Pixel Envy

Written by Nick Heer.

On Standards

Alison DeNisco Rayome, CNet:

The iPad just became a more useful multitasking tool for Gmail users. Google’s latest update to its email service finally added support for split-view multitasking, so you can keep your Gmail pane active on one side of the iPad screen while browsing through different apps on the other side.

[…]

Split View support for Gmail has been a long time coming: Apple first added the split view feature to the iPad back in 2015, with iOS 9. However, many popular apps did not support it initially. Google added Split View support for Docs, Sheets and Slides in 2016.

Apple added the API five years ago. Google is notoriously horrible at being a good citizen on others’ platforms, but five years is egregious even for them.

John Voorhees:

The bigger story here is that this version has been out 3 weeks and no one seems to have noticed, having given up on Split View in Gmail ages ago.

It appears that Apple flexed some of its platform ownership muscle as it announced at WWDC last year that, by April June, iPad apps would need to support multitasking views.

John Gruber:

Apple undeniably wields great power from the fact that the App Store is the exclusive source for all consumer software for the iPhone and iPad. Why not use that power in the name of user experience? Imagine a world where the biggest fear developers had when submitting an app for review wasn’t whether they were offering Apple a sufficient cut of their revenue, but whether they were offering users a good enough native-to-the-platform experience. Video app that doesn’t support picture-in-picture? You’re out of the store. App doesn’t support dynamic type size but clearly should? You’re out. Poor accessibility support? Out. Popular email client that doesn’t support split screen? Out.

Michael Tsai:

I’m against adding subjective quality requirements to the App Store, but requiring split-screen seems more like the objective requirements to support 64-bit or the iPhone X notch. It could nudge apps in a good direction without being onerous or unpredictable.

With the Hey debacle fresh in all of our minds along with continuing reminders of the inconsistent expectations of the App Store, it is a delicate balance to suggest Apple use more of its power to approve or reject apps based on nicety. If I were to play backseat Apple CEO, I would have allowed apps to be installed from outside of the App Store, with a Gatekeeper-like verification mechanism, and treated the App Store as a place where users would find the best apps with the best experiences. But this is not the world we live in and, anyway, I assume there would be unforeseen consequences to my half-baked wishes.

In the real world, where Apple has a degree of control over all native apps on iOS and iPadOS, I think it should be more aggressive in establishing platform expectations. There ought to be a list of standard features demanded of all apps and split-screen multitasking is unquestionably on that list. Same with support for standard keyboard shortcuts. Users ought to have platform standards, and there is no more powerful iOS device user than Apple.

The Visual Storytelling of Run the Jewels

Alex Castro, the Verge:

Alongside the two antiheroes of Run The Jewels is a third, ever-present visual staple: the pistol and fist. This simple image has graced the cover of every Run The Jewels album, communicating very clearly what the duo are here to do. This image goes directly against more traditional hip-hop album artwork, which tends to feature a portrait of the artist in varying forms. By choosing a more symbolic art direction, the group sets the tone for their records to stretch beyond reality. This is supported by auxiliary imagery for packaging and album skits, which hint at the duo escaping hell.

The creation of the covers has been spearheaded by El-P, one-half of Run The Jewels, and recently, Tim Saccenti, a photographer and filmmaker who’s worked with El-P since his second album. However, both are quick to mention the contributions of numerous artists over the years, including illustrator Nick Gazin, who drew the first two covers and helped conceive the original logo, and, of course, Killer Mike, the other half of Run The Jewels. “I consider it to be sort of an art collective,” El-P says. “Different people have different moments in it that enhance it and turn it into what it is.”

I spoke separately with El-P and Saccenti about the history of Run The Jewels’ visuals and how they’ve been brought to life through sculpture and photography for their most recent albums. Here’s a combination of both interviews, which have been condensed and lightly edited for clarity.

The low poly pistol and fist motif on their most recent release might be my favourite iteration yet.

Pinboard Turns Eleven

I began using Pinboard eleven years ago as of July 13. In that time, I have bookmarked over 27,000 links, excluding several that I imported from Delicious and cleaned up. I pay about thirty bucks a year for archiving — 95% of my saved links have been archived, which is great, as many of the links that I saved several years ago are no longer active. Paying for archiving also means that Pinboard enables full text search, which is like having my own personal search engine for stuff I’ve read.

Pinboard is perhaps the most useful web service I know of, particularly for my voracious reading habits. If I did not subscribe to archiving, I would have paid no more than the $2.91 registration fee at the time I joined. I simply cannot think of anything else from which I have enjoyed such value.

Elon Musk Once Again Says Tesla Is ‘Very Close’ to Full Autonomy This Year, for Real This Time

Al Root, writing in a Barron’s article confidently titled “Don’t Bet Against Musk”:

Now Musk plans to crack “level 5 autonomous driving” in the coming year. That’s the message Musk delivered Thursday at the World Artificial Intelligence Conference in China.

The society of automotive engineers defines five levels of autonomous driving from Level 1 to Level 5. A Level 1 feature is something like parking assistance. Level 5 means the driver — if you can still call the person behind the steering wheel a driver — doesn’t have to do anything in all driving conditions.

This is the exact same tune Musk has been playing for five years: in 2015, he said that fully autonomous vehicles would be on the road within two years. Credulous reporting by financial publications like Barron’s, above, and Forbes to industry sites like Electrek — and even mainstream publications like the BBC — has helped cement Musk’s claim that Level 5 autonomy is just around the corner for years now.

Tesla, of course, continues to market its driver aids as “Autopilot” while insinuating that a car bought from the company today has “Full Self-Driving Capability”. But these are exaggerations that I feel go beyond puffery. The features of the “Autopilot” system are exactly the same as the lane-keeping and radar-guided cruise control that have been available across the automotive industry for years now. For comparison, its namesake technology on aircraft can follow a predetermined flight path with speed and altitude adjustments. The things that make it “full[y] self-driv[ing]”, meanwhile, have fine print that clearly states that these features do not make the car drive itself:

The currently enabled features require active driver supervision and do not make the vehicle autonomous.

Jason Torchinsky, Jalopnik:

I’m pretty comfortable saying that, no, Tesla will not have full Level 5 autonomy solved by the end of the year, especially not with current hardware on their fleet of cars. I do not think we will see a software solution to L5 downloaded to Teslas any time soon.

I don’t really understand why Elon is pushing this narrative, either. Tesla has been saying they’re just about to release “Full Self-Driving” for years now, and they haven’t.

Elon’s remarks both suggest he’s aware of the scale of the problem, yet he seems to trivialize the issues or ignore them, anyway. While I think it’s possible that enough of the issues for Level 5 can be engineered away to be viable, we’re not really close yet.

You said it yourself, Elon: the world is complex and weird. You need to respect that, and be honest about the challenges of truly full autonomy.

I don’t think it is surprising that Musk is not honest about the likelihood of achieving full autonomy soon. I do expect the press to scrutinize such claims and correctly contextualize them, as Torchinsky has done here.

The Internal Tension of New Web APIs

Mike Zornek reacts to Apple’s decision to decline support for several new APIs on privacy foundations:

But if I’m reading the tea leaves right, and history is a model to follow, what requires “native device” code today will be possible in the web browser of the future. WebAssembly shows great early promise in providing rich cross-platform code opportunities. If you are a 1Password user like me, you are probably already enjoying some WebAssembly today.

However, to build rich user experiences on a mobile device using WebAssembly or inside a normal web app requires access to the sensors and systems of that device. With this collective blocking of access (along with the lack of side loading options on iOS and the ban of non-WebKit rendering in App Store apps) Apple has positioned their own native and financial interests over the favor of an open web.

Here’s the tension: if we give web apps this kind of functionality, we necessarily give it to websites, too. I understand why many developers of web languages ache for these APIs, but I think they are an enormous mistake.

I recognize that this comes across as curmudgeonly, but I do not want desktop app functionality for websites. These technologies surely enable some wonderful experiences but, more often, they create clever new ways to abuse users’ privacy and security. The most popular use of WebAssembly amongst the top million websites, as ranked by Alexa, is to surreptitiously mine cryptocurrency. A website should not be able to have that kind of power, and I welcome greater delineation between the web and desktop-class software.

Harper’s Gives Prestigious Platform to Famous Writers So They Can Publicly Whine About Being Silenced

Jennifer Schuessler and Elizabeth A. Harris, New York Times:

The killing of George Floyd has brought an intense moment of racial reckoning in the United States. As protests spread across the country, they have been accompanied by open letters calling for — and promising — change at white-dominated institutions across the arts and academia.

But on Tuesday, a different type of letter appeared online. Titled “A Letter on Justice and Open Debate,” and signed by 153 prominent artists and intellectuals, it began with an acknowledgment of “powerful protests for racial and social justice” before pivoting to a warning against an “intolerant climate” engulfing the culture.

“The free exchange of information and ideas, the lifeblood of a liberal society, is daily becoming more constricted,” the letter declared, citing “an intolerance of opposing views, a vogue for public shaming and ostracism and the tendency to dissolve complex policy issues in a blinding moral certainty.”

Mike Masnick at Techdirt (via Andy Baio):

And, again, it is fundamentally ridiculous and ahistorical to argue that the boundaries of what can be said have narrowed. Honestly, you do not have to go back very far to find examples of topics of conversation that were fundamentally taboo and are now widespread and common. And many of those new ideas have resulted in massive, important social change: civil rights and civil liberties now exist in more meaningful forms than they ever did before because of people speaking out. The ability of LGBTQ+ people to marry whom they love coming just decades after it was literally illegal to do so is a result of more people being able to speak out. The ability of the Black Lives Matter movement to rally so many people in support of their cause and pull the curtains back on centuries of institutional, systemic racism is a result of more people being able to speak out.

The idea that there’s been some narrowing of ideas is nonsense. These people are getting criticized for their bad ideas and their response is to play victim and pretend that the space in which they can speak has narrowed. They’re full of shit.

This letter is self-serving nonsense at best — and, at worst, masks anti-trans discrimination as “open debate” — and it is dispiriting to see people like Margaret Atwood, Jeet Heer (no relation), and Garry Kasparov endorsing it.

European Data Protection Laws Enshrine Many Rights That Americans Should Expect of Their Own Government

Hugo Roy:

[…] There are, already, strong protections for the privacy of Americans in the US Constitution. And access to electronic communications content and data by US authorities has received increased protection by US courts, in particular the US Supreme Court in the Carpenter case recently. Some of these safeguards were ahead of their time, while some are reminiscent of the EU top court’s own case law. There is, however, still no GDPR-equivalent data protection law at the federal level in the US. Although it seems that, with the CCPA (and maybe others), some states like California are pushing in this direction.

In 1973, a US official committee submitted the “Records, computers and the rights of citizens” report. The title of this report is almost identical to the French data protection law of 1978 (on computing, records and freedoms). What also strikes me is that the recommendations of this report share strong similarities with the GDPR in many ways (see the list of data subject rights, the main principles, and the obligations on data controllers in the “Summary and Recommendations”).

So, what happened? How’s this permitted?

There are strong U.S. Constitutional protections for individual privacy rights with respect to the interaction between citizens and government, but there are few regulations that restrict the collection, storage, and use of any information by private companies. This has created a loophole for law enforcement where, instead of surveilling someone directly, they can simply subpoena any number of big advertising companies for granular information about someone’s browsing history and geographic location.

Internal Law Enforcement Bulletin Advises Use of iOS Shortcut to Record Police Encounter May Be Suspicious

Brian Krebs writing last month:

Hundreds of thousands of potentially sensitive files from police departments across the United States were leaked online last week. The collection, dubbed “BlueLeaks” and made searchable online, stems from a security breach at a Texas web design and hosting company that maintains a number of state law enforcement data-sharing portals.

[…]

KrebsOnSecurity obtained an internal June 20 analysis by the National Fusion Center Association (NFCA), which confirmed the validity of the leaked data. The NFCA alert noted that the dates of the files in the leak actually span nearly 24 years — from August 1996 through June 19, 2020 — and that the documents include names, email addresses, phone numbers, PDF documents, images, and a large number of text, video, CSV and ZIP files.

Jack Morse is one of many journalists and activists sharing the contents of leaked materials, and posted a screenshot of one bulletin on Twitter:

The Delaware Information and Analysis Center (DIAC) is providing the following information for situational awareness. A new Apple iPhone application called “Shortcuts” was introduced with the iOS 12 update. In this update, a new feature was added called “Police.”

No, it wasn’t. Robert Petersen created and shared one such shortcut. It was not created by Apple, it is not preinstalled, and saying the phrase “hey, Siri, I’m getting pulled over” won’t do anything unless the user has installed the shortcut — which is not a bad idea.

DIAC emphasizes that the above information describes constitutionally protected activities and may be insignificant on its own. However, when observed in combination with other behaviors, this activity may raise suspicion in a reasonable person and constitute a basis for reporting.

Workflow went from hackathon winner and power user utility to a mainstream law enforcement concern in just six years.

In a Statement to the Verge, Apple Confirms That It Will Support Thunderbolt in ARM-Based Macs

Chaim Gartenberg, the Verge:

Apple is moving away from Intel’s chipsets in favor of its new, custom-designed ARM chips — but the company is promising that it’ll still support Intel’s Thunderbolt USB-C connectivity standard on new Apple silicon computers, despite the lack of Intel processors.

“Over a decade ago, Apple partnered with Intel to design and develop Thunderbolt, and today our customers enjoy the speed and flexibility it brings to every Mac. We remain committed to the future of Thunderbolt and will support it in Macs with Apple silicon,” commented an Apple spokesperson, in a statement to The Verge.

Thankfully, Apple is trying to make this hardware transition as boring as possible from a user’s perspective, so a statement saying the opposite would have been more newsworthy. That’s not to say that it’s a waste of time to report on this, only that it fits the expectation Apple has set for this transition.

The Wild Wild Web

Elizabeth Dwoskin, Craig Timberg, and Tony Romm, the Washington Post:

The document, which is previously unreported and obtained by The Post, weighed four options. They included removing the post [by then-candidate Donald Trump advocating for banning Muslims from entering the United States] for hate speech violations, making a one-time exception for it, creating a broad exemption for political discourse and even weakening the company’s community guidelines for everyone, allowing comments such as “No blacks allowed” and “Get the gays out of San Francisco.”

Facebook spokesman Tucker Bounds said the latter option was never seriously considered.

The document also listed possible “PR Risks” for each. For example, lowering the standards overall would raise questions such as, “Would Facebook have provided a platform for Hitler?” Bickert wrote. A carveout for political speech across the board, on the other hand, risked opening the floodgates for even more hateful “copycat” comments.

Ultimately, Zuckerberg was talked out of his desire to remove the post in part by Kaplan, according to the people. Instead, the executives created an allowance that newsworthy political discourse would be taken into account when making decisions about whether posts violated community guidelines.

It isn’t often that invoking Hitler is useful in policy questions but, in this instance, it is hard to see how Facebook’s broad policy exceptions for “newsworthiness” would not apply to hypothetical posts from him. Is Facebook theoretically comfortable with a politician to use its platform to advocate for genocide? Staggering as it may seem, it is not such an outlandish question. I would argue that, if such a hypothetical fits into the company’s “newsworthiness” rules, then that policy is wildly irresponsible; if it does not, then there is a line, and advocating genocide should not be the benchmark for when such posts are not allowed.

One way to simplify this question is to ask whether Facebook’s executives believe that its role is to be a comfortable space for many people to see advertising, or if they believe it should be a passthrough entity and international exporter of the First Amendment.

Kevin Roose, the New York Times:

Just like the California gold rush, the Wild Wild Web started an enormous accumulation of personal and corporate power, transforming our social order overnight. Power shifted from the czars of government and the creaky moguls of the Fortune 500 to the engineers who built the machines and the executives who gave them their marching orders. These people were not prepared to run empires, and most of them deflected their newfound responsibility, or pretended to be less powerful than they were. Few were willing to question the 2010s Silicon Valley orthodoxy that connection was a de facto good, even as counter-evidence piled up.

There are still some stubborn holdouts. (Facebook, in particular, still appears attached to the narrative that social media simply reflects offline society, rather than driving it.) But among the public, there is no more mistaking Goliaths for Davids. The secret of the tech industry’s influence is out, and the critics who have been begging tech leaders to take more responsibility for their creations are finally being heard.

Anna Wiener, the New Yorker:

Under Section 230, content moderation is free to be idiosyncratic. Companies have their own ideas about right and wrong; some have flagship issues that have shaped their outlooks. In part because its users have pushed it to take a clear stance on anti-vaccination content, Pinterest has developed particularly strong policies on misinformation: the company now rejects pins from certain Web sites, blocks certain search terms, and digitally fingerprints anti-vaccination memes so that they can be identified and excluded from its service. Twitter’s challenge is bigger, however, because it is both all-encompassing and geopolitical. Twitter is a venue for self-promotion, social change, violence, bigotry, exploration, and education; it is a billboard, a rally, a bully pulpit, a networking event, a course catalogue, a front page, and a mirror. The Twitter Rules now include provisions on terrorism and violent extremism, suicide and self-harm. Distinct regulations address threats of violence, glorifications of violence, and hateful conduct toward people on the basis of gender identity, religious affiliation, age, disability, and caste, among other traits and classifications. The company’s rules have a global reach: in Germany, for instance, Twitter must implement more aggressive filters and moderation, in order to comply with government laws banning neo-Nazi content.

[…]

Debates over content moderation tend to focus on companies like Facebook and Twitter, and some might be glad to see the biggest platforms lose their immunity shield. But what are Twitch, Reddit, FlyerTalk, Bogleheads, Hacker News, wikiFeet, or iNaturalist without their content? (Yelp without yelps: Why bother?) Twitter could revert to “bird chirps,” and be a place for benign, pithy commentary on nothing; Instagram could subsist on photographs of gloppy eggs Benedict and memes about disgruntled golden retrievers. Alternatively, if companies were disincentivized from moderating content, the Internet could become a cesspool. We might face another kind of information crisis — a dying off of user-generated discourse, opinion, and news. “Without Section 230, the traditional media would have even more power over speech and expression,” [Jeff Kosseff] writes. “And those power structures could be even more stacked against the disenfranchised.”

[…]

Ultimately, the problems that need solving may not be ones of content moderation. In the book “Platform Capitalism,” published in 2017, the economist Nick Srnicek explores the reliance of digital platforms on “network effects,” in which value increases for both users and advertisers as a service expands its pool of participants and suite of offerings. Network effects, Srnicek writes, orient platforms toward monopolization; monopolization, in turn, makes it easier for a single tweet to be an extension of state power, or for a single thirty-six-year-old entrepreneur, such as Zuckerberg, to influence the speech norms of the global digital commons. Both outcomes might be less likely if there were other places to go. The business model common to many social-media platforms, meanwhile, is itself an influence over online speech. Advertisers are attracted by data about users; that data is created through the constant production and circulation of user-generated content; and so controversial content, which keeps users posting and sharing, is valuable. From this perspective, Donald Trump is an ideal user of Twitter. A different kind of business might encourage a different kind of user.

Wiener’s article is the one I have hopelessly been trying to write, and my conclusion is similar. Moderation is not inherently a problem; having monolithic siloed social networks is much more concerning.

The other conclusion is deeply unsatisfying: voters need to elect leaders who view power with responsibility, not arousal. The last several years have proved that to be accurate in virtually all contexts. But, true as it may be, it is not helpful us now, and it does not give us an adequate framework for dealing with the problems caused by amplifying propagandists’ glorification of their interests without context.

The Variety of ‘Facial Recognition’ Technologies Necessitates Nuanced Legislation

John Oliver:

This technology raises troubling philosophical questions about personal freedom, and, right now, there are also some very immediate practical issues. Even though it is currently being used, this technology is still very much a work in progress, and its error rate is particularly high when it comes to matching faces in real time. In fact, in the U.K., when human rights researchers watched police put one such system to the test, they found that only eight out of 42 matches were ‘verifiably correct’ — and that’s even before we get into the fact that these systems can have some worrying blind spots, as one researcher found out when testing numerous algorithms, including Amazon’s own Rekognition system:

At first glance, MIT researcher Joy Buolamwini says that the overall accuracy rate was high, even though all companies better detected men’s faces than women’s. But the error rate grew as she dug deeper.

“Lighter male faces were the easiest to guess the gender on, and darker female faces were the hardest.”

One system couldn’t even detect whether she had a face. The others misidentified her gender. White guy? No problem.

Yeah: “white guy? No problem” which, yes, is the unofficial motto of history, but it’s not like what we needed right now was to find a way for computers to exacerbate the problem. And it gets worse. In one test, Amazon’s system even failed on the face of Oprah Winfrey, someone so recognizable her magazine only had to type the first letter of her name and your brain autocompleted the rest.

Oliver covers a broad scope of different things that fit under the umbrella definition of “facial recognition” — everything from Face ID to police databases and Clearview AI.

Today, the RCMP and Clearview suspended their contract; the RCMP was, apparently, Clearview’s last remaining client in Canada.

Such a wide range of technologies raise complex questions about their regulation. Sweeping bans may prohibit the use of something like Face ID or Windows Hello, but even restricting use based on consent would make it difficult to build something like the People library built into Photos. Here’s how Apple describes it:

Face recognition and scene and object detection are done completely on your device rather than in the cloud. So Apple doesn’t know what’s in your photos. And apps can access your photos only with your permission.

Apple even put together a lengthy white paper (PDF) that, in part, describes how iOS and MacOS keep various features in Photos private to the user. However, in this case, the question is not about the privacy of one’s own data, but whether it is fair for someone to use facial recognition privately. It is a question of agency. Is it fair for anyone to have their face used, without their permission, to automatically associate pictures of themselves? Perhaps it is, but is it then fair to do so more publicly, as Facebook does? What is a comfortable line?

I don’t mean that as a rhetorical question. As Oliver often says, “the answer to the question of ‘where do we draw the line?’ is somewhere“, and I think there is a “somewhere” in the case of facial recognition. But the legislation to define it will need to be very nuanced.

Rebecca Heilweil, Vox:

So it seems that as facial recognition systems become more ambitious — as their databases become larger and their algorithms are tasked with more difficult jobs — they become more problematic. Matthew Guariglia, a policy analyst at the Electronic Frontier Foundation, told Recode that facial recognition needs to be evaluated on a “sliding scale of harm.”

When the technology is used in your phone, it spends most of its time in your pocket, not scanning through public spaces. “A Ring camera, on the other hand, isn’t deployed just for the purpose of looking at your face,” Guariglia said. “If facial recognition was enabled, that’d be looking at the faces of every pedestrian who walked by and could be identifying them.”

[…]

A single law regulating facial recognition technology might not be enough. Researchers from the Algorithmic Justice League, an organization that focuses on equitable artificial intelligence, have called for a more comprehensive approach. They argue that the technology should be regulated and controlled by a federal office. In a May proposal, the researchers outlined how the Food and Drug Administration could serve as a model for a new agency that would be able to adapt to a wide range of government, corporate, and private uses of the technology. This could provide a regulatory framework to protect consumers from what they buy, including devices that come with facial recognition.

This is such a complex field of technology that it will take a while to establish ground rules and expectations. Something like Clearview AI’s system should not be allowed; it is a heinous abuse of publicly-visible imagery. Real-time recognition is also extremely creepy and I believe should also be prohibited.

There are further complications: though the U.S. may be attempting to sort out its comfort level, those boundaries have been breached elsewhere.

Climbing Up the Walls

Apple’s introduction at WWDC of Macs running on own-brand processors was as complete as many people were expecting. There was a rationale for the transition, an explanation of how developers can make their software run on these new systems, a way for older software to run without developer intervention, and a timeline for its rollout.

But what was not changed with this transition has proved to be just as interesting as all of the new things that were shown off. Apple is going to great lengths to make this transition as seamless as possible. It is contributing patches to popular open source projects, even Electron, and it is even bringing deprecated technologies like OpenGL to ARM. Most importantly, the company has repeatedly promised that it will not be taking the Mac to a more locked-down model like iOS.

For some reason, these assurances have not stopped Alex Cranz of Gizmodo from speculating that this is Apple’s walled garden “grow[ing] higher”:

Apple has finally announced its long-rumored transition away from Intel chips and will now make its own homegrown CPUs based on the ARM architecture for future Macs. The company’s goal is to shed its dependence on Intel so that it can control even more of its production and development pipeline. It’s an interesting move at an even more interesting time, given that Apple CEO Tim Cook has also finally agreed to testify on Capitol Hill in a Big Tech antitrust hearing. Just last month, the European Union opened its own antitrust probe into Apple and its App Store. The company is being investigated and criticized for its near-perfect execution of vertical integration more than ever before, just as it’s taking its biggest step toward its grand vision of vertical integration in nearly 15 years.

So that’s the argument: Apple’s vertical integration of own-brand processors for the Mac is of similar concern to the App Stores and in-app purchase rules that it enforces on iOS. I don’t think that makes any sense at all but, first, let’s hear from an analyst about why Apple would want to switch from Intel:

“Apple hasn’t been very successful over the past five years with the Mac and most of the innovation has come from Windows vendors,” analyst Patrick Moorhead told Gizmodo. “I think Apple sees vertical integration as a way to lower costs and differentiate. We’ll see. It’s a risky and expensive move for Apple, and right now I’m scratching my head on why Apple would do this. There’s no clear benefit for developers or for users, and it appears Apple is trying to boost profits.”

The Mac’s reputation has suffered in the last five years due, in part, to the crappy keyboards it shipped on its laptops and less-frequent product updates — and one reason it did not release new Macs as often is because Intel struggled with new processor development. But it should not be surprising that Moorhead ignores the benefits that Apple stated for users and developers and the problems Intel has had because Intel is one of his clients, something this article does not mention.

Also, despite its keyboard problems and more stagnant product line, Apple’s Mac sales over the last five years have been its best ever. It’s hard to see how it “hasn’t been very successful” on those grounds.

Cranz spends the next several paragraphs explaining why a purely financial argument does not adequately justify the processor switch. True. There are also many paragraphs about the benefits of and problems with Apple’s control over the App Store on iOS. That takes us to the core of Cranz’s argument:

Unlike iOS, macOS developers have always been able to skirt around using the Mac App Store. I can go to directly to a developer’s site for most apps and just buy what I want outside of the App Store. But how long will that continue in the future macOS landscape, particularly if the main people developing for the operating system are doing so alongside their iOS and iPadOS builds? Apple has repeatedly said it has no plans to turn macOS into a walled garden, as has always been the case with iOS and iPadOS, but it might effectively have done just that with the ARM switch.

That’s it. There is no greater explanation offered for why switching to a different processor architecture is an equivalent to the App Store model on iOS. Cranz points out all the ways the ARM transition is supposed to be easy for developers and invisible to users and some of its unique benefits, but writes absolutely nothing to justify this particular statement, other than the FUD-grade question about how long developers will keep shipping their apps independently. Given the state of the Mac App Store and how many developers would prefer to keep as much of their revenue as they can — this very article began with a nod at antitrust investigations over Apple’s in-app purchase requirements — I see no reason why great Mac apps won’t continue to be offered directly by developers.

Brent Simmons:

[…] I had been very worried that Apple would, as part of the ARM transition, lock down macOS so that only Mac App Store apps would be permitted.

That didn’t happen. And Apple employees explained that it’s not going to happen — and, given that it didn’t happen this time, given that they had this chance, I believe them.

I understand adding security features to the Mac. But to take away our freedom to create whatever Mac apps we want, and distribute them without Apple’s, or anyone’s, seal of approval, would be to take the heart out of my career.

But that’s not what happened! I feel great about this. I’m going to stop worrying about the Mac.

I was also fretting about what a Mac running on Apple’s own processors might entail. I was nervous about how difficult it might be to upgrade to one when it comes time to do so. I still have my concerns, but I truly believe Apple when it says that it does not want to merge the Mac and iPad, or implement an iOS-like App Store-only model on MacOS.

Cranz’s pieces feels like one of those articles where a writer started with a premise and found the parts that fit while ignoring those that did not. Just about everything that is possible on a Catalina system running on Intel will be possible on a Big Sur system running on Apple’s own processors, with the exception of using Windows through Boot Camp. It’s not nothing, but it does not indicate an expansion of a walled garden, either. We can speculate all we want about whether this might change down the road, but Apple laid out good reasons why it is not planning an iOS-alike model for the Mac. In short, it would not be good for Apple, it would not be good for developers, and none of that is good for users. Makes sense to me.

Reef, a Parking Company, Ushers in Our Ghost Kitchen Future

Anna Wiener, the New Yorker:

For now, though, Reef is focussing on food preparation as a test case — a proof of concept for other sorts of “applications” that might make sense in some later, future time. Food prep is a sensible first experiment for Reef’s modular approach to repurposing parking lots: over the past few years, delivery has been on the upswing, and delivery-only kitchens — referred to as “ghost kitchens” or “dark kitchens” — are having a moment. Reef operates kitchens across eighteen cities in the United States, in seventy-odd parking lots. In the trailer on Mission Street, meals from all six of the advertised restaurants are prepared on site — the culinary equivalent of a multicolor retractable pen. The restaurants are “internal” to Reef: designed and staffed by its employees, with menus developed by a culinary team that includes former executives from Roti Modern Mediterranean, Potbelly, and Jamba Juice. The menus lean toward comfort food, and are a little arbitrary. Wings & Things offers mozzarella sticks, chicken tenders, cronuts (“dusted with cinnamon maple sugar and served with a side of Canadian Maple dipping sauce”), Skittles, Red Bull, and two kinds of Greek-yogurt bowls.

Currently, the food offered by Reef’s internal brands comes from U.S. Foods, an international, private-equity-owned institutional food distributor that works with colleges, hotels, and hospitals, and is a wholesale supplier for independent restaurants and diners. In San Francisco, the menu items are delivered to a central commissary in the Bayview area, and come individually wrapped; precise assembly instructions are provided to line cooks. Every night, Reef’s trailers, which are managed under a subsidiary, Vessel CA, return to the commissary, where the gray-water tanks are drained, the potable-water tanks are refilled, and the refrigerators are restocked. Reef has ambitions to offer fresher, more sophisticated fare, eventually. But, for now, customers may find themselves paying a premium for meals similar to those found at a fast-food restaurant, or in a supermarket freezer.

One of these trailers recently appeared in an Impark lot near where I can live; at night, I watch countless delivery drivers park on the sidewalk to grab orders as cooks shoo away anyone who comes knocking at its door. It has eight brands listed on the side, including three for burgers and two for chicken wings, but there are even more operating from the same trailer once you start poking around different delivery apps.

One wing brand charges a dollar more for delivery and a few bucks more for equivalent wings; until recently, they used the same photography. Two of the burger brands use identical images and offer many of the same items as the wing brands, including mozzarella sticks and chicken wings. By my count, you can get the same cafeteria-grade wings at various price points from at least six different Reef brands operating from two different trailers in my area.

There is a part of me that worries that this sort of arrangement will make it untenable to operate a sit-down restaurant, particularly after the effects of the pandemic. My hope is that it will take the pressure of bowing to delivery services off traditional restaurants, many of which cannot afford the commission charged by Doordash and its ilk. But that leaves takeout operations in an awkward spot; Reef has the backing of a near billion-dollar investment from the SoftBank Vision Fund, and independent restaurants can’t compete with that kind of bottomless money pit.

Update: Perhaps the thing that bothers me most about what Reef is attempting here is that there is no sense of care. Reef’s trailers could be selling anything — shoes, haircuts, beauty products. It only cares that it has a vehicle of transforming venture capital investment into greater piles of money and, right now, it is filling that void through crappy food delivered by undercompensated gig economy workers contracted by other companies. This is not a secret:

[…] Over the past two years, though, the company’s narrative has changed somewhat: Reef’s executives now emphasize their work in “creating the next phase of a neighborhood” by forming local logistics and mobility hubs. This year, Reef launched a partnership with Bond, a logistics startup that operates “nano-warehouses”: fulfillment centers, often in vacant storefronts, that can be used for last-mile delivery. City-dwellers may someday pick up their Amazon packages and clamshell-carton dinners in a parking lot or empty retail space, like college students dipping into the campus center before retreating back to the dorms.

For now, though, Reef is focussing on food preparation as a test case—a proof of concept for other sorts of “applications” that might make sense in some later, future time. […]

I’m nervous because some of my favourite restaurants in Calgary might struggle to survive through this pandemic. There are many places here that would break my heart if they were forced to close. But nobody is going to miss the private label Reef brands if they suddenly disappear. People know when there is a lack of care.

The Collapse of Nortel and the Rise of Huawei

Natalie Obiko Pearson, Bloomberg:

Nortel’s giddy, gilded growth also made it a target. Starting in the late 1990s, the Canadian Security Intelligence Service, the country’s version of the CIA, became aware of “unusual traffic,” suggesting that hackers in China were stealing data and documents from Ottawa. “We went to Nortel in Ottawa, and we told the executives, ‘They’re sucking your intellectual property out,’” says Michel Juneau-Katsuya, who headed the agency’s Asia-Pacific unit at the time. “They didn’t do anything.”

[…]

No one knows who managed to hack Nortel or where that data went in China. But Shields, and many others who’ve looked into the case, have a strong suspicion it was the Chinese government, which weakened a key Western rival as it promoted its own technology champions, including Huawei Technologies Co., the big telecom equipment manufacturer. Huawei says it wasn’t aware of the Nortel hack at the time, nor involved in it. It also says it never received any information from Nortel. “Any allegations of Huawei’s awareness of or involvement in espionage are entirely false,” the company says in a statement. “None of Huawei’s products or technologies have been developed through improper or nefarious means.”

What isn’t in dispute is that the Nortel hack coincided with a separate offensive by Huawei. This one was totally legal and arguably even more damaging. While Nortel struggled, Huawei thrived thanks to its unique structure — it was privately held, enjoyed generous credit lines from state-owned banks, and had an ability to absorb losses for years before making money on its products. It poached Nortel’s biggest customers and, eventually, hired away the researchers who would give it the lead in 5G networks. “This is plain and simple: Economic espionage did in Nortel,” Shields says. “And all you have to do is look at what entity in the world took over No. 1 and how quickly they did it.”

This is a Bloomberg story about Chinese spycraft so, you know, but it is entirely fascinating.

The Nortel accounting scandal was a formative event when I was pretty young; it happened around the same time as Enron and the September 11 attacks. One thing unmentioned in Pearson’s article is that, about seven years ago, long-dormant bugging devices were found at Nortel’s former headquarters.

Apple’s Subscription Requirements Continue to Be Confusing for Third-Party Developers

This series of posts compiled by Michael Tsai regarding Down Dog’s App Store rejection — ostensibly for not automatically charging users after a free trial period has lapsed — illustrates the still-confusing world of subscription pricing. Everything from an app’s registration screen, through the free trial process, and through cancellation is, for any app, not good enough for users and developers.

I think there is a lot that Apple can and should do to improve subscriptions. First, I agree with Ryan Jones that the subscription opt-in process should be consistent systemwide. To say that Apple’s design guidance isn’t always followed would be an understatement. Bad faith merchants have exploited subscriptions for years and, even with a team attempting to crack down on abuses, it remains a problem.

In the midst of the controversy a couple of weeks ago regarding Hey’s rejection, I saw plenty of calls for Apple to allow third-party payment processors within apps. I understand that argument and I get why Apple’s solution sucks for developers for reasons beyond money. But the in-app payment screen means that I don’t have to trust that an app from some developer is going to steal my credit card details. I prefer Apple’s dialog to just about anything else I’ve used. I’d like to see it improved and extended to the entire subscription process, not scrapped.

Second, users should be notified when billing is about to start after a free trial and be allowed to cancel in the notification. I’m sure this will cut into revenue for some apps, but it’s only fair to users.

Third, I think active subscriptions need to be easier to find. Right now, the easiest way to find them is either via the App Store, by tapping on the profile picture in the upper-right, or in Settings in the topmost menu item. But neither of these things look like buttons — the item in the App Store is just a picture, and the Settings menu item looks like no other table view cell in iOS. Its description also provides only the faintest of clues: “Apple ID, iCloud, Media & Purchases”. It does not say “subscriptions”.

Lastly, apps should be required to show a “cancel subscription” button in their settings if they offer subscription purchases. Making it easy to cancel shows a degree of trust and transparency that the subscription is worth the cost. Good apps lock users in by being continuously compelling, not by making cancellations difficult.

Reporters Describe Their Experiences Covering Facebook

This piece by Jacob Silverman for the Columbia Journalism Review has been making the rounds today in large part because of its apparently inept framing:

[Casey Newton’s] professional arc, from enthusiastic tech beat reporter to skeptical industry investigator, matches the trajectories of a number of journalists in recent years. The 2016 presidential election in particular prompted a change in worldview against Facebook and the power wielded by Big Tech. The media had learned, perhaps belatedly, the cost of taking Facebook at its word. More recent, and adversarial, reporting has produced important stories about Facebook’s refusal to tackle the proliferation of right-wing extremism and conspiracy theories on its platform. In advance of the 2020 election, more journalists are taking a hard look at the Trump campaign’s once-heralded digital operation, which spends heavily on Facebook advertising, and its bombastic overseer, Brad Parscale, who has been promoted to overall campaign manager.

[…]

Kate Losse, an early Facebook employee who would go on to write The Boy Kings, a memoir of her time at the company, told me in an email that journalistic coverage of Facebook in its first years was focused mostly on product updates. A notable story might be about a new feature in the site’s news feed.

Sam Biddle, a reporter at The Intercept who was working at Valleywag and Gizmodo in the early 2010s, told me that Facebook would offer up scoops to journalists that they credulously swallowed. “It was like pigs at a trough,” Biddle says. “We were all trying to get the same drip-drip of product news out of Facebook, no matter what outlet you were at.”

Hands up if access journalism allows unearned credulity is a surprising revelation for you.

These sorts of tactics are not unique to Facebook, and are typical for any large entity in a category or beat. This is something that Silverman and quoted journalists repeatedly point out in this story, to such an extent that I think little would be lost if the first half of this report were condensed into a couple of paragraphs.

But there are examples of intrusive surveillance within this story that run deeper than an aggressive public relations strategy, and which I think have been largely ignored. For example:

With the knowledge that a company that has built a globe-spanning surveillance apparatus might always be watching, reporters and sources take tremendous precautions. Any Facebook-issued device, or even a phone with the Facebook app installed, could be vulnerable to the company’s internal investigators. If a source has friended a reporter on a social network or merely looked up their profile on a company computer, Facebook can find out. It can potentially tap location data to see if a reporter and a source appear to be in the same place at the same time.

The end of this paragraph seems to be entirely speculative, but it appears to be a genuine worry within Facebook. Any corporate I.T. department can examine an employee’s contacts; communications made through company channels are presumed to be property of the organization, not the individual. But Facebook’s ability to intrude goes far beyond that. Charlie Warzel of the New York Times is quoted as saying that his Facebook sources have told him about how worried they are about being monitored on any device they own. Unlike most employers, Facebook is everywhere.

Also, if Facebook staff are concerned about the surveillance capabilities of their employer, why do they help make it a reality?

This part of Silverman’s report is critical:

“Facebook responds best to bad press,” Judd Legum, who publishes the newsletter Popular Information, says.

This dynamic serves no one. Over and over, the press is left chasing down Facebook reps for comment on a single offensive group or account on a platform of billions of people. Until Facebook provides comprehensive solutions for these problems of harassment, content moderation, and user experience, journalists will always be talking about the latest outrage that pops up on the platform. This leaves little media oxygen for reporting on first-order issues about the company and its larger societal machinations. 

Adrian Chen, a former staff writer for The New Yorker and Gawker, says that journalists need to investigate the “internet political economy” as much as the mechanics of the Facebook platform. We need to understand “how they wield their influence politically to create the environment that has allowed them to become what they are.”

It’s not that Facebook’s individual controversies should be allowed to slide; it’s that they should be put into a broader context as both a cause and result if we are to better understand our toxic relationship with a communications, advertising, and surveillance giant.

Apple Declined to Implement Sixteen New Web APIs in Safari Due to Privacy Concerns

Catalin Cimpanu, ZDNet:

Over the past three years, user fingerprinting has become the standard method of tracking users in the online ad tech market.

The shift to user fingerprinting comes as browser makers have been deploying anti-tracking features that have limited the capabilities and reach of third-party (tracking) cookies.

Some browser makers have also been deploying countermeasures to prevent fingerprinting operations through the most common methods — such as fonts, HTML5 canvas, and WebGL — but not all user fingerprinting vectors are currently blocked.

Furthermore, new ones are constantly being created as browser makers add new Web APIs to their code.

Currently, Apple has identified the 16 Web APIs above as some of the worst offenders; however, the browser maker said that if any of these new technologies “reduce fingerprintability down the road” it would reconsider adding it to Safari.

If I were supreme dictator of the world wide web, I would reject many of these APIs on scope grounds alone. I get why it would be nice to read NFC tags, but APIs for stuff like device memory, network information, ambient light conditions, USB, and generic serial interfaces are not APIs for websites. They increase the capabilities of web apps — a unique category of mediocre applications that make the web worse.

WWDC and My Wish List

Now that the dust has started to settle on WWDC 2020, I thought I would see how my wishes fared this year.

[Stuart Breckenridge] guesses [the next version of MacOS] will be named Anacapa. My money is on Avalon.

My guess of the name “Avalon” took into account my assumptions about the transition to ARM processors. When the Mac transitioned to Intel, it simply received a new build of 10.4 Tiger, and I thought that a similarly low-key shift would be in the cards. I was wrong. I like the name, though — Big Sur feels appropriate, as does the change to MacOS 11.

Some indication — anything — that Siri is a priority. The wholly-generated voice that shipped with iOS 13 is a welcome improvement; it sounds so much better, particularly with more complex words.

But Siri’s ability to respond accurately and as expected remains terrible. I know that all voice-based assistants have their weak spots, but my experience with Siri is that it cannot be trusted to do anything more than set timers and create reminders.

While out for some errands today with my iPhone running iOS 14 plugged in and running CarPlay, I received an incoming message. I asked Siri to read it; after it did, it asked if I would like to reply. “Yes,” I said. It asked “what would you like to say?”, and I responded “thank you” because I wanted to thank the sender. And Siri decided that I meant to thank it instead of sending a message, so it replied “don’t mention it”. No response text was sent.

Despite its somewhat confused presentation, I like the new look of Siri. I also like that it has, according to Apple, twenty times more facts than three years ago.1 But, nine years after its debut, Siri remains Siri: it listens to my voice pretty accurately, articulates words well, and is entirely unreliable for anything I ask of it to a point of disobedience.

An indication that “iPadOS” is more than just a name. It seems to me that a great reason to rename the iPad’s operating system is to indicate that it is no longer a bigger and slightly different version of the operating system that’s used on the iPhone. I’d like to see evidence of this.

There seem to be no changes to the multitasking system nor any difference in the way it kills background apps. But I think we saw clear indications that Apple wants to treat iPadOS as its own system. Across iOS and iPadOS, Siri no longer takes over the entire display and neither do incoming calls — while this is nice on the iPhone, it’s fantastic on the iPad. Official support for sidebars is terrific, too, as is its new MacOS Spotlight-like search field.

My other wish for WWDC is a noticeable focus on quality: fewer bugs, less waiting, better fit and finish, and no catastrophes when upgrading. The tick-tock cycle of feature-heavy releases followed by refinement versions is a horrible strategy that does neither effectively. I would like to see this acknowledged in some regard as an ongoing priority for every release. That’s not going to happen, but that’s what wish lists are for: the things you really want.

This can only be assessed fairly based on the public release of each operating system this autumn. In the first week, though, these first builds are promising. I don’t think it is advisable to put any of these betas on your daily carry devices, but they all feel far more solid than most of the operating system releases for the past year. A good sign.


  1. Those numbers are pretty precise. It is unclear to me whether this is a big leap specifically for this year, or if it simply indicates that Apple is frequently adding more fact-based responses. ↩︎

Marques Brownlee in Conversation With Craig Federighi

As part of his post-WWDC press tour, Craig Federighi appeared on Marques Brownlee’s Waveform podcast and in a more truncated form in a short video interview. They discuss the redesign of MacOS appearing in Big Sur, the keynote video production, and why it will only be possible to change the default browser and email clients but not, say, maps or music.

One thing that Federighi and Brownlee discussed is how Siri still doesn’t allow interaction behind it, even though it now appears as a floating orb that does not visually dominate the screen. According to Federighi, this is a deliberate limitation — it was tried both with and without interaction, but the latter suffered from a lack of clarity about how to dismiss Siri after use. However, MacOS has a floating Siri panel and it, somehow, avoids this confusion. “Just copy MacOS” is not a great answer or solution, but I think the current design is somewhat misleading.

As Major Companies Pull Advertising, Facebook Executives Admit to ‘Trust Deficit’

The Anti-Defamation League:

In response to Facebook’s repeated failure to meaningfully address the vast proliferation of hate on its platforms, six organizations today announced a new campaign, #StopHateforProfit, that asks large Facebook advertisers to show they will not support a company that puts profit over safety. ADL (the Anti-Defamation League), the NAACP, Sleeping Giants, Color Of Change, Free Press and Common Sense have created a coalition of the nation’s most storied civil rights organizations calling for some of the world’s largest corporations to pause advertising on Facebook during the month of July 2020.

Megan Graham, CNBC:

Verizon said on Thursday it is pulling advertising on Facebook until the company “can create an acceptable solution that makes us comfortable.”

A company spokesperson said the pause applies to both Facebook and Instagram. It comes as marketers including Ben & Jerry’s, Patagonia and REI have also said they plan to pause advertising on the platforms.

Anthony Ha, TechCrunch:

Then today, it was joined by consumer goods giant Unilever, which said it will halt all U.S. advertising on Facebook, Instagram (owned by Facebook) and even Twitter, at least until the end of the year.

“Based on the current polarization and the election that we are having in the U.S., there needs to be much more enforcement in the area of hate speech,” Unilever’s executive vice president of global media Luis Di Como told The Wall Street Journal.

Put a pin in “Unilever”.

Hannah Murphy, Financial Times:

A leading Facebook executive has told advertisers the company is suffering from a “trust deficit” as it tries to stop brands joining a boycott over its policies on political content moderation.

The world’s largest social media group joined a conference call with almost 200 advertisers on Tuesday, according to people familiar with the discussion. Senior policy executives then defended Facebook’s decision to allow several controversial posts from US president Donald Trump to remain on its platform.

According to leaked audio of the call obtained by the Financial Times, Neil Potts, Facebook’s head of trust and safety policy, acknowledged that the company suffered from a “trust deficit” but added that it was “here to listen” to its clients’ concerns. The call was convened by the Interactive Advertising Bureau trade body in Canada.

Tanya Dua, Business Insider (both this and the Financial Times link above are ostensibly paywalled, but I trust that you are clever):

Mark Zuckerberg this week addressed a group of top-ranking executives from agency holding companies and advertisers including Anheuser-Busch InBev, Dentsu Aegis Network, and Omnicom Media Group.

The companies are part of the client council, a small-knit group of marketing heavyweights from brands and ad agencies who work closely with Facebook on product features and other feedback.

He acknowledged the advertisers’ concerns over its policies on political content moderation, explained the company’s position, tried to assure them that the company was reviewing policies and decision-making processes, and took questions.

Casey Newton:

Very cynical take: ad budgets are shrinking already during the pandemic. Why not get some applause for it?

Seb Joseph, reporting for Digiday in April:

The planning process for marketers is being thrown into disarray. With uncertainty pervading all aspects of business, marketers are forced to pare down their plans and focus only on a month or two head. Annual plans are, for the most part, a relic of a different era.

“In many cases, we’re either in re-planning mode or ring-fencing budgets for certain brands,” said the chief media officer at global [consumer packaged goods] manufacturer.

[…]

In reality, what happens is those brands that are doing moderately well for the business will get fewer media dollars in the second and third quarters of the year to ease the company’s cash flow on the basis that more will be eventually invested in the fourth quarter to ensure those targets are met, said the chief media officer.

Molly Fleming, reporting for MarketingWeek in April:

Unilever is stopping major advertising production and exploring cheaper media in a bid to make savings during the Covid-19 pandemic.

The [fast-moving consumer goods] giant’s chief executive, Alan Jope, told investors on a call today (23 April) that the company would be halting the production of major ad campaigns and “reviewing all spend to be effective”.

It is very hard to know how effective the ADL’s campaign is when companies are reducing their advertising budgets anyway. To be clear, I do not think that the ADL itself is cynically taking advantage of lower spending, but it is very possible that some companies are shamelessly rationalizing their withdrawal.

Microsoft Announces Closure of All but Four Retail Stores

Microsoft’s David Porter, in a LinkedIn post titled “A New Day for Microsoft Store”:

As we look forward, we start a new chapter for Microsoft Store. Our team has proven success serving customers beyond any physical location. We are energized about the opportunity to innovate in how we engage with all customers, optimize our talent for greatest impact, and most importantly – help our valued customers achieve more.

As part of our business plan, we announced a strategic change in our retail operations, including closing Microsoft Store physical locations. Our retail team members will continue to serve customers working from Microsoft corporate facilities or remotely and we will continue to develop our diverse team in support of the overall company mission and objectives.

I did not go to business school so I guess that’s why I don’t understand the artificially sunny and buzzword-filled framing of this post. That is especially true in this case where, even though Microsoft’s experiment in ripping off Apple’s stores failed, it is not laying off any of its retail staff. As far as bummer announcements go, that represents some genuinely good news. The four retail stores that will remain open are in New York, London, Sydney, and Redmond.

Barr’s Interest in Google Antitrust Case Keeps It Moving Swiftly

Kadhim Shubber, reporting earlier this week for the Financial Times:

Two US prosecutors are set to testify on Wednesday that politics drove Department of Justice decisions in cases linked to Donald Trump.

[…]

The second prosecutor, John Elias, works in the antitrust division and had previously been chief of staff to Makan Delrahim, the Trump appointee who heads the division.

Mr Elias said in his written testimony that on August 22 2019, the political leadership of the antitrust division ordered an investigation of four carmakers — Ford, Volkswagen, Honda and BMW — just a day after Mr Trump tweeted about them.

The president had criticised the companies for agreeing to emissions reductions with California that were stricter than rules his administration was attempting to push through at the federal Environmental Protection Agency.

The memo opening the inquiry had no staff recommendation, stating instead that the division “would like to open an investigation”, and was generated by policy lawyers at the division, rather than enforcement attorneys as would be typical, Mr Elias said.

David McCabe and Cecilia Kang, New York Times:

For months, lawyers at the Justice Department have been marshaling their forces for a possible antitrust lawsuit against Google, spurred on by the personal interest of Attorney General William P. Barr.

The day-to-day digging of a federal antitrust investigation rarely rises to the level of the attorney general or the deputy attorney general.

But under Mr. Barr, the agency has made top priority of looking into the country’s biggest tech companies. He receives regular updates on the Google case from an aide, according to several people close to the investigations, while an official in the office of his deputy, Jeffrey Rosen, oversees the investigations into tech companies.

It is possible that there is a legitimate antitrust case to be brought against Google, and that Barr and this administration have so corrupted the Department of Justice as to render that case compromised from the start.

I think an investigation into Google’s control of online advertising is long overdue — I still cannot believe that it was allowed to buy DoubleClick. There are probably cases that can be brought against Amazon, Apple, and Facebook as well. But the Trump administration’s will struggle to levy legitimate arguments due to the undercurrent of personal retribution these cases carry. The Department of Justice is doing the dirty work of a president with a personal enemies list longer than Nixon’s and a truly next level lack of self-awareness.

You can tell that this administration doesn’t care about companies taking advantage of uncompetitive markets because they have not indicated any concerns about ISPs and cellular carriers. In fact, you’ll remember that Barr’s Antitrust Division allowed the merger of Sprint and T-Mobile to sail through earlier this year.

The Talk Show WWDC 2020 Special With Craig Federighi and Greg Joswiak

As ever, a terrific interview that covers a lot of ground. This year’s edition is worth spending time with as Federighi provides more context for the switch to ARM and the redesign of Big Sur.

I’ve been impressed by how well Apple, in particular, has adapted its developer conference to the realities of a pandemic-afflicted world. All week long, I’ve seen nothing but praise for everything from Monday’s keynote and Platforms State of the Union through all of the sessions. I think Gruber and company did a similarly great job with this remote interpretation of the annual WWDC special.

iOS 14 Requires Apps to Ask Permission to Use IDFA to Track Users

George P. Slefo, Ad Adge:

[The Identifier for Advertisers] is shared with app makers and advertisers by default, but that will change once iOS 14 rolls out this fall. Then, users must give explicit permission through a popup for app publishers to track them across different apps and websites, or to share that information with third parties.

“This is a tectonic shift in the industry,” says Gadi Eliashiv, CEO at Singular, a mobile marketing intelligence company. “Some business models will be completely disrupted, while others will have to be completely reinvented.”

Apple didn’t kill its Indentifier for Advertisers, but rendered it useless, Eliashiv says. “It’s unlikely many consumers will say ‘yes’ to tracking when asked and, even if they do, saying ‘yes’ on one app is not enough. You also need to say ‘yes’ on all the other apps you’re seeing ads on for IDFA to be useful for attribution, retargeting, look-alike audiences and many other mobile measurement requirements,” he says.

If users are unlikely to opt into being tracked across multiple apps and websites with frighteningly granular detail, perhaps it is an indication that such privacy-hostile practices are unethical and the industry’s attempts at self-regulation are bunk.

A Reckoning Over Objectivity, Led by Black Journalists

Wesley Lowery, New York Times:

And so, instead of promising our readers that we will never, on any platform, betray a single personal bias — submitting ourselves to a life sentence of public thoughtlessness — a better pledge would be an assurance that we will devote ourselves to accuracy, that we will diligently seek out the perspectives of those with whom we personally may be inclined to disagree and that we will be just as sure to ask hard questions of those with whom we’re inclined to agree.

The best of our profession already does this. But we need to be honest about the gulf that lies between the best and the bulk.

It’s possible to build journalism self-aware enough to bridge that gap. But it will take moral clarity, which will require both editors and reporters to stop doing things like reflexively hiding behind euphemisms that obfuscate the truth, simply because we’ve always done it that way. Deference to precedent is a poor excuse for continuing to make decisions that potentially let powerful bad actors off the hook and harm the public we serve.

Entirely agreed. I would rather read honest reporting than coverage of an event that is purportedly neutral, especially when that apparent neutrality is contrived and built on a phoney belief that there are two equal sides to every story. Honest reporting does not pretend that every argument is valid or needs to be presented.

Republican Senators Introduce Bill to Destroy End-to-End Encryption

Alfred Ng, CNet:

On Tuesday, Republican lawmakers introduced the Lawful Access to Encrypted Data Act, which calls for an end to “warrant-proof” encryption that’s disrupted criminal investigations. The bill was proposed by Sen. Lindsey Graham, chairman of the Senate Judiciary committee, along with Sens. Tom Cotton and Marsha Blackburn. If passed, the act would require tech companies to help investigators access encrypted data if that assistance would help carry out a warrant.

Lawmakers and the US Justice Department have long battled with tech companies over encryption, which is used to encode data. The Justice Department argues that encryption prevents investigators from getting necessary evidence from suspects’ devices and has requested that tech giants provide “lawful access.”

[…]

The proposed legislation stops short of requiring tech companies to create a backdoor, noting that the attorney general is prohibited from giving specific steps on how tech companies need to comply with lawful access orders.

It may not require a specific implementation, but eradicating meaningful encryption by introducing vulnerabilities is exactly what this bill mandates:

The debate over encryption and lawful access has raged on, unresolved, for years. The Lawful Access to Encrypted Data Act would bring an end to warrant-proof encryption in devices, platforms, and systems.

Pay little attention to the deliberate use of “warrant-proof” to describe end-to-end encryption. All end-to-end encryption is unable to be accessed by anyone other than the users at each endpoint; that is, almost always, a very good thing.

There is simply no way to do what Senate Republicans are envisioning without some form of back door access. But, as writing that into the bill would likely trigger a First Amendment case should it be voted and signed into law, it instead includes some magical thinking:

Directs the Attorney General to create a prize competition to award participants who create a lawful access solution in an encrypted environment, while maximizing privacy and security.

And I would very much like to acquire a house without expending any money.

There are clearly concerns about what nefarious users of end-to-end encryption are hiding, but requiring everyone to bend to that level means that we all become vulnerable. Making it easier for law enforcement to look into the activities of terrible people makes it easier for terrible people to take advantage of everyone else.

Besides, U.S. intelligence took over a year to discover that their most sensitive and powerful hacking tools had been sent outside its ostensibly secure walls. I don’t trust them with having a key to my phone.

ARM Macs Will Not Support Boot Camp

Caitlin McGarry, Gizmodo:

Apple is making a family of custom ARM-based processors for Macs, which is a huge shift that brings with it rippling effects. One change that some might not be too pleased about is that Boot Camp, the free utility that allows you to dual-boot Windows and macOS, is going away on the new Macs powered by Apple silicon.

Rosyna Keller:

You can still disable Secure Boot using the same method as on Intel-based Mac. But it’s entirely up to Microsoft to support booting from something other than the 3 supported Qualcomm SoCs Windows on ARM currently supports.

I don’t know what fraction of Macs today are currently using Boot Camp but, I imagine, anyone who is using it really does rely upon it. It sounds like Apple would like to support Windows on ARM but, if anyone was wondering why Linux was demonstrated during the keynote instead of ARM Windows, it sounds like a technical limitation on the Windows side and not with Apple’s own processors.

Accidental Tech Podcast’s WWDC 2020 Special

While I was writing about Apple’s big ARM transition from the perspective of a technically interested user, the ATP folks recorded over thirty minutes of discussion from the perspective of people with far more knowledge. This is a three hour long episode; buckle up.

Only Apple

The introduction of the iPad in January 2010 will be remembered for lots of reasons. It was the first tablet computer to sell in large numbers and remains a category-defining product. It was the last new category of product to be introduced by Steve Jobs. It was the first expansion of the iOS codebase, which now underpins the Apple TV, Apple Watch, HomePod, and MacBook Pro Touch Bar. And, of course, it debuted Apple’s A-series of ARM processors designed in-house.

Ever since, there has been growing speculation about the viability of a Mac featuring an Apple-designed processor; as those custom processors have far outperformed competing offerings for phones and tablets, and spread across the product line, it has felt inevitable.

Exactly fifteen years and two weeks after Apple’s last processor transition was announced, the Mac is about to make the leap. It will join the rest of the company’s product lineup in running on processors developed in-house, using the ARM instruction set instead of the x86 architecture used by Intel. Just like that — boom — the inevitable became reality.

The way Apple is describing its current motivations for switching, you’d think they could almost copy the press releases from last time but swapping “PowerPC” and “Intel” for “Intel” and “Apple Silicon”, respectively. Everything feels a bit deja vu — efficiency, for example, is a primary motivator. The constraints of performance are primarily determined by energy use as it strongly correlates with battery consumption — relevant in notebooks — and heat output – relevant everywhere. Apple says that its own processors perform more efficiently than the Intel processors it has been using for the past fifteen years just as, during the transition away from PowerPC, Intel processors were described as providing more performance-per-watt.

The timing also recalls the last transition. When Apple moved away from PowerPC, Jobs specifically mentioned the company’s frustration at being unable to deliver a G5 PowerBook as there wasn’t a suitable processor in IBM’s pipeline. Intel, on the other hand, had a full portfolio of processors for everything from notebooks to professional desktops. During this year’s keynote, Johny Srouji spoke about how the company was developing a family of processors for the entire Mac lineup, and Craig Federighi demonstrated great performance from professional apps compiled for Apple’s own processors. What was unspoken but has been plainly obvious for years was how Intel has struggled to deliver across the board. Knowledgeable people say that this is a primary reason why Apple has struggled to update its Mac lineup as regularly as it once did.

Apple gains the ability to update its Macs as frequently as Srouji’s team is able to deliver new processors, but it also assumes the responsibility of being a more vertically integrated single vendor platform. Bold.

I don’t think anyone should be surprised by how closely this transition appears to be modelled on the last one — so much so that many of the technologies that are intended to create a seamless experience for users are billed as sequels to the ones used for the Intel transition: Universal 2 and Rosetta 2. Federighi even made a reference to Jobs’ introduction of Intel processors by introducing the transition after showing new MacOS features and saying that all of the new stuff was demonstrated on a Mac powered by Apple’s own processors.

But the big difference this transition is in the inherent possibilities of custom, product-specific processors with architecture shared by the rest of the product line. By not relying upon a third-party supplier, Apple is free to build into its Mac processors the kind of unique capabilities that have long been afforded to every other product the company makes. I have no dirt on this, but I would not be surprised if the reason no Mac has Face ID yet is because it demands Apple’s own ARM architecture.

MacOS Big Sur running on ARM will also allow iOS and iPadOS apps to run unmodified on a Mac. I do not know what to make of this. Where once there were separate worlds of iOS apps and Mac apps, there are now several app environments that you can run on a Mac: iOS apps, iPad-like Catalyst apps, Catalyst apps modified to be more Mac-like, Cocoa Mac apps — which are, in a sense, the new Classic — and SwiftUI-based apps. Oh, and Electron “apps”. These all feel a little different and, I imagine, iOS apps will sit with Electron and typical Catalyst apps on the ass-end of a scale of Mac-likeness. Whether this is something to look forward to or just something different about ARM Macs is yet to be seen. I think any Mac app that you love today from a developer that you trust will continue to be a true Mac app, so long as that is the best way to deliver a superior product. But whether Apple will continue to deliver terrific first-party apps designed and built specifically for the Mac is a concerning question.

Speaking of ARM, I feel compelled to point out that “ARM” is not mentioned once in the press release announcing this switch. This is something else that is not shocking — it isn’t as though Apple has spent the last fifteen years marketing its products as “x86-based”. That said, I think the use of “Apple silicon” in marketing materials is temporary. I expect the first ARM-based Mac to arrive with a processor branded in true Apple fashion.

Recall the Cook doctrine, via Adam Lashinsky in 2009, with my own emphasis:

We believe that we are on the face of the earth to make great products and that’s not changing. We are constantly focusing on innovating. We believe in the simple not the complex. We believe that we need to own and control the primary technologies behind the products that we make, and participate only in markets where we can make a significant contribution. We believe in saying no to thousands of projects, so that we can really focus on the few that are truly important and meaningful to us. We believe in deep collaboration and cross-pollination of our groups, which allow us to innovate in a way that others cannot. And frankly, we don’t settle for anything less than excellence in every group in the company, and we have the self-honesty to admit when we’re wrong and the courage to change. And I think regardless of who is in what job those values are so embedded in this company that Apple will do extremely well.

You can judge for yourself whether Apple is living up to the simple-versus-complex qualities, or if it is not settling for less than excellence. But any time it has not controlled the technologies that underpin its products is a time when that has eventually bitten them in the ass. Ensuring that Apple’s products have wholly adequate processors tailored for its specific needs makes complete sense.

Does that mean that I am not a little bit anxious? No — of course I have some concern that, when I am next in the market for a Mac, it won’t be quite what I need and some piece of software I love won’t work properly on the new machines. But it isn’t as though that’s an entirely new concern. Also, Apple has set a high bar for both native applications and those running with the help of Rosetta 2. This is, truly, a new era of Mac. No wonder they called the software that will usher it in MacOS 11.

One of the slogans tying together the Tim Cook era is “only Apple” – as in, only Apple could have done this. Well, this truly feels like one of those moments, in more ways than one. Yes, only Apple can convince us that this platform transition will be near-seamless. But this also means that the next generation of Macs will be only Apple products through and through. From the processor to the operating system — and to many of the apps and services users will touch — these Macs are increasingly products defined solely by Apple.

I suppose that is my biggest concern. It is as though Apple now has no escape hatch — no obvious Plan B. When Intel began to struggle, it felt as though AMD could, perhaps, take the reins. That simply isn’t the case any longer. If Apple cannot deliver on its processors for its entire lineup — from the massively popular MacBook Air to the niche Mac Pro, and absolutely everything that lies between — it stops delivering period.

Thankfully, ten solid years of unmatched growth in CPU and GPU performance is a pretty solid C.V. to build the next generation of a business on top of. Apple has proved that it can build powerful and energy-efficient processors in devices as small as earbuds. I am excited to see what it can do with a chassis the size of my iMac, and the kind of vision and capabilities it has shown with its custom processors so far.

Developers Will Be Able to Dispute App Store Rules, and Bug Fix Updates Won’t Be Used as Leverage

In an Apple press release summarizing the developer-specific announcements at WWDC, there are these two significant changes to App Review:

Additionally, two changes are coming to the app review process and will be implemented this summer. First, developers will not only be able to appeal decisions about whether an app violates a given guideline of the App Store Review Guidelines, but will also have a mechanism to challenge the guideline itself. Second, for apps that are already on the App Store, bug fixes will no longer be delayed over guideline violations except for those related to legal issues. Developers will instead be able to address the issue in their next submission.

It is anyone’s guess how likely a rules dispute will result in modifications, but at least the avenue is now there. As for no longer withholding bug fix updates — it’s about time. Unnecessarily punishing users for a developer dispute is unfair and I am glad to see this change.

Apple Drops Force Touch in WatchOS 7

Tim Hardwick, MacRumors:

Force Touch can be used in watchOS 6 to reveal hidden menus on Apple Watch , such as options to clear notifications and customize the current Watch Face. These options will no longer be accessed using the Force Touch gesture when watchOS 7 is released. Apple’s new Human Interface Guidelines for developers making apps for watchOS 7 confirms the change:

Firm press and long press. In versions of watchOS before watchOS 7, people could press firmly on the display to do things like change the watch face or reveal a hidden menu called a Force Touch menu. In watchOS 7 and later, system apps make previously hidden menu items accessible in a related screen or a settings screen. If you formerly supported a long-press gesture to open a hidden menu, consider relocating the menu items elsewhere.

Several native apps in the watchOS 7 beta already reflect the gesture’s removal. For example, the Force Touch gesture for the app layout Grid/List View has been replaced by a menu option in the Settings app. Similarly, changing the Calendar view must now be done in Settings, while the gesture to Change Move Goal in the Activity app has become just another menu item. The Customize Watch Face menu is now accessed via a long press.

Not a particularly surprising change; even I called it, and I am a dummy. Force Touch and 3D Touch were both interesting experiments in different interaction models, but they were invisible and implemented too inconsistently. As of the first beta of Big Sur, Force Touch trackpad options remain in MacOS, but I suspect not for long.

Fifteen Years and Two Weeks Ago, Apple Announced the Switch to Intel

Here’s a fifteen year old press release that has suddenly become both relevant and obsolete:

At its Worldwide Developer Conference today, Apple announced plans to deliver models of its Macintosh computers using Intel microprocessors by this time next year, and to transition all of its Macs to using Intel microprocessors by the end of 2007. Apple previewed a version of its critically acclaimed operating system, Mac OS X Tiger, running on an Intel-based Mac to the over 3,800 developers attending CEO Steve Jobs’ keynote address. Apple also announced the availability of a Developer Transition Kit, consisting of an Intel-based Mac development system along with preview versions of Apple’s software, which will allow developers to prepare versions of their applications which will run on both PowerPC and Intel-based Macs.

I will, of course, have more to say about today’s news, but what is immediately apparent is that Apple is presenting this as an even better take on the already-smooth Intel transition.

Apple, Hey, and the Path Forward

Jason Fried, CEO of Basecamp, announcing that the bug fix update held by App Review has been released, and the company is trying something new:

Okay. We thought we were following Appleʼs unwritten rules for multi-platform SaaS products: No signups, no links, no mentions of where to sign up. Plenty of applications in the App Store work exactly like this today, including long-approved apps from Netflix, Google, Salesforce, and Nintendo.

But then Schiller said “One way that HEY could have gone… is to offer a free or paid version of the app with basic email reading features on the App Store, then separately offered an upgraded email service that worked with the Hey app on iOS on its own website.”

So we got down to it, and worked the weekend to get an update on Apple’s desk Monday morning. Our team did a great job implementing the product changes that Schiller asked for, and first thing this morning, right after we shipped 1.0.2 to our customers, we submitted 1.0.3 to the App Store for approval.

This new version introduces a new free option for the iOS app. Now users can sign up directly in-app for a free, temporary, randomized @hey.com email address that works for 14 days. Think of it like a temporary SIM card you buy when traveling. Or for when you don’t want to give out your real email address, like a short term “for sale” listing, like Craigslist does it.

This is a very clever feature and, I think, makes Hey’s service even more compelling. If its app was not rejected from the iOS App Store, I wonder if Hey would have introduced something like this at all. But this feature has not been tested against the App Store rules, so it remains to be seen if Apple will see it as an acceptable solution.

Even if this improvement to the app is enough to make it sail through App Review, I don’t know that it’s fair to summarize this saga as Basecamp making lemonade from lemons. The possibility of a positive outcome does not necessarily warrant the bureaucratic struggle that created it. As of this morning, the rules of the App Store continue to be a reflection of Apple wanting to be right rather than happy. Hey’s difficulties are only different from the stories of countless developers only because they are being aired in public, and the cumulative effect indicates that changes ought to be made to the App Store so that developers want to be there, and not just because they must. At the very least, clear communication about different interpretations of rules must be a priority.

An Oracle BlueKai Database Containing Billions of Records of Raw Web Browsing Data Was Not Password Protected

Zack Whittaker, TechCrunch:

BlueKai uses website cookies and other tracking tech to follow you around the web. By knowing which websites you visit and which emails you open, marketers can use this vast amount of tracking data to infer as much about you as possible — your income, education, political views, and interests to name a few — in order to target you with ads that should match your apparent tastes. If you click, the advertisers make money.

But for a time, that web tracking data was spilling out onto the open internet because a server was left unsecured and without a password, exposing billions of records for anyone to find.

Security researcher Anurag Sen found the database and reported his finding to Oracle through an intermediary — Roi Carthy, chief executive at cybersecurity firm Hudson Rock and former TechCrunch reporter.

TechCrunch reviewed the data shared by Sen and found names, home addresses, email addresses and other identifiable data in the database. The data also revealed sensitive users’ web browsing activity — from purchases to newsletter unsubscribes.

[…]

One estimate says BlueKai tracks over 1% of all web traffic — an unfathomable amount of daily data collection — and tracks some of the world’s biggest websites: Amazon, ESPN, Forbes, Glassdoor, Healthline, Levi’s, MSN.com, Rotten Tomatoes, and The New York Times. Even this very article has a BlueKai tracker because our parent company, Verizon Media, is a BlueKai partner.

Yet another reminder that, without meaningful laws restricting the collection and use of behavioural data, privacy-hostile companies will proceed to invade every facet of internet-connected life with scarce permission and heedless security.

Allies of Whiteness

Rafia Zakaria, the Baffler:

In recent weeks, as protests have raged through the country, as video after video of white entitlement and its consequences has surfaced, many white people have been wrestling with whether they are being good allies to black people and other people of color. This is an urgent and worthwhile reckoning. My category “allies of whiteness” may be inexact, but it encapsulates the silent supporters of those with overtly racist views, those who fight to keep up statues that celebrate slavery, those who actively create new structures of oppression.

This Juneteenth, and every single day, those of us with societal and structural advantages ought to reexamine the very structure that has disadvantaged the vast majority of people who do not. It is necessarily difficult and uncomfortable to acknowledge our own failures, but we must do better — far better.

See Also: Monique Judge on shallow corporate gestures, and Catherine Pugh, Esq. on why “allyship” is a myth.

Hey, Wait, I’ve Got a New Complaint

I cannot stop thinking about this Hey app situation.

It blows my mind that, with just a week to go until the year’s most important Apple developer conference, Apple decided on Monday to pick a fight with a high-profile developer. Discussions about Apple this week have not centred around the excitement of what might come in the next versions of iOS or MacOS, but about how developers have been treated by App Store policies and reviewers. The PR catastrophe is, of course, nothing on the actual impact these policies have on developers’ livelihoods, but it is still hard to believe that Apple is fighting this one out. Why not simply approve Hey’s bug fix update and deal with this in a couple of weeks?

But, hey, here we are.

First, it should be pointed out that there are several apps which seem to violate this policy. Fastmail is an email app that does not offer in-app purchases. At first launch, it displays only a login form and a link to the company’s documentation on its website. Registration and payment links are just a couple of taps away. Some apps get raked over the coals for this; there’s no reason for that, and I hope Fastmail doesn’t suffer the wrath of the App Review team.

(Update: Fastmail on Twitter: “Apple asked us recently to add IAP. We agreed to add it, and it was already on our longer term roadmap. We have always believed in meeting our users where they want to be, and more and more people are going mobile-only. It’s expected in our next major release.”)

You can find dozens of similar examples if you start poking around. It sure seems like a lot of apps have been approved by mistake. If App Review can’t understand the rules about when it is okay to only show a login screen upon launch, how are developers supposed to know? Inconsistencies reflect human nature but so, too, should Apple’s responses to such inconsistencies.

Second, I want to briefly touch on this “Reader” app exemption in the App Store guidelines:

3.1.3(a) “Reader” Apps: Apps may allow a user to access previously purchased content or content subscriptions (specifically: magazines, newspapers, books, audio, music, video, access to professional databases, VoIP, cloud storage, and approved services such as classroom management apps), provided that you agree not to directly or indirectly target iOS users to use a purchasing method other than in-app purchase, and your general communications about other purchasing methods are not designed to discourage use of in-app purchase.

Those specific categories of apps sure seem to overlap with Apple’s own services — News Plus, Apple Books, Apple Music, Apple TV Plus, and iCloud Drive. If it was a requirement for competitors to use Apple’s in-app purchases API, I imagine the antitrust case would write itself.

Suppose this clause was not inserted as a preemptive response to antitrust complaints; suppose that it’s there because the user experience is better if apps are allowed to present a simple login form. Why should that apply only to Netflix and Dropbox but not Hey?

Finally, I cannot stop thinking about the final paragraph of the email Apple sent to Basecamp. Nick Statt, the Verge:

The final paragraph of Apple’s letter acknowledges that Basecamp has offered enterprise apps in the App Store, another obvious exemption to the current App Store rules barring Hey’s iOS app, that do not offer in-app purchases or sign-up options. Apple says it’s done so without taking any money in a way that sounds ominously like it’s demanding gratitude for a free ride. But critically, it seems Apple is distinguishing Hey as a consumer email app that does not seem to fit the criteria for an in-app purchase exemption, despite evidence of other apps — including similar email providers like Newton — that have done the same in the past.

It’s not just about this one app. I don’t even like the sound of Hey, and I find the Basecamp guys to be rather unlikeable on Twitter. None of that matters, though. Apple’s email is an extraordinarily condescending series of statements that seems to emphasize that third-party developers are allowed to develop for Apple’s products through the grace and generosity of the company. But how many people would buy an iPhone if there were no ecosystem of third-party apps, or if free apps were not allowed? The App Store’s policies have incentivized business models that do not require customers to pay money for downloading apps. How many Macs has Apple sold because that’s the only platform supported by the company’s developer tools?

This is the kind of thing a company writes because it can — because anyone who wishes to have an audience for their product or service on about half of Americans’ smartphones has no choice but to tolerate whatever inconsistent hell they are put through.

It is now three days until WWDC 2020 will begin. As Becky Hansmeyer wrote, “I bet the execs are glad they won’t have to look into 6,000 developers’ eyes” after writing that email. There was simply no reason to include such a bitter and arrogant passage, and it’s still hard to believe that Apple provided a copy of that email to several news organizations as their public defence.

Apple Stands by Its Rejection of Hey

Apple shared an email sent to Basecamp with a number of news outlets, including TechCrunch and NBC News. It reads, in part:

Apps that operate services across multiple platforms may allow users to access content, subscriptions, or features they have acquired in your app on other platforms or on your website, provided those items are also available as in-app purchases within the app. In fact, the app does not function as an email app or for any purpose until the user goes to the Basecamp Hey Email website to start a free trial or purchase a separate license to use the app for its intended purpose.

[…]

If you would prefer not to offer the users the option of in-app purchases, you could consider having the app function as marketed — an email client that works with standard IMAP and POP email accounts, where customers can optionally configure the Hey Email service as their preferred email service provider. This would allow the app to function as an email client without requiring an additional payment to use its features and functionality. Under this approach, what you sell on your website is clearly an email service separate from the function of your app as distributed on the App Store.

Matthew Panzarino of TechCrunch interviewed Phil Schiller about the company’s stance:

“You download the app and it doesn’t work, that’s not what we want on the store,” says Schiller. This, he says, is why Apple requires in-app purchases to offer the same purchasing functionality as they would have elsewhere.

To be clear, this is against the App Store rules for most apps. The exceptions here are apps that are viewed as ‘readers’ that only display external content of certain types like music, books and movies — and apps that only offer bulk pricing options that are paid for by institutions or corporations rather than the end user.

Schiller is clear on our call that Hey does not fit these rules.

The reason I emphasized how Hey works at the top of my piece from earlier this week is because it isn’t an email client, it’s a Hey service client — and Apple sees those as wildly different categories. The Gmail app, for example, allows you to sign in with any IMAP account, which stops it from falling afoul of the “reader” app restrictions.

Zendesk is another product built on email standards that doesn’t do anything unless you sign in — there is no way to register within the app. But it’s allowed in the App Store either because it has bulk pricing options or because it offers access to a professional database. It’s also not marketed as an “email client”.

John Siracusa (more on Accidental Tech Podcast):

Wow, this is extremely flimsy. Who is Apple protecting with this stance? The poor iOS user who might download the *free* Hey app and be shocked to learn that it doesn’t function without an account?

…or maybe it’s about that 30% cut of in-app purchases? Yep, a real stumper.

Maybe someone really will stumble across the Hey app, and maybe they will download it expecting to be able to use it immediately only to be shown a bare login page and no way to sign up from within the app. And maybe that will suck for them and they will delete the app. Maybe many other apps will become more client apps with fewer ways of registering for them, too.

But the App Store is worse without the Hey app for those who use Hey. I can’t imagine tacking a standard IMAP client onto the app, as Apple suggests, would improve it. That leaves adding in-app purchases and foregoing 30% of revenue from users who registered within the app, or advising Hey users to switch to Android. But is that better for users? I can’t imagine so.

There is, I suppose, some logic to Apple’s rejection on the basis of its current rules, but I agree with Panzarino:

I think that, for me, it boils down to some simple observations. The fact is that Hey violates app store rules. Which means that the question is not ‘how can we contort those rules or squint enough to justify it’ but instead ‘should those be the rules’?

In his interview, Schiller indicates that there are no imminent changes to the App Store rules nor any changes the company is considering making. The case of Hey has made it clear to me that Apple ought to further clarify its rules. Hey falls precisely between the cracks of several app types that are allowed, but it’s hard to see that until the developer tries to submit the finished product to the store.

Also of note is the way Apple closes its email to Basecamp:

Thank you for being an iOS app developer. We understand that Basecamp has developed a number of apps and many subsequent versions for the App Store for many years, and that the App Store has distributed millions of these apps to iOS users. These apps do not offer in-app purchase — and, consequently, have not contributed any revenue to the App Store over the last eight years. We are happy to continue to support you in your app business and offer you the solutions to provide your services for free — so long as you follow and respect the same App Store Review Guidelines and terms that all developers must follow.

I don’t know if it’s just me, but this reads as wildly passive aggressive — the kind of thing someone only writes if they know that they have all of the power and isn’t worried about the moral high ground.

An American Spring of Reckoning

Jelani Cobb, the New Yorker:

The American Spring has not toppled a power, but it has led to a reassessment of the relationship between that power and the citizens from whom it is derived. It has resolved any remaining questions regarding Donald Trump’s utter ineptitude as President; it has laid bare the contradictory and partial democracy that the United States holds before the world as exemplary. Most significant, it has clarified our terms. Floyd’s life is the awful price we have paid for a momentarily common tongue, a language that precisely conveys what we are speaking of when we say “American.” Fourteen successive days of protest opened the possibility that George Floyd died in America, not simply in its black corollary. The task that remains is to insure that more of us might actually live there.

I don’t mean to undermine the way Cobb frames this as specifically American, but it is also heartening to see how its intentions and message have spread across the world. Brits are throwing statues of enslavers into the sea; Canadians are coming to terms with our own history of racism.

Hey, Nah

Yesterday, Basecamp began sending invitation codes to people who had previously registered interest in Hey, its much-anticipated new email-like product. Hey has a bunch of quirky new features that, unsurprisingly, cannot entirely be shoehorned into existing email protocols so, while it uses SMTP, it does not support IMAP or POP. Users must use the proprietary Hey suite of apps to access their @hey.com inbox, and cannot use other email addresses within Hey’s apps.

The company says that its apps are all “full-featured native apps” but its desktop apps are Electron-based. That’s not entirely relevant to this post, but it is my policy to shame websites masquerading as native apps.

Anyway, while Apple was busy touting the results of a study it funded that estimated the total economic footprint of the App Store at over half a trillion dollars in 2019, the company was busy rejecting a bug fix update to the already-approved Hey app for iOS.

David Pierce, Protocol:

Hey does cost $99 a year, but users can’t sign up or pay within the iOS app. It’s an app for using an existing outside service, just like Basecamp’s eponymous platform — and Netflix and Slack and countless other apps. “So we were like, OK, maybe we just got the Monday morning reviewer,” Basecamp co-founder and CTO David Heinemeier Hansson said. Lots of developers over the years have found that their app-review luck sometimes depended on who happened to be looking, and whether they’d had coffee yet. So Basecamp fixed more bugs, submitted a new version — 1.0.2 — and hoped for the best.

The app sat in the queue for review, then in the “under review” status for far longer than usual. Then Waugh got a phone call. The Apple reviewer said he was calling because the new app hadn’t resolved the issue with rule 3.1.1. The issue had been escalated internally, and Apple had determined it was a valid rejection — the only way to move forward would be to implement Apple’s payments system. And not only that: Waugh was told that Apple would like a commitment and a timeline for implementing the payment system, or Apple might be forced to remove Hey from the App Store entirely.

When Waugh and Basecamp pointed out that there were many other apps — even email apps like Spark or Edison — that allowed users to log in to their existing accounts without signing up through Apple, the reviewer told them they wouldn’t discuss other apps. And that was that.

It’s hard not to quote Pierce’s piece at length because it is so comprehensive. Pierce says that Apple admitted that it shouldn’t have approved the app in the first place; Apple also said that Hey doesn’t qualify as a “reader” client app nor is it a business-focused software-as-a-service app, so it apparently must implement Apple’s own in-app purchases API. This is news.

David Heinemeier Hansson of Basecamp:

We did everything we were supposed to with the iOS app. Try downloading it (while you can?). You can’t sign up, because Apple says no. We don’t mention subscriptions. You can’t upgrade. You can’t access billing. We did all of it! Wasn’t enough.

This extraordinary rejection comes on the very same day that the European Commission announced that it was opening two antitrust investigations into Apple’s business practices. One concerns Apple Pay, and the other is about the App Store; obviously, the latter will be my focus. The Commission:

The Commission will investigate in particular two restrictions imposed by Apple in its agreements with companies that wish to distribute apps to users of Apple devices:

(i) The mandatory use of Apple’s own proprietary in-app purchase system “IAP” for the distribution of paid digital content. Apple charges app developers a 30% commission on all subscription fees through IAP.

(ii) Restrictions on the ability of developers to inform users of alternative purchasing possibilities outside of apps. While Apple allows users to consume content such as music, e-books and audiobooks purchased elsewhere (e.g. on the website of the app developer) also in the app, its rules prevent developers from informing users about such purchasing possibilities, which are usually cheaper.

Apple’s response, via Manton Reece:

It’s disappointing the European Commission is advancing baseless complaints from a handful of companies who simply want a free ride, and don’t want to play by the same rules as everyone else… We don’t think that’s right — we want to maintain a level playing field where anyone with determination and a great idea can succeed.

This is the worst, most insulting statement from Apple that I’ve ever seen. Everything in it is backwards.

There remains a fair argument that Apple can take some cut of sales made through the App Store and its own in-app purchase APIs, though I think 30% is too high. Apple maintains the store, offers marketing benefits, and pays for hosting, distribution, and credit card fees. But, as subscriptions have become the preferred way to charge for apps — a shift encouraged by Apple — the App Store commission increasingly seems like a form of rent-seeking.

Add to that Apple’s prohibition on references of any kind to digital purchases being available outside of iOS apps — a prohibition that extends to website materials linked from within an app — and things begin to look ridiculous. Amazon finds itself in a situation where it can sell paperbacks through its app and offer samples of Kindle books, but cannot sell Kindle versions without giving 30% of the sale to Apple, nor can it explain why or where the book can be bought. Spotify faces a similar quandary with its subscriptions, and its complaint to the E.U. is cited as a triggering factor in the Commission’s investigation. I’ve written about that complaint, which I think has problems.

Regardless of what you think about Apple’s rules and restrictions, none of the above prohibitions apply to Hey’s rejection. The Basecamp team explicitly designed around Apple’s rules and ensured that there were no references to subscriptions or billing from within the app. It’s possible that this is a mistake but, as it has already gone through the dispute process, it appears to be entirely deliberate. A reversal would only be responding to the negative press coverage this has generated.

Apple’s response to the E.U. antitrust investigation says that all apps in its store are subject to the same rules, but that is plainly not true, either. The way Apple is splitting hairs in Hey’s service offering and refusing to compare it to other apps is grossly unfair. The reason I included a detailed description of how Hey works at the outset of this post is because this appears to be the main difference between it and any other email app. But that is an undocumented, unclear, and almost wilfully pedantic interpretation.

Meanwhile, bigger tech companies like Netflix, before it stopped offering in-app purchases, negotiated sweetheart deals with Apple to take a 15% cut on every subscription instead of 30% for the first year and 15% for subsequent years. Then there are the “premium subscription video entertainment” providers who, in exchange for implementing many tvOS features, have been allowed to use their own in-app purchasing mechanism instead of Apple’s APIs, allowing them to keep the entire subscription cost.

WWDC begins in six days. Apple is using the lead-up to strongarm a well-known developer following its policies and issue dishonest statements and press releases about competition in the App Store on the same day that the E.U. announced an antitrust investigation into these practices. Audacious.

An Apple-Funded Study Indicates Over $500 Billion in ‘Facilitated’ Commerce in 2019

Margaret Harding McGill, reporting for Axios last week:

House antitrust investigators are pressing Apple, Alphabet, Amazon and Facebook to say by Sunday whether their CEOs will testify as part of the Judiciary Committee’s tech competition probe, Axios has learned.

[…]

The Judiciary Committee this week sent the companies letters, seen by Axios, seeking documents and answers to the CEO testimony question. The panel wants to hold a hearing with the executives next month.

By extraordinary coincidence, Apple’s U.S. Newsroom — and only its U.S. Newsroom — today published the results of an Apple-funded study conducted by Analysis Group:

Apple today announced the App Store ecosystem supported $519 billion in billings and sales globally in 2019 alone. The new study, conducted by independent economists at Analysis Group, found that the highest value categories were mobile commerce (m-commerce) apps, digital goods and services apps, and in-app advertising. The results encapsulate the full sweep of the dynamic, competitive, and flourishing app economy, which has unleashed a torrent of innovation across 175 countries and revolutionized the way the world learns, works, and connects.

The study reveals that the direct payments made to developers from Apple are only a fraction of the vast total when sales from other sources, such as physical goods and services, are calculated. Because Apple only receives a commission from the billings associated with digital goods and services, more than 85 percent of the $519 billion total accrues solely to third-party developers and businesses of all sizes.

The key words in the study and the way Apple describes it are “facilitated” and “supported”. That means that dinners ordered through DoorDash, goods bought through the Amazon app, and transactions made through Venmo or WeChat are all estimated in this study as being commerce facilitated by the App Store.

That assessment is not entirely unfair. It’s very possible that, had delivery apps not existed, you would not have had a takeout dinner from an independent restaurant and, instead, ordered pizza or bought groceries. But it is not likely that you would not have eaten dinner at all. The App Store and the software offered through it can certainly take credit for enabling new ways of paying for stuff.

But this study also introduces some curious framing to the mix. Here’s what I mean (PDF):

Earlier this year, Apple reported that earnings it has paid to app developers who sell digital goods and services through the App Store or within their apps totaled more than $155 billion worldwide since 2008, with a quarter of those earnings paid in 2019. Such direct monetization through the App Store occurs through paid apps and digital content or services obtained using Apple’s in-app payment system.

While such direct monetization of apps is substantial, it significantly underestimates the size of the Apple App Store ecosystem. This is because developers can choose to monetize their apps in different ways, including several that do not involve transacting directly through the App Store. These other monetization strategies include selling digital goods and services outside of the App Store that can be used within apps on Apple devices (such as streaming apps), selling physical goods and services (such as grocery delivery apps), and offering ad-supported content (such as social networking apps).

Did you catch that? “Selling physical goods” is, apparently, just another way of monetizing an app. While you might consider apps from DoorDash or Amazon just native front-ends for their business, this study reverses that logic and suggests that the apps’ existence is facilitated by the goods and services sold through them.

This study, conducted by three antitrust experts at Analysis Group, is damn near a transparent attempt to buttress Apple’s forthcoming defence of antitrust arguments made against its App Store conduct. Its overall logic is, more or less: iOS apps allow lots of goods and services to be purchased through them, and the App Store provides those apps; therefore, the App Store can take some responsibility for the vast amount of money passing through those apps. I do not think it this argument is entirely wrong, but it takes an extraordinary leap of faith to believe that, had the App Store not existed, these products and services would not be sold. “Facilitated” is certainly an all-encompassing word to describe the App Store’s role in these transactions.

Apple Publishes More Information About WWDC 2020 Labs, Adds Mac Version of Developer App

David Smith:

Details in the Developer app for the WWDC Labs. Looks like you request day before with a specific question/Radar, then they review and assign them. Then they are done via Webex audio/screen share.

Apple:

Your appointment confirmation email will include your appointment time and duration (between 10 and 55 minutes, depending on the lab). It will also include a link to a Webex audio call where you’ll connect with an Apple engineer and can share your screen if you wish. Recording is not allowed; be ready to take notes. Please do not share confidential information during your appointment.

Taylor Lyles, the Verge:

Apple has released a Mac version of its Apple Developer app, a week before its Worldwide Developers Conference kicks off. Apple initially launched the app in late 2019, but it was only available to iPhone, iPad, and Apple TV users.

Dan Moren, Six Colors:

The design suggests that this is yet another Mac Catalyst app, à la the Podcasts and TV apps — it features the same sidebar-based interface — and offers the same features as the iOS version.

Stephen Hackett:

It’s cool that the Apple Developer app is on the Mac, but why is the text so tiny? Why can’t I increase the size of that list of videos to read their full names?

It also requires MacOS Catalina.

Update: I put together the above before I had a chance to play around with Developer for MacOS. Now that I’ve spent some time with it, it looks and feels very similar to every other MacOS Catalyst app. Text is blurry and too small on my non-Retina MacBook Air because it’s being drawn at a different size and then scaled, everything happens in one window, and clicking on sections in the sidebar takes a few tenths of a second to activate. If you click the “Full Screen” button, videos still aren’t shown at full screen, though they do fill up the entire window.

What’s even more frustrating is that the sidebar-based Mac app would make a decent iPad app if its controls were optimized for touch. The iPad app is, more or less, just a bigger version of the iPhone app.

Norway Pulls Its Contact Tracing App After Privacy Watchdog’s Warning

Natasha Lomas, TechCrunch:

One of the first national coronavirus contacts-tracing apps to be launched in Europe is being suspended in Norway after the country’s data protection authority raised concerns that the software, called “Smittestopp,” poses a disproportionate threat to user privacy — including by continuously uploading people’s location.

[…]

Unlike many of the national coronavirus apps in Europe — which use only Bluetooth signals to estimate user proximity as a means of calculating exposure risk to COVID-19 — Norway’s app also tracks real-time GPS location data.

The country took the decision to track GPS before the European Data Protection Board — which is made up of representatives of DPAs across the EU — had put out guidelines, specifying that contact-tracing apps “do not require tracking the location of individual users”; and suggesting the use of “proximity data” instead.

All these stories about unnecessarily invasive data collection sure are starting to make me question the Washington Post’s report about the more privacy-friendly approach recommended by human rights experts and implemented by Apple and Google.

Apple Asked Developers About Their App Store Experiences

An email from Apple to developers:

We love feedback.

Tell us about your experience managing, marketing and distributing apps for the App Store.

Wil Shipley at the end of a comprehensive reply:

I’ve filled out three or four of these surveys before. I know Phil specifically says he doesn’t want to hear about upgrade pricing any more, but Phil is also working for the world’s richest company, which sells hardware and gives software away. Those of us who only sell software can’t afford to give it away.

Michael Tsai:

Ryan Jones:

  1. What is your age?

  2. What platforms do you dev for?

  3. DO YOU LOVE AR?!?!! PLEASE?!?! RIGHT NOW?

It’s weird how pushy Apple is being with augmented reality.

Yes, especially given that dedicated augmented reality hardware doesn’t really exist yet. There are a handful of good AR experiences, but most of the ones I’ve tried feel like technology demonstrations.

Despite Global Reach, Big Tech Companies Still Lack Diversity

Yesterday, Snap held its partner summit and it was generally well received. Instead of simply being a more-or-less static video of an executive presenting slides, Evan Spiegel was shown on a virtual stage. A typical live conference presentation was obviously not possible because of the combination of infection prevention measures and understandable civil unrest over racist police violence, both of which Spiegel touched on in his presentation.

Despite publicly acknowledging that black lives matter, Spiegel was a little more cagey at a Tuesday company meeting.

Paige Leskin, Business Insider:

Snap CEO Evan Spiegel said at an employee all-hands meeting on Tuesday that the company would continue to keep its diversity report private, according to notes from the meeting obtained by Business Insider and confirmed by current employees.

At the meeting, Spiegel said releasing diversity data would reinforce the idea that minority groups are underrepresented in the tech industry. The implication, one source told Business Insider, was that the report would make the company look bad at a time of increased focus on representation.

Spiegel told employees that the company’s diversity numbers were in line with those at other tech companies, which have long skewed white and male. His comments come just days after former employees shared accusations on Twitter of racism they experienced and witnessed while working at Snapchat.

Dare Obasanjo:

The icing on the cake of my recent tweet storm on tech diversity reports is Snapchat refusing to publish one because it’ll just make them look bad and openly saying that’s the reason.

A lack of diversity at major tech companies is not news, but it gained more attention towards the beginning of the last decade with articles about, for example, Evan Spiegel’s gross frat boy emails.

Beginning in 2014, tech companies began publicly releasing stats about the diversity of their staff. I used to cover these reports but, over time, tech companies slowly drifted in their commitment to reporting these numbers in a timely fashion. Apple’s current public stats are from 2018, for example.

It is upsetting to see that, nearly six years later, the numbers remain similar across the board for racial and ethnic diversity, while representation of women in tech has improved only slightly.

Nicole Lee, Engadget:

Y-Vonne Hutchinson, the CEO and co-founder of ReadySet, a diversity solutions firm that works primarily with the tech industry, acknowledges that it’s good that the companies are even willing to release such statements. (Hutchinson is also a co-founder of Project Include, a non-profit group dedicated to increasing diversity in tech.) “A couple of years ago, most companies weren’t even willing to say the phrase ‘Black Lives Matters,” she said. “I think it’s a positive indication that the Overton Window has moved to such a point where it feels obligatory for companies and brands to come out in support of the movement.”

However, Hutchinson thinks that words aren’t nearly enough. “These statements aren’t necessarily backed by real action,” she said, pointing out that the words ring hollow when the companies themselves do not have a good history of diversity and amplifying Black voices.

“For me, I don’t even look at these statements any more,” said Hutchinson. “I look at diversity reports. I look at the investment in your teams. I look at your executive team and your leadership team. To me, that’s a real indication of your commitment to change. If you’re not hiring, promoting, being led by and investing in Black people, and if you’re not firing the people who are racist, then you know a statement doesn’t mean so much.”

All that matters is action. I understand that some of these actions take time, but it is deeply dispiriting to see how little has changed after six years of shining a spotlight on this problem.

Pocket Casts and Castro Podcasts Removed by Apple From App Store in China Upon Government Request

Rita Liao, TechCrunch:

Before June each year, content and media platforms in China anxiously anticipate a new round of censorship as the government tightens access to information in the lead-up to the anniversary of the Tiananmen Square crackdown.

This year, Chinese users lost access to two podcast apps — Pocket Casts and Castro Podcasts. Neither app is searchable within Apple’s Chinese App Store at the time of writing.

Pocket Casts:

Pocket Casts has been removed from the Chinese App store by Apple, at the request of the Cyberspace Administration of China. We believe podcasting is and should remain an open medium, free of government censorship. As such we won’t be censoring podcast content at their request.

Marco Arment’s alter ego “Overcast”:

I haven’t been contacted about the Apple-China censorship of podcast apps, but Overcast’s servers have been blocked in China for years, so it already didn’t work.

Castro is an iOS-only app, but Pocket Casts is cross-platform. It appears to also be unavailable in the Google Play store when the location is set to China, though two apps with suspiciously similar icons are. According to Liao, Apple’s first-party podcast app1 also remains in the App Store in China, but its feeds are censored.

I see a similar question of responsibility in intervention by social media companies into users’ posts and Apple’s approach to the App Store in China. Without users, social media companies wouldn’t exist; without native third-party apps, I doubt that the iPhone would be the revolutionary product it is. But, where third party apps create a unique selling point for the iPhone in the vast majority of the world, the App Store is something of a liability in China from Apple’s perspective. China can — and does — block Twitter and Facebook, but it would be foolish to block the App Store outright.

It’s not a great situation to be in, especially given the usual stance Apple takes on civil rights. But, aside from opening up the iPhone to apps from outside the App Store, I can’t think of a great way for the company to avoid this conflicted situation.


  1. “Podcatcher” was not a wildly successful term. ↩︎

iCloud, Backups, and Time Machine — Oh My

A couple of links related to iCloud and backups today. First, Adam Engst of TidBits:

I had no idea that Apple deleted iCloud backups after 180 days, and a quick poll in the TidBITS Slack channel showed that it wasn’t common knowledge among other TidBITS staffers and contributing editors.

[…]

On the one hand, it makes some sense that Apple would want to delete device backups — which can be quite large — that no one is ever going to want to use again. With hundreds of millions of devices backing up to iCloud, the storage requirements boggle the mind.

But on the other, what was Apple thinking?!? Deleting a user’s one and only backup, particularly without clear documentation in the user interface and express warning of the pending deletion, is simply unacceptable.

This is clearly an edge case — how many people attempt to restore from six month old backups? — but edge cases must be accounted for. The bare minimum would be an emailed notice to the user.

Erica Sadun: (Update: Sadun has pulled this post .)

Let me tell you a little bit about my backup paranoia. I use Carbon Copy Cloner for daily local backups. I use Backblaze to store offsite. Both are terrific products. I love them and depend on them and they saved me when, in January, my Mac mini’s fusion hard drive failed big time.

[…]

I started paying for iCloud in December in order to better support my children’s photography habits, using a family plan. With all that space, I had the brilliant idea (not) of moving my writing work over to iCloud documents, so I could access the information from a variety of machines and devices.

That worked great until I accidentally overwrite my entire Xcode workshop file and discovered that Time Machine Does Not Backup iCloud and it had not been long enough after a day of writing for CCC and Backblaze to capture the file to their backup, as they will reliably do during the night.

I kind of get why it would be redundant to create local backups of documents hosted in iCloud, but redundancy is almost always preferable in the context of backups. Perhaps there is a technical reason,1 but it is a silently-added wrinkle in what is supposed to be a seamless integration.

(Update: On further testing, it appears that some but not all iCloud Drive data is backed up with Time Machine.)

Sadun:

I suspect my Twitterbase is way more likely to take advantage of things like Time Machine’s version control features than the average population. Only about 10% of respondents said they even bother with version control. Translate that now to the macVerse and I wouldn’t be hugely surprised, honestly, if Apple deprecated Time Machine soon, especially with the huge iCloud oversight.

I sincerely hope this never happens. On principle, some form of computer backups should be integrated at the system level for every operating system. I still think it makes no sense that Apple has not tried to compete with Backblaze — not that I am eager to dump Backblaze or anything, but it seems so obvious to me that users ought to be able to back up all of their devices to iCloud.


  1. There is no good reason for why I think this, but I have a hard time trusting the way iCloud Drive works in MacOS. Everything is stored within ~/Library/Mobile Documents/, which is a directory — according to the file command — but does not behave like one. You can ls it, but you cannot open it as a directory in Finder; it just goes to the iCloud Drive item in Finder’s sidebar.

    You can also navigate its internal structure by command line, but the directories for each app display as empty in the Finder. App directories are invisible at the top-level iCloud Drive view.

    I fully recognize that this is an irrational mistrust, and my shame compels me to admit it only in footnote form. ↩︎

Brilliant Hardware in the Valley of the Software Slump

Craig Mod:

Hardware has literal and metaphorical edges — it must be fully complete and largely bug free to ship. Software? It’s far more amorphous, like mist. Patches can be endlessly pushed. It never ends. Faulty hardware can destroy a company. Faulty software can be patched. The butterfly keyboard debacle may never be lived down. Even as I type on this improved Magic Keyboard, I can’t help but wonder: Did they really test this thing? I had three butterfly keyboards die on me, twice in the field. Not fun. Hardware failures live long in the mind.

Meanwhile, software problems are quickly forgotten once patched, but grate daily until that happens. It’s not hard to imagine that the easy distribution of bug fixes has encouraged less stringent quality control.

Mod references Mail’s data loss problems and Finder’s bizarre instability and file system misreporting as he writes:

The three primary pieces of software on macOS are probably Finder, Safari, and Mail. To have two of these show signs of instability is like ordering a salad and having half the lettuce appear as ceramic roofing tiles. It’s just weird. It shouldn’t happen, especially when these are new, critical bugs in decades-old programs. It makes you wonder what else might be broken, and what’s broken with the development cycle to allow for these bugs to ship.

It’s not just two apps — it’s all three. Under Catalina, Safari’s address bar has become languid and unresponsive, and it will sometimes activate the existing URL instead of the one you typed. That is a problem with what seems like very basic functionality for a web browser. (Update: Matt Sephton first filed this bug in 2012, so it’s clearly not just a Catalina thing. How is this an eight year old bug?)

There have and will always be software bugs. But I wish for more attention paid to fit and finish bugs, and more investment in the feel of everything. One final example: if I take a picture using the Camera app on my iPhone and then switch to Messages to send it to someone, it takes a beat too long to show the photo thumbnails in the message thread. However, the process of switching between those apps is fluid and joyful on my iPhone X; I just wish I could say the same about the rest of the software stack.

Location Permissions in Android 11 Mimic Those in iOS

Dieter Bohn previewed the Android 11 beta for the Verge and I wanted to highlight one new thing:

Android 11 also follows a trend Apple started last year: one-time permission. Now, when an app asks for location information, the only three options that get buttons are “while using the app,” “only this time,” and “deny.” The one-time use option is new and much-appreciated. If an app wants to get permanent background permission, it has to deep-link you into its location permissions inside Android’s settings. Google seems to be discouraging that kind of use.

I wonder if Tile will add Google to that lawsuit they filed against Apple for, in part, introducing these kind of privacy-focused location permissions.

Say Goodbye to iTunes U and iBooks Author

Alison DeNisco Rayome, CNet:

Apple will discontinue its iTunes U app for remote education at the end of 2021, replacing it with the newer Schoolwork and Classroom apps, the tech giant said Wednesday on its support page.

The move doesn’t come as a surprise: iTunes U hasn’t received a feature update since 2017. And as most schools moved online during the coronavirus pandemic, the Schoolwork app recently got an upgrade to let teachers manage assignments and information for students remotely through the cloud. Meanwhile, the Classroom app can also turn the iPad into a teaching assistant, helping teachers guide students through lessons and track progress.

I believe this is partly my fault.

Juli Clover, MacRumors:

Apple today sent out an email to iBooks Author users, letting them know that the Mac app is being discontinued on July 1 and removed from the App Store.

In the email, Apple says that following the inclusion of book creation tools in Pages, the company’s new focus will be on developing features for the Pages app.

I don’t think either one of these announcements is a surprise; these apps have suffered from inattention for years. But Apple’s rocky approach to education needs and lack of clear strategy cannot be confidence-inspiring for schools or teachers who need to decide what technology to use in their classrooms.

Sonny Dickson Says a Redesigned iMac Is Coming at WWDC

More Mac scuttlebutt today courtesy Sonny Dickson:

New iMac incoming at WWDC. iPad Pro design language, with Pro Display like bezels. T2 chip, AMD Navi GPU, and no more fusion drive.

The iMac is the last Mac that you can buy with a spinning hard disk — the base model doesn’t even have a Fusion Drive — and its incongruity with the rest of the lineup shows in the dismal performance of APFS-formatted hard drives.

Via Stephen Hackett:

How this works with today’s report in Bloomberg that the ARM Mac transition is going to be announced at WWDC. I would be really surprised if any ARM Macs ship this summer, but why wouldn’t they want to usher in a new design with the new chipset? When Apple switched to Intel, most of the new Macs looked like their outgoing PowerPC siblings, but that doesn’t have to the be the case this time.

Aside from developer kits, I don’t expect to see any ARM Macs debut this year to consumers. If this new iMac does debut in conjunction with WWDC this year, I see no reason it would not have an Intel processor.

It would be kind of bizarre to see the announcement of the ARM transition and the debut of an all-new iMac in the same presentation. But maybe it’s a rational choice — a way to show people who were planning on buying a new Mac that there’s no reason to wait, and to indicate that the transition will be smooth.

Update: Paul McGrane:

It does have a fascinating, though probably coincidental parallel. The final iMac G5 in the end of 2005, was somewhat redesigned from the previous 2 models, and was the first iMac with an iSight camera and a remote control.

The Intel iMac in January 2006 looked exactly the same.

Terrific memory on McGrane’s part. The first iMac G5, released in 2004, had an entirely flat back; the version that replaced it about a year later sported the now-familiar curved back. It also dropped the 56k modem.

The President Parrots an Insane Conspiracy Theory About the Elderly Activist Shoved to the Ground by Police Officers Last Week

Stephen A. Crockett Jr., the Root:

By now, we’ve all seen the horrific footage of 75-year-old Martin Gugino being shoved to the ground by two Buffalo, N.Y., police officers during a George Floyd protest Thursday. […]

Yes, you read this correctly: the President of the United States is suggesting that Gugino is possibly an antifa operative who was working to block police radios, and I just… I don’t even know what to make of this. In fact, I’ve typed several times that the President of the United States believes that a 75-year-old man who was shoved to the ground by police, with blood pouring from his head, is really a secret agent for a political protest movement, and I don’t even know what to make of it.

Rashaan Ayesh, Axios:

The conspiracy theory, which originated on the far-right blog Conservative Treehouse, made its way to the president via a report on One America News Network, a small Fox News rival with a history of conspiracy-focused reporting. It highlights just how far the president’s media consumption can veer from the mainstream.

Bruce Potter:

Having built things that do RF scanning, the idea that at close range they have to be directional is just not right. Further, this scanner can apparently “black out” comms? Again, this is the stuff of aliens/sci-fi movies. Now millions will think [it’s] possible AND randos have them.

Every single information security professional I could find reacted to this theory with a sort of laughing incredulity. It is staggering that anyone would believe this, but I suppose it shouldn’t be since morons are burning down radio towers because they believe that 5G waves caused the novel coronavirus to spread.

It is not news that the president of the United States gets his information from sources that serve primarily to flatter him, nor is it surprising that he has a difficult time telling reality from fiction. He is not a smart man. But in an age of institutional failure and justified unrest, he is using his inherently powerful platform to malign an elderly activist and spread the wet droppings of a fringe blog and Sputnik-adjacent cable network.

Update: Facebook employee Brandon Dail:

Trump’s attack on Martin Gugino is despicable and a clear violation Facebook’s anti-harassment rules. It’s again extremely disappointing that we (and Twitter) haven’t removed it.

The amount of mental gymnastics required to assume good intent and ignore impact are astounding.

I’ve been trying to write something about the moderation policies of Twitter and Facebook, but it changes radically by the day and I am exhausted. I hope to publish more on this soon.

For now, let’s acknowledge how bizarre it is that Twitter will carefully moderate direct calls to violence by the president and his lackeys, but won’t intervene when the president uses his enormous platform to couch aspersions in phoney questions. Meanwhile, Facebook is happy to let the president say whatever he wants.

Bloomberg: Apple Set to Announce ARM Transition for the Mac at WWDC

Mark Gurman, Bloomberg:

Apple Inc. is preparing to announce a shift to its own main processors in Mac computers, replacing chips from Intel Corp., as early as this month at its annual developer conference, according to people familiar with the plans.

The company is holding WWDC the week of June 22. Unveiling the initiative, codenamed Kalamata, at the event would give outside developers time to adjust before new Macs roll out in 2021, the people said. Since the hardware transition is still months away, the timing of the announcement could change, they added, while asking not to be identified discussing private plans.

This will be the third CPU architecture transition for the Mac, after switching from the Motorola 68k series to PowerPC, and then from PowerPC to Intel. If the first ARM Macs begin shipping to customers early next year, that will mean a fifteen year lifespan for the Intel architecture. That compares to twelve years for PowerPC processors, and just ten for Motorola.

By all accounts, I think, the Intel transition went especially smoothly: the company announced its intentions at WWDC 2005 and, by Macworld 2006 — about seven months later — the company was selling its first two Intel-based products in the form of the iMac and MacBook Pro.

My expectations for this transition are very similar. Because the Bloomberg family of publications carry serious business news, it seems that there is one caveat per Gurman scoop. Even so, it would be shocking to me if the ARM transition were announced at any event except WWDC. If this project becomes public at any point this year, you will hear about it two weeks from now.

The biggest question in the lead-up to the Intel announcement in 2005 was whether existing applications would be supported. Apple’s response was Rosetta — an invisible translation layer that allowed simple PowerPC applications to run on Intel at acceptable speeds. Gurman’s story today builds lightly on his report from April, but does not add any information about this key question.

Update: Jesper:

Even if all of these are handled in the most inclusive way possible, unless there’s some sort of extra bone thrown towards Mac Pro users, who now have seen a platform long-neglected, then ostensibly rebooted, twice, back-to-back, the future for the Mac Pro as the value proposition it currently occupies is murky at best. Forming a Pro team and taking everybody out for a ride of gradually coming to terms with actual people’s actual needs only to decide that they are no longer a priority would be unspeakably stupid. Unless Mac Pros will live on in the current form, there’s more to this, although maybe not revealed immediately at this year’s WWDC.

With USB4 subsuming Thunderbolt 3, it’s not impossible that Mac Pro could just get AMD’s best performing CPUs in them and gain an impressive boost. (Although there’s other Intel technology to worry about, such as the wireless video standard one that powers Sidecar.)

Gus Mueller:

Will Apple release ARM based Macs this year? I hope so, I think the upside is huge. We’ll lose things like VMware and other x86 based applications which will be sad, but if it brings better performance and longer battery life, I’m all for it.

I’m hoping that this is transitioned better than a clean break between Intel and ARM Macs. Even though I don’t plan on buying a new Mac for years, it already sucks when I can’t open some 32-bit app on my MacBook Air running Catalina.

I was reading Jason Snell’s MacOS 10.16 wish list today, and he concludes a section about improving Catalina’s frustrating security restrictions like so:

I don’t need macOS to become less secure. I do think Apple needs to the work to make it easier for users to use their Macs, their apps, and their files without the operating system getting in their way.

Good computing gets out of the way. Apple’s software and hardware, at the best of times, gets out of the way. In my ideal world, Apple’s ARM Mac transition will erect the fewest barriers for users and be as seamless as possible. We shall see.

Sarah Cooper, the Trump Lip-Sync Genius

Greg Braxton, Los Angeles Times:

[Sarah Cooper] gives much of the credit for her newfound success to “the writing, which is so good.” She explained, “Trump is an amazing comedy writer without realizing it. There were so many moments I was able to use. I put the video out within a few hours of him saying those words. A lot of people said they saw the parody before they saw the real thing, which made it not only good content but newsworthy.”

Trump’s stumbles remind her of her former career as a designer for Google, where she was required to attend a stream of monotonous meetings where much was said but little was accomplished.

“When Trump started doing those daily briefings and being confronted with how incompetent he is and how out of his element he is, I was just reminded of being in the corporate world and seeing people BS-ing through a meeting, making their coworkers think they know things when they really have no idea what they’re talking about,” Cooper said.

It has been said elsewhere before, but this president is impossible to parody through exaggerations. There’s just no air between his real-world statements and Alec Baldwin’s “Saturday Night Live” script. But Cooper cracked the formula: his exact words, stripped of the legitimacy of his office and the pantomimed straight-faced coverage of television reporters, is a disarming and hilarious formula.

The Kind of Rebel We Need

Sarah Jackson, writing for the New York Times in 2018:

[Anthony Bourdain] was not just curious about food and the world. He was aware that injustice and inequality are systemic issues, and he never shied away from pointing that out. He regularly humbled himself before people very unlike him, he asked careful questions, and he listened. Before our eyes, he was always learning, and trying to make the world just a little better.

We live in a time when the simplest protests against racial injustice by athletes and celebrities are considered divisive, and when admitting imperfection while striving for righteousness and truth makes you a rebel. Perhaps that partly explains why people called the curious and empathetic Mr. Bourdain a “bad boy.” If that’s the case, let’s have more like him. May his compassion and indignation live on.

It has been two years since Bourdain’s death and Jackson’s tribute to his work and what he hoped to represent continues to ring true. For those of us who are privileged because of the colour of our skin or our gender, his ability to be an ally while consciously trying to avoid becoming a white saviour should be a model — even considering his misses.

Malaika Jabali, Glamour:

Bourdain is gone, this much is true. But as society pushes forward to answer the hard questions about what kind of world we want for the future, how inclusive and how understanding we want to be, it’s important to know that “allyship” is not something you bestow upon yourself.

It’s not your equivalent of street credibility because you went to a protest.

It is, as Bourdain showed us, the way you live your life and make room for others. It’s being inclusive and understanding without being boastful. It’s looking inward and being self-aware. And it’s never claiming it for yourself.

Protesting works; publicly showing the hunger for change is good. But for those of us who are privileged to live a life without facing hardship because of who we are, it is vital to be so much better. For the sake of humanity, we should all aspire to be able to be described in words such as these.

Neil deGrasse Tyson: ‘Reflections on the Color of My Skin’

Neil deGrasse Tyson, writing on the Hayden Planetarium’s website:1

In 1991, Rodney King (age 25) was struck dozens of times, while on the ground, by four LAPD officers, with their batons, after being tased. The grainy 1990s video of that went media-viral, inducing shock and dismay to any viewer.

But I wasn’t shocked at all.

Based on what I already knew of the world, my first thought was, “We finally got one of those on tape.” Followed by, “Maybe justice will be served this time.” Yes, that’s precisely my first thought. Why? Since childhood my parents instilled in me and my siblings, via monthly, sometimes weekly lessons, rules of conduct to avoid getting shot by the police. “Make sure that when you get stopped, the officer can always see both of your hands.” “No sudden movements.” “Don’t reach into your pockets for anything without announcing this in advance.” “When you move at all, tell the officer what you are about to do.” At the time, I am a budding scientist in middle school, just trying to learn all I can about the universe. I hardly ever think about the color of my skin — it never comes up when contemplating the universe. Yet when I exit my front door, I’m a crime suspect. Add to this the recently coined “White Caller Crime,” where scared white people call the police because they think an innocent black person is doing something non-innocent, and it’s a marvel that any of us achieve at all.

The rate of abuse? Between one and five skin-color-instigated incidents per week, for every week of my life. White people must have known explicitly if not implicitly of this struggle. Why else would the infamous phrase, “I’m free, white, and 21” even exist? Here is a compilation of that line used in films across the decades. Yes, it’s offensive. But in America, it’s also truthful. Today’s often-denied “white privilege” accusation was, back then, openly declared.

Marques Brownlee used Tyson’s essay as a jumping-off point for his own video essay based on his experiences in sports and tech:

You know, I remember several instances where I would accomplish a goal, or I’d make a high-end team, and I was super proud of it. But then that spotlight would appear again and I’d sort of second-guess that, where I’m like “did I make this team because I’m good enough, or did I make this team because I have this platform and they want to take advantage of that, or did I make this team because I’m black and they just want to make sure they have a black person?” I’m looking around like “well, they got one” but suddenly I’m second-guessing myself, like “am I good enough to make this team?”

[…]

Not only is racism obviously unacceptable, but we actually have to actively work against it. And there’s always, somehow, people twisting that, making it political, making it, like, a two-sided thing. I don’t understand how being anti-racist can possibly be controversial in any way.

We must be active participants in correcting the ills of our society.


  1. I am somewhat conflicted about linking to this after multiple allegations of sexual misconduct were made against Tyson in late 2018. Those accusations were apparently resolved last year, but I do not know whether the outcome was satisfactory for the women who accused him. With that caveat in mind, I believe his voice is vital in this context. ↩︎

Supercuts of Police Brutality Against Demonstrators Are Receiving Millions of Views

The actions are not new; what is relatively recent is the ability to broadcast the behaviour of police officers to the world. Like many, I’m reminded of Chris Rock’s “Tambourine” special: “I know it’s hard being a cop, but in some jobs, everybody gotta be good. American Airlines can’t be like ‘well, most of our pilots like to land’.”

This has never been a case of “a few bad apples” — a proverb that is too often corrupted by truncation because the end of that phrase is “spoil the bunch” — it is a case of a rotten system that has created domestic military forces with little accountability out of racist police precincts.

See Also: Carlos Maza.

Google Sued for $5 Billion for Tracking People in Incognito Mode

Carrie Mihalcik, CNet:

Google faces a proposed class action lawsuit that accuses the tech giant of invading people’s privacy and tracking internet use even when browsers are set to “private” mode. The suit, filed Tuesday in the US District Court for the Northern District of California, alleges that Google violates wiretapping and privacy laws by continuing to “intercept, track, and collect communications” even when people use Chrome’s incognito mode and other private web browser modes.

“Google tracks and collects consumer browsing history and other web activity data no matter what safeguards consumers undertake to protect their data privacy,” reads the complaint. The search giant surreptitiously collects data through Google Analytics, Google Ad Manager, website plug-ins and other applications, including mobile apps, according to the complaint.

I’ve read the suit (PDF) — it’s a bizarre argument that accuses Google of lying in its documentation about how much private browsing mode protects users from its data collection methods. As Michael Tsai points out, Chrome’s “Incognito” mode offers a warning that websites can still track you; other browsers’ private browsing modes might not. And there is, I think, a reasonable argument that Google is being somewhat duplicitous by offering a browser mode that purportedly disguises a user’s identity while knowingly offering products and services that eliminate whatever protections Incognito Mode may offer. Must be nice to have a finger in every pie.

Still, though: five billion dollars in damages and an accusation of violating the Federal Wiretap Act, of all laws, seems rather silly.

HBO Max Won’t Hit AT&T Data Caps Because AT&T Owns HBO

Nilay Patel, the Verge:

According to an AT&T executive familiar with the matter, HBO Max is using AT&T’s “sponsored data” system, which technically allows any company to pay to excuse its services from data caps. But since AT&T owns HBO Max, it’s just paying itself: the data fee shows up on the HBO Max books as an expense and on the AT&T Mobility books as revenue. For AT&T as a whole, it zeroes out. Compare that to a competitor like Netflix, which could theoretically pay AT&T for sponsored data, but it would be a pure cost.

That’s why the last time we looked at AT&T’s sponsored data system, the only three streaming services we could find using it… were owned by AT&T. It’s also why sponsored data systems fly in the face of net neutrality principles. AT&T’s streaming services have a major advantage over its competitors, all of which run up against the cap. But there’s no net neutrality in the United States anymore, so AT&T is free to give itself preferential treatment.

Zero rating — the unfair treatment of a telecommunications-multimedia conglomerate’s own holdings — is something that remained effectively unconsidered by Judge Richard Leon when he ruled in favour of AT&T’s acquisition of Time Warner, yet is entirely obvious to anyone who has even the faintest idea about telecom strategy today.

For its part, Comcast has made Peacock free to subscribers because it owns NBC. Both AT&T and Comcast run utilities and movie studios — and exclusively license intellectual property created by the latter to be advantageously distributed on the network infrastructure of the former. It isn’t like Netflix or Disney are small companies, but neither can compete with that degree of vertical integration.

Apathetic antitrust enforcement created this mess, but the dismantling of net neutrality laws will entrench it.

I fully expect a resurgence of piracy as studios and ISPs attempt to isolate media. For obvious reasons, ISPs win either way, but a less stupid future would see the internet treated like a utility and less vertical integration. Perhaps that would culminate in streaming video platforms that work a little more like streaming music. Of course, Spotify’s is taking the opposite route with its podcast strategy; so, unfortunately, perhaps all streaming media is destined for a consumer-hostile model of exclusive intellectual property licensing and the bickering of large companies. C’est la vie.

Update: Three U.S. Senators are looking into the anticompetitive concerns of this decision.

A Coward Takes a Walk to a Photo-Op

Alana Wise, NPR:

Escalating his rhetoric during a period of roiling national crises, President Trump on Monday threatened to deploy the U.S. military to cities or states that don’t take “necessary” actions to halt violent protests, saying the armed forces will “quickly solve the problem for them.”

Trump’s Rose Garden remarks came as just across the street, law enforcement officers deployed tear gas and shot rubber bullets to forcefully disperse peaceful protesters. Washington, D.C., had set a curfew Monday of 7 p.m. ET.

The protesters were removed from the Lafayette Square area across from the White House, apparently to clear the way for the president to walk to St. John’s Church, where he posed briefly for photographers, holding a Bible. Parts of the church compound were damaged by rioters on Sunday night.

Mark Helenowski adjusted the slick video produced by the White House, set to bizarrely stirring music, to more faithfully acknowledge the scene as it happened.

Eugene Scott, Washington Post:

Trump has been sympathetic to certain protests, those including people who support him. In addition to calling marchers, which included white-nationalist groups, in Charlottesville in 2017 “very fine people,” the president did not criticize Americans protesting stay-at-home orders when they got adversarial with police.

Trump’s effort to portray himself as a supporter of peaceful protests does not match his recent or long-term history. It was always unlikely the protesters going to the streets this week would buy into his claims that he supported their rights. The question after Monday is how will those he actually sought to reach out to with his march to foist the Bible feel their bond with him was strengthened, given the trade-off he made to get it.

Exactly. The president’s allies have responded mostly in the form of cowardly dodges and defence, but some have more clearly denounced such a ridiculous photo-op that sought to keep the story out of the frame. That is, of course, what the president wants; it is not what he ought to get.

Amazon Order Emails No Longer Include Item Details

Michael Tsai quotes two tweets; first, from Paul Rosania:

Amazon order confirmations and shipment notifications no longer include any item details. I could not for the life of me figure out why they would do this. They’re not scored on MAUs, they don’t need me to click through. Then I realized: is it so Google can’t see my order data?

Next, Andrew Chen of Andreessen Horowitz and formerly leading the “Rider Growth” team at Uber:

My guess – it’s not for google, but bc there’s email analytics cos that estimate sales of individual products based on parsing emails

At Uber, we used parsed competitor receipt data to estimate for instance, airport mkt share %, short trips mkt share etc

Chen is referring to email apps like Edison and inbox tidying services like Unroll.me, which scrape your messages for receipts and invoices used to create market trend reports. It wasn’t too long ago that many people found it outrageous that Google was using the contents of their Gmail inboxes to serve ads; now, people are willingly passing their entire email setup through marketing data companies. I think this is partly because people have become somewhat complacent with the erosion of their privacy, but I also think there is validity in a theory articulated by Cabel Sasser in response to Edison’s syncing bug last month:

What an interesting butterfly effect

Apple wants to preserve your battery life > email clients can’t check in the background > email clients set up servers to store credentials and check email to push notify you of new email > everyone’s email now exposed to huge security vector.

Apple obviously did not create this market, but its actions and priorities have likely encouraged its growth. Same, too, could be said of the App Store’s longstanding race-to-the-bottom prices that have only recently begun to turn around with widespread use of subscriptions.

To be clear: I am not claiming that, had the App Store encouraged similar app prices as on desktop computers and had background daemons been allowed, that this market would not exist. So long as personal data has value and meaningful privacy rules are absent, it seems inevitable that products will be invented to strip mine information through inventive sources. But the tradeoff of better battery life and less expensive apps does not come without a price.

It turns out that Amazon’s detail deficient email notifications are privacy-friendly, in a sense, but it’s Amazon’s sales data that is being protected.

Black Journalists and Covering the Storm That Never Passes

Danielle C. Belton, the Root:

We at The Root are fortunate in that we can comfort each other and find solace in our shared pain, but so many other black journalists at predominantly white-run media outlets don’t have this luxury — of someone asking if they are OK. Of someone asking, “do you need to take time off?” Of someone suggesting therapy or some other support to get through the crisis. Because often, to white people, this is just another news story. For us, this is our lives… and our deaths, displayed for public consumption, often without context or understanding.

As those exhausted look away for their own mental health, we cannot. We labor on because we have a cause bigger than ourselves. But it doesn’t mean we don’t turn to friends, family, colleagues and therapy to get through his, because we do. I ask for those consuming this news site and many, many other black journalists’ work understand that we are reporting while dealing with our own life-long post-traumatic stress from repeatedly bearing witness to our dehumanization and murder.

Police Erupt in Violence Nationwide Against Protesters of Police Brutality

At protests against police brutality, those same militarized police forces are escalating confrontations and engaging in brutality. This violence is not new: it is perpetuated disproportionately against black Americans every single day, but also at demonstrations, though not all demonstrations. What is relatively new is that this violence is being documented, but it remains unaccountable. Campaign Zero notes ten policy proposals that can make a meaningful difference. After the brutality shown by police against persons of colour — and, I repeat, especially black Americans — and the lacklustre efforts at police reform over decades, shame on anyone attempting to make property damage a banner story.

As a neighbour sleeping next to an elephant, the past week in particular has been infuriating and exhausting — and, frankly, frustrating that there is only so much any one person can do to help. It requires all of us to commit to being non-optical allies.

Over Employee Protests and Frustration, Mark Zuckerberg Confirms Facebook Will Not Remove Trump Post Inciting Violence

Casey Newton, the Verge:

Facebook will not remove or take any other action on a President Trump post that Twitter removed for “glorifying violence,” CEO Mark Zuckerberg said Friday. “I know many people are upset that we’ve left the President’s posts up, but our position is that we should enable as much expression as possible unless it will cause imminent risk of specific harms or dangers spelled out in clear policies,” Zuckerberg said.

Newton, in a separate piece from earlier today:

Facebook’s decision not to take action against recent posts about mail-in ballots and the Minnesota protests by President Trump is roiling employees, some of whom are calling on executives to reconsider their stance. In response to an internal post explaining the company’s rationale, some employees criticized the company’s neutral posture.

“I have to say I am finding the contortions we have to go through incredibly hard to stomach,” one employee wrote in a comment about the shooting post. “All this points to a very high risk of a violent escalation and civil unrest in November and if we fail the test case here, history will not judge us kindly.”

[…]

Wrote another: “It’s been said previously that inciting violence would cause a post to be removed. I too would like to know why the goals shifted, and where they are now.”

Mark Zuckerberg, testifying earlier this year in response to a line of questioning from Rep. Alexandria Ocasio-Cortez about the limits of Facebook’s policy regarding political advertising:

If anyone, including a politician, is saying things that can cause — that is calling for — violence, or could risk imminent physical harm, or voter or census suppression […] we will take that content down.

In statements cross-posted to Facebook and Twitter this week, Trump lied about voter fraud in mailed ballots, insinuated that the Governor of California was rigging an election, and referenced a 1960s Miami police chief in threatening to send in the National Guard to shoot protesters in Minneapolis. All of those statements remain on Facebook.

Update: New York Times reporter Mike Isaac, live tweeting an internal Facebook-wide question-and-answer session (punctuation and capitalization sic and typical for Isaac):

it’s only been minutes but the majority of employee responses to Zuckerberg’s decision thus far are….not very positive

[…]

so the way these Q&A’s work, Zuckerberg’s video streams and employees ask questions of him in a text box, sort of like a twitch stream.

employees have taken to sharing clips of MZ’s testimony to @AOC last year as a way to push back, wondering if the guidelines still truly exist.

As I wrote previously, I can see the cynical financial rationale for Zuckerberg’s stance. I can even understand the more banal angle — that he truly believes Facebook should only be a conduit for whatever users post, with exceptions only for pornography and clearly illegal material. I disagree with this angle: Facebook is comfortable in drawing the line in other situations, and Zuckerberg’s Congressional testimony illustrated a few reasonable examples where anyone would be subject to fact-checking or removal.

But his and Facebook’s position is clearly leading to discontent amongst the employees who are good and ethical and more careful. If they are unhappy, they can leave — though many won’t — leading to a higher concentration of less scrupulous staff.

Trump’s Executive Order Is About Facebook, Not Twitter

Zeynep Tufekci, the Atlantic:

In reality, Trump’s salvo on social-media companies has primarily an audience of one: Mark Zuckerberg. And it is already working. After the executive order was issued, Facebook’s CEO quickly gave an interview to Fox News in which he said, “I just believe strongly that Facebook shouldn’t be the arbiter of truth of everything that people say online.” He added, “Private companies probably shouldn’t be, especially these platform companies, shouldn’t be in the position of doing that.”

It’s important to pay attention to what the president is doing, but not because the legal details of this order matter at all. Trump is unlikely to repeal Section 230 or take any real action to curb the power of the major social-media companies. Instead, he wants to keep things just the way they are and make sure that the red-carpet treatment he has received so far, especially at Facebook, continues without impediment. He definitely does not want substantial changes going into the 2020 election. The secondary aim is to rile up his base against yet another alleged enemy: this time Silicon Valley, because there needs to be an endless list of targets in the midst of multiple failures.

It would not benefit the Trump campaign if Facebook’s management grew a spine, as Twitter’s management apparently did, and began to more closely scrutinize Trump’s posts. In turn, that would be pretty bad for Facebook’s ad revenue. Conversely, keeping the 2020 campaign similar to the one from four years ago would be highly beneficial to such a shameless, untrustworthy company — in the intervening years, Facebook’s value has doubled. Facebook has every reason to maintain the status quo, and its poor trust with the public means it has very little to lose.

Mark Zuckerberg, Proud of Facebook’s Fact Checking Work, Says That Fact Checking Is a Bad Idea

Kate Cox, Ars Technica:

Almost exactly two weeks ago, Facebook CEO Mark Zuckerberg was touting the success his platform has had with fact-checking and false-content warnings on posts. This week, however, Zuckerberg told Fox News that, really, he doesn’t think Facebook should be in the fact-checking business at all.

“I just believe strongly that Facebook shouldn’t be the arbiter of truth of everything that people say online,” Zuckerberg said in an interview with Dana Perino. “Private companies probably shouldn’t be, especially these platform companies, shouldn’t be in the position of doing that.”

Perino, George W. Bush’s final press secretary, is now a Fox News host. Twitter has long been known as Trump’s favourite social media network and Fox has long been his favourite television network, so this smells like a cynical way to ingratiate Facebook with him.

Melissa Ryan:

I’ve been a frequent critic of [Twitter] and [Jack Dorsey’s] leadership. I’ll be a critic again in the future. But I really appreciate Twitter’s actions this week, and the months of policy changes that went into making it happen.

Well said.

The Trump Executive Order Claiming to Regulate Social Media Networks Is Legally Meaningless and Distracting

I suppose it’s worth taking a few minutes to read about the Trump administration’s “Executive Order on Preventing Online Censorship”, which you can find in full on the White House website. It is a tantrum-grade piece of rush work, hastily cobbled together from old drafts of similar orders that misrepresent Section 230 of the Communications Decency Act, and legitimize the myth that social media networks are somehow biased against American conservatives.

Timothy B. Lee and Kate Cox, Ars Technica:

The centerpiece of the order is an effort to strip big technology companies of protection under Section 230, a federal law that immunizes websites against liability for user-submitted content. That would be a big deal if Trump actually had the power to rewrite the law. But he doesn’t. Rather, his plan relies on action by the Federal Communications Commission, an independent agency that has shown no inclination to help. Even with FCC help, the most that will happen is a slight reinterpretation of the law—one that the courts might choose to ignore.

The story is similar for other parts of Trump’s executive order. Trump wants the Federal Trade Commission to ensure companies are following their own policies on content moderation. That’s the same approach the FTC takes with privacy now, and it has proven toothless in practice. Perhaps the most significant change would be redirecting federal ad spending away from big technology platforms. At worst, that would be a modest hit to the bottom lines of technology giants that rake in billions of dollars every quarter.

Mike Masnick, Techdirt:

To be clear: the executive order is nonsense. You can’t overrule the law by executive order, nor can you ignore the Constitution. This executive order attempts to do both. It’s also blatantly anti-free speech, anti-private property, pro-big government — which is only mildly amusing, given that Trump and his sycophantic followers like to insist they’re the opposite of all of those things. But also, because the executive order only has limited power, there’s a lot of huffing and puffing in there for very little actual things that the administration can do. It’s very much written in a way to make Trump’s fans think he’s done something to attack social media companies, but the deeper you dig, the more nothingness you find.

Stephen T. Stone, a frequent Techdirt commenter, wrote an excellent tangental piece about the difference between moderation, discretion, and censorship:

A platform the size of Twitter or Facebook comes with a built-in potential audience of millions. Anyone banned from Twitter loses the ability to reach that audience. For some people, such a loss can feel like censorship — even though it isn’t. No one has the right to an audience. No one has the right to make someone listen. But entitled people think they do have those rights, and any “violation” of those “rights” is “censorship”.

So, here are the facts: conservatives are not being censored on the basis of their political beliefs; the President of the United States is certainly not being censored — he’s the president; Section 230 of the CDA helps protect companies like Twitter from liability when a user threatens violence, posts something defamatory, or similar; the First Amendment allows social media companies to determine what kind of posts they will allow, prevent, or remove; and, finally, this Executive Order will have virtually no effect.

This topic distracts from far more pressing concerns. In the real world, there is a pandemic that is causing thousands of deaths every day, many of which are in the United States because its federal government took almost no action through February and much of March. The response to that pandemic has caused economic activity around the world to slow down, leading to unprecedented job losses that threaten the livelihood of millions. Politically, the remaining positivity in Trump’s poll numbers has been declining, which sucks for him; a more pressing concern is that Americans’ trust in their federal government keeps dropping.

Whenever something like this Executive Order is described as a “distraction”, it should not carry the implication that it is deliberate. This administration is so readily engaged in scandalous, unethical, and legally dubious behaviour that it becomes a distraction creating machine without necessarily trying. It’s not really a strategy; it’s what happens when the people in charge are gleefully nihilistic and joyous in their spite. We cannot digest this force-fed all-you-can-eat buffet of cruelty.

MacOS Catalina’s Hidden Additional Typeface Families

Ralf Herrmann (via Michael Tsai):

Apple has recently licensed fonts from type foundries such as Commercial Type, Klim Type Foundry and Mark Simonson Studio to be used as system fonts on Mac OS Catalina. But since these fonts are an optional download, many users of Mac OS X are not even aware they have access to them for free.

I had no clue that so many great type families were made available for free to Catalina users. Interestingly, they aren’t stored in the typical folders for fonts — /Library/Fonts or ~/Library/Fonts; instead, they are downloaded to /​System/Library/AssetsV2/com_apple_MobileAsset_Font6. However, they appear to be saved as standard TrueType containers, and I don’t see any restrictions on their use for commercial projects in their metadata or the Catalina EULA (PDF).

Grubhub Should Be Thriving Due to the Pandemic’s Restrictions — But It’s Not

There is a lot in this report from Adrianne Jeffries, writing at the Markup, about the ways that food delivery services are struggling during the pandemic, but I wanted to direct your attention to this:

Grubhub has acknowledged that it makes more money from independent restaurants and small chains. A February 2020 shareholder letter explained that a typical order from an independent restaurant that uses Grubhub for marketing and delivery generates $4 of profit for Grubhub, while an order from a national chain generates $0. 

The independent restaurant “values our demand generation capabilities and utilizes our delivery services; we have a higher take-rate and collect the diner delivery fee,” Grubhub wrote, while the profit from the national brand “is significantly lower because the commission rate is lower AND the order size is smaller.”

For the independents, though, the delivery fees were too high “even in a strong market,” said Andrew Rigie, the executive director of the New York Hospitality Alliance. In a pandemic, they could put restaurants out of business — which would in turn put delivery apps out of business.

The letter illustrates the difference by comparing a $38 order from an independent restaurant and a $25 order from a chain. Grubhub’s commission on the first order is apparently between $6 and $8; its commission on the chain order is $2 to $4. Perhaps the delivery model doesn’t work as well for fast food chains, and perhaps you believe Grubhub’s argument that the attraction of a big chain will draw some customers to also order from places they otherwise wouldn’t. The effect is the same, however: Grubhub uses the higher fees paid by independent neighbourhood restaurants to subsidize deliveries for huge chains.

Three-Judge Panel Dismisses Nonsense Lawsuit Alleging Infringement of First Amendment Rights by Tech Companies

Erik Larson, Bloomberg:

A federal appeals court rejected claims that tech giants Twitter Inc., Facebook Inc., Apple Inc. and Alphabet Inc.’s Google conspired to suppress conservative views online.

The U.S. Court of Appeals in Washington on Wednesday affirmed the dismissal of a lawsuit by the nonprofit group Freedom Watch and the right-wing YouTube personality Laura Loomer, who accused the companies of violating antitrust laws and the First Amendment in a coordinated political plot.

[…]

Larry Klayman, a lawyer for Freedom Watch and Loomer, said in an interview that he’d file a petition to have the case reheard by an enlarged, “en banc” panel of the court’s judges and take the case to the Supreme Court if necessary. He said he believes the court chose Wednesday to issue its decision as a response to President Donald Trump’s threat to regulate or shutter social media companies for their alleged anticonservative bias.

Klayman is an entire jackass who has been banned from several courtrooms, and has repeatedly faced the prospect of having his law license suspended — most recently for pursuing a romantic relationship with a client. Meanwhile, the U.S. President thinks that he has the capacity to “close down” companies because they dare attempt to correct his dangerous lies that delegitimize this year’s election. Twitter, meanwhile, has decided to allow the use of its platform by the President for slandering a television host by accusing him of murder.

This “flooding the zone with shit” tactic is disastrous at any time, but is contemptible without compare during a pandemic that has now killed a hundred thousand Americans and over three hundred thousand worldwide.

Recent Firmware Updates for Texas Instrument Graphing Calculators Removes ASM Support

Matthew Wille, Input:

Texas Instruments is pulling support for C-based and assembly-based programs on both the TI-84 Plus CE — the most popular calculator for sideloading — and the TI-83 Premium CE, its French sibling. The latest firmware for each completely removes the capability and leaves users with no way to roll back to previous versions of the firmware.

This will pose a huge shift in the TI-calculator community — a relatively small but ultimately very dedicated group of programmers. Texas Instruments has shown love for this community in the past, and the company even provides advanced copies of firmware for them to beta test. Now it seems the company is ready to rebrand as more secure, even if that means leaving behind its most passionate fanbase.

Before every math and physics exam, I remember a teacher going around the room to make sure all of us cleared the memory on our graphing calculators. One of the very first programs I created was a lookalike version of the TI-83’s “RAM cleared” screen — similar to Fake but nowhere near as clever — so that I could keep all of the games I had installed and, occasionally, contraband notes. I am sure that my calculator helped me learn more about programming than it did my actual schoolwork. This is a pretty lame move on the part of Texas Instruments.

WWDC 2020 Wish Lists

Becky Hansmeyer included a bunch of SwiftUI wishes, but I picked a couple of things from the “Everything Else” section that I am also hoping to see this year:

A system-wide color picker in iOS. It’s bananas that I can’t select some text in Apple Notes on my iPad and change its color. From what I can tell, every single Mac app has access to the color picker.

The MacOS colour picker is a gem of a system component and something I miss dearly when working on any other operating system. Yes, please.

A revamped iPad multitasking system (yep, just do it again until it’s right) that isn’t big ol’ hot mess. Make it so my 4-year-old can figure it out.

I desperately want to see this cracked. I wonder how many users of moderate technical literacy can figure out how the current multitasking system works — not many, I bet. I’m not sure it will ever be usable by young children, but I’m not confident that I fully understand the current system, and I use my iPad a lot.

Stuart Breckenridge (via Michael Tsai):

  • Messages should have feature parity with its iOS counterpart, and improved search

  • FaceTime Group Calling needs an overhaul to match group calling features of competitors (at the very least, a static grid view)

These are both off Breckenridge’s MacOS wish list, which he guesses will be named Anacapa. My money is on Avalon.

Gus Mueller kept it simple:

My WWDC 2020 MacOS Wishlist

It’s now spelled with a capital M.

The true crime is the capitalization of “iPadOS”.

For what it’s worth, there are a couple of things that I would like to see this year:

  • Some indication — anything — that Siri is a priority. The wholly-generated voice that shipped with iOS 13 is a welcome improvement; it sounds so much better, particularly with more complex words.

    But Siri’s ability to respond accurately and as expected remains terrible. I know that all voice-based assistants have their weak spots, but my experience with Siri is that it cannot be trusted to do anything more than set timers and create reminders.

    Also, given its intentions and promised capabilities, Siri ought to be a tentpole feature for accessibility. Given its proclivity to behave unexpectedly, it’s just not there yet. Voice Control is wildly impressive; Siri ought to be, too.

  • An indication that “iPadOS” is more than just a name. It seems to me that a great reason to rename the iPad’s operating system is to indicate that it is no longer a bigger and slightly different version of the operating system that’s used on the iPhone. I’d like to see evidence of this.

    A great place to start might be in the management of background tasks. Here is an example I’m sure I’ve used before but cannot seem to find right now: I had three tabs open in Safari when an email came in with an attached contract I needed to sign. I switched over to Mail to save the PDF locally, switched to Files to put it in the correct place, signed it using the Markup extension, then switched back to Mail to reply with the signed copy. And then I switched back to Safari and all my tabs had to reload.

    I try to be cautious with how Mac-like the iPad should be. I recognize that it is a different platform with different expectations, so I don’t necessarily think that the iPad should just clone everything the Mac does. There are plenty of great reasons this does not happen and ought to be avoided. But, still, I have never switched between a few Mac apps and had Safari behave as though it was freshly launched. I would like to be able to switch between apps on my iPad without frequently triggering full reloads.

    Another pet peeve of mine is how poorly many system features use the space offered by today’s giant iPad displays. Siri should not consume the entire screen; neither should Notification Centre, for that matter, with a single column of summarized banners.

These are two areas that Apple often pushes as being emblematic of its strategy for the future, but which it has struggled to move forward in my view. My experiences with Siri and my iPad are not nearly as optimistic as Apple projects.

My other wish for WWDC is a noticeable focus on quality: fewer bugs, less waiting, better fit and finish, and no catastrophes when upgrading. The tick-tock cycle of feature-heavy releases followed by refinement versions is a horrible strategy that does neither effectively. I would like to see this acknowledged in some regard as an ongoing priority for every release. That’s not going to happen, but that’s what wish lists are for: the things you really want.

Local U.S. News Stations Aired an Amazon-Produced Promotional Video, Most Without Acknowledging Its Source

Zach Rael of KOCO 5:

Just got an email from Amazon’s PR team with a pre-edited news story and script to run in our shows. They are selling this as giving our viewers an “inside look” at the company’s response to COVID‑19.

Tim Burke, Courier:

While most TV news professionals have scoffed at the idea of running Amazon-provided content as news, at least 11 stations across the country ran some form of the package on their news broadcasts. The package — you can view the script Amazon provided to news stations here — was produced by Amazon spokesperson Todd Walker. Only one station, Toledo ABC affiliate WTVG, acknowledged that Walker was an Amazon employee, not a news reporter, and that the content had come from Amazon.

[…]

Amazon responded by stating the video and script were published to Business Wire as are many other companies’ in-house produced content for media organizations.

While it’s true that many companies use Business Wire to distribute press releases, it’s rare to see news-lookalike materials for broadcasters to simply drop in. It’s kind of gross for Amazon to be creating material that is clearly intended to be used, in full, as a news item, but that’s nothing on how unprofessional and embarrassing it is for even a handful of broadcasters run it without disclosing its source.

Update: Al Tompkins, Poynter:

In the TV business, these so-called video news releases, or VNRs, are so 1998. Frankly, I have not heard of anybody using such things on the air in years because they have been around since the early 1990s and have been loudly condemned as commercials disguised as news stories.

[…]

Journalism organizations like the Radio Television Digital News Association have spoken to the problems that come with VNRs for years. It is not to say a station can never ethically use a company-supplied video or even a statement, but the public has to understand where the video came from and why we are using it rather than verifying the content with our own eyes and lenses. But even using the video with attribution does not release journalists from pointing out that Amazon’s safety claims are at odds with warehouse worker’s claims.

David Barstow and Robin Stein, reporting for the New York Times in 2005:

To a viewer, each report looked like any other 90-second segment on the local news. In fact, the federal government produced all three. The report from Kansas City was made by the State Department. The “reporter” covering airport safety was actually a public relations professional working under a false name for the Transportation Security Administration. The farming segment was done by the Agriculture Department’s office of communications.

Under the Bush administration, the federal government has aggressively used a well-established tool of public relations: the prepackaged, ready-to-serve news report that major corporations have long distributed to TV stations to pitch everything from headache remedies to auto insurance. In all, at least 20 federal agencies, including the Defense Department and the Census Bureau, have made and distributed hundreds of television news segments in the past four years, records and interviews show. Many were subsequently broadcast on local stations across the country without any acknowledgement of the government’s role in their production.

It is sometimes hard to remember the failures of past administrations when the current one eagerly sheds itself of all ethics.

Amnesty’s Security Lab Finds Qatari Mandatory Contact Tracing App Exposed Sensitive Data Such Like Name and Location

Amnesty, in an un-bylined report:

The investigation by Amnesty Security Lab found Qatar’s EHTERAZ app requested a QR code from the central server by providing the national ID the user registered with. No additional authentication was required, so anyone could have requested a QR code for any EHTERAZ user.

The lack of authentication and the fact that Qatari national IDs follow a consistent format meant it was possible to automatically generate all possible combinations of national IDs and retrieve the sensitive data that EHTERAZ stores.

[…]

Before the authorities took action to address the vulnerability, sensitive personal information contained in the QR code included names in English and Arabic, location of confinement, as well as the name of medical facilities in which an individual diagnosed with COVID-19 is being treated. Last Friday, the authorities immediately took action to mitigate the exposure of data by stripping out names and location data. They subsequently released an update for the EHTERAZ app on Sunday which appears to add a new layer of authentication to prevent harvesting of data. While these changes appear to fix the issue, Amnesty International has been unable to verify whether these changes meet sufficient security standards.

This app is mandatory for everyone in Qatar, and its poor centralized design meant that highly sensitive information was trivial to look up. I remain stumped why Apple and Google chose to create the framework for decentralized systems that do not allow location data collection, contrary to the suggestions of the Washington Post.

Prime Minister Justin Trudeau Announces Canada Will Adopt Apple–Google Exposure Notification API

Gary Ng, iPhone in Canada:

Prime Minister Justin Trudeau today revealed during his daily COVID-19 press conference the Canadian government is working with Apple and Google in regards to a contact tracing app, or Exposure Notification solution.

Trudeau mentioned how other jurisdictions, such as Singapore and Australia, have contact tracing apps running in the foreground, which can drain battery life. But Apple and Google’s next June update will bake the joint COVID-19 contact tracing solution into the mobile operating systems, allowing Bluetooth to be used anonymously in the background.

The existing app being promoted across Alberta is based on Singapore’s TraceTogether app, but it has notable problems. If the Canadian app gains widespread adoption, it seems like it could be helpful to human contact tracers.

Ng:

Apple and Google are limiting one API use per country to so apps aren’t fragmented and also increase adoption. The Exposure Notification API will not use a device’s location services.

I must have missed this announcement from a few weeks ago but it makes sense and ought to clean up the current mess of incompatible exposure notification apps.

The Early Build of iOS 14 That’s Floating Around Was Likely Extracted From a Stolen Development iPhone

Remember when, a few months ago, MacRumors and 9to5Mac independently dropped a whole bunch of iOS 14 details without disclosing a source beyond “leaked code”? Even for a necessarily discreet acknowledgement, that barely counts as explaining how much of the OS had leaked and why either publication believed the code to be genuine.

A new report today from Lorenzo Franceschi-Bicchierai of Vice helps answer those questions:

Motherboard has not been able to independently verify exactly how it leaked, but five sources in the jailbreaking community familiar with the leak told us they think that someone obtained a development iPhone 11 running a version of iOS 14 dated December 2019, which was made to be used only by Apple developers. According to those sources, someone purchased it from vendors in China for thousands of dollars, and then extracted the iOS 14 internal build and distributed it in the iPhone jailbreaking and hacking community.

[…]

Leaked Apple code, documentation, and hardware is often traded on Twitter using a hashtag called #AppleInternals. The people trading or selling this information are often pseudonymous, but have proven time and time again to have legitimate Apple information or hardware. This particular version of iOS 14 has been traded on Twitter but also among networks of jailbreakers and security researchers. Two security researchers told Motherboard they have (and are probing) iOS 14, and two said they heard it was being offered but were staying away from it, fearing repercussions from Apple.

For what it’s worth, the hashtag is #AppleInternal, not #AppleInternals. Also, I don’t think it’s a big shock that Apple is not too thrilled that a stolen copy of a very early build of iOS 14 is being shared publicly and probed by unauthorized people. It’s one thing for a public or semi-public copy to be explored for vulnerabilities; it is entirely another to be researching an unfinished build intended solely for internal use.

Last year, a Motherboard investigation revealed the existence of a gray market where smugglers steal early prototypes, or “dev-fused” iPhones from factories in China and then sell them to security researchers and collectors around the world. In the past, Apple has gone after leakers and even a Gizmodo journalist, who found a prototype of an iPhone 4 in a San Francisco bar. It’s unclear what the company will do about this incident, but some in the industry are expecting the worst.

This whole article paints Apple as unreasonably protective of its confidential property, verging on vindictive. This paragraph, specifically, ties the purchase of the unreleased build of iOS 14 to the Gizmodo iPhone 4 case, implying that Apple will, I guess, exact revenge upon MacRumors and 9to5Mac reporters who wrote about the code they obtained.

But the angle of this article depends on how the Gizmodo case is described — and, here, it is reported inaccurately. A Gizmodo journalist did not find a prototype. Gizmodo bought the prototype for $5,000 after being contacted by the guy who stole it from an Apple engineer’s bag. Is it such a surprise that a company — any company — does not take kindly to having its stolen goods trafficked?

I would be surprised and dismayed if Apple attempted to search or press charges against the reporters writing about the iOS 14 builds that were leaked to them. I do not think it is outrageous for Apple to go after whatever source bought the stolen iPhone that contained the code, nor do I think it was wrong when the police investigated Gizmodo’s purchase of a stolen prototype. Those are vastly different things from both a reporter’s ethical perspective, as well as a more obvious legal perspective.

Sandwich Made a New Ad for Slack, Using Slack

Don’t miss the behind-the-scenes video with the Sandwich team explaining how they made all this happen without being able to leave their houses.

If you look closely at Adam’s jacket, you’ll see that he has his iPhone upside down in his chest pocket with the Voice Memos app used to record his audio. I don’t know if that audio made the final cut or if it was a backup, but it would not surprise me if it’s from the iPhone. (Update: The iPhone was a backup.) At my day job, I sometimes have to make videos, and there have been plenty of times I’ve used cleaned-up recordings from an iPhone positioned like that, with perfectly acceptable quality.

It’s amazing how far all of these tools have come. The ad is a video that requires no caveats or asterisks to excuse its work-from-home production, and the behind-the-scenes video shows how much is possible with the tools many of us already have.

Siri Turns Nine This Year

Nilay Patel asked his Apple Watch what time it was in London, and it responded with the current time in London, Ontario. Assuming Patel asked in New York, where his Twitter bio indicates that he lives, that would be the closest London, but almost certainly not the one he’s thinking of.

John Gruber asked the same question on two different devices. His iPhone also responded with the time in London, Ontario, but his HomePod told him the time in London, U.K.

This is clearly madness on every possible level. Why would Siri respond differently on different devices? Why would it not choose the more obvious geographic choice, rather than the small Canadian city that is in the same time zone as where Patel was asking from? If you want to be absolutely pedantic about it, Siri already has a way of clarifying ambiguity — but it should just assume that you want the time in one of the world’s most well-known cities.

What bugged me most about this, though, is that searching Maps locations through Siri and by keyboard entry frequently requires an unnecessary amount of precision. For years, getting directions to the Ikea location here in Calgary required typing “Ikea Calgary, Alberta”, otherwise it would consistently get directions to Ikea in Edmonton, about three hours away. Apple has fixed that now, but there are plenty of other times where it has directed me to similarly-named pizza joints and dry cleaners in the southern United States instead of mere blocks away. Why is Siri so eager to prioritize proximity for a query that is about time difference by distance, yet Maps search reliably thinks I want to travel many hours to get furniture or dinner?

Most egregious to me was that time, earlier this year, when Siri suggested an inconceivable day-long road trip instead of a route to my office. It got every possible aspect wrong of something I do with scheduled regularity. Given its age, inconsistency, slow response times, and unreliability, there is little doubt in my mind that Siri is one of modern Apple’s greatest software failures. I do not understand how, after a decade of development, it still struggles with fundamental expectations.

Contact Tracing App Used by North and South Dakota Shares Location Data With Foursquare and Google

Steven Melendez, Fast Company:

The app, called Care19, and produced by a company called ProudCrowd that also makes a location-based social networking app for North Dakota State sports fans, generates a random ID number for each person who uses it. […]

According to the app’s privacy policy, “location data is private to you and is stored securely on ProudCrowd, LLC servers” and won’t be shared with third parties “unless you consent or ProudCrowd is compelled under federal regulations.”

But according to the Jumbo report, the app sends the random ID number, along with a phone ID used for advertising purposes and apparent latitudes and longitudes of places visited by the user, to Foursquare, a leading location-data provider. The app also sends the random ID to servers run by Bugfender, a Barcelona-based service used by app makers to track and diagnose software malfunctions, according to Jumbo, which monitored internet traffic generated by the app. It’s accompanied by the phone’s name, which often includes the device owner’s first name, according to the report. The phone’s advertising ID is also sent to Google servers that appear to be affiliated with Google’s Firebase service, Jumbo found.

Hard to imagine why Apple and Google designed an API specifically for contact tracing with stricter privacy provisions instead of simply allowing indiscriminate location data collection like that recent Washington Post story suggested they ought to do.

Twitter Is Testing Settings That Allow Users to Limit Who Can Reply to Individual Tweets

Alison DeNisco Rayome and Queenie Wong, CNet:

Twitter is testing new settings that let you choose who can reply to your tweet and join in on your conversation, the company said in a Wednesday blog post. Before you send a tweet, you’ll be able to choose who can reply from three options: everyone on Twitter (which will be the default setting), only people you follow, or only people you mention. 

If you choose one of the latter two options, your tweets will be labeled and the reply icon will be grayed out, so people will see that they can’t reply. However, those that can’t reply will still be able to view, retweet, retweet with comment or like your tweets. 

Only a limited group of people on Twitter’s iOS and Android apps as well as its website can currently send tweets that limit replies, but everyone can still see those conversations. It’s unclear if or when the feature would roll out more generally.

This seems like yet another Twitter feature that will sharply bifurcate discussion on the site rather than assisting it. Those making bad faith arguments can avoid being fact-checked. Those who are more honest can eliminate trolls in direct replies, but their post can still be quote-tweeted by bad actors.

Sure seems like it will appeal to public figures and companies that want to treat Twitter as a pure broadcast platform, though.

How to Decode a Data Breach Notice

Zack Whittaker, TechCrunch:

Data breach notifications are meant to tell you what happened, when and what impact it may have on you. You’ve probably already seen a few this year. That’s because most U.S. states have laws that compel companies to publicly disclose security incidents, like a data breach, as soon as possible. Europe’s rules are stricter, and fines can be a common occurrence if breaches aren’t disclosed.

But data breach notifications have become an all-too-regular exercise in crisis communications. These notices increasingly try to deflect blame, obfuscate important details and omit important facts. After all, it’s in a company’s best interest to keep the stock markets happy, investors satisfied and regulators off their backs. Why would it want to say anything to the contrary?

The next time you get a data breach notification, read between the lines. By knowing the common bullshit lines to avoid, you can understand the questions you need to ask.

A good guide to the language used in these announcements. Data breach notifications are, after all, just a form of press release, and should be viewed through the same skeptical lens.

National Advertising Review Board Recommends AT&T Discontinue Fake 5G Branding

Jeremy Horwitz, VentureBeat:

[…] Based on challenges brought by T-Mobile, the NARB said that AT&T should discontinue references to both “5G Evolution” and “5G Evolution, The First Step to 5G,” which a panel determined would “mislead reasonable consumers into believing that AT&T is offering a 5G network” when it was undisputed that AT&T’s 5GE was “not a 5G network.”

[…]

While AT&T said that it “respectfully disagrees” with the NARB’s decision, it will apparently comply with the decision, though it’s unclear at this point whether it will discontinue both the 5G Evolution advertisements and on-device branding, or just the ads. In addition to its 4G network, the carrier currently advertises “5GE,” “5G,” and “5G+” services that continue to be confusing and in some cases elusive to consumers, as there are still no maps for AT&T’s millimeter wave-based 5G+ in cities or states a year and a half after the service supposedly launched.

In addition to being half-baked pixie dust, 5G is also confused by AT&T’s deliberately misleading branding.

Update: AT&T confirms that it will not change the “5G E” symbol on phones. Though the NARB has a very official sounding name, it is merely a wing of the private Better Business Bureau organization, and has no regulatory power. The term “5G” has an unambiguous definition, but AT&T’s misuse of it to falsely advertise its 4G network withstood a Sprint lawsuit and has not been meaningfully objected to by any regulatory body.

New York Times to Stop Using Third-Party User Data for Advertising by 2021

Sara Fischer, Axios:

The New York Times will no longer use 3rd-party data to target ads come 2021, executives tell Axios, and it is building out a proprietary first-party data platform.

[…]

Beginning in July, The Times will begin to offer clients 45 new proprietary first-party audience segments to target ads.

Those segments are broken up into 6 categories: age (age ranges, generation), income (HHI, investable assets, etc.), business (level, industry, retirement, etc.), demo (gender, education, marital status, etc.) and interest (fashion, etc.)

By the second half of the year, The Times plans to introduce at least 30 more interest segments.

I don’t fully understand why Times executives anonymously break news like this, and a similar story last year, through Axios rather than through their own newspaper or a corporate press release.

Zack Kanter:

Wow. Adtech giant NYT ($800m ARR, $6B valuation) to begin selling user data directly to advertisers. Scary, anticompetitive trend led by corporate journalism – local news outlets just can’t compete with closed tech platforms like this.

Amee Vanderpool:

The New York Times will no longer use 3rd-party data to target ads come 2021 and it is building out a proprietary first-party data platform that will force them to rely on data that they collect directly from their users. YOUR DATA.

Antonio García Martínez:

Due to GDPR penalizing third-party data, and due to the advantages granted thereby to large first-party repositories of data, the NYT is *precisely* emulating FB and becoming a data collector (but with worse privacy probably).

These simplistic interpretations of privacy arguments are, at best, unhelpful, and are obnoxious in their laziness at worst.

The personalized advertising model of the last decade or so is toxic to the web. It incentivizes surveillance of users to create highly granular categories of behaviour and interests because there is the assumption that more data points lead to better targeting which, I guess, is supposed to mean a greater likelihood of conversion into ad clicks. In return, users are supposed to be comfortable with their every click and scroll being tracked from website to website — all for only about 4% greater ad revenue than non-tracking ads with relevant context.

In short: selling ads based on where they will be shown is just about as effective as selling ads based on who they will be shown to. That is how print advertising has been sold for ages. Recall, for example, the subscription cards that come with magazines: in addition to the bare minimum contact and billing details required to deliver each issue, there is often a demographic survey asking about age, household income, and so on. None of these fields are required, but many people fill them in anyway. The publisher uses this information to set rates and give advertisers a broad idea of the magazine’s readership.

Today’s Times announcement is almost a hybrid of those two worlds. It uses the proprietary data of the paper’s readership to build profiles without the use of third parties, and none of that data leaves the Times’ properties. I do not understand what Kanter is referring to when he describes this arrangement as “selling user data directly to advertisers” — either that is an accidentally wild misreading, or a deceptive statement.

This is a far more honest way of targeting advertising. It isn’t at all like the hundreds of ad tech companies that receive much of a typical user’s browsing history without their knowledge. If you visit the Times’ website, it will collect some information about you; if you don’t want it to, you don’t have to visit the Times’ website. It won’t be collecting behavioural data about you if you don’t.

I would vastly prefer to revert to a pre-personalized ad world, but I still see this move as a step in the right direction. It may still collect data for targeting, but at least it does not involve the near-universal surveillance of companies like Facebook and Google. Reducing their ability to conduct broad and intrusive behavioural data collection is an important step towards a more private web.

Spotify Pays Good Money to Stop Seeing Joe Rogan’s Face Everywhere

For several years now, visiting the YouTube homepage or opening the directory in just about any podcast client was an exercise in Spot Joe Rogan’s Face. His podcast is wildly popular for reasons that escape me; all fourteen hundred episodes are on YouTube, too, where they rack up millions of views.

Anyway, Spotify must have gotten as tired of seeing Rogan’s face on every platform because it has bought exclusive rights to his podcast. Ashley Carman, the Verge:

The show will become available on Spotify globally starting on September 1st, and it’ll become an exclusive sometime after that point. Listeners won’t have to pay to access the episodes, but they will have to become Spotify users. Spotify said in a press release that Rogan retains creative control over his show. It didn’t disclose how much it spent on the deal. The company will also work with an ad agency to jointly sell ads against the program. Rogan said last year his show reached about 190 million downloads a month.

[…]

This is a massive get for Spotify, which has made podcasting a core focus. It acquired Gimlet Media, Anchor, and Parcast last year, to start, and then signed more Spotify-exclusive deals. It’s working with the Obamas’ production company exclusively and committed to deals with other big names, like Joe Budden and Amy Schumer, and acquired The Ringer.

Exclusivity plays by podcast platforms — Apple reportedly included — are a predictable but concerning development. I don’t think it is necessary for podcasts to be free, but it is important that they do not become part of a siloed system. As much as websites should be browser agnostic and purchased music should be able to be played anywhere,1 podcasts should also work with any client.


  1. Purchased movies and TV shows should work the same way, but executives in charge of those industries would rather spend millions of dollars annually on lobbying for increasingly outrageous copyright laws↩︎

MusicSmart Puts the Spotlight on Music Credits

Federico Viticci:

Here’s the amazing part — the “aha” moment that brought back the same feelings I had as a kid when reading through liner notes: in the Tracks section, you can tap any of the listed songs to view detailed credits for the selected song. These go beyond the standard “written by” credits you see in Apple Music: MusicSmart lists engineers (including mixing, mastering, and assistant engineers), producers, and even the name of the label and studio where the song was mastered. But there’s more: MusicSmart can show you the names of all the artists credited for the creation of a song even if they’re not core members of a band, including backing vocalists, percussionists, keyboard players, saxophonists – you name it. If a music video has been released for the selected track, the video director’s name will be listed by MusicSmart too.

This amount of detail is incredible in its own right, and, personally speaking, it makes me happy to see that someone else still cares about credits and wanted to write an app for them. The ability to learn the names of people who played an important role in the making of my favorite songs has already led to fascinating discoveries I wouldn’t have made with Apple Music alone. […]

I’ve been aching for something like this for years. Just two bucks in the United States — or whatever the equivalent is where you live.

Apple’s Statement Regarding the FBI’s Successful Unlocking of the Pensacola Shooter’s iPhone

From Apple’s statement, as posted by Chris Welch of the Verge:

On this and many thousands of other cases, we continue to work around-the-clock with the FBI and other investigators who keep Americans safe and bring criminals to justice. As a proud American company, we consider supporting law enforcement’s important work our responsibility. The false claims made about our company are an excuse to weaken encryption and other security measures that protect millions of users and our national security.

This rebuke appears to be targeted at the many criticisms of Apple’s conduct made today by Attorney General William Barr and FBI Director Christopher Wray:

Both officials say that encryption on the gunman’s devices severely hampered the investigation. “Thanks to the great work of the FBI — and no thanks to Apple — we were able to unlock Alshamrani’s phones,” said Barr, who lamented the months and “large sums of tax-payer dollars” it took to get into devices of Mohammed Saeed Alshamrani, who killed three US sailors and injured eight other people on December 6th.

Apple says that it provided everything it had related to Alshamrani’s iPhones, including iCloud backups.

Thomas Brewster, Forbes:

[Barr] even laid into Apple for working with China and Russia to relocate data centers to help those countries carry out surveillance. “If tech companies are willing to oblige the demands of authoritarian regimes they have no excuse to cooperate with rule of law nations with… privacy rights.”

Apple’s compliance with the demands of Russia and China has been disheartening and it has robbed the company of some of its credibility on privacy. But it is a mystery to me why Barr would see obsequious behaviour to these countries as something to be admired and emulated. If it is reasonable to criticize Apple for complying in authoritarian states, then surely what is so upsetting is that it amounts to a loss of personal privacy and security for users in those countries.

U.S. Department of Justice Once Again Able to Extract iPhone Data Without Compromising Security of All Users

Earlier this year, the U.S. Department of Justice attempted to shame Apple for being unwilling to compromise the security of all users for the FBI’s convenience. This echoed a 2015 case where the FBI barely tried to extract data from the iPhone of a criminal suspect before trying to guilt trip Apple into weakening encryption.

Once again, it turns out that the FBI didn’t need Apple to compromise all users’ security and privacy. Sadie Gurman and Dustin Volz, Wall Street Journal:

A Saudi aviation student who killed three people on a Florida Navy base last year had extensive ties to al Qaeda, details that investigators were able to learn by accessing the gunman’s iPhones after months of delays, top U.S. law-enforcement officials said Monday, accusing Apple Inc. of providing virtually no help in the investigation.

The gunman, Second Lt. Mohammed Alshamrani, had been communicating with a number of operatives of al Qaeda in the Arabian Peninsula for years, even before he began training with the U.S. military, officials said, a discovery that was made based on information recovered from his two locked iPhones.

I am glad that the FBI was able to make progress on this case without escalating an unnecessary public battle with Apple, specifically, over the use of encryption. I think we would all like a way to have both very strong encryption and a means for investigators to access device data when warranted, but no such method exists.

The only choice is whether it is better for everyone to have insecure devices that store credit cards, passwords, health information, and business data or having investigations delayed and some evidence effectively destroyed — the same as with countless other types of potential evidence. There are tradeoffs with both, but I know which I prefer.

On Doing More Harm Than Good

Reed Albergotti and Drew Harwell, Washington Post:

Apple and Google’s announcement last month of a joint effort to track the coronavirus by smartphone sparked a wave of excitement among public health officials hoping the technology would help alert them to potential new infections and map the pandemic’s spread.

But as the tech giants have revealed more details, officials now say the software will be of little use. Due to strict rules imposed by the companies, the system will notify smartphone users if they’ve potentially come into contact with an infected person, but it won’t share any data with health officials or reveal where those meetings took place.

Local health authorities in states like North Dakota, as well as in countries such as Canada and the United Kingdom, say they’ve pleaded with the companies to give them more control over the kinds of information their apps can collect. Without the companies’ help, some worry their contact tracing systems will remain dangerously strained.

These are the opening paragraphs of an article that, careful readers will note, is fundamentally wrong. Let’s start with this statement:

Due to strict rules imposed by the companies, the system will notify smartphone users if they’ve potentially come into contact with an infected person, but it won’t share any data with health officials or reveal where those meetings took place.

It may not track specific locations, but that’s not necessary for what this API is trying to help accomplish. Furthermore, public health officials absolutely will be involved in the collection and use of this data: apps using this API must be from health authorities.

Sara Morrison explains at Vox Recode:

As previously reported, the first phase of the rollout will be an API that will allow iOS and Android devices to exchange anonymized proximity keys using Bluetooth. Apple and Google have now revealed that the Bluetooth metadata from the devices will be encrypted, so it can’t be used to try to identify a device. Public health authorities will then be able to build their own contact tracing apps using this API, and they will set the exposure length, the amount of time the two devices need to be near each other in order to exchange keys. The maximum allowed exposure time will now be 30 minutes. Again, this will make it harder to link a rotating key to a specific user.

And how about this statement? Again quoting from those first three paragraphs:

Without the companies’ help, some worry their contact tracing systems will remain dangerously strained.

Again, from Morrison:

Oh, and about that terminology. Apple and Google have replaced the “contact tracing” label with “exposure notification.” The companies said they believe it better describes what the tool does, and that it’s only part of a public health authority’s contact tracing program. This seems a bit trivial, but it’s actually a good reminder that these apps and their deployment are run through public health authorities, and it’s up to those authorities to make sure positive test cases are properly vetted. Meanwhile, it’s essential that populations that may not have access to iOS and Android devices are included in their contact tracing programs. Apple and Google aren’t doing this alone.

Of course this must be used in conjunction with human contact tracing efforts. It is a way to more efficiently and more privately implement existing electronic contact tracing apps.

This is sloppy work. It’s articles like these that do make me worry about the efficacy of contact tracing with the assistance of smartphones, but only because of how poorly it explains how the system works, what it is intended to do, and how it differs from existing smartphone contact tracing efforts. This article is so poor as to misinform the reader into thinking that Apple and Google are taking advantage of a pandemic to collect a bunch of user data while keeping it secret from public health authorities — which is almost the opposite of what this effort does.

I worry that this kind of bad information will cause people to entirely reject contact tracing apps — even those that are built in a privacy-friendly, energy-efficient manner. Then it really will be ineffective, but not for the reasons in this Post piece.

Security Theatre in Safari Download Permissions

You know how Safari now requires you to confirm that you want to allow file downloads per domain? It’s not just irritating; it is also sometimes mere theatre.

Consider this tweet from Craig Hockenberry:

If you view the Twitter website in Safari on Mojave and/or Catalina, you’ll probably enjoy this extension app I wrote:

https://files.iconfactory.net/software/Fixerrific-1.0+5.zip

It makes the navigation scroll and hides “Trends” & “Who to follow”. Two lines of code that improve things immensely. Enjoy!

If you click the link to download the file, Safari will ask you if you want to allow downloads on “t.co” — Twitter’s URL shortener — which is a problem for two obvious reasons:

  1. The file is not being downloaded from t.co, but from files.iconfactory.net, so the prompt is lying.

  2. Confirming that you do want to allow downloads from t.co does, apparently, allow you to download any and all files from links posted on Twitter without further confirmation. I tried downloading another archive and I was not asked if I want to allow downloads.

Twitter’s URL shortener works by creating 301 redirects, but Safari apparently doesn’t follow those to their destination URL. In some cases, that probably makes sense — large file downloads are often hosted on CDNs with inscrutable addresses. It does, however, mean that whatever way this is supposed to benefit security or privacy is easily defeated if downloads are redirected through common URL shorteners.

With Acquisition of Giphy, Facebook Buys Tracking in Unexpected Places

Dan Primack, Kia Kokalitcheva, and Sara Fischer, Axios:

Facebook has agreed to buy Giphy, the popular platform of sharable animated images, Axios has learned from multiple sources. The total deal value is around $400 million.

Vishal Shah of Facebook:

We’ve used GIPHY’s API for years, not just in Instagram, but in the Facebook app, Messenger and WhatsApp. GIPHY will continue to operate its library (including its global content collection), and we’re looking forward to investing further in its technology and relationships with content and API partners. People will still be able to upload GIFs; developers and API partners will continue to have the same access to GIPHY’s APIs; and GIPHY’s creative community will still be able to create great content.

Isn’t it nice how Facebook will continue to allow current API users access to Giphy? Sure is a sly way of admitting why they bought the company, isn’t it?

Vivek Karuturi:

Giphy extends FB’s visibility into 3rd party applications across the internet (a capability they’ve been building out through various acquisitions like Onavo VPN, etc)

With Onavo, FB saw WhatsApp’s message rates climbing at 2x Messenger’s rate. They acquired soon after.

With this type of tech, FB can keep a watchful eye on what’s picking up buzz and gives them ample time to react / understand what’s going on at the ecosystem level.

Bonus perk that this activity looks completely innocuous from the outside (politically, to regulators, etc).

“React or understand” is a great euphemism for “acquire or copy”.

Steve Kovach:

Does anyone know if Apple uses Giphy for iMessage GIFs? Unclear where Apple sources that library from.

Kovach appears to be referring to Apple’s stock “#images” app. It sources GIFs from multiple sources — Gfycat, Gif Keyboard, and Giphy as well.

William Turton:

My first thought: there is now a Facebook product built into Signal.

Moxie Marlinspike, creator of Signal:

Signal already uses a privacy preserving approach to prevent gif search providers from receiving user data.

Giphy has integrations with Slack, Microsoft Teams, Zendesk — nothing says “customer support” like replying to a bug report with a tepid GIF — Mailchimp, Twitter, Bumble, Tinder, Snapchat, and TikTok. Just imagine the fountain of usage data they will be able to glean from all of those competitors.

The old axiom of consumer protest is to “vote with your wallet”, but that snappy advice doesn’t work for infrastructural companies — and Facebook is rapidly becoming one of those. Even if you don’t use any of its products and have deleted Giphy after today’s acquisition, it’s still gathering tracking data on you. Also, many people you know have probably uploaded your contact details to their services.

All of this — the vast trove of data collected by a surveillance dragnet ensnaring virtually every internet-connected person on Earth, and the software processing it written by brilliant engineers — is to make advertising slightly more relevant and, therefore, maybe enrich Facebook’s investors. Facebook truly is changing the world.

VR in Our Virus-Altered Reality

Ina Fried, Axios:

Virtual reality can bring faraway people together and take us places we can’t physically go. That should make it the perfect breakout technology for both personal and professional life in the stay-at-home era — yet it remains a niche product.

[…] Virtual reality remains in its infancy, despite decades of on-and-off development, billions of dollars in investment and a ton of anticipation. Sales of VR headsets have repeatedly failed to live up to expectations. IDC reported 1.4 million units sold globally in Q4, down 23% from the prior year.

Matt Birchler:

VR is, you guessed it, not having a moment. In fact, while a stay-at-home-and-isolate-yourself pandemic has been going on that is prime time to have people lose themselves in other worlds for longer than normal, VR seems just as niche as it’s ever been. The only major push the medium has had in recent memory is the release of Half Life: Alyx, which moved a ton of headsets, but that’s really it.

Benedict Evans:

To put this another way, it’s quite common to say that the iPhone, or PCs, or aircraft also looked primitive and useless once, but they got better, and the same will happen here. The problem with this is that the iPhone or the Wright Flier were indeed primitive and impractical, but they were breakthroughs of concept with clear paths for radical improvement. The iPhone had a bad camera, no apps and no 3G, but there was no reason why those couldn’t quickly be added. Blériot flew across the Channel just six years after the Wrights’ first powered flight. What’s the equivalent forward path here? There was an obvious roadmap for getting from a duct-taped mock-up to the Oculus Quest, and today for making the Quest even smaller and lighter, but what is the roadmap for breaking into a completely different model of consumer behaviour or consumer application? What specifically do you have to believe will change to take VR beyond games?

Zac Hall, 9to5Mac:

It’s no secret that Apple has ambitious plans for augmented reality and a future AR-focused headset. Apple is practically building the platform for its future headset out in the open with ARKit. What’s new is that Apple is believed to be in the process of acquiring a California-based virtual reality company called NextVR, 9to5Mac has learned.

[…]

The icing on the cake may not be expertise in virtual reality, however, as NextVR also has holds patented technology that upscales video streams. NextVR uses this technology to support high quality video streams of music and sporting events to VR headsets. NextVR holds over 40 technology patents in total.

It is interesting to me that Apple confirmed this acquisition the very same week as the publication of two high-profile articles, from Fried and Evans, about VR’s failure to gain traction. I don’t mean to imply that there’s any connection, nor that Apple is either making a mistake or will be a kick in the pants for VR — just that it’s an interesting coincidence.

I am curious about what any company can bring to this space beyond games. As Evans says, it’s easy to envision a roadmap for VR that makes it somewhat smaller and more elegant, but what does that actually change for its real-world use? The rumours of an augmented reality headset from Apple are equally intriguing; the Apple Watch is designed to be worn all day, and a pair of AirPods can be worn for hours while walking anywhere or doing anything. From what exists right now, it’s hard to envision a headset that is anything other than a specialized gadget — and Apple doesn’t really do specialized gadgets.

The Problem of Third-Party SDK Creep

Brian Barrett, Wired:

According to widespread reports and the web monitoring service Down Detector, prominent iOS apps like TikTok, Spotify, Pinterest, Venmo, and more experienced issues on Wednesday. Many users found that they crashed whenever they tried to open the apps, whether or not they used Facebook to log in. “Please move slower and break fewer things,” wrote one GitHub commenter. “Thank you.”

“Yesterday, a new release of Facebook included a change that triggered crashes in some apps using the Facebook iOS SDK for some users. We identified the issue quickly and resolved it,” Facebook said in a statement.

That change was quite small, given its outsized impact. “It was something like a server value — which was supposed to provide a dictionary of things — was changed to providing a simple YES/NO instead, without warning,” says iOS developer Steven Troughton-Smith. “A change that simple can break an app that isn’t prepared for it.”

This isn’t even close the first time something like this has happened. A few years ago, a developer pulled their code from the NPM package manager; a small utility of theirs was widely used and other developers’ dependence on it broke lots of popular software. This isn’t even the first time this has happened with Facebook’s SDK.

Guilherme Rambo:

Many people rush to blame engineers for these types of problems. “Of course it’s the engineers’ fault: they included the SDK after all, didn’t they?”.

Even though it was technically an engineer who programmed the SDK into their company’s app, those types of decisions are usually top-down. Someone over at marketing decides they want better analytics on their Facebook campaigns, they talk to the product people and the product people just order that from the engineers.

I’m sure there’s a Facebook engineer who was furious with themselves for shipping something that broke a bunch of big apps, but this incident shows how dependent many ostensibly independent apps are on the infrastructure of a few giants. It’s kind of like when a bunch of websites go down because someone kicked the plug out at an Amazon Web Services server farm. It is a reminder that an extraordinary amount of responsibility for modern life is held by very few.

The Pandemic Is Launching the Era of Online Platform Regulation

Matt Stoller:

High prices are pervasive across the delivery app world, from Grubhub to Uber Eats to DoorDash. As one industry consultant told the Guardian, “The delivery fees and service charges from these websites are murder. They’re incredibly high rates… It’s almost impossible to profit at all.”

And yet, the the food delivery network business paradoxically isn’t doing very well. Uber and Grubhub are considering merging because prices they charge to restaurants are too low to support their overhead. These apps should probably be a modestly profitable regional services, connecting local eateries to local eaters, like taxicab stands or co-working spaces before WeWork. But our global monopoly-centric public policy framework has flooded capital into the space, leading to money-losing attempts to build global empires. It’s a variant of counterfeit capitalism, where investors hoping for monopoly rents are subsidizing an artificial and predatory business model.

The pandemic has put this dynamic into stark relief. Food apps are seeing a flood of new business. At the same time, the disease has changed the food service business. Most restaurants focus on takeout and delivery, because they are otherwise shut down. The restaurant industry always lived on thin margins, and these apps charge up to 30% of the total order amount. When delivery was a side business for most restaurants, high delivery app fees were manageable. But since restaurants have gone to a mostly takeout/delivery business during the pandemic, they have become dependent on this new sales and distribution channel.

Uber should not exist. It lost over eight billion dollars last year and has never turned a profit, even though it only has to pay for wages and not any of the physical infrastructure of its core businesses. Its food delivery service is wildly expensive for restaurants and the company, and its ride sharing business is a predatory version of actual taxicabs. There are many companies that have benefitted from lax regulations and bottomless capital, but Uber stands out as a particularly toxic example.

Mitch McConnell Moves to Explicitly Permit Warrantless Collection of Americans’ Web Browsing Activities

Spencer Ackerman, the Daily Beast:

Under cover of redressing what President Donald Trump and his allies call the FBI’s “witch hunt” over collusion with the Kremlin, McConnell, via an amendment to the PATRIOT Act, will expressly permit the FBI to warrantlessly collect records on Americans’ web browsing and search histories. In a different amendment, McConnell also proposes giving the attorney general visibility into the “accuracy and completeness” of FBI surveillance submissions to the secret Foreign Intelligence Surveillance Act (FISA) Court. Versions of the amendments circulating Monday were shared with The Daily Beast.

Taken together, privacy advocates consider McConnell’s moves an alarming expansion of Attorney General Bill Barr’s powers under FISA, a four-decade-old process that already places the attorney general at the center of national-security surveillance. It also doesn’t escape their notice that McConnell is increasing Barr’s oversight of surveillance on political candidates while expanding surveillance authorities on every other American. One privacy activist called McConnell’s efforts “two of the most cynical attempts to undermine surveillance reform I’ve ever seen.”

Martin Matishak, Politico:

The Senate on Wednesday blocked a bipartisan effort to shield Americans’ internet browsing and search histories from warrantless surveillance.

Lawmakers voted 59-37 on an amendment by Sens. Steve Daines (R-Mont) and Ron Wyden (D-Ore.) to a House-approved bill that would reauthorize domestic surveillance authorities. It was the first in a series of at least three amendment votes that senators agreed to in March.

Jeremy Scahill:

Great job to the 10 Democrats who voted *against* the Wyden-Daines amendment that would have prohibited FBI warrantless surveillance of web browser history. Special shout out to Bernie Sanders who didn’t show up to vote. It was defeated by *one* vote.

To be clear, McConnell’s amendment would expressly permit the warrantless collection of browsing and search history; the Wyden-Daines amendment that did not pass today would prohibit that.

Eight Years in, Messages on MacOS Still Sucks at Search

Manuel Grabowski (via Michael Tsai):

iMessage is eight years old. Never once in its entire existence has search on macOS (it’s such a long time that it wasn’t even called macOS back then!) worked properly. It is so ridiculously bad, there’s actually a third-party app that provides a functioning search. This total embarrassment of a situation is so old that said third-party app has been around long enough that I was still a student and too broke to buy the app back when I first heard of it. Instead, I built a poor man’s version myself – it’s just a simple SQLite database after all, nothing a few shell aliases couldn’t query quickly and efficiently. But apparently it’s still a problem too hard to solve for the almighty Apple.

There used to be a time where logs from what was then iChat were sensibly stored in ~/Documents/. I don’t remember whether iChat’s search was any good — the mere presence of Logorrhea suggests otherwise — but you could use Spotlight to search the folder and even preview chats with Quick Look.

In today’s MacOS, you can still search for message transcripts using Spotlight, but with several caveats. First, the transcripts are no longer in a user-friendly place like ~/Documents/, but are instead a couple of levels deep within ~/Library/. Second, while transcripts are named and categorized as you might expect — by chat participants and chronologically — attachments have an opaque organizational system. Third, SMS transcripts are not stored here; they only exist locally within a SQLite database. Fourth, you cannot use Quick Look to preview a transcript; and, fifth, when you open the transcript in Messages, it may be comprised of many days of discussion and will default to the most recent message, leaving you to scroll back and manually hunt for the chat in question. And, no, you cannot use ⌘-F in a chat preview window.

The search function within Messages itself is even worse. It is inaccurate, hard to use, and somehow incomplete.

Searching within iOS’ Messages app was a similar disaster for years, but it was radically overhauled in iOS 13. It’s not just better — it’s so great that it is hard to believe that both apps were created by the same company.

RSS Readers and App Store Requirements

Jesper, who you may remember from Waffle but is now writing at Take, has some thoughts on the bizarre new App Store requirements for default feeds in RSS readers that Brent Simmons is experiencing:

It would take an incredible balancing act to actually run an app store well. Apple has done the best job of it so far, but it’s still a tire fire that inhibits applications legitimate developers want to write. These events are not representative of every app review process ever, but they are representative of what happens when you have an app review process and you live in the real world. It doesn’t have to happen in most of the cases to be a disgrace and an impediment.

It has been said before but I will say it again: the biggest problem that the App Store faces is in the communication of shifting expectations. If, for whatever reason, Apple wants to interpret default feeds in a feed reader as a potential copyright issue, they ought to notify developers of the change and give them a chance to make adjustments.

Right now, developers do not find out about a change in App Store rules or the interpretation of existing rules until they submit an app for review. It’s a similar frustration that users face when launching an app only for it to demand an update: it’s a horrible experience to surprise users with a barrier between the action they took and the expected outcome. App updates should be silent, or offer an option to install when the app is next quit. Developers should be notified in advance of changes to the interpretation of rules in the App Store.

It is ludicrous that the App Store turns twelve years old in July and this fundamental problem remains unaddressed.

The Streaming Model for Music Doesn’t Work for Artists When They Do Not Earn Live Performance Income

Mark Mulligan is a music industry analyst:

Streaming has been the change agent that turned around 15 years of decline. But it also completely reframed artist income from recorded music. In the old sales model artists would get a large sum of money in a relatively short period of time. Streaming income is more like an annuity, a longer-term return where the music keeps paying long after release. In the old model artists had smaller but high-spending audiences. With streaming they have larger but lower-value audiences.

[…]

This model worked fine when live and merch were booming because more than three times as many monetised fans meant three times more opportunity for selling tickets and t-shirts. This of course is the ‘exposure’ argument streaming services are fond of, which works until it does not. Now that live and merch have collapsed, as the trope goes ‘exposure does not pay the rent’. The previously interconnected, interdependent model has become decoupled.

It is somewhat quaint to consider now that a record or CD that you played a hundred times cost more-or-less the same as one that you listened to once or twice. Both likely paid the artists approximately similar amounts, too.

Even in a streaming music economy, it’s not like your individual payment to your platform of choice is getting split along the ratio of the artists you listen to each month. That would be far too much effort. Instead, as I understand it, the subscription fees all go into one big pot which is divvied up amongst all rights holders relative to the total distribution of streams. Did you listen to nothing but your friend’s album last month? Unless your friend is Megan Thee Stallion or Travis Scott, they probably aren’t getting your $10 subscription fee.

There has never been a better time to support musicians directly. The next Bandcamp fee waiver day is June 5, and many artists sell merch and records on the web. You can still buy albums on iTunes, too, in the way your great aunt told you stories about.