Written by Nick Heer.

Meta Twists the Knife in the Backs of Laid-Off Employees

Jordan Novet, CNBC:

Facebook parent Meta Platforms said in its quarterly earnings statement on Wednesday that it has increased its share repurchase authorization by $40 billion.

In 2022 the social network operator bought back about $28 billion in stock, according to the statement.


Meta’s fourth-quarter results surpassed analysts’ revenue estimates, which helped send shares up more than 17% after hours.

Before increasing its buyback fund, it had nearly $11 billion remaining.

I am going to take a brave punt that shareholders were less jazzed about revenue modestly exceeding expectations and — and this is just a hunch — their excitement may actually come from this massive share buyback scheme, which comes just a few months after announcing the layoffs of thousands of workers. Paying for those severace packages is part of the $4.2 billion of “restructuring” costs from 2022, and Meta is reportedly not finished with dismissing staff. It sure looks cruel to spend another $40 billion to prop up the share price shortly after upending the lives of eleven thousand people — some of whom are probably in the United States on a work visa — but maybe I am too soft for capital-B Business.

Is It 1987 Again?

Harry McCracken:

Your 1987 tech update: Now that cell phones have dropped in price to $3,000, are just the size of a small briefcase, weigh only 10 pounds, and can run for two hours on a charge, they’re finally ready for prime time.

Kind of interesting to read the article McCracken is summarizing in the months before Apple is rumoured to begin production of its unannounced virtual reality headset. The first version of that product will, apparently, have an external battery pack which will permit two hours’ use, and cost about $3,000. An optimistic view is for this headset to be to the future of computing what 1987’s cellphones were to the iPhone of thirty years later. Whatever the case, it seems like this will be an interesting year ahead.

Recent Apple Updates Patch Privacy Vulnerabilities, One of Which Appears to Have Been Exploited

Rodrigo Ghedin:

iFood, Brazilian largest food delivering app evaluated at USD 5.4 billion, was accessing his location when not open/in use, bypassing an iOS setting that restrict an app’s access to certain phone’s features. Even when the reader completely denied location access to it, iFood’s app continued to access his phone’s location.

We got intrigued: how was iFood getting away with this?

An educated guess was revealed by iOS 16.3 release notes, launched on January 23th. Apple mentions a security issue in Maps in that “an app may be able to bypass Privacy preferences”. It’s CVE-2023-23503, submitted by an anonymous researcher and, so far, “reserved” in CVE’s system — which means details are pending to be published.

Ghedin reports his source found iFood was no longer monitoring their location after updating to iOS 16.3, indicating this app may have been using this loophole or a similar one.

Dan Goodin:

I wonder how long this vulnerability was in effect. There may have been massive amounts of location data that was collected without users suspecting a thing.

I do not want to spread fear or uncertainty, but it is hard to believe iFood would be the only app interested in using location data even if the user has opted out of it. There were several privacy-related bugs fixed in this most recent round of operating system updates.

Algorithmic Wage Discrimination in the Gig Economy

Roshan Abraham, Vice:

“Algorithmic wage discrimination allows firms to personalize and differentiate wages for workers in ways unknown to them, to behave in ways that the firm desires, perhaps as little as the system determines that they may be willing to accept,” [Veena] Dubal writes. The wages are “calculated with ever-changing formulas using granular data on location, individual behavior, demand, supply, and other factors,” she adds.

In a study combining legal analysis and interviews with gig workers, Dubal concludes that Prop 22 has turned working into gambling. From a driver’s point of view, every time they log in to work they are essentially gambling for wages, as the algorithm provides no reason why those wages are what they are.

In a statement to Vice, an Uber spokesperson vehemently denied the claims in Dubal’s preprint study, emphasizing that its pricing algorithms do not include “factors like a driver’s race [or] ethnicity”. From what I can tell, Dubal never makes any such claim in her study, only stating that automatic fare structures may exacerbate existing pay disparities.

No matter whether these fee structures were made more transparent, Dubal’s study acknowledges the dangers of normalizing them. She writes of jobs which already have unpredictable wages which could be worsened by a wider rollout of pay determined dynamically by a series of factors out of their control. “Gig economy” drivers may be the first to experience it, but you just know there are employers salivating at the thought of saving money by allowing computers to make constant adjustments to worker pay.

The Contagious Visual Blandness of Netflix

Haley Nahman:

To be clear, this isn’t about whether the movie was “realistic.” Movies with absurd, surreal, or fantastical plots can still communicate something honest and true. It’s actually, specifically, about how movies these days look. That is, more flat, more fake, over-saturated, or else over-filtered, like an Instagram photo in 2012, but rendered in commercial-like high-def. This applies to prestige television, too. There are more green screens and sound stages, more CGI, more fixing-it-in-post. As these production tools have gotten slicker and cheaper and thus more widely abused, it’s not that everything looks obviously shitty or too good to feel true, it’s actually that most things look mid in the exact same way. The ubiquity of the look is making it harder to spot, and the overall result is weightless and uncanny. An endless stream of glossy vehicles that are easy to watch and easier to forget. I call it the “Netflix shine,” inspired by one of the worst offenders, although some reading on the topic revealed others call it (more boringly) the “Netflix look.”

Like many people, I have been glued to the Last of Us series on HBO — trailer here. Even though it is a modern CGI-heavy show, its cinematography feels appropriately otherworldly, and different from much of what has been churned out of the prestige TV factory for years. It has never been easier to make something which looks expensive, if only fine — entriely premiocre. It is still just as hard as it has ever been to make something which is beautiful, unique, interesting, and memorable.

ChatGPT in Educational and Creative Contexts

Tyson Kendon has thoughts about ChatGPT and how its generated answers can be used in education:

I think the real wake up call here, is to create learning experiences that are relevant to the real students in the room with you right now. Build trust with them and show that you trust them. Let them participate in defining what they need to learn and how they’re going to evaluate what they’ve learned. You’ll have to support them in that process, navigating their own learning and the things they can learn, but if they’re doing the work they want to do then they’re not thinking about how they can get around the system.

The understandable worries about ChatGPT in education are an echo of the warnings I heard when I was in school and the web was growing. We were always taught not to trust anything we read on the internet because anyone could have written it, but that rule of thumb became untenable with more mainstream publishers on theweb. Recognizing how underpaid and overworked teachers are, I wish the focus was more often on media literacy instead of its medium. After all, books can be terrible and the web can be amazing.

Kendon’s article is an inspired look from an educator at how to work within this new paradigm instead of against it. The examples can elicit discussion and, perhaps, help students understand what is happening under the surface instead of trusting the too-convincing output.

(Via D’Arcy Norman.)

Truth Social Is Full of Junk Ads

Stuart Thompson, New York Times:

Ads from major brands are nonexistent on the site. Instead, the ads on Truth Social are for alternative medicine, diet pills, gun accessories and Trump-themed trinkets, according to an analysis of hundreds of ads on the social network by The New York Times.

The ads reflect the difficulty that several far-right platforms, including Rumble and Gab, have faced in courting large brands, preventing the sites from tapping into some of the world’s largest ad budgets. It could be particularly problematic for Truth Social. Although the site has gained influence among the far right, becoming a vibrant ecosystem brimming with activity, its business is in need of cash.

It is so weird because I have been reading for the past several years that platforms engage in careful moderation practices primarily to oppress and censor beleaguered voices like those on Truth Social, this being the very reason for the launch of that platform, Gab, and other apparently free speech absolutist sites. Knowledgeable people — or, as they are more often known, Marxist-Fascist Censorship Lovers Who Just Love Censoring So Much — have repeatedly articulated the economic rationales for moderation: a perceived free-for-all atmosphere can increase harassment and hate speech, which turns away users; most advertisers want a larger audience and do not want their product or service sandwiched between posts from white supremacists. But why should you believe them and also your own eyes? Go buy a copy of “The Kids’ Guide to Media Bias and Fake News” and some off-brand toenail cream today, patriot.

Twitter Tumbleweed Watch

Dave Karpf:

But that number — 42,000 Twitter followers — has begun to seem hollow. When I tweet something, it isn’t actually viewed by 42,000 individuals. It’s seen by the subset of those 42,000 people that happen to be staring at Twitter’s chronological timeline at the time I send the tweet, plus anyone who is shown the tweet through Twitter’s algorithmic timeline. And that reduced-megaphone turns out to be a lot less irreplaceable.


I didn’t reach 42,000 people by tweeting my article. I reached less than 3,000 people. And that has been pretty consistent. Unless I write something spicy that gets a lot of retweets, the view-counter tells me I’m reaching 2,000-3,000 people.

I am not sure there is anything new or notable here. I checked analytics for my own tweets going back about a year, over which time I have had about the same number of followers. There is little specific consistency in the number of views a given tweet will receive. Months-old tweets of mine with no likes or retweets have racked up higher view counts than other seemingly more popular tweets. The view count is often between 10–20% of my total number of followers when there are some likes but no retweets. Karpf’s is a lower proportion of his total followers, even with 14 retweets and 23 likes, but not radically so.

I have seen this article being shared widely today, but I am not sure there is any news here. Tweet view counts being nowhere near the follower count is as surprising as email open rates which are a fraction of a total subscriber base. However, now that view counts are public, it is possible to keep an eye on the reach of popular accounts over time.

Unified ID 2.0 Is the Hot New Privacy Violation on the Web

Brian X. Chen, New York Times:

When you browse the web, an increasing number of sites and apps are asking for a piece of basic information that you probably hand over without hesitation: your email address.

It may seem harmless, but when you enter your email, you’re sharing a lot more than just that. I’m hoping this column, which includes some workarounds, persuades you to think twice before handing over your email address.

First of all, this sort of thing will never be un-funny to me. What can I say? I like the simple things in life.

Second, I am not sure many people think their email address is an inconsequential piece of information. Not to undermine Chen’s reporting on the gross new standard known as Unified ID 2.0 and the myriad ways your email address is tied to your identity, but I think many people are wary of spam at the very least.

You must consider any of your contact information a personal identifier if you do not already do so. After all, how often do you change your email address or your phone number? But you should not need to — worthwhile privacy legislation would restrict their use and prevent the kinds of data enrichment companies that require us to treat simple contact details with the sensitivity of our Social Insurance Numbers.

You can opt out of UID 2.0. As an aside, when I dug around a little with some other opt-out options, I discovered that LiveRamp — previously mentioned — has a process for viewing the personal information it holds. To show me that information, it required me to enter my address, phone number, and email, then use a third-party service to upload pictures of the front and back of my driver’s license and send them a selfie. That service provider says it can use the information it collected on behalf of LiveRamp for, among other things, “operating and expanding our business activities”. Super.

Exposing Pegasus

PBS’ Frontline program and Forbidden Films jointly produced a two-part documentary about NSO Group’s Pegasus spyware and I think it is worth your time. The “Pegasus Project” — the umbrella title for the stories published by media outlets around the world — had its faults, but it was a shocking exposé of global misuse of a weapon that reverberates to this day. I am not sure if this documentary is region locked; I was able to view both parts in Canada without a VPN.

Thirtieth Anniversary Mac Icons

Robb Knight did a bang-up job converting that line art icon font from Apple’s thirtieth anniversary microsite into a series of SVGs. Looking at it now — with about a year to go until the Mac turns forty — it is funny to see each era of design so specifically outlined.

It is also a reminder that the titanium PowerBook which so clearly set the template for Apple’s current laptops was released closer to the original Macintosh than to today’s Macs. I am not sure I needed to be so aware of how time works this morning, but here we are.

Apple Could Maybe, Possibly Be Distancing Its Products From Google, but It Is Difficult to Tell Right Now

Patrick McGee, Financial Times:

Apple is taking steps to separate its mobile operating system from features offered by Google parent Alphabet, making advances around maps, search and advertising that has created a collision course between the Big Tech companies.


One of these people said Apple is still engaged in a “silent war” against its arch-rival. It is doing so by developing features that could allow the iPhone-maker to further separate its products from services offered by Google. Apple did not respond to requests for comment.

This is a strange article. The thesis, above, is that Apple is trying to reduce its dependence on Google’s services. But McGee cannot seem to decide whether Apple’s past, present, or future changes are directly relevant, so he kind of posits that they all are. Here, look:

The first front of this battle is mapping, which started in 2012 when Apple released Maps, displacing its Google rival as a pre-downloaded app.

The move was supposed to be a shining moment for Apple’s software prowess but the launch was so buggy — some bridges, for example, appeared deformed and sank into oceans — that chief executive Tim Cook said he was “extremely sorry for the frustration this has caused our customers”.

Apple Maps turns eleven years old in 2023, so it is safe to say that Apple adequately distanced itself from its reliance upon Google for maps, oh, about eleven years ago. Whether users have is another question entirely. The 3D rendering problems may have been the most memorable glitches, but the biggest day-to-day problems for users were issues with bad data.

So what is new?

Apple’s Maps has improved considerably in the past decade, however. Earlier this month it announced Business Connect, a feature that lets companies claim their digital location so they can interact with users, display photos and offer promotions.

While businesses have been able to claim their listing and manage its details for years, the recently launched Business Connect is a more comprehensive tool. That has advantages for businesses and users alike, as there may be better point-of-interest data, though it is another thing businesses need to pay attention to. But as far as ways for Apple to distance itself from Google, I am not sure I see the connection.


The second front in the battle is search. While Apple rarely discusses products while in development, the company has long worked on a feature known internally as “Apple Search”, a tool that facilitates “billions of searches” per day, according to employees on the project.

Now I am confused: is this a service which is in development, or is it available to users? To fit his thesis, McGee appears to want it both ways:

Apple’s search team dates back to at least 2013, when it acquired Topsy Labs, a start-up that had indexed Twitter to enable searches and analytics. The technology is used every time an iPhone user asks Apple’s voice assistant Siri for information, types queries from the home screen, or uses the Mac’s “Spotlight” search feature.

Once again, I have to ask how a feature eight years old means Apple is only now in the process of disentangling itself from Google. Apparently, it is because of speculation in the paragraphs which follow the one above:

Apple’s search offering was augmented with the 2019 purchase of Laserlike, an artificial intelligence start-up founded by former Google engineers that had described its mission as delivering “high quality information and diverse perspectives on any topic from the entire web”.

Josh Koenig, chief strategy officer at Pantheon, a website operations platform, said Apple could quickly take a bite out of Google’s 92 per cent share of the search market by not making Google the default setting for 1.2bn iPhone users.

There is no segue here, and no indication that Apple is actually working to make such a change. Koenig insinuates it could be beneficial to users, but McGee acknowledges it “would be expensive” because Apple would lose its effort-free multibillion-dollar annual payout from Google.

As an aside: an Apple search engine to rival Google’s has long been rumoured. If it is a web search engine, I have long thought Apple could use the siri.com domain it already owns. But it may not have to be web-based — it is plausible that searching the web would display results like a webpage in Safari, but it would only be accessible from within that browser, kind of like the existing Siri Suggestions feature. An idle thought as I write this but, as I said, the article provides no indication that Apple is pursuing this.


The third front in Apple’s battle could prove the most devastating: its ambitions in online advertising, where Alphabet makes more than 80 per cent of its revenues.

This is the “future” part of the thesis. Based on job ads, it appears Apple is working on its own advertising system, as first reported by Shoshana Wodinsky at Marketwatch in August. As I wrote then, it looks bad that Apple is doing this in the wake of App Tracking Transparency, and I question the likely trajectory of this. But this is, again, not something which Apple is doing to distance its platform from Google’s products and services, unless you seriously believe Apple will prohibit Google’s ads on its platforms. So long as Google is what it is to internet ads — by the way, stay tuned on that front — Apple may only hope to be a little thorn in Google’s side.

These three examples appear to fit into categories which seem similar but are very different. Business Connect for Apple Maps is not a competitor to Google Business Profile; any business is going to have to maintain both. There are no concrete details provided about Apple’s search ambitions, but it is the only thing here which would reduce Apple’s dependence on Google. Another advertising platform would give Google some competition and put more money in Apple’s pocket, but it may only slightly reduce how much advertisers rely on Google. It seems to me there are pro-competition examples here and there are anti-anti-competition arguments: the U.S. Department of Justice sued Google in September over its exclusivity agreements.

Anyway, speaking of Apple’s contracts with Google, whatever happened to Project McQueen?

Everybody Panic: A Finder Bug, Since Fixed, Was Sending Empty API Calls to Apple

Security researcher Jeffrey Paul was using a Mac without signing into iCloud and has blocked many internet-connected services using Little Snitch in MacOS Ventura 13.1:

Imagine my surprise when browsing these images in the Finder, Little Snitch told me that macOS is now connecting to Apple APIs via a program named mediaanalysisd (Media Analysis Daemon – a background process for analyzing media files).

That sure is surprising. The daemon in question is associated with Visual Look Up, which can be turned off by unchecking Siri Suggestions in System Settings. Given that Paul has done so, mediaanalysisd should not be sending any network requests. This is a privacy violation and surely needs to be fixed.

So Paul has found a MacOS bug, and has a couple of options. He can research it further to understand what information is being sent to Apple and publish a thorough but perhaps dry report. Or he could stop with the Little Snitch notification and spin stories.

Which do you think he did?

It’s very important to contextualize this. In 2021 Apple announced their plan to begin clientside scanning of media files, on device, to detect child pornography (“CSAM”, the term of art used to describe such images), so that devices that end users have paid for can be used to provide police surveillance in direct opposition to the wishes of the owner of the device. CP being, of course, one of the classic Four Horsemen of the Infocalypse trotted out by those engaged in misguided attempts to justify the unjustifiable: violations of our human rights.

I think you can probably see where this is going.


Some weeks later, in an apparent (but not really) capitulation, Apple published the following statement:

Based on feedback from customers, advocacy groups, researchers and others, we have decided to take additional time over the coming months to collect input and make improvements before releasing these critically important child safety features.

The media erroneously reported this as Apple reversing course.

Read the statement carefully again, and recognize that at no point did Apple say they reversed course or do not intend to proceed with privacy-violating scanning features. As a point of fact, Apple said they still intend to release the features and that they consider them “critically important”.

That was certainly true of this, the first statement Apple provided in response to the CSAM detection plans in September 2021, which media outlets accurately reported as a “delay” or “pause”. But in claiming the media erred and that Apple intends to continue building the feature, Paul cites a statement provided to Wired in December 2022 which reads:

“After extensive consultation with experts to gather feedback on child protection initiatives we proposed last year, we are deepening our investment in the Communication Safety feature that we first made available in December 2021,” the company told WIRED in a statement. “We have further decided to not move forward with our previously proposed CSAM detection tool for iCloud Photos. Children can be protected without companies combing through personal data, and we will continue working with governments, child advocates, and other companies to help protect young people, preserve their right to privacy, and make the internet a safer place for children and for us all.”

It is fair to report, as Wired and others did, that this constitutes Apple ending development of on-machine CSAM detection for Photos.

Paul does not stop there. He implies Apple has lied about stopping development, and this bug with Quick Look previews in Finder triggering the Visual Look Up process is proof it has quietly launched it in MacOS. That is simply untrue. Howard Oakley reproduced the bug in a virtual machine and saw nothing relevant in the logs and, when Mysk monitored this activity, it found the API request was entirely empty. It is an issue which appeared in MacOS 13.1 and Apple fixed this bug in 13.2, released earlier this month.

But if Paul is going to speculate, he may as well take those conclusions as far as his imagination will go:

Who knows what types of media governments will legally require Apple to scan for in the future? Today it’s CP, tomorrow it’s cartoons of the prophet (PBUH please don’t decapitate me). One thing you can be sure of is that this database of images for which your hardware will now be used to scan will regularly be amended and updated by people who are not you and are not accountable to you.

Nothing about these images was being sent to Apple when this bug was present in MacOS 13.1 despite what Paul suggested throughout this article. A technically savvy security researcher like him could have figured this out instead of rushing to conclusions. But, granted, there is still reason to be skeptical; even if nothing about users’ images have been sent to Apple by this bug, there is no way to know whether the company has some secret database of red flag files. This bug violated users’ trust. The last time something like this happened was with the OCSP fiasco, when Apple promised a way to opt out of Gatekeeper checks by the end of 2021. As of writing, any such option remains unavailable.

However, it is irresponsible of Paul to post such alarmist claims based on a tiny shred of evidence. Yes, mediaanalysisd was making an empty API call despite Siri Suggestions being switched off, and that is not good. But veering into a land of speculation in lieu of missing information is not productive, and neither is misrepresenting what little information has been provided. Paul says “Apple PR exploits poor reading comprehension ability”, yet his own incuriousity has produced a widely shared conspiracy theory that has no basis in fact. If you do not trust Apple’s statements or behaviour, I understand that perspective. I do not think blanket trust is helpful. At the same time, it is unwise to trust alarmist reports like these, either. These are extraordinary claims made without evidence, and they can be dismissed unless proven.

Smart Appliances From LG and Whirlpool Often Remain Disconnected From the Internet

Isabelle Bousquette, Wall Street Journal:

LG Electronics Inc. said that less than half of the smart appliances it has sold stay connected to the internet — a number it is actively working to increase, according to Henry Kim, the U.S. director of ThinQ, an LG platform primarily aimed at helping products leverage advanced technology.

Whirlpool Corp. said that more than half of its smart appliances remain connected, but the company declined to be more specific.

Amid pressure from weaker demand and rising materials costs, internet-connected appliances, including dishwashers and ovens that link to a customer’s home Wi-Fi network, could help manufacturers such as LG and Whirlpool recast what has traditionally been a one-time purchase business model into ongoing relationships with customers.

“Ongoing relationships” is a generous way to phrase what these companies would like to do with your credit card.

Via Charles Arthur, who writes:

I suspect some of those licences wouldn’t survive contact with the GDPR, it’s hard not to feel that this is just companies looking for upselling opportunities.

Bousquette cites leak detection capability, which Maytag apparently rolled out to its internet-connected washing machines. According to Maytag’s App Store listing page, that is not actually a built-in feature, but a way to connect the app to a third-party Wi-Fi connected leak detector from Resideo. Reviewers say Maytag’s smart services cost one dollar per month for which you get poor security practices, slow connectivity, bad VoiceOver compatibility, and frequent bugs. But if you get past all of those things, your washer can send you a notification when your load is finished.

Is there any wonder people are not falling head-over-heels for smart home devices and internet-connected appliances?

Court Paves the Way for Approval of Rogers–Shaw Merger

Pete Evans, CBC News:

Canada’s Federal Court of Appeal has rejected the Competition Bureau’s request to block the takeover of Shaw by Rogers, a decision that removes one of the final hurdles standing in the way of the $20-billion merger from going ahead.

The merger, first proposed in 2021, would see Toronto-based Rogers Communications Inc. take over Calgary-based rival Shaw Communications Inc. in a move that would further consolidate Canada’s top-heavy telecommunications sector.

A reminder that these two companies are not “rivals” in a meaningful sense. Someone living in Alberta cannot buy wired internet or cable TV services from Rogers and, as best as I can tell, someone in Ontario would be similarly unable to buy those services from Shaw. The same is true for Bell and Telus, the other two big players in Canada: wired Bell services are available in Ontario eastward, while Telus’ are offered from Manitoba westward. Residents of Northern Canada get screwed over no matter which major provider they choose.

Canada has been carved up by these telecom providers and there is no meaningful competition. It is true for cell plans and it is even more true for providers of wired communications. This merger will likely get final approval because it does not meaningfully change the competitive landscape in Canada, and that is an alarming picture in its own right: two of the biggest telecom providers in the country are being combined and we will see little change in service offerings.

Google to End Trial of Political Spam Loophole

Isaac Stanley-Becker, Washington Post:

Google plans to discontinue a pilot program that allows political campaigns to evade its email spam filters, the latest round in the technology giant’s tussle with the GOP over online fundraising.

The company will let the program sunset at the end of January instead of prolonging it, Google’s lawyers said in a filing on Monday. The filing, in U.S. District Court for the Eastern District of California, asked the court to dismiss a complaint lodged by the Republican National Committee accusing Google of “throttling its email messages because of the RNC’s political affiliation and views.”

To recap: a study found email from Republican candidates was more likely to be marked as spam in brand new email accounts, so Google launched a program to exempt political email from anti-spam measures, which Republicans ignored while continuing to send spam-like emails before suing Google, then the Federal Election Commission found Google’s spam filters had no political bias, and Google is now terminating the trial loophole program. This is silly and embarrassing for everyone involved.

This Opinion Piece Deriding People for Taking Too Many Selfies Has to Be Satire, Right?

Margaret Renkl, writing what I can only assume is a too-obvious impression of what some young people think old people think of them, which is the only reason I can think of for the New York Times to give it any space online:

“The camera is an instrument that teaches people how to see without a camera,” the great documentary photographer Dorothea Lange often said. That was surely true of Ms. Lange, whose iconic photographs of Depression-era migrants and urban bread lines captured the beauty as well as the profound anguish of the period.

Today we understand something essential about the grim existence of the poor nearly a hundred years ago in part because Ms. Lange, a successful portrait photographer, turned her lens away from wealth and used it to capture suffering. Even for the people of her time, her work was revelatory, urging downcast eyes to look up and out, to see — and truly register — the struggling.

I am not sure the world needs more poverty porn from any old smartphone user, but is it not just as honest for people to capture their day-to-day life now that many of us have cameras on us all the time? Apparently not, according to Renkl:

That’s not what the most frequently used cameras exist to do anymore. My son and daughter-in-law, who are frequent campers, have seen people queued up at least 50 deep to take phone selfies at popular national park waterfalls and rock formations.

I love this paragraph almost as much as the one which comes just four paragraphs later:

The self-portrait is a time-honored art form, of course, and there are good, even pragmatic reasons to point the lens inward. I love seeing my son and daughter-in-law smiling, cheek to cheek, in their travel photos. But the natural world does not exist for them primarily as a backdrop, and selfies aren’t the only photos they take. I also love seeing the gorgeous, miraculous world through their eyes. I wish social media were full of pictures of the gorgeous, miraculous world.

I am glad Renkl gets to see her son and daughter-in-law smiling on their travels; I am equally sure the families of those who are lining up to take their own selfie are just as thrilled. Does Renkl think everyone apart from her own family members are solely taking pictures of themselves? I guess she must, because she says it is the “most frequently used camera” and it is the subject of the only number referenced in this article:

[…] But in the context of the number of selfies taken every year — billions, according to Google — it’s worth considering what that impulse says about our culture and wondering what opportunities we are losing as a result.

Renkl here references a 2016 Daily Mail article which says the number of selfies uploaded to Google Photos in the first year of its availability was about 24 billion. That number is old, only reflects users of Google Photos, and is based on automated labelling according to Google’s own blog post — why Renkl did not cite the company itself instead of the Mail is a mystery — so it is probably an undercount. To Renkl’s credit, it does appear to be the latest number available. I found many newer articles claiming that 93 million selfies are taken daily, but that is a 2014 figure from Google estimating how many selfies are shared daily by Android users. Still, 93 million per day is around 34 billion annually, so I am happy to use that larger figure. I assume it has grown but I am unable to find a more recent source or bigger number. If it is close to true, it represents less than two percent of the number of pictures taken every year, if this composite estimate of 1.72 trillion photos annually is reasonably accurate.


I keep thinking of what it might be like if we all took the time to photograph such commonplace miracles. What it would be like if all the people with cameras in their pockets transformed themselves into documentary photographers — like Dorothea Lange, like Baldwin Lee — to make a collective record of a truth about the world that most people haven’t yet troubled themselves to see?

Has Renkl spent any time on Instagram, or Twitter, or Glass, or any other photo-dominated platform? Has she spent any time talking to anyone about what photos they take? Literally any time whatsoever.

As I said, this has to be satire. Either that, or Renkl actually believes everything she wrote above about how people take too many selfies — except her children — and the 98 percent of photos taken annually which are not selfies are not shared with the world and have no documentary use. And, somehow, she convinced someone at the Times to publish this, which would mean we would want to question the editorial discretion of the world’s most Pulitzer-awarded newspaper.

Tech Layoffs Have Impacted Over 70,000 People Since Summer

Ashley Capoot and Sofia Pitt, CNBC:

Google announced plans to lay off 12,000 people from its workforce Friday, while Microsoft said Wednesday that it’s letting go of 10,000 employees. Amazon also began a fresh round of job cuts that are expected to eliminate more than 18,000 employees and become the largest workforce reduction in the e-retailer’s 28-year history.

The layoffs come in a period of slowing growth, higher interest rates to battle inflation, and fears of a possible recession next year.

All the credit these companies are getting for their severance packages does little to mitigate how awful this is for tens of thousands of people who will be looking for a job, and who often found out they were laid off in cruel ways. But the investor class is happy because of course it is.

Following Up on a Question of Capability

I wanted to follow up on something I asked last year:

This is a good and wide-ranging interview that dances around a question I have been thinking about for a while now: what capabilities do high-performance products like these unlock for a creative professional? It is great to see how much faster they are at compiling applications or rendering video, but I wonder what new things people will attempt on machines like these which may have been too daunting before.

I published this in the context of the Mac Studio with its brand new and very powerful M1 Ultra chip, but I think it is just as relevant in the context of fast computers with very long battery life, like the new MacBook Pro models. With so much capability on a single charge, you can happily work away anywhere you want — on any project you can think of — without worrying about finding an outlet. It is the kind of thing which makes a laptop feel that much more portable and more powerful at the same time.

U.S. State Department Replacing Times New Roman With Calibri in Official Documents

John Hudson and Annabelle Timsit, Washington Post:

The U.S. State Department is going sans serif: It has directed staff at home and overseas to phase out the Times New Roman font and adopt Calibri in official communications and memos, in a bid to help employees who are visually impaired or have other difficulties reading.

It makes sense to switch to a sans-serif for accessibility reasons, but Calibri? Like switching from Dr. Dynamite to Mountain Lightning without considering that maybe both are awful. Microsoft Windows really is typographically bankrupt by default.

Canadian Cell Plans Are Embarrassing

If you live in just about any other developed country, you may not realize how good your cell providers are compared to what we deal with in Canada. This recent episode of CBC’s Marketplace covers everything: we pay more for less, competition is nonexistent, regulators fail to hold companies accountable, and plans are exploitative compared to anywhere else. They even cover little things, like how customers in Saskatchewan and Quebec pay less because of regional competitors.

I am not sure if this copy of the program is viewable worldwide or is region-locked, but if you have about twenty minutes and want to laugh and cry at Canada, check it out.

CNet’s AI-Powered Search-Optimized Money Machine

Mia Sato and James Vincent, the Verge, expanding upon last week’s story about titles owned by Red Ventures — including CNet — publishing computer-generated articles:

Red Ventures’ business model is straightforward and explicit: it publishes content designed to rank highly in Google search for “high-intent” queries and then monetizes that traffic with lucrative affiliate links. Specifically, Red Ventures has found a major niche in credit cards and other finance products. In addition to CNET, Red Ventures owns The Points Guy, Bankrate, and CreditCards.com, all of which monetize through credit card affiliate fees. The CNET AI stories at the center of the controversy are straightforward examples of this strategy: “Can You Buy a Gift Card With a Credit Card?” and “What Is Zelle and How Does It Work?” are obviously designed to rank highly in searches for those topics. Like CNET, Bankrate and CreditCards.com have also published AI-written articles about credit cards with ads for opening cards nestled within. Both Bankrate and CreditCards.com directed questions about the use of AI to Lance Davis, the vice president of content at Red Ventures; CNET’s disclosure also included Davis as a point of contact until last week.

This type of SEO farming can be massively lucrative. Digital marketers have built an entire industry on top of credit card affiliate links, from which they then earn a generous profit. Various affiliate industry sites estimate the bounty for a credit card signup to be around $250 each. A 2021 New York Times story on Red Ventures pegged it even higher, at up to $900 per card.

It seems to me there are actually two controversies here. The first is the publication of miserable articles generated by some computer program, but these are all bland crappy articles that nobody should be reading. The second concern is, I think, much worse: these are financial articles often presented as advice — on a technology news website, no less — which are designed to exploit search engines to get extraordinary kickbacks. Search engines are becoming worse and fundraising efforts like these and the Amazon Prime Day nonsense are contributing to their ruination.

It is unquestionably a hard time to be a publisher, online or in print. But it is bizarre to see credit card affiliate links and duplicates of the Wirecutter’s business model appear on seemingly every media outlet’s website. Why would I go to CNet to learn what the best engine oil is? Who at Red Ventures feels good about encouraging people to take on more debt so they can get a $250–900 kickback? It is offensive to me for that to be one of the currently reliable ways to keep the lights on at even respected news sites.

Twitter Makes Third-Party Client Ban Official

Karissa Bell, Engadget:

The “restrictions” section of Twitter’s developer agreement was updated Thursday with a clause banning “use or access the Licensed Materials to create or attempt to create a substitute or similar service or product to the Twitter Applications.” The addition is the only substantive change to the 5,000-word agreement.

The change confirms what the makers of many popular Twitter clients have suspected in recent days: that third-party Twitter services are no longer permitted under Elon Musk’s leadership.

There it is: nearly a week after disconnecting popular third-party clients without explanation or warning, Twitter has officially killed dozens of independent developers’ businesses. As I wrote earlier this week, it comes a little more than a year after Twitter began encouraging the development of third-party clients again. The Iconfactory put it well: it “didn’t expect to be writing [about the end of Twitterrific] so soon, though, and certainly not without having had time to notify you that it was coming”.

A disappointing move, made in a predictably disorganized and disrespectful way. This is how you ruin trust and soil a legacy. I do not know what this is like for you, but for the first time in sixteen years, I do not have a Twitter client in the dock on my Mac or on the first home screen of my iPhone.

Update: Tapbots says goodbye to Tweetbot.

Disk Usage and iCloud for Messages

The release candidate for iOS 16.3, available today for developers and rolling out next week, expands availability of Advanced Data Protection to customers worldwide. As I already had a beta version of that version on my iPhone, I figured I could take the opportunity and upgrade all my devices to the latest versions of their respective operating systems so I could enable ADP. But I hit something of a snag with my iPad, which was full.

If I told you its capacity — just 32 GB — that probably would not surprise you. But I store precious little on it: aside from a couple of movies and a small music cache, there is nothing on it. iPadOS consumes about seven of those gigabytes, which makes the product’s advertised capacity feel a bit disingenous, but I should have lots of space available. When I checked the iPad Storage menu, I saw the biggest source of my disk space problems: over 11 GB used by Messages.

This makes no sense. I do not often use Messages on my iPad. I have iCloud for Messages enabled, so my device should only be downloading messages and attachments as needed. It works that way on my iPhone, on which only 4 GB is consumed by Messages; on both my Macs, the Messages library folder is about 30 GB large, which is probably a complete archive.

You can change how long of an archive should be retained by Messages by changing the “Keep Messages” options in its settings. You can select from “30 days”, “1 year”, or “Forever”; I have it set to the latter. When you change that setting to a shorter timeframe, the following warning message will appear:

This will permanently delete all text messages and message attachments from your device that are older than 30 days [or “1 year”, if that is the option selected].

As written, this sounds like it is a way to control the cache of messages downloaded to your device. If “30 days” is selected, you should see only the past month’s worth of messages on your device and anything older than that will need to be downloaded on demand. But it is so much worse than that: because it syncs, it actually erases all messages in iCloud older than thirty days — permanently. This is the only warning you will get.

It arguably makes sense. iCloud for Messages is merely a syncing service — it will, in theory, match the state of your messages across all devices. But iCloud for Messages also kind of works like an ad hoc backup control: my iPhone clearly only has a subset of the messages on either of my Macs, but when I search for something, it will return results going back at least ten years. This works as expected. Whatever was happening on my iPad does not.

The “was” is important because there are no controls for managing iCloud for Messages. There is no way to purge the local cache from one device without those changes syncing across all devices. The only way I was able to install this software update was to restore my iPad and set it up from scratch. Yes, you can point and laugh at my iPad’s puny storage capacity, but it is a device Apple sold and officially continues to support. It should not work like this.

I see three problems here, all of them consequential but one clearly more serious than the others:

  1. iCloud for Messages has local caching bugs which can sometimes retain too much local storage for the device’s capacity, thereby preventing software updates.

  2. There are no ways to manually control a local iCloud for Messages cache. Apple has attempted to create a set-it-and-forget-it feature and, to its credit, it mostly works that way. But when it does not, there is no recourse.

  3. It is far too easy to permanently destroy user data. The warning which appears is unclear and its action does not match what is written.

I am not the first to write about these problems and I could swear I have mentioned them before — but I cannot find anything in my own archives. Steven Troughton-Smith pointed out the local caching bug, while Michael Tsai raised the lack of control. This could have been a catastrophe for my Messages history; I read plenty of stories today about people losing important memories because they changed this setting expecting it to only affect local copies.

I filed a bug report, of course.1 But I wanted to write this in the hopes it will appear in a web search, too, because I had a hard time finding a clear answer before asking. Changing the “Keep Messages” setting will affect what is stored across all devices if you use iCloud for Messages, and there is no way to undo it. If you set a shorter retention time, you will delete data in iCloud without any way of restoring it.

  1. FB11955286. ↩︎

Apple Announces Full-Size HomePod Mini

As previously mentioned, Apple announced a new HomePod model today, which it insists on referring to as the “HomePod” instead of a “HomePod Mini Max”. You might think I am being stupid — and I am — but this thing is closer to the Mini on the inside despite looking like the original model on the outside.

John Voorhees, MacStories:

The new HomePod has two fewer tweeters at five compared to the original’s seven. No mention is made of direct and ambient audio beamforming in the tech specs for the new HomePod, although it does support Spatial Audio and Dolby Atmos, which is a nice addition. The latest HomePod has four far-field microphones compared to the original’s six too.

In addition to the temperature and humidity sensor, the new HomePod also features an accelerometer and will support Sound Recognition later this spring with a software update. It’s not clear whether that software update will work with the original HomePod or not.

The new HomePod is also getting a WiFi upgrade with 802.11n support. The new model also includes a Thread radio and Ultra Wideband chip, which the original did not.

I am not sure I would frame 802.11n as an “upgrade” — the original model supported 802.11ac. It is closer to the HomePod Mini’s specs including its use of an S-series SoC from the Apple Watch instead of an A-series chip, and its inclusion of a temperature and humidity sensor which Apple is finally activating in the Mini.

This strikes me as a risky launch. I am sure it sounds great and works as expected, flaky Siri and all, but it is $300. That is just $50 less than the original model sold for before it was discontinued. Who was in the market for the HomePod but for it being $50 too expensive? Moreover, this launch comes on the tail end of stories of smart speakers being under-used. If all you want it for is typical voice control stuff, why not get the Mini? You could get three of them for the price of a single HomePod.

Weird product. I wonder how it will fare the second time around. I like the shout-out to Steve Steigman’s “Blown Away” in the video, at least.

Update: Sebastiaan de With has a great idea to make this product more interesting. A blue Dalmatian print would look great, too.

How Apple Tied Itself to China

Patrick McGee, Financial Times:

The supply chain ranking turned out to be an early indication of a profound shift in operations at Apple, which held the No.1 spot for the next seven years. In that time it became the world’s most valuable company, while placing itself at the centre of geopolitical tensions.

O’Marah began to learn that Apple was not really “outsourcing” production to China, as commonly understood. Instead, he realised that Apple was starting to build up a supply and manufacturing operation of such complexity, depth and cost that the company’s fortunes have become tied to China in a way that cannot easily be unwound.

McGee in a companion article about the difficulties Apple is facing in its attempts to extricate itself:

Apple’s dilemma on China is over two decades in the making, going to the foundation of its global success. For Cook, it’s personal. The operations guru was the architect of Apple’s China-oriented supply chain strategy, earning a reputation for obsessing over details that transformed its end-to-end management into the envy of the tech world.


China, according to some estimates, has more factory workers than Vietnam has people. The number of rural migrant workers in the country was 293mn in 2021, according to China’s National Bureau of Statistics, versus an entire population of 100mn in Vietnam.

Jenny Chan, co-author of Dying for an iPhone, which details the lives of Foxconn workers who assemble Apple products, points out that China’s labour infrastructure is uniquely supported by the state. At times it is all but mandatory, she says, with villagers and students bussed in to lend hands.

Allow me to embarrass myself for a paragraph. It is important for everyone to have a dream podcast project in their back pocket, right? That is a normal thing to think about, right? Anyway, mine was ambitiously something like “Parts Unknown” but for technology. I wanted deeply researched longform stories about the complex iteractions of computers and society. I will never make it.

But the reason I wanted to do that kind of a show is for this very pair of articles to exist. Lots has been written about Apple and its supply chain, yet precious little to this extent and with this contemporary framing. It is a thorny subject that often puts Tim Cook at its centre. The treatment of workers in China is often abhorrent; Apple often distances itself from those labour conditions by stressing the third-party nature of its manufacturing contracts despite working hand-in-glove with them. For twenty years, this has been among the most shameful aspects of Apple’s business.

Even if Apple’s management was not embarrassed by its frequent deference to government in an attempt at diplomacy — and it should be — it seems ashamed of its difficulty in a shortage of some iPhone models in its most important quarter. I wish it felt more like the former was the reason for rumours about its attempts to find manufacturing bases elsewhere, but I am afraid it is the latter.


Brandon Bigley, writing about that short pro-themed video toward the end of today’s M2 Mac announcements:

It’s a great ad that gets to the heart of why I’ve found Apple’s computing lineup so exciting since making my own switch way back when: It all feels frictionless due to the attention given to nuances like battery life. The big question for viewers, extrapolated out, is that if this laptop can cater to three super-users and survive an entire day’s workload on a single charge, can you even imagine what’s possible for yourself?

Apple’s M-powered MacBooks have redefined what it means to have “all-day battery life”. When I can encode video and edit photos without having to think about finding an outlet, it adds capabilities which cannot be expressed in terms of speeds and feeds. It feels powerful.

Joshua Topolsky to Do That Thing He Does Again, Again

Sara Fischer, Axios:

Retail trading platform Robinhood is launching an independent media brand called Sherwood that will be led by veteran tech editor and media entrepreneur Joshua Topolsky.


“It’s a significant, long-term investment,” Topolsky said when asked about Robinhood’s commitment to the new outlet. There are “a lot of resources being dedicated to this project.”

I am guessing a broadly 1980s aesthetic from Code and Theory with lots of colour, a launch portraying it as “weird” and “trying something new”, some kind of storytelling gimmick, and a lifespan frustratingly short for the talented staff he will hire. Just a spitball.

M2 Mac Mini and MacBook Pro Updates


Apple today announced M2 Pro and M2 Max, two next-generation SoCs (systems on a chip) that take the breakthrough power-efficient performance of Apple silicon to new heights. M2 Pro scales up the architecture of M2 to deliver an up to 12-core CPU and up to 19-core GPU, together with up to 32GB of fast unified memory. M2 Max builds on the capabilities of M2 Pro, including an up to 38-core GPU, double the unified memory bandwidth, and up to 96GB of unified memory. Its industry-leading performance per watt makes it the world’s most powerful and power-efficient chip for a pro laptop. […]

As rumoured, today brought some new Macs. The M2 and M2 Pro Mac Minis replace the Intel and M1 Mac Mini models, and there are some new versions of the MacBook Pro, too.

In addition to the above press release, these new chips were introduced in a mini keynote-style video. It includes a couple of fun videos showing how these new Macs perform with real-world users.

Yining Karl Li:

Last month, Apple asked Sam Cannon, Matt Puchala, and I what we could each make on the new M2 Max MacBook Pro on a single battery cycle. This was super fun and working with Sam and Matt and was super inspirational!

I am interested to see how these Macs perform absent the context of an Apple ad. Based on the difference between the standard M1 and M2, it seems like the advantages may perhaps be in efficiency more than they are in pure performance.

Stay tuned; I hear this is not the only Apple announcement for the week.

TikTok Is Still Attempting to Convince U.S. Regulators of Its Independence

Georgia Wells and Stu Woo, Wall Street Journal:

The talks with U.S. officials and lawmakers have become more urgent for TikTok in recent months as federal and state politicians made moves to ban the app on government-issued devices. Congress is also considering a bill that would ban TikTok in the U.S. Lawmakers cite concerns that Beijing could access U.S. users’ data on TikTok, or shape what Americans see on the platform — accusations that the company has denied.

TikTok is hoping that details of its planned reorganization — and promised measures to ensure oversight of its content-recommendation algorithms — will convince potential allies in Washington of its ability to operate independently of its parent company, China-based ByteDance Ltd., according to the people familiar with the discussions.

Even if TikTok can prove it is a truly independent company without a single lingering connection to ByteDance, will regulators and China hawks be convinced? TikTok has not done itself any favours by admitting it lied about monitoring journalists in an attempt to discern their sources.

Rumour: New Stuff From Apple Tomorrow

Chase Miller, 9to5Mac:

Apple could be making its first announcement of 2023 as soon as tomorrow, sources say. The company is holding Mac-related briefings with influencers and select members of the press this week, and an announcement could be made via Apple’s Newsroom website on Tuesday…

I did not trim anything off the end of this paragraph; that is just the weird 9to5 house style.

Stephen Hackett:

My money is on M2 Pro/Max MacBook Pros and an M2 Mac mini, all announced via press release.

Sounds like a new HomePod might be in the cards, too. It is a little early in the year for new hardware, but I like how the rumours and speculation have already begun for 2023.

No Dignity, No Communication, No Trust

Craig Hockenberry:

What bothers me about Twitterrific’s final day is that it was not dignified. There was no advance notice for its creators, customers just got a weird error, and no one is explaining what’s going on. We had no chance to thank customers who have been with us for over a decade. Instead, it’s just another scene in their ongoing shit show.

But I guess that’s what you should expect from a shitty person.

About a year before the acquisition of Twitter was closed, the company was reacquainting itself with third-party developers, including those which make general-purpose clients. It has been days since those developers have been kicked off the platform in a deliberate and targeted manner. Twitter has yet to offer any explanation or even a public acknowledgement of this change. Why should anyone trust its management?

The ‘This Is Fine’ Decade

Ryan Broderick:

But the comic “On Fire,” by KC Green, two panels of which became the meme probably better know as the “This Is Fine” dog, is a bit different. It has a known creator and it was created with an intended purpose and it has, in many ways, grown over time and in a way that is totally in line with its original meaning. In other words, it’s piece of art and has aged exactly like all good pieces of art. Though, that doesn’t make its legacy simple to deal with.

In a recent Tumblr post, Green reflected on a decade of “On Fire,” and explored some of the bizarre existential questions that come from being the sole originator of a piece of internet canon. “When a work gets as big as this has, is it still yours,” Green asks. “I got lucky being able to ride it out a little. But it’s not perfectly in my grasp.”

You know that Iconfactory post I just linked to? Look at the illustration.

Popular Third-Party Twitter Clients Have Been Broken Since Last Night

The Iconfactory:

Last night at about 7:30pm PST, Twitterrific customers started reporting problems accessing Twitter via the iOS app.

News quickly spread on Twitter and Mastodon that a wide range of third party apps like Twitterrific, Tweetbot, Echofon, and many others had been disabled. Strangely, Twitterrific for macOS continues to work normally. We cannot say for certain why some clients are unaffected, but it seems possible that there is a new (seemingly unstated and unannounced) policy that is only being applied to apps with large numbers of users.

It has now been about eighteen hours since some third-party Twitter clients began throwing errors without any public communication from its mercurial owner, any of the official company accounts, or — apparently — any private news to developers. The apps I most often use no longer appear in my connected apps list.

Given Twitter’s ownership, I am not surprised by the lack of an announcement or even acknowledgement of this problem, but I am concerned. Is it a bug? Is it deliberate — a way to force people to use the official app with ads and its algorithmically-sorted timeline? Is it related to the API vulnerability that reportedly led to the disclosure of personal data for hundreds of millions of Twitter users, a claim which Twitter disputes? It sure feels like it could be any of these options. While fears about Twitter’s sudden demise were overstated, it sure looks from the outside like the foundations of the platform are crumbling.

Update: According to Erin Woo of the Information — as summarized by Abner Li of 9to5Google and John Gruber — this move was made deliberately but without any public communication. It is offensive to developers to leave them in the dark, and shows the contempt the new management has for many of Twitter’s most ardent and supportive users.

Apple Maps Guides

Adam Chandler:

Some of my gripes with Maps on iOS 16:


Guides, they are prominently featured on the floating tile where you would search but I truly don’t know why. I’ve tried to use them but I don’t really care what a famous chef likes to eat when she’s in Atlanta. I’m nowhere near Atlanta.

For once, a criticism about Apple Maps that has nothing to do with its points-of-interest data.

I have been meaning to write about Guides for a while and this jogged my memory. Apple says “Guides help you find amazing things to see and do in cities around the world” which sounds, to me, like a way to explore my city or at least stuff in my general area. But the first Guide suggested for me when I pull up the search card is “National Parks Perfect for Stargazing”, which only contains parks in the United States. The others are similarly international.

It took me a while to find any Guides for Calgary — where I live — because there is no way I can see to search for them. In addition to the random assortment suggested on the search card, there is a massive list sorted by creator, and select cities can be found on an Explore card — but Calgary is not one of those cities. However you might see Guides listed on the results card if you search for a city. That is, if I want to find suggestions for great pasta spots in Calgary, I need to search for the city I live in and then scroll down the card to find relevant guides. I find that unintuitive, to say the least.

Right now, Guides in Maps feels like an unrealized marketing idea instead of a user-facing feature which means it is, as Chandler writes, more intrusive than helpful. Most of the time, I just want to know when a local business is open and how to get there. Anything that makes it feel like those tasks are secondary is unwelcome.

What Phone Cameras See in 2023

Marques Brownlee:

As I’ve already mentioned, these smartphone cameras are so much [about] software now that the photo that you get when you hit that shutter button isn’t so much reality as it is this computer’s best interpretation of what it thinks you want reality to look like.


When you snap that photo on your phone, you’re not necessarily getting back a capture of what was really in front of you. They’re really bending it, in many ways. The iPhone’s “thing” is: when you take a photo, it likes to identify faces and evenly light them. It tries every time.

Sebastiaan de With in his November review of the iPhone 14 Pro’s camera system (previously linked):

This is a ‘clever’ step in iPhone photography processing: since it can super-rapidly segment the image in components, like human subjects, it can apply selective adjustments. What matters is the degree of adjustment and its quality. I was a bit disappointed to find that this adjustment seems to be equally heavy-handed as the previous iPhone: I have honestly never seen it make for a better photo. The result is simply jarring.

Federico Viticci:

That’s precisely the issue here. The iPhone’s camera hardware is outstanding, but how iOS interprets and remixes the data it gets fed from the camera often leads to results that I find … boring and uninspired unless I manually touch them up with edits and effects.

The camera system in the iPhone XS was the first time Apple marketed its computational photography efforts with Smart HDR and, perhaps not coincidentally, it was also the first time I can remember there being complaints about over-processed images. The quirks kept coming: last year, the New Yorker carried an article about unnatural-looking iPhone photos.

Michael Tsai:

I wish Apple would offer a way to adjust how aggressive the processing is and/or bring back the Keep Normal Photo option.

Maybe I should be using a third-party camera app, but I haven’t seen this particular option in Halide — I don’t want to save huge RAW files — and there’s still no true way to change the default camera app.

After I watched Brownlee’s video, I wondered if it would make sense for someone to create a third-party camera app focused on having a lighter touch on processed images. I do not know enough about the camera APIs to understand if this is plausible. But, interestingly, there is a setting in Halide to save only processed HEIC photos, and there is another setting to turn off Deep Fusion and Smart HDR; Deep Fusion is Apple’s term for improving texture and detail in lower-light photos. That gets partway toward what I want to see.

I tested the effects of this setting by taking two photos on my iPhone 12 Pro in Halide: one with the “Smartest Processing” toggle on, and another of the same scene with it switched off. I found turning it off creates a situation that is the worst of both worlds: the dynamic range and detail of photos is noticeably compromised, but photos are still passed through the same overly aggressive noise reduction system as any other image. In a photo of my unlit dining room against a nearby window, the wood grain of the table was evident in the photo with the “Smartest Processing” turned on, as was the crisp edge of the table top. When “Smartest Processing” was turned off, the table was rendered as a brown smear and the edge was uneven. Images with “Smartest Processing” turned on sometimes appear oversharpened, but they are overall a better interpretation of the scene.

I also tested this with some photos of my partner, including in dramatic light. I did not see the bizarre face flattening that Brownlee saw, but the highlights in each example were handled in ways where neither the “Smartest Processing” version nor the less processed version appeared correct.

The problems do not appear to be a form of overprocessing as much as they are unnatural or unexpected results of processing. Deep Fusion is great; Portrait Mode, as an option, is often excellent as well. But some of the selective enhancements made by the iPhone — the way it slices a scene into individual components for separate adjustments — sometimes fail to resolve in a satisfying final photo. Again, I tested that one toggle in Halide on my iPhone 12 Pro, and there are probably major differences in photos from any more recent iPhone. There are also many components of the iPhone’s image processing pipeline that have nothing to do with that toggle. However, the same kinds of complaints are being raised by iPhone 14 Pro users, and it has a larger high-resolution sensor and lots more processing power.

I am on an approximately three-year iPhone upgrade cycle and, so, I hope Apple relaxes its unnatural photo processing engine in the 15 Pro models. There is a vast middle ground between the completely unprocessed RAW images nerds like me enjoy working with and the photos produced by the default Camera app. There is room to create images with more character that are better representations of the scene. Sometimes, the imperfections in a photo — the grain, some slightly blown-out highlights, white balance that is way too warm — are what gives it an emotional quality, and trying to smooth those things out can make it feel sterile and inhuman.

Computers are good at taking very precise instructions literally, and there are many ways in which the digital versions of things are superior to their analogue counterparts. But that does not always make them better. It is tangential, but I am reminded a little of the problem of iTunes’ shuffle function, which would always play songs as jumbled as a computer’s random number generator could determine. However, users hated when two songs from the same artist would play back-to-back because it felt less random. So Apple introduced Smart Shuffle, which decreased randomness to create a more varied experience that felt completely random. Sometimes, the result to strive for is the one that is not technically correct but feels the most correct.


I have once again been on an “Only Connect” binge, through which I learned about PuzzGrid. You can play the wall round in user-submitted games. My only complaint is the vast gulf between the best “Hard” games, which are often not as difficult as you might expect, and the wildly difficult “Fiendish” ones. Otherwise, it follows the same rules as the show and is a truly delightful find. I found it difficult to stop playing today.

Microsoft Acquires Fungible, and There Is a Twist

Kyle Wiggers, TechCrunch:

In December, reports suggested that Microsoft had acquired Fungible, a startup fabricating a type of data center hardware known as a data processing unit (DPU), for around $190 million. Today, Microsoft confirmed the acquisition but not the purchase price, saying that it plans to use Fungible’s tech and team to deliver “multiple DPU solutions, network innovation and hardware systems advancements.”

According to the press release, the Fungible team will be joining Microsoft. Not interesting enough? Here is the kicker paragraph:

Fungible was launched in 2016 by Bertrand Serlet, a former Apple software engineer who sold a cloud storage startup, Upthere, to Western Digital in 2017, alongside Krishna Yarlagadda and Juniper Networks co-founder Pradeep Sindhu. Fungible sold DPUs that relied on two operating systems, one open source and the other proprietary, and a microprocessor architecture called MIPS to control flash storage volumes.

I think that means Bertrand Serlet is joining Microsoft. Yes, that Bertrand Serlet, in case you got your Bertrands Serlet mixed up and, for some reason, decided to call him “a former Apple software engineer” instead of “the Microsoft Aero fan”. (Via Elle.)

Titles Owned by Red Ventures Are Publishing Articles Generated by AI

Frank Landymore, Futurism:

CNET, a massively popular tech news outlet, has been quietly employing the help of “automation technology” — a stylistic euphemism for AI — on new wave of financial explainer articles, seemingly starting around November of last year.

In the absence of any formal announcement or coverage, it appears that this was first spotted by online marketer Gael Breton in a tweet on Wednesday.

Red Ventures, which owns CNet, is doing the same on a couple of other publications it owns including Bankrate and its subsidiary Creditcards.com. However, its disclosure is more transparent on articles from the latter. Red Ventures should use a similar acknowledgement elsewhere instead of burying it on the author profile page.

Update: CNet posted a massive correction to the fundamental concepts in its article about compound interest, even though these generated stories are apparently reviewed by a real person before publication.

The Intercept Obtains Surveillance Footage of Tesla Crash on Bay Bridge

Ken Klippenstein, the Intercept:

Highway surveillance footage from Thanksgiving Day shows a Tesla Model S vehicle changing lanes and then abruptly braking in the far-left lane of the San Francisco Bay Bridge, resulting in an eight-vehicle crash. The crash injured nine people, including a 2-year-old child, and blocked traffic on the bridge for over an hour.

I have seen an awful lot of people blaming this crash on the cars behind the Tesla following too closely. But watch the video carefully: the Tesla moves from the second lane into the first at low speed, cutting off the first car involved in the crash from about four or five car-lengths. It appears the Tesla driver was using one of its autonomous systems at the time; there are conflicting reports about which erroneously named option — of “Autopilot” and “Full Self Driving” — was engaged.

Jason Torchinsky, the Autopian:

This isn’t news to people who pay attention. It’s been proven since 1948, when N.H. Mackworth published his study The Breakdown of Vigilance During Prolonged Visual Search which defined what has come to be known as the “vigilance problem.” Essentially, the problem is that people are just not great at paying close attention to monitoring tasks, and if a semi-automated driving system is doing most of the steering, speed control, and other aspects of the driving task, the human in the driver’s seat’s job changes from one of active control to one of monitoring for when the system may make an error. The results of the human not performing this task well are evidenced by the crash we’re talking about.

I think it’s not unreasonable to think of Level 2 driving as potentially impaired driving, because the mental focus of the driver when engaging with the driving task from a monitoring approach is impaired when compared to an active driver.

I think this argument is worth considering. These semi-autonomous systems are playing the same sort of trick as ChatGPT: they offer a convincing but shallow impression of a competent driverless car without any broader context to fall back on.

Exits and Exiteers

Hari Kunzru, Harper’s:

Ironically, the digital frontier of the Nineties, which for a while was the great hope for exit, was enclosed by men like [Peter] Thiel, who have created a landscape of corporate walled gardens that hasn’t fulfilled the utopian potential of the early internet. The dreams of collaborative software building, universal privacy guaranteed by strong encryption, autonomy, chosen community, and an escape from scarcity — in short, the professed ideals of West Coast libertarianism — have taken a back seat to the imperative to track, extract, and monetize. Instead of a global consciousness, we have a giant machine for selling ads. Since the internet is no longer the delirious, much-desired outside, the space of libertarian freedom must apparently be redefined yet again. Thiel’s aristocratic characterization of exit as an escape — not from a place or from the state, but from politics and the “unthinking demos” — explains much of the chaos of today’s public scene, not just in the United States, but around the world.

As Kunzru writes, the cost of those — like Thiel — who wish to exclude themselves from society while reaping all its benefits is borne by the rest of us.

Experian Was Barely Trying to Protect Individuals’ Credit Reports

Brian Krebs:

Annualcreditreport.com begins by asking for your name, address, SSN and birthday. After I supplied that and told Annualcreditreport.com I wanted my report from Experian, I was taken to Experian.com to complete the identity verification process.

Normally at this point, Experian’s website would present four or five multiple-guess questions, such as “Which of the following addresses have you lived at?”

[Jenya] Kushnir told me that when the questions page loads, you simply change the last part of the URL from “/acr/oow/” to “/acr/report,” and the site would display the consumer’s full credit report.

Oh come on. This is an elementary error for any gated service to make, let alone one with as much information as is held by a credit reporting agency like Experian. In the wake of the Equifax breach, Experian was running ads promoting its identity theft protection services — promises that are laughable in the wake of this vulnerability.

Stories From NYT Readers About Their Use of Amazon Alexa Devices

Hanna Ingber, New York Times:

We decided to ask readers how they use and interact with Alexa and how the technology fits into their lives. Nearly 200 people in the United States and Europe responded.

Those who relied on the voice assistant said they used it mainly for mundane tasks such as setting timers and checking the weather. Many said they had grown attached to Alexa and missed it when they were away. Most said they did not use Alexa to help them with shopping. Others told us, just as emphatically, that they would never use an Alexa device.

Amazon U.K. released a list of commonly asked questions in 2022 and its use has not much changed from a 2018 survey. If anything, the 2022 list of frequent requests makes it sound often like a children’s toy, with nursery rhymes topping the most requested songs to be sung and a top ten list of farts.

The stories relayed by Ingber which I found myself most struck by are those from or about elderly people who use their voice devices for all kinds of tasks large and small. I am sure Amazon knows about these uses, but it highlights for me how little sense it makes to offload this kind of care to businesses that can pull the plug at any time. I do not blame any of the individuals here — Ingber includes the story of someone who uses Alexa devices to help take care of a parent with dimentia — but it is upsetting to know a loss-leading product could be discontinued and leave these users abandoned.

Dell and Samsung Announce New Displays at CES

Adam Engst, writing at TidBits in 2018:

In short, the LG UltraFine 5K Display appears to be the only 5K display you can buy today, and you would have to order it online, sight unseen. If you can wait, it’s possible that LG will have a new model, and Apple has said that it will be releasing an Apple-branded professional display alongside the revamped Mac Pro in 2019. Apple has said nothing about specs, but it’s hard to see the company selling a screen that doesn’t at least match up to its iMacs.

Apple did indeed launch a famously expensive display alongside the 2019 Mac Pro, followed by a less costly option last year. Even with Apple’s own-brand entries, there have been painfully few options for anyone who would like to a higher density display than the industry standard 27-inch 4K models allow.

Dan Siefert, the Verge:

That, of course, was until this week, when Samsung and Dell both announced new monitors clearly meant to appeal to Mac users. These new screens aren’t just run-of-the-mill 4K panels with USB-C ports and white plastic — they have the actual high-res pixel densities that work best with macOS and match the sharpness of Apple’s displays. They also offer the “whole package” of integrated webcam, microphone, and speakers that Apple sells with the Studio Display, providing a whole desk setup through one cable.

Samsung’s is a 27-inch 5K model of exactly the same density as Apple’s Studio Display or the now-departed big iMac, while Dell’s is a 32-inch 6K model comparable in size and density to the Pro Display XDR. Why it has taken so long for other options remains a great unanswered question, as does — so far — the pricing of these new displays.

The Curse of Free

Rupert Goodwins, the Register:

Amazon is burning billions on Alexa because voice assistants need massive infrastructure but can’t be monetized. Google Cloud is $700 million in the red as of last earnings and heading south to a state of madness like a New Jersey retiree. These are mature products in saturated markets. You don’t need an MBA to know what will happen. But even the dean of Harvard Business School can’t say when.

[…] Google is notably brutal in pulling the plug on popular services it considers no longer interesting, but surely Gmail would be impossible to shrug off. And it must be profitable, with all those users. Right?

It is very far from clear that it is. Google isn’t saying. Gmail, like G Suite-cum-Workspace and the whole bouquet of user and business-facing appified services, is reported as part of Google Cloud, which is losing a lot of money now and perhaps a lot more next year. There are subscription models and a little advertising which will be making some money. Clearly not enough.

Google famously baits its users into its free service offerings before either killing them off or beginning to charge for them. I do not think Gmail is at risk of going away or becoming payware, though. As commenter LDS writes, getting users to log into Gmail is an effective way to ensure they remain connected to their Google account across the web. Whatever Gmail costs, I bet Google makes that up in the volume of tracking it enables, especailly as it begins migrating its services to its root domain.

Goodwins’ post reminded me of the other curse of free-to-user services, though, which is their inherently predatory quality. Google was able to buy up a bunch of other companies to create Google Maps, which it then offered free — a move that benefitted both users and Google itself. But it also put a damper on the rest of the industry as few substantial competitors to Google Maps existed for the better part of a decade following its launch. Not only did Google boost its other businesses through mapping data — for example, being able to show nearby business results in search — it also offered developer integrations and API keys. After few major competitors remained and even high-budget attempts like Apple’s were struggling, Google dramatically increased pricing for developers. Today, the landscape looks a little different with Apple’s increased dedication and third-party efforts like Felt, but we should not ignore how dangerous it is for deep-pocketed companies to undercut competitors through pricing schemes like these.

Cyberattack on the Guardian

Speaking of the Guardian, it is apparently the victim of an ongoing attack which is primarily affecting its print and office systems.

Max Tani, Semafor:

Guardian staffers who spoke to Semafor said there seemed to be a distinction between the systems that were working and those that continued to be shuttered. The paper’s email and digital publishing systems have operated normally.

But some of the more antiquated systems, including company expenses and some elements of print production, remain buggy. Columnist picture bylines have disappeared in print for the moment as the result of the hack, a blow for some of the egos of the paper’s opinion writers.

It sounds like even most staff at the paper do not have a good sense of what is going on despite the attack beginning weeks ago.

Apple Launches Audiobooks Voiced by Digital Narrators

Leyland Cecco, the Guardian:

Apple has quietly launched a catalogue of books narrated by artificial intelligence in a move that may mark the beginning of the end for human narrators. The strategy marks an attempt to upend the lucrative and fast-growing audiobook market – but it also promises to intensify scrutiny over allegations of Apple’s anti-competitive behaviour.


On the company’s Books app, searching for “AI narration” reveals the catalogue of works included in the scheme, which are described as being “narrated by digital voice based on a human narrator”.

Apple says it is starting with fiction and romance titles and, of course, in English only.

In addition to the examples on Apple’s website, I listened to a random selection of previews in Apple Books. They are good and often convincing. But I do not think this is what listeners ought to receive when they spend real money on an audiobook. These voices are only a little better than Apple’s screen reading voices, available in each platform’s Accessibility preferences. “Better than nothing” is not the most compelling argument for me, but I suppose it is inevitable; Google has offered a similar service since last year.

On Internet Silos

Monique Judge, the Verge:

In the beginning, there were blogs, and they were the original social web. We built community. We found our people. We wrote personally. We wrote frequently. We self-policed, and we linked to each other so that newbies could discover new and good blogs.

I want to go back there.

Good news for my readers: you are already there.

Manuel Moreale:

[…] The more I think and read about it, the more I’m convinced that there’s no solution to the centralisation issue we’re currently facing. And that’s because I think that fundamentally people are, when it comes to the internet, lazy. And gathering where everyone else is definitely seems easier. It’s also easier to delegate the job of moderating and policing to someone else and so as a result people will inevitably cluster around a few big websites, no matter what infrastructure we build.

One thing Judge does not really mention is how, pre-social media, it used to be difficult to make people aware of your blog. You could write and publish all you wanted but it sometimes felt Sysephian when your only audience were a handful of real-life friends and the few people who clicked on your profile on a forum, often leading to ill maintenance. Apologies for not posting in a while were a recurring theme.

Now we have the opposite problem: it is so easy to find other people and everything they have ever posted to a platform that it is, itself, a problem — recall Chris Hayes’ “On the Internet, We’re Always Famous”. That does not mean blogging went away — I do not think it did — but it changed form and became a stream-of-consciousness on someone else’s website against which ads for cereal and crappy cookware could be sold. To build upon what Moreale writes, the people who actually want to maintain a website are a minority. Even if you use that Squarespace offer code to get “your own” website, you are still publishing on a third-party platform.

By all means, please start your own blog and encourage others to do so. But let us not pretend this is what most people actually want to be doing. We are all busy and maintaining a website when the house needs to be cleaned and people need to be fed is a terrible waste of time. Silos suck over the long term, but at least they are easy.

These are good companion pieces to the (previously linked) “Stop Talking to Each Other and Start Buying Things”.

Irish Data Protection Commission Rules Meta Exploited Contract Provision of GDPR to Illegally Coerce Users Into Personalized Ads

The Data Protection Commission of Ireland has issued its judgement in a case brought against Meta — then Facebook — when GDPR came into effect nearly five years ago:

Meta Ireland considered that, on accepting the updated Terms of Service, a contract was entered into between Meta Ireland and the user. It also took the position that the processing of users’ data in connection with the delivery of its Facebook and Instagram services was necessary for the performance of that contract, to include the provision of personalised services and behavioural advertising, so that such processing operations were lawful by reference to Article 6(1)(b) of the GDPR (the “contract” legal basis for processing).

The complainants contended that, contrary to Meta Ireland’s stated position, Meta Ireland was in fact still looking to rely on consent to provide a lawful basis for its processing of users’ data. They argued that, by making the accessibility of its services conditional on users accepting the updated Terms of Service, Meta Ireland was in fact “forcing” them to consent to the processing of their personal data for behavioural advertising and other personalised services. The complainants argued that this was in breach of the GDPR.

The Data Protection Commission has fined Meta a total of €390 million and requires its services to be compliant within three months. Perhaps just as important is that it appears the GDPR logjam is slowly beginning to loosen.

Noyb, which helped bring these complaints to the attention of regulators, has responded on its blog, as did Meta. The latter’s response is interesting to me because it appears to be tying its increased personalization push to targeted advertising. That is, Meta’s services are now TikTok-like algorithmically tailored feeds and it is impossible to disentangle that personalization from the way the ads are delivered. Cheeky. It is obviously planning to appeal the DPC’s ruling.

Unsettled Questions About Privacy and Law Enforcement

Meredith Whittaker of Signal, on that terrible New York Times op-ed:

[…] Those of us invested in defending privacy need to understand that this op-ed wasn’t written for people with expertise, and its purpose won’t be perturbed by expert rebuttal. We’re not the audience.

The op-ed works to create the appearance of a “debate” on more or less settled issues. This is a powerful function, bolstered by the NYT imprimatur, which allows it [to] serve as a “Potemkin citation” — a seemingly credible reference in support of bad privacy laws and platforms.

These issues may be largely settled as far as the law is concerned, but they are not without ongoing controversy. It is somewhat tangential but, in 2016, two polls about the then-current dispute between Apple and the FBI over a terrorist’s encrypted iPhone came to different results but only marginally. I think people actually come closer to Reid Blackman’s stance more than they do Whittaker’s. The one itty-bitty problem is that it is currently impossible to ensure respectable law enforcement can gain access to criminals’ encrypted files while the rest of us find our security and privacy uncompromised.

Stop Talking to Each Other and Start Buying Things

Catherynne M. Valente, on the now-familiar cycle of web communities (via Andy Baio):

All the rest are gone. Dismantled for parts and sold off with zero understanding that the only thing of any value the site ever offered was the community, its content, its connection, its possibilities, its knowledge. And that can’t be sold with the office space and the codebase. These sites exist because of what we do there. But at any moment they can be sold out from under us, to no benefit or profit to the workers — yes, workers, goddammit — who built it into something other than a dot com address and a dusty login screen, yet to the great benefit and profit of those who, more often than not, use the money to make it more difficult for people to connect to and accept each other positively in the future.

This is not my favourite piece of writing, but I think its cathartic style benefits the subject. One of the best reasons for preferring protocols over platforms for online communities is that we know how it always goes for centralization. Yet, we keep throwing our hat in with the next well-funded thing because this time, maybe, it will be different, right? The problem for engineering-led protocols is that it is not possible to simply add usability. Given our economic climate, I do not think it is a coincidence that commerce-driven platforms sit briefly in a sweet spot where they are incentivized for people but not quite exploiting them.

Funny how I am linking to another piece about how things end or close or stop on the last day of the year.

Your Memories in Their Cloud

Kashmir Hill, New York Times:

The photos transported me back to a tremendously fun evening that I had all but forgotten. Yet I wondered how there could be so many photos from just one night. How do I decide which to keep and which to get rid of?

This kind of data explosion is a result of economics, said Brewster Kahle, founder of the Internet Archive, a nonprofit library based in San Francisco that saves copies of websites and digitizes books and television shows. Taking a photo used to be expensive because it involved film that needed to be developed.

“It cost a dollar every time you hit a shutter,” Mr. Kahle said. “That’s no longer the case so we hit the shutter all the time and keep way, way too much.”


I noticed a philosophical divide among the archivists I spoke with. Digital archivists were committed to keeping everything with the mentality that you never know what you might want one day, while professional archivists who worked with family and institutional collections said it was important to pare down to make an archive manageable for people who look at it in the future.

Given enough time, I think all of us want to believe we could pare down our own digital stockpiles to just the files and photos that matter. But as I have thought about it more often, I have come to accept I will never be able to anticipate within my lifetime what is truly important in my data trove. Due to a botched iPhone backup from years ago, I am missing hundreds of photos I only later discovered were important and irreplaceable. As I tried to find those images on long-disused hard drives last year, I found images from family gatherings in decade-old Aperture libraries which took on an entirely new meaning when I rediscovered them.

These two examples tell the story of the advantage and disadvantage of managing your own files. I was only able to rediscover photos I thought were lost to time because I found them on an old Time Machine drive I had luckily left intact, but I lost a bunch of other images because of the same system. Like Hill, I have become cloud complacent: I now have way too many things stored in iCloud because I assume Apple has better data integrity practices than I am able to manage for myself. But that seems to carry obvious risks given that Apple — the world’s most valuable company — absolves itself of any guarantee that your data is safe and secure in its cloud services, to the extent it can legally get away with. This is typical and it still feels bizarre.

My long overdue project for 2023 is to ensure I have local versions of everything in iCloud. After all, I cannot know what may be relevant years from now, but I can have control over my ability to access it.

We Are Doing the Familiar Privacy vs. Law Enforcement Argument Again

Tim Bray:

I hate to write a piece just saying Someone Is Wrong On The Internet. But Reid Blackman’s The Signal App and the Danger of Privacy at All Costs (in the NYTimes, forsooth) is not just wrong but dangerously misleading. I haven’t seen a compact explainer on why, so here goes.

No disrespect intended toward Bray, whose explainer is very good, but the original article is a variation on the same story we have heard countless times before: private communications are good but it is dangerous if there are no carve-outs for law enforcement. Blackman’s article is specifically about Signal because it has disappearing message features and a greater degree of anonymity than other mainstream messaging apps. It is therefore amusing to see him hand-waving the many Signal messages obtained by the FBI from U.S. insurrectionists while presenting this case.

I thought this paragraph from Blackman was worth highlighting:

What’s more, the company’s proposition that if anyone has access to data, then many unauthorized people probably will have access to that data is false. This response reflects a lack of faith in good governance, which is essential to any well-functioning organization or community seeking to keep its members and society at large safe from bad actors. There are some people who have access to the nuclear launch codes, but “Mission Impossible” movies aside, we’re not particularly worried about a slippery slope leading to lots of unauthorized people having access to those codes.

I sympathize with the thrust of this argument. Good governance is an essential part of democratic society and rebuilding trust in institutions must be a high priority. We should also be wary of slippery slope arguments. But Blackman does not present any evidence for how Signal — or any comparable application — would be able to turn the binary question of whether something is end-to-end encrypted into a gradient of access levels. In fact, this whole piece feels very much like a slippery slope argument itself: if you use Signal, you are a “witting or unwitting” proponent for adding barriers to prosecuting criminals.

This all feels very familiar. One would think prestige newspapers would stop publishing such well-worn ideas without further development of their arguments but, well, here we are.

This Year in Financial Scams

David Gura, NPR:

A woman better known for setting fashion trends than financial ones, Paris Hilton, appeared on The Tonight Show Starring Jimmy Fallon in January. After talking about her recent marriage and trip to Burning Man, the former reality TV star went deep on the NFTs, or non-fungible tokens, she was hawking.

The audience seemed a bit perplexed when she promised, Oprah-style, to give each of them an NFT — another kind of digital asset that is basically cartoony crypto art. But when Fallon, who is himself an NFT enthusiast, seemed blown away, they applauded.

“Peak hype,” though, crested quickly.

A year for the books. Fallon allegedly has a financial stake in MoonPay through which he bought the NFT he promoted on-air.

I want to point and laugh, but real people are losing real money as the rich pump air into this fiction. Matt Damon is doing just fine even after bitcoin has lost — as of writing — over seventy percent of its value compared to when his Crypto.com television commercial began airing.

LastPass Breached, Customers’ Password Vaults Stolen


We recently notified you that an unauthorized party gained access to a third-party cloud-based storage service, which LastPass uses to store archived backups of our production data. In keeping with our commitment to transparency, we want to provide you with an update regarding our ongoing investigation.

Paul Ducklin, of Sophos’ Naked Security blog:

To be fair to LastPass, the company didn’t repeat its original claim that no password vaults had been stolen, referring merely to “customers’ information” being pilfered.

But in its previous breach notifications, the company had carefully spoken about customer data (which makes most of us think of information such as address, phone number, payment card details, and so on) and encrypted password vaults as two distinct categories.

This time, however, “customers’ information” turns out to include both customer data, in the sense above, and password databases.

Simon Sharwood, the Register:

That file “is stored in a proprietary binary format that contains both unencrypted data, such as website URLs, as well as fully-encrypted sensitive fields such as website usernames and passwords, secure notes, and form-filled data.”

Which means the attackers have users’ passwords. But thankfully those passwords are encrypted with “256-bit AES encryption and can only be decrypted with a unique encryption key derived from each user’s master password”.

Wladimir Palant, creator of Pain-Free Passwords, poured cold water on any relief that assurance may have provided:

I’ll translate: “If you’ve done everything right, nothing can happen to you.” This again prepares the ground for blaming the customers. One would assume that people who “test the latest password cracking technologies” would know better than that. As I’ve calculated, even guessing a truly random password meeting their complexity criteria would take less than a million years on average using a single graphics card.

But human-chosen passwords are far from being random. Most people have trouble even remembering a truly random twelve-character password. An older survey found the average password to have 40 bits of entropy. Such passwords could be guessed in slightly more than two months on the same graphics card. Even an unusually strong password with 50 bits of entropy would take 200 years on average – not unrealistic for a high value target that somebody would throw more hardware on.

Jeremi M. Gosney also has concerns about LastPass’ track record.

This breach will be catastrophic for an unknown but non-zero number of people and businesses. When it was spun off by LogMeIn as an independent company in December 2021, the press release said it had over thirty million users and tens of thousands of business customers. Some of those, particularly corporate clients, will be high-value targets, and they will now be expected to change all of their passwords. I am not sure what is a typical number of records, but anyone I know who uses a password manager has hundreds. I sympathize with anyone dedicating days of work to correct for LastPass’ failure to protect their customers’ data.

A password-less future cannot come soon enough.

Benchmarks Need to Represent Actual Usage


The results of our battery tests revealed that autonomy was largely impacted by this always-on screen feature, draining the battery about 4 times faster! The battery will last roughly 100 hours in idle when activating the feature, instead of 400 if the feature is deactivated. […]

Matt Birchler:

Well, this test was done with the phones in airplane mode, all wireless connections were disabled, and the phones were never used. In other words, they’ve eliminated all other battery drains from the phone and left just the screen. This is a perfect example of a bad benchmark, in my opinion, as it gives you a comparison that feels scientific, but tells you nothing of value.

If you use your phone without any of its telephony features, then perhaps you, too, could see a fourfold improvement in its battery life. I read the original article and I am struggling to understand the point of running this benchmark without any additional context. Without a followup test investigating real-world conditions, these are merely some context-free numbers — hardly a useful test.

User Stylesheets Are Still Pretty Great and Should Be More Widely Supported

Have you thought about your user stylesheet lately? I cannot blame you if you have not, especially if you have no idea what I mean when I write “user stylesheet”. Here is Jennifer Kyrnin’s great explanation of what that is:

In the past, the internet was filled with bad web design, unreadable fonts, colors that clashed, and nothing adapted to fit the screen size. At that time, web browsers allowed users to write CSS style sheets that the browser used to override the styling choices made by page designers. This user style sheet set the font at a consistent size and set pages to display a specified color background. It was all about consistency and usability.

As Kyrnin writes, web designers usually do a better job these days, and most browsers no longer support user stylesheets by default. Google removed them from Chrome nine years ago and they were made optional in Firefox in 2019. But Safari, my browser of choice, still makes user stylesheets easily visible and, if you have the inclination, I recommend its use for a low-effort way of blocking irritations and overriding bad design choices.

For example, while I frequently use and appreciate the services of the Internet Archive, and the reporting of the Intercept and ProPublica, I find their modal nags to be more intrusive than necessary. So I have this section in my user stylesheet to override those elements:

html>body #donato,
html>body #donate_banner,
/* same for the intercept */
html>body #third-party--viewport-takeover{
    display: none !important;
    height: 0 !important;
    position: absolute !important;
    left: -99999em !important;

.InterceptWrapper .Post-body--truncated{
    max-height: none !important;
    overflow: visible !important;

.InterceptWrapper .Post-body--truncated:before{
    content: unset !important;

/* propublica nag */

body.app iframe.syndicated-modal{
    display: none !important;

I pulled these specific selectors by finding the bothersome elements on these websites using Safari’s Web Inspector.

For those of you with some CSS knowledge, the above rules might look like overkill. The logic of including both display: none and left: -99999em seems to make no sense. The only explanation I have is that some of these rules are more applicable to the Internet Archive donation nag while others apply to the Intercept’s email box.

Also, this stylesheet has the cruft of fifteen years of new rules and changing websites, so that may also be a factor.

Here is another example of the power of user stylesheets: you know those awful “sign in with Google” prompts that became more aggressive this year? You can turn them off if you remain signed into your Google account, but you can also style them out of view:

iframe[title="Sign in with Google Dialog"]{
    display: none;
    position: relative;

This is the kind of lightweight solution that I love. It is unnerving to know Google has so much power over the web that it offers users the trade-off of staying logged into their account or be nagged on major websites that offer Google’s login option. It is rewarding to defeat it with five lines of CSS.

But user stylesheets have drawbacks and are evidently from an earlier era of the web. The ways you might employ user styles today are often similar to browser extensions like StopTheMadness or any number of ad blockers. Modern extensions are far more powerful, too, as rules can be tailored to individual websites or run globally. The biggest advantage to the user stylesheet is also its Achilles’ heel: it only works globally, meaning the same rules are applied to all websites. That means your CSS selectors need to be highly specific. If another website has the app class on the <body> element which contains an <iframe> with the syndicated-modal class, it will also get hidden in the same way as it does for me on ProPublica. Finally, many modern websites are built with ugly generated markup which can change any time the code base is updated.

Still, I rely on this user stylesheet to keep my sanity when browsing the web today. Unlike browser extensions, there are no security or privacy questions to worry about, and it is entirely controlled by the user. I saved my stylesheet in my iCloud Drive so it syncs between my Macs; Safari for iOS does not support user styles. It is a feature that will probably be deprecated across all browsers sooner than I would like, but I will be using it until that day arrives. If you have even a passing knowledge of CSS, I encourage you to experiment with its possibilities.

Parting the Curtains of Google’s Ad Display Network

Craig Silverman and Ruth Talbot, ProPublica:

ProPublica spent months trying to crack open Google’s black box ad business. We wrote thousands of lines of code to scan more than 7 million website domains looking for Google ad activity, sourced and analyzed data on millions more domains from half a dozen data partners, and spoke to some of the most knowledgeable experts about Google’s display ad business.

In the end, we matched 70% of the accounts in Google’s ad sellers list to one or more domains or apps, more than any dataset ProPublica is aware of. But we couldn’t find all of Google’s publisher partners. What we did find was a system so large, secretive and bafflingly complex that it proved impossible to uncover everyone Google works with and where it’s sending advertisers’ money.

This report builds upon an October investigation from Check My Adspreviously linked — and it reveals how Google’s power and scale do not meaningfully reflect the trust of advertisers. There is, perhaps, an argument to be made for putting space between ad buyers, sellers, and placements, similar in spirit to the way media separates its business side from its journalism side. But that would require Google to display dilligence at a level it is either incapable of or unwilling to do in all parts of its advertising business. Judging by the quality of ads I see on Google’s own properties like YouTube, it seems monitoring ads at scale would preclude that level of confidence in buyers or sellers.

TikTok Admits It Used Journalists’ Location Data to Try to Find Their Sources

Emily Baker-White, reporting for Forbes in October:

TikTok spokesperson Maureen Shanahan said that TikTok collects approximate location information based on users’ IP addresses to “among other things, help show relevant content and ads to users, comply with applicable laws, and detect and prevent fraud and inauthentic behavior.”

But the material reviewed by Forbes indicates that ByteDance’s Internal Audit team was planning to use this location information to surveil individual American citizens, not to target ads or any of these other purposes. Forbes is not disclosing the nature and purpose of the planned surveillance referenced in the materials in order to protect sources. TikTok and ByteDance did not answer questions about whether Internal Audit has specifically targeted any members of the U.S. government, activists, public figures or journalists.

Baker-White today:

An internal investigation by ByteDance, the parent company of video-sharing platform TikTok, found that employees tracked multiple journalists covering the company, improperly gaining access to their IP addresses and user data in an attempt to identify whether they had been in the same locales as ByteDance employees.

According to materials reviewed by Forbes, ByteDance tracked multiple Forbes journalists as part of this covert surveillance campaign, which was designed to unearth the source of leaks inside the company following a drumbeat of stories exposing the company’s ongoing links to China. As a result of the investigation into the surveillance tactics, ByteDance fired Chris Lepitak, its chief internal auditor who led the team responsible for them. The China-based executive Song Ye, who Lepitak reported to and who reports directly to ByteDance CEO Rubo Liang, resigned.

Hannah Murphy, Financial Times:

Two members of staff in the US and two in China gained access to the IP addresses and other personal data of FT journalist Cristina Criddle, to work out if she was in the proximity of any ByteDance employees, the company said. However, the company failed to find any leaks.

A BuzzFeed journalist and a number of users connected to the reporters through their TikTok accounts were also targeted.

Similar tactics have previously — allegedly — been used by Facebook and Uber. It is perhaps not my place, but those are not the two companies from which I would take lessons on ethics. But it does illustrate the vast amount of granular information available to some of the world’s largest companies. Their surveillance is part of the societal fabric. The disadvantage for TikTok is that its spying carries the added weight of possible connections to an authoritarian state. The additional layer of complication is certainly worth discussing, but it should not distract from the fundamental assault on user privacy shared by all three companies without legal consequence.

Scammers Are Taking Advantage of Equifax Breach Settlement Notices

Brian Krebs:

The website for the settlement — equifaxbreachsettlement.com — also includes a lookup tool that lets visitors check whether they were affected by the breach; it requires your last name and the last six digits of your Social Security Number.

But be aware that phishers and other scammers are likely to take advantage of increased public awareness of the payouts to snooker people. Tim Helming, security evangelist at DomainTools.com, today flagged several new domains that mimic the name of the real Equifax Breach Settlement website and do not appear to be defensively registered by Equifax, including equifaxbreechsettlement[.]com, equifaxbreachsettlementbreach[.]com, and equifaxsettlements[.]co.

So far, those URLs do not contain anything more than parked domain advertising, but it is not difficult to imagine how they could be used — recall how something similar happened earlier in the Equifax breach. Is there a legal requirement for settlement websites like Equifax’s or the Apple butterfly keyboard suit to be separate from either party’s own hosting? I can imagine why that would be desired, but the use of these generic domains is an opportunity for scammers.


Of course, most of those earnings come from Equifax’s continued legal ability to buy and sell eye-popping amounts of financial and personal data on U.S. consumers. As one of the three major credit bureaus, Equifax collects and packages information about your credit, salary, and employment history. It tracks how many credit cards you have, how much money you owe, and how you pay your bills. Each company creates a credit report about you, and then sells this report to businesses who are deciding whether to give you credit.

This is a choice. In addition to 143 million Americans, thousands of Britons and Canadians were also compromised. An investigation by the Office of the Privacy Commissioner of Canada found Equifax retained consumer data beyond Canadian law and its own internal policies — data later stolen. The broker market in Canada is different to that in the U.S. but, so long as the market here is dominated by American firms like Equifax and TransUnion, the lack of a culture of privacy will be a liability.

TikTok to Begin Showing Users Why a Video Was Recommended to Them


TikTok For You feeds enable people to discover an incredible diversity of ideas, creators, products, and entertainment. Our system recommends content by ranking videos based on a combination of factors based on your activity on our app, which includes adjusting for things you indicate you’re not interested in. Our goal is to serve a range of relevant and entertaining content. To help people understand why a particular video has been recommended to them, we’re rolling out a new tool over the coming weeks.

This sounds like a good step forward, albeit a limited one. The explanations for these recommendations have a similarly limited language and scope as ad transparency efforts like those from Google and Meta. They are often a narrow window into how these systems work, but too vague to understand why that specific material was chosen.

Although coverage of TikTok’s feature did not indicate a specific reason why it is being rolled out, I wonder if it is partially due to the European Union’s Digital Services Act, which requires larger platforms to explain their algorithmic choices. Expect more changes like this.

Twitter Bans Links to Other Social Media Platforms


At both the Tweet level and the account level, we will remove any free promotion of prohibited 3rd-party social media platforms, such as linking out (i.e. using URLs) to any of the below platforms on Twitter, or providing your handle without a URL:

Prohibited platforms:

  • Facebook, Instagram, Mastodon, Truth Social, Tribel, Post and Nostr

This is an obviously stupid policy because enforcing it means driving away pretty much everyone. Businesses big and small link to posts they made on Instagram and Facebook, which means a bunch of social media managers are in for a rough start to what is likely their last week of work for the year. Creative people link to their Instagram posts all the time. (Update: Twitter’s policy says it permits cross-posting, even from banned sites like Instagram, but you are somehow not supposed to “promote” those profiles while doing it. You can link to a specific Instagram post, I guess, but not mention your Instagram profile. This seems impossible to enforce.) Meanwhile, I bet Tribel and Nostr are thrilled about being lumped in with successful platforms; they are so small that neither one has a Wikipedia page.

Also, my handle — pretty much everywhere — is just my name. If I tell people they can find me anywhere by searching “nickheer”, I am violating this rule by indicating my handle without a URL.

Maybe more interesting are the exceptions to this rule: linking to one’s YouTube profile is not a bannable offence, and neither is LinkedIn, for some reason. TikTok links are also not prohibited. Oh, and this rule may not apply if you buy ads for a post with a prohibited link, but the wording of that exception is unclear and it could simply mean that Meta is allowed to keep buying ads on Twitter.

Also banned:

  • 3rd-party social media link aggregators such as linktr.ee, lnk.bio

It was only earlier this year when Linktree raised a round of funding at a billion-dollar valuation. Time flies.

Twitter is going great, friends, and if you do not think Elon Musk is a business genius for spending $44 billion to buy the company without any plan besides replatforming a bunch of scumbags and banning the account posting trips taken by the SpaceX plane, you just cannot see the eight-dimensional chess game he is playing. He is a very smart man with a thick skin living in his happy multibillion-dollar world, and he is just trying to save civilization by bringing Nazis back and banning people from posting links to their Mastodon account on Twitter, the free speech platform.

Update: Twitter has now removed all evidence of this policy’s existence from its official support channels, but the Internet Archive never forgets. Really gives you confidence this was a well-considered policy from the super genius business person who now owns Twitter.

Why We Argue About the Same Things Over and Over

WNYC’s On the Media:

As we approach the end of the year, OTM correspondent Micah Loewinger takes a look at the some of the big media narratives that felt representative of 2022. He speaks with political scientist Paul Fairie, who has devoted his Twitter account to investigating refrains like “nobody wants to work anymore” and “people are losing their sense of humor” to show that seemingly modern moral panics have been repeated in the American press every decade for over a century. With the help of voice actors (see below), listen as Paul and Micah dive deep into the newspaper archives to demonstrate how little has changed in our political discourse.

If you have somehow missed Fairie’s explorations of history on Twitter, he has published a thread of the threads. Putting it all in perspective.

Publishing Blog Updates to Mastodon

Jesse Squires:

If you follow me on Twitter, you’ve likely noticed that my blog posts are automatically tweeted for me. There are multiple services you can use to do this, like Zapier and IFTTT. I use both services for various automations. Each has built-in actions for listening to an RSS feed and then tweeting new items as they appear. Sadly, neither service has a built-in action for Mastodon. However, we can achieve the same results with a generic webhook action on both platforms.

Squires’ post inspired me to check on how my posts are automatically published to Mastodon in a way I do not pay for. It turns out I have a Zapier action set up but, at some point, the company began charging for new uses of the webhook action. Using webhooks on IFTTT remains free. Unfortunately, I have not worked out how to make the links prettier, and I dare not touch the Zapier action in case it gets paywalled.

Negotiations Between MIT and the New W3C Organization Seem to Be Going Poorly

James Hercher, writing at Ad Exchanger in April:

The Worldwide Web Consortium (W3C), the main technical standards developer of the internet (HTML and CSS, the code underlying the web, are two such W3C standards), will lose longtime university partner MIT as administrator and US host organization at the end of this year.


Without a new structure and financial plan in place for 2023, why haven’t W3C members panicked about what looks like a potential looming catastrophe? Despite W3C executives being hard at work on a potential solution for more than the past year, they haven’t made much progress.

In June, the W3C announced its transition:

The World Wide Web Consortium is set to pursue 501(c)(3) non-profit status. The launch as a new legal entity in January 2023 preserves the core mission of the Consortium to shepherd the web by developing open standards with contributions from W3C Members, staff, and the international community.

Robin Berjon, who is on the board of this new entity, posted a status update today, and it is worrisome:

At this point it looks like we will not have an operational W3C nonprofit on Jan 1. Every Director will vote their conscience, but it seems likely that the asset transfer will be rejected, leaving MIT responsible for its contracts with W3C Members (for which they have paid).

No one knows what happens then.

These stumbling negotiations will not ensure the immediate collapse of the web or anything like that, but it sounds like MIT is parting from the W3C in the most difficult way possible. It is worth keeping an eye on this.

Facebook’s Widely Viewed Content Report Still Shows a Platform Full of Suspicious and Poor-Quality Links

Last month, Jeff Horwitz of the Wall Street Journal explained that Facebook’s most recent Widely Viewed Content report was a cause for celebration at the company, as it indicated the apparent triumph of the platform’s moderation tools over spammers and scammers. It was a well-coordinated leak — the Journal article was published at exactly the same time Facebook released its report — and it did its job by highlighting Facebook’s recent efforts after an embarrassing previous quarter report. It looked like a more positive direction, but I urged caution.

Yesterday, the Integrity Institute published a more comprehensive analysis:

While this is in general good, and the teams working internally to improve the quality should feel good about their work, we do not see any significant change in the quality of content that made it into the top links and top posts lists. The majority of content there continues to fail basic media literacy checks. A dip in unoriginal content is compensated by a rise in content using spam networks. And we’ve found content that might violate Facebook’s policies that Facebook may have overlooked.


Finally, a quick note of what wasn’t on the top content lists: the passing of Queen Elizabeth II. She died on September 8th, so well within the Q3 time range of this list, but no story about her makes it into the top 20.

It is very odd, though perhaps explained by having such a large volume of coverage diluting the impact of any specific link. Remember, this report only shows the twenty most popular links, posts, and pages on Facebook, and is only a fractional sliver of what gets published there. That, I think, makes it all the more notable to see the peculiar and specific traffic arbitrage scheme found by these researchers.

It Barely Matters That Apple Missed Its Two-Year Goal for the Apple Silicon Transition

Chance Miller, 9to5Mac:

If you view the November [2020] announcement [of the first M1 Macs] as the start of the transition process, Apple would have needed to have everything wrapped up by November 2022. This deadline, too, has passed. This means Apple has missed its two-year transition target regardless of which deadline you consider.


So that leaves us where we are today. You have Apple Silicon options for every product category in the Mac lineup, with the exception of the Mac Pro. During its March event, Apple exec John Ternus teased that the Mac Pro with Apple Silicon was an announcement “for another day.” That day, however, hasn’t yet come.

Miller also notes that an Intel version of the Mac Mini remains available. But it hardly matters for Apple to have technically missed its goal since all of its mainstream Macs have transitioned to its own silicon, and it has released an entirely new Mac — in the form of the Mac Studio — and begun the rollout of its second generation of chips in that timeframe. Also, it sure helps that people love these new Macs.

Update: The December 18 version of Mark Gurman’s newsletter contains more details about the forthcoming Mac Pro:

An M2 Extreme [Gurman’s own term for two M2 Ultras] chip would have doubled that to 48 CPU cores and 152 graphics cores. But here’s the bad news: The company has likely scrapped that higher-end configuration, which may disappoint Apple’s most demanding users — the photographers, editors and programmers who prize that kind of computing power.


Instead, the Mac Pro is expected to rely on a new-generation M2 Ultra chip (rather than the M1 Ultra) and will retain one of its hallmark features: easy expandability for additional memory, storage and other components.

I am interested to see how this works in practice. One of the trademarks of Macs based on Apple’s silicon is the deep integration of all these components, ostensibly for performance reasons.

AM Radio Is Being Dropped From Electric Cars

Michael Levenson, New York Times (via Dave Pell):

An increasing number of electric models have dropped AM radio in what broadcasters call a worrisome shift that could spell trouble for the stations and deprive drivers of a crucial source of news in emergencies.

Carmakers say that electric vehicles generate more electromagnetic interference than gas-powered cars, which can disrupt the reception of AM signals and cause static, noise and a high-frequency hum. (FM signals are more resistant to such interference.)

Perhaps not the reason you expected for why some automakers are no longer offering AM radios; certainly, this was not the reason I was expecting. Levenson documents many great examples for preserving its availability.

MarsEdit 5

Daniel Jalkut recently released a new version of MarsEdit which, in my eyes, is hands-down the best MacOS application for writing for the web. I do not use anywhere near all of its features, but nearly everything for this website is written using MarsEdit. I adore it. This is the first new version in years and it is a completely fair $60, but MarsEdit 4 users can get a copy for half the price.

Update: I originally said Brent Simmons was responsible for MarsEdit 5 because I do not know how time works. Sorry or thanks to both developers.

Third-Party App Store Knock-On Effects

Riley Testut, who runs AltStore, has some thoughts on Apple’s rumoured work on complying with E.U. regulations by permitting third-party marketplaces for native apps. The whole Twitter thread is worth reading, but I thought this part was especially thoughtful:

Here’s what I see happening:

Instagram? They moved to Meta’s store for obvious reasons, so you can no longer receive updates unless you also install Meta’s store

That note taking app you’ve been using for years? They’re tired of paying Apple 30%, so they’re now in Epic’s store!

Now you HAVE to use 3 different app stores, or else you’ll lose access to the apps you’re already using!

So yes, it’s a choice — but the choice is NOT “do I use 3rd party stores to get cool new apps”

Instead it’s: do I use 3rd party stores *just to keep using my current apps*

I am sure Apple is concerned about these issues, but it is something worth thinking about. Testut proposes adding only sideloading capabilities instead of permitting third-party stores. Whatever the case, I hope the result is not the alternative form of gatekeeping in Testut’s thread. I know this is not what Apple wants to be doing but, if it plays this right, it could be a great opportunity for users and developers alike.

Bloomberg: Apple to Permit Third-Party App Stores in Europe

Mark Gurman, Bloomberg:

Apple Inc. is preparing to allow alternative app stores on its iPhones and iPads, part of a sweeping overhaul aimed at complying with strict European Union requirements coming in 2024.


If similar laws are passed in additional countries, Apple’s project could lay the groundwork for other regions, according to the people, who asked not to be identified because the work is private. But the company’s changes are designed initially to just go into effect in Europe.

The headline in the <title> element of the page, which you can see in the tab or window chrome, is phrased as a question: “Will Apple Allow Users to Install Third-Party App Stores, Sideload in Europe?” Gurman’s reporting, though, matches the more definitive tone of the headline on the page, “Apple to Allow Outside App Stores in Overhaul Spurred by EU Laws”. It also matches the company’s legal requirements.

It will be interesting to see how Apple frames this shift for its European customers. It has spent years claiming its first-party App Store policies are a reason people buy iPhones. While it can continue to promote its own App Store as the best option, it would look silly if it created the impression of reducing security for European users while rolling this out. The same is true of its privacy stance if, as also reported by Gurman, it makes its Find My network more permissive to third-party trackers. Apple may also want to preserve its existing strategy wherever regulators do not require its software and services to be more interoperable, but that could make it look like European customers have more choices than users in, say, the United States — which they probably will.

This seems like a welcome shift for the iPhone and iPad to behave more like general purpose computers instead of native applications being more tightly controlled. It could — it should — also mean Apple can be more selective about what it permits in its own marketplace. What would an App Store look like if it had to compete with other stores offering other software? We might get to find out.

Great Books of 2022

Jason Kottke, who recently returned from a months-long and well-deserved sabbatical, put J. Kenji Lopez-Alt’s “The Wok” on his list of the best books of the year, and I have to agree. I only received a copy a few weeks ago, but I have been enjoying it thoroughly and referencing it frequently.

More broadly, Lopez-Alt’s increased video output in the first several months of 2020 — and a recommendation of the Made with Lau YouTube channel — was the encouragement I needed for a concerted effort to improve my wok skills. In the last couple of years, my confidence with a wok has made a dramatic leap. If you do not want to buy the book and it is not available at your nearest library, I recommend trying some recipes from either of those channels, if you would like. It is satisfying to prep some ingredients and then having a whole meal come together in just a couple of minutes with the unique flavour of cooking over very high heat.

Protocols, Not Products, Are to Thank for Podcasts

Lilly Ryan:

Podcasts are just out there, like air. You don’t go to one place to get them; you get them from everywhere and anywhere. You can choose how you want to engage with them and manage them and it is legitimately heartwarming that nothing has ever gotten in the way of that being a fundamental fact.

After the obituaries and farewells to Twitter have faded, the things which are based on open interoperable protocols will live on. This is true for every closed platform. For all they entrench themselves into our lives and become a centralized source of news and connection, their inherent Achilles’ heel is their isolation. That is not a new observation, but it is sometimes easy to forget.

Hot Bag MacBook

Sam Rowlands (via Michael Tsai):

Have you ever travelled somewhere to find that your MacBook is nice and warm, with next to no battery left? If so, these are the common causes of a “Hot Bag MacBook” that we’ve found so far.

As soon as I saw Tsai post this, I knew I had to post it, too, just because the phrase “hot bag MacBook” makes me chuckle.

I might as well add my own experience, too, featuring my old 2012 MacBook Air. For many months, I could not nail down the cause of it waking while in my bag until I realized the tension of the hinge had changed very slightly and would open the display by an almost imperceptible amount if it was bumped. Barely enough to be seen, but just enough to wake it up. The solution was to slightly loosen some screws on the inside. I do not know if this is a relevant tip on more recent Macs, however, as I have not checked its replacement for a similar hinge setup.

Elon Musk Smeared a Former Twitter Executive in Front of His 121 Million Followers

I know: you are probably sick of news about Twitter and its awful owner. I do not plan to write more about the ominous-sounding but empty “Twitter Files” unless there is something truly newsworthy which emerges, and I would rather extract one of my own teeth than think about Elon Musk for very long. But what he did this weekend deserves a mention for its callous brutality.

Sawdah Bhaimiya, Insider:

Elon Musk smeared Twitter’s former head of trust and safety, Yoel Roth, by falsely and baselessly claiming that he supports the sexualization of children, in a tweet on Saturday.

The tone of a straight news article masks how bad this was. Musk posted a context-free screenshot of a section from Roth’s PhD dissertation. Roth argued for a harm reduction approach when youth try to access adult-oriented dating apps; in particular, LGBTQ youth, who are at higher risk of ostracization and violence by openly dating.

It would be too charitable to assume this is a case of poor reading comprehension. Even if it was, it put a damaging smear in front of a hundred and twenty million people, and the lack of a filter on one of the world’s most visible people is deeply worrisome. But it was not.

Melissa Ryan:

These folks are hopped up on a conspiracy high. Their energy is QAnon/pizzagate, meets election denial, meets anti-vaxxers with Twitter’s new owner pouring gasoline on the fire. And they’re loving it. They truly believe Twitter’s former leadership committed thousands of felonies, rigged an election, were in cahoots with the FBI, plus all the usual stuff about everyone being a pedophile.


Musk’s attacks immediately put Roth in harm’s way. Last night on patriots.win, the current iteration of /r/the_donald, the top-rated comment on a thread about #TheTwitterFiles was, “we need to see people hang.” Scrolling through the site, I found multiple violent threats targeting Roth specifically.

Justin Ling wrote a heartbreaking but relevant article about violence against queer communities before this weekend’s events:

Through the late 20th century, the idea that Queer people were not just a perversion, but a threat to society as a whole and children in particular, was endemic. The rhetoric is exactly what we hear today, just with different words.

I wrote about this trend in dispatch #8 From Anita Bryant to Milo Yiannopoulos, the anti-Queer backlash is as hateful as it is predictable and tired. Then, during Pride month, I wrote: “this kind of cultural backlash feeds directly into violence.”

Here we are.

Musk is an unhinged propagandist who is among the world’s most visible people. He has a fan club. He made a dorky appearance at a stadium comedy show last night.

There are some people who have branded themselves as edgy or counterculture — the sort of modern day punk rock icons able to draw attention to the opposite of the coddled, politically correct mainstream. This is utter nonsense. There is nothing revolutionary — nothing upsetting the status quo — about the views Musk is sharing and which are amplified by millions. These people are not dangerous because they are modern day Daniel Ellsbergs, speaking truth to power, or proponents of subversive culture. They are the power. And they are yelling louder and with more violence than at any time in recent memory.

Please take care of yourselves and each other.

The Block, a Crypto News Site, Was Secretly Funded by Alameda Research

Sara Fischer, Axios

The Block, a media company that says it covers crypto news independently, has been secretly funded for over a year with money funneled to The Block’s CEO from the disgraced Sam Bankman-Fried’s cryptocurrency trading firm, sources told Axios.

Sarah Kopit, the Block:

The Block Chief Executive Officer Michael McCaffrey resigned after failing to disclose a series of loans from disgraced former FTX head Sam Bankman-Fried’s Alameda Research. He was the only person with knowledge of the funding at the company.

Bobby Moran, The Block’s chief revenue officer, will step into the role of CEO, effective immediately, according to a company statement.

I am beginning to think this whole industry is lousy.

The Work of Art in the Age of Mechanical Reproduction

Walter Benjamin, as translated by Harry Zohn:

Even the most perfect reproduction of a work of art is lacking in one element: its presence in time and space, its unique existence at the place where it happens to be. This unique existence of the work of art determined the history to which it was subject throughout the time of its existence. This includes the changes which it may have suffered in physical condition over the years as well as the various changes in its ownership. The traces of the first can be revealed only by chemical or physical analyses which it is impossible to perform on a reproduction; changes of ownership are subject to a tradition which must be traced from the situation of the original.

While reading Bogost’s article, I was reminded Benjamin’s classic essay in themes if not in prose. If you have never read it, I cannot recommend it enough; the above link is, to my knowledge, a well-regarded translation. It seems like an updated version of this is needed — the work of art in the age of artificial production, or something to that effect.

ChatGPT Is a Smart Computer’s Impression of a Know-It-All

Before I got distracted, I meant to write a little about ChatGPT. I have been playing with it since it launched last week and it is downright impressive in many circumstances. But something felt wrong, and I could not quite put my finger on it until I read a piece from Ian Bogost, in the Atlantic:

Even pretending to fool the reader by passing off an AI copy as one’s own, like I did above, has become a tired trope, an expected turn in a too-long Twitter thread about the future of generative AI rather than a startling revelation about its capacities. On the one hand, yes, ChatGPT is capable of producing prose that looks convincing. But on the other hand, what it means to be convincing depends on context. The kind of prose you might find engaging and even startling in the context of a generative encounter with an AI suddenly seems just terrible in the context of a professional essay published in a magazine such as The Atlantic. And, as Warner’s comments clarify, the writing you might find persuasive as a teacher (or marketing manager or lawyer or journalist or whatever else) might have been so by virtue of position rather than meaning: The essay was extant and competent; the report was in your inbox on time; the newspaper article communicated apparent facts that you were able to accept or reject.

It is a little late here and after reading the first three paragraphs of this story — generated by ChatGPT, obviously — I was worried Bogost had somehow lost a writerly edge. Context matters and reveals so much.

Twitter’s New PR Team Finds More Normal Behaviour to Spin Conspiracies Around

Elon Musk may have eliminated Twitter’s communications department. But it appears he found a new PR team member in Bari Weiss, to whom the so-called “Twitter Files” were leaked, and who will massage Twitter 2.0’s messaging for free. Twitter apparently added Weiss to the company’s Slack channels and gave her a company laptop. You know, just a typical reporter–source relationship.

Weiss, today, tweeted a thread all about Twitter’s apparently shocking policy of minimizing the visibility of some high-profile and often controversial accounts:

What many people call “shadow banning,” Twitter executives and employees call “Visibility Filtering” or “VF.” Multiple high-level sources confirmed its meaning.


“VF” refers to Twitter’s control over user visibility. It used VF to block searches of individual users; to limit the scope of a particular tweet’s discoverability; to block select users’ posts from ever appearing on the “trending” page; and from inclusion in hashtag searches.

Weiss showed screenshots of a few users who have been filtered for various reasons, including Jay Bhattacharya — who used his doctorate status to argue against virtually all COVID containment measures — and Dan Bongino and Charlie Kirk, who promoted conspiracy theories about the 2020 U.S. election. To be clear, all of these users still have Twitter accounts and they are still able to tweet. Their millions of combined followers still see their messages. But their accounts may not autocomplete in search results or their tweets may not be promoted in trending topics.

All of these users happen to promote views typical of an American conservative and even far-right ideology, but it is impossible to know whether this is an accurate representation of the accounts which are flagged, despite what Musk says. We do not even know which specific tweets caused Twitter to flag these accounts; maybe they deserved it. Weiss is not a reliable narrator, and not just because she appears to have attained a volunteer consultancy role in the Musk era of Twitter. Weiss spent over an hour writing thirty tweets without once mentioning that Musk’s own policy position favours reducing “freedom of reach” for “negative” tweets. “You won’t find the tweet unless you specifically seek it”, said the guy who gave Weiss and Taibbi a bunch of internal documents from the site he runs. This appears to be a similar policy to the one Weiss spent an hour exposing as some kind of massive controversy when it was done under previous management.

Weiss’ big reveal was what appeared to be a contradiction between Twitter’s past stance and its actions:

Twitter denied that it does such things. In 2018, Twitter’s Vijaya Gadde (then Head of Legal Policy and Trust) and Kayvon Beykpour (Head of Product) said: “We do not shadow ban.” They added: “And we certainly don’t shadow ban based on political viewpoints or ideology.”

Again, Weiss has not provided evidence to indicate a political or ideological motive. You are supposed to draw the conclusion she has suggested based on her specific framing.

Here, Weiss trims the full context of Gadde’s statements by not linking to the post in question:

People are asking us if we shadow ban. We do not. But let’s start with, “what is shadow banning?”

The best definition we found is this: deliberately making someone’s content undiscoverable to everyone except the person who posted it, unbeknownst to the original poster.

We do not shadow ban. You are always able to see the tweets from accounts you follow (although you may have to do more work to find them, like go directly to their profile). And we certainly don’t shadow ban based on political viewpoints or ideology.

Not only do Gadde and Beykpour deny that Twitter shadow bans, they define their understanding of shadow banning, which is very different from the behaviour Weiss documents. None of the types of “Visibility Filtering” shown match the definition in the blog post above. (Update: And two former Twitter employees say “Visibility Filtering” is misdefined in Weiss’ thread.) Weiss is counting on people to not go looking for the full context because it would undermine her argument.

By the way, Gadde and Beykpour go on to describe how this process works:

We do rank tweets and search results. We do this because Twitter is most useful when it’s immediately relevant. These ranking models take many signals into consideration to best organize tweets for timely relevance. We must also address bad-faith actors who intend to manipulate or detract from healthy conversation.

They explicitly state Twitter down-ranks tweets in places like search “from bad-faith actors who intend to manipulate or divide the conversation”. You might disagree with specific decisions Twitter has made — so do I — but I find it hard to be even remotely upset by this standard. Just because a tweet is popular and comes from a user with millions of followers, it does not mean most users should be subjected to it. That is particularly true when it comes to health and democracy.

The last series of tweets in Weiss’ thread concern the hate-filled Libs of TikTok account, run by Chaya Raichik. Raichik’s posts frequently misrepresent drag events and target trans youth. Tweets from the account repeatedly traffic lies about LGBTQ people and topics, including tying it to pedophilia. This account has been suspended several times for violating Twitter’s policies against deliberately misgendering people. Raichik’s posts are intentionally and repeatedly hostile.

Weiss claims an internal memo confirms “[Libs of TikTok] has not directly engaged in behavior violative of the Hateful Conduct policy” but, again, this statement has been taken out of context. I would like to believe this is a simple error by Weiss but, as she has repeatedly done so in this thread to make her arguments — to say nothing about her entire body of work — it is hard to believe that is the case. The memo, of which Weiss posted a screenshot, says of the Libs of TikTok account:

Since its most recent timeout, while LTT has not directly engaged in behavior violative of the Hateful Conduct policy, the user has continued targeting individuals/allies/supporters of the LGBTQIA+ community for alleged misconduct.

The phrase “since its most recent timeout” is relevant context omitted by Weiss, as is the site policy team’s assertion that Raichik continues to harass and discriminate. This team concludes Raichik’s account deserves another time-out period based on her repeatedly offensive behaviour which, the memo implies, should indicate that her tweets are unacceptable and could eventually lead to a full ban. I do not see anything controversial here. If anything, Twitter is being lenient: an administrative view explicitly marks Libs of TikTok as a high profile account, and requires someone to consult an elevated level of Twitter policy maker before taking action. Weiss portrays this elevated policy team as a “secret group” but, well, it is disclosed right there in the admin view. Not a very well-kept secret, is it?

Weiss sets up a comparison between the apparently awful treatment of Raichik’s account and a lack of enforcement against a tweet which apparently included a picture of her house and its address. I wrote “apparently” there because I cannot find the tweet despite Weiss saying it remains live. It was allegedly posted just a couple of weeks ago, meaning the call to permit the tweet was made under Musk’s ownership and responsibility. Maybe all of those staffing cuts have made it more difficult to keep up with reported tweets. In any case, I do not think it was a fair call: if that tweet was as described, it should have been removed, but Libs of TikTok should have been banned long ago for bullying and inciting harassment, including posting private information.

Weiss may have rambled for an hour in a Twitter thread and her team may have been given ridiculous access (Update: that access has been disputed by Twitter’s head of trust and safety which is about what I expected for the reliability of this thread), but this is yet another apparently blockbuster exposé which has turned up little of note. Am I supposed to be surprised that accounts which traffic in bad-faith narratives are de-emphasized? I thought the whole thing was “freedom of speech doesn’t mean freedom of reach”?

Mike Masnick of Techdirt published an excellent and thorough article about the many misconceptions of the first “Twitter Files” thread. It is worth reading if you care about this sort of thing — hey, you are at the bottom of my post about this, so maybe you do — but I think his conclusion is reusable for this iteration of this saga:

I fear that this story is going to live on for years and years and years. And the narrative full of nonsense is already taking shape. However, I like to work off of actual facts and evidence, rather than fever dreams and misinterpretations. And I hope that you’ll read this and start doing the same.

Weiss’ thread today involved even more frequent excursions from truth and complete context despite being part of Twitter’s internal systems. I never want to hear a critical word about “access journalism” from anyone who has promoted this thread. I wish this did not feel like a big story. But it will be treated like one because it has a juicy combination of internal documentation, moderation policy, and the whines of an apparently oppressed real estate agent turned anti-transgender propagandist. Truly, the real victim in all of this.

If you are angry about the silent de-emphasis of some accounts, I hear you; I think more transparency could be useful. But I think most people also know when they are doing things which get right up to the line and test platform moderators’ patience. Some people are just assholes. And some people believe it is their duty to run interference for them by tweeting in spooky undertones about normal decisions to figure out how much of an asshole someone is being.

Apple Plans to Allow Developers to Add Communications Safety Features to Their Apps

Lily Hay Newman, of Wired, also reported on today’s privacy announcements from Apple. In addition to confirming it has stopped its iCloud photo scanning efforts, it told her about its plans for its existing child safety features:

The company told WIRED that while it is not ready to announce a specific timeline for expanding its Communication Safety features, the company is working on adding the ability to detect nudity in videos sent through Messages when the protection is enabled. The company also plans to expand the offering beyond Messages to its other communication applications. Ultimately, the goal is to make it possible for third-party developers to incorporate the Communication Safety tools into their own applications. The more the features can proliferate, Apple says, the more likely it is that children will get the information and support they need before they are exploited.

I re-read what I wrote about Apple’s announcements today and I am worried I came off as indifferent to the problem of CSAM and how it is enabled by the widespread adoption of internet-connected devices, especially with cameras. There are few problems — perhaps none — of a more pressing universal concern than ensuring children are not exploited and their safety is not at risk. But I am also worried about the use of these heinous crimes to make it harder or a public relations risk to increase user privacy and security.

This is a difficult needle to thread, but I appreciate these efforts to balance the privacy needs of many against the risks of creating unnecessary roadblocks for law enforcement or enabling criminals.

Bloomberg: Apple’s Ambitions for Its Car Project Have Been Scaled Back

Mark Gurman, Bloomberg:

In a significant shift for the project, the company is now planning a less-ambitious design that will include a steering wheel and pedals and only support full autonomous capabilities on highways, said the people, who asked not to be identified because the information is private.


Apple’s previous vision for the car was to offer “Level 5” autonomy — the pinnacle of self-driving technology, which no automaker has attained. The current plan is considered below that because of its more limited scope.

It turns out truly self-piloting cars along arbitrary and varied routes may be a more difficult problem than some people have suggested. I am still betting against it being introduced in my lifetime. I like my odds.

FCC Filing Indicates Tesla Plans to Equip Its Cars With Radar Again

Fred Lambert, Electrek:

Tesla believes that the best way to replicate that is through cameras to replace the eyes and neural nets running on a computer to replace the brain.

The company removed the radars on its vehicles last year and the ultrasonic sensors earlier this year.

That’s why it was surprising earlier this year when we reported on Tesla filing with the FCC to use a new radar in its vehicles. The FCC had granted a confidential treatment to Tesla in order not to release the details of the new radar.

In a letter to the FCC posted by Tony DeLuca, a Tesla certification engineer says it will be rolling out this radar-equipped vehicle in mid-January. It is perhaps an indication that a cameras-only approach may be a roadblock to more capable autonomous driving.

It turns out truly self-piloting cars along arbitrary and varied routes may be a more difficult problem than some people have suggested. I am still betting against it being introduced in my lifetime. I like my odds.

Apple Pushes iOS 16.2 Release Candidate With Optional End-to-End Encrypted iCloud Backups


iCloud already protects 14 sensitive data categories using end-to-end encryption by default, including passwords in iCloud Keychain and Health data. For users who enable Advanced Data Protection, the total number of data categories protected using end-to-end encryption rises to 23, including iCloud Backup, Notes, and Photos. The only major iCloud data categories that are not covered are iCloud Mail, Contacts, and Calendar because of the need to interoperate with the global email, contacts, and calendar systems.

Advanced Data Protection is part of three major iOS security enhancements, the others being iMessage key verification and enabling the use of physical security keys for Apple ID login. Apple says those other two features will be rolled out globally next year; encrypted iCloud backups, meanwhile, are available with iOS 16.2’s release first in the United States with a gradual rollout to the “rest of the world”.

From Apple’s Platform Security Guide:

When a user first turns on Advanced Data Protection, web access to their data at iCloud.com is automatically turned off. This is because iCloud web servers no longer have access to the keys required to decrypt and display the user’s data. The user can choose to turn on web access again, and use the participation of their trusted device to access their encrypted iCloud data on the web.


iWork collaboration and the Shared Albums feature in Photos don’t support Advanced Data Protection. […]

Unsurprisingly, it also says all devices logged in with the user’s Apple ID must be updated to the versions of their respective operating systems rolling out to beta testers today as release candidates.

Robert McMillan and Joanna Stern, Wall Street Journal:

The changes represent a new potential setback for law-enforcement officials. Last year, Apple proposed software for the iPhone that would identify child sexual-abuse material on the iPhone. Apple now says it has stopped development of the system, following criticism from privacy and security researchers who worried that the software could be misused by governments or hackers to gain access to sensitive information on the phone.

Stern also scored an exclusive interview with Craig Federighi and put together a video explaining the changes.

It sure seemed like the announcement of the CSAM detection features last year was a precursor for enabling fully end-to-end encrypted iCloud accounts. The logic was something like: law enforcement is already wary of widespread encryption and they use CSAM as a universal gotcha, so this is a way to solve both problems. But it ended up causing far more controversy — controversy that was not unwarranted. I do not know if you are aware of this, but big computer companies are not universally trusted with being able to accurately monitor user material in their own platforms.

This can be seen as a mea culpa, on one hand, but also a more firm line between what Apple sees as its role, and what tasks are best left up to individuals. Two of the three features Apple announced as part of its child safety initiatives were launched without much issue. Apple is now clarifying that users’ data is strictly their own, even if it is stored in iCloud. This applies to iCloud Photos; it also applies to Messages.

This is undeniably good news, but you should expect to see alarmist rhetoric about Apple protecting heinous criminals. Instead, think of it as protection for all users from law enforcement overreaches, creepy intelligence agencies, and overbroad policies. This is an excellent and long-overdue announcement for even us boring law-abiding people.

Diplomacy Update

Selina Cheng and Wenxin Fan, reporting for the Wall Street Journal on November 23:

Workers at the world’s biggest iPhone assembly plant clashed with police after protests erupted at the factory in central China, where the sprawling facility employing more than 200,000 people has been under strict Covid-19 controls for weeks.

While Foxconn, in a statement obtained by the Journal, connected these protests to questions about pay, they are part of more widespread demonstrations in China against the country’s oppressive zero tolerance COVID-19 policies.

Matt Murphy, BBC News:

So often one item comes to symbolise an entire protest movement. In China, that item is a humble piece of blank paper.


Some have argued that the gesture is not only a statement about the silencing of dissent, but also a challenge to authorities, as if to say ‘are you going to arrest me for holding a sign saying nothing?'”

“There was definitely nothing on the paper, but we know what’s on there,” a woman who joined protests in Shanghai told the BBC.

There are powerful images in here — you have probably seen some of them — of demonstrations packed with people holding nothing but empty signs. That gesture is, to my eyes, just as effective as anything which could be written on the pieces of paper.

Yang Jie and Aaron Tilley, also for the Journal:

In recent weeks, Apple Inc. has accelerated plans to shift some of its production outside China, long the dominant country in the supply chain that built the world’s most valuable company, say people involved in the discussions. It is telling suppliers to plan more actively for assembling Apple products elsewhere in Asia, particularly India and Vietnam, they say, and looking to reduce dependence on Taiwanese assemblers led by Foxconn Technology Group.

Turmoil at a place called iPhone City helped propel Apple’s shift. At the giant city-within-a-city in Zhengzhou, China, as many as 300,000 workers work at a factory run by Foxconn to make iPhones and other Apple products. At one point, it alone made about 85% of the Pro lineup of iPhones, according to market-research firm Counterpoint Research.

Josh Horwitz, Reuters:

A Reuters analysis of Apple’s supply chain data shows China’s prominence in the company’s global manufacturing is declining: In the five years to 2019, China was the primary location of 44% to 47% of its suppliers’ production sites, but that fell to 41% in 2020, and 36% in 2021.

Stephen Shankland and Oscar Gonzalez, CNet:

Apple will be using microchips produced by the Taiwan Semiconductor Manufacturing Co. factory based in Phoenix, CEO Tim Cook said Tuesday at the event for the facility’s upcoming expansion.


The new chips won’t be powering next year’s iPhones, though, because building fabs takes a long time. TSMC broke ground on its 5nm fab in April 2021, and it won’t start producing chips until 2024. The newly announced 3nm fab won’t make chips until 2026.

John Gruber:

Hard to overstate how important it will be if TSMC starts turning out world-class chips from Arizona. For Apple, yes, but more so for the world, overall, to get leading-edge fabrication out from under the thumb of China.

The timing of these articles is curious. It would be reasonably easy to conclude Apple is stepping up its efforts to diversify device manufacturing because of reduced iPhone 14 Pro production numbers instead of China’s human rights abuses. But these efforts have likely been underway for a while. It would be impossible to shift Apple’s supply chain within a matter of weeks or months; Counterpoint Research says a timeframe of years is more likely. And, as Gruber writes, a diversifying electronics manufacturing industry allows for more flexibility for every company in the business, not just Apple.

Until that happens, however, Apple remains in a tense relationship with policymakers in China. It recently altered AirDrop in the country in a way that makes it more tedious for demonstrators to directly exchange information. Apple, powerful and rich as it is, remains under the influence of not wanting to upset lawmakers in the country it most relies upon. Many people have observed how unlike the Cook doctrine it is for Apple to be so dependent on third-party manufacturing: is device assembly not a “primary technology” the company should “own and control”? But he was primarily responsible for Apple’s migration to contract factories when he was hired in 1998. It was a choice that contributed to Apple’s ability to survive its bleakest time; now, nearly twenty five years later, it looks increasingly like a liability.

Apple Launches Self Service Repair in Eight European Countries


Apple today announced Self Service Repair is now available in eight European countries, providing repair manuals and genuine Apple parts and tools through the Apple Self Service Repair Store. Customers who wish to complete their own repairs will be able to perform many of the most common repairs for the iPhone 12 and iPhone 13 lineups, and Mac notebooks with Apple silicon.

When Apple launched its Self Service Repair option, I wondered about its future and the company’s ongoing repairability commitments. Bringing it to European countries is both fulfills its promise to expand there this year, and a sign Apple knows in which direction the wind is blowing. But while you can buy parts for M1 Mac laptops and those older iPhone models, parts for desktop Macs, M2 models, and the iPhone 14 and 14 Pro remain unavailable. The dearth of iPhone 14 parts seems particularly notable as it is easier and faster to repair than its predescessor, so even more people should be able to do it.

Following Its Acquisition by Getty, Unsplash Now Has a Subscription Option

In March 2021, the stock photography giant Getty Images acquired free stock photo site Unsplash. Unsplash said it would remain free under its new ownership. So, how is that going?


We are excited to announce the launch of Unsplash+.  An Unsplash+ subscription gives you access to curated content that is royalty-free and available for commercial use. Members will get access to a constantly growing library of premium visuals that are not available in the free Unsplash library, and enjoy an ad-free experience on Unsplash.com.

This was announced at the beginning of October but I had missed it until yesterday when I was combing through the site for a few images. And, in fairness, it does not mean Unsplash is no longer free. Unsplash Plus is a low cost subscription offering unique images protected by a more protective license in addition to the existing free library.

Still, the way Unsplash rolled this out makes using the site more frustrating if you are not a subscriber. A typical search results page now mixes Unsplash’s classic free-to-use images with “Plus” images. I have updated my browser CSS file to more clearly differentiate these images by adding a heavy blur.

My Social Media Is in an Mac App, or It’s Nowhere

Jason Snell:

[…] But if Mastodon gets enough community gravity to make me want to pay more attention, I’ll need an app. There are a lot of Mastodon client apps out there, and I’ve tried several of them, but none of them are really good enough or polished enough for me to use regularly. The truth is that modern Twitter clients have set the bar pretty high.

I am already finding this the biggest limitation to my adoption of Mastodon on the Mac. There are a few great iOS clients — I have been using Mammoth and I like it a lot — but I have not found a delightful native client for MacOS. I have found enough people to follow that my timeline is buzzing. What I am missing is Mac window chrome around it and an icon in my Dock.

NSO Group’s Claim of Sovereign Immunity Will Likely Fail, Increasing Legal Pressure

Ellery Roberts Biddle, of Authoritarian Tech, after linking to a series of stories about the extreme oppression faced by people in China and Tigray, in Ethiopia — stories which should not be ignored, mind you — in an update about Meta’s suit against NSO Group:

This is why the legal challenge against the Israeli tech giant is so significant. After the original filing, NSO responded with its own court petition, seeking “sovereign immunity” from legal challenges in the U.S., arguing that it was merely acting as a contractor of foreign governments. But this tactic now looks likely to fail. In an amicus brief filed last week, the U.S. Justice Department issued a stern rebuke to NSO’s petition, noting that “no foreign state has supported NSO’s claim to immunity” and that NSO has “not even identified the states for which it claims to have acted as an agent.”

You have to wonder if the outcome would be different had a state stepped up to admit it used NSO Group’s spyware products — particularly a U.S. ally. Sure makes it a risky time to be in the spy-for-hire software business.

Inside the Investigation That Took Down AlphaBay and Hansa

Andy Greenberg, author of “Sandworm”, has a new book out called “Tracers in the Dark” about the new investigative techniques to find criminals who use Tor and cryptocurrencies. Over the past month and a half, Wired has dripped out a lengthy excerpt from the book. The final part was published this week and I spent today reading the whole thing in full.

It leaves much to think about. There are huge ethical questions with unsatisfying answers. For example, Hansa was secretly operated by Dutch police for about a month before it was shut down. But when Greenberg asked investigators whether they had any qualms about facilitating thousands of drug sales, they seemed to give it little thought.

Nevertheless, it is an extraordinary look into a large and expertly coordinated investigation of a modern-day drug market kingpin, well narrated by Greenberg. I was a big fan of “Sandworm”, and I am looking forward to this book becoming available for me at my library.

Apple’s Advertising Spend on Twitter

I made a mistake. In my piece about the first month of Twitter’s new ownership at the hands of someone who is, at best, an unreliable narrator of his own reality, I did not add the word “alleged” to the phrase “Apple’s reduced advertising spend”. For some unknown reason, I decided that was the one claim I could take literally, even though the person making that claim is, at best, an unreliable narrator of his own reality.

Thomas Germain, Gizmodo:

The data contradicts Musk’s claims that the iPhone maker “mostly stopped advertising on Twitter.” Apple’s Twitter advertising purchases actually grew from October to November, Pathmatics’ research showed. Apple spent $1,005,784 on Twitter ads in the first 28 days of November, already more than that company’s October budget of $988,523, according to the analytics firm.

Yesterday, Musk said during a Twitter Spaces broadcast that Apple had “fully resumed” its advertising spend, just days after he claimed it had “mostly stopped” its Twitter ads. Neither of these claims is believable and I regret the error on my part.

Update: Ryan Mac, Mike Isaac, and Kate Conger of the New York Times report Apple paused its Twitter ad spending on November 19 following the mass murder at Club Q. This pause was over a week before Musk complained, and Pathmatics’ analysis indicates Apple’s spending from November 1 through when it paused spending was still higher than that of the previous month.

Apple Continues to Tease Lossless Support in Future AirPods

Kashfia Kabir, What Hi-Fi?:

And the longer it goes on, the more the question needs repeating. Is hi-res audio a priority for Apple?

[AirPods engineer Esge] Andersen remains coy, saying that while audio quality is always a priority, “it is important to understand that we can still make big strides without changing the codec. And the codec choice we have there today, it’s more about reliability. So it’s about making something robust in all environments.”

Lossless support was rumoured for the second-generation AirPods Pro models since Bluetooth 5.0 is capable of 16-bit, 44.1 kHz streaming. But Apple Music streams files up to 24-bit and 192 kHz. Even if it is not possible to hear the difference with human ears, I am sure Apple would love to be able to say some version of its AirPods stream bit-perfect high-resolution audio — eventually.

The Twitter Fizzle

Todd Spangler, in a mess of a Variety article:

The new disclosures, touted as “The Twitter Files,” were posted in a lengthy Twitter thread by investigative reporter and author Matt Taibbi (and retweeted by Musk). It’s based on “thousands of internal documents obtained by sources at Twitter,” according to Taibbi — shared with him, it would appear, with the blessing of Musk, the conservative tech mogul who is the world’s richest person.

In his newsletter, Taibbi said the process which produced this thread began four days prior and acknowledged he “had to agree to certain conditions” to cover it. Presumably, two of those conditions were to tweet his findings instead of putting them behind a paywall in his newsletter, and to not acknowledge Musk as the source of these documents.

If you are blessedly unaware of the backstory for Taibbi’s supposed blockbuster thread, Andrew Rice and Olivia Nuzzi reported it out back in September in New York magazine, except without nearly as much drama. Or you can read the story from Kate Conger and Mike Isaac, published in the NYT two days after the New York Post published its story about Hunter Biden’s laptop. Taibbi’s thread today backfilled context from Twitter’s side, but it does not undermine past reporting on Twitter’s decision.

But you might not know that if you read Spangler’s story:

“Twitter took extraordinary steps to suppress the story, removing links and posting warnings that it may be ‘unsafe,’” Taibbi wrote. “They even blocked its transmission via direct message, a tool hitherto reserved for extreme cases, e.g. child pornography.”

This is untrue by omission. As Micah Lee has repeatedly written, Twitter has used this tool to prevent distribution of Distributed Denial of Secrets materials. Under the same policy, it briefly blocked links to the Post story — which is what it said at the time — before lifting the block. This appears to be a rare demonstration of consistency in moderation. But it does not block Wikileaks links, raising questions about why DDoSecrets continues to be prohibited.


Musk, commenting on the reaction to the “Twitter Files,” tweeted, “Twitter acting by itself to suppress free speech is not a 1st amendment violation, but acting under orders from the government to suppress free speech, with no judicial review, is.”

What Musk is referring to here is that someone on Biden’s campaign team emailed Twitter with links to tweets containing nonconsensual nude images of Hunter Biden and others. There was almost no context in the email Taibbi published, and he did not add any aside from saying it was sent by a Biden staffer. But — and I cannot believe I need to say this, but — it matters what was in the tweets! The publication of nonconsensual or “revenge” pornography has long been prohibited on Twitter, and it is illegal in many regions. The removal of these specific tweets is not some kind of mysterious coverup.

What Musk does not say — and Spangler does not clarify — is that this entire ordeal took place before the presidential election. When these tweets were reported by Biden staff members, they were not acting as government officials. Twitter’s ability to decide whether to take action against its users and its internal processes for doing so is exercising its free speech in both law and spirit.

Perhaps the biggest wet blanket in Taibbi’s thread was his confirmation that government representatives were not involved in any moderation decisions around this story. Some staff members at Twitter decided all on their own that the Post story ran afoul of the site’s rules in a way that made sense at the time, and then some others raised questions about the decision, and then it was reversed. All of this was known already and was admitted by the company’s representatives.

Taibbi says tonight’s thread is just the first reporting he will do based on the documents leaked to him by Musk or someone acting on his behalf. I am sure there are people waiting for some smoking guns that prove some kind of specific political moderation bias, though one has yet to be seen in Twitter’s moderation decisions. I am certain there are going to be some embarrassing conversations in those files, especially for people who still work at Twitter and whose internal communications appear to have been unceremoniously dumped in the lap of a writer by the company’s new owner. But this thread? It is a mildly interesting distraction from Twitter’s current and much bigger problems.

I feel the worst for Hunter Biden, whose private struggles are treated by the worst kind of people as fodder for winning the political meme war. If the most serious allegations are true, which imply corruption of his now-President dad, that is a different story. For now, it is simply an exploitative and dehumanized glimpse into the darkest parts of his life.

Andreessen Horowitz Stops Producing Marketing Gunge at Future.com

Hey, remember Future — the kind with an uppercase F? It launched last June as a way for Andreessen Horwitz to promote its investment activities, almost explicitly:

“We want to write about stuff we know and that we invest in,” says [Margit] Wennmachers. This includes topics like crypto, biotech, fintech and real-estate, which all have dedicated partners at the firm.

Wennmachers’s job title at A16Z is “Operating Partner, Marketing” and was part of Future’s leadership. At the time of its launch, she said it was a long-term investment and effort, and I suppose fifteen months is long-term by somebody’s standards.

Rob Price and Melia Russell, Insider:

Future hasn’t published a new article in months, most of its editorial staffers have left, and its newsletter is defunct. A source familiar with Andreessen Horowitz’s content strategy confirmed to Insider that Future is shutting down.


Andreessen Horowitz remains committed to “going direct” and plans to continue to crank out content at a regular cadence, a person familiar with the firm’s content strategy said, but such material will live on its main website instead. A16z concluded over the past year that it wasn’t worth spending the time and energy building a new, separate brand given the firm’s prominence, the person added.

Jeff John Roberts, Fortune:

[…] As several people in Silicon Valley have told me, the firm wants to be another William Morris talent agency that mints celebrities—but with a client base composed of tech geeks and crypto oddballs rather than singers and actors. […]

For more on A16Z’s political and cultural ambitions, see last week’s Fortune feature by Eric Newcomer and Jessica Mathews.

Google Is Rolling Out ‘Side Rail’ Ads in Two Weeks

Thomas Germain, Gizmodo:

Sure, the internet is great, but it has a serious flaw. There just aren’t enough ads. If you’re anything like me, you spend your time online casting your eyes across the screen, desperately hoping for another way to turn your attention into advertising revenue. At last, there’s some good news on that front, thanks to our hardworking friends in the tech industry. Starting December 23rd, Google is launching a new ad format called called “side rails” that will use show up on the sides of webpages and keep you company as you scroll.

According to Google’s documentation, these ads will actually begin appearing December 13, and they will automatically be switched on for any AdSense user who also uses anchor ads. All I want for Christmas this year is to make the web harder to read and, by golly, will Google deliver.

Wordle Answers Are Now Preselected Instead of Randomized

Everdeen Mason, New York Times:

Now we can shift our work to editing the puzzle. Tracy Bennett, who joined The Times as an associate puzzle editor in 2020, will be the editor of Wordle. The game will have a Times-curated word list and will be programmed and tested like the Spelling Bee and the Crossword.

This includes themed answers, like last week’s DRIVE and FEAST which were chosen for American Thanksgiving. If there is one thing Wordle players wanted, it is for the Times to strip away the randomized fun and inject a serious sense of predictability.

Google Still Preserves Records of Sensitive Location Searches

Johana Bhuiyan, the Guardian:

The tech advocacy group Accountable Tech conducted an experiment in August and October to test Google’s pledge. Using a brand new Android device, researchers with the group analyzed their Google activity timeline, where the company shows what information is logged about an account holder’s actions. This activity helps make Google’s services “more useful” to users, according to the company – for instance, by “helping you rediscover the things that you’ve searched for, read and watched”. However, any information collected by Google is potentially subject to law enforcement requests, including the data logged in “My Activity”.

The group found that searches for directions to abortion clinics on Google Maps, as well as the routes taken to visit two Planned Parenthood locations, were stored in their Google activity timeline for weeks after it occurred. At the time of this article’s publication, the information was still stored and available at myactivity.google.com.

Not exactly surprising but still worrisome. In a narrower scope, it points to Google’s confusing mess of privacy settings, in which it treats location privacy as separate from searches and directions in Google Maps. The best thing you can do right now, regardless of who you are or what you think you will search for in the future, is to turn off Web and App Activity.

If you widen the scope, though, it is obvious such controls should not be left up to individual users to figure out, nor should it the decision of specific data brokers whether to retain or flush sensitive information. This is a systemic issue that requires a systemic legislative response.

Extension of Copyright Law in Canada Will Take Effect on December 30, Threatening Public Domain

Andrea Mills, of Internet Archive Canada:

With the passing of Bill C-19 this past June, the Copyright Act was amended to extend the term of copyright for literary, dramatic or musical works and engravings to life of the author plus a period of 70 years following the end of the calendar year in which that author dies. What was unclear at the time of royal assent was WHEN exactly this would come into force — if on or after January 1, 2023, one more year of works would enter the public domain. Unfortunately, we now know that this date has been fixed as December 30, 2022, meaning that no new works will enter the Canadian public domain for the next 20 years.

At the time, the Minister of Justice prepared a customary statement summarizing the likely effects of the bill, and blamed these changes on the 2018 revisions to NAFTA:

This legislation implements one of Canada’s obligations under the Canada–United States–Mexico Agreement, is consistent with that of many other nations, and may support Canadian creators in the international marketplace.

Timothy Vollmer of Creative Commons pointed out how much this kneecaps the public domain and threatens new creative works. A disappointing development, to be sure.

MacBook ‘Butterfly’ Keyboard Class Action Settlement Receives Preliminary Court Approval

According to a filing today in the “butterfly” keyboard lawsuit, the class action settlement has been approved. If you are part of the class — that is, a U.S. buyer of a 2015–2019 MacBook, MacBook Air, or MacBook Pro model, and you had the keyboard repaired or a keycap replaced — you will receive your notice beginning December 12.

I am writing this in part to once again express my dismay that this suit was settled before substantial information was made public about this keyboard’s development and failure rate. I am sure there is an interesting story here. This specific era of Mac hardware made for a frustrating time to be an Apple customer, and it would be cathartic to understand it more deeply. I hope someone will tell it.

One Wild Month

We are officially one month into Elon Musk’s ownership of Twitter. One month of needlessly cruel layoffs, of cozying up to far right goons, of uncertainty about the direction my favourite bar is taking. It is under new management which thinks few people are unwelcome to stay regardless of their behaviour, and fired most of the bouncers so there are fewer people keeping an eye out for things that drive others away. At best, he is spineless. At worst, he is enabling and even welcoming terrible people; that is certainly how they read it.

Is it any wonder advertisers are reportedly spooked?

Now he has decided to take on what used to be his biggest advertiser after they, in the words of Musk, “threatened to withhold Twitter” from the App Store, apparently without explanation. But it does not take a close Apple watcher to speculate on why it would be newly concerned about the Twitter app: it requires all apps which permit user submissions to have functional filtering, blocking, and reporting mechanisms. This is not a mystery. Apple is probably — understandably — worried about Musk’s statements and the laying off of thousands of moderators. In fairness, Twitter does not have a spectacular track record of ridding its platform of even the most heinous material but, also in fairness, eliminating all but one person tasked with removing CSAM in the world’s most populous region will make it harder to solve this problem, despite claims to the contrary.

Musk framed Apple’s reduced advertising spend as an attack on free speech. That is a wild accusation to throw at a company that, as Jason Koebler at Vice pointed out, twice challenged the FBI when the Bureau attempted to compromise encryption. Apple’s control of native app distribution on iOS devices means it is uniquely positioned to influence acceptable limits of speech and, as Musk also complained about today, it extracts fees from digital businesses. Those are also concerning factors — ones which I have repeatedly writen about. But Musk has no credibility in framing its ad spending as a free speech issue.

Of note, Twitter has also been a staunch defender of free speech. This bar I love has long been home to anonymous users and a crack legal team pushing back against worldwide interference. It has also established internal boundaries to try to improve the comfort of its guests. Many of the people making those decisions have been pushed out, replaced by people more obedient to the whims of an owner who believes none of that is necessary. He says he will comply with regulators while laying off staff responsible for that. This bar is filling up with assholes who are making many of us uncomfortable and driving some away. Hopefully, the new spot can fill the void. Even so, it still feels like a loss.