for CMG’s ‘Active Listening’ Ad Targeting 404media.co

Joseph Cox, 404 Media:

Media giant Cox Media Group (CMG) says it can target adverts based on what potential customers said out loud near device microphones, and explicitly points to Facebook, Google, Amazon, and Bing as CMG partners, according to a CMG presentation obtained by 404 Media.

The deck says things like “smart devices capture real-time intent data by listening to our conversations” which seems like an obviously privacy-hostile invention on its face. But I continue to doubt any of this voice collection is actually happening, no matter how many buzzwords Cox Media Group throws in a PowerPoint presentation, when there is a far simpler explanation: they are lying. It already feels like behavioural advertising is targeting every word we say, so why not lean into that? Unscrupulous marketers love that kind of stuff. Feed them what they want.

If anyone from Cox Media Group would like to prove to me this is happening as described, give me a demo. I would love to see your creepy technology.

Image Fakery in the A.I. Era theverge.com

Jess Weatherbed, the Verge:

Image manipulation techniques and other methods of fakery have existed for close to 200 years — almost as long as photography itself. (Cases in point: 19th-century spirit photography and the Cottingley Fairies.) But the skill requirements and time investment needed to make those changes are why we don’t think to inspect every photo we see. Manipulations were rare and unexpected for most of photography’s history. But the simplicity and scale of AI on smartphones will mean any bozo can churn out manipulative images at a frequency and scale we’ve never experienced before. It should be obvious why that’s alarming.

This excellent piece is a necessary correction for too-simple comparisons between Google’s Reimagine feature and Adobe Photoshop. It also encouraged me re-read my own article about the history of photo manipulation to see if it holds up and, thankfully, I think it mostly does, even as Google’s A.I. editing tools have advanced from useful to irresponsible.

Last year’s features mostly allowed users to reposition and remove objects from their shots. This still seems fine, but one aspect of my description has not aged well. I wrote, in the context of removing a trampoline from a photo of a slam dunk, that Google’s tools make it “a little bit easier […] to lie”. For object removal, that remains true; for object addition — which is what Google’s Reimagine feature allows — it is much easier.

Me:

The questions that are being asked of the Pixel 8’s image manipulation capabilities are good and necessary because there are real ethical implications. But I think they need to be more fully contextualized. There is a long trail of exactly the same concerns and, to avoid repeating ourselves yet again, we should be asking these questions with that history in mind. This era feels different. I think we should be asking more precisely why that is.

Between Weatherbed’s piece and Sarah Jeong’s article on similar themes, I think some better context is rapidly taking shape, driven largely by Google’s decision to include additive features with few restrictions. A more responsible implementation of A.I. additions would limit the kinds of objects which could be added — balloons, fireworks, a big red dog. But, no, it is more important to Google — and X — to demonstrate their technological bonafides.

These technologies are different because they allow basically anyone to make basically any image realistically and on command with virtually no skill. Oh, and they can share them instantly. Two hundred years of faked photos cannot prepare us for the wild ride ahead.

When Elon Musk Turned Blue nytimes.com

Kate Conger and Ryan Mac, in an excerpt from their forthcoming book “Character Limit” published in the New York Times:

Mr. Musk’s fixation on Blue extended beyond the design, and he engaged in lengthy deliberations about how much it should cost. Mr. [David] Sacks insisted that they should raise the price to $20 a month, from its current $4.99. Anything less felt cheap to him, and he wanted to present Blue as a luxury good.

[…]

Mr. Musk also turned to the author Walter Isaacson for advice. Mr. Isaacson, who had written books on Steve Jobs and Benjamin Franklin, was shadowing him for an authorized biography. “Walter, what do you think?” Mr. Musk asked.

“This should be accessible to everyone,” Mr. Isaacson said, no longer just the fly on the wall. “You need a really low price point, because this is something that everyone is going to sign up for.”

I learned a new specific German word today as a direct result of this article: fremdschämen. It is more-or-less the opposite of schadenfreude; instead of being pleased by someone else’s embarrassment, you instead feel their pain.

This is humiliating for everyone involved: Musk, Sacks — who compared Twitter’s blue checkmarks to a Chanel handbag — and Jason Calacanis of course. But most of all, this is another blow to Isaacson’s credibility as an ostensibly careful observer of unfolding events.

Max Tani, of Semafor, was tipped off to Isaacson’s involvement earlier this year by a single source:

“I wanted to get in touch because we’re including an item in this week’s Semafor media newsletter reporting that you actually set the price for Twitter Premium,” I wrote to Isaacson in March. “We’ve heard that while you were shadowing Elon Musk for your book, he told Twitter staff that you had advised him on what the price should be, and he thought it was a good idea and implemented it.”

“Hah! That’s the first I’d heard of this. It’s not true. I’m not even sure what the price is. Sorry,” he replied.

This denial is saved from being a lie only by the grounds that Isaacson did not literally “set the price”, as Tani put it, on the subscription service. In all meaningful ways, though, it is deceptive.

Telegram, the ‘Encrypted Messaging App’ blog.cryptographyengineering.com

An un-bylined report in Le Monde:

French judicial authorities on Sunday extended the detention of the Russian-born founder and chief of Telegram Pavel Durov after his arrest at a Paris airport over alleged offenses related to the popular but controversial messaging app.

I believe it is best to wait until there is a full description of the crimes French authorities are accusing Durov of committing before making judgements about the validity of this arrest. Regardless of what is revealed, I strongly suspect a lot of the more loudmouthed knee-jerk reactionary crowd will look pretty stupid and will, in all likelihood, dig in their heels looking even stupider in the process. Best to wait until we know more.

This Le Monde article goes on to describe Telegram as an “encrypted messaging app”.

Matthew Green:

But this arrest is not what I want to talk about today.

What I do want to talk about is one specific detail of the reporting. Specifically: the fact that nearly every news report about the arrest refers to Telegram as an “encrypted messaging app.” […]

This phrasing drives me nuts because in a very limited technical sense it’s not wrong. Yet in every sense that matters, it fundamentally misrepresents what Telegram is and how it works in practice. And this misrepresentation is bad for both journalists and particularly for Telegram’s users, many of whom could be badly hurt as a result.

Despite the company’s press page saying “[e]verything sent on Telegram is securely encrypted” and building much of its marketing around how “safe” and “secure” it is, there is a big difference between what Telegram does and the end-to-end encryption used by services like Signal and WhatsApp. There is, in fact, no way to enable what Telegram calls “secret chats” by default.

One can quibble with Telegram’s choices. How appealing it is to be using an app which does not support end-to-end encryption by default is very much a user’s choice. But one can only make that choice if Telegram provides accurate and clear information. I have long found Apple’s marketing of iMessage deceptive. Telegram’s explanation of its own privacy and security is far more exploitative of users’ trust.

Sam Altman Does Not Care About You disconnect.blog

Paris Marx:

[…] If he [Sam Altman] was serious about wanting to extend people’s lifespans by 10 years, he wouldn’t be looking at sci-fi fantasies, but at the policies that can deliver those benefits and how to get the US political system to move them forward.

[…]

Silicon Valley claims we can solve these serious social problems through technological innovation. On its face, that might seem to make sense. We can see many examples through history where the rollout of new technologies has improved our quality of life and increased our lifespans. But when tech billionaires use that term, they actually means letting VC-funded tech companies deploy whatever they want on an unsuspecting public with little regulation and no threat of accountability when things go wrong.

One weird thing that happens to me more than it should is that I reserve a bunch of books at the library, each of which has a long queue of other borrowers in front of it, and I assume these books will slowly trickle down to me — but, what actually happens is that all of them become available at the same time. Then I feel compelled to churn through them as quickly as I can so I am able to return them in a timely manner. Anyway, I chased Kyle Chayka’s “Filterworld” with Evgeny Morozov’s “To Save Everything, Click Here”, and I found it particularly thoughtful. I sometimes disagreed with Morozov’s conclusions, but his interrogation of the Silicon Valley ethos is necessary and considered.

The kinds of ideas Marx is writing about here are what Morozov would call “technological solutionism”. These are the procedural changes and supposedly revolutionary products and services intended to produce a desired social outcome when, instead, there are proven effective public policies which ought to be preferred. There might be a role for new technologies, of course, but “biohacking” is not going to be as effective as, say, universal healthcare for extending the lifespan of most people.

‘If 31% of Second Graders Are Actually Using X, I Will Eat My Hat’ businessinsider.com

Katie Notopoulos, Business Insider:

A company that makes parental monitoring software called Qustodio recently released a report about app use for kids and teens based on its analysis of anonymous data from about 180,000 of its US users. Some of the information about what young people are doing online is what you’d expect: teenagers love watching TikTok and using Snapchat; younger kids under 13 are most interested in Roblox (53%) and YouTube (52%).

But there was one statistic that made my head spin: 31% of 7- to 9-year-olds use the X (Twitter) app.

I’m sorry, but … I can’t believe there’s any way in any possible universe that’s true.

The same report found 29% of kids aged 7–9 use Disney Plus and, I am sorry, if you have any faith in this data, please ensure your bullshit detector is better calibrated.

MacOS Should Permit People to Take Risks

Chance Miller, 9to5Mac:

Apple has changed its screen recording privacy prompt in the latest beta of macOS Sequoia. As we reported last week, Apple’s initial plan was to prompt users to grant screen recording permissions weekly.

In macOS Sequoia beta 6, however, Apple has adjusted this policy and will now prompt users on a monthly basis instead. macOS Sequoia will also no longer prompt you to approve screen recording permissions every time you reboot your Mac.

After I wrote about the earlier permissions prompt, I got an email from Adam Selby, who manages tens of thousands of Macs in an enterprise context. Selby wanted to help me understand the conditions which trigger this alert, and to give me some more context. The short version is that Apple’s new APIs allow clearer and more informed user control over screen recording to the detriment of certain types of application, and — speculation alert — it is possible this warning will not appear in the first versions of MacOS Sequoia shipped to users.

Here is an excerpt from the release notes for the MacOS 15.0 developer beta:

Applications utilizing deprecated APIs for content capture such as CGDisplayStream & CGWindowListCreateImage can trigger system alerts indicating they might be able to collect detailed information about the user. Developers need to migrate to ScreenCaptureKit and SCContentSharingPicker. (120910350)

It turns out the “and” in that last sentence is absolutely critical. In last year’s beta releases of MacOS 14, Apple began advising developers it would be deprecating CoreGraphics screenshot APIs, and that applications should migrate to ScreenCaptureKit. However, this warning was removed by the time MacOS 14.0 shipped to users, only for it to reappear in the beta versions of 14.4 released to developers earlier this year. Apple’s message was to get on board — and fast — with ScreenCaptureKit.

ScreenCaptureKit was only the first part of this migration for developers. The second part — returning to the all-important “and” from the 15.0 release notes — is SCContentSharingPicker. That is the selection window you may have seen if you have recently tried screen sharing with, say, FaceTime. It has two agreeable benefits: first, it is not yet another permissions dialog; second, it allows the user to know every time the screen is being recorded because they are actively granting access through a trusted system process.

This actually addresses some of the major complaints I have with the way Apple has built out its permissions infrastructure to date:

[…] Even if you believe dialog boxes are a helpful intervention, Apple’s own sea of prompts do not fulfil the Jobs criteria: they most often do not tell users specifically how their data will be used, and they either do not ask users every time or they cannot be turned off. They are just an occasional interruption to which you must either agree or find some part of an application is unusable.

Instead of the binary choices of either granting apps blanket access to record your screen or having no permissions dialog at all for what could be an abused feature, this picker gives users the control and knowledge over how an app may record their screen. This lacks a scary catch-all dialog in favour of ongoing consent. A user will know exactly when an app is recording their screen, and exactly what it is recording, because that permission is no longer something an app gets, but something given to it by this picker.

This makes sense for a lot of screen recording use cases — for example, if someone is making a demo video, or if they are showing their screen in an online meeting. But if someone is trying to remotely access a computer, there is a sort of Möbius strip of permissions where you need to be able to see the remote screen in order to grant access to be able to see the screen. The Persistent Content Capture entitlement is designed to fix that specific use case.

Even though I think this structure will work for most apps, most of the time, it will add considerable overhead for apps like xScope, which allows you to measure and sample anything you can see, or ScreenFloat — a past sponsor — which allows you to collect, edit, and annotate screenshots and screen recordings. To use these utilities and others like them, a user will need to select the entire screen from the window picking control every time they wish to use a particular tool. Something as simple as copying an onscreen colour is now a clunky task without, as far as I can tell, any workaround. That is basically by design: what good is it to have an always-granted permission when the permissions structure is predicated on ongoing consent? But it does mean these apps are about to become very cumbersome. Either you need to grant whole-screen access every time you invoke a tool (or launch the app), or you do so a month at a time — and there is no guarantee the latter grace period will stick around in future versions of MacOS.

I think it is possible MacOS 15.0 ships without this dialog. In part, that is because its text — “requesting to bypass the system window picker” — is technical and abstruse, written with seemingly little care for average user comprehension. I also think that could be true because it is what happened last year with MacOS 14.0. That is not to say it will be gone for good; Apple’s intention is very clear to me. But hopefully there will be some new APIs or entitlement granted to legitimately useful utility apps built around latent access to seeing the whole screen when a user commands. At the very least, users should be able to grant access indefinitely.

I do not think it is coincidental this Windows-like trajectory for MacOS has occurred as Apple tries to focus more on business customers. In an investor call last year, Tim Cook said Apple’s “enterprise business is growing”. In one earlier this month, he seemed to acknowledge it was a factor, saying the company “also know[s] the importance of security for our users and enterprises, so we continue to advance protections across our products” in the same breath as providing an update on the company’s Mac business. This is a vague comment and I am wary of reading too much into it, but it is notable to see the specific nod to Mac enterprise security this month. I hope this does not birth separate “Home” and “Professional” versions of MacOS.

Still, there should be a way for users to always accept the risks of their actions. I am confident in my own ability to choose which apps I run and how to use my own computer. For many people — maybe most — it makes sense to provide a layer of protection for possibly harmful actions. But there must also be a way to suppress these warnings. Apple ought to be doing better on both counts. As Michael Tsai writes, the existing privacy system “feels like it was designed, not to help the user understand what’s going on and communicate their preferences to the system, but to deflect responsibility”. The new screen recording picker feels like an honest attempt at restricting what third-party apps are able to do without the user’s knowledge, and without burdening users with an uninformative clickwrap agreement.

But, please, let me be riskier if I so choose. Allow me to let apps record the entire screen all the time, and open unsigned apps without going through System Settings. Give me the power to screw myself over, and then let me get out of it. One does not get better at cooking by avoiding tools that are sharp or hot. We all need protections from our own stupidity at times, but there should always be a way to bypass them.

The Upcoming iOS Changes for E.U. Users Are Making Me Jealous developer.apple.com

Apple today announced forthcoming iOS changes for E.U. users, including a more informative first-run browser choice screen — one that will require users to scroll to the bottom before confirming — and the ability to delete every default app except Phone and Settings. Also, this:

For users in the EU, iOS 18 and iPadOS 18 will also include a new Default Apps section in Settings that lists defaults available to each user. In future software updates, users will get new default settings for dialing phone numbers, sending messages, translating text, navigation, managing passwords, keyboards, and call spam filters. To learn more, view Update on apps distributed in the European Union.

The way this works currently is the user taps on any app capable of being set as a default for a particular category, then taps the submenu for setting the default app, then picks whichever. If you want to set DuckDuckGo as your default browser, for example, you can do so from the Default Browser App submenu in DuckDuckGo, Safari, or any other web browser app you have installed.

I do not think this is particularly confusing, but I do think the version Apple is creating specifically for the E.U. is a far clearer piece of design. Not only is it what I would be looking for if I were trying to change a default app, it also tacitly advertises the ability to customize an iPhone or iPad. It is a solution designed to appease regulators and, in doing so, makes things better for users. It reminds me of the European regulator influenced version of the Amazon Prime cancellation flow which, for users, is far superior to the one available elsewhere.

If someone were designing visual interfaces for clarity, they would end up with the European version of these screens. Which makes me half-wonder — and half-assume — the motives for designing them the other way.

Niléane, MacStories:

These changes to the browser choice screen and the ability to select new default apps on iOS and iPadOS come a few months after the European Commission announced their intention to open a non-compliance investigation against Apple in regard to the DMA.

It is unclear to me if Apple needs to publicly announce these changes in order to allow regulators to review them. I imagine there is not a confidential process by design, perhaps to put public pressure on gatekeepers to follow through with proposed updates.

Still, I am hopeful changes like the Default Apps screen will both appease regulators and become available globally. Perhaps Apple will never enable third-party app stores elsewhere until forced by law, but there are many features created to satisfy E.U. regulators which I believe would benefit iPhone and iPad users everywhere.

Our Changing Assumptions About Photography theverge.com

Sarah Jeong, the Verge:

If I say Tiananmen Square, you will, most likely, envision the same photograph I do. This also goes for Abu Ghraib or napalm girl. These images have defined wars and revolutions; they have encapsulated truth to a degree that is impossible to fully express. There was no reason to express why these photos matter, why they are so pivotal, why we put so much value in them. Our trust in photography was so deep that when we spent time discussing veracity in images, it was more important to belabor the point that it was possible for photographs to be fake, sometimes.

This is all about to flip — the default assumption about a photo is about to become that it’s faked, because creating realistic and believable fake photos is now trivial to do. We are not prepared for what happens after.

I have written about the long history of manipulated photographs, but I think Jeong’s framing accurately captures how these new technologies will shift expectations of how they reflect reality. There is a key difference between something which has always been possible, and something which is increasingly simple. I am not sure if there will be a critical mass moment, but the slide — first gradual and then sudden — is worth reckoning with. The mere threat that just anyone is able to make convincing fakes is reason enough to erode reality.

Here is a little postscript to that earlier piece I wrote about A.I.-faked images and to another I wrote about altered images in news coverage. One of the most-downloaded generated images on Adobe Stock in searches for war-related material depicts a rose growing in rubble. When I reverse-searched the image, I stumbled across a different version of the same concept:

Image of a rose growing from a crack in the pavement

This picture has been reproduced widely across the web; I got this one from a tweet. It is often accompanied by the text of the third verse of Tupac Shakur’s “The Rose That Grew From Concrete”. Look at the annotation in that link to the lyrics website Genius, and you will see the same image. Look a little closer and you will see the watermark in the lower-left corner: this image is by a user of Worth1000.com.

For those not already familiar, Worth1000 was a long-running contest site with separate categories for photo manipulation and photography. The site was acquired by DesignCrowd which, until recently, preserved an archive of the contests.

Here is where things get strange. As I was looking into this image, I was sure I would find it was entered in one of Worth1000’s Photoshop contests. Then I could write an article about the parallels between an A.I.-generated image and one faked by a person, and that would be very neat. But after coming up empty-handed in my searches for it in the Photoshop contests section, I looked in the photography contests — and found it in “Song Title Literalisms 2010” entered by a user named “Supagray”. I had a link to that contest to prove my point but, sadly, DesignCrowd erased its archives sometime in the past year. I tried tracking down this “Supagray” user, but was unsuccessful.

I really thought my expectations would be proven correct — that I would find this image was created in software. All the indicators were there. But I was wrong. I do not find it an especially interesting photo. But I appreciate the user who made it found a way to capture it for real, probably by jamming a grocery store rose into some pavement. Maybe we will collectively experience a similar feeling when we know an improbable image was not generated by A.I. tools, but was actually made for real.

If we do, it will likely pale in comparison to the number of times the opposite will be true — or, perhaps more often, when it is even possible the opposite could be true. Since anyone can now radically and realistically alter an entire scene within minutes of taking a photo, our expectations need to change. But we still need to be able to believe real newsworthy photos and videos are, indeed, real.

Discovering New Music in 2024 technologyreview.com

Tiffany Ng wrote a fantastic article for MIT Technology Review about the gradient of recommendations that runs between the automated and the more personal. I think the whole thing is worth reading — call it a personal recommendation — but I wanted to highlight a few specific things in no particular order. First:

Music enthusiasts are creating new ways to reinvigorate this sense of curiosity, building everything from competitive recommendation leagues to interactive music maps. Before streaming, discovering music was work that brought a distinctly emotional reward. […] Sharing music was a much more personal, peer-to-peer exercise, and making a mixtape for a crush was a substantial labor of love. […]

This is followed by an immediate comparison to today’s automated systems which allow anyone to generate a playlist with little effort or emotional investment. This is an agreeable argument, but I also think much of the emotional connection comes from the personal connection the giver — and, ideally, the recipient — are hoping to achieve. Put another way, if you found someone else’s mixtape on the ground, you might treat its recommendations as barely more consequential than those from Apple Music or Spotify.

Next:

Similar to Music League is a private Facebook community called Oddly Specific Playlists, a group that connects users from all corners of the internet with playlists inspired by (as the name suggests) very specific things. […]

“If a social network is any good, then it has to have some actual people putting new content into the ecosystem and organizing it in a coherent way — like someone making a hand-curated playlist,” says Kyle Chayka, a New Yorker staff writer and author of Filterworld: How Algorithms Flatten Culture. That’s just what the members of Oddly Specific Playlists do, even if the results can be hard to manage.

Oddly Specific Playlists reminds me of a long-defunct service called the Yams. The Yams allowed members to text one of their operators with playlist requests using as specific or as vague language as you wanted. When I asked Shannon Connolly, CEO of the Yams, about scalability she mentioned having a larger staff, but I still had concerns about its longevity — concerns that were, it turns out, sadly justified. A Facebook group of hundreds of thousands of people sure is one way to achieve a similar result at scale.

Also, I just finished Chayka’s book, and I did not love it. The premise is very good: how our world is shaped by automated recommendation features created by companies with their own motives. But few of the examples felt complete and I did not feel like I was learning much. Chayka spent too many pages on the interior design trends of coffee shops and Airbnbs. You may like it more than I did, and if you are looking for something along similar lines, I preferred Tom Vanderbilt’s “You May Also Like” and especially Cathy O’Neil’s “Weapons of Math Destruction”.

One last thing:

Alex Antenna, who has created a website called Unchartify to offer a more manual way of navigating Spotify’s database, attributes these pigeonholes to Spotify’s push for personalization. He built his site to bypass the plethora of “made for you” playlists and highlight lesser-known corners of Spotify’s database.

Unchartify is extremely cool, and you do not need to be a Spotify user to take advantage of it — just click “continue as guest” on the homepage. You can browse by genre or, more helpfully, begin with an artist, album, or label you already like and fall down a narrowing genre rabbit hole.

A Camera Is Only as Good as the Photographer Holding It lensandwhisk.substack.com

Erin Brooks:

I use many brands of cameras for my professional work: Leica, FujiX, Canon, as well as Zeiss attachments for my phone. But the fact remains that more than 50% of my work continues to be shot on iPhone, using the native camera app, and editing in Lightroom Mobile, because it’s the camera I have with me. The photo I took that won this year’s award was taken in a very brief quiet moment, in an otherwise busy aquarium, of my young nephew who never stands still for longer than a second. The 2016 photo was similar: my then toddler gave me a very small window in which she was willing to sit there with the leaf that matched her eyes.

Do check out Brooks’ stunning work in this post, and the images created by her and other photographers in this year’s iPhone Photography Awards gallery. But notice how, as Brooks points out, very little of it depends solely on the technology in hand. Yes, some of the finalists in this year’s awards are using very recent iPhone models; others, though, are not, and I do not think it detracts from the work they have created. Even the Portrait Mode glitch I think I see in one photo is completely fine.

Photographers have captured memorable images on everything from the best medium- and large-format cameras, to instant cameras with expired film. But catching those specific moments? That is all on the photographer. Sometimes it is the result of exceptional planning; at other times, it is a lucky catch. A good photographer can prepare for the former and anticipate the latter. I think Brooks is right: I think people are getting better at this.

We Do Not Need Another iPod for Streaming TV, We Need an iTunes spyglass.org

M.G. Siegler:

Just close your eyes and imagine a single interface where all the world’s content is served up to you and you’re just one click away from watching any of it. Not a few clicks and navigating some other UI. Not a click and a dialog box saying you can’t access the content. Just a click and you’re watching.

This sounds like… well, iTunes. Or if you want to use the heir apparent in our streaming age: Spotify. Again, that’s sort of the dream. That interface and ease of use, but for all video content. No more need to use Google to see which show is playing on what service. Or which movie is coming when to a streaming service you already subscribe to. It all just works.

We almost had this in the first years of Netflix, when it was chock full of licensed movies and shows you could stream on demand. Then the handful of large corporations responsible for all layers of media production and distribution realized they could stream their own library. Now, over half of Netflix’s library is original movies and shows, and it competes with Disney Plus, Hulu (also owned by Disney), Max (owned by Warner), and Peacock (owned by NBCUniversal). As Siegler points out, all of these are being offered in various bundle deals. Canadian ISP Rogers, for example, includes Disney Plus access in cable TV subscriptions.

I think people would love a model more similar to streaming music. I think media conglomerates would hate it. Their relationship with the iTunes Store was less stable than music labels’, and they continue to be more interested in fighting illegal copies of their media than in trying to meet viewers where they already are.

The Conservative Party of Canada Is Nationalistic but Not Patriotic theguardian.com

Leyland Cecco, the Guardian:

Canada’s Conservative party has deleted a social media campaign video with a heavily nationalist message after much of the video featured scenes from other countries, including Ukrainian farmers, Slovenian homes, London’s Richmond Park and a pair of Russian fighter jets.

I am deliberately linking to the Guardian because this is an international embarrassment. There are many nonsensical things about this ad — the nauseating jingoism, the hyper-specific view of what a Canadian family looks like, and the hack messaging. But it is wild how much of this footage actively avoids being Canadian when you consider the microstock photography model effectively began in Calgary, hometown of Conservative Party leader Pierre Poilievre. There are so many stock photo and video providers based in this city alone, including Dissolve and Hero Images to name just two; there are more elsewhere in the province, such as Indigenous Images.

Yet, it is not surprising this party’s nationalist rhetoric is not matched by patriotic behaviour. Most of Canada’s major political parties operate some kind of merch store. The t-shirts sold by the Liberal Party are made in Canada. The Green Party’s merchandise is printed in B.C. by a local business. The New Democratic Party does not operate a store, but donors can get a t-shirt which is, based on what I can find, made and printed in Canada. NDP leader Jagmeet Singh previously offered merch made in Vancouver.

The Conservative Party’s merch, on the other hand, does not appear to be made in Canada. All of their t-shirts are “made with ancient dyes, no Liberal nonsense” — I do not know what they mean by that try-hard politicisation of clothing dyes — but I did not get a reply to my email asking where they were made. As with the stock video used in the ad, it is not as though there are no Canadian t-shirt manufacturers — far from it. But I guess the Conservative Party is less interested in actually supporting local businesses than it is in saying it does.

National Public Data’s Collection Suddenly Very Public krebsonsecurity.com

Lawrence Abrams, Bleeping Computer:

Almost 2.7 billion records of personal information for people in the United States were leaked on a hacking forum, exposing names, social security numbers, all known physical addresses, and possible aliases.

The data allegedly comes from National Public Data, a company that collects and sells access to personal data for use in background checks, to obtain criminal records, and for private investigators.

National Public Data is believed to scrape this information from public sources to compile individual user profiles for people in the US and other countries.

Troy Hunt, creator of Have I Been Pwned?:

So, this data appeared in limited circulation as early as 3 months ago. It contains a huge amount of personal information (even if it isn’t “2.9B people”), and then to make matters worse, it was posted publicly last week:

[…]

[…] Instead, we’re left with 134M email addresses in public circulation and no clear origin or accountability. […]

Connor Jones, the Register:

The data broker at the center of what may become one of the more significant breaches of the year is telling officials that just 1.3 million people were affected.

Jones got this number from a report National Public Data was required to file with the Maine attorney general which, for whatever reason, is not embedded or linked to in this story — here it is. My bet is National Public Data is bad at filing breach notifications. It says, for example, the breach was discovered “December 30, 2023”, the same day on which it occurred. Yet in the notice it is mailing to affected Maine residents, it says there were “potential leaks of certain data in April 2024 and summer 2024”, which would be difficult to know in December 2023.

Brian Krebs:

New details are emerging about a breach at National Public Data (NPD), a consumer data broker that recently spilled hundreds of millions of Americans’ Social Security Numbers, addresses, and phone numbers online. KrebsOnSecurity has learned that another NPD data broker which shares access to the same consumer records inadvertently published the passwords to its back-end database in a file that was freely available from its homepage until today.

This is not the first time a huge amount of compromised data has been traced back to some legitimate but nevertheless scummy broker. There was Exactis with 340 million records, People Data Labs with 622 million, and Apollo with around 200 million. The only reason most of us have heard of these businesses is because they hoard our information and — critically — do not protect it. These giant brokers evidently do not care about basic data privacy practices and should not be allowed to operate, and their executives should be held responsible for their failure.

About That ‘A.I. Upgrade’ semafor.com

Reed Albergotti, Semafor:

Google’s Android phones are about to get an AI upgrade.

The company’s flagship AI model, Gemini, will replace Google Assistant as the default service on Android phones in the coming weeks, the company announced Tuesday.

Joanna Stern, Wall Street Journal:

When I asked it to set a timer, it said it couldn’t do that — or set an alarm — “yet.” Gemini Live is a big step forward conversationally. But functionally, it’s a step back in some ways. One big reason: Gemini Live works entirely in the cloud, not locally on a device. Google says it’s working on ways for the new assistant to control phone functions and other Google apps.

This is nitpicking, I know, but I have to wonder about the disconnect between what executives believe is an improvement compared to how people actually use their phones. Maybe I have been ruined by Siri’s inability to do much else reliably, but setting timers and alarms is a core function of a voice-controlled software assistant for me. Google’s live, conversational assistant is remarkable, to be sure. Yet I am not sure I would consider it an “upgrade” if it no longer supports the feature I use most.

When You Are in the Ad Business, Every Flat Surface Is a Billboard ft.com

Scharon Harding, Ars Technica:

Over the past few years, TV makers have seen rising financial success from TV operating systems that can show viewers ads and analyze their responses. Rather than selling as many TVs as possible, brands like LG, Samsung, Roku, and Vizio are increasingly, if not primarily, seeking recurring revenue from already-sold TVs via ad sales and tracking.

[…]

Walmart’s proposed Vizio acquisition is an obvious example of how eager retailers and advertisers are to access data collected from TVs. Through its Platform+ business unit, Vizio was one of the first OEMs to focus more business on ad sales and tracking than hardware.

Gregory Meyer, Financial Times:

Yet Walmart disclosed in an earnings release this week that its US advertising business had grown 30 per cent in the past year, rocketing past the growth rate of the company as a whole.

[…]

“After you click on an ad at a general-purpose search engine, they don’t know what you did after that,” said Ryan Mayward, senior vice-president of retail media sales at Walmart US. “We capture the click and we also know that you checked out and bought those specific things after you were exposed [to] or interacted with the ads. That’s the core value [proposition] of retail media versus other types of media.”

Mayward told Meyer Walmart intends to install screens throughout its stores: at department counters, on dedicated wall space, and at checkstands. All of these are primarily for ads. If there was ever a time retailers were worried about how tacky this would look, those days are over. Instead, every digital and physical surface is an opportunity for showing a typically ugly ad.

But all this is an evolution of existing tolerances. Ads already play over the in-store speaker system. Manufacturers already pay retailers slotting fees to get products on shelves; paying for ad space is another negotiating opportunity. Ad views are already linked to credit card transactions. Television is ad-supported and so is streaming. This is just more — and worse. I cannot imagine any person wants to be increasingly surrounded by aggressive and distracting ads; our built environment is planned by cynical people who also surely do not want to live in the world they are creating.

A Web Eraser by Any Other Name

Marko Zivkovic, in an April report for AppleInsider, revealed several new Safari features to debut this year. Some of them, like A.I.-based summarization, were expected and shown at WWDC. Then there was this:

Also accessible from the new page controls menu is a feature Apple is testing called “Web Eraser.” As its name would imply, it’s designed to allow users to remove, or erase, specific portions of web pages, according to people familiar with the feature.

WWDC came and went without any mention of this feature, despite its lengthy and detailed description in that April story. Zivkovic, in a June article, speculated on what happened:

So, why did Apple remove a Safari feature that was fully functional?

The answer to that question is likely two-fold — to avoid controversy and to make leaked information appear inaccurate or incorrect.

The first of these reasons is plausible to me; the second is not. In May, Lara O’Reilly of Business Insider reported on a letter sent by a group of publishers and advertisers worried Apple was effectively launching an ad blocker. Media websites may often suck, but this would be a big step for a platform owner to take. I have no idea if that letter caused Apple to reconsider, but it seems likely to me it would be prudent and reasonable for the company to think more carefully about this feature’s capabilities and how it is positioned.

The apparent plot to subvert AppleInsider’s earlier reporting, on the other hand, is ludicrous. If you believe Zivkovic, Apple went through the time and expense of developing a feature so refined it must have been destined for public use because there is, according to Zivkovic, “no reason to put effort into the design of an internal application”,1 then decided it was not worth launching because AppleInsider spoiled it. This was not the case for any other feature revealed in that same April report for, I guess, some top secret reason. As evidence, Zivkovic points to several products which have been merely renamed for launch:

A notable example of this occurred in 2023, when Apple released the first developer betas of its new operating system for the Apple Vision Pro headset. Widely expected to make its debut under the name xrOS, the company instead announced “visionOS.”

Even then, there were indications of a rushed rebrand. Apple’s instructional videos and code from the operating systems contained clear mentions of the name xrOS.

Apple renamed several operating system features ahead of launch. To be more specific, the company renamed its Adaptive Voice Shortcuts accessibility feature to Vocal Shortcuts.

As mentioned earlier, Intelligent Search received the name Highlights, while Generative Playground was changed to “Image Playground.” The name “Generative Playground” still appears as the application title in the recently released developer betas of Apple’s operating systems.

None of these seem like ways of discrediting media. Renaming the operating system for the Vision Pro to “visionOS” makes sense because it is the name of the product — similar to tvOS and iPadOS — and, also, “xrOS” is clunky. Because of how compartmentalized Apple is, the software team probably did not know what name it would go by until it was nearly time to reveal it. But they needed to call it something so they could talk about it in progress meetings without saying “the spatial computer operating system”, or whatever. This and all of the other examples just seem like temporary names getting updated for public use. None of this supports the thesis that Apple canned Web Eraser to discredit Zivkovic. There is a huge difference between replacing the working name of a product with one which has been finalized, and developing an entire new feature only to scrap it to humiliate a reporter.

Besides, Mark Gurman already tried this explanation. In a March 2014 9to5Mac article, Gurman reported on the then-unreleased Health app for iOS, which he said would be named “Healthbook” and would have a visual design similar to the Passbook app, now known as Wallet. After the Health app was shown at WWDC that year, Gurman claimed it was renamed and redesigned “late in development due to the leak”. While I have no reason to doubt the images Gurman showed were re-created from real screenshots, and there was evidence of the “Healthbook” name in early builds of the Health app, I remain skeptical it was entirely changed in direct response to Gurman’s report. It is far more likely the name was a placeholder, and the March version of the app’s design was still a work in progress.

The June AppleInsider article is funny in hindsight for how definitive it is in the project’s cancellation — it “never became available to the public”; it “has been removed in its entirety […] leaving no trace of it”. Yet, mere weeks later, it seems a multitrillion-dollar corporation decided it would not be bullied by an AppleInsider writer, held its head high, and released it after all. You have to admire the bravery.

Juli Clover, of MacRumors, was first early to report on its appearance in the fifth beta builds of this year’s operating systems under a new name (Update: it seems like Cherlynn Low of Engadget was first; thanks Jeff):

Distraction Control can be used to hide static content on a page, but it is not an ad blocker and cannot be used to permanently hide ads. An ad can be temporarily hidden, but the feature was not designed for ads, and an ad will reappear when it refreshes. It was not created for elements on a webpage that regularly change.

I cannot confirm but, after testing it, I read this to mean it will hide elements with some kind of identifier which remains fixed across sessions — an id or perhaps a unique string of classes — and within the same domain. If the identifier changes on each load, the element will re-appear. Since ads often appear with different identifiers each time and this feature is (I think) limited by domain, it is not an effective ad blocker.

Zivkovic’s follow-up story from after Distraction Control was included in an August beta build is, more or less, a rehashing of only the first explanation for the feature’s delay from what he wrote in June, never once commenting on his more outlandish theory:

Based on the version of Distraction Control revealed on Monday, it appears as though Apple wanted to distance itself from Web Eraser and the negative connotations surrounding the feature.

As mentioned earlier, the company renamed Web Eraser to Distraction Control. In addition to this, the fifth developer beta of iOS 18 includes a new pop-up message that informs users of the feature’s overall purpose, making it clear that it’s not meant to block ads.

It has been given a more anodyne name and it now has a dialog box.

Still, this shows Zivkovic’s earlier report was correct: Apple was developing an easy-to-use feature to hide page elements within Safari and it is in beta builds of the operating systems launching this year. Zivkovic should celebrate this. Instead, his speculative June report makes his earlier reliable reporting look shaky because, it would seem, he was too impatient to wait and see if the feature would launch later. That would be unusual for Apple but still more likely than the company deciding to cancel it entirely.

The August report also adds some new information but, in an effort to create distance between Web Eraser and Distraction Control, Zivkovic makes some unforced errors:

When it comes to ads, pre-release versions of Web Eraser behaved differently from the publicly available Distraction Control. Internal versions of the feature had the ability to block the same page element across different web pages and maintained the users’ choice of hidden elements even after the page was refreshed.

This description of the Distraction Control behaviour is simply not true. In my testing, page elements with stable identifiers remain hidden between pages on the same domain, after the page has been refreshed, and after several hours in a new browser tab.

Zivkovic should be thrilled about his April scoop. Instead, the two subsequent reports undermine the confidence of that first report and unnecessarily complicate the most likely story with baseless speculation that borders on conspiracy theories. From the outside, it appears the early rumour about Web Eraser was actually beneficial for the feature. Zivkovic accurately reported its existence and features. Publishers, worried about its use as a first-party ad blocker, wrote to Apple. Apple delayed the feature’s launch and, when it debuted, gave it a new name and added a dialog box on first use to clarify its intent. Of course, someone can still use Distraction Control to hide ads but, by being a manual process on a per-domain basis, it is a far more tedious process than downloading a dedicated ad blocker.

This was not a ruse to embarrass rumour-mongers. It was just product development: a sometimes messy, sometimes confusing process which, in this case, seemed to result in a better feature with a clearer scope. Unless someone reports otherwise, it does not need to be much more complicated than that.


  1. If Zivkovic believes Apple does not care much about designing things for internal use only, he is sorely mistaken. Not every internal tool is given that kind of attention, but many are. ↥︎

Apple’s Inconsistency Begets More Inconsistency on.substack.com

I quoted Steve Jobs the other day; here is another one courtesy of a 2006 interview with Brian Williams which, in its re-uploaded form, has been bizarrely stabilized relative to each face in a way that is difficult to describe and nauseating to watch:

Brands are like bank accounts. You can have withdrawals and you can have deposits.

So if a customer has a great experience — they buy an iPod and they love it — that’s a deposit into our brand account in their mind. If you buy something from us and you have a bad experience, then it’s a withdrawal.

Today, Apple spent big from its brand account. While there are some who are upset with Patreon for having an iOS app in the first place, the overwhelming frustration is justifiably directed toward Apple.

As upsetting as it is, I cannot say I am surprised by any beat in this story. First, Apple decided to, for years, treat Patreon pledges as something other than In-App Purchases against which it would normally levy a commission. But that could not last forever because Apple would — as it has several times before — want to reclassify pledges to get what it feels is its cut. It is now going to require Patreon treat them as subscriptions, similar to Substack.

Hamish McKenzie, Substack’s co-founder, is more positive toward Apple’s In-App Purchase system, but notes how it does not really fit with authorship by individuals or small teams:

But creators aren’t Apple’s traditional customers. They’re not app makers or game developers. They don’t actually have a piece of real estate in the App Store. They instead find their distribution through media platforms, including the likes of Patreon and Substack. It might feel weird for someone who publishes a podcast through Patreon, or a publication through Substack, to receive the same treatment from Apple as Netflix.

John Gruber, in linking to my piece from earlier, also mentioned the Substack parallels:

Lastly, I suppose it’s implicit here that a lot of Patreon users go through the iOS app. But I can’t help but think they should do what Substack does and just not allow paid subscriptions through the app. I just double-checked this was still true, and it seems to be. Substack’s iOS app lets you subscribe only to free subscriptions in-app. If you tap “Manage Subscription” in the app, you’re presented with a sheet that says, unhelpfully, “You cannot manage your subscription in the app.” (It’s Apple’s odious anti-steering rules that disallow apps like Substack from explaining where you can manage your subscription, which, of course, is on the web.)

I also wondered why the Patreon app could not simply be a viewer for subscriptions a user has purchased elsewhere. My understanding is that Apple has raised objections by invoking rule 3.1.3(b):

Apps that operate across multiple platforms may allow users to access content, subscriptions, or features they have acquired in your app on other platforms or your web site, including consumable items in multi-platform games, provided those items are also available as in-app purchases within the app.

This is the rule for what Apple calls a “Multiplatform Service”, which is somehow different from a “‘Reader’ App” that allows users to subscribe to “magazines, newspapers, books, audio, music, and video”. A “reader” app does not have to provide In-App Purchases which are equivalent to those available outside the app, but a “Multiplatform Service” does. It seems likely to me both Patreon and Substack are “Multiplatform Services” in Apple’s view.

Substack does have several subscriptions available as In-App Purchases, according to its App Store page and the app itself. I am not sure this is true of all newsletters because Apple only lists ten popular In-App Purchases on the app’s page. It seems you can manage a subscription from within the app only if you paid for it from within the app; if you paid for your subscription on Substack’s website, you can only manage it there, and you get the notice Gruber quoted if you try from inside the app. Oddly, I can also read paid issues from within the Substack app for a newsletter which does not have an In-App Purchase option because it is no longer active on Substack. Perhaps it once did and that is why viewing this subscription is allowed.

Maybe Substack is a “reader” app that just so happens to provide In-App Purchases for some newsletters. More likely it is a “Multiplatform Service” that treats subscriptions purchased in the app as different products from those made externally, and the app merely allows access to the latter. It seems Apple is requiring Patreon to be consistent with Substack which, as it stands, is inconsistent with “reader” apps — even though Substack is more of a reading app than Netflix — and does not permit a transaction-free experience.

Patreon’s iOS App Will (Now) Be Forced to Use In-App Purchasing Instead of Its Safari-Based System news.patreon.com

For years, the Patreon app on iOS has allowed users to buy digital subscriptions without using Apple’s In-App Purchases model.1 Instead, it throws up a Safari sheet with its own payment form. In 2021, Jacob Kastrenakes, of the Verge, contrasted this with the mandate given to Fanhouse, a similar platform, to use In-App Purchases. Kastrenakes followed up a few weeks later after Jack Conte, Patreon’s CEO, was interviewed for the “Decoder” podcast:

Patreon has been one of the odd exceptions to the rule. The platform’s iOS app has been able to accept payments outside of Apple’s in-app purchase system, which lets the company walk around that 30 percent cut. Conte suggests this may be allowed because users don’t come to Patreon to discover creators and content. “A lot of the actual engagement is happening on other platforms … So it’s just not the primary behavior that’s happening on Patreon,” Conte said. The Verge has reached out to Apple for comment.

That is a fair argument. Apple says its cut reflects services it provides, mostly marketing, though it does also admit it is just making money off its platform because it can. Patreon users do not benefit from the former. If Apple promotes In-App Purchases from third-party developers at all, I could not find an example in the App Store. Even if it did, Apple would not be a bigger draw for fans of people who make their living on Patreon than those individuals themselves.

Even so, Apple is now demanding Patreon make the switch:

As we first announced last year, Apple is requiring that Patreon use their in-app purchasing system and remove all other billing systems from the Patreon iOS app by November 2024.

This has two major consequences for creators:

  • Apple will be applying their 30% App Store fee to all new memberships purchased in the Patreon iOS app, in addition to anything bought in your Patreon shop.

  • Any creator currently on first-of-the-month or per-creation billing plans will have to switch over to subscription billing to continue earning in the iOS app, because that’s the only billing type Apple’s in-app purchase system supports.

That earlier announcement was made in December 2023 and it seems as though Apple did not provide a specific date, just a rough timeframe.

This is both a naked attempt to take an outsized cut from independent creative professionals, and a more consistent treatment of In-App Purchases. There are so many unanswered questions. Why was Patreon allowed an exemption in the first place, and for so long? Why did Apple change its mind late last year but also permit a long transition period which Patreon will complete next November? What changed? It is not as though Patreon is untrustworthy, or that cancelling a subscription is a laborious Amazon-like or New York Times-esque process.

Steve Troughton-Smith:

If you in the EU had left the App Store and were offering your app in an Alternative Marketplace and using Patreon as the monetization behind it, and your users are subbing in the Patreon app, now Apple will be taking the Core Technology Fee plus 30% of your revenue. They can tax both sides of the equation.

This would be similarly true for any Patreon competitor. Apple seems to believe it is entitled to a share of any financial gain from its platforms — except for physical goods, or transactions made through Mac apps distributed outside the App Store.

The 30% fee is also notable. As far as I can tell, only a handful of Patreon users would exceed the million-dollar annual threshold for Apple’s Small Business Program. That is, everyone who earns less than a million dollars per year through iOS Patreon pledges should, in theory, fork over a 15% commission rate to Apple. But it appears it is Patreon itself which is subject to the 30% rate. Whether that decision was made by Apple or Patreon, or if it is something which is a consequence of how App Store billing works, is unclear to me. But one thing is true regardless: Apple’s 30% commission is at least double the rate charged by Patreon itself, and only the latter has any material effect on the relationship between a creative professional and their supporters.

Update: In response to a question about whether Patreon would support the third-party payment options available in the U.S., E.U., and elsewhere, a spokesperson told me the company has “looked into alternate options but those also come with complex Apple requirements. Right now, because of these requirements, we do not believe they are viable options for Patreon nor do we believe they would result in a better experience for fans or creators”.


  1. Hey, I have not plugged mine in a while. ↥︎

Former President Promotes Fringe Theory About Crowds at Kamala Harris Rallies nytimes.com

Shane Goldmacher, New York Times:

Former President Donald J. Trump has taken his obsession with the large crowds that Vice President Kamala Harris is drawing at her rallies to new heights, falsely declaring in a series of social media posts on Sunday that she had used artificial intelligence to create images and videos of fake crowds.

The A.I.-generated crowds claim is something I had seen bouncing around the fringes of X — and by “fringe”, I mean accounts which have paid to amplify their posts. I did not expect a claim this stupid to become a mainstream argument. But then I remembered what the mainstream looks like these days.

This claim is so stupid because you do not need to rely on the photos released by the campaign. You can just go look up pictures for yourself, taken at a bunch of different angles by a bunch of different people with consistent lighting, logical crowds, and realistic hands. There are hundreds of them, and videos too. A piece of supposed evidence for the fakery is that Harris’ plane does not have a visible tail number, but there are — again — plenty of pictures of that plane which show no number. The U.S. Air Force made the change last year.

I know none of the people promoting this theory are interested in facts. They began with a conclusion and are creating a story to fit, in spite of evidence to the contrary. Still, it was equal parts amusing and worrisome to see this theory be spun from whole cloth in real time.

Permissions Pollution

In response to Apple’s increasingly distrustful permissions prompts, it is worth thinking about what benefits this could provide. For example, apps can start out trustworthy and later become malicious through updates or ownership changes, and users should be reminded of the permissions they have afforded it. There is a recent example of this in Bartender. But I am not sure any of this is helped by yet another alert.

The approach seems to be informed by the Steve Jobs definition of privacy, as he described it at D8 in 2010:

Privacy means people know what they’re signing up for — in plain English, and repeatedly. That’s what it means.

I’m an optimist. I believe people are smart, and some people want to share more data than other people do. Ask ’em. Ask ’em every time. Make them tell you to stop asking them, if they get tired of your asking them. Let them know precisely what you’re gonna do with their data.

Some of the permissions dialogs thrown by Apple’s operating systems exist to preempt abuse, while others were added in response to specific scandals. The prompt for accessing your contacts, for example, was added after Path absorbed users’ lists.

The new weekly nag box for screen recording in the latest MacOS Sequoia is also conceivably a response to a specific incident. Early this year, the developer of Bartender sold the app to another developer without telling users. The app has long required screen recording permissions to function. It made some users understandably nervous about transferring that power, especially because the transition was done so quietly to a new shady owner.

I do not think this new prompt succeeds in helping users make an informed decision. There is no information in the dialog’s text informing you who the developer is, and if it has changed. It does not appear the text of the dialog can be customized for the developer to provide a reason. If this is thrown by an always-running app like Bartender, a user will either become panicked or begin passively accepting this annoyance.

The latter is now the default response state to a wide variety of alerts and cautions. Car alarms are ineffective. Hospitals and other medical facilities are filled with so many beeps staff become “desensitized”. People agree to cookie banners without a second of thought. Alert fatigue is a well-known phenomenon, such that it informed the Canadian response in the earliest days of the pandemic. Without more thoughtful consideration of how often and in what context to inform people of something, it is just pollution.

There is apparently an entitlement which Apple can grant, but it is undocumented. It is still the summer and this could all be described in more robust terms over the coming weeks. Yet it is alarming this prompt was introduced with so little disclosure.

I believe people are smart, too. But I do not believe they are fully aware of how their data is being collected and used, and none of these dialog boxes do a good job of explaining that. An app can ask to record your screen on a weekly basis, but the user is not told any more than that. It could ask for access to your contacts — perhaps that is only for local, one-time use, or the app could be sending a copy to the developer, and a user has no way of knowing which. A weather app could be asking for your location because you requested a local forecast, but it could also be reselling it. A Mac app can tell you to turn on full disk access for plausible reasons, but it could abuse that access later.

Perhaps the most informative dialog boxes are the cookie consent forms you see across the web. In their most comprehensive state, you can see which specific third-parties may receive your behavioural data, and they allow you to opt into or out of categories of data use. Yet nobody actually reads those cookie consents because they have too much information.

Of course, nobody expects dialog boxes to be a complete solution to our privacy and security woes. A user places some trust in each layer of the process: in App Review, if they downloaded software from the App Store; in built-in protections; in the design of the operating system itself; and in the developer. Even if you believe dialog boxes are a helpful intervention, Apple’s own sea of prompts do not fulfil the Jobs criteria: they most often do not tell users specifically how their data will be used, and they either do not ask users every time or they cannot be turned off. They are just an occasional interruption to which you must either agree or find some part of an application is unusable.

Users are not typically in a position to knowledgeably authorise these requests. They are not adequately informed, and it is poor policy to treat these as individualized problems.

Apple Changes External Linking Rules and Fee Structure in European Union macrumors.com

Natasha Lomas, TechCrunch:

One big change Apple announced Thursday is that developers who include link-outs in their apps will no longer need to accept the newer version of its business terms — which requires they commit to paying the Core Technology Fee (CTF) the EU is investigating.

In another notable revision of approach, Apple is giving developers more flexibility around how they can communicate external offers and the types of offers they can promote through their iOS apps. Apple said developers will be able to inform users about offers available anywhere, not only on their own websites — such as through other apps and app marketplaces.

These are good changes. Users will also be able to turn off the scary alerts when using external purchasing mechanisms. But there is a catch.

Juli Clover, MacRumors:

There are two fees that are associated with directing customers to purchase options outside of the App Store. A 5 percent initial acquisition fee is paid for all sales of digital goods and services that the customer makes on any platform that occur within a 12-month period after an initial install. The fee does not apply to transactions made by customers that had an initial install before the new link changes, but is applicable for new downloads.

Apple says that the initial acquisition fee reflects the value that the App Store provides when connecting developers with customers in the European Union.

The other new fee is a Store Services Fee of 7% or 20% assessed annually. Apple says it “reflects the ongoing services and capabilities that Apple provides developers”:

[…] including app distribution and management; App Review; App Store trust and safety; re-discovery, re-engagement and promotional tools and services; anti-fraud checks; recommendations; ratings and reviews; customer support; and more.

Contrary to its name, this fee does not apply solely to apps acquired through the App Store; rather, it is assessed against any digital purchase made on any platform. If an app is first downloaded on an iPhone and then, within a year, the user ultimately purchases a subscription in the Windows version of the same app, Apple believes it deserves 7–20% of the cost of that subscription in perpetuity, plus 5% for the first year’s instance. This seems to be the case no matter whether the iPhone version of that app is ever touched again.

I am not sure what business standards apply here and whether it is completely outlandish, but it sure feels that way. The App Store certainly helps with app discovery to some degree, and Apple does provide a lot of services whether developers want them or not. Yet this basically ties part of a developer’s entire revenue stream to Apple; the part is unknown but will be determined based on whichever customers used the iPhone version of an app first.

I think I have all this right based on news reports from those briefed by Apple and the new contract (PDF), but I might have messed something up. Please let me know if I got some detail wrong. This is all very confusing and, though I do not think that is deliberate, I think it struggles to translate its priorities into straightforward policy. None of these changes applies to external purchases in the U.S., for example. But what I wrote at the time applies here just the same: it is championing this bureaucracy because it believes it is entitled to a significant finder’s fee, regardless of its actual contribution to a customer’s purchase.

Apple’s Permissions Features Are Out of Balance sixcolors.com

Jason Snell, Six Colors:

Apple’s recent feature changes suggest a value system that’s wildly out of balance, preferring to warn (and control) users no matter how damaging it is to the overall user experience. Maybe the people in charge should be forced to sit down and watch that Apple ad that mocks Windows Vista. Vista’s security prompts existed for good reasons — but they were a user disaster. The Apple of that era knew it. I’d guess a lot of people inside today’s Apple know it, too — but they clearly are unable to win the arguments when it matters.

The first evidence of this relentless slog of permissions prompts occurred on iOS. Want to allow this app to use the camera? Tap allow. See your location? Tap allow. Access your contacts? Tap allow. Send you notifications? Tap allow. On and on it goes, sweeping up the Mac in this relentless offloading of responsibility onto users.

On some level, I get it. Our devices are all synced with one another, passing our identities and secret information between them constantly. We install new applications without thinking too much about what they could be doing in the background. We switch on automatic updates with similar indifference. (If you are somebody who does not do these things, please do not write. I know you are there; I respect you; you are one of few.)

But relentless user confirmation is not a good answer for privacy, security, or competition. It merely kicks the can down the road, and suggests users cannot be trusted, yet must bear all the responsibility for their choices.

A.I. Pins Returned to Humane Cannot Be Refurbished theverge.com

Kylie Robinson, of the Verge, obtained internal sales data from Humane. Not only is the A.I. Pin not selling super well, but many of them are being returned. That is a huge frustration, I imagine, for lots of people who worked on this product. Also, maybe it is simply an indicator it is not very good: for its own reasons, and also perhaps because it is hard to start a new platform, and maybe because integrating with established platforms is often a struggle.

That is what everyone is talking about. I wanted to highlight a different part of Robinson’s thorough report:

Once a Humane Pin is returned, the company has no way to refurbish it, sources with knowledge of the return process confirmed. The Pin becomes e-waste, and Humane doesn’t have the opportunity to reclaim the revenue by selling it again. The core issue is that there is a T-Mobile limitation that makes it impossible (for now) for Humane to reassign a Pin to a new user once it’s been assigned to someone. One source said they don’t believe Humane has disposed of the old Pins because “they’re still hopeful they can solve this problem eventually.” T-Mobile declined to comment and referred us to Humane.

It is inexcusable for a device to be launched in 2024 without considering the environmental effects of its disposal. Perhaps Humane can recover some of the hardware components for reuse or recycling — this is unclear to me — but for a product to be useful only to its original owner is terrible, even for its first generation.

Mozilla Might Suffer the Gravest Consequences of the Google Antitrust Ruling techspot.com

Alfonso Maruccia, TechSpot:

Its most recent financials show Mozilla gets $510 million out of its $593 million in total revenue from its Google partnership. This precarious financial position is a side effect of its deal with Alphabet, which made Google the search engine default for newer Firefox installations.

Jason Del Rey, Fortune:

Mozilla is putting on a brave face for now, and not directly addressing the existential threat that the ruling appears to pose.

“Mozilla has always championed competition and choice online, particularly in search,” a spokesperson said in a statement to Fortune on Monday. “We’re closely reviewing the court’s decision, considering its potential impact on Mozilla and how we can positively influence the next steps… Firefox continues to offer a range of search options, and we remain committed to serving our users’ preferences while fostering a competitive market.”

It is possible Mozilla will not be impacted by remedies to Google’s illegal monopoly, the details of which will begin to take shape next month. It seems possible Mozilla could be losing virtually all its revenue, thereby destabilizing the organization behind one of the few non-Chromium browsers and the best documentation of web technologies available anywhere.

Trying to untangle an illegal monopolist is necessarily difficult. This will be a long and painful process for everyone. The short-term resolutions might be ineffectual and irritating, and they may not change Google’s market position. But it is important to get on the record that Google has engaged in illegal conduct to protect its dominance, and so it will be subjected to new oversight and scrutiny. This exercise is worth it because there ought to be limits to market power and anticompetitive behaviour.

MacOS Sequoia Raises the Gatekeeper Walls developer.apple.com

Apple, in a Developer News bulletin:

In macOS Sequoia, users will no longer be able to Control-click to override Gatekeeper when opening software that isn’t signed correctly or notarized. They’ll need to visit System Settings > Privacy & Security to review security information for software before allowing it to run.

This is one of those little things which will go unnoticed by most users, but will become a thorn in the side of anyone who relies on it. These are likely developers and other people who are more technologically literate placed in the position of increasingly fighting with the tools they use to get things done. It may be a small thing, but small things add up.

Update: The weekly permission prompts for screen and audio recording, on the other hand, might be noticed by a lot more people.

Apple Intelligence-Related Instructions theverge.com

Reddit user devanxd2000:

I was digging into the system files for the update and I found a bunch of json files containing what appears to be prompts given to the AI in the background. I found it interesting and thought I’d share.

You can find them here: /System/Library/AssetsV2/​com_apple_​MobileAsset_UAF_FM​_GenerativeModels

There’ll be a bunch of folders, some of them will have metadata.json files like this.

Wes Davis, the Verge:

Files I browsed through refer to the model as “ajax,” which some Verge readers might recall as the rumored internal name for Apple’s LLM last year.

It is unclear to me if these directly represent the instructions which interpret and produce the results users see. These could be something else, like a file involved in the development process but not related to how it functions on a user’s device; we just do not know.

But, assuming — quite fairly, I might add — that these instructions are what underpins features like message summaries and custom Memories in Photos, it is kind of interesting to see them written in plain English. They advise the model to “only output valid [JSON] and nothing else”, and warn it “do not hallucinate” and “do not make up factual information”. The latter two are just good rules for life. I am not sure what I expected, but I guess it was not these kinds of visible instructions. But, I guess it would make sense for it to feed through what I presume is the same system underpinning the revised version of Siri, which needs to interpret everything from plain English commands. After all, programming is just a specific version of a language.

Meta Restricted News in Canada One Year Ago mediaecosystemobservatory.com

The Media Ecosystem Observatory:

On August 1, 2023, in response to Bill C-18, Meta blocked Canadians from viewing, accessing, and sharing news article links on its platforms. Over the past 12 months, our team of researchers has closely monitored the effects of the ban particularly on Canadian news organizations and how Canadians engage with news and political content online. 

Old News, New Reality: A Year of Meta’s News Ban in Canada” is the first data-informed analysis on what happened in Canada after Meta banned access to news on its platforms for Canadians. […]

I read the report; I was underwhelmed. Its authors provide no information about how news websites and apps have performed in the past year. Instead, they use the popularity of news outlets on social media as a proxy for their popularity generally and have found — unsurprisingly — that many Canadian publications have reduced or stopped using Meta platforms to promote their work. This decline was not offset by other social platforms. But this says nothing about how publications have fared in general.

Unfortunately, only publishers would be able to compare the use of their websites and apps today compared to a year ago. Every other source only provides an estimate. Semrush, for example, says it has a “unique panel of over 200 million” users and it ingests billions of data points each month to build a picture of actual browsing. Its ranking, which I have preserved in its current June 2024 state, indicates a 6.7% decline in traffic to the CBC’s website compared to June a year ago, a 6.2% decline for CTV News, a 4.2% decline for Global News, a 12.3% increase for City News, a 27.8% decline for the Star, and a 20.4% increase for the National Post. Among the hardest-hit publications were French language publications like Journal de Montreal and TVA Nouvelles. Some of these traffic losses are pretty large, but none are anywhere near the 43% decline in “online engagement” cited in this report.

I could not find a source for app popularity in Canada over time — or, at least, not one I could access.

To be sure, it would not surprise me to learn traffic had dropped for many publishers. But it is a mixed bag, with some indicating large increases in web visitors. The point I am trying to make is that we simply do not have a good picture of actual popularity, and this Observatory report is only confusing matters. Social media buzz is not always a good representation of actual readership, and it is frustrating that the only information we can glean is irrelevant.

Apple’s Growing ‘Services’ Revenue sixcolors.com

Jason Snell, Six Colors:

Last quarter, Apple made about $22 billion in profit from products and $18 billion from Services. It’s the closest those two lines have ever come to each other.

This is what was buzzing in the back of my head as I was going over all the numbers on Thursday. We’re not quite there yet, but it’s hard to imagine that there won’t be a quarter in the next year or so in which Apple reports more total profit on Services than on products.

When that happens, is Apple still a products company? Or has it crossed some invisible line?

The most important thing Snell gets at in this article, I think, is that the “services” which likely generate the most revenue for Apple — the App Store, Apple Pay transactions, AppleCare, and the Google search deal — are all things which are tied specifically to its hardware. It sells subscriptions to its entertainment services elsewhere, for example, but they are probably not as valuable to the company as these four categories. It would be disappointing if Apple sees its hardware products increasingly as vehicles for recurring revenue.

Cool URLs Mean Something thehistoryoftheweb.com

Tim Berners-Lee in 1998:

Keeping URIs so that they will still be around in 2, 20 or 200 or even 2000 years is clearly not as simple as it sounds. However, all over the Web, webmasters are making decisions which will make it really difficult for themselves in the future. Often, this is because they are using tools whose task is seen as to present the best site in the moment, and no one has evaluated what will happen to the links when things change. The message here is, however, that many, many things can change and your URIs can and should stay the same. They only can if you think about how you design them.

Jay Hoffmann:

Links give greater meaning to our webpages. Without the link, we would lose this significant grammatical tool native the web. And as links die out and rot on the vine, what’s at stake is our ability to communicate in the proper language of hypertext.

A dead link may not seem like it means very much, even in the aggregate. But they are. One-way links, the way they exist on the web where anyone can link to anything, is what makes the web universal. In fact, the first name for URL’s was URI’s, or Universal Resource Identifier. It’s right there in the name. And as Berners-Lee once pointed out, “its universality is essential.”

In 2018, Google announced it was deprecating its URL shortener, with no new links being created after March 2019. All existing shortened links would, however, remain active. It announced this in a developer blog post which — no joke — returns a 404 error at its original URL, which I found via 9to5Google. Google could not bother to redirect posts from just six years ago to their new valid URLs.

Google’s URL shortener was in the news again this month because the company has confirmed it will turn off these links in August 2025 except for those created via Google’s own apps. Google Maps, for example, still creates a goo.gl short link when sharing a location.

In principle, I support this deprecation because it is confusing and dangerous for Google’s own shortened URLs to have the same domain as ones created by third-party users. But this is a Google-created problem because it designed its URLs poorly. It should have never been possible for anyone else to create links with the same URL shortener used by Google itself. Yet, while it feels appropriate for a Google service to be unreliable over a long term, it also should not be ending access to links which may have been created just about five years ago.

By the way, the Sophos link on the word “dangerous” in that last paragraph? I found it via a ZDNet article where the inline link is — you guessed it — broken. Sophos also could not bother to redirect this URL from 2018 to its current address. Six years ago! Link rot is a scourge.

Technical Mishaps Are Not Always Meddling Plots techdirt.com

Mark Bergen and Dawn Chmielewski, reporting for Vox — or perhaps Recode — in June 2016:

The latest charge comes from SourceFed, a stray pop culture web and video site. It uploaded a short YouTube video on Thursday charging Google with deliberately altering search recommendations — through its function that automatically offers suggestions as a query is typed — to give positive treatment to Clinton.

Google vehemently denied the charges. “Google Autocomplete does not favor any candidate or cause,” a rep wrote. “Claims to the contrary simply misunderstand how Autocomplete works.”

A spokesperson for Google explained the search engine’s autocomplete feature will “not show a predicted query that is offensive or disparaging”, which is understandable. Eight years later, that appears to be how Google continues to work. A search for donald trump cr offers just one autocompleted suggestion: crypto. Another, for donald trump fe, presents no autocompletion suggestions even though he is a convicted felon. One can see why Google would choose to err on the safe side.

Mike Masnick, Techdirt, after a series of similar claims spread over the past few weeks:

The key point here is that some of this stuff just happens. It’s part of how algorithms work. Sometimes they make mistakes. Sometimes you disagree with why they do things. And people need to stop overreacting to it all. Most of the examples discussed in this article were just normal things that happen all the time, but which got a ton of extra attention because everyone’s on edge and amped up.

That doesn’t mean people shouldn’t be on the lookout for stuff, but don’t immediately jump to conclusions and assume malfeasance.

It is reasonable to want to hold technology companies to a high standard and expect them to be more competent, especially when it comes to election-related topics. In some cases, systems are being triggered as they should, but they are poorly explained to users by generic error messages. Others are just broken. None of this should be surprising in an era where even the largest platforms seem to be so fragile as to be held together by the software equivalent of thumbtacks and glue sticks.

Mark Zuckerberg Stays On Script engadget.com

Karissa Bell, Engadget:

Zuckerberg then launched into a lengthy rant about his frustrations with “closed” ecosystems like Apple’s App Store. None of that is particularly new, as the Meta founder has been feuding with Apple for years. But then Zuckerberg, who is usually quite controlled in his public appearances, revealed just how frustrated he is, telling Huang that his reaction to being told “no” is “fuck that.”

It all has a whiff of the image consultant, with notes of Musk.

Everybody knows a corporate executive wearing boring business clothes and answering questions with defined talking points is playing a role. This costume Zuckerberg is wearing is just as much of a front. The billionaire CEO of a publicly traded social media company cannot be a rebel in any meaningful sense.

Logitech CEO Proposes Building Products That Last a Long Time theverge.com

Nilay Patel, of the Verge, interviewed Hanneke Faber, CEO of Logitech, for the Decoder podcast.

NP […] You sell me the keyboard once. It’s got Options Plus. It has an AI button. I push the button, and someone has to make sure the software still works. Someone probably has to pay ChatGPT for access to the service. Where is that going to come from? Are you baking that into the margin of the keyboard or the mouse?

HF Absolutely. We’re baking that in, and I’m not particularly worried about that. What I’m actually hoping is that this will contribute to the longevity of our products, that we’ll have more premium products but products that last longer because they’re superior and because we can continue to update them over time. And again, I talked about doubling the business and reducing the carbon footprint by half. The longevity piece is really important.

I’m very intrigued. The other day, in Ireland, in our innovation center there, one of our team members showed me a forever mouse with the comparison to a watch. This is a nice watch, not a super expensive watch, but I’m not planning to throw that watch away ever. So why would I be throwing my mouse or my keyboard away if it’s a fantastic-quality, well-designed, software-enabled mouse. The forever mouse is one of the things that we’d like to get to.

Faber goes on to say this is a mouse with always-updated software, “heavier” — which I interpreted as more durable — and something which could provide other services. In response to Patel’s hypothetical of paying $200 one time, Faber said the “business model obviously is the challenge there”, and floats solving that through either a subscription model or inventing new products which get buyers to upgrade.

The part of this which is getting some attention is the idea of a subscription model for a mouse which is, to be fair, stupid. But the part which I was surprised by is the implication that longevity is not a priority for business model reasons. I am not always keen to ascribe these things to planned obsolesce, yet this interview sure looks like Faber is outright saying Logitech does not design products with the intention of them lasting for what at least seems like “forever”.

To be fair, I have not bought anything from Logitech in a long time, and I do not remember when I last did. I believe its cable may have terminated in a PS/2 plug. I switched to a trackpad on my desk long ago. When I bought my Magic Trackpad in 2015, I assumed I would not have to replace it for at least a decade; nine years later, I have not even thought about getting a new one. Even if its built-in battery dies — its sole weakness — I think I will be able to keep using it in wired mode.

But then I went on Wikipedia to double-check the release date of the second-generation Magic Trackpad, and I scrolled to the “Reception” section. Both generations were criticized as being too expensive at $70 for the first version, and $130 for the second. But both price tags seem like a good deal for a quality product. Things should be built with the intention they will last a long time, and a $200 mouse is a fine option if it is durable and could be repaired if something breaks.

I know this is something which compromises business models built on repeat business from the same customers, whether that means replacing a broken product or a monthly recurring charge. But it is rare for a CEO to say so in such clear terms. I appreciate the honesty, but I am repelled by the idea.

Calgary Is the ‘Blue Sky City’ blueskycity.ca

Lily Dupuis, CBC News:

Calgary: Blue Sky City.

That’s the new city slogan unveiled by Calgary Economic Development and Tourism Calgary on Wednesday, replacing “Be Part of the Energy,” marking the start of a new era of branding.

Strategists with the groups say this new brand is a nod to innovation — Calgary being a city of blue-sky thinking — and one that reflects all Calgarians.

Richard White:

Calgary tried to rebrand itself in the late ‘90s as the “Heart of the New West.” And when that didn’t work, in 2011 we tried “Be Part of the Energy.” It didn’t work either. The fact is, the best city nicknames are not contrived in workshops and brainstorming sessions, they happen at more a grassroots level or based on some obvious fact. I wonder, “Can a city give itself a nickname?”

Daughter is responsible for this rebranding:

We created a visual language inspired by beadwork, a cross-cultural art form where individual elements come together to form something strong, beautiful, and greater than the sum of its parts — a balance of individuality and collective identity. This is reflected in a dynamic logo system, and a broader visual language of beadwork and patterning.

I do not like linking to hard paywalled things, but Armin Vit of Brand New recently reviewed this new identity and it is exceptionally thoughtful:

I was in Calgary once in the dead of winter for a quick in-and-out trip so I saw a limited range of the city, which felt a little desolate in the 48 hours I was there and it was just brutally cold too. Sunny, though! So I can attest to that. Overall, this helps present Calgary in, almost literally, a new light and it should help in attracting visitors and business or at least consider it as a viable alternative to the more popular Canadian destinations like Toronto, Montréal, and Vancouver.

Even though it intersects perfectly with my local interests and design career, I have been sitting on this news for a while because it is the kind of thing which needs to settle. It is a huge ask to give a city a marketable identity. The most successful of them, as White points out, are given by others or earned, not self-created.

That must have been a tall order for Daughter. Mohkinstsis, and other names for this area before it was colonized, are a reference to our two major rivers and the elbow junction where they meet. Post-colonization, the city was known first as the “sandstone city” and then the Stampede City. “Calgary” possibly traces its name to Old Norse words for “cold garden”. But the city, as Calgary, is relatively new — incorporated just 140 years ago — and we are in the midst of attempting to correct for the terrible legacy of colonizer violence. Wrapping all of this together in a pleasant visual identity to market to tourists is surely a difficult task.

I think Daughter and the others involved in this rebrand have largely succeeded. Past rebranding attempts have centred an outdated cowboy image and our filthy petrochemical industry. To that end, it sure looks a little like greenwashing — or, perhaps, bluewashing. But, while locals like White have reacted somewhat negatively to the change, the more international commenters on Brand New are effusive in their praise.

I think it is an impressive rebrand, though the typesetting of the “blue sky city” tagline looks disconnected to my eyes from the rest of the work. Perhaps this is only a reflection of my writing this under a cloudy sky. Everything in this package positions Calgary as a destination which may be overlooked outside of ten days each July, but it also suggests a nagging subtext: Montreal, Toronto, and Vancouver speak for themselves, but Calgary needs to be taglined and positioned. We are a city of a million and a half people and we are not yet acting like it.

Third-Party Cookies Have Got to Go w3.org

Anthony Chavez, of Google:

[…] Instead of deprecating third-party cookies, we would introduce a new experience in Chrome that lets people make an informed choice that applies across their web browsing, and they’d be able to adjust that choice at any time. We’re discussing this new path with regulators, and will engage with the industry as we roll this out.

Oh good — more choices.

Hadley Beeman, of the W3C’s Technical Architecture Group:

Third-party cookies are not good for the web. They enable tracking, which involves following your activity across multiple websites. They can be helpful for use cases like login and single sign-on, or putting shopping choices into a cart — but they can also be used to invisibly track your browsing activity across sites for surveillance or ad-targeting purposes. This hidden personal data collection hurts everyone’s privacy.

All of this data collection only makes sense to advertisers in the aggregate, but it only works because of specifics: specific users, specific webpages, and specific actions. Privacy Sandbox is imperfect but Google could have moved privacy forward by ending third-party cookies in the world’s most popular browser.

Engineering Consent

Anthony Ha, of TechCrunch, interviewed Jean-Paul Schmetz, CEO of Ghostery, and I will draw your attention to this exchange:

AH I want to talk about both of those categories, Big Tech and regulation. You mentioned that with GDPR, there was a fork where there’s a little bit of a decrease in tracking, and then it went up again. Is that because companies realized they can just make people say yes and consent to tracking?

J-PS What happened is that in the U.S., it continued to grow, and in Europe, it went down massively. But then the companies started to get these consent layers done. And as they figured it out, the tracking went back up. Is there more tracking in the U.S. than there is in Europe? For sure.

AH So it had an impact, but it didn’t necessarily change the trajectory?

J-PS It had an impact, but it’s not sufficient. Because these consent layers are basically meant to trick you into saying yes. And then once you say yes, they never ask again, whereas if you say no, they keep asking. But luckily, if you say yes, and you have Ghostery installed, well, it doesn’t matter, because we block it anyway. And then Big Tech has a huge advantage because they always get consent, right? If you cannot search for something in Google unless you click on the blue button, you’re going to give them access to all of your data, and you will need to rely on people like us to be able to clean that up.

The TechCrunch headline summarizes this by saying “regulation won’t save us from ad trackers”, but I do not think that is a fair representation of this argument. What it sounds like, to me, is that regulations should be designed more effectively.

The E.U.’s ePrivacy Directive and GDPR have produced some results: tracking is somewhat less pervasive, people have a right to data access and portability, and businesses must give users a choice. That last thing is, as Schmetz points out, also its flaw, and one it shares with something like App Tracking Transparency on iOS. Apps affected by the latter are not permitted to keep asking if tracking is denied, but they do similarly rely on the assumption a user can meaningfully consent to a cascading system of trackers.

In fact, the similarities and differences between cookie banner laws and App Tracking Transparency are considerable. Both require some form of consent mechanism immediately upon accessing a website or an app, assuming a user can provide that choice. Neither can promise tracking will not occur should a user deny the request. Both are interruptive.

But cookie consent laws typically offer users more information; many European websites, for example, enumerate all their third-party trackers, while App Tracking Transparency gives users no visibility into which trackers will be allowed. The latter choice is remembered forever unless a user removes and reinstalls the app, while websites can ask you for cookie consent on each visit. Perhaps the latter may sometimes be a consequence of using Safari; it is hard to know.

App Tracking Transparency also has a system-wide switch to opt out of all third-party tracking. There used to be something similar in web browsers, but compliance was entirely optional. Its successor effort, Global Privacy Control, is sadly not as widely supported as it ought to be, but it appears to have legal teeth.

Both of these systems have another important thing in common: neither are sufficiently protective of users’ privacy because they burden individuals with the responsibility of assessing something they cannot reasonably comprehend. It is patently ridiculous to put the responsibility on individuals to mitigate a systemic problem like invasive tracking schemes.

There should be a next step to regulations like these because user tracking is not limited to browsers where Ghostery can help — if you know about it. A technological response is frustrating and it is unclear to me how effective it is on its own. This is clearly not a problem only regulation can solve but neither can browser extensions. We need both.

Southwest Airlines Did Not Dodge the CrowdStrike-Caused Outage Thanks to Windows 3.1 osnews.com

Thom Holwerda:

A story that’s been persistently making the rounds since the CrowdStrike event is that while several airline companies were affected in one way or another, Southwest Airlines escaped the mayhem because they were still using Windows 3.1. It’s a great story that fits the current zeitgeist about technology and its role in society, underlining that what is claimed to be technological progress is nothing but trouble, and that it’s better to stick with the old. At the same time, anybody who dislikes Southwest Airlines can point and laugh at the bumbling idiots working there for still using Windows 3.1. It’s like a perfect storm of technology news click and ragebait.

Too bad the whole story is nonsense.

I would say Holwerda’s debunking is a thorough exploration of how so many media outlets got this story wrong but — and I mean this in the nicest possible way — that would be overselling it. As Holwerda admits, it took scarcely any research to fact check a claim carried by Tom’s Hardware, Tech Radar, Forbes, Digital Trends, and lots of others. Embarrassing.

WSJ: Amazon Has Lost Billions Selling Millions of Alexa Devices wsj.com

Dana Mattioli, Wall Street Journal:

When Amazon launched the Echo smart home devices with its Alexa voice assistant in 2014, it pulled a page from shaving giant Gillette’s classic playbook: sell the razors for a pittance in the hope of making heaps of money on purchases of the refill blades.

A decade later, the payoff for Echo hasn’t arrived. While hundreds of millions of customers have Alexa-enabled devices, the idea that people would spend meaningful amounts of money to buy goods on Amazon by talking to the iconic voice assistant on the underpriced speakers didn’t take off.

According to Mattioli’s reporting, in a span of just four years — 2017 through 2021 — Amazon lost $25 billion on “devices”. According to SEC filings (PDF), this category would likely include things like Fire TV sticks, Ring doorbell cameras, Kindles, and Alexa products. It is unclear to me what portion of these losses can be specifically attributed to Alexa devices.

I know I am probably an outlier, but I have never understood why someone would buy anything with just their voice. I cannot think of a reason why I would buy any of these smart speakers in general, though I understand why controlling your house with your voice could be useful for a person with a disability. But buying things from the world’s most popular flea market without any control over what shows up at your door sounds horrible.

Linda Yaccarino Is Caught Between a Musk and a Hard Place nytimes.com

Kate Conger, New York Times:

On May 11, Mr. [Elon] Musk posted that he had selected a chief executive [for Twitter]. It was Ms. [Linda] Yaccarino.

[…]

Many of her longtime peers in the advertising world were shocked that Ms. Yaccarino accepted the job — they feared she would tarnish her reputation by associating herself with Mr. Musk. But several colleagues who worked with her at X said she and Mr. Musk were more alike than their public personas might suggest. They share a fervent belief that their responsibilities range beyond running a viable business into rescuing the principle of free speech, a paranoia of sabotage from employees and associates, and a willingness to pursue legal action against critics.

Colin Kirkland, MediaPost:

As X owner Elon Musk continues to post about record high engagement on his social media hub, a new report by data intelligence platform Tracer shows “significant drops” in user engagement and “drastic drops” in advertising unlike competitors like YouTube, Instagram and Pinterest.

In June, X advertising saw drops month-over-month and year-over-year, the report shows, with click-through-rates (CTRs) declining 78% month-over-month, which the report suggests reflects a sharp downturn in user activity. In addition, cost-per-thousand (CPMs) decreased 17% from May to June, suggesting that advertisers are also leaving X.

I cannot imagine being Yaccarino in the position she finds herself: trying to build advertising partnerships for a platform owned by the world’s richest jackass. But, while X seems to have lost some clout — and, according to the Times article, over half its advertising revenue — compared to Twitter, I wonder how much it matters in the short term.

Do not get me wrong; it is revolting for a platform to expressly support and even boost conspiracy theories and regressive ideologies. Yet the continuing relevance of this platform indicates some portion of the public wants a light 4chan-like experience, which is an alarming but not surprising finding. The world has, unfortunately, become more comfortable with reactionary and previously extremist ideas. It is no longer poisonous for public figures to have odious beliefs.

We are not better for tolerating this shallow, unproductive, and repulsive interpretation of free expression — quite the opposite, in fact. If Yaccarino thinks this is what it looks like when one is, in the Times’ words, “rescuing the principle of free speech”, she is failing. She is helping her boss give morons a loudspeaker with barely any restrictions, while treating normal words as slurs because they are politically incorrect for the site’s regressive user base. Is this all Musk’s fault? How much of an active role does Yaccarino play? Perhaps blaming Yaccarino for any of this, even partially, is unfair of me. But she is a CEO who was placed — in part, at least — to legitimize this platform for advertisers.

Market-Driven Brittleness lawfaremedia.org

Barath Raghavan and Bruce Schneier, Lawfare:

Today’s internet systems are too complex to hope that if we are smart and build each piece correctly the sum total will work right. We have to deliberately break things and keep breaking them. This repeated process of breaking and fixing will make these systems reliable. And then a willingness to embrace inefficiencies will make these systems resilient. But the economic incentives point companies in the other direction, to build their systems as brittle as they can possibly get away with.

This is a tremendous essay — a call to action in opposition to the shallow cost-effectiveness embraced by corporations up and down the high technology chain. Now all we need is to hope businesses do things which are not in their immediate financial interest.

The Conclusions of That CAPTCHA Paper Seem Iffy to Me theregister.com

Thomas Claburn, the Register:

Google promotes its reCAPTCHA service as a security mechanism for websites, but researchers affiliated with the University of California, Irvine, argue it’s harvesting information while extracting human labor worth billions.

[…]

“Traffic resulting from reCAPTCHA consumed 134 petabytes of bandwidth, which translates into about 7.5 million kWhs of energy, corresponding to 7.5 million pounds of CO2. In addition, Google has potentially profited $888 billion from cookies [created by reCAPTCHA sessions] and $8.75–32.3 billion per each sale of their total labeled data set.”

I have seen this paper (PDF) being passed around and, while I find its participant-reported data believable — people are much less satisfied with image-based CAPTCHA puzzles than checkboxes — these calculations are unbelievable.

To reiterate, the researchers are estimating reCAPTCHA sessions have, over the past thirteen years, been responsible for $888 billion of Google’s income. In that time, Google has made $1.8 trillion in revenue. These researchers are suggesting up to 49% of that can be directly tied to reCAPTCHA cookies.

Here is the explanation they give in the paper for how they arrived at that conclusion:

[…] According to Forbes [3], digital ad spending reached over $491 billion globally in 2021, and more than half of the market (51%) heavily relied on third-party cookies for advertisement strategies [1]. The expenditure on third-party audience data (collected using tracking cookies) in the United States reached from $15.9 billion in 2017 to $22 billion in 2021 [2]. More concretely, the current average value life-time of a cookie is €2.52 or $2.7 [58]. Given that there have been at least 329 billion reCAPTCHAv2 sessions, which created tracking cookies, that would put the estimated value of those cookies at $888 billion dollars.

It seems the researchers simply multiplied the total estimated number of reCAPTCHA sessions by a current value average to arrive at this number. I am probably missing some obvious flaws, but there are three I noticed. First, this calculation assumes cookies created thirteen years ago still exist today and have the same value, on average as any other cookie. Second, it assumes all sessions materialize in a unique individually valuable cookie. Lastly, it is unclear that a cookie’s value can be directly tied to Google’s income, as the researchers claim: “Google has potentially profited $888 billion from [reCAPTCHA] cookies”. None of these assumptions makes sense to me.

Antitrust Probe in India Finds Apple Abused Position in Apps Market reuters.com

Aditya Kalra, Reuters:

An investigation by India’s antitrust body has found that Apple exploited its dominant position in the market for app stores on its iOS operating system, engaging “in abusive conduct and practices”, a confidential report seen by Reuters showed.

[…]

“Apple App Store is an unavoidable trading partner for app developers, and resultantly, app developers have no choice but to adhere to Apple’s unfair terms, including the mandatory use of Apple’s proprietary billing and payment system,” the CCI unit said in the June 24 report.

India is a rapidly growing market for Apple and one which Tim Cook identified as important in 2017.

At what point will it be easier for more flexible and open App Store policies to become available worldwide instead of individual countries and regions? That day seems to be approaching fast.

Apple Is Probably Undercounting CSAM in Its Internet Services theguardian.com

Katie McQue, the Guardian:

The UK’s National Society for the Prevention of Cruelty to Children (NSPCC) accuses Apple of vastly undercounting how often child sexual abuse material (CSAM) appears in its products. In a year, child predators used Apple’s iCloud, iMessage and Facetime to store and exchange CSAM in a higher number of cases in England and Wales alone than the company reported across all other countries combined, according to police data obtained by the NSPCC.

Through data gathered via freedom of information requests and shared exclusively with the Guardian, the children’s charity found Apple was implicated in 337 recorded offenses of child abuse images between April 2022 and March 2023 in England and Wales. In 2023, Apple made just 267 reports of suspected CSAM on its platforms worldwide to the National Center for Missing & Exploited Children (NCMEC), which is in stark contrast to its big tech peers, with Google reporting more than 1.47m and Meta reporting more than 30.6m, per NCMEC’s annual report.

The reactions to statistics related to this particularly revolting crime are similar to all crime figures: higher and lower numbers can be interpreted as both positive and negative alike. More reports could mean better detection or more awareness, but it could also mean more instances; it is hard to know. Fewer reports might reflect less activity, a smaller platform size or, indeed, undercounting. In Apple’s case, it is likely the latter. It is neither a small platform nor one which prohibits the kinds of channels through which CSAM is distributed.

NCMEC addresses both these problems and I think its complaints are valid:

U.S.-based ESPs are legally required to report instances of child sexual abuse material (CSAM) to the CyberTipline when they become aware of them. However, there are no legal requirements regarding proactive efforts to detect CSAM or what information an ESP must include in a CyberTipline report. As a result, there are significant disparities in the volume, content and quality of reports that ESPs submit. For example, one company’s reporting numbers may be higher because they apply robust efforts to identify and remove abusive content from their platforms. Also, even companies that are actively reporting may submit many reports that don’t include the information needed for NCMEC to identify a location or for law enforcement to take action and protect the child involved. These reports add to the volume that must be analyzed but don’t help prevent the abuse that may be occurring.

Not only are many reports not useful, they are also part of an overwhelming caseload with which law enforcement struggles to turn into charges. Proposed U.S. legislation is designed to improve the state of CSAM reporting. Unfortunately, the wrong bill is moving forward.

The next paragraph in the Guardian story:

All US-based tech companies are obligated to report all cases of CSAM they detect on their platforms to NCMEC. The Virginia-headquartered organization acts as a clearinghouse for reports of child abuse from around the world, viewing them and sending them to the relevant law enforcement agencies. iMessage is an encrypted messaging service, meaning Apple is unable to see the contents of users’ messages, but so is Meta’s WhatsApp, which made roughly 1.4m reports of suspected CSAM to NCMEC in 2023.

I wish there was more information here about this vast discrepancy — a million reports from just one of Meta’s businesses compared to just 267 reports from Apple to NCMEC for all of its online services. The most probable explanation, I think, can be found in a 2021 ProPublica investigation by Peter Elkind, Jack Gillum, and Craig Silverman, about which I previously commented. The reporters here revealed WhatsApp moderators’ heavy workloads, writing:

Their jobs differ in other ways. Because WhatsApp’s content is encrypted, artificial intelligence systems can’t automatically scan all chats, images and videos, as they do on Facebook and Instagram. Instead, WhatsApp reviewers gain access to private content when users hit the “report” button on the app, identifying a message as allegedly violating the platform’s terms of service. This forwards five messages — the allegedly offending one along with the four previous ones in the exchange, including any images or videos — to WhatsApp in unscrambled form, according to former WhatsApp engineers and moderators. Automated systems then feed these tickets into “reactive” queues for contract workers to assess.

WhatsApp allows users to report any message at any time. Apple’s Messages app, on the other hand, only lets users flag a sender as junk and, even then, only if the sender is not in the user’s contacts and the user has not replied a few times. As soon as there is a conversation, there is no longer any reporting mechanism within the app as far as I can tell.

The same is true of shared iCloud Photo albums. It should be easy and obvious how to report illicit materials to Apple. But I cannot find an obvious mechanism for doing so — not in an iCloud-shared photo album, and not in an obvious place on Apple’s website, either. As noted in Section G of the iCloud terms of use, reports must be sent via email to abuse@icloud.com. iCloud albums use long, unguessable URLs, so the likelihood of unintentionally stumbling across CSAM or other criminal materials is low. Nevertheless, it seems to me that notifying Apple of abuse of its services should be much clearer.

Back to the Guardian article:

Apple’s June announcement that it will launch an artificial intelligence system, Apple Intelligence, has been met with alarm by child safety experts.

“The race to roll out Apple AI is worrying when AI-generated child abuse material is putting children at risk and impacting the ability of police to safeguard young victims, especially as Apple pushed back embedding technology to protect children,” said [the NSPCC’s Richard] Collard. Apple says the AI system, which was created in partnership with OpenAI, will customize user experiences, automate tasks and increase privacy for users.

The Guardian ties Apple’s forthcoming service to models able to generate CSAM, which it then connects to models being trained on CSAM. But we do not know what Apple Intelligence is capable of doing because it has not yet been released, nor do we know what it has been trained on. This is not me giving Apple the benefit of the doubt. I think we should know more about how these systems are trained.

We also currently do not know what limitations Apple will set for prompts. It is unclear to me what Collard is referring to in saying that the company “pushed back embedding technology to protect children”.

One more little thing: Apple does not say Apple Intelligence was created in partnership with OpenAI, which is basically a plugin. It also does not say Apple Intelligence will increase privacy for users, only that it is more private than competing services.

I am, for the record, not particularly convinced by any of Apple’s statements or claims. Everything is firmly in we will see territory right now.

Meta’s A.I. Models and ‘Open Source’ about.fb.com

Mark Zuckerberg:

Today we’re taking the next steps towards open source AI becoming the industry standard. We’re releasing Llama 3.1 405B, the first frontier-level open source AI model, as well as new and improved Llama 3.1 70B and 8B models. In addition to having significantly better cost/performance relative to closed models, the fact that the 405B model is open will make it the best choice for fine-tuning and distilling smaller models.

[…]

Meta is committed to open source AI. I’ll outline why I believe open source is the best development stack for you, why open sourcing Llama is good for Meta, and why open source AI is good for the world and therefore a platform that will be around for the long term.

Benj Edwards, Ars Technica:

So, about that “open source” term. As we first wrote in an update to our Llama 2 launch article a year ago, “open source” has a very particular meaning that has traditionally been defined by the Open Source Initiative. The AI industry has not yet settled on terminology for AI model releases that ship either code or weights with restrictions (such as Llama 3.1) or that ship without providing training data. We’ve been calling these releases “open weights” instead.

I think I have seen this movie before, or at least a version of it.

On ‘Mogul Style’ theguardian.com

Derek Guy, for the Guardian:

The ruling class today is hardly inspiring in terms of taste. The preponderance of tech vests, which have replaced navy blazers, demonstrates that socio-economic class still drives dress practices, albeit with less appealing forms. The irony is that, while elites dress increasingly like the middle class preparing for a Whole Foods run, wealth inequality in the United States has mostly worsened every decade since the 1980s, the last era when men were still expected to wear tailored jackets.

Imagine being able to get all your clothes — heck, basically everything — made just for you, and choosing this costume.

CrowdStrike Fallout crowdstrike.com

CrowdStrike:

On July 19, 2024 at 04:09 UTC, as part of ongoing operations, CrowdStrike released a sensor configuration update to Windows systems. Sensor configuration updates are an ongoing part of the protection mechanisms of the Falcon platform. This configuration update triggered a logic error resulting in a system crash and blue screen (BSOD) on impacted systems.

Pradeep Viswanathan, Neowin:

It turns out that similar problems have been occurring for months without much awareness, despite the fact that many may view this as an isolated incident. Users of Debian and Rocky Linux also experienced significant disruptions as a result of CrowdStrike updates, raising serious concerns about the company’s software update and testing procedures. These occurrences highlight potential risks for customers who rely on their products daily.

Rajesh Kumar Singh and David Shepardson, Reuters:

Delta Air Lines CEO Ed Bastian on Monday said it will take the U.S. carrier another couple of days before its operations recover from a global cyber outage that snarled flights around the world.

The Atlanta-based carrier has been hit hard by the outage. It has canceled over 4,000 flights since Friday, stranding thousands of customers across the country. By contrast, disruptions at other major U.S. carriers had largely subsided.

If one has a general worldview for technology today, they can find it in some analysis of this CrowdStrike failure. This saga has everything. For those who think this reinforces the safety of restrictive software policies, that is one possible explanation. Or for one who may be a permanent asshole and thinks diversity initiatives and “woke” programmers are to blame, they are both insufferable and wrong. For those who think marketplace concentration has a role to play — I am one — there is someone who agrees. And for those who want to blame the E.U., the Wall Street Journal has that angle covered.

One comment I found particularly insulting, however, was a line in Microsoft’s response: “We currently estimate that CrowdStrike’s update affected 8.5 million Windows devices, or less than one percent of all Windows machines”. I get why Microsoft would want to reframe this issue; the words “Microsoft outage” are in headlines instead of “CrowdStrike bug”.1 But this does not minimize the impact of this bug — which Microsoft’s statement acknowledges in the very next sentence — and it does not disprove claims about concentrated market share. It is used by nearly 60% of Fortune 500 companies including, it says, 80% of the top automotive, financial, food and beverage, and technology companies. It may not have an influential position compared to the Windows install base at large, but who cares? That is not an appropriate metric for this specific software.

Blaming Microsoft’s agreement with the E.U. also seems unnecessarily reductive, though it had a role to play. If Microsoft could have restricted kernel access in the way Apple does, it is much less likely this precise catastrophic failure by a third-party company would have occurred. But it is beside the point. It seems it could have done so at any time if it did not unfairly give its own security products elevated access. Left unexplored is why it has not done so. Also, CrowdStrike was singing the praises of Apple’s approach when kernel extensions were deprecated in MacOS. CrowdStrike loved the idea of “[r]educing the need for privileged access” which “is always a more secure approach”. Why did it fail to do so on Windows? Even without the same kind of mandate as MacOS, it seems there has been ample opportunity all around to increase protections.

Though I was oversimplifying when I wrote “just a handful of vendors are entrusted with the digital infrastructure on which our society runs” — it is more than a handful, but it is a relative handful in most any category — I maintain at least part of my original argument as written:

Even if there are serious financial and reputational consequences for these failures, the world is still no closer to being freed of its dependence on Windows or Ticketmaster or Snowflake or CrowdStrike. These seem to be incredibly fragile systems on which society rests with little accountability for their makers.

CrowdStrike’s stock is down 23%, which is far more than AT&T suffered. But I am not comfortable with investors’ bad vibes as an accountability mechanism. There needs to be legal structures so that our world’s vast interconnected technological infrastructure has resilience as a rule.

Update: Marcus Hutchins:

Everyone keeps citing that Dave’s Garage video where he claims Microsoft had some super secret fix everything security API that they were going to release but the EU stopped them.

[…]

Microsoft has released multiple APIs that match said description and the EU hasn’t stopped them.

Hutchins also says the 2006 case cited by Thompson about E.U.-related concessions is not the one Microsoft is referring to in this circumstance.


  1. In that particular article, CrowdStrike is not mentioned until the final paragraph. ↥︎

You Will Not Believe This, but Tesla’s Nearly Fictional Optimus Robot Is Not Ready Yet gizmodo.com

Matt Novak, Gizmodo:

“Tesla will have genuinely useful humanoid robots in low production for Tesla internal use next year and, hopefully, high production for other companies in 2026,” Musk tweeted on Monday morning.

As Electrek points out, that’s a delay from what was previously promised by Musk. The Tesla CEO had said back in April that he’d have Optimus robots working in Tesla factories by the end of 2024 with deliveries to other companies by 2025. That’s clearly not happening anymore, based on more recent comments.

I am sure there are people somewhere who still believe this is a good-faith “serious endeavour” which is just facing a few hurdles and will soon be able to get groceries autonomously. But this thing was tentatively on track to be produced last year. I am sure this is just a minor delay, much like the fully autonomous vehicles which owners will be able to rent out to others as taxis, which is also assuredly mere weeks away.

Broken File in CrowdStrike Update Causes Worldwide Systems Outages theverge.com

Emma Roth, the Verge:

On Friday morning, some of the biggest airlines, TV broadcasters, banks, and other essential services came to a standstill as a massive outage rippled across the globe. The outage, which has brought the Blue Screen of Death upon legions of Windows machines across the globe, is linked to just one software company: CrowdStrike.

[…]

“Our software is extremely interconnected and interdependent,” Lukasz Olejnik, an independent cybersecurity researcher, consultant, and author of the book Philosophy of Cybersecurity, tells *The Verge. “But in general, there are plenty of single points of failure, especially when software monoculture exists at an organization.”

Robert McMillan, Wall Street Journal:

Founded in 2011, CrowdStrike is widely used by Corporate America, supplying software that protects against cyberattacks to tens of thousands of customers, including 300 companies in the Fortune 500. The scale of the outage was compounded by the fact that cybersecurity software like CrowdStrike’s has access to the most fundamental elements of the operating system to ward off cyberattacks, security experts say.

This sounds like a terrible day for anyone affected. There are I.T. staff who were woken up in the middle of the night to see if there was anything they could do; while a workaround was posted within an hour and a half of CrowdStrike issuing this update, it requires tedious manual work on each impacted system. You can find countless stories online of hospitals, airports, government systems, broadcasters, and more severely interrupted by this one bad software update. A whole lot of people had a really terrible day today.

We keep seeing the ripple effects when just a handful of vendors are entrusted with the digital infrastructure on which our society runs. Bought tickets to a mainstream event in North America? It was probably facilitated by Ticketmaster, so your credit card was leaked. It and over a hundred other companies depended on Snowflake for data storage, which was breached. Do you live in the U.S. and own a phone? AT&T, T-Mobile, and Verizon have all suffered data breaches. Two years ago, Canadian ISP and cellular carrier Rogers was down for an entire day, “disrupting government services and payment systems”. Microsoft is busy convincing people it is taking security seriously after a series of embarrassing failures.

Even if there are serious financial and reputational consequences for these failures, the world is still no closer to being freed of its dependence on Windows or Ticketmaster or Snowflake or CrowdStrike. These seem to be incredibly fragile systems on which society rests with little accountability for their makers.

Update: Changed the word “driver” in my headline to “file” to reflect CrowdStrike’s technical analysis.

YouTube Subtitles Included in Large Data Set Used to Train Notable A.I. Models proofnews.org

Annie Gilbertson and Alex Reisner, Proof:

AI companies are generally secretive about their sources of training data, but an investigation by Proof News found some of the wealthiest AI companies in the world have used material from thousands of YouTube videos to train AI. Companies did so despite YouTube’s rules against harvesting materials from the platform without permission.

Our investigation found that subtitles from 173,536 YouTube videos, siphoned from more than 48,000 channels, were used by Silicon Valley heavyweights, including Anthropic, Nvidia, Apple, and Salesforce.

According to Gilbertson and Reisner, this is a data set called — appropriately enough — “YouTube Subtitles”, which is part of a larger set called the “Pile”, which is distributed by EleutherAI. The “Pile” was used by Apple to train OpenELM.

Chance Miller, 9to5Mac:

Apple has now confirmed to 9to5Mac, however, that OpenELM doesn’t power any of its AI or machine learning features – including Apple Intelligence.

Lance Ulanoff, TechRadar:

While not speaking directly to the issue of YouTube data, Apple reiterated its commitment to the rights of creators and publishers and added that it does offer websites the ability to opt out of their data being used to train Apple Intelligence, which Apple unveiled during WWDC 2024 and is expected to arrive in iOS 18.

The company also confirmed that it trains its models, including those for its upcoming Apple Intelligence, using high-quality data that includes licensed data from publishers, stock images, and some publicly available data from the web. YouTube’s transcription data is not intended to be a public resource but it’s not clear if it’s fully hidden from view.

Even if you set aside the timing of allowing people to opt out, it scarcely matters in this case. If YouTube captions were part of the data set used to train any part of Apple Intelligence, it would be impossible for channel operators to opt out because they cannot set individualized robots.txt instructions.

Five New York Times reporters wrote in April about the tension OpenAI created after it began transcribing YouTube videos:

Some Google employees were aware that OpenAI had harvested YouTube videos for data, two people with knowledge of the companies said. But they didn’t stop OpenAI because Google had also used transcripts of YouTube videos to train its A.I. models, the people said. That practice may have violated the copyrights of YouTube creators. So if Google made a fuss about OpenAI, there might be a public outcry against its own methods, the people said.

I could not find any mechanism to opt one’s own YouTube videos out of A.I. training. This is one of the problems of YouTube being a singular destination for general-purpose online video: it has all the power and, by extension, so does Google.

By the way, I am still waiting for someone in Cupertino to check the Applebot inbox.

J.D. Vance Left His Venmo Public wired.com

Dhruv Mehrotra, Tim Marchman, and Andrew Couts, Wired:

US senator J.D. Vance, an Ohio Republican and former US president Donald Trump’s pick for vice president, has a public Venmo account that gives an unfiltered glimpse into his extensive network of connections with establishment GOP heavyweights, wealthy financiers, technology executives, the prestige press, and fellow graduates of Yale Law School—precisely the elites he rails against. A WIRED analysis of the account, the people listed as Vance’s friends, and, in turn, the people listed as their friends highlights sometimes bizarre and surprising connections. Experts, meanwhile, worry that the information revealed by the peer-to-peer payment app raises the potential for stalking, trolling, and impersonation.

In May 2021, reporters for Buzzfeed News easily found Joe Biden’s Venmo account.

It remains completely baffling to me for a payment app, of all things, to have an option for publicly exposing transactions like it is a social network. Shortly after Biden’s account was found, Venmo removed a feature which showed public transactions from complete strangers — this is among the most ridiculous series of words I have ever typed. Despite Venmo’s explanations, I will likely never understand why it is like this.

Fully Apple Pilled

To promote the launch of a new Beats Pill model, Apple’s Oliver Schusser was interviewed by Craig McLean of Wallpaper — where by “interviewed” I mostly mean “guided through talking points”. There is not much here unless you appreciate people discussing brands in the abstract.

However, McLean wanted to follow up on a question asked of Schusser in a 2019 issue of Music Week (PDF): “where do you want to see, or want Apple Music to be, in five years?” Schusser replied:

We want to be the best in what we do. And that means, obviously, we’ll continue to invest in the product and make sure we’re innovative and provide our customers with the best experience. We want to invest in our editorial and content, in our relationships with the industry, whether that’s the songwriters, music publishers, the labels, artists or anyone in the creative process. But that’s really what we’re trying to do. We just want to be the best at what we do.

With McLean given the opportunity for a response at the end of that timeframe, where does Apple Music now find itself? Schusser answered:

We are very clearly positioned as the quality service. We don’t have a free offer [unlike Spotify’s advertising-supported tier]. We don’t give anything away. Everything is made by music fans and curated by experts. We are focused on music while other people are running away from music into podcasts and audiobooks. Our service is clearly dedicated to music.

With spatial audio, we’ve completely revolutionised the listening experience. [Historically] we went from mono to stereo and then, for decades, there was nothing else. Then we completely invented a new standard [where] now 90 per cent of our subscribers are listening to music in spatial audio. Which is great.

And little things, like the lyrics, for example, [which] you find on Apple Music, which are incredibly popular. We have a team of people that are actually transcribing the lyrics because we don’t want them to be crowd-sourced from the internet. We want to make sure they’re as pristine as possible. We’ve got motion artwork and song credits. We really try to make Apple Music a high quality place for music fans.

And while most others in the marketplace have sort of stopped innovating, we’ve been really pushing hard, whether it’s Apple Music Sing, which is a great singalong feature, like karaoke. Or Classical, which is an audience that had completely been neglected. We’re trying to make Apple Music the best place for people to listen to music. I’m super happy with that.

This is quite the answer, and one worth tediously picking apart claim-by-claim.

We are very clearly positioned as the quality service. We don’t have a free offer [unlike Spotify’s advertising-supported tier]. We don’t give anything away.

I am not sure how one would measure whether Apple Music is “positioned as the quality service”, but this is a fair point. Apple Music offers free streaming “Radio” stations, but it is substantially not a free service.

Everything is made by music fans and curated by experts.

This is a common line from Apple and a description which has carried on from the launch of Beats Music. But it seems only partially true. There are, for example, things which must be entirely made by algorithm, like user-personalized playlists and radio stations. Schusser provided more detail to McLean five years ago in that Music Week interview, saying “[o]f course there are algorithms involved [but] the algorithms only pick music that [our] editors and curators would choose”. I do not know what that means, but it is at least an acknowledgement of an automated system instead of the handmade impression Apple gives in the Wallpaper interview.

Other parts of Apple Music suspiciously seem informed by factors beyond what an expert curator might decide. Spellling’s 2021 record “The Turning Wheel”, a masterpiece of orchestral art pop, notably received a perfect score from music reviewer Anthony Fantano. Fantano also gave high scores to artists like Black Midi, JPEGMAFIA, and Lingua Ignota, none of whom make music anything like Spellling. Yet all are listed as “similar artists” to Spellling on Apple Music. If you like Spellling’s work, you may be surprised by those other artists because they sound wildly different. This speaks less of curation than it does automation by audience.

For the parts which are actually curated manually, do I know the people who are making these decisions? What is their taste like? What are their standards? Are they just following Apple’s suggestions? Why is the “Rock Drive” playlist the same as any mediocre FM rock radio station?

We are focused on music while other people are running away from music into podcasts and audiobooks. Our service is clearly dedicated to music.

Music has undeniably shaped Apple from its earliest days and, especially, following the launch of the iPod. Its executives are fond of repeating the line “we love music” in press releases and presentations since 2001. But Apple’s dedication to separating music from other media is a five year old decision. It was previously wholly dedicated to music while shipping an app that also played audiobooks and podcasts and movies and all manner of other things. Plus, have you seen the state of the Music app on MacOS?

This is clearly just a dig at Spotify. It would carry more weight if Apple Music felt particularly good for music playback. It does not. I have filed dozens of bugs against the MacOS, iOS, and tvOS versions reflecting basic functionality: blank screens, poor search results, playback queue ordering issues, inconsistencies in playlist sort order between devices, problems with importing files, sync issues, cloud problems, and so forth. It is not uniformly terrible, but this is not a solid foundation for criticizing Spotify for not focusing on music enough.

Spotify sucks in other ways.

With spatial audio, we’ve completely revolutionised the listening experience. [Historically] we went from mono to stereo and then, for decades, there was nothing else.

This is untrue. People have been experimenting with multichannel audio in music since the 1960s. “Dark Side of the Moon” was released in quadrophonic audio in 1973, one of many albums released that decade in a four-channel mix. In the 1990s, a bunch of albums were released on SACDs mixed in 5.1 surround sound.

What Apple can correctly argue is that few people actually listened to any multichannel music in these formats. They were niche. Now?

Then we completely invented a new standard [where] now 90 per cent of our subscribers are listening to music in spatial audio. Which is great.

A fair point, though with a couple of caveats. Part of the high adoption rate is because Spatial Audio is turned on by default, and Apple is paying a premium to incentivize artists to release multichannel mixes. It is therefore not too surprising that most people have listened to at least one Spatial Audio track.

But this is the first time I can remember Apple claiming it “invented” the format. Spatial Audio was originally framed as supporting music mixed in Dolby Atmos. In its truest guise — played through a set of AirPods or Beats headphones, which can track the movement of the wearer’s head — it forms a three-dimensional bubble of music, something which Apple did create. That is, Apple invented the part which makes Atmos-mixed audio playable on its systems within a more immersive apparent space. But Apple did not invent the “new standard” taking music beyond two channels — that was done long before, and then by Dolby.

Also, it is still bizarre to me how many of the most popular multichannel mixes of popular albums are not available in Spatial Audio on Apple Music. These are records the artists deliberately intended for a surround sound mix at the time they were released, yet they cannot be played in what must be the most successful multichannel music venue ever made? Meanwhile, a whole bunch of classic songs and albums have been remixed in Spatial Audio for no good reason.

And little things, like the lyrics, for example, [which] you find on Apple Music, which are incredibly popular. We have a team of people that are actually transcribing the lyrics because we don’t want them to be crowd-sourced from the internet. We want to make sure they’re as pristine as possible.

I really like the way Apple Music displays time-tracked lyrics. That said, I only occasionally see inaccuracies in lyrics on Genius and in Apple Music, so I am not sure how much more “pristine” Apple’s are.

Also, I question the implication of a team of people manually transcribing lyrics. I have nothing to support this, but I would wager heavily this is primarily machine-derived followed by manual cleanup.

We’ve got motion artwork and song credits.

Song credits are good. Motion artwork is a doodad.

We really try to make Apple Music a high quality place for music fans.

I want to believe this is true, but I have a hard time accepting today’s Apple Music is the high quality experience worth raving about. Maybe some music fans are clamouring for animated artwork and bastardized Spatial Audio mixes of classic albums. I am not one of them. What I want is foundation of a reliable and fast jukebox functionality extended to my local library and streaming media, and then all this exciting stuff built on top.

And while most others in the marketplace have sort of stopped innovating, we’ve been really pushing hard, whether it’s Apple Music Sing, which is a great singalong feature, like karaoke. Or Classical, which is an audience that had completely been neglected.

These are good updates. Apple has not said much about Apple Music Sing or its popularity since it launched in December 2022, but it seems fine enough. Also, Spotify began trialling its own karaoke mode in June 2022, so maybe it should be credited with this innovation.

Apple Music Classical, meanwhile, remains a good but occasionally frustrating app. Schusser is right in saying this has been a neglected audience among mainstream streaming services. Apple’s effort is built upon Primephonic, which it acquired in August 2021 before launching it re-skinned as Classical in March 2023. That said, it is better now than it was at launch and it seems Apple is slowly refining it. It is important to me for there to be mainstream attention in this area.

We’re trying to make Apple Music the best place for people to listen to music. I’m super happy with that.

The thing I keep thinking about the four paragraph response above is that Schusser says a lot of the right things. Music is so important to so many people, and I would like to believe Apple cares as much about making the best music service and players as I do about listening to each week’s new releases.

I just wish everything was better than it currently is. There are many bugs I filed years ago which remain open, though I am happy to say the version in the latest Sequoia beta appears to contain a fix for reversing the order of songs when dragging them to the playback queue. If Apple really wants to position Apple Music as “the quality service” that is “the best at what we do”, it should demonstrate that instead of just saying it.

EchoFeed Automatically Publishes Feeds to Open Social Protocols echofeed.app

For about seven years, I have been automatically broadcasting new posts to Mastodon using a Zapier workflow. That was followed earlier this year by a Bluesky auto-posting setup powered by Linus Rath’s excellent WordPress to Bluesky plugin.

I can still recommend the latter; the former, though, gave me grief from day one. Zapier automatically posts gross short addresses instead of nicer permalinks, and I could not figure out a way to change this. (It is probably very easy. Please do not make fun of me.) Also, posts containing an ampersand in the title — of which there have recently been a few — have not been parsed correctly.

Happily, enemy of Perplexity Robb Knight launched EchoFeed in April:

It supports reading RSS and Atom and JSON feeds and then posting those items to Mastodon and Micro.blog and Bluesky and GitHub and Discord and LinkAce. Or it can send them as Webmentions and Webhooks.

After the AT&T debacle, I figured I would set up EchoFeed and consolidate everything into one account. It could not have been easier, and my feeds have been working great. Free for one feed to one service, and just $25 U.S. per year to remove limitations.

The Return of Piracy netwars.pelicancrossing.net

Anthony Ha, TechCrunch:

Some of those changes [in streaming] would be welcome, but they reinforce the sense that streaming — at least as envisioned by the executives currently running the business — won’t be all that different from the old cable TV ecosystem. Some things will be better (on-demand viewing), some will be worse (compensation for writers, actors, and other talent), and there might be different players at the top. But in many ways, it will feel like the same old TV.

Wendy M. Grossman:

This is the moment when lessons from the past of music, TV, and video piracy could be useful. Critics always said that the only workable answer to piracy is legal, affordable services, and they were right, as shown by Pandora, Spotify, Netflix, which launched its paid streaming service in 2007, and so many others.

It’s been obvious for at least two years that things are now going backwards. […]

If subscription streaming executives are determined to relive the past so, too, will those competent at searching the web for bootleg copies.

Manager Magazine Suggests Collaboration Between Apple and Porsche Beyond CarPlay theautopian.com

Stephen Rivers, the Autopian:

A recent story from Manager Magazine implies that Apple and Porsche are working on a car that’ll end up being a much greater integration than we’ve seen before. It highlights how the two brands have worked closely in the past, how Apple execs love to drive Porsches, and how they might work together in the future:

Preparations are now underway for an Apple-Porsche. Since Cook abandoned plans for his own Apple Car at the end of February, there have been completely new options for collaboration. A lot is now possible for Porsche; some developments and projects from the world of the Apple Car could now become available. It’s not just about software, they say in Stuttgart; Apple has also pursued exciting approaches to battery systems, for example.

That’s been translated by Google, but it gets the idea across. […]

Apple showed the new version of CarPlay first in mockups with Aston Martin and Porsche branding, and I am tempted to write this article off as a mere misinterpretation of that existing relationship. But if Manager’s sources are right, this could be a somewhat deeper connection. I would not go so far as Rivers’ article claims — that this is some kind of spiritual successor to Apple’s axed car project — yet if any company knows a thing or two about selling $120,000 cars, it is Porsche.

Prime Day Continues to Be Dangerous for Amazon’s Workforce theregister.com

Matthew Connatser, the Register:

Authored by Senator Bernie Sanders (I-VT) for the Health, Education, Labor, and Pensions (HELP) Committee, the investigative report [PDF] claimed Amazon’s annual Prime Day sale is “a major cause of injuries for the warehouse workers who make it possible.”

[…]

The study said the data showed that Amazon’s overall injury rate was above 30 percent for nearly every single week of 2019. Even during the COVID-19 pandemic, when this data was compiled, Amazon’s injury rate hovered between 15 and 25 percent, it added.

On Prime Day 2019 and in the first two weeks of December, injury rates climbed to over forty percent. But that was five years ago, and it is strange to me the HELP Committee report is not built around more recent data.

In May, the Strategic Organizing Center published its own report including data from 2023:

Three years after Amazon pledged to make the company “Earth’s Safest Place to Work” by cutting its total injury rate in half by 2025, a new analysis from the Strategic Organizing Center (SOC) shows the retail giant has reduced its overall injury rate by less than two percent. Drawing on newly released data, SOC also finds that injury levels at Amazon warehouses increased by as much as 59 percent during the company’s 2023 peak operational periods, including Prime Day and Cyber Monday.

Like the government report, the SOC says the injury rate at Amazon warehouses is double that of the industry average. It also says the injury rate in 2020 did not contain the Prime Day peak in the summer — as you can also see in the HELP report — because Amazon moved Prime Day to October.

Taboola to Sell Ads for Apple in News and Stocks axios.com

Sara Fischer, Axios:

Ad tech giant Taboola has struck a deal with Apple to power native advertising within the Apple News and Apple Stocks apps, Taboola founder and CEO Adam Singolda told Axios.

[…]

Most people know Taboola as the company responsible for placing chumbox ads at the bottom of many news stories online.

Om Malik:

Apple’s decision to strike a deal with Taboola is shocking and off-brand — so much so that I have started to question the company’s long-term commitment to good customer experience, including its commitment to privacy. As it chases more and more revenue to appease Wall Street, it’s clear Apple will become one of those companies that prioritize shareholders over paying customers and their experience.

Fischer reports the ads which appear in News and Stocks will have a level of scrutiny similar to those in the Taboola Select program. Still, Malik is right — this feels wrong for Apple and wrong for users.

Then again, services revenue seems to have compelled Apple to do lots of things which previously felt wrong. It has a credit card with interest rates currently between 19.24% and 29.49%. It aggressively advertises its services in its operating systems to the detriment of users’ experiences.

These moves may not feel like they fit Apple’s brand if your impression of it was formed more than ten years ago. There is no use protesting that they are out of character, however, when priorities like these feel like they represent today’s Apple.

The Richest People in Silicon Valley Are Backing Trump After He Got Shot rollingstone.com

Miles Klee, Rolling Stone:

Whether the stigma attached to MAGA culture is truly softening in deep-blue California, it’s clear that players large and small in its business culture feel emboldened and energized by the attempt on Trump’s life. Musk and his far-right Twitter friends have meanwhile done everything they can to elevate those voices and convince other people reluctant to share their admiration for Trump that the time to start is now. […]

Some of the richest people in the United States — including Marc Andreessen and Ben Horowitz, the Winklevii, and David Sacks — are firmly behind this Republican nightmare ticket, but this should not surprise anyone. Aside from the odious behaviour of these specific individuals over the years aligning with the Trump ethos, wealthy Americans generally backed the Trump/Pence campaign in 2020 and in 2016.

Whether and how this trend fits in California is murkier, as fully one-third of respondents said they had an income of $100,000 or greater; I could not find a state-level breakdown for higher incomes, let alone one at a county level. But it should not be too surprising for financial elites to back this ticket. Some of them did in 2016; more did in 2020. Trump is an increasingly safe choice for the faux contrarians of Silicon Valley.

Update: Steven Levy, Wired:

Andreessen and Horowitz are smart enough to know this, so their objections come off as both paranoid and self-interested. But I think there’s something more happening, an element that’s often cited to explain why some Silicon Valley people have turned to Trump: They resent how the media, some of the “woke” population, and left-leaning politicians don’t appreciate them, and even vilify them. In Trumpland, their wealth and the wisdom supposedly associated with it is respected.

For all anyone talks of prioritizing facts over feelings, a whole lot of people would do well to acknowledge they have emotional stakes in a situation. The tech industry is no longer being treated as an endless factory of greatness by the public and the press. Not all criticisms are valid or warranted, but nobody should believe the “pseudo-populist effort” of the Trump/Vance ticket when the people with financial stakes do not.

AT&T Paid to Delete Stolen Phone Records wired.com

Kim Zetter, Wired:

US telecom giant AT&T, which disclosed Friday that hackers had stolen the call records for tens of millions of its customers, paid a member of the hacking team more than $300,000 to delete the data and provide a video demonstrating proof of deletion.

[…]

The hacker who received the payment from AT&T alleges that Binns was responsible for the breach and shared samples of the data with him and others after downloading it. He says he believes Binns allegedly stole “several billions” of records from AT&T, though WIRED was unable to confirm this. Reddington [a security researcher] understands that the data that was deleted was the only complete dataset taken by the hackers. Reddington says he does not believe the hackers posted the data publicly, though he’s not sure how many people received excerpts of the data Binns allegedly provided or what they did with it.

Also currently unknown: how big the sample data sets are, what is in them, and whether the full set has actually been deleted.

Apple vs. Emulation reverttosaved.com

The AltStore (italicized note mine):

After 3 months in review — including 30+ days for appeal — UTM SE was approved for PAL 🎉 [The E.U.-only Apple-blessed version of AltStore.]

Apple also called us to say they decided to allow it in the App Store too, what a coincidence!

Our first set of 3rd party apps is now notarized, and will be available for PAL users soon 🙂

Finally. This was the emulator rejected just before WWDC from appearing in the App Store because Apple only wanted to allow emulators for gaming consoles, not retro personal computers.1 Apple also prevented it from being notarized for alternative distribution, which is something it should not be doing unless its executives really like skeptical phone calls from regulators.

One caveat, though: UTM SE is a JIT-less build. Its developers were originally resigned to its permanent rejection but I think their perseverance paid off, even if its performance is below developers’ and users’ expectations.

Riley Testut:

Thanks Apple for once again proving the best way to change the App Store rules is to submit an app to AltStore :)

Craig Grannell:

As a fan of emulation and safeguarding gaming’s history, I find myself increasingly frustrated with Apple in this space. It has – either by intent or incompetence – created the circumstances in which iOS has a confused, messy, inconsistent emulator ecosystem.

The word Grannell uses in the headline of this article — “incoherent” — is apt. At least there is now the tiniest bit of competition in the market for iPhone software distribution.


  1. Someday, someone will submit a vintage smartphone game emulator to the App Store and really test the iPhone-as-a-console theory. ↥︎

LGBT and Marginalized Voices Are Not Welcome on Meta’s Platforms macstories.net

A GLAAD report published in March paints a bleak picture of the moderation of LGBTQ-targeting posts on Meta’s platforms:

As this new report documents, nine months later, such extreme anti-trans hate content remains widespread across Instagram, Facebook, and Threads. All of the posts below were reported by GLAAD via Meta’s standard reporting systems; Meta either replied that posts were not violative or simply did not take action on them.

Some of the posts in question are from the high-profile accounts of media personalities and politicians. At least a couple of the accounts have since been suspended, but not necessarily because of the posts in this report.

Niléane, MacStories:

Without hard data, it is difficult to investigate this feeling, to understand if it is truly widespread or specific to some online bubbles. But one thing is certain: Threads hasn’t felt like a breath of fresh air for all who tried to use it. In my experience as a trans woman, at its best, it has felt like Jack Dorsey’s old Twitter: a social platform overrun by an opaque moderation system, free-roaming hate speech, and a frustrating algorithm that too often promotes harmful content.

As John Voorhees wrote on Mastodon, social media feeds based primarily around suggested posts mean “the experiences of any two people can be very different”. Perhaps your own feed lacks these discriminatory and hateful posts. Sadly, it does not surprise me to learn they are commonplace.

The thing that always frustrates me is that Meta gets to choose what kind of experience and expectations it wants to build for its community. Nobody is demanding perfection. But is the company proud of creating such a hostile environment for so many people? If Meta were to take seriously the fair criticisms levelled by GLAAD and Niléane — and plenty of others — it would be standing up for its professed values.

Russian Government Forces Apple to Remove Dozens of VPN Apps From the App Store bleepingcomputer.com

Sergiu Gatlan, Bleeping Computer:

Apple has removed 25 virtual private network (VPN) apps from the Russian App Store at the request of Roskomnadzor, Russia’s telecommunications watchdog.

Roskomnadzor confirmed to Interfax that the order targets multiple apps (including NordVPN, Proton VPN, Red Shield VPN, Planet VPN, Hidemy.Name VPN, Le VPN, and PIA VPN) used to gain access to content tagged as illegal in Russia.

This is part of an ongoing purge in Russia of the availability of VPN services.

Apple is, of course, required to comply with the laws of the regions in which it operates — something which it is happy to point out any time it is questioned — and it is barely maintaining a presence within Russia today. Its Russian-language website only provides documentation, and it has officially curtailed its other operations. But there are people in the country who have owned iPhones for years and those phones remain dependent on the App Store.

I understand why Apple would be outspoken about its objections to, say, new E.U. laws but not those from authoritarian states, because the objectives of the governments are entirely different. At least regulators in the E.U. might listen. Yet it sure does not feel right that it is dutifully and quietly complying with Russian policies despite withdrawing its presence otherwise.

Massive Records Breach Affects AT&T and Carriers Which Use Its Network techcrunch.com

Zack Whittaker, TechCrunch:

U.S. phone giant AT&T confirmed Friday it will begin notifying millions of consumers about a fresh data breach that allowed cybercriminals to steal the phone records of “nearly all” of its customers, a company spokesperson told TechCrunch.

In a statement, AT&T said that the stolen data contains phone numbers of both cellular and landline customers, as well as AT&T records of calls and text messages — such as who contacted who by phone or text — during a six-month period between May 1, 2022 and October 31, 2022.

AT&T said some of the stolen data includes more recent records from January 2, 2023 for a smaller but unspecified number of customers.

AT&T discovered this breach in April but waited until today to announce it. But if you believed this wholesale theft of metadata would shake confidence in the value of AT&T as a business, think again: the market is not punishing the company.

From AT&T’s SEC filing:

On May 9, 2024, and again on June 5, 2024, the U.S. Department of Justice determined that, under Item 1.05(c) of Form 8-K, a delay in providing public disclosure was warranted. AT&T is now timely filing this report. AT&T is working with law enforcement in its efforts to arrest those involved in the incident. Based on information available to AT&T, it understands that at least one person has been apprehended. As of the date of this filing, AT&T does not believe that the data is publicly available.

Joseph Cox, 404 Media:

John Binns, a U.S. citizen who has been incarcerated in Turkey, is linked to the massive data breach of metadata belonging to nearly all of AT&T’s customers that the telecommunications giant announced on Friday, three sources independently told 404 Media.

The breach, in which hackers stole call and text records from a third-party cloud service provider used by AT&T, is one of the most significant in recent history, with the data showing what numbers AT&T customers interacted with across a several month period in 2022. 404 Media has also seen a subset of the data, giving greater insight into the highly sensitive nature of the stolen information.

Binns also took responsibility for breaching T-Mobile in 2021, for which he was recently arrested after being charged in 2022. It seems likely to me Binns is the Turkish-residing member alluded to by Google’s Mandiant in its report on UNC5537, the threat actor associated with breaching possibly 165 customers of the Snowflake platform.

AT&T and other giant corporations will continue to retain massive amounts of data with poor security because it is valuable for them to do so and they are barely punished when it all goes wrong. T-Mobile paid a $350 million penalty in 2022 while continuing to say it did nothing wrong. The same year, it made $61.3 billion. In 2022, U.S. median household income was $74,580. Proportionally, T-Mobile got a $425 ticket.

Update: The 404 Media post was not paywalled at the time of posting, but it was later restricted.

‘Slop’ and ‘Content’

Ryan Broderick:

You’ve probably seen the phrase AI slop already, the term most people have settled on for the confusing and oftentimes disturbing pictures of Jesus and flight attendants and veterans that are filling up Facebook right now. But the current universe of slop is much more vast than that. There’s Google Slop, YouTube slop, TikTok slop, Marvel slop, Taylor Swift slop, Netflix slop. One could argue that slop has become the defining “genre” of the 2020s. But even though we’ve all come around to this idea, I haven’t seen anyone actually define it. So today I’m going to try.

This piece does actually settle somewhere very good in its attempt to address the vibe of the entertainment and media world in which we swim, but it is a slog to get there. This is the first paragraph and trying to pull it apart will take a minute. For a start, Broderick says the definition of “slop” has evaded him. That is plausible, but it does require him to have avoided Googling “ai slop definition” upon which point he would have surely seen Simon Willison’s post defining and popularizing the term:

Not all promotional content is spam, and not all AI-generated content is slop. But if it’s mindlessly generated and thrust upon someone who didn’t ask for it, slop is the perfect term for it.

This is a good definition, though Willison intentionally restricts it to describe A.I.-generated products. However, it seems like people are broadening the word’s use to cover things not made using A.I., and it appears Broderick wishes to reflect that.

Next paragraph:

Content slop has three important characteristics. The first being that, to the user, the viewer, the customer, it feels worthless. This might be because it was clearly generated in bulk by a machine or because of how much of that particular content is being created. The next important feature of slop is that feels forced upon us, whether by a corporation or an algorithm. It’s in the name. We’re the little piggies and it’s the gruel in the trough. But the last feature is the most crucial. It not only feels worthless and ubiquitous, it also feels optimized to be so. […]

I have trimmed a few examples from this long paragraph — in part because I do not want emails about Taylor Swift. I will come back to this definition, but I want to touch on something in the next paragraph:

Speaking of Ryan Reynolds, the film essayist Patrick Willems has been attacking this idea from a different direction in a string of videos over the last year. In one essay titled, “When Movie Stars Become Brands,” Willems argues that in the mid-2000s, after a string of bombs, Dwayne Johnson and Ryan Reynolds adapted a strategy lifted from George Clooney, where an actor builds brands and side businesses to fund creatively riskier movie projects. Except Reynolds and Johnson never made the creatively riskier movie projects and, instead, locked themselves into streaming conglomerates and allowed their brands to eat their movies. The zenith of this being their 2021 Netflix movie Red Notice, which literally opens with competing scenes advertising their respective liquor brands. A movie that, according to Netflix, is their most popular movie ever.

This is a notable phenomenon, but I think Broderick would do to cite another Willems video essay as well. This one, which seems just as relevant, is all about the word “content”. Willems’ obvious disdain for the word — one which I share — is rooted in its everythingness and, therefore, nothingness. In it, he points to a specific distinction:

[…] In a video on the PBS “Ideas” channel, Mike Rugnetta addressed this topic, coming at it from a similar place as me. And he put forth the idea that the “content” label also has to do with how we experience something.

He separates it into “consumption” versus “mere consumption”. In other words, yes, we technically are consuming everything, but there’s the stuff that we fully focus on and engage with, and then the stuff we look at more passively, like tweets we scroll past or a gaming stream we half-watch in the background.

So the idea Mike proposes is that maybe the stuff that we merely consume is content. And if we consume it and actually focus on it, then it’s something else.

What Broderick is getting at — and so too, I think, are the hoards of people posting about “slop” on X to which he links in the first paragraph — is a combination of this phenomenon and the marketing-driven vehicles for Johnson and Reynolds. Willems correctly points out that actors and other public figures have long been spokespeople for products, including their own. Also, there have always been movies and shows which lack any artistic value. Those things have not changed.

What has changed, however, is the sheer volume of media released now. Nearly six hundred English-language scripted shows were released in 2022 alone, though that declined in 2023 to below five hundred in part because of striking writers and actors. According to IMDB data, 4,100 movies were released in 1993, 6,125 in 2003, 15,451 in 2013, and 19,626 in 2023.

As I have previously argued, volume is not inherently bad. The self-serve approach of streaming services means shows do not need to fit into an available airtime slot on a particular broadcast channel. It means niche programming is just as available as blockbusters. The only scheduling which needs to be done is on the viewer’s side, fitting a new show or movie in between combing through the 500 hours of YouTube videos uploaded every minute, some of which have the production quality of mid-grade television or movies, not to mention a world of streaming music.

As Willems says, all of this media gets flattened in description — “content” — and in delivery. If you want art, you can find it, but if you just want something for, as Rugnetta says, “mere consumption”, you can find that — or, more likely, it will be served to you. This is true of all forms of media.

There are two things which help older media’s reputation for quality, with the benefit of hindsight: a bunch of bad stuff has been forgotten, and there was less of it to begin with. It was a lot harder to make a movie when it had to be shot to tape or film, and more difficult to make it look great. A movie with a jet-setting hero was escapist in the 1960s, but lower-cost airfare means those locations no longer seem so exotic. If you wanted to give it a professional sheen, you had to rent expensive lenses, build detailed sets, shoot at specific times of day, and light it carefully. If you wanted a convincing large-scale catastrophe on-screen, it had to be built in real life. These are things which can now be done in post-production, albeit not easily or necessarily cheaply. I am not a hater of digital effects. But it is worth mentioning the ability of effects artists to turn a crappy shot into something cinematic, and to craft apocalyptic scenery without constructing a single physical element.

We are experiencing the separating of wheat and chaff in real time, and with far more of each than ever before. Unfortunately, soulless and artless vehicles for big stars sell well. Explosions sell. Familiar sells.

“Content” sells.

Here is where Broderick lands:

And six years later, it’s not just music that feels forgettable and disposable. Most popular forms of entertainment and even basic information have degraded into slop simply meant to fill our various feeders. It doesn’t matter that Google’s AI is telling you to put glue on pizza. They needed more data for their language model, so they ingested every Reddit comment ever. This makes sense because from their perspective what your search results are doesn’t matter. All that matters is that you’re searching and getting a response. And now everything has meet these two contradictory requirements. It must fill the void and also be the most popular thing ever. It must reach the scale of MrBeast or it can’t exist. Ironically enough, though, when something does reach that scale now, it’s so watered down and forgettable it doesn’t actually feel like it exists.

One may quibble with the precise wording that “what your search results are doesn’t matter” to Google. The company appears to have lost market share as trust in search has declined, though there is conflicting data and the results may not be due to user preference. But the gist of this is, I think, correct.

People seem to understand they are being treated as mere consumers in increasingly financialized expressive media. I have heard normal people in my life — people without MBAs, and who do not work in marketing, and who are not influencers — throw around words like “monetize” and “engagement” in a media context. It is downright weird.

The word “slop” seems like a good catch-all term finding purchase in the online vocabulary, but I think the popularization of “content” — in the way it is most commonly used — foreshadowed this shift. Describing artistic works as though they are filler for a container is a level of disrespect not even a harsh review could achieve. Not all “content” is “slop”, but all “slop” is “content”. One thing “slop” has going for it is its inherent ugliness. People excitedly talk about all the “content” they create. Nobody will be proud of their “slop”.

Google Photos Finally Lets Users Migrate Directly to iCloud Photos dtinit.org

Chris Riley, of the Data Transfer Initiative:

Beginning today, Apple and Google are expanding on their direct data transfer offerings to allow users of Google Photos to transfer their collections directly to iCloud Photos. This complements and completes the existing transfers that were first made possible from iCloud Photos to Google Photos and fulfills a core Data Transfer Initiative (DTI) principle of reciprocity. The offering from Apple and Google will be rolling out over the next week and is the newest tool powered by the open source Data Transfer Project (DTP) technology stack, joining existing direct portability tools available to billions of people today offered by DTI and its founding partners Apple, Google, and Meta.

The Data Transfer Initiative’s story originates with Google’s Data Liberation Front, spurred by E.U. legislation. While Google has long permitted users’ retrieval of data it holds, it has not been the most enthusiastic supporter of direct transfers away from its services. This distinction becomes increasingly important as users store more data with cloud-based services instead of keeping local copies — they may not have space to download all their pictures if they trust the cloud provider’s hosting.

Since 2021, iCloud users have been able to migrate images directly to Google Photos. At long last, the same is possible in reverse.

Amazon Did Not Reach Its Goal of Fully Clean Electricity Seven Years Early nytimes.com

Ivan Penn and Eli Tan, New York Times:

Amazon announced on Wednesday that effectively all of the electricity its operations used last year came from sources that did not produce greenhouse gas emissions. But some experts have criticized the method the company uses to make that determination as being too lenient.

[…]

As a result, to achieve 100 percent clean energy — at least on paper — companies often buy what are known as renewable energy certificates, or RECs, from a solar or wind farm owner. By buying enough credits to match or exceed the energy its operations use, a company could make the claim that its business is powered entirely by clean energy.

“That’s what we do, buy RECs for projects that are not yet operational,” Ms. Hurst [Amazon’s vice president of worldwide sustainability] said.

Regardless of how legitimate these certificates are — and there are plenty of reasonable questions to be asked — it is dishonest for Amazon or anyone else to apply them to power consumed in a year in which it was not generated. This is greenwashing.

Samsung Introduces the Galaxy Watch Ultra and See If You Can Guess Its Inspiration theverge.com

Victoria Song, the Verge:

I’m not exaggerating or being a hater, either. It’s in the name! Apple Watch Ultra, Galaxy Watch Ultra. Everything about this watch is reminiscent of Apple’s. Samsung says this is its most durable watch yet, with 10ATM of water resistance, an IP68 rating, a titanium case, and a sapphire crystal lens. There’s a new orange Quick Button that launches shortcuts to the workout app, flashlight, water lock, and a few other options. (There is a lot of orange styling.) It’s got a new lug system for attaching straps that looks an awful lot like Apple’s, too.

It is extremely funny to me how shameless Samsung is in duplicating the specific differences of the Apple Watch Ultra relative to a standard Apple Watch. You can imagine Samsung’s product team going through the list: Titanium? Check. More durable? Check. Chunkier? Check. Assignable button? Check. Extended typeface? Check. Orange accents? In for a dime, in for a dollar.

Apple Blog TUAW Returns as A.I. Slop engadget.com

Christina Warren:

So someone bought the old TUAW domain name. TUAW was a site that I worked at in college, that has been dead for a decade and that I stopped working for 15 years ago. But now my name is bylined on 1500+ articles alongside an AI-generated photo. Revive the old brand. Fine. But leave my name off of it! H/t @gruber

Karissa Bell, Engadget:

Originally started in 2004, TUAW was shut down by AOL in 2015. Much of the site’s original archive can still be found on Engadget. Yahoo, which owns Engadget, sold the TUAW domain in 2024 to an entity called “Web Orange Limited” in 2024, according to a statement on TUAW’s website.

The sale, notably, did not include the TUAW archive. But, it seems that Web Orange Limited found a convenient (if legally dubious) way around that. “With a commitment to revitalize its legacy, the new team at Web Orange Limited meticulously rewrote the content from archived versions available on archive.org, ensuring the preservation of TUAW’s rich history while updating it to meet modern standards and relevance,” the site’s about page states.

Ernie Smith:

OK found the connection. The people who own The Hack Post bought the TUAW site. They use the same Google ad tag.

[…]

Notably, same dude owns iLounge.

The same advertising identifier has been used with a handful of other previously defunct publications like Metapress and Tapscape, as well as a vanity URL generator for Google Plus. Not a surprising use for domains with plenty of history and incoming links, but truly a scumbag result. Shameful.

The Ticketmaster Breach Is a Cautionary Nightmare globalnews.ca

Saba Aziz, Global News:

Ticketmaster has finally notified its users who may have been impacted by a data breach — one month after Global News first reported that the personal information of Canadian customers was likely stolen.

In an email to its customers on Monday, Ticketmaster said that their personal information may have been obtained by an unauthorized third party from a cloud database that was hosted by a separate third-party data services provider.

Ticketmaster says this might include “encrypted credit card information” from “some customers”.

Jason Koebler, 404 Media:

Monday, the hacking group that breached Ticketmaster released new data that they said can be used to create more than 38,000 concert tickets nationwide, including to sought after shows like Olivia Rodrigo, Bruce Springsteen, Hamilton, Tyler Childers, the Jonas Brothers, and Los Angeles Dodgers games. The data would allow someone to create and print a ticket that was already sold to someone else, creating a situation where Ticketmaster and venues might have to sort out which tickets are from legitimate buyers and which are the result of the hack for shows that are taking place as early as today.

These are arguably problems created by the scale and scope of Ticketmaster’s operations. This series of data releases affects so many people and events because parent company Live Nation is a chokepoint for entertainment thanks to a merger approved by U.S. authorities. If this industry were more distributed, it would certainly present more opportunities for individual breaches, but the effect of each would be far smaller.

Dynamic Type on the Web furbo.org

Craig Hockenberry:

This site now supports Dynamic Type on iOS and iPadOS. If you go to System Settings on your iPhone or iPad, and change the setting for Display & Brightness > Text Size, you’ll see the change reflected on this website.

With the important caveat this only applies to iOS-derived devices — not even Macs — it seems trivial enough to implement in a way that preserves the Dynamic Type font size but permits flexibility with other properties. Apple added this in Safari 7.0 along with a wide variety of other properties — you can set headings to match system sizes, too — but I cannot find many places where it is used even today. (The WebKit blog is one.) Is that a result of poor communication, or perhaps poor focus on accessibility? Or is it just too limited because it is only used on one set of platforms?

Apple Withheld Epic Games’ App Store in the E.U. appleinsider.com

Malcolm Owen, AppleInsider:

In earlier reports, it was confirmed by Apple that Epic was mostly in compliance with EU-specific app review guidelines. The objectionable parts were a download button and related copy, which went against rules that forbid developers from making apps that can confuse consumers that elements in the apps were actually Apple-made items.

Epic had defended itself, insisting it used the same naming conventions employed across different platforms. Epic also said it followed standard conventions for buttons in iOS apps.

Apple has since told AppleInsider on Friday that it has approved Epic’s marketplace app. It has also asked Epic to fix the buttons in a future submission of the app for review.

As far as I know, there are no screenshots of the version of Epic Games’ store submitted to Apple. Maybe it is designed in a way that duplicates Apple’s App Store to the point where it is confusing, as Apple argues. Maybe it is intentionally designed in such a way that it creates headlines; Epic Games loves being in this position.

Regardless, it seems like a bad idea for Apple to be using its moderate control over alternative app stores are distributed to litigate intellectual property disputes. Perhaps when trust in the company’s processes is healthier, it would be less objectionable. But right now? If Apple wants to give competition investigators more material, it appears to be succeeding.

Also, it is interesting to see the publications to which Apple chooses to provide quotes. TechCrunch has been a longtime favourite for the company but, increasingly, Apple is giving exclusive statements to smaller blogs like 9to5Mac and AppleInsider. I do not know what to make of this but I am noting it for my own future reference.

Canadian Government Enacts Digital Services Tax cbc.ca

Peter Zimonjic, CBC News:

The federal government has enacted a controversial digital services tax that will bring in billions of dollars while threatening Canada’s trading relationships by taxing the revenue international firms earn in Canada.

This has always seemed to me like a fairer response to declining Canadian advertising revenue for media companies than the Online News Act’s link tax. It makes no sense to charge ad-supported platforms for the privilege of pointing users to specific URLs.

U.S. Ambassador to Canada David Cohen issued a media statement Thursday calling the tax “discriminatory.”

“[The United States Trade Representative] has noted its concern with Canada’s digital services tax and is assessing, and is open to using, all available tools that could result in meaningful progress toward addressing unilateral, discriminatory [digital services taxes],” Cohen said in the statement.

I would love to know if it is possible for any non-U.S. government to respond to any number of unique conditions created by massive technology companies without it disproportionately impacting U.S.-based firms. The U.S. spent decades encouraging a soft power empire in the tech industry with its lax competition laws, and it has been an immensely successful endeavour. There will likely be retaliation, which is a similar reflection of its power — the Canadian government can either allow advertising spending to continue to be eaten up by U.S. firms, or it can get hit with some tariff on something else. Like sleeping with an elephant.

OpenAI’s ChatGPT Mac App Stored Conversation History Outside the Sandbox theverge.com

Pedro José Pereira Vieito on Threads:

The OpenAI ChatGPT app on macOS is not sandboxed and stores all the conversations in **plain-text** in a non-protected location:

~/Library/Application\ Support/com.openai.chat/conversations-{uuid}/

So basically any other running app / process / malware can read all your ChatGPT conversations without any permission prompt.

I have not yet updated my copy of the desktop app, so I was able to see this for myself, and it clarified the “all your ChatGPT conversations” part of this post. I had only downloaded and signed into the ChatGPT app — I had not used it for any conversations yet — but my entire ChatGPT history was downloaded to this folder. Theoretically, this means any app on a user’s system had access to a copy of their conversations with ChatGPT since they began using it on any device.

Jay Peters, the Verge:

After The Verge contacted OpenAI about the issue, the company released an update that it says encrypts the chats. “We are aware of this issue and have shipped a new version of the application which encrypts these conversations,” OpenAI spokesperson Taya Christianson says in a statement to The Verge. “We’re committed to providing a helpful user experience while maintaining our high security standards as our technology evolves.”

Virtually all media coverage — including Peters’ article — has focused on the “plain text” aspect. Surely, though, the real privacy and security risk identified in the ChatGPT app — such that there is any risk — was in storing its data outside the app’s sandbox in an unprotected location. This decision made it possible for apps without any special access privileges to read its data without throwing up a permissions dialog.

There are obviously plenty of frustrations and problems with Apple’s sandboxing model in MacOS. Yet there are also many cases where sensitive data is stored in plain text. The difference is it is at least a little bit difficult for a different app to surreptitiously access those files.

The Design of A.I. Identities techcrunch.com

Speaking of A.I. and design, I enjoyed Devin Coldewey’s look, for TechCrunch, at the brand and icon design of various services:

The thing is, no one knows what AI looks like, or even what it is supposed to look like. It does everything but looks like nothing. Yet it needs to be represented in user interfaces so people know they’re interacting with a machine learning model and not just plain old searching, submitting, or whatever else.

Although approaches differ to branding this purportedly all-seeing, all-knowing, all-doing intelligence, they have coalesced around the idea that the avatar of AI should be non-threatening, abstract, but relatively simple and non-anthropomorphic. […]

Gradients and gentle shapes abound — with one notable exception.

See Also: Brand New has reviews of the identities for OpenAI’s DevDay and Perplexity — both paywalled.

Report from Google Researchers Finds Impersonation Is the Most Likely Way Generative A.I. Is Misused ft.com

Cristina Criddle, Financial Times:

Artificial intelligence-generated “deepfakes” that impersonate politicians and celebrities are far more prevalent than efforts to use AI to assist cyber attacks, according to the first research by Google’s DeepMind division into the most common malicious uses of the cutting-edge technology.

The study said the creation of realistic but fake images, video and audio of people was almost twice as common as the next highest misuse of generative AI tools: the falsifying of information using text-based tools, such as chatbots, to generate misinformation to post online.

Emanuel Maiberg, 404 Media:

Generative AI could “distort collective understanding of socio-political reality or scientific consensus,” and in many cases is already doing that, according to a new research paper from Google, one of the biggest companies in the world building, deploying, and promoting generative AI.

It is probably worth emphasizing this is a preprint published to arXiv, so I am not sure of how much faith should be placed its scholarly rigour. Nevertheless, when in-house researchers are pointing out the ways in which generative A.I. is misused, you might think that would be motivation for their employer to act with caution. But you, reader, are probably not an executive at Google.

This paper was submitted on 19 June. A few days later, reporters at the Information said Google was working on A.I. chat bots with real-person likenesses, according to Pranav Dixit of Engadget:

Google is reportedly building new AI-powered chatbots based on celebrities and YouTube influencers. The idea isn’t groundbreaking — startups like Character.ai and companies like Meta have already launched products like this — but neither is Google’s AI strategy so far.

Maybe nothing will come of this. Maybe it is outdated; Google’s executives may have looked at the research produced by its DeepMind division and concluded the risks are too great. But you would not get that impression from a spate of stories which suggest the company is sprinting into the future, powered by the trust of users it spent twenty years building and a whole lot of fossil fuels.

Figma Disables A.I. Design Tool After It Copied Apple’s Weather App 404media.co

Emanuel Maiberg, 404 Media:

The design tool Figma has disabled a newly launched AI-powered app design tool after a user showed that it was clearly copying Apple’s weather app. 

Figma disabled the feature, named Make Design, after CEO and cofounder of Not Boring Software Andy Allen tweeted images showing that asking it to make a “weather app” produced several variations of apps that looked almost identical to Apple’s default weather app.

Dylan Field, Figma’s CEO, blamed this result on rushing to launch it at the company’s Config conference last week, and using a set of third-party models the company’s design components (see update below). Still, it is amazing how fast a company will move when it could reasonably be accused of intellectual property infringement.

It is consistent to view this clear duplication of existing works through the same lens of morality as when A.I. tools duplicate articles and specific artists. I have not seen a good explanation for why any of these should be viewed differently from the others. There are compelling reasons for why it is okay to copy the works of others, just as there are similarly great arguments for why it is not.

The duplication of Apple’s weather app by Figma’s new gizmo is laughable, but nobody is going to lose their livelihood because a big corporation’s A.I. feature ripped off the work of a giant corporation. It is outrageous, though, to see the unique style of individual artists and the careful reporting of publications being ripped off at scale for financial gain.

Update: An internal review found design components commissioned by Figma, not the A.I. layer itself, was to blame.

‘King Lear Is Just English Words Put in Order’

With apologies to Mitchell and Webb.

In a word, my feelings about A.I. — and, in particular, generative A.I. — are complicated. Just search “artificial intelligence” for a reverse chronological back catalogue of where I have landed. It feels like an appropriate position to hold for a set of nascent technologies so sprawling and therefore implying radical change.

Or perhaps that, like so many other promising new technologies, will turn out to be illusory as well. Instead of altering the fundamental fabric of reality, maybe it is used to create better versions of features we have used for decades. This would not necessarily be a bad outcome. I have used this example before, but the evolution of object removal tools in photo editing software is illustrative. There is no longer a need to spend hours cloning part of an image over another area and gently massaging it to look seamless. The more advanced tools we have today allow an experienced photographer to make an image they are happy with in less time, and lower barriers for newer photographers.

A blurry boundary is crossed when an entire result is achieved through automation. There is a recent Drew Gooden video which, even though not everything resonated with me, I enjoyed.1 There is a part in the conclusion which I wanted to highlight because I found it so clarifying (emphasis mine):

[…] There’s so many tools along the way that help you streamline the process of getting from an idea to a finished product. But, at a certain point, if “the tool” is just doing everything for you, you are not an artist. You just described what you wanted to make, and asked a computer to make it for you.

You’re also not learning anything this way. Part of what makes art special is that it’s difficult to make, even with all the tools right in front of you. It takes practice, it takes skill, and every time you do it, you expand on that skill. […] Generative A.I. is only about the end product, but it won’t teach you anything about the process it would take to get there.

This gets at the question of whether A.I. is more often a product or a feature — the answer to which, I think, is both, just not in a way that is equally useful. Gooden shows an X thread in which Jamian Gerard told Luma to convert the “Abbey Road” cover to video. Even though the results are poor, I think it is impressive that a computer can do anything like this. It is a tech demo; a more practical application can be found in something like the smooth slow motion feature in the latest release of Final Cut Pro.

“Generative A.I. is only about the end product” is a great summary of the emphasis we put on satisfying conclusions instead of necessary rote procedure. I cook dinner almost every night. (I recognize this metaphor might not land with everyone due to time constraints, food availability, and physical limitations, but stick with me.) I feel lucky that I enjoy cooking, but there are certainly days when it is a struggle. It would seem more appealing to type a prompt and make a meal appear using the ingredients I have on hand, if that were possible.

But I think I would be worse off if I did. The times I have cooked while already exhausted have increased my capacity for what I can do under pressure, and lowered my self-imposed barriers. These meals have improved my ability to cook more elaborate dishes when I have more time and energy, just as those more complicated meals also make me a better cook.2

These dynamics show up in lots of other forms of functional creative expression. Plenty of writing is not particularly artistic, but the mental muscle exercised by trying to get ideas into legible words is also useful when you are trying to produce works with more personality. This is true for programming, and for visual design, and for coordinating an outfit — any number of things which are sometimes individually expressive, and other times utilitarian.

This boundary only exists in these expressive forms. Nobody, really, mourns the replacement of cheques with instant transfers. We do not get better at paying our bills no matter which form they take. But we do get better at all of the things above by practicing them even when we do not want to, and when we get little creative satisfaction from the result.

It is dismaying to see so many of A.I. product demos show how they can be used to circumvent this entire process. I do not know if that is how they will actually be used. There are plenty of accomplished artists using A.I. to augment their practice, like Sougwen Chen, Anna Ridler, and Rob Sheridan. Writers and programmers are using generative products every day as tools, but they must have some fundamental knowledge to make A.I. work in their favour.

Stock photography is still photography. Stock music is still music, even if nobody’s favourite song is “Inspiring Corporate Advertising Tech Intro Promo Business Infographics Presentation”. (No judgement if that is your jam, though.) A rushed pantry pasta is still nourishment. A jingle for an insurance commercial could be practice for a successful music career. A.I. should just be a tool — something to develop creativity, not to replace it.


  1. There are also some factual errors. At least one of the supposed Google Gemini answers he showed onscreen was faked, and Adobe’s standard stock license is less expensive than the $80 “Extended” license Gooden references. ↥︎

  2. I am wary of using an example like cooking because it implies a whole set of correlative arguments which are unkind and judgemental toward people who do not or cannot cook. I do not want to provide kindling for these positions. ↥︎

No, the European Commissioner Did Not Say the Delayed Launch of Apple Intelligence Is Anticompetitive spyglass.org

M.G. Siegler:

With all the talk about how the EU believes Apple is anticompetitive, it never occurred to me to read it more literally. By announcing the [sic] would not be shipping their ‘Apple Intelligence’ tools in the EU, Apple is choosing to not compete in AI in the region. That is anticompetitive. I guess?

Siegler is not the only person who seems to be confused by Margrethe Vestager’s recent comments, as transcribed by Ben Lovejoy of 9to5Mac:

I find that very interesting that they say we will now deploy AI where we’re not obliged to enable competition. I think that is that is the most sort of stunning open declaration that they know 100% that this is another way of disabling competition where they have a stronghold already.

Vestanger is claiming Apple Intelligence must be anticompetitive because Apple is not launching it in the E.U. where it would fall under the governance of the DMA. It is, at best, a stretch to conclude that from Apple’s cautious behaviour. But I cannot see how one could interpret Vestanger’s comments to mean she believes the delay of Apple Intelligence in the E.U. is itself anticompetitive.

When Google Burned a U.S.-Allied Counterterrorism Operation poppopret.org

Yesterday, in responding to a Google profile of DRAGONBRIDGE, a Chinese state-affiliated disinformation campaign, I wrote that I hoped Google would do the same if it were a U.S.-allied effort it had found instead — forgetting that Google had already done so, and in a far more complicated circumstance.

Michael Coppola:

In January 2021, Google’s Project Zero published a series of blog posts coined the In the Wild Series. Written in conjunction with Threat Analysis Group (TAG), this report detailed a set of zero-day vulnerabilities being actively exploited in the wild by a government actor.

[…]

What the Google teams omitted was that they had in fact exposed a nine-month-long counterterrorism operation being conducted by a U.S.-allied Western government, and through their actions, Project Zero and TAG had unilaterally destroyed the capabilities and shut down the operation.

This is not the only example cited by Coppola; there are many in this post.

When an exploit chain is discovered, there is a very easy situation — technically: Google did the right thing by finding and exposing these vulnerabilities, no matter how they were being used. But doing so is politically and ethically fraught if those vulnerabilities are being used by state actors.

Patrick Howell O’Neill, reporting for MIT Technology Review in March 2021:

It’s true that Project Zero does not formally attribute hacking to specific groups. But the Threat Analysis Group, which also worked on the project, does perform attribution. Google omitted many more details than just the name of the government behind the hacks, and through that information, the teams knew internally who the hacker and targets were. It is not clear whether Google gave advance notice to government officials that they would be publicizing and shutting down the method of attack.

As far as I know, the U.S. ally was never revealed nor were the specific targets. Google’s revelation could have had catastrophic consequences, as Coppola speculates. But it is also true that not revealing known exploits to software vendors can have severe outcomes, as we learned with WannaCry. The risk of exposing the use of vulnerabilities is variable; the risk of not reporting them is fixed and known: they will be found by or released to people who should never have access to them.