Pixel Envy

Written by Nick Heer.

After Twitter’s Acquisition of Scroll, Nuzzel Will Be Shutting Down

Scroll owns Nuzzel; Twitter is buying Scroll. Scroll’s CEO, Tony Haile, wrote about what that means for Nuzzel. Got all that? Cool:

We acquired Nuzzel in late 2018 when we realized that if we didn’t, Nuzzel would shut down. We believed that Jonathan Abrams and team had created something special: a way to make sure you never missed the important story or lost the context of a moment, delivered in a way that emphasized time well spent. We didn’t want to see that go away because it was ahead of its time.

[…]

When Twitter approached us about bringing Scroll into their broader subscription plans, all sides were excited about what we could do with Nuzzel and spent weeks trying to find a way to bring it with us. In the end, we found that the only way for Nuzzel to meet the scalability requirements necessary for a company like Twitter was to rebuild the service from scratch.

Nuzzel is the quintessential expression of what Twitter hopes developers will do with its public APIs. So much time and effort has gone into making it difficult to build superior third-party Twitter clients, with the promise that what Twitter wants are apps like these. Nuzzel surfaced popular links shared by the people you follow and their friends — and that’s mostly it. How great is that? Instead of relying on Twitter’s black box algorithm for surfacing interesting tweets, it is purely based on what is popular; trending links without the trending topic baggage.

But, much like Favstar and Stellar before it, and Favrd before that, Nuzzel seems to have been too good and too simple to last as an independent product. What a pisser.

Apple Expands Its Ad Business With a New App Store Ad Slot

Sarah Perez, TechCrunch:

At the same time as it’s cracking down on the advertising businesses run by rivals, Apple is introducing a new way for developers to advertise on the App Store. Previously, developers could promote their apps after users initiated a search on the App Store by targeting specific keywords. For example, if you typed in “taxi,” you might then see an ad by Uber in the top slot above the search results. The new ad slot, however, will reach users before they search. This can expose the app to a wider audience.

At first glance, it looks a little hinky for Apple to expand its advertising options just a couple of weeks after companies like Facebook spent months equating the introduction of App Tracking Transparency with harming ad-supported businesses overall. But I think this is a good example of how advertising can work in a privacy-friendly way. Check out the targeting options available to developers for these campaigns. The only available targeting that resembles tracking is displaying an ad based on whether someone has already downloaded the app, and it respects the universal tracking opt-out.

My main objection to these ads is that they are gumming up the App Store. Internal Apple emails show a strategy of making the App Store feel like Nordstrom, but the mix of crappy apps and frequent advertising are more like a yard sale. However, in those internal emails, a couple of employees pointed out that shady developers were already paying marketing companies to juice their apps’ positions in the store, so why not make it official? I see where that argument comes from; I wish the App Store was better than any of this.

The California Exception

You know how I linked to that New York Times editorial pleading for regulation of dark patterns? Turns out I missed something in the Timesconvoluted cancellation policies. They give you the choice of speaking with someone over the telephone or speaking with someone using an instant messenger. Both have similar hours of operation, but the latter has a curious carve-out:

Click the “Chat” button to the right or bottom of this page to chat with a Care Advocate. Chat is accessible between 7 a.m. and 10 p.m. E.T. on Monday – Friday, and 7 a.m. and 3 p.m. E.T. on weekends and holidays (or 24 hours a day 7 days a week for subscribers in California).

It turns out you have the luxurious option of cancelling at your own discretion in California because there is a law that mandates more flexible unsubscribe options than the Times’ dark patterns permit.

Shan Wang, writing for Nieman Lab in 2018 (via Mustapha Hamoui):

But a California law that went into effect July 1 aims to stop companies from blockading customers looking to cancel their services — along with the practice of sneakily sliding them into another month’s subscription without much clarity on the real, full cost of the service. Among the changes: It bans companies from forcing you to, say, call a hard-to-find telephone number to cancel a subscription that you purchased online.

Once again, I point to Greg Bensinger’s final paragraph in that Times editorial:

Companies can’t be expected to reform themselves; they use dark patterns because they work. And while no laws will be able to anticipate or prevent every type of dark pattern, lawmakers can begin to chip away at the imbalance between consumers and corporations by cracking down on these clearly deceptive practices.

The Times could certainly apply its comparatively generous cancellation policies for Californian users to all subscribers who wish to cancel. There is nothing stopping it from doing so, but it will clearly delay doing so until mandated by national lawmakers.

Facebook and the Weather Network Are Sending Users on an All-Expenses Paid Guilt Trip

Kim Lyons, the Verge:

Facebook is continuing its campaign against Apple’s iOS 14 privacy updates, adding a notice within its iOS app telling users the information it collects from other apps and websites can “help keep Facebook free of charge.” A similar message was seen on Instagram’s iOS app (Facebook is Instagram’s parent company).

You think Facebook’s threat of having to pay to use its services is bad? Wait until you see what Canada’s own Weather Network has cooked up.

Ashkan Soltani:

Well that escalated quickly ;)

“The @weathernetwork helps SAVE LIVES! Allow us to track your activity across apps?”

(Subtext: people will *die* if you block tracking in @Apple iOS14…)

Weather apps are among the greatest abusers of users’ privacy. That is not true for all weather apps — Hello Weather, Carrot, and many others have reassuring privacy policies — but the ones from big companies like the Weather Network, the Weather Channel, and AccuWeather share user data widely. I am disappointed Apple allowed such a disingenuous description in the Weather Network’s permissions request prompt.

A New York Times Editorial Board Member Calls for Regulation of Dark Patterns

New York Times editorial board member Greg Bensinger:

Consider Amazon. The company perfected the one-click checkout. But canceling a $119 Prime subscription is a labyrinthine process that requires multiple screens and clicks.

Or Ticketmaster. Online customers are bombarded with options for ticket insurance, subscription services for razors and other items and, when users navigate through those, they can expect to receive a battery of text messages from the company with no clear option to stop them.

These are examples of “dark patterns,” the techniques that companies use online to get consumers to sign up for things, keep subscriptions they might otherwise cancel or turn over more personal data. They come in countless variations: giant blinking sign-up buttons, hidden unsubscribe links, red X’s that actually open new pages, countdown timers and pre-checked options for marketing spam. Think of them as the digital equivalent of trying to cancel a gym membership.

Design patterns like these sure are unethical, often forcing people to spend a great amount of time to understand byzantine systems of purchasing options and unsubscribe methods.

By the way, how does someone cancel, say, a New York Times subscription?

Speak with a Customer Care Advocate

Call us at 866-273-3612 if you are in the U.S. Our hours are 7 a.m. to 10 p.m. E.T. Monday to Friday, and 7 a.m. to 3 p.m. E.T. on weekends and holidays.

[…]

Chat with a Customer Care Advocate

The Times calls these two choices — speaking or chatting — “several ways to unsubscribe”, but they both rely on someone else cancelling your subscription. A subscriber has no way of doing so themselves. This arduous process is so well-known that it is in the new Dark Patterns Hall of Shame. But, though Bensinger writes extensively about dark patterns and even links to that Hall of Shame, he does not once acknowledge the Times’ subscription cancellation policies, which makes his concluding paragraph especially rich:

Companies can’t be expected to reform themselves; they use dark patterns because they work. And while no laws will be able to anticipate or prevent every type of dark pattern, lawmakers can begin to chip away at the imbalance between consumers and corporations by cracking down on these clearly deceptive practices.

Clearly.

Big Tech’s Surging Growth

Shira Ovide, New York Times:

The U.S. economy is cranking back from 2020, when it contracted for the first time since the financial crisis. But for the tech giants, the pandemic hit was barely a blip. It’s a fantastic time to be a titan of U.S. technology — as long as you ignore the screaming politicians, the daily headlines about killing free speech or dodging taxes, the gripes from competitors and workers, and the too-many-to-count legal investigations and lawsuits.

America’s technology superpowers aren’t making bonkers dollars in spite of the deadly coronavirus and its ripple effects through the global economy. They have grown even stronger because of the pandemic. It’s both logical and slightly nuts.

Richard Waters, Financial Times:

Big Tech’s increasingly outsized impact on the world of business can best be summed up by just two numbers.

One is the combined revenue of Alphabet, Amazon, Apple, Facebook and Microsoft, which jumped 41 per cent in the first three months of this year, to $322bn. That points to a rapid acceleration in growth that the leading tech companies have not seen in years, even as they have become some of the world’s biggest companies.

The other is the companies’ profit growth, which has been even more spectacular. After-tax earnings for the five soared by 105 per cent from the previous year, to $75bn. Profit margins rose strongly across the sector, as the biggest companies benefited from the economics of scale while keeping a wary eye on cost expansion during the pandemic.

Waters has a set of charts showing the revenue change at each of those five companies. Aside from the wild growth at four of those companies, the most striking thing to me is the consistency of Microsoft’s revenue. It has grown somewhere between ten and twenty percent per quarter since some time in 2018 — including during the pandemic when every other large tech company was making bank. I assume that is because a bunch of people sold their old computers with Facebook ads, then bought shiny new iPads to use with their company’s existing Office 365 subscription.

By the way, if you think Apple’s margins are grotesque, hold your breath when you see Facebook’s and Microsoft’s. Sure paints a completely different picture of the economy than many people are experiencing.

Epic Games v. Apple Trial Opens With Random People Incoherently Screaming

Matthew Gault, Vice:

Thanks to COVID-19 and general interest in the case, the District Court in California set up a public phone line where the public could call in and listen in to the proceedings.

As first spotted by QZ tech reporter Nicolás Rivero, the phone lines weren’t muted and gamers called in to talk about Fortnite and mention their favorite streamers.

This is more-or-less exactly how I expected this trial to begin.

The E.U. And Australian App Store Antitrust Investigations

The European Commission:

The Commission’s concerns, as outlined in the Statement of Objections, relate to the combination of the following two rules that Apple imposes in its agreements with music streaming app developers:

  • The mandatory use of Apple’s proprietary in-app purchase system (“IAP”) for the distribution of paid digital content. Apple charges app developers a 30% commission fee on all subscriptions bought through the mandatory IAP. The Commission’s investigation showed that most streaming providers passed this fee on to end users by raising prices.

  • “Anti-steering provisions” which limit the ability of app developers to inform users of alternative purchasing possibilities outside of apps. While Apple allows users to use music subscriptions purchased elsewhere, its rules prevent developers from informing users about such purchasing possibilities, which are usually cheaper. The Commission is concerned that users of Apple devices pay significantly higher prices for their music subscription services or they are prevented from buying certain subscriptions directly in their apps.

Note carefully what the Commission is saying: it is not either but both. The combination of these two rules — combined with the rest of Apple’s first-party advantages, like being able to advertise across its platforms — make it onerous for other music streaming services to compete with Apple Music. You could make a similar argument about Apple’s other services and the third-party services they compete against, but the Kindle marketplace and streaming video services other than Apple TV Plus seem to be doing okay.

Tom Warren, the Verge:

Spotify previously claimed that Apple uses its App Store to stifle innovation and limit consumer choice in favor of its own Apple Music service. That complaint was followed up with a similar one by Rakuten, alleging that it’s anti-competitive for Apple to take a 30 percent commission on ebooks sold through the App Store while promoting its own Apple Books service.

Epic Games also joined many developers and companies opposing Apple’s App Store policies, and filed an antitrust complaint with the EU earlier this year. It’s part of an ongoing dispute with Apple, after the Fortnite developer publicly criticized Apple’s App Store policies around distribution and payments. This resulted in Epic attempting to circumvent Apple’s 30 percent cut on in-app purchases in Fortnite, and Apple quickly removing the game from its App Store.

Meanwhile in Australia:

The ACCC’s second Digital Platform Services Inquiry interim report finds that Apple’s App Store and Google’s Play Store have significant market power in the distribution of mobile apps in Australia, and measures are needed to address this.

From the report (PDF):

The ACCC’s examination of the operation of the Apple App Store and the Google Play Store in Australia has identified a number of significant issues which warrant attention. These include: the market power of each of Apple and Google; the terms of access to app marketplaces for app developers, including payment arrangements; the effectiveness of self- regulation, including arrangements to deal with harmful apps and consumer complaints; and concerns with alleged self-preferencing and the use of data. These issues affect competition with potentially significant impacts for both app developers and consumers.

Michael Tsai has a good collection of developer and press reactions to the App Store antitrust investigations in both of these regions.

This is the flip side of Apple’s long-mandated subscription rules — developers are increasingly furious at the gatekeeping imposed by the company on a majority of smartphone users in the United States and Japan and a large percentage of other markets like Australia and the United Kingdom. Apple’s commission-based model works because it is the easiest — and sometimes only — way to reach all of these users.

The irony of Apple’s model for third-party developers is that it would have an easier time if it were more selective about which apps were allowed to be on its platform. If the iPhone were only open to developers that Apple preselected — something like the old Apple TV model — it would simplify the argument that iOS is not a wholly open platform. By opening it up just enough — by allowing developers to build apps but not launch them without complying with the App Store’s rules, and by mandating that the App Store is the only avenue for distribution — it has written policies that amount to rent-seeking.

Regardless of the outcome of these legal battles, Apple’s position makes its platforms worse for consumers in the long term. Apple can keep playing these games over how it splits revenue with developers, nitpicking app text so that it becomes vague and unhelpful, finding circuitous paths where a digital purchase may not use in-app purchases, and so on, but users always lose. Apple has often had poor developer relations, but it is worrisome that it has broken down into an adversarial relationship with so many high-profile companies.

Resetting the App Store

The European Commission on Friday issued what it called its “preliminary view” of Apple’s allegedly anticompetitive market position in streaming music; the Epic Games trial begins today. I thought this piece from Benedict Evans was a good overview of some of the what-ifs:

$10-15bn [in App Store commissions] is real money, even for Apple, but it’s much more interesting to ask what else might change. There’s a small number of businesses where Apple’s payment rules were prohibitive, in Steve’s words, or at least made things very difficult — most obviously, ebooks and music. What other businesses do use Apple’s payment but would be fundamentally different if they had that extra margin? And what never happened at all? What products could not be built because of the ways that Apple’s sandbox works, that now might change? How significant are the changes in payment models I suggested above?

One could say that this is the classic unanswerable counter-factual — we don’t know what doesn’t exist. But a partial answer is to look at Google’s Android, which has always been run with much looser controls. Name ten really big, important, widely used Android apps that don’t exist on iOS. The obvious one is Chrome (there is an iOS Chrome app but it has to use Apple’s WebKit rendering engine), but what else? No, not something that you use, but something with hundreds of millions of users — that’s what scale means in consumer tech today.

John Gruber’s commentary from ten years ago, when Apple mandated the use of its own in-app purchase system for subscriptions, generally holds up. There are some detail quibbles — Apple has introduced tiers of commissions and created various carve-outs and rule relaxations which amount to a modest minefield for developers — but this is prescient:

This is what galls some: Apple is doing this because they can, and no other company is in a position to do it. This is not a fear that in-app subscriptions will fail because Apple’s 30 percent slice is too high, but rather that in-app subscriptions will succeed despite Apple’s (in their minds) egregious profiteering. I.e. that charging what the market will bear is somehow unscrupulous. To the charge that Apple Inc. is a for-profit corporation run by staunch capitalists, I say, “Duh”.

This has turned out to be entirely true.1 Have Apple’s rules have been an impedance to the growth of companies that depend on subscriptions? That is certainly a tough argument to make. Fortnite effectively printed money for Epic Games even after Apple’s commission. Apple’s statement to the press on the E.U. music streaming findings takes some credit for Spotify’s success; unsurprisingly, mobile users have been key to Spotify’s growth for years, coincidentally since around the time Apple launched this in-app subscription model.

I am not arguing this is right, fair, just, legal, or best for everyone. I really do think Apple pushed its luck too far by making few changes over time and being overly protective of every possible hole in this business model; now, it may end up that regulators will set some of the rules instead of Apple. More importantly, I think a lower commission rate really would make a difference for independent developers that build mostly or exclusively for Apple’s platforms, as they are what makes buying into this ecosystem such a draw. You can get Netflix pretty much anywhere, but you can’t get Deliveries or Obscura or Things or Tweetbot on an Android phone. I wonder what some of those developers could do if they had some of the money that Apple is now using to buy back shares.

But for the big companies that are instigating these lawsuits, Apple’s platforms have netted huge rewards. In-app purchases have unquestionably worked in these developers’ favour. Everyone who thinks that the App Store rules should be overhauled — which is something I agree with — or that sideloading should be permitted on iOS should see this as a ten year counterargument.


  1. Unfortunately, the next and final sentence did not fare quite as well:

    If it works, Apple’s 30-percent take of in-app subscriptions will prove as objectionable in the long run as the App Store itself: not very.

    Now that every developer sees how much money they are required to hand over to Apple if they want to allow purchases in their apps, the pitchforks have never been sharper. ↩︎

Spring

Where I live, my balcony overlooks most of the financial hub of the city. Calgary has the greatest amount of office space per capita of any city in Canada — and, right now, it is lifeless. Has been for over a year. Every now and again, I spot someone walking around one of the floors of the building nearest me, perhaps a member of the maintenance staff or someone coming in to grab a file. Mostly, though, there are only artifacts of the people who used to work there. Some of them have settled into their home offices; some have perhaps been laid off.

I am one of the lucky ones who gets to work from home. I cannot complain. But my apartment gives me a high-level view of the still bizarre and difficult circumstances we are living through.

Calgary’s city centre is in a river valley; the majority of residential areas are on the high hills surrounding it. Off in the distance, behind rows of houses, I can see the airport. On a nice evening, I used to sit on the balcony while reading or writing, keeping one eye on the planes. Every couple of minutes there would be another arrival or departure. It was warm this evening; I stood on the balcony with a glass of wine and stared at the airport, and it stared quietly back. It was a long time before I saw an arrival.

Today was a nice summer-like day, particularly after last week’s wintry conditions. It was also the day we recorded the highest number of new cases and the highest total active cases in Alberta since this pandemic began.

The extremes of spring weather in Calgary sure feel like a metaphor for how things are going. The end of this pandemic seems to be in sight as people get vaccinated. The warm days are going to encourage people to spend less time indoors where viral particles suspended in airborne droplets spread and infect. Before we get to the end, we have to get through this new wave of infections — and it is kicking our ass.

There was this great metaphor that I am sure someone tweeted a little while ago, and I cannot find any record of it. It has been stuck in my head for weeks now, and I thought of it while looking out at the airport tonight. It goes something like this: pilots who are disoriented or lost will often be so distracted by trying to figure out where they are that, by the time they have their bearings again, they are at risk of fuel starvation.1

I hope this does not come across as aloof. I have a very comfortable life, all things considered. I get to work from home and I do not have to spend time around people very often, so it can be easy to forget the global emergency we are living through — only to be jolted back to reality. As I was heading back to my apartment after dropping some laundry off, the elevator stopped on another floor. The door opened to reveal someone in a hazmat suit. I found out there is a positive case on that floor.

The warmth of spring feels fake, like a lie nature is telling to distract from the turmoil and suffering and fatigue and loss. I know that something close to normalcy is perhaps months away, and I may be vaccinated within weeks. But the distance between here and there will be measured in deaths as much as it will be in doses. The statistics in this province have never been more alarming and the future has never felt so reassuring. I feel like I am living in a paradox.


  1. If you know who tweeted this, please get in touch. I would like to give them credit. ↩︎

L’Affaire du Magic Keyboard

Nicolas Furno, writing for iGeneration last week and translated by Google:

While the 2021 12.9-inch iPad Pro is broadly similar to the 2018 and 2020 models, the new tablet stands out on one point: it’s thicker, at precisely 0.5mm. It might not sound like much, but it’s enough for Apple to adjust its Magic Keyboard, the iPad Pro’s dedicated trackpad keyboard. And according to the documentation provided to the Apple Stores that we have been able to consult, the old Magic Keyboard is not compatible with the large iPad Pros of 2021.

Documentation apparently supplied to Apple Stores and independently confirmed by the Verge indicated that the new 12.9-inch iPad Pro would be incompatible with the Magic Keyboard released last year. The new iPad Pro is just a hair thicker — or, if you want to be precise, somewhere between six and twenty-eight human hairs thicker.

Predictably, there was much frustration about this, and why not? The Magic Keyboard is a $350 accessory that makes a huge difference in the functionality of an iPad Pro, so you would expect it to last longer than a single generation of product. Plus, one of the advantages of making the keyboard separate from the computer — unlike, say, a laptop — ought to be that you can make major upgrades to one part while not making the keyboard redundant. On the other hand, if the difference in thickness has such a significant effect, why would Apple sell a poorly-fitting Magic Keyboard for a year? And how many people upgrade their iPad Pro every year anyway?

Well it turns out that many of those frustrated posts were in vain, as an Apple support document spotted by Chris Ball today made clear:

The first generation of the Magic Keyboard (A1998) is functionally compatible with the new iPad Pro 12.9-inch (5th generation) with Liquid Retina XDR display. Due to the slightly thicker dimensions of this new iPad Pro, it’s possible that the Magic Keyboard may not precisely fit when closed, especially when screen protectors are applied.

Last week, Matt Birchler tried to understand how much of an impact the size and weight difference of the new model may have on his 2020 Magic Keyboard:

To test out the difference, I took a few sheets of printer paper, which happen to be almost exactly the size of the 12.9” iPad Pro, and stacked 7 of them on top of each other, closed the Magic Keyboard, and checked the fit.

The thing closed perfectly, and frankly didn’t feel any different from what it feels like without the additional thickness.

I guess we will see how true this is when reviewers get their hands on the new iPad Pro but, if you are one of the rare few upgrading your last-generation model immediately, I do not think there is cause for concern. The white one sure looks nice, though.

Apple Sold a Lot of Stuff in Its Second Quarter

Apple also had a quarterly earnings conference call today. A couple of observations based on Jason Snell’s excellent charts:

  • The Mac had its best quarter ever, with $9.1 billion in sales. The last three quarters have been fairly consistent for Mac sales; in reverse order: $9.1 billion, $8.7 billion, and $9.0 billion. The Mac business is booming.

  • At $7.8 billion in sales, the iPad also had one of its best quarters in years, only surpassed by the previous quarter’s $8.4 billion — unless you rewind to Q1 2015, when Apple sold nearly $9 billion worth of iPads. And that was a massive drop from Q1 2014 with about $11.5 billion in iPad sales.

    The rolling average is now trending up after sitting more-or-less flat for about three years, reflecting Apple’s renewed interest in the product. That is a good sign for its long-term health.

In Its Quarterly Earnings Call, Facebook Discusses the Projected Effects of App Tracking Transparency on iOS

Although App Tracking Transparency only shipped this week as part of iOS 14.5, Apple announced it last year, and it got Facebook all riled up. The company has aggressively campaigned against the feature, arguing that it will harm small businesses because, as Facebook’s Dan Levy wrote, precisely targeted ads bring businesses’ costs down:

This affects not just app developers, but also small businesses that rely on personalized ads to grow. Here’s why. Small businesses have small budgets. For these small budgets to work, they have to be targeted at the customers that matter to small businesses. It doesn’t do a local wedding planner any good to reach people who aren’t planning a wedding. Likewise, it doesn’t do a small ecommerce outfit selling customized dog leashes any good to reach cat owners. Put simply, by dramatically limiting the effectiveness of personalized advertising, Apple’s policy will make it much harder for small businesses to reach their target audience, which will limit their growth and their ability to compete with big companies.

This line of reasoning was thoroughly debunked by Facebook’s ex-employees and the Electronic Frontier Foundation’s Andrés Arrieta who pointed out that behaviourally-targeted ads are often more expensive than more weakly-targeted versions because of the many intermediaries taking their cut. These types of ads produce mixed results for advertisers, have little benefit for publishers, are not very well targeted, and require us to sacrifice our privacy with few ways of opting out.

Then, in a Clubhouse chat with Josh Constine last month, Mark Zuckerberg said that Facebook “may even be in a stronger position” after the introduction of App Tracking Transparency because of Facebook’s uniquely large amount of user data. But that was contradicted somewhat in today’s quarterly earnings report in a comment from CFO David Wehner (emphasis mine):

We expect second quarter 2021 year-over-year total revenue growth to remain stable or modestly accelerate relative to the growth rate in the first quarter of 2021 as we lap slower growth related to the pandemic during the second quarter of 2020. In the third and fourth quarters of 2021, we expect year-over-year total revenue growth rates to significantly decelerate sequentially as we lap periods of increasingly strong growth. We continue to expect increased ad targeting headwinds in 2021 from regulatory and platform changes, notably the recently-launched iOS 14.5 update, which we expect to begin having an impact in the second quarter. This is factored into our outlook.

On the call, Wehner said that the impact would be “manageable” due to the company’s increased investments in e-commerce. How much Facebook’s own revenue will be impacted will, as the company says, be seen later this year. This quarter, however, there are no such worries for Facebook.

Barbara Ortutay, Associated Press:

The company said it earned $9.5 billion, or $3.30 per share, in the January-March period. That’s up 94% from $4.9 billion, or $1.71 per share, a year earlier.

Revenue grew 48% to $26.17 billion from $17.44 billion.

But for the small businesses Facebook ostensibly cares about, things got more expensive:

The average price of ads on Facebook grew 30% from a year earlier, while the number of ads increased by 12%.

Alex Heath of the Information on Twitter:

Takeaway from Facebook earnings:

  • Its pricing power for ads is increasing dramatically as Apple makes cheap ads less efficient

  • The business is becoming more efficient as it grows (43% operating margin!) […]

As is often the case for stories about privacy changes — whether regulatory or at a platform level — much of the coverage about App Tracking Transparency has been centred around its potential effects on the giants of the industry: Amazon, Facebook, and Google. But this may actually have a greater impact on smaller ad tech companies and data brokers. That is fine; I have repeatedly highlighted the surreptitious danger of these companies that are not household names. But Facebook and Google can adapt and avoid major hits to their businesses because they are massive — and they may, as Zuckerberg said, do even better. They are certainly charging more for ads.

That is not to say that we should give up and accept that these businesses destroy our privacy to enrich themselves and their shareholders. If we threw in the towel every time we realized that lawmaking was difficult or that laws would be broken sometimes, we wouldn’t have any laws.

You may have noticed my pivot from Apple’s platform rules to a more regulated approach. That is because I maintain that a legal solution is the only correct one. While I am glad this new control exists in iOS, privacy is not something people should buy. And, pursuant to Facebook’s earnings and forecast, there should not be a benefit from the increased scarcity of data due to better privacy controls.

Microsoft Seeks to Replace Calibri as the Default Office Font

Nathan Mattise, Ars Technica:

“Calibri has been the default font for all things Microsoft since 2007, when it stepped in to replace Times New Roman across Microsoft Office,” the Microsoft Design Team opined in Calibri’s de facto obit. “It has served us all well, but we believe it’s time to evolve.”

Calibri is not quite Microsoft’s universal default. As far as I can tell, the default font for user interfaces is still a variant of Segoe, as it has been since Windows Vista’s debut.

As pictured above, the new potential default fonts are called Tenorite, Bierstadt, Skeena, Seaford, and Grandview. All five are sans serifs — shots fired at the legacy of Times New Roman — and the Microsoft Design Team made a case for each when unveiling these new options.

Last time Microsoft refreshed the default typography in Office, it introduced six typefaces beginning with C: three sans-serifs in Calibri, Candara, and Corbel; two serifs, Cambria and Constantia; and Consolas, a monospaced choice. And, while I have always disliked all of them except Corbel, I think Calibri’s default status has made it more grating over time. But that ubiquity also means it has featured in some pretty interesting stories in its time.

At first glance, I think these new ones are much nicer. My favourite is Seaford; unsurprisingly, it is the one Tobias Frere-Jones had a hand in creating. The lack of a serif option is disappointing.

Toyota Subsidiary Acquires Lyft’s Autonomous Vehicle Development Project

From the company’s press release:

Lyft, Inc. announced today that the company has signed an agreement with Woven Planet Holdings, Inc., (“Woven Planet”), a subsidiary of Toyota Motor Corporation, for the acquisition of Lyft’s self-driving vehicle division, Level 5. The transaction also includes multi-year non-exclusive commercial agreements between Lyft and Woven Planet to accelerate the development and enhance the safety of automated driving technology.

That makes two. Like Uber, Lyft said in its S-1 initial public offering document that autonomous vehicles were a key long-term bet for business sustainability. Neither Uber nor Lyft have turned a profit, though both companies believe they are on the verge of doing so, and the pipe dream of fully autonomous vehicles appears to have been a massive distraction and money sink.

Gorge

While many news organizations were satisfied with covering today’s launch of App Tracking Transparency in iOS 14.5 as a feature that, at most, illustrates a key difference between Apple and Facebook, for example, Mike Isaac and Jack Nicas of the New York Times decided to write a parallel article about the apparently fractured relationship between the companies’ CEOs. And it is a doozy.

I do not like these kinds of articles at the best of times. Regardless of how closely executives are tied to the companies they are involved with, I do not think there is much value in seeing them as inextricably linked. I do not think we can extrapolate personal animosity from competitiveness, and I think the CEO-as-celebrity narrative is a worrisome premise.

So this is the kind of article that I am going to approach with trepidation. Sure enough, it is chock full of anecdotes that do not simply portray Apple and Facebook as two companies that have some competitive overlap and very different approaches to privacy, but an “all-out war” between two bitter enemies in Tim Cook and Mark Zuckerberg. I did not learn much but, as I re-read the article, a single paragraph stuck out:

Those contrasts have widened with their deeply divergent visions for the digital future. Mr. Cook wants people to pay a premium — often to Apple — for a safer, more private version of the internet. It is a strategy that keeps Apple firmly in control. But Mr. Zuckerberg champions an “open” internet where services like Facebook are effectively free. In that scenario, advertisers foot the bill.

This reads like a Facebook PR person has spun it already, since it is the distillation of the company’s false compromise between privacy and revenue. It also misrepresents how lock-in and opt-in work on the internet.

If you want to talk about control over the internet, you really have to start with Facebook, Google — and, to a lesser extent, Amazon. All three companies insidiously lock people into their data-mining platforms without presenting a real means of consent or opting out. In addition to being de facto infrastructure, these companies never really stop tracking you. They can stop showing you ads based on the personalized data they have collected, but they may continue to slurp up behavioural information anyhow. And that’s only the three biggest companies in this space; there are thousands of other ad tech businesses and data brokers gorging themselves on data you never meaningfully consented to sharing.

Apple’s apparent control over the internet is comparatively meagre. If you rid yourself of all Apple hardware and software, you quit using its services, and you delete your iCloud account, you have zero affiliation with Apple. As far as it knows, you no longer exist. This is undoubtably a tedious, time-consuming, and expensive thing to do — but you can entirely opt out of Apple’s ecosystem. I know many people who have.

It is hard to see how Apple’s greater emphasis on privacy enables it to have more control over the internet in the long run. You would have to be a deeply cynical person who believes Apple would oppose a strict national privacy law — something Cook has repeatedly called for — because it creates a market for Apple’s more privacy-friendly products, and you would have to ignore the overwhelming majority of people who demand greater privacy online for that to be true. Of course Tim Cook, CEO of Apple, would rather you buy your technology products from Apple, but this company policy is not mere veneer. It is a longstanding commitment — though it is imperfect and has its limits — as is the company’s stance towards an open internet.1

But an open internet does not mean one in which all advertising is individually targeted using data farmed through independent apps and websites that serve as proxies for the surveillance practices of Facebook and Google. In the history of advertising, the privacy-hostile premise that these companies are selling is fairly recent. Shooting for pinpoint relevancy is a waste of time and privacy when relevant enough ads can be targeted to someone browsing a list of coffee cake recipes, an article about wedding locations, or a local news story. Mediocre ad targeting was good enough to buy an entire Batmobile.

Forget the apparent “war” between Cook and Zuckerberg personally, or even between the companies they chair. Both Apple and Facebook believe that many users, when presented with the option of whether to allow third parties to track their activity, will say no. But the new thing is not the tracking, it is the request for explicit permission — and Facebook appears to think that it will struggle to convince people it should be allowed to strip-mine their behaviour. We ought to be asking whether this was ever ethical. It seems most people would disagree.

Ads can keep funding the internet; Apple is not eradicating advertising from its platform. It is only requiring that users give consent to how much they would like to be surveilled. It speaks volumes about Facebook that it believes those are necessarily the same thing.


  1. A non-exhaustive list of privacy commitments: device encryption; masking Bluetooth and MAC addresses; Safari’s tracking prevention mechanisms, including ITP and share button tracking; local categorization of images in Photos; privacy labels in the App Store; non-specific location data in apps; and background location notifications. Many of these features are not recent. For example, since the mid-2000s, Safari defaulted to allowing only first-party cookies and cookies from websites you visited. ↩︎

App Tracking Transparency in iOS 14.5 With Craig Federighi

Joanna Stern, Wall Street Journal:

But the most important and most controversial update? App Tracking Transparency — abbreviated to ATT. The privacy feature requires any app that wants to track your activity and share it with other apps or websites to ask for permission.

“We really just want to give users a choice,” Craig Federighi, Apple’s senior vice president of software engineering, told me in an exclusive video interview. “These devices are so intimately a part of our lives and contain so much of what we’re thinking and where we’ve been and who we’ve been with that users deserve and need control of that information.” He added, “The abuses can range from creepy to dangerous.”

The interview is on YouTube, and Apple also put together its own video to explain this feature.

There are lines that stand out in each of those videos that I think are worth consideration. In Stern’s interview, Federighi says that the non-Allow option on the prompt is not labelled “Do Not Track” because “it’s a bit of a cat-and-mouse game around other ways that an app might scheme to create a tracking identifier”; in Apple’s video, the narrator says that “some apps have trackers embedded in them that are taking more data than they need”. Both of these statements reflect the reality of a world where it is valuable to accumulate vast troves of personal behavioural data. Apple says that it will permit no workarounds but, even though it controls the sole native app marketplace for iPhones and iPads, some things will inevitably slip through.

The only way to curb this behaviour is to devalue personal data collection. In my ideal world, advertising could not be targeted based on behavioural characteristics. If that cannot happen, there are other ways of legislating privacy, like creating a framework for personal data usage and ensuring the agency responsible for it has the resources to enforce its rules. Until any of these things happen, the concept of privacy — and the word itself — will be part of a public relations strategy.

To be very clear, I do not mean to imply that Apple does not believe in privacy as a core value. It truly does, and has done for decades. Nor is this pure fluff and marketing; this App Tracking Transparency policy will make a real difference, and you can tell that based on how much Facebook is throwing a tantrum over it. But it bums me out that privacy is not something that people just have, but rather something they must buy — one feature of many on a checklist.

iOS and iPadOS 14.5 Are Out

Federico Viticci of MacStories has a surprisingly deep dive of this .x update, but there are plenty of gems in here. For example, the most noticeable aspect of this update may be the ability to unlock your iPhone while wearing a mask via your Apple Watch; the subtlest but, I have decided, most delightful new thing is this Shortcuts tip:

You can now also control your device’s orientation lock settings via the ‘Set Orientation Lock’ action. With this action, you can either toggle orientation lock, or you can use parameters to specifically set it to ‘on’ or ‘off’. The ‘Set Orientation Lock’ action is going to be particularly useful for all those users (yours truly included) who dislike having to find the proper toggle in Control Center.

I keep orientation lock on at all times but now, when I launch Halide, orientation lock toggles off, and then switches itself back on when I leave the app. This does seem like something Apple could provide an API to developers for — the Camera app is able to rotate its UI and the photos it takes without toggling orientation lock — but it is an excellent workaround.

This is a significant update, and Viticci’s overview is a good place to start while it is installing on your devices.

Max Headroom

Matthew Panzarino of TechCrunch interviewed Greg Joswiak and John Ternus about the new iPad Pro:

One of the stronger answers on the ‘why the aggressive spec bump’ question comes later in our discussion but is worth mentioning in this context. The point, Joswiak says, is to offer headroom. Headroom for users and headroom for developers.

“One of the things that iPad Pro has done as John [Ternus] has talked about is push the envelope. And by pushing the envelope that has created this space for developers to come in and fill it. When we created the very first iPad Pro, there was no Photoshop,” Joswiak notes. “There was no creative apps that could immediately use it. But now there’s so many you can’t count. Because we created that capability, we created that performance — and, by the way sold a fairly massive number of them — which is a pretty good combination for developers to then come in and say, I can take advantage of that. There’s enough customers here and there’s enough performance. I know how to use that. And that’s the same thing we do with each generation. We create more headroom to performance that developers will figure out how to use.

“The customer is in a great spot because they know they’re buying something that’s got some headroom and developers love it.”

I buy this argument, particularly as the iPad is the kind of product that should last years. Since the first-generation iPad Pro, iPads have seemed to be built for software and workflows that are two or three years down the road. But the question about the iPad for about that same length of time is less can you? and more would you want to?, and I hope the answer to that comes sooner than a few years out.

Rich Countries Are Refusing to Waive IP Rights on COVID-19 Vaccines

Sam Meredith, CNBC:

Members of the World Trade Organization will meet virtually in Geneva, Switzerland on Thursday to hold informal talks on whether to temporarily waive intellectual property and patent rights on Covid vaccines and treatments.

The landmark proposal, which was jointly submitted by India and South Africa in October, has been backed by more than 100 mostly developing countries. It aims to facilitate the manufacture of treatments locally and boost the global vaccination campaign.

Six months on, the proposal continues to be stonewalled by a small number of governments — including the U.S., EU, U.K., Switzerland, Japan, Norway, Canada, Australia and Brazil.

These vaccines unquestionably ought to be in the public domain. As with the polio vaccine, huge sums of public funds were directed towards developing all of the major vaccines available in Canada, the United States, and across Europe. It is not like manufacturers will be unable to sell vaccines, but their formulas should not be proprietary.

Pfizer and Johnson & Johnson oppose this measure, with Pfizer saying that it has shared its formula with others to increase production capacity. And it is perhaps the case that production is to blame for the struggle to keep up with literal worldwide demand more than licensing issues. But we should not depend on the whims of companies deciding whether to share their formulas, for how long, and at what cost. These vaccines should not be part of an intellectual property portfolio — an asset for the investor class. They should not even be subject to a temporary waiver. These vaccines are necessary for the world to function and they must be freely available.

Classic Macintosh One-Bit Painting on an iPad Pro

Matt Sephton:

I’ve started work on the next in my 1-bit Woodblocks series: “Tekagami” (Ito Shinsui’s “Hand Mirror”). So it’s a good time to talk about how I turned an iPad Pro into the ultimate Classic Macintosh.

[…]

The most important aspect of this setup is that it runs System 7 and the various apps I use. That is the core of my classic Macintosh experience and the goal I had in mind. The hardware running System 7 is merely a conduit.

That said, the iPad Pro is more portable, reliable and capable than my real Macintosh. That’s 30 years of hardware progress for you.

You owe it to yourself to see Sephton’s one-bit paintings.

More Notes on the New iMac

I have not felt this enthusiastic about new Macs in a while but, I tell you, these new iMacs seem pretty terrific. The power of the M1 combined with a Pro Display XDR-reminiscent design in a bunch of great colours? I’m not in the market for a new iMac but I am hoping these colours make their way onto some redesigned MacBook Air models as I begin thinking about replacing the nine year old model I am writing this on.1

Speaking of the colours, Jason Snell at Six Colors:

Put it all together and that’s not just seven new iMac colors, it’s 18 keyboard variations and 14 pointing-device variations. While at launch Apple will only be providing the color-matched accessories with an iMac purchase, if history is any indication they will eventually be available for anyone to purchase. Given how many Apple Watch bands there are, Apple seems to have gotten very good at managing product inventory with a whole lot of variations. Good thing!

I was thinking about this the other night. Nearly all of Apple’s major hardware comes in multiple colours and with multiple storage options. There are regional variations, too, like the China-specific dual physical SIM iPhone models.

Also, on the new magnetically-attached power and ethernet connector:

In practical terms, the force required to yank the magnetic power cable off the iMac is the same force required to yank the current iMac’s plastic power plug out of its socket. So it seems unlikely that there will be a spate of disastrous iMac unpluggings laid at the feet of the choice to use magnets.

Good to know; this is not like MagSafe in either its original guise or the new iPhone connector, where it is designed to disconnect gracefully. But many leaks point toward something more true to a MagSafe-like connector on some updated Mac notebooks. I am hopeful.


  1. My previous laptop, a MacBook Pro, was wheezing after just five years; my Air is still humming along just fine. ↩︎

Apple’s M1 Positioning Mocks the Entire x86 Business Model

Speaking of the M1 in the iPad, here’s Joel Hruska, writing for Extreme Tech:

If that doesn’t seem like a fusillade across x86’s metaphorical bow, consider the issue from a different perspective: According to Apple, the M1 is the right CPU for a $699 computer, and a $999 computer, and a $1,699 computer. It’s the right chip if you want maximum battery life and the right CPU for optimal performance. Want the amazing performance of an M1 iMac, but can’t afford (or have no need) for the expensive display? Buy a $699 Mac mini, with exactly the same CPU. Apple’s M1 positioning, evaluated in its totality, claims the CPU is cheap and unremarkable enough to be sold at $699, powerful and capable enough to sell at $1699, and power-efficient enough to power both a tablet and a pair of laptops priced in-between.

No single x86 CPU is sold this way or positioned as a solution to such a broad range of use cases. There are three reasons why. First, PC customers generally expect higher-end systems in the same product family to offer faster CPUs. In the past, both Apple and x86 systems were sold in such fashion. Second, Intel and AMD both benefit from a decades-old narrative that places the CPU at the center of the consumer’s device experience and enjoyment and have designed and priced their products accordingly, even if that argument is somewhat less true today than it was in earlier eras. Third, no single x86 CPU appears to be capable of matching both the M1’s power consumption and its performance.

The iPad Pro uses a proven desktop-class processor; the MacBook Pro benefits from the efficiency of running on this same chip. It is an extraordinary statement, and this is just the first batch of products all on what is nominally the same system-on-a-chip.

It Is Once Again Time for Apple Executives to Say That the iPad and Mac Are Not Merging

It is a couple of days after Apple has announced a new iPad, which means it is also time for the company to drop the big no as it frustratedly explains why the iPad and Mac are remaining separate products. This time, the job has fallen on Greg Joswiak and John Ternus.

Andrew Griffin, the Independent:

“There’s two conflicting stories people like to tell about the iPad and Mac,” says Joz, as he starts on a clarification that will lead him at one point to apologise for his passion. “On the one hand, people say that they are in conflict with each other. That somebody has to decide whether they want a Mac, or they want an iPad.

“Or people say that we’re merging them into one: that there’s really this grand conspiracy we have, to eliminate the two categories and make them one.

“And the reality is neither is true. We’re quite proud of the fact that we work really, really hard to create the best products in their respective category.”

An iPad that runs MacOS would suck just as much — albeit for different reasons — as a Mac that ran iPadOS. But now that they are all on the same silicon, it makes the ways in which the iPad is limited by its software that much more noticeable. Griffin points out that Apple demoed Final Cut Pro on a Pro Display XDR to show how powerful the M1 is in a Mac, but could not do any of that with an iPad because the software does not exist. He even tries to coax Joz into admitting that Apple is working on professional apps for the iPad, with predictably little success. Jason Snell pointed out, in an article for Macworld, many other ways the new iPad Pro cannot use all the power it has.

But I see it in more simple terms than that. If you toggle between a few resource-hungry apps on a Mac and then go back to Safari, it picks up where you left off; if you open the camera and a few other apps on an iPad and then switch back to Safari, your open tabs might reload. If you pause the music you are listening to so you can watch something in your browser, then try to resume playback, it is a crapshoot whether it resumes correctly, starts the song again, or entirely forgets that you were listening to music — and it is worse with AirPlay.1

There are plenty more of these tiny little friction-increasing flaws showing that iPadOS remains similar to the smartphone operating system it was derived from. They are particularly frustrating on a product that shines when it most feels like your finger is directly manipulating the onscreen elements. There have been issues just like these since I bought my very first iPad and, though I want one of these new iPad Pro models, I find it hard to justify being frustrated by the same problems on a much nicer screen.

I do not mean to be so critical or negative all the time. It is just that I really love using my iPad, and it could so easily be something I pick up more often if not for these seemingly ground-level issues. I hope, as Federico Viticci wrote, the gaps in this story will be filled in come WWDC.


  1. You may remember that, earlier this week, I said that I own a base model iPad, so you may think memory exhaustion is a reasonable side effect of not having a higher-end model. But I would counter that I have never had these problems on a Mac of any specification, though I have only owned models from the Mac OS X era. ↩︎

All the Little Things in Apple’s Spring

Federico Viticci, MacStories:

Apple events are always packed with little details that don’t make it into the main presentation or are easy to miss in the flurry of announcements. Some tidbits are buried in footnotes, while others are tucked into word clouds on Keynote slides or in release notes. Today’s event was no exception, so after having a chance to dig in a little deeper, here is an assortment of details about what Apple announced.

If you have been aching for a new case for your iPhone or a new Apple Watch band, you are spoiled for choice. That “Arizona” leather MagSafe wallet is a terrific colour, and I wish it were available as a case.

Hermès has a new nylon Apple Watch band in a few colours. At $319 in the U.S., it is expensive even for a luxury product, costing about twice what Omega charges for its nylon NATO straps. Ouch.

Viticci has done a great job collecting all of these accessories and non-marquee products.

Revisiting Incorrect Reports That Cellebrite Cracked the San Bernardino iPhone

Speaking of Cellebrite, I thought it would be a good time to look back at all of the reports that confidently — and, we now know, incorrectly — stated that it was responsible for cracking the iPhone 5C used by one of the San Bernardino shooters.

It all started with a March 23, 2016 report from Sagi Cohen in Israel’s Yedioth Ahronoth:

The FBI has been reportedly using the services of the Israeli-based company Cellebrite in its effort to break the protection on a terrorist’s locked iPhone, according to experts in the field familiar with the case.

This article came two days after the FBI announced that a third-party vendor, which we now know to be Azimuth, would likely be able to help crack the iPhone in question.

Note that the Office of the Inspector General claimed in its report (PDF) about this case that the FBI began contacting vendors “on the eve” of its February 16, 2016 court filing, “including contacting an outside vendor who he knew was almost 90 percent finished with a technical solution that would permit the exploitation of the Farook iPhone”. It is entirely possible that the FBI contacted Cellebrite as it was trying to figure out how to get into this iPhone.

However, that quickly escalated in a March 31 Bloomberg article by Monami Yui and Aleksandra Gjorgievska:

Cellebrite Mobile Synchronization Ltd. worked with the FBI to crack an iPhone connected in a terrorist attack, according to people familiar with the matter, who asked not to be identified as the matter is private. Neither Cellebrite nor the FBI have confirmed the link, and a spokesman from parent Sun Corp. on Thursday said the company isn’t able to comment on specific criminal cases.

“Cellebrite […] worked with the FBI to crack an iPhone […] according to people familiar with the matter” we now know to be incorrect, but it was already evident less than two weeks later courtesy of a Washington Post report by Ellen Nakashima:

The FBI cracked a San Bernardino terrorist’s phone with the help of professional hackers who discovered and brought to the bureau at least one previously unknown software flaw, according to people familiar with the matter.

[…]

The bureau in this case did not need the services of the Israeli firm Cellebrite, as some earlier reports had suggested, people familiar with the matter said.

Nakashima was also one of the reporters responsible for confirming Azimuth’s role.

Despite multiple articles in 2016 noting that Cellebrite was ultimately not involved in the cracking of the San Bernardino shooter’s iPhone, reporting on the company has continued to link it to the successful unlocking of that device, often citing that Bloomberg story as evidence.

So, let’s summarize. First, Azimuth, not Cellebrite, was responsible for cracking the iPhone 5C used by one of the people responsible for the San Bernardino attack. Second, Bloomberg’s sources were clearly wrong, and it would not be the first time that a Bloomberg infosec story had dubious evidence.

Signal CEO Moxie Marlinspike Got His Hands on a Cellebrite Device

Moxie Marlinspike of Signal recently got his hands on a Cellebrite device and analyzed it from a security practices perspective. From what I understand, this is the first time an investigation into these devices has been made public, and it is not good for Cellebrite.

I wanted to focus on a specific claim in this piece:

Also of interest, the installer for Physical Analyzer contains two bundled MSI installer packages named AppleApplicationsSupport64.msi and AppleMobileDeviceSupport6464.msi. These two MSI packages are digitally signed by Apple and appear to have been extracted from the Windows installer for iTunes version 12.9.0.167.

[…]

It seems unlikely to us that Apple has granted Cellebrite a license to redistribute and incorporate Apple DLLs in its own product, so this might present a legal risk for Cellebrite and its users.

I reached out to Cellebrite earlier today with questions about this claim and have not heard back. I will update this post if I get a response. While I wait, I think it is noteworthy that Apple has used Cellebrite devices to copy iPhone data in its stores. I do not know if Apple remains a Cellebrite customer, though I have asked.

Marlinspike also hints at theoretical retaliatory measures:

Given the number of opportunities present, we found that it’s possible to execute arbitrary code on a Cellebrite machine simply by including a specially formatted but otherwise innocuous file in any app on a device that is subsequently plugged into Cellebrite and scanned. There are virtually no limits on the code that can be executed.

[…]

In completely unrelated news, upcoming versions of Signal will be periodically fetching files to place in app storage. These files are never used for anything inside Signal and never interact with Signal software or data, but they look nice, and aesthetics are important in software. […]

This is a cute idea but I am concerned about its repercussions if it were carried out which, for legal reasons, I imagine is unlikely. Law enforcement and intelligence agencies around the world are already itching to weaken encryption. Do we want a messaging service taunting them for a cheap laugh? If the purpose is to weaken evidence extracted by Cellebrite devices by introducing chaff into the system it is again not something I am sure is desirable for maintaining the legality and ready availability of strong encryption.

Marlinspike leads his post by listing the many countries with dubious human rights records that Cellebrite counts as customers. This is the part that does not sit right with me about private exploit marketplaces. I am grateful that they exist because they give law enforcement a way, with a warrant, to crack devices that does not require eliminating encryption or deliberately adding a back door. I do not like that private companies have different standards of accountability than state-run organizations.

To be very clear: I am not arguing that I would prefer that police forces began collecting zero-days, nor that intelligence agencies have a good record for following the law, nor that operating only within democratic countries would guarantee lawful and just use. But it is concerning to see companies like Cellebrite selling their services in jurisdictions where they are being used to further policies ranging from the oppressive to the authoritarian. If we are to have a private marketplace for vulnerabilities — and I do not realistically see it going anywhere — there must be greater incentives for ethical sales and responsible disclosure.

The Verge’s Profile of Kosta Eleftheriou

Sean Hollister, the Verge:

Recently, I reached out to the most profitable company in the world to ask a series of basic questions. I wanted to understand: how is a single man making the entire Apple App Store review team look silly? Particularly now that Apple’s in the fight of its life, both in the courts and in Congress later today, to prove its App Store is a well-run system that keeps users safe instead of a monopoly that needs to be broken up.

That man’s name is Kosta Eleftheriou, and over the past few months, he’s made a convincing case that Apple is either uninterested or incompetent at stopping multimillion-dollar scams in its own App Store. He’s repeatedly found scam apps that prey on ordinary iPhone and iPad owners by luring them into a “free trial” of an app with seemingly thousands of fake 5-star reviews, only to charge them outrageous sums of money for a recurring subscription that many don’t understand how to cancel. “It’s a situation that most communities are blind to because of how Apple is essentially brainwashing people into believing the App Store is a trusted place,” he tells The Verge.

There’s a lot to unpack there: fake free trials, fake reviews, subscription awareness. We could write an entire story about each. Today, I’d like to focus on how one guy could find what Apple’s $64-billion-a-year App Store apparently cannot, because the answer is remarkable.

It is remarkable because it is so simple. Hollister was easily able to replicate Eleftheriou’s scam-finding techniques, which combines data that Apple makes publicly available and information estimated by SensorTower. Some of these scams are raking in, according to Eleftheriou and SensorTower’s data, millions of dollars per year, and they are plentiful. They are so commonplace that Eleftheriou found more hidden casinos yesterday. This article is damning.

Apple undoubtably prevents some scams from making it into the App Store and makes others unavailable if they have been approved. But it should not be so easy for anyone to find so many of these apps with egregiously expensive subscription scams that run for months — they should not be that commonplace. As Ben Thompson wrote today, Apple’s reviewers seem “far more effective in figuring out how to navigate from a privacy policy on a web page to a purchase page” evading Apple’s in-app purchase mechanism than finding scams. I could not have said it better myself.

James Hoffman’s AeroPress Technique

Tony Konecny, formerly of Tonx and now at Yes Plz, in a lengthy and entertaining thread about coffee brewing techniques [sic]:

And I of course love the Chemex. The heavier filters are very forgiving of grind size/quality. It’s hard to fuck up.

It’s an elegant brewer when you’re serving multiple people and one of the few pieces of coffee gear that looks good left on the countertop.

and an Aeropress looks like a something you keep hidden in the nightstand.

I brew a cup or two of Chemex when I am feeling fancy and want something to clean afterwards, but I make most of my coffee with an AeroPress despite its looks. It is a resoundingly utilitarian brewer with seemingly a many variables and, depending on how fussy you want to be, a challenge to use consistently. But it has many passionate fans for two good reasons: it is very simple, and it requires very little effort to make good coffee.

James Hoffman made three videos about the AeroPress that are worth checking out:

If you’re short on time, you can just watch the last video, but I highly recommend all three. The intro on the first one is a lovely piece of filmmaking, and Hoffman’s dedication to trying different techniques in the second is admirable.

These three videos got me to try a different technique than my go-to recipe. For years, I have used a cheap kitchen scale and the AeroPress Timer app — which is, simultaneously, the best-designed and least-beautiful app I use regularly — to brew 18 grams of coffee with 200 millilitres of water in about a minute and a half, which is the Blue Bottle recipe. It is a little anal retentive, but it sure produces more reliable results than my previous technique of guesswork.

But Hoffman’s recipe uses just 11 grams of coffee and takes two and a half minutes, with a finer grind than I typically use. It is a noticeably different cup and I cannot work out if I like it more or less, but it is worth exploring. If you have an AeroPress, I think Hoffman’s video series is an entertaining and informative way to spend about an hour, and I think the AeroPress Timer app is also worth giving a shot.

Assorted Other ‘Spring Loaded’ Announcements

Michael E. Cohen, TidBits:

With Apple Card Family, a service available starting in May 2021, two people can co-own one Apple Card, sharing and merging their credit lines and benefiting equally from the shared credit history. In addition, Apple Card Family lets parents share an Apple Card with their children — including setting spending limits and controls — using an updated Family Sharing service.

This sounds like it will be helpful for, say, a couple where one person has major student loan debt or does not have a great credit history; but, now that their finances are shared, that person can benefit from the better collective credit rating.

Alex Guyot, MacStories:

During today’s keynote event, Apple announced their new Apple Podcasts Subscriptions service. Launching in May in over 170 countries, the service will allow users to subscribe to premium podcasts directly from the Apple Podcasts app. Premium shows will offer access to various perks for users, such as removing ads, releasing shows early, or providing exclusive content.

Ashley Carman, the Verge:

Initial partners include Pushkin Industries, QCODE, and NPR. It appears that content creators will have to pay Apple $19.99 per year in order to offer subscriptions, and Apple will take 30 percent of revenue for the first year of a subscriber’s lifetime and 15 percent for the years following. This means that if a subscriber only subscribes for one year, a podcaster will have given Apple 30 percent of that revenue. Podcasters are incentivized to keep subscribers around longer.

Podcasters will have to upload their subscription content through Apple’s backend, not through RSS and their hosting provider. Their regular feed, however, can still operate through RSS. Because the subscription content goes through Apple, podcasters also won’t receive specific data about their paying listeners, like their email, names, or contact information. Apple essentially owns the relationship.

The Podcaster Program Agreement appears to have a some requirements worth paying attention to if you are interested in joining. One thing I did not see in there is an exclusivity requirement. That means you can have a Patreon and a paid Apple Podcasts tier, and upload the same paid-only materials to both.

Apple’s Letter to Artists About Streaming Music Payouts

Anne Steele, Wall Street Journal:

Apple Music told artists it pays a penny per stream, according to a letter viewed by The Wall Street Journal.

[…]

Artists aren’t paid directly by streaming services, so a single play of a song doesn’t result in a penny going into that artist’s account. Instead, streaming services pay royalties to rights holders — a group that includes labels, publishers and other distributors — which in turn pay artists based on their recording, publishing and distribution agreements. Both Apple and Spotify pay rights holders based on the share of total streams their artists garner on each service.

Yet artists cite the per-stream pay rate as an indicator of their earnings. Major labels say the average monthly streams per user is a better measure of the streaming economy, and growing numbers of streams mean more money coming in for artists. Both Spotify and Apple, they say, are at or near the 1,000-streams-per-listener monthly benchmark that is seen as a success.

Jem Aswad, Variety:

However, nuances were lost in some of the wording: The first sentence of the WSJ article reads: “Apple Music told artists it pays a penny per stream” — which does not specify who it pays a penny per stream — and while the main headline on the article reads, “Apple Music Reveals How Much It Pays When You Stream a Song,” a secondary headline reads, “Apple Music pays artists twice as much as Spotify per stream.”

It is not hard to see how the inaccuracies, which were not stated but may have been inferred from the letter and the article, could lead some artists to think that they’ll be getting a penny from Apple every time their music is streamed, or even that the company has increased its rates to pay artists a penny per stream, even though the letter specifically states that “royalties from streaming services are calculated on a stream share basis” (i.e. a song’s percentage of the service’s total number of streams, which means Apple Music does not pay royalties on a per stream basis). Ultimately, the variables make apples-to-apples comparisons (sorry) nearly impossible, but multiple sources say the two companies’ rates are actually much closer than Friday’s headlines would imply.

The penny-per-stream average is clearly an inaccurate way to measure artists’ earnings, but it does lend itself to a trivia game of estimation with your favourite songs and albums. Mike Rockwell:

My most played artist in Plex has 627 plays. Based on Apple’s average payout of $0.01 per stream, that would have resulted in $6.27. But I’ve purchased four albums for a total of about $40.

This inspired me to look in my library at some high play-count records I have to see how much they would have cost if they were streamed instead. For example, my total play count of all of the songs on “The Fragile” is 1,392. If I had streamed all of those plays, Apple apparently would have paid Trent Reznor and company about $13.92. But I added this rip of the album to my library in June 2009 — which is when I bought a CD copy for probably about $25 — and, if I had to pay $10 per month for Apple Music, it would have cost me over $1,400 to maintain my library over that time.

Of course, that’s not a per-album rate. I get millions of songs for my $10 per month. In about the same timeframe in 2009, I also added Burial’s “Untrue” to my library. I have played the thirteen songs on that album 684 times in total, leading to an estimated payout of $6.84. My CD copy of that album probably cost $15, of which William Bevan probably earned just a few pennies. Apple Music obviously has not existed since 2009 but, if it had, I cannot work out how much less artists would have made if I had streamed all of my music instead of buying physical copies.

Somehow, we are still paying just $10 per month for music in an era where streaming must be paired with live performance to have any hope of generating an income for an artist, all the while fighting the paradox of streaming music, and artists are still getting screwed in the middle of all of it. There would not be a music industry without music, but the industry gets all of the money while musicians still have to fight for scraps.

Facebook’s Media Strategy, Unwittingly Emailed to a Journalist, Seeks to Treat Large-Scale Leaks as ‘Normal’

Pieterjan Van Leemputten, on the Belgian DataNews website and translated by Google:

Facebook has a communication strategy ready to dismiss the data breach in which 533 million accounts, including three million Belgians , were leaked as affecting the entire sector. At the same time, the company expects this to happen and wants to use blog posts on the subject in the future to ensure that it no longer has to respond to every incident.

That is a short summary of an internal communication email that ended up in the Data News mailbox. The email itself dates from April 8 and comes from a communications officer at Facebook, and is addressed to the company’s PR staff in EMEA (Europe, Middle East and Africa).

Kind of funny how Facebook’s communications person was feeling pretty confident about the declining media attention the leak of half a billion users’ personal details was getting in an email accidentally sent to a reporter. Scraping is a fairly common practice but let’s not forget that Facebook allowed more than one to copy the records of hundreds of millions of people each without raising red flags.

The New M1-Powered iPad Pro

Apple:

The breakthrough M1 chip takes the industry-leading performance of iPad Pro to an entirely new level. The 8-core CPU design features the world’s fastest CPU cores in low-power silicon — delivering up to 50 percent faster CPU performance than A12Z Bionic. The 8-core GPU is in a class of its own, delivering up to 40 percent faster GPU performance. This combination of CPU and graphics performance on iPad Pro widens its lead as the fastest device of its kind. Powerful custom technologies, including a next-generation 16-core Apple Neural Engine, an advanced image signal processor (ISP), a unified, high-bandwidth memory architecture with up to 16GB of memory, 2x faster storage, and up to 2TB capacity, make iPad Pro more capable than ever. The industry-leading power efficiency of M1 enables all of that amazing performance along with all-day battery life in the thin and light design of iPad Pro.1 Because M1 shares the same fundamental architecture of A-series chips, iPadOS is already optimized to take full advantage of the powerful technologies in M1 to easily handle everything from simple navigation to the most demanding workflows.

An iPad uses what is ostensibly the same processor as half of Apple’s Mac lineup. Impressive. This is the first time Apple has openly acknowledged the iPad’s memory instead of treating it as secret sauce and, perhaps unsurprisingly, it is offered in similar configurations as its Mac cousins. Unlike a Mac, you cannot customize the RAM independent of its storage; if you do not want a terabyte of disk space, you will get 8 GB of RAM.

There is a lot to love about these new iPad models, and I am excited to see the display in the 12.9-inch model, even though it increases the price considerably. But this is the part of covering new iPad hardware where I am legally obligated to express that my frustrations remain in its software. I am excited for what WWDC may bring on that front because, much as I want one of these new iPad Pro models, nearly all of the things I wish to change about my base-model years-old iPad are in its operating system.

The Redesigned iMac Comes With an M1 Chip and Is Available in Seven Colours

Let’s start with what we can see, shall we? Not since the iMac G3 of the late 1990s has Apple used such vibrant colours on any Mac, and they look beautiful. The product photography makes the green one look like the original “Bondi Blue” iMac. If I were buying one of these iMacs, that’s the one I’d have. I wish the MacBook Air came in these same colour choices.

The new model has a slimmed-down bezel in white, which is an odd choice. I am curious about what that will look like in person, though I have not been a fan of any of the devices I have used with white bezels. There isn’t a logo anywhere on the front, but it still has a chin because that’s where the computer is.

That chin features a pastel version of the iMac’s colour that is matched in the stand; around the sides and back, it is a richer and more vibrant hue. Don’t worry — there is still a silver model available if you are boring.

I am so happy to see colourful computers again — can you tell?

It is around the back of this iMac where things take a bit of a dive. For a start, it has just two USB 4/Thunderbolt ports; on the higher-end models, there are an extra two USB 3 ports. But that and a headphone jack is all the I/O that you get. That means no USB-A ports, of course, but also not SD card reader, which I use every few days on my own iMac. At least all currently-sold iPhones ship with Lightning cables that have a USB-C connector.

This iMac also has a curious new port around back for power and connectivity. It supports WiFi, of course, but if you want to use a wired connection, the higher-end models include a power brick with a gigabit ethernet port. That means the power supply is no longer built in, which creates some floor clutter, and — most curiously — this connects to the iMac via a single braided cable that attaches magnetically. So all current Apple notebooks have cables that are firmly seated and can cause the computer to go flying if they are tripped over, but one desktop model has a magnetic cable.

Apple is pitching this 24-inch iMac as a replacement for the 21.5-inch model; it has discontinued all but the lowest-end 21.5-inch Intel models, but it has retained the 27-inch models for now. This sets up the possibility for a greater differentiation between Apple’s more consumer-oriented products — the MacBook Air, 13-inch MacBook Pro, Mac Mini, and this iMac — and its higher-end products. This iMac uses ostensibly the same chip as its other own-silicon Mac models — and the new iPad Pro — and is limited to the same storage and memory options. The M1 products that have been released so far have proved to be extraordinarily powerful, but there are plenty of use cases that would benefit from more RAM and more power. That is what we can expect from the big iMac, and the 15-inch and higher-end 13-inch MacBook Pro models.

The New Apple TV 4K and New Siri Remote

After many years, Apple has updated the Apple TV 4K and the accompanying remote control. From the newsroom (U.S. link because none of the announcements from today, aside from podcast subscriptions, have Canadian press releases yet):

Apple today announced the next generation of Apple TV 4K, delivering high frame rate HDR with Dolby Vision and connecting customers to their favorite content with the highest quality. At the heart of the new Apple TV 4K is the A12 Bionic chip that provides a significant boost in graphics performance, video decoding, and audio processing. And with an all-new design, the Siri Remote makes it even easier to watch shows and movies on Apple TV with intuitive navigation controls. Together with tvOS — the most powerful TV operating system — Apple TV 4K works seamlessly with Apple devices and services to magically transform the living room in ways that everyone in the family will love.

[…]

Through an innovative color balance process, Apple TV works with iPhone and its advanced sensors to improve a television’s picture quality. Apple TV uses the light sensor in iPhone to compare the color balance to the industry-standard specifications used by cinematographers worldwide. Using this data, Apple TV automatically tailors its video output to deliver much more accurate colors and improved contrast — without customers ever having to adjust their television settings.

This is a fairly modest spec bump. The star of the show is the new Siri remote, which looks like a hybrid of the aluminum stick from several years ago and the iPhone 12. It still has few buttons and some touch-sensitive controls, but it appears to be less fiddly than the current version and is certainly easier to tell by feel which way is upright. It is also going to be shipping with the still-available Apple TV HD — but it is only $30 less than the $179 4K.

The colour balancing feature is not exclusive to this new model. It works with any Apple TV that supports tvOS 14.5 and any iPhone with a Face ID array. I will not be able to try it until the tvOS update is released next week, but I am curious about what changes it will make to my cheap and old television.

Notably absent in this Apple TV update is spatial audio. Perhaps it is the kind of thing that will need a camera capable of tracking multiple people.

Remember Netbooks?

Nilay Patel, the Verge:

Windows getting shown up by Linux was not allowed, so Microsoft did some Microsoft maneuvering, and by January 2008 the Eee PC was running Windows XP instead. It was also part of a larger category called “netbooks,” and we were all made to know what netbooks were.

[…]

The netbook explosion was all the more odd because every netbook had the same basic specs, as Microsoft charged more for a standard non-Starter Windows license if a computer had anything more than a 1.6GHz Intel Atom processor, 1GB of RAM, and a 160GB hard drive. So it was all colors and screen sizes, really. All to run a deeply-annoying version of Windows, on a computer that no one was even remotely claiming could replace a primary PC. By the end of it all, as the chips inevitably got more powerful, enough laptop vendors were telling Joanna that their new netbook-like computers weren’t netbooks that she started calling them “notbooks.”

The thing I remember most about the netbook era were the constant cries of technology analysts demanding that Apple make a netbook.

Jason Snell of Macworld reported on Apple’s 2008 fourth-quarter earnings:

At Apple’s event launching the company’s new laptops last week, Jobs was asked about the emerging category of “netbooks,” low-cost and low-feature laptops. Last week, Jobs made skeptical noises about the category, saying it was just too early to tell what would happen. On Tuesday Jobs went a little further, dangling some suggestion that Apple is watching the category closely: “It’s a nascent category and we’ll watch while it evolves,” Jobs said. “And we’ve got some pretty good ideas if it does evolve.”

Gregg Keizer of Computerworld in December 2008:

Apple Inc. will introduce two netbooks at the MacWorld Conference and Expo next month that will be tied to the company’s App Store, as is its iPhone, an analyst said today.

“I don’t have any inside information,” said Ezra Gottheil of Technology Business Research Inc., as he spelled out his take on Apple’s next hardware move. “This is just by triangulation.”

The computer Apple actually introduced at Macworld in January 2009 was the 17-inch MacBook Pro which only resembled a netbook from really far away.

David Carnoy of CNet could not have been more blunt in this 2009 editorial, which ran with the headline “Why Apple must do a Netbook now” and this dek:

With news that users are hacking Windows and Linux Netbooks to run OS X — and run it pretty well — Apple needs to release a Netbook of its own before it loses ground in the highest-growth laptop category.

I am sure Apple’s executives are just kicking themselves all the way to the bank.

Anyway, shortly after the iPad came out, the “netbook” name became toxic and, as Patel writes, the companies making them avoided that marketing. Patel and Joanna Stern argue that iPads are their spiritual successor, but I think Chromebooks are far more netbook-like. If anything is to be a “netbook”, it should be a laptop that is effectively just for web apps — and nothing is more like that than a kind of notebook named after the world’s most popular web browser.

The North Korean Government’s Many Digital Heists

Ed Caesar, the New Yorker:

North Korea’s cybercrime program is hydra-headed, with tactics ranging from bank heists to the deployment of ransomware and the theft of cryptocurrency from online exchanges. It is difficult to quantify how successful Pyongyang’s hackers have been. Unlike terrorist groups, North Korea’s cybercriminals do not claim responsibility when they strike, and the government issues reflexive denials. As a result, even seasoned observers sometimes disagree when attributing individual attacks to North Korea. Nevertheless, in 2019, a United Nations panel of experts on sanctions against North Korea issued a report estimating that the country had raised two billion dollars through cybercrime. Since the report was written, there has been bountiful evidence to indicate that the pace and the ingenuity of North Korea’s online threat have accelerated.

According to the U.N., many of the funds stolen by North Korean hackers are spent on the Korean People’s Army’s weapons program, including its development of nuclear missiles. The cybercrime spree has also been a cheap and effective way of circumventing the harsh sanctions that have long been imposed on the country. In February, John C. Demers, the Assistant Attorney General for the National Security Division of the Justice Department, declared that North Korea, “using keyboards rather than guns,” had become a “criminal syndicate with a flag.”

There are elements of this report that I do not love,1 but it is an extraordinary look at the effects of an advanced persistent threat actor whose motivation is almost solely financial gain. American and Israeli governments collaborated on malware for espionage and hardware destruction in Iran; the Russian government unleashed Petya and NotPetya to attack Ukraine in an act of war; “Five Eyes” governments share the Warriorpride espionage framework (PDF) for smartphones. But none of these countries’ governments seem interested in siphoning cash just because they can. North Korea, sanctioned internationally and with limited resources, needs money and has invested in a world-class digital subterfuge team to get it.


  1. For example, Priscilla Moriuchi, who is now at Harvard and was previously at the NSA, said in an interview quoted here that “North Koreans understand criminality”. It sounds like Moriuchi means the North Korean government and its agencies, not North Korean people generally, but this imprecision frustrates me because it implies that an entire country’s population is criminally-minded. ↩︎

Apple Will Let Parler Back Into the App Store

In January, Parler’s iOS app was booted from the App Store because the social network was a deliberately under-moderated platform without demonstrable community standards. Along with Facebook, Parler was one of the platforms used by those involved in the January 6 attack on the U.S. Capitol. It had a more concentrated favourability with pro-violence and anti-democratic users than Facebook, however, because of its weak moderation policies. Apple said that Parler’s app would be allowed back into the App Store if it could show a plan to control hate speech and targeted attacks.

In March, Nicolás Rivero of Quartz reported that Parler was reworking its policies so that Apple would permit the app in its store, but was rejected for not going far enough:

In a statement the next day, Parler’s chief policy officer, Amy Peikoff, stressed the lengths to which the platform has gone in recent months to implement new moderation practices to appease Apple. “We worked tirelessly to adopt enhanced protocols for identifying and removing this type of content,” Peikoff wrote. “We have since engaged Apple to show them how we’ve incorporated a combination of algorithmic filters and human review to detect and remove content that threatens or incites violence.”

Peikoff also wrote that Parler has rolled out all-new moderation features that weed out “personal attacks based on immutable and irrelevant characteristics such as race, sex, sexual orientation, or religion.” Mainstream social platforms like Facebook and Twitter have long since adopted algorithms to block exactly these forms of hate speech (although they tend to use language like “protected categories” rather than “immutable and irrelevant characteristics”). The main difference is that Parler gives its users the ability to opt out of its hate speech filter so they can “curate their own feeds as they choose.”

None of that was enough to win Apple over. But Peikoff seemed to indicate that Parler would make more changes to placate the tech giant. “Parler expects and hopes to keep working with Apple to return to the App Store,” she wrote.

After months of discussion, it appears that Apple is satisfied with the changes Parler is proposing. Brian Fung, CNN:

Apple has approved Parler’s return to the iOS app store following improvements the social media company made to better detect and moderate hate speech and incitement, according to a letter the iPhone maker sent to Congress on Monday.

The decision clears the way for Parler, an app popular with conservatives including some members of the far right, to be downloaded once again on Apple devices.

The letter — addressed to Sen. Mike Lee and Rep. Ken Buck and obtained by CNN — explained that since the app was removed from Apple’s platform in January for violations of its policies, Parler “has proposed updates to its app and the app’s content moderation practices.”

CNN did not share Apple’s letter, but Sen. Lee’s office has published its copy (PDF) if you would like to read it in full. Here’s a key paragraph:

In response, Parler did not communicate a sufficient plan to improve its moderation of user-generated content in the app. Thereafter, and consistent with standard app review processes, Apple’s app review team, ARB, and ERB decided to remove the Parler app from the App Store for non-compliance with the Guidelines. Customers who had already downloaded the Parler app prior to its removal from the App Store could still access the app, and Apple understands that Parler’s website is accessible on the Internet, including through a web browser on an Apple device.

There are no iOS clients for 4chan or OnlyFans, but Parler seems to think its growth will be more straightforward by making its Twitter clone more like better-moderated platforms than to stick to its pretend principles. I think that is preferable. Anonymity and pseudonymity is not why social networks are often vile, nor does it explain why 4chan, Gab, and Parler are generally worse. It is a lack of community standards and effective moderation.

Parler is trying to improve; I think that is welcome. But I do not think it will make Parler a welcoming community for many; if you are looking for a steady supply of vaccine scaremongering and mask misinformation, you’ll love it there. The effects of Parler’s new rules are a mystery for now as they are not yet in place.

There Is No Way to Report App Store Scams

You remember Kosta Eleftheriou, right? He tweeted about clones of his app FlickType, and has since found a bunch of App Store scams that he has tweeted about. Here are a couple of recent examples, starting with X-Gate VPN:

Another typo in the title, but this time it’s not even a title – it’s PLACEHOLDER TEXT!

How the heck does this app have a 4-star rating? Or passed review twice??

Anyway, let’s continue to see what this “7 day” trial is all about.

On the next screen the trial is now for 3 days instead of 7, and we can “Incredibly increase speed” for a mere $12/week.

You’re telling me people are signing up for $624/year for *this*? And are giving it 4 stars?

And here’s a game for kids:

This @AppStore app pretends to be a silly platformer game for children 4+, but if I set my VPN to Turkey and relaunch it becomes an online casino that doesn’t even use Apple’s IAP.

Both of these apps were available for hours after Eleftheriou tweeted about them, but have now been removed from the store. On one hand, you could argue that this indicates the need for a centralized and policed app marketplace: since Eleftheriou finds scummy apps like these in Apple’s controlled marketplace, it is possible that many more would be available if not for the controls in place. Apple is also able to disable apps like these when they are found.

But the fact that these apps are found in “a place you can trust” also indicates that Apple’s review process is not as stringent as it needs to be. It is possible that there would be more nefarious apps available for iOS if the App Store were not the sole distribution platform, but Apple’s App Store could still be the best marketplace if there were competitors. It could be safer and more controlled than it already is. It is also true that Apple could disable worrisome apps’ certificates, which are unconnected to the App Store’s monopoly on native app distribution for iOS.

One more thing that I think is critical is that it is, right now, impossible to flag an app as a rule-breaker or a scam. Say you download an app and it is, in some way, worth reported to Apple. Let’s start in the App Store, where there is no button to report an app, not even in the app listing’s share menu. If you go to Apple’s Report a Problem website, you will see all of your purchases and downloads from your Apple ID, and you will be be asked a question, “What can we help you with?” for a dropdown menu containing these options:

  • Request a refund

  • Report a quality issue

  • Find my content

  • Report suspicious activity

If you pick the last one, you’ll be sent to a screen where you will be told to contact Apple Support if you think your Apple ID has been compromised; it has nothing to do with the items you purchased or downloaded.

The second item on the list, which is my next best guess for a relevant answer, is limited to Apple subscriptions and in-app purchases. It is the answer you choose when, say, a movie you rented has playback problems, or an app subscription is not working properly. It is one option you could use if an app is abusing in-app purchases and you have fallen for the scam but, if you are alert enough to avoid subscribing, this choice won’t help. It is the same story for requesting a refund, and “find my content” is irrelevant.

So you visit Apple’s contact page where, under the “Product and Services Support” section, you are redirected to Apple’s support page. And, long story short, there is nothing in this support site about App Store scams or reporting a problem with a third-party app. If I am wrong about this, please get in touch and tell me — I will update this post. But it appears that, if a scam makes its way into the App Store, Apple is entirely dependent on users posting on social media or contacting Apple through another channel to be alerted to problems.

Online Proctoring Programs Try to Detect Cheating Through Machine Learning, So You Can Imagine What They Get Wrong

Katie Deighton, Wall Street Journal:

Millions of college students facing final exams, professionals pursuing new qualifications and others were asked to take important tests at home using programs such as ProctorExam, Proctorio and ProctorU—software designed to fight cheating by getting a human or machine to remotely watch for suspicious behavior in test takers’ faces, rooms and audio levels.

[…]

One criticism leveled at Proctorio, which uses machine-learning technology to monitor a student’s behavior during a test, is that its system sometimes fails to detect the faces of users with darker skin tones, prompting concerns that these students may be unable to begin an exam. Mr. Olsen said the software occasionally fails to pick up students’ faces if they are in badly lighted spaces, but a human member of Proctorio’s support team can assist and admit test takers into an exam if the software has issues detecting their face in the pre-check process.

[…]

Some users reported trouble getting digital proctoring software to install or function properly on their devices, often because of technical issues such as an unstable internet connection.

Via D’Arcy Norman, who was interviewed by Deighton and whose full response is worth reading:

There is a fundamental problem with how online exam proctoring software is designed. This problem involves issues of power, control, consent, and agency. The concept itself puts students and instructors into an adversarial relationship, with students framed as assumed cheaters, and instructors as police or security analysts trying to catch the students. This can’t be resolved through interface tweaks or streamlined installation processes – the problem is the nature of the software, not the design of the interface or user experience.

This reminds me of the surveillance applications some employers require staff to install while working from home. People are sometimes going to do things while on the clock or at school that they should not be doing, but it is not solved by assuming people are unworthy of trust.

Update: Via a reader, another story about Proctorio. Joe Mullin of the Electronic Frontier Foundation:

Given these invasions, it’s no surprise that students and educators are fighting back against these apps. Last fall, Ian Linkletter, a remote learning specialist at the University of British Columbia, became part of a chorus of critics concerned with this industry.

Now, he’s been sued for speaking out. The outrageous lawsuit — which relies on a bizarre legal theory that linking to publicly viewable videos is copyright infringement — will become an important test of a 2019 British Columbia law passed to defend free speech, the Protection of Public Participation Act, or PPPA.

Vile.

Users of the iOS Discord App Will Be Unable to Access NSFW Channels

Kyle Orland, Ars Technica:

Discord users who access the Discord app through iOS will now face restrictions on adult content that go beyond those for other platforms. The gaming-focused social networking app — which lets users create public or private servers to chat via text, image, voice, and video livestreaming — announced this week that “all users on the iOS platform (including those aged 18+) will be blocked from joining and accessing NSFW servers. iOS users aged 18+ will still be able to join and access NSFW communities on the desktop and web versions of Discord.”

That NSFW designation can be set by the server owner or by Discord itself, in keeping with community guidelines requiring the label on “adult content.” Individual channels within a server can be designated as NSFW without imposing limits on the full server, but an entire server may be labeled as NSFW “if the community is organized around NSFW themes or if the majority of the server’s content is 18+,” the company said.

Matthew Bischoff on Twitter:

When we dealt with this at Tumblr, it became my full time jobs for weeks to find incredibly complex ways to appease Apple’s censors. This happened every time they found a sexy blog they didn’t like. It’s absurd.

Speaking of Twitter, that company expressly permits “graphic violence and consensually produced adult content” within users’ tweets “provided that [users] mark this media as sensitive”. Reddit permits NSFW text and media so long as it is marked. Discord has a similar policy of allowing NSFW media in channels so long as those channels are marked. What makes it different? Is Apple going to demand that Reddit and Twitter also prohibit accessing NSFW media from within those companies’ iOS apps?

This is nothing like the Parler situation. Parler and Gab have little to no moderation of their platforms, so they are not compliant with the App Store rules. That is understandable to me; you may disagree with that policy, but it is at least a written policy. But Discord, Reddit, and Twitter all attempt to moderate their platforms to varying degrees of success. What makes Discord different?

Update: As of April 19, Discord has loosened these policies. It has now gated channels marked NSFW, and expressly prohibited only dedicated pornographic channels. This remains far more cautious than the official apps from Reddit or Twitter. Discord blamed Apple’s guidelines for why it had to make these changes, so I remain confused why it needs to be treated differently.

The Trust Gap Between Journalists and Companies Is Widening, as Is the Reporter-Public Relations Gap

Jim Prosser of Edelman:

As I see it, there are three distinct structural shifts happening that both explain and give merit to a shift in emphasis toward businesses using their direct channels instead of relying on media coverage. Collectively, they have some profound implications for companies, communicators, and journalists.

[…]

Put simply, Americans on the whole trust business as an institution more than the press as an institution. That’s not conjecture. It’s backed by data.

[…]

There are far more stories businesses want to tell than there are reporters to tell them. How do we know that? Let’s look at U.S. Bureau of Labor Statistics data. In 2000, there were about two people working in public relations for every one working reporter in America. By 2019, that spread more than doubled to over five, driven by both an increase in PR jobs and a decrease in reporter jobs. By 2029, BLS projects the spread will keep expanding to over six.

I found this post illuminating and alarming. A collective trust in business marketing — or “storytelling”, as Prosser puts it — over good journalism means that more credence is given to media that has an inherent conflict of interest over that which, ostensibly, does not.

A common retort to this is that media outlets have, for years, degraded their own trust. CNN spends hours a day broadcasting talking head shouting matches; entire books have been dedicated to the inadequacies of the New York Times; Fox News is Fox News. This is not a U.S.-exclusive phenomenon: trust in the media, scientists, and academics has fallen in Canada, too.

But this trust gap is almost inherently unfair. When companies screw up, they barely flinch. Consider that, as of last year, 71% of Americans surveyed have a favourable opinion of Facebook. This is after years of behaviour that should have destroyed its reputation.

Media, on the other hand, operates within far tighter margins of trust. Brooke Gladstone, writing for the New York Times in 2015:

Americans say they want accuracy and impartiality, but the polls suggest that, actually, most of us are seeking affirmation. Americans want the news to be patriotic, which explains the big drop in 2004 when stories abounded about Abu Ghraib, the 9/11 commission’s slam on the government’s handling of terrorism, and the Senate Intelligence Committee finding that the White House “overstated” the threat of weapons of mass destruction. Plus, it was an election year. Trust in news media always dips in election years.

We tend to trust media that reflects our own views, and inherently distrust outlets that do not. Companies are perceived to be more neutral; the view that they are only interested in the bottom line is both cynical and perceived as more trustworthy than journalism. I think this is false, but it is what surveys suggest. Prosser makes several suggestions in this article about how media can improve reader trust — many of which have been made before — but I do not think they will be effective. For example, here’s one idea:

While the means of news distribution have changed starkly over the previous decade, news presentation online remains largely the same: text with occasional links and photos, sometimes video, presented in a format that basically tracks the print experience. There’s a meaningful opportunity here to look at means of presenting stories that reinforce trust: presenting primary source documents in line instead of just writing in reference to them, detailing how a piece was sourced in ways people understand […]

“Present primary sources” sounds like a slam-dunk, right? If a publication has documentation of something and shows it, the story should speak for itself. But this has mixed results. In 2004, records supposedly denigrating George W. Bush’s military service were shown to be created in Microsoft Word because those documents were available. On the other hand, even after a full summary was released by the White House of a call between then-U.S. president Donald Trump and Ukraine president Volodymyr Zelensky, less than half of Republicans believed news reports about the substance of the call. I am sure you can find plenty of similar examples from different political parties and orientations; these are my own biases.

One positive note that I found while researching for this: Canadians are more trusting of local media, as are Americans (PDF).

Spotify Continues to Remove Episodes of Joe Rogan’s Podcast

Paul Resnikoff, Digital Media News:

Just last week, Digital Music News first reported that 40 different Joe Rogan Experience podcast episodes were found missing from Spotify, now the exclusive platform for the show. Now, that number has quickly grown to 42, with potentially more shows quietly getting removed from the catalog.

Among the newly-missing is an episode (#411) with Bulletproof Coffee founder Dave Asprey, a frequent guest on The Joe Rogan Experience. Strangely, Spotify has deleted three total episodes with Asprey for reasons that aren’t entirely clear.

You may remember Asprey from his many years of bullshit.

It is worth reading this article alongside something like Ben Thompson’s piece about sovereign writers, and considering the balance of editorial control and independence against guaranteed income.

I am not a fan of Rogan’s podcast; I think it sounds like if you grafted a mouth onto a lifted Dodge Ram covered in Punisher decals. I also think that it is probably a good thing for the world that Spotify can exercise some control over a popular but obsequious host. But I have to wonder how comfortable Rogan is with sharing his fame with Spotify while letting it meddle with his show. Spotify surely benefits from the exclusivity of his show and being associated with one of the world’s most popular podcasts; Rogan benefits because he is a hundred million dollars richer, which is a galling amount of money for Joe Rogan’s HGH and PCP power hour. Spotify apparently has little editorial control, but it now has control and responsibility over distributing an exclusive show that it paid, again, a hundred million dollars for. Rogan’s name may be on the show, but it is Spotify’s reputation that is on the line.

Private Exploit Marketplaces May Have Broad Security Benefits

Hey, remember that iPhone 5C that the U.S. government barely tried to crack before demanding Apple give them a back door, only to find a way in just one day before a related court hearing was to begin? It turns out that the company that they paid to crack it was not one of the usual suspects like Cellebrite or Grayshift.

Ellen Nakashima and Reed Albergotti, Washington Post:

The iPhone used by a terrorist in the San Bernardino shooting was unlocked by a small Australian hacking firm in 2016, ending a momentous standoff between the U.S. government and the tech titan Apple.

Azimuth Security, a publicity-shy company that says it sells its cyber wares only to democratic governments, secretly crafted the solution the FBI used to gain access to the device, according to several people familiar with the matter. The iPhone was used by one of two shooters whose December 2015 attack left more than a dozen people dead.

[…]

Apple has a tense relationship with security research firms. Wilder said the company believes researchers should disclose all vulnerabilities to Apple so that the company can more quickly fix them. Doing so would help preserve its reputation as having secure devices.

What a bizarre turn of phrase. It would help it “preserve its reputation as having secure devices” because it really would help improve the security of its devices for all users, in much the same way that telling a fire department that there is a fire nearby would help a building’s reputation as a fire-free zone.

Thanks to this report, we now know some of the backstory of how the 5C came to be cracked without Apple’s intervention, and Nakashima and Albergotti confirm why the FBI was so eager to take Apple to court for this specific case:

Months of effort to find a way to unlock the phone were unsuccessful. But Justice Department and FBI leaders, including Director James B. Comey, believed Apple could help and should be legally compelled to try. And Justice Department officials felt this case — in which a dead terrorist’s phone might have clues to prevent another attack — provided the most compelling grounds to date to win a favorable court precedent.

It was not “months of effort”; according to a Department of Justice report, the FBI spent a few hours actively trying to figure out how to crack the device. But if it was not perfectly clear before, it is now: this was the model case for getting a law enforcement back door in encryption because it involved a terrorist. The next time the FBI brought this up, it was because of another terrorist attack. In both cases, the iPhones were able to be cracked without Apple’s intervention.

Most of all, this report adds one more data point to the debate over the ethics of the zero-day market. If Azimuth had reported the vulnerabilities it exploited in cracking this iPhone — including a critical one reportedly found well before this terrorist attack occurred — Apple could have patched it and improved the security of its devices. However, if third parties were unable to find an adequate exploit, a court may have compelled Apple to write a version of iOS that would give law enforcement an easier time breaking into this iPhone. Once that precedent is set, it cannot be un-set.

Katie Moussouris of Luta Security on Twitter:

Selling exploits to law enforcement removes their plausible cause to petition courts to order Apple & others to self-sabotage security of all customers.

Azimuth’s exploit sale saved us all from a mandated back door then, & the court precedent that would force backdoors elsewhere.

I’m midway through Kim Zetter’s excellent “Countdown to Zero Day”. One of the chapters is dedicated to exactly this question in the context of Stuxnet: how much responsibility do security researchers have to report critical security problems to vendors? An auxiliary question some specific vendors, like Microsoft, may face is what their obligation is for patching vulnerabilities that may be currently exploited by friendly governments in their intelligence efforts. That is something Google’s Project Zero wrestled with recently.

In the case of this iPhone, it seems like the private exploit marketplace helped avoid a difficult trial that may have, in effect, resulted in weakened encryption. But it is a marketplace that creates clear risks: platform vendors cannot patch software they do not know is vulnerable; there is little control over the ultimate recipient of a purchased exploit, despite what companies like Azimuth say about their due diligence; and these marketplaces operate with little oversight.

It does seem likely that this market perhaps provides some security benefit to us all. So long as bug bounty programs continue to pay well and there are true white hat researchers, vulnerabilities will continue to be found, responsibly disclosed, and patched. If it manages to avert mandatory back doors or other weakening that at least seven countries’ governments are demanding, it may be to our benefit.

I do not like that idea, but I like the apparent alternatives — anything requiring deliberate flaws in encryption — a whole lot less. In a better world, I would rather these exploits be reported immediately to platform vendors. But the lid for this particular Pandora’s Box has long been lost.

End Trends

Charlie Warzel, in the first edition of his new newsletter Galaxy Brain:

The entire phenomenon of “Twitter’s Main Character” functions as a master class in context collapse. Many Very Online Users approach this daily ritual as something between high school cafeteria gossip time and one of those Rage Rooms where you pay money to break things with a hammer. But what’s really happening is thousands of strong individual online identities colliding against each other. In Hunt’s case, it was horror and sci-fi fans and film buffs who felt it was important to weigh in as a way to maintain their particular identities.

[…]

Twitter’s Trending Topics only seem only to exacerbate the site’s worst tendencies, often by highlighting the day’s (frequently trollish or bigoted) main character and increasing the opportunities for context collapse. And of course, none of this is new. For years, Twitter let Trending Topics devolve into a cesspool of misinformation. Conspiracy theorists and trolls have hijacked hashtags and manipulated trending topics to sow confusion and inject dangerous ideas into mainstream discourse.

You cannot escape the cloud of radioactive waste emanating from Twitter’s trending list even if you try. For one, the structure of Twitter’s website makes it difficult to hide the list of trends.1 It is far easier, not to mention much nicer, to use a Twitter client like Tweetbot or Twitterrific, where the list of trending topics is buried in some part of the app you never have to touch.

But everybody else is seeing those trends and piling on. Most people use Twitter through its website or official apps, all of which push trending topics to the foreground, so they all get a full menu of today’s main characters from which they can choose which outrage to weigh in on. You know those rules of thumb about breaking news stories? Trending topics on Twitter are like the pure concentrated version of what happens when those rules are ignored.


  1. I had some luck by adding div[data-testid="sidebarColumn"] section[aria-labelledby^="accessible-list"] div[role="link"] { display: none !important; } to my Safari.css file, but it seems fragile and likely to break. Nothing in Twitter’s website is named semantically. The markup looks like it was written by people who do not care. I bet they do, though, and have no say in how this thing is built. ↩︎

Apple’s ‘Spring Loaded’ Event Is April 20

Apple’s spring events have been interesting as of late. On the surface, they seem to be a bit of a grab-bag. With WWDC creating the perfect venue for operating system updates and Mac hardware, and the autumn events used to introduce flagship iPhone and Apple Watch hardware, the spring event often feels like an appetizer round to the year’s main courses.

But last year’s springtime products, announced by press release, included the iPhone SE, iPad Pro and Magic Keyboard, and a MacBook Air bump; the year before, it was the services event, a couple of iPad models, an iMac bump, and the second-generation AirPods. These product categories are not on the margins of Apple’s business, but they are also not the headliners, so these product launches are not seen by some in the tech press has having the gravitas as others throughout the year.

Anyway, Tuesday, usual time. Expect iPad Pros.

Spotify Announces Car Thing

Ashley Carman, the Verge:

Spotify’s first gadget has landed. Car Thing, a Spotify-only, voice-controlled device for the car, is launching today in limited quantities to invited users. It’s a dedicated, Bluetooth-connected device for controlling Spotify without the need for a phone screen, which seems to be meant for people who drive older cars without built-in infotainment systems or phone connections.

It is called “Car Thing”. How terrific is that? I don’t even care that it is, according to Carman, not a particularly great product. It is called “Car Thing”. That is a slam-dunk.

Bloomberg: Apple Is Working on a New TV Product With HomePod and Videoconferencing Capabilities

Mark Gurman, Bloomberg:

The company is working on a product that would combine an Apple TV set-top box with a HomePod speaker and include a camera for video conferencing through a connected TV and other smart-home functions, according to people familiar with the matter, who asked not to be identified discussing internal matters.

Gurman says that this product is “still in the early stages” which, if you want to be a bit cynical, gives this report enough wiggle room to never pan out.

But it is intriguing, isn’t it? I know that it is something I would have loved to own this past year. Over Christmastime, I used AirPlay to place a FaceTime window onto the television and set my MacBook Air on the coffee table so that we could spend time with family in a more immersive way. It was a pretty nice, albeit janky, setup.

The obvious question about something like this is where a camera would be mounted, given that some people probably do not put their Apple TV out in the open or adjacent to their television screen. The other question is whether we can expect a new remote, something that for years I have been hearing is in the works, yet somehow never arrives. The Apple TV appears to be on the development cycle usually reserved for new kinds of water.

Logitech Discontinues Its Harmony Universal Remote Control Line

Ben Patterson, TechHive:

Well, the other shoe finally dropped. After years of speculation about the fate of its Harmony line of universal remotes, Logitech has announced that it will stop making the devices effective immediately.

In a post on its support site, Logitech said that its remaining stock of Harmony remotes will continue to be available through retail channels until stocks run out, and that it will continue to support the remote for the foreseeable future.

If you have older A/V equipment, this is probably frustrating. Harmony, acquired by Logitech in 2004, dominated the market on universal remote controls for years, and also provides home automation stuff. Its more recent models require a server-side infrastructure, not just IR programming, so when Logitech decides to shut that system down, those remotes will likely stop working. According to Jason Knott at CEPro, support will be offered “in perpetuity”, but I doubt that. I give it a few years.

So, this is certainly a difficult situation for those who own Logitech’s Harmony hardware and have relied upon it for years. But Matt Stoller has a bad take on it that I would also like to address:

Logitech’s products are pretty, but the actual quality of the software is terrible, which is the classic sign of a marketing-driven organization run by lazy executives. Logitech is a monopolist in the universal remote control space, which it acquired in 2004 when it purchased a firm called Harmony. “Their market dominance has been ironclad because of their database: they have infrared codes for hundreds of thousands of devices, from brand-name TVs to random HDMI doodads on page fourteen of Amazon. For obvious reasons, they haven’t open-sourced this database.”

I say ‘was’ because Logitech is actually killing the entire product line now. Their CEO says it is because of competition from streaming, but that’s nonsense, they’ve wanted to get rid of the product line since 2013. As my source says, “if Harmony were its own company, I highly doubt they’d decide to shut down due to abject hopelessness.” Now the database will probably be destroyed, and people will have to redesign their systems to no longer include a universal remote. There’s also a security issue. :Since much of the Harmony software is cloud-based, countless systems may become inoperable, or impossible to update as new devices (e.g. the PS5) aren’t added to the database, or else vulnerable to hacking as security issues go unpatched.”

The punctuation in this excerpt is unclear, so I am unsure whether the “database being destroyed” claim is Stoller’s or his source’s. I think the colon in front of “since” was supposed to be an opening quotation mark. Nevertheless, the impression Stoller leaves is that this is the end of universal remote controls generally because Logitech is closing down its monopoly — and that is simply false on several levels.

To be fair, I am not a universal remotes expert by any means. I do have a couple of salient counterpoints that, I feel, undercut Stoller’s dramatic reading.

For one, there are many other companies that maintain databases of IR remote control codes, not just Logitech, so those codes are not disappearing off the face of the planet just because Harmony is going away. Some of those databases are also open to the public, like this one on GitHub. There are also some other universal options that, like those from Logitech, have those codes in a database and do not require individual programming — Logitech’s Harmony line seems to be the default pick among buyers’ guides, but Joanna Stern’s choice was the Ray Super Remote and TechHive likes a Caavo model. Most importantly, the universal control problem is slowly fading as HDMI CEC becomes more widely used and different remotes can be used with different equipment.

I do not have some sort of wild home theatre setup so a universal remote has never felt justified to me. The market does seem to have been dominated by Logitech’s products, but it is unclear why that is the case. It is not as though there are no other companies that produce universal remotes that work with audio-visual products from a bunch of different manufacturers, as well as smart home gadgets and streaming boxes. But while Logitech has firmly dominated the market for fifteen years and its absence will surely leave a void, that does not make Stoller’s take any more accurate.

Update: I have heard from a few people about their terrible experiences with CEC, and I feel compelled to half-correct half-clarify my remarks above. The correction is that CEC is not itself a driving force for why universal remotes are becoming less relevant. Smart TVs are a far bigger influence on that market.

For clarity, I also want to separate what CEC promises from what it is currently delivering. CEC seems to be a minefield of problems right now, and it is unclear that it will get better. But it does not seem inherently problematic by design. Its implementation is, from what I have read, all over the place, which makes it unreliable and kind of a crapshoot. So, in theory, CEC is a fine standard that, for many people, should eliminate the need for a Harmony remote; in practice so far, it is a small nightmare.

Ad Attribution Gives False Hope

I read these two stories from the Wall Street Journal today, back to back, and I think that is how you should also read them. You may be able to find these in Apple News Plus, but I also recommend checking out your local public library’s website — many will have a way of accessing paywalled newspapers like the Journal.

First, Christopher Mims reports on the impact felt by businesses owners as Facebook makes changes to its advertising attribution in advance of iOS 14.5:

Before, even the smallest business could throw as little as a hundred bucks at a tiny ad campaign on Facebook or Instagram, and get detailed and immediate feedback. Now they will have to spend substantially more — thousands of dollars at least — to show their ads to a larger audience, because the targeting will be less precise, says Christian Lovrecich, founder of PixlFeed Media, an e-commerce marketing agency.

[…]

“Even though in the short term this is probably not a great thing for small and medium-size businesses, in the long term it’s probably for the best,” says Solo Stove’s Mr. Merris. He expects innovators to find ways to build “wonderful personalized experiences that generate good return on investment, while getting around some of these hotter topics like data collection.”

There is little proof that greater perceived precision in targeting and attribution leads to lower spending or improved results.

Gilad Edelman, Wired:

Meanwhile, the ability to track users wherever they go tends to shift ad revenue from higher quality sites to less reputable ones. “The way the adtech system works is, it follows the reader from Wired.com all the way down to the cheapest possible place, the basement bottom-feeders on the internet, and will serve you the ads there,” explained Nandini Jammi, a former product marketer and co-founder of Sleeping Giants, which pressures brands not to advertise on sites that promote hate or bigotry. Jammi pointed me to worldlifestyle.com, whose homepage features a random jumble of years-old articles on celebrities, self-help, and cute animals. It’s a content farm: a site designed not for human eyes, but to make money by harvesting ad clicks from bots.

[…]

Many small businesses, especially direct-to-consumer, do use behavioral ads to build their customer base. David Heinemeier Hansson told me his company, Basecamp, had success with a Facebook ad campaign in 2017. “Compared to everything else we did online, they were the most effective,” he said. “Targeted advertising works.” (Hansson added that he gave up on Facebook advertising anyway because he finds it objectionable.)

And yet, if behavioral advertising were such a boon to entrepreneurship, you might expect it to have spurred a wave of startup growth. Even more than a decade since the recession, though, both the startup rate and the share of Americans working for small businesses are at historic lows—in large part thanks to the rise of monopolistic companies like Facebook and Google, according to many experts. Microtargeting might help some small enterprises get ahead, but that doesn’t mean it’s a boon overall. As with any business strategy, there are both winners and losers.

Ad tech companies love to put lots of numbers in front of customers because it gives the illusion of accuracy. The truth is that most of the numbers are fake. Ads are still targeted fairly imprecisely despite a wealth of user data — many of the ads I see are inexplicably in French — and they are not revenue goldmines. They are just the new standard and it will take some time to adjust. Merris, the primary individual profiled in Mims’ article, is right. This is going to be difficult for some people and businesses to adapt to, but it is the right thing to do.

Here’s the other Journal article I read, from Jeff Horwitz and Keach Hagey:

Google acknowledged in its responses that it had agreed to make “commercially reasonable efforts” to ensure that Facebook was able to identify 80% of mobile users and 60% of desktop users, excluding users of Apple’s Safari web browser, in ad auctions. The Texas complaint alleges that this activity appears “to allow Facebook to bid and win more often in auctions.”

Google further acknowledged in the filing that Jedi Blue required Facebook to spend $500 million or more in Google’s Ad Manager or AdMob auctions in the fourth year of the agreement, and that Facebook committed to making commercially reasonable efforts to win 10% of the auctions in which it had bids.

In reality, small businesses are handing over huge sums of money to Google and Facebook as they rig the online advertising market and scoop up unfathomable amounts of tracking information. The tracking is real; the targeting is hit-or-miss.

Keyboard Shortcuts in Many Web and Electron Apps Do Not Work Correctly With Non-ANSI Keyboard Layouts

Speaking of bad keyboard shortcuts, here’s Thomas Kainrad (via Michael Tsai) explaining how web apps from big-name tech companies are not fully compatible with his German keyboard layout:

This is most annoying when the most important keyboard shortcuts are inaccessible. A very common shortcut is / for accessing search functionality. Unfortunately, there is no /-key on most international layouts. Adding modifiers to produce this key with your layout rarely helps. For example, on my German layout, / is produced via Shift+7. Most web applications will ignore this. Similarly painful is when Electron apps use [ and ] for navigating backwards and forwards.

[…]

I want to be clear, broken keyboard shortcuts are not a law of nature. It is possible to implement web application shortcuts so that they can be typed with any layout. It shouldn’t be an excuse that even some of the most popular apps do not get it right.

Kainrad focuses on web applications partly because of how popular they are and partly because of their often flawed interpretation of key presses.

I do not understand why so many Electron apps, in particular, have invented their own shortcuts instead of doing their best to copy the system defaults. Most MacOS shortcuts are a combination of modifier keys and letters of the alphabet. But Apple is not perfect, either: the German version of that page indicates that the shortcut for showing and hiding the status bar in Finder windows, for example, is Command+/.

As I was digging around on this topic, I found a bunch of threads from German and Swiss German and French and Croatian Mac users who found some of the universal keyboard shortcuts difficult or impossible to type without fully switching layouts. But I also found an excellent eight year old post from Daniel Hoelbling-Inzko with a keyboard layout file that can be used with Ukelele to remap keys on the fly. I have not tried it myself but I am hopeful it might help those with non-U.S. keyboards switch layouts more easily.

Apple Keeps iMessage Exclusive to Its Products Because It Is an Effective Differentiator

In a court filing from Epic in support of its lawsuit against Apple, many Apple executives are on the record in emails stating the obvious: iMessage is not offered on non-Apple platforms because it is a compelling exclusive feature. For some reason, this is being seen as a shocking admission.

Sam Rutherford, Gizmodo:

In one quote dating back to 2013, Eddy Cue — who is now Apple’s senior vice president for internet software and services — said that Apple “could have made a version [of iMessage] on Android that worked with iOS,” providing the possibility that “users of both platforms would have been able to exchange messages with one another seamlessly.”

Sadly, it seems multiple Apple execs were concerned that doing so would make it too easy for iPhone owners to leave the Apple ecosystem, with Apple’s senior vice president of software engineering, Craig Federighi, having said, “iMessage on Android would simply serve to remove [an] obstacle to iPhone families giving their kids Android phones” — a sentiment Epic’s brief says was also shared by Phil Schiller, who back then was in charge of overseeing Apple’s App Store.

[…]

Unfortunately, while these testimonies seem to be pretty damning for Apple, it’s unclear if these revelations will force Apple to reconsider porting iMessage over to Android in the future. But at least now we know for sure why it never happened before.

It is worth pointing out that the “lock-in” described by Apple executives is not a literal lock preventing users from switching to another platform, nor is iMessage mandatory. You can stick to SMS on an iPhone if you want, and you can disconnect from iMessage if you do not want to use it.1

So how is this “damning”, exactly? Plenty of companies offer exclusive features that make it emotionally difficult to choose a different platform, while also having disadvantages. Google can show off the wide selection of phones that run Android, but Apple has made a choice to keep iOS to its own hardware, so it cannot make the same sales pitch. Conversely, Google cannot market the chaos of messaging apps on Android as an advantage, but Apple can show that iMessage is simple, works spectacularly, and requires no configuration.

This isn’t even new information. After WWDC 2016, Walt Mossberg asked Apple about the same topic:

When I asked a senior Apple executive why iMessage wasn’t being expanded to other platforms, he gave two answers. First, he said, Apple considers its own user base of one billion active devices big enough to provide a large enough data set for any possible AI learning the company is working on. And second, having a superior messaging platform that only worked on Apple devices would help sales of those devices — the company’s classic (and successful) rationale for years.

Is iMessage a compelling reason to buy more stuff from Apple? Sure — depending on where you live and how attached you are to other devices. But I fail to see the evil in a differentiating service or feature.


  1. I know there have been problems with Apple’s disconnecting tool. I do not think it is a case of Apple making things deliberately difficult. It is incompetence, if anything, which is not nefarious but also not an excuse. This service should be entirely reliable. ↩︎

Wix Is Running a Bizarre Ad Campaign Mocking WordPress

Matt Mullenweg:

Wix, the website builder company you may remember from stealing WordPress code and lying about it, has now decided the best way to gain relevance is attacking the open source WordPress community in a bizarre set of ads. They can’t even come up with original concepts for attack ads, and have tried to rip-off of Apple’s Mac vs PC ads, but tastelessly personify the WordPress community as an absent, drunken father in a therapy session. 🤔

[…]

Wix is a for-profit company with a valuation that peaked at around 20 billion dollars, and whose business model is getting customers to pay more and more every year and making it difficult to leave or get a refund. (Don’t take my word for it, look at their investor presentations.) They are so insecure that they are also the only website creator I’m aware of that doesn’t allow you to export your content, so they’re like a roach motel where you can check in but never check out. Once you buy into their proprietary stack you’re locked in, which even their support documentation admits.

Much like those recent Intel ads that also parody the Mac vs. PC campaign, Wix’s ads do not make much sense if you give them even a little extra thought. Take the one where a low-budget Bryan Cranston, playing the part of WordPress, collapses to the floor under the weight of forgotten maintenance and implores the site owner to switch to Wix. Sounds promising, except it is comparing a self-hosted software package to a managed platform, so it is not honest. Maintenance is not inherent to WordPress and, if you would prefer not to deal with it, there are managed options available through Automattic and many third-party providers.

If these ads are merely comparing the ease of a managed platform against something self-hosted, there’s no shortage of those, either. Squarespace is a pretty good choice, Shopify is terrific for commerce, and I have heard good things about Webflow. But the advantage of all of those — and WordPress.com — is that they let you take your website with you if you would like to switch to another platform. Wix does not.

I am not sure what these mean-spirited ads are supposed to achieve, but they do not make me want to recommend Wix to anyone. Quite the opposite. Other platforms are for nice people.

Third-Party Accessories Can Now Use Apple’s ‘Find My’ Network

Apple:

Apple today introduced the updated Find My app, allowing third-party products to use the private and secure finding capabilities of Apple’s Find My network, which comprises hundreds of millions of Apple devices. The Find My network accessory program opens up the vast and global Find My network to third-party device manufacturers to build products utilizing the service, so their customers can use the Find My app to locate and keep track of the important items in their lives. New products that work with the Find My app from Belkin, Chipolo, and VanMoof will be available beginning next week.

Belkin’s first product compatible with Find My is a set of wireless earbuds; the Chipolo product is a small tag you can attach to luggage or key rings. Sure seems like there is plenty of room for first-party versions of both.

Perhaps the most notable omission from this list of participants is Tile, but it should not be surprising that it is not in the program. For one, it is a member of the Coalition for App Fairness, a group of developers putting pressure on lawmakers to regulate app marketplaces because of Apple’s policies. For another, Tile has accused Apple of illegal anticompetitive practices by asking users to confirm background location tracking.

But the biggest hangup Tile faces is that the Find My spec is intentionally restrictive on privacy grounds. Rene Ritchie posted a few of the privacy considerations on Twitter today, but there was more information in the draft documentation released last summer. More relevant to Tile is that the spec prohibited locator devices from using Apple’s Find My network and a third-party network. Tile has its own network, so it would have to choose — or let users choose — whether specific tags are synced to Find My or to Tile’s network, not both. The spec is now locked away as part of Apple’s MFi program, so I cannot see the latest version, but I do not imagine this rule has changed.

Also, the badge in the photo of the VanMoof bike in Apple’s press release — the one that reads “Locate with Apple Find My” — is so much nicer than the MFi badge for packaging.

Movie Studios Know Streaming Service Exclusivity Is Untenable for Audiences

Katharine Trendacosta of the Electronic Frontier Foundation:

Instead of building better services — faster internet access, better interfaces, better content — the model is all based on exclusive control. Many Americans don’t have a choice in their broadband provider, a monopoly ISPs jealously guard rather than building a service so good we’d pick it on purpose. Instead of choosing the streaming service with the best price or library or interface, we have to pay all of them. Our old favorites are locked down, so we can’t access everything in one place anymore. New things set in our favorite worlds are likewise locked down to certain services, and sometimes even to certain devices. And creators we like? Also locked into exclusive contracts at certain services.

And the thing is, we know from history that this isn’t what consumers want. We know from the ’30s and ’40s that this kind of vertical integration is not good for creativity or for audiences. We know from the recent past that convenient, reasonably-priced, and legal internet services are what users want and will use. So we very much know that this system is untenable and anticompetitive, that it can encourage copyright infringement and drives the growth of reactionary draconian copyright laws that hurt innovators and independent creators. We also know what works.

The golden age of streaming really is behind us. But if movie studios come to their senses, there could be a renaissance of appreciation for streaming services, replacing the exhaustion of yet another monthly charge on our credit card bill.

Facebook Isn’t Sorry for Letting Someone Steal Personal Details of Half a Billion Users

Elizabeth Culliford, Reuters:

Facebook Inc did not notify the more than 530 million users whose details were obtained through the misuse of a feature before 2019 and recently made public in a database, and does not currently have plans to do so, a company spokesman said on Wednesday.

[…]

The Facebook spokesman said the social media company was not confident it had full visibility on which users would need to be notified. He said it also took into account that users could not fix the issue and that the data was publicly available in deciding not to notify users. Facebook has said it plugged the hole after identifying the problem at the time.

Graham Cluley:

Nowhere in Facebook’s post will you find the word “sorry.” Nowhere in Facebook’s post will you see an apology.

So I can assume that Facebook isn’t sorry. It doesn’t even say that it’s going to contact the half a billion users who have had their details leaked onto the internet – not because of the users’ own fault, but because of Facebook’s incompetence and lack of care.

There has been plenty of reporting around this latest data dump, but Facebook’s repeated breaches of security and user trust should not be so easily dismissed by the company. It is mostly treating this as a public relations problem that will blow over, which is unconscionable.

Google’s Primary Apps Now Feature Privacy Labels

Taha Broach, the 8-Bit:

After an almost four-month-long wait, Google has updated the App Store pages of all of its popular apps with Apple’s Privacy Nutrition labels. This news comes as reports suggest Google might be preparing its own privacy nutrition labels for individual app pages on the Play Store.

Today, Google updated the App Store page of its last popular app — Google Photos — to reflect the app’s tracking practices to users who are about to download the app.

At the beginning of January, Google said that it would be rolling these out “this week or the next week”. It’s pretty embarrassing that it took one of the world’s most valuable companies until the second week of April to tick more-or-less every box for the personally-linked data it collects.

Phone Numbers From That 2019 Facebook Data Breach Are Now in ‘Have I Been Pwned?’

Troy Hunt has added the half a billion phone numbers associated with a 2019 Facebook breach to Have I Been Pwned?, but there’s more:

The origin of all this data is still not clear. The initial set I was given adhered to a very consistent format, the set in broader circulation is more varied suggesting they’re possibly from multiple sources. Some people have suggested WhatsApp or Instagram as potential additional sources, but I’ve seen nothing to substantiate those claims.

Facebook are yet to put out a clear position on this. They’ve alluded to a 2019 incident being the root cause, but that doesn’t go far enough to explain the data in circulation. There’s a vacuum of information right now, and that vacuum is being filled with by a lot of speculation.

Facebook published a short press release from Mike Clark regarding this breach:

We believe the data in question was scraped from people’s Facebook profiles by malicious actors using our contact importer prior to September 2019. This feature was designed to help people easily find their friends to connect with on our services using their contact lists.

According to BBC reporter Joe Tidy, there were two large leaks of Facebook data in 2019. Tidy points to a September 2019 article in City A.M. as an example of one, while the other was in April 2019. According to Facebook, this weekend’s release consists of data from neither.

Also, for what it is worth, this was about the same time period during which “hundreds of millions” of Facebook and Instagram users’ passwords were stored in plain text in internal logs for years. These incidents are not connected by anything other than the company’s sloppiness, but it indicates a unique level of deviance. If there is one thing that Facebook is most notable for, it is arguably that its size and ubiquity have granted it a license to be shameless.

According to Anja Karadeglija of the National Post, Facebook never reported this breach to Canadian privacy officials as required. Facebook also said that the unauthorized scraping of user data stopped a month before GDPR regulations took effect so it also did not report this to European authorities. Natasha Lomas at TechCrunch reports that Irish regulators are investigating whether that is true.

Update: Lily Hay Newman, Wired:

Facebook says it did not notify users about the 2019 contact importer exploitation precisely because there are so many troves of semipublic user data — taken from Facebook itself and other companies — out in the world. Additionally, attackers needed to supply phone numbers and manipulate the feature to spit out the corresponding name and other data associated with it for the exploit to work, which Facebook argues means that it did not expose the phone numbers itself. “It is important to understand that malicious actors obtained this data not through hacking our systems but by scraping it from our platform prior to September 2019,” Clark wrote Tuesday. The company aims to draw a distinction between exploiting a weakness in a legitimate feature for mass scraping and finding a flaw in its systems to grab data from its backend. Still, the former is a vulnerability exploitation.

Automatic contact matching remains a glaring privacy and security vulnerability. Facebook built a database of about a quarter of people on Earth and then, for a long time, allowed anyone to associate phone numbers — something that has a predictable format — with names, photos, email addresses, and more.

‘New Outlook’ for Mac Has an Objectively Stupid Keyboard Shortcut for Discarding Messages

This episode of Josh Calvetti’s excellent “Sweating the Small Stuff” series is infuriating.

Microsoft has two different versions of Outlook in the Outlook for Mac app. One of the keyboard shortcuts changed in New Outlook compared to the “classic” Outlook app is +Shift+D. In Apple’s Mail app, this is the shortcut for sending a message. In New Outlook, it discards the message you have just finished writing — without warning or confirmation — where it disappears into the aether.

It is one thing to repurpose a different keyboard shortcut; it is entirely stupid to use a task completing shortcut in a circumstance that causes instant data loss. I do not understand why anyone would want a way to discard the message they are writing without warning, but it should not be this way.

Anyway, go watch Calvetti’s video and then all of us who use Outlook for work can be upset about this together.

Update: This keyboard shortcut is, thankfully, being changed in a future version of New Outlook to +Escape.

Inadvertent Algorithmic Cruelty

I wanted to link to a couple of additional pieces related to today’s essay by Lauren Goode. Eric Meyer (via Andy Baio) wrote about what he called “inadvertent algorithmic cruelty” in 2014 after the death of his daughter:

Algorithms are essentially thoughtless. They model certain decision flows, but once you run them, no more thought occurs. To call a person “thoughtless” is usually considered a slight, or an outright insult; and yet, we unleash so many literally thoughtless processes on our users, on our lives, on ourselves.

Where the human aspect fell short, at least with Facebook, was in not providing a way to opt out. The Year in Review ad keeps coming up in my feed, rotating through different fun-and-fabulous backgrounds, as if celebrating a death, and there is no obvious way to stop it. Yes, there’s the drop-down that lets me hide it, but knowing that is practically insider knowledge. How many people don’t know about it? Way more than you think.

It is also presumptuous to assume that most photos represent memories that a user would like to see right now.

Stephen Hackett also shared his story:

Over the last several years, I’ve been dealing with something similar. While not a broken engagement, I’ve been stopped in my tracks any time I come across — or am shown by a computer — photos of the time before our oldest son was diagnosed with brain cancer. When a photo would show up, I would tell my phone I didn’t want to be reminded of it anymore, but it would still be burned into my brain hours or even days later.

Hackett’s piece ends on a welcome, positive note — through therapy, he is working to overcome feeling stuck in these traumatic memories.

These are two very welcome pieces. For what it is worth, I think both these writers — and Goode — are very brave for sharing their stories. I appreciate it.

The Internet Does Not Let You Forget

In Wired, Lauren Goode wrote about how the apps and services she uses will not let her forget about the wedding she cancelled:

[…] The internet is clever, but it’s not always smart. It’s personalized, but not personal. It lures you in with a timeline, then fucks with your concept of time. It doesn’t know or care whether you actually had a miscarriage, got married, moved out, or bought the sneakers. It takes those sneakers and runs with whatever signals you’ve given it, and good luck catching up.

[…]

I want a chisel, not a sledgehammer, with which to delete what I no longer need. I don’t want to have to empty my photo albums just because tech companies decided to make them “smart” and create an infinite loop of grief. That feels like a fast path to emotional bankruptcy, a way to “rip out so much of ourselves to be cured of things faster than we should,” as the writer André Aciman put it. “To feel nothing so as not to feel anything—what a waste.” There it is: What a waste. Not wasted time, even if that is also true; that would be too cynical. A waste of potential joy.

This essay is a phenomenal exploration of coping with our decreased agency over our memory.

One of the Google engineers that Goode interviewed for this story explained that they implemented their Memories feature because, in part, many pictures were not viewed after they were taken. It seems that few people considered that, sometimes, we do not want to see those photos again — or, if we do, that we would like to do so on our own terms.

Yahoo Answers Is Going Away on May 4

One of my college instructors pointed out that few products have been so aptly named by accident as Yahoo Answers. Now where will I go to find out if I am prengnan?

It is unclear how unceremoniously wiping history from the internet service-by-service plays into Verizon’s long-term goal of transforming Yahoo into a premium subscription brand. I guess if you are going to copy something from Google, might as well be how often products simply disappear with a few weeks’ notice. Makes people think you’re innovating.

Uber May Stop Letting Drivers See Destinations and Name Prices in California

Carolyn Said, San Francisco Chronicle:

Too many drivers cherry-pick lucrative rides and decline other requests, making the service unreliable, the San Francisco company said on Monday. Uber no longer has to worry about proving that drivers are independent contractors, because Prop 22 — the November ballot measure that Uber and fellow gig companies spent $220 million to pass — enshrines their non-employee status.

[…]

Uber argued in court last summer that drivers’ ability to see destinations and set prices meant they were truly independent. California and three city attorneys are suing Uber and rival Lyft over driver classification under AB5, in a case that continues, but now will only look at conduct before Prop 22 took effect.

But on the streets, the move backfired. A third of California drivers declined more than 80% of their ride requests, making the service unreliable, Uber said this week. About a fifth of potential passengers in California now end up not finding a ride, a sevenfold increase from previously. The pandemic further constrained the number of drivers, who must now grapple with the risk of the virus.

In order to maintain the façade that Uber has always been a disruptive tech company where people could take “gigs” as drivers, instead of an illegal taxi operation that exploits contractor classification, it rushed into place just enough features to qualify drivers as independent workers. What it learned from this experiment is that Uber’s model falls apart when drivers are actually independent.

The Data Broker Industry Is Spending Big Bucks on Lobbying Efforts

Alfred Ng and Maddy Varner, the Markup:

All in all, we found 25 companies whose combined spending on federal lobbying totaled $29 million in 2020. Many of the top spenders were not pure data brokers but companies that nonetheless have massive data operations. Oracle, which has spent the past decade acquiring companies that collect data, spent the most by far, with disclosure documents showing $9,570,000 spent on federal lobbying.

For comparison, of the Big Tech firms with heavy lobbying presences, Facebook spent $19,680,000, Amazon $18,725,000, and Google $8,850,000 in the same period, according to the Center for Responsive Politics. Public Citizen, a consumer advocacy group, found that Big Tech spent $108 million collectively on lobbying in 2020.

Oracle has its own data collection arm but has also built its portfolio by buying up companies like DataRaker, Compendium, and Crosswise. The companies, which were acquired in 2012, 2013, and 2016, respectively, take data from a variety of sources. DataRaker gets data from millions of smart meters and sensors for utilities companies, while Compendium delivers targeted ads. Crosswise allows Oracle to track people across devices, claiming to process data from billions of devices every month.

The data broker industry is not new to frequent readers of this website, but it does not receive nearly as much public attention as Facebook and Google. That is probably because data brokers deliberately avoid a public presence, while Facebook and Google have many public-facing products.

Another feature of the data broker industry is its ubiquity. While it is extraordinarily difficult to opt out of Facebook and Google’s tracking mechanisms, it is effectively impossible to eliminate yourself from the data broker industry — especially in the United States. The Office of the Privacy Commissioner of Canada put together a great 2019 report on the data brokers in Canada:

The data brokerage industry occupies in a region of the economy that is opaque to consumers, its objects of commerce. It is difficult for consumers to appreciate the mechanisms by which data brokers collect, use and trade in consumers’ personal information, and so the usual mechanisms by which markets discipline businesses are not in place. The industry is complex, with multiple kinds of actors collecting, processing, and aggregating data to create and use consumer profiles. Reporting by [the Canadian Internet Policy and Public Interest Clinic] and others on the activities of the industry are insufficient to overcome this difficulty.

This report recommended more investigation and oversight, but it has limited effect. At the very least, Canadians’ personal information has some national and “substantially similar” provincial protections through legislation; in the United States, a 2014 report found, this is not the case, so far more private data is collected, traded, combined, and sold.

SCOTUS Says That Google’s Implementation of Oracle’s Java APIs Is Protected by Fair Use

BBC News:

Justice Stephen Breyer, in his written opinion, said that “to allow enforcement of Oracle’s copyright here would risk harm to the public”.

So many programmers used and had deep knowledge of Oracle’s building blocks that such a move would turn computer code into “a lock limiting the future creativity of new programs”.

“Oracle alone would hold the key,” he warned.

[…]

Oracle made clear that it firmly disagreed with the court’s judgement, saying that it had increased Google’s power further and damaged other companies’ ability to compete.

“They stole Java and spent a decade litigating as only a monopolist can,” said Dorian Daley, the company’s general counsel, in a statement.

The reason I am linking to the BBC’s reporting on this verdict is that, if you scroll to the bottom of its article, you’ll see previous coverage going back to 2010. For much of that battle, Oracle has tried to play the role of the little company burdened by Google’s thievery. In the last eleven years, though, Oracle has become six times as valuable and is now worth over $200 billion — it seems pretty clear that Oracle can also afford to litigate for a decade in the hopes that it can have a monopoly on Java’s APIs and set a worrisome precedent for all software.

Personal Data Leaked From Five Hundred Million Facebook Users

Catalin Cimpanu, the Record:

A threat actor has published the phone numbers and account details for an estimated 533 million Facebook users —about a fifth of the entire social network’s user pool— on a publicly accessible cybercrime forum.

According to samples reviewed by The Record today, the leaked data includes information that users posted on their profiles. Information leaked today includes Facebook ID numbers, profile names, email addresses, location information, gender details, job data, and anything else users might have entered in their profiles.

Furthermore, the database also contains phone numbers for all users, information that is not always public for most profiles. A cursory review from The Record found multiple phone numbers for users that had not made their number public on the site.

[…]

“This is old data that was previously reported on in 2019,” a Facebook spokesperson told The Record. “We found and fixed this issue in August 2019.”

Well that is a relief since everyone I know has gotten a new name, email address, and phone number since August 2019.

Snap Has Explored Tracking Groups of Users Without Consent

Patrick McGee and Hannah Murphy, Financial Times:

According to recent internal documents seen by the Financial Times, Snap wanted to gather data from companies that analyse whether people have responded to ad campaigns, including aggregated IP addresses, the labels that identify devices connected to the internet.

It hoped it could take that data and cross-reference it against the information it holds on its own users to identify and track them, in a technique known as “probabilistic matching”, according to several people familiar with its plans.

After being contacted by the FT about its plans, Snap acknowledged it had run a probabilistic matching programme for several months to test the impact of Apple’s new policies, but said it had always intended to discontinue the program after Apple introduces its changes, as such a system would not be compliant.

Expect to see a lot more of this sort of thing as marketing companies and data brokers you’ve never heard of try to find surreptitious ways of tracking users instead of just asking permission.

The Former Netflix DVD Library Is a Lost Treasure

Jim Vorel, Paste:

And this, ultimately, is the tragedy of losing that Netflix DVD collection of old — there’s genuinely no alternative for replacing it within the streaming world, no matter how much you’re willing to spend. Certainly, there’s no other service out there mailing DVDs at anywhere near this scale, even after Netflix’s own DVD.com has contracted significantly. Nor is there a local, brick and mortar video store in the vast majority of American cities at this point. It comes down to direct comparisons with what other streamers can offer — HBO Max, for instance, doesn’t have a huge selection of streaming movie titles, but it does have a comparatively high quality one. Amazon Prime Video offers the exact opposite experience — an insanely, incomprehensibly vast library that is large primarily because it’s filled with zero budget films that look like home movies uploaded directly by users. The Netflix DVD library struck what was perhaps the ideal balance here — truly vast and eclectic, but also with a baseline quality level of films that had to at least qualify on the front of “had a physical release at some point.”

Even though streaming media is a young industry, it is possible that its golden days are already behind it.

The curious thing is that these services are both balkanized — in that they have vast amounts of stuff licensed exclusively to one service — and conglomerated — there are only a handful of parent companies that own all of Hollywood’s major studios. So instead of the music streaming model, where most people just pay for one service and then listen to a massive catalogue of music ranging from mainstream hits to independent artists, the movie industry thinks we’re all going to pay for each of their siloed services that are mostly full of original programming that is the purest definition of “content”. That seems customer hostile, and quite unlikely.

Many of these studios also own record labels, so I hope this model does not expand into music or other forms of media. I cannot imagine paying separate subscriptions for different libraries of music.

Blocking Is the Next Big Canadian Internet Policy Battle

Speaking of Michael Geist and the stack of internet companies, here’s a great piece from Geist about overzealous proposed demands by the CRTC to require ISPs block botnets:

Yet the reality is that Canada’s telecom providers have been working on these issues for decades without the need for a regulator to mandate a blocking system. Further, any blocking system creates collateral damage including over-blocking of legitimate websites and increased costs for consumers. While there is room to increase information sharing and update codes of conduct, a CRTC-based blocking mandate will open the door to a steadily expansive approach to Internet blocking. In fact, the consultation has already attracted a submission from Allarco Entertainment that wants an expansive definition of botnets to include streaming devices so that blocking would extend to copyright with mandated blocking against unauthorized streams (in other words, Fairplay through the botnet back door).

If we are to have some sort of nationwide shared blocking initiative amongst ISPs — and it concerns me that this could be a reality — the bar must be extraordinarily high for something to be blocked, and it must fit into a narrow category of acceptable targets. But this seems like a poor idea on its face.

Facebook Indicates It Will Prohibit Canadian News on Its Platform if Canada Proceeds With Publisher Linking Fees

Daniel Van Bloom, CNet:

In the middle of February, as the Australian government was passing a bill that would force Google and Facebook to pay publishers for news that surfaces on their platforms, Australia’s 16 million users found that news content had vanished from Facebook’s website and app. Now, with Canada’s government mulling similar legislation, it’s possible the story could repeat itself across the Pacific.

Sitting before a parliamentary committee on Monday, Facebook Canada’s head of policy, Kevin Chan, said that any law that forces Facebook to pay publishers each time their news content is shared on its platform “fundamentally breaks the premise of how a free and open internet works,” reports local media.

While I generally agree with arguments that these link taxes are foolish, I get the argument as it pertains to non-U.S. media, and links on Facebook and Google. The two companies have established a duopoly in advertising on the web — 40% of the world’s advertising spending for ads that appear on the open web goes through Google, according to Jounce, and around 80% of digital ad money in Canada is spent with either Facebook or Google — and both companies are based in California. That means that a massive amount of the funding that keeps media alive around the world has been claimed by two American companies, both of which are happy to send users to media organizations’ websites. It is like they are playing both sides of the market.

But it is ridiculous to demand a license for linking. As Michael Geist writes, “linking is a normal, commonly used practice that hundreds of millions of people engage in every day”. Requiring some sort of fee or license to link to media websites is a terrible solution, even if it is only applied to the same companies that have seized control of their revenue stream. We need a better long-term model for ensuring journalism’s solvency. We also need this online advertising duopoly — or triopoly — to be restricted so worldwide spending does not disproportionately end up on the west coast of the United States.

The Acquisition of Shaw by Rogers Will Raise Prices and Erase Jobs

OpenMedia’s Laura Tribe, in an editorial in the Star:

In the middle of a pandemic, when quarantined Canadians have turned to a battalion of gig workers across the country armed with smartphones to deliver everything from diapers to doughnuts, Rogers seeks to snuff out one of the few competitive hopes for Canada’s already brutal wireless industry.

Now Rogers finds itself in the awkward position of having to explain away all of Shaw’s great marketing. After less than a year, the wireless disrupter “beginning to set the tone for a new era of competition” is gearing up to be the latest hood ornament on the Rogers family dynasty.

Cutting through the marketing, this transaction means what every merger in a concentrated industry means: less choice and higher prices for a service that is increasingly critical to the livelihoods of Canadians.

As the crisis phase of this pandemic begins to subside thanks to worldwide vaccination programs, many businesses have indicated that they will continue to support some form of remote work indefinitely. If this acquisition is approved, it will mean we are more dependent on fewer providers. It creates no incentives for any of our ISPs or cellular providers to reduce the ridiculously high prices we all pay, but there are more reasons for them to charge ever-greater rates.

Apple Stops Identifying Siri Voices by Gender, Adds Two New American English Options

Matthew Panzarino, TechCrunch:

Apple is adding two new voices to Siri’s English offerings, and eliminating the default “female voice” selection in the latest beta version of iOS. This means that every person setting up Siri will choose a voice for themselves and it will no longer default to the voice assistant being female, a topic that has come up quite a bit with regards to bias in voice interfaces over the past few years.

[…]

In some countries and languages Siri already defaults to a male voice. But this change makes the choice the users’ for the first time.

I like how these are labelled numerically rather than by apparent gender. The two new voices sound excellent; they’re Voice 2 and Voice 3 in the American English dialect, and I recommend giving them a try when you install iOS 14.5.

None of these changes helps make Siri any more reliable or consistent, but at least it sounds far better while confidently disobeying your intent.

Lux’s Long Term iPhone 12 Camera Review

Lux’s Sebastiaan de With reviewed the iPhone 12 family as cameras. I think the whole thing is excellent — it sure helps that de With is a terrific photographer — but this, from the conclusion, stands out to me:

Smart image processing, magical multi-frame combination, deep fusion, night mode: the best camera is the one that is not just on you, but gets out of the way. That takes a great photo, yet does this smart enough to make you feel like you actually took it. A camera that takes better photos but remains neutral — allowing the photographer the flexibility to edit it afterwards to make it fit their mood and artistic vision. 

Great cameras let you fail.

In out-of-the-box auto mode, I’m glad the iPhone does a lot to make pictures look terrific, without trying to invent a scene that doesn’t exist. But I am happier still that there are APIs and settings to bypass all of that and let me create the image in my head. That is, as long as I take the time to compose the shot properly, set the exposure just so, and capture the scene carefully. You know — photography.

Video Creators Again Discover Facebook Has Shorted Them on Ad Revenue

Ashley Carman, the Verge:

And he’s not the only one who hasn’t been entirely paid out. The Verge spoke with two other Facebook video creators, all of whom say the company shorted them on cash and ignored their requests for help. The creators had no reason to initially question the amount they were paid since Facebook’s estimated revenue tool almost always mirrored their actual payouts. Usually, they’d be short only a couple hundred dollars. But after their revenue seemed off two months in a row, the creators say they looked into the issue. All three say the problems began in January, around the time Facebook transitioned to its new Pages experience and made updates to how creators can monetize.

[…]

But these creators say Facebook only cares about advertisers, leaving them with no one to turn to when their payments are unexpectedly short. They reached out for help, but the company gave them no feedback on what could be wrong.

After The Verge reached out for comment, however, Facebook said it “resolved a technical issue that prevented a small number of video creators on Facebook from receiving their full in-stream ads payouts.”

Facebook does this sort of thing a lot. It has also apparently been asking writers and journalists to join its newsletter project, but I am not sure I would take that bet. It seems risky to gamble your livelihood on whether Facebook feels like paying you in full.

WWDC 2021 Starts June 7

I know this is trite in 2021, but I had to look back and see what happened last year. In February, MWC and Facebook’s F8 conference were cancelled and I began wondering if WWDC would go ahead as planned. With a full pandemic year behind us, my naïvety feels quaint.

Unsurprisingly, this year’s conference will also be online-only and it will still be free. This will not be Apple’s first product announcement this year — there is some new hardware coming next month — but the software side is often more exciting because it means new capabilities for your existing stuff. I’m looking forward to seeing what is new across the board but, in particular, in iOS 15 and MacOS 12.

Getty Images Acquires Unsplash

Mikael Cho, co-founder of Unsplash:

This is not one of those tech acquisitions where the company is bought to be shut down. Unsplash will continue to operate as a standalone brand and division of Getty Images. The entire Unsplash team will be staying and building Unsplash in the direction we have been. The main difference now is we have access to the resources and experience of Getty Images to help accelerate our plans to create the world’s most useful visual asset library.

Unsplash promises it will remain free and that the photography license will not be changing, but that is not comforting. Getty has a reputation as a copyright troll and has even demanded licensing fees for images in the public domain.

By the way, it is striking how concentrated the stock photography market has become around a few key players. Getty Images has been particularly aggressive in its acquisitions of image libraries and other brands. It owns iStock, it bought Mediavast’s catalogue, and — through a complex licensing deal involving its Chinese distribution partner Visual China Group, which also owns 500px — it bought the rights to Corbis’ library. It is also surprising to me how many of these companies are Canadian: iStock is still based in Calgary, 500px in Toronto, and Unsplash is in Montreal.

Twitter Accounts Ostensibly Belonging to Amazon Employees Are Promoting the Company as It Faces a Unionization Push

Ben Gilbert, Insider:

“Hey everyone!! This is Yola from Oak4,” an account tied to an employee named Yola said last week. “I just joined a program where I am able to answer any questions, comments or concerns you may have about Amazon. I can’t wait to share what my experience working here has been like for me.”

The account, like several others reviewed by Insider, was started in March 2021. Rather than posting, the accounts focus on responding to people tweeting about the company.

Back in 2018, Amazon admitted to paying a small army of employees to tweet positive things about the company.

Not coincidentally, warehouse workers in Alabama finished voting yesterday on whether they should unionize; the result is expected in the coming days. But it is unclear which, if any, of these accounts are part of an Amazon astroturfing campaign, and which are fraudulent.

Here’s the BBC:

Many of the accounts involved used the handle @AmazonFC followed by a first name.

Amazon has previously used this handle for its so-called Amazon Ambassadors – real employees who are paid by the firm to promote and defend it on Twitter.

[…]

Several of the high-profile accounts have been suspended by Twitter. It told the BBC that Amazon Ambassadors are subject to Twitter’s rules on spam and platform manipulation.

Accounts which impersonate or falsely claim to be affiliated with a company, can be temporarily suspended or removed.

In 2019, Amazon reused some of these Twitter accounts under new names; this time, a bunch of new accounts surfaced with profile pictures cribbed from AI face generators. One of the more notable new accounts was “Darla’s”, as Matt Novak of Gizmodo explains:

Just take a look at the ears and the way the hair falls if you need any evidence that the photo of “Darla” is computer generated.

But photos aside, is Darla possibly real in other ways? Frankly, it’s really hard to tell. Some of the tweets almost seem purposely obtuse in the way that a troll might tweet.

“Amazon is NOT union busting, I can not stress that enough! Amazon is just trying to prevent employees from fraternizing or organizing outside of company-approved channels,” Darla tweeted over the weekend.

If that seems a little too perfect, that’s probably because it is. Aric Toler of Bellingcat spotted that the account was associated with a Gmail address instead of an Amazon one. That was the case for many of these new accounts, as Emanuel Maiberg of Vice says:

@AmazonFCDarla and @AmazonFCLulu are just two of the accounts Twitter suspended yesterday. Another used a photo of a guy from Dude Perfect, the YouTube trickshot guys; it was quickly suspended. Other ambassador accounts that appear to be endorsed and operated by Amazon, are still online, and posting only slightly less deranged content about how much they love working at Amazon. The accounts belonging to Amazon were registered with @amazon.com emails. The accounts we noticed had seemingly AI-generated faces were registered with other emails, or required an email before continuing the account verification process. @AmazonFCDarla and other seemingly fake Amazon ambassador accounts had open direct messages. The official Amazon ambassador accounts did not.

It’s kind of funny that Amazon thought these “ambassador” accounts — there are still some real ones — were a great PR move in the first place. It uses a predictable format and doesn’t control the Twitter namespace, so it is trivial for others to create parody accounts that highlight many of the reasons workers are unionizing. But I am not surprised many people fell for these tweets. Amazon’s PR strategy has been so hostile lately that a member of its security team filed a report speculating that the @AmazonNews account may have been accessed by an unauthorized user.

Regardless, the collapse of context on Twitter makes it easy to create the impression of legitimacy with little work. It sort of feels like screaming into the void to encourage extra vigilance on Twitter, but I think we can all remind ourselves and each other to be more careful about reacting strongly to tweets from new and unfamiliar sources.

Concentrated Influence in the Internet’s Stack, Not Just Platforms, Creates Different Venues for Control

A couple of weeks ago, at the end of a piece about Substack’s alleged duty to moderate, I wondered how much of that demand came from its name-brand quality. Substack is more of a utility service than social media platforms, so if it were more subtle in its branding, I am not sure there would be so many people arguing that specific writers ought to be booted off. A user being removed from a platform is one thing, but having some crappy writer’s website disrupted at a DNS level would be more troubling.

So I was surprised to see a new reference from Geoffrey A. Fowler and Chris Alcantara at the Washington Post last week diving into some of those more infrastructural layers. It is an okay piece, but it is not without criticism. Let’s start with the premise in the headline:

Gatekeepers: These tech firms control what’s allowed online

That is only sort of true because there are laws that also restrict what is allowed online — and in other media — and laws that expressly permit what may be said. I bet you are thinking of one right now, so I’ll let Fowler and Alcantara take it from here:

A law known as Section 230 of the 1996 Communications Decency Act says “interactive computer services” — companies up and down the stack — cannot be held legally responsible for what others use their services to say. That provides them with a legal shield, with a few exceptions such as sex trafficking, but also gives companies the right to police content as they see fit.

Ah — so close. While Section 230 passes legal liability to individual users rather than platforms, it is the First Amendment that gives companies large and small the right to moderate as they would like.

So, we’re not off to a good start. But the questions raised by this article are worth considering:

Do companies have a responsibility to moderate content because they have the technical ability? Or does the fact that they could make the wrong calls mean they should hold back?

Fowler and Alcantara break the internet’s stack into five components, from those nearest the surface to those at the bottom:

  • Platforms

  • Cloud computing and hosting providers

  • Content delivery networks, and security and payment services

  • Domain registrars (and DNS providers, but this article does not make the distinction clear)

  • Internet service providers

As you get further down in this stack, the power becomes more concentrated so the standard for moderation ought to be much greater. For instance, it does not seem to be controversial that platforms should make an effort to remove terrorists of any faction. But should ISPs make terrorist materials inaccessible? On its face, that is not a bad idea, but doing so could make it harder for researchers to do their jobs, and there is a whiff of the banned book emanating from this thought.

The fact is the entire internet stack is one private company on top of another. That means each gets to make its own decisions about how it wants to operate, and that will sometimes mean making hugely consequential decisions that reverberate upwards, often with little accountability aside from a brief public relations battle.

If you wanted to reduce the power of the companies at the bottom end of this chain, it would be a good idea to pass strong net neutrality regulations. A more radical idea would be to nationalize Tier 1 providers. I know that is a shocking suggestion for some, particularly in the U.S., but I would welcome it in Canada — though I imagine there are some unforeseen consequences and I will probably get emails calling me a communist.

Further up the stack, there is often more competition than the Post article indicates. For example, there are many more payment processors than are listed in the article, but they lack name recognition.1 One of the side effects of mainstream social media companies cracking down on disinformation campaigns is the increased popularity of other social networks. Unfortunately for people with humanity and a conscience, these are mostly platforms that have a permissive attitude towards white supremacists, which they laughably defend as a principled free speech stance. So, while I think the current use of Bitchute is abhorrent and I have no expectation that it will be serious competition for YouTube, it is at least an attempt at doing something different.


  1. For what it is worth, there are many companies involved when you buy something from an online store. It is its own stack in which there are some companies with very little competition↩︎

Amazon’s PR Strategy Seems to Be Inspired by a Steroid-Fuelled Rage

You know that scene in “American Psycho” where Bateman and Bryce escape to a nightclub bathroom to do lines of some apparently low-quality cocaine, sending both of them into a rage at the occupants of the adjacent stall, which Price blames on his steroid use?

I have been wondering if that is the inspiration for Amazon’s increasingly aggressive PR strategy.

Nick Statt, the Verge:

Amazon is intensifying its bizarre online public relations strategy of picking increasingly petty fights with sitting US Congress members, with the company’s Amazon News account on Friday shifting targets from Rep. Mark Pocan (D-WI) and Sen. Bernie Sanders (I-VT) to Sen. Elizabeth Warren (D-MA).

[…]

Somehow, one of the most powerful and valuable companies on Earth has decided its bold new PR strategy should involve playing immature semantics with a US senator.

Dave Clark and Jay Carney are similarly hostile on Twitter. It is unclear who, exactly, is behind the Amazon News account, but they are both setting the company’s public tone on the asshole-coming-down-from-a-bender mark. It is just a very strange look for any company, let alone one that is under so much regulator scrutiny.

What Happened to Arizona’s App Store Bill?

Brittany Gibson, the American Prospect:

Big Tech lobbyists in Arizona caused just enough confusion over an app store reform bill to run out the clock on this year’s legislative session. The bill would have ended the practice of app developers being charged high fees for payment processing by Google and Apple, the two dominant cellphone operating systems.

After being hotly debated and passing along near-partisan lines in the state House, HB 2005 was then put on the agenda for the state Senate Commerce Committee but ultimately not given a hearing. Friday was the last day the bill could be heard by the committee.

[…]

The hold also prevents Republican Gov. Doug Ducey from having to weigh in on the Big Tech debate occurring within the GOP. One of the first lobbyists hired by Apple to work against HB 2005 was Ducey’s former chief of staff Kirk Adams, who was also previously a Republican Speaker of the House. “His engagement is a very clear sign that the governor did not want this coming to his desk; he wanted this to go away,” the source said.

Similar bills are being considered in many U.S. states. This effort may have sputtered in North Dakota and fizzled out in Arizona, but there are some bigger states like New York and Illinois working through the same kind of bill.

Apple Tells Australian Regulator That the App Store Has Plenty of Competition With Websites and Other App Marketplaces

Asha Barbaschow, ZDNet:

Apple has responded further to the Australian consumer watchdog’s probe of app marketplaces, this time rejecting characterisation that the Apple App Store is the most dominant app marketplace and saying there are other options for iOS users, such as by going to a website.

[…]

“Apple is not in a position to disregard the environment in which its app marketplace operates and does not accept the Commission’s characterisation of the Apple App Store as ‘the most dominant app marketplace by a large margin’.”

I am reminded of WWDC 2007 and, more specifically, John Gruber’s memorable retort:

Perhaps it’s playing well in the mainstream press, but here at WWDC, Apple’s “you can write great apps for the iPhone: they’re called ‘web sites’” — message went over like a lead balloon.

[…]

Telling developers that web apps are iPhone apps just doesn’t fly. Think about it this way: If web apps — which are only accessible over a network; which don’t get app icons in the iPhone home screen; which don’t have any local data storage — are such a great way to write software for iPhone, then why isn’t Apple using this technique for any of their own iPhone apps?

Some of those things have changed: web apps are far more capable now than they were fourteen years ago, you can “install” them to your home screen, and it is very rare in much of the world to not be connected to some kind of network almost all the time.

What hasn’t changed is that apps and websites are fundamentally different experiences. Apple isn’t rebuilding its own apps as web apps — it has web apps, certainly, and plenty of its native apps have components written in web languages, but I cannot imagine that it would scrap its native Mail or Reminders apps in favour of HTML versions.

With the arguments in this filing (PDF), Apple is effectively standing by its fourteen year old stance that the iPhone — and, by extension, the iPad, Apple Watch, and Apple TV — are specialized platforms that it has been gracious enough to allow native development on and, in order to maintain that system, must extract 15–30% of developers’ revenue earned through these platforms. Developers believe that all of these devices — but, particularly, the iPhone and iPad — are more like smaller versions of a personal computer, that they should be able to write the apps they want and distribute them in a manner of their choosing, and that the 15–30% of platform-originating revenue claimed by Apple through its payment mechanisms is not a profit margin akin to that of any other store but is instead an exploitative transaction fee.

I have so far not read a well-defined argument for why iOS devices are more akin to specialized computers than general-purpose computers, nor have I read a good argument for why they are just smaller versions of personal computers. I think I would prefer an iPhone where I can install native apps from anywhere and with many competing marketplaces, but I also think I would get frustrated by the compromises made by demoting a centralized catalogue.1 Regardless of whether I would personally prefer more flexibility with my own devices, it is frustrating that I cannot decide that without switching to a worse platform that has generally lower-quality apps. Many new apps launch first on iOS — so the platform’s restrictions do not seem like a deterrent — but I cannot see a great argument for why it must be the case that, for iOS to maintain its superior quality, it must adhere to this app distribution model.

Purely as an observer, it seems like a mistake on Apple’s part for it to allow developers’ qualms with iOS app distribution to fester. Now, it is likely that a court somewhere in the world will partly set the rules of how these middle-marketplaces must operate. That’s democracy. But I am sure executives at Apple would prefer that they got ahead of these predictable disputes and averted them so that they did not escalate.


  1. This is true on MacOS, too. For example, I wish apps did not individually handle updates in their own way on my Mac. I wish that all of them could tie into a universal software update mechanism, so my apps are always up to date no matter whether I got them from the App Store or elsewhere. I appreciate Sparkle for what it is, but I prefer silent updates done in the background. ↩︎

Beginning in May, AMP Pages Will No Longer Be Artificially Prioritized in Google Searches

Barry Schwartz, writing for Search Engine Land in November:

The Google Page Experience update is set to launch next May, Google confirmed Tuesday. That’s roughly a year after the company first announced the update and gives us another six months to prepare for it.

[…]

As we outlined in May, page experience is made up of several existing Google search ranking factors, including the Mobile-friendly update, Page Speed Update, the HTTPS ranking boost, the intrusive interstitials penalty, safe browsing penalty, while refining metrics around speed and usability. These refinements are under what Google calls Core Web Vitals.

Dwayne Lafleur:

Google provided a distinct advantage to sites using AMP – priority placement on the world’s largest traffic source – Google search. I’ve had the pleasure of working with more than twenty thousand publishers in the five years since AMP’s launch, and I don’t believe I’ve ever heard a single reason that a publisher uses AMP other than to obtain this priority placement. Let me package that up for you — Google, the most dominant search engine globally — used that dominant market position to encourage publishers to adopt technology so that Google could store and serve publisher’s content on Google’s domain. How is that legal? Well, I’m not a lawyer, but it possibly isn’t.

The good news is that, in May, this is all about to change. Part of the Google update is that all pages with high Page Experience scores are eligible to be in the featured top news carousel. This effectively means that publishers will no longer be forced to use AMP and can instead provide fast, rich experiences on their own domains.

Let us hope this marks the rapid decline of a proprietary format designed to replicate the open standards of the web in a way that Google can more readily control and track. May all future attempts at this nonsense fail long before they are legitimized.

The Streaming Music Paradox

Ben Sisario of the New York Times, in conversation with Shira Ovide:

There’s a complicated and opaque formula that determines how the $10 monthly subscription for Spotify or Apple Music makes its way to artists. After those services take their cut, about $7 goes into a pot of money that gets split a bunch of ways — for the record labels, songwriters, music publishers, artists and others.

The more people listen to music, the less each song is worth because it cuts the pie into smaller and smaller slices. I’ve seen financial statements from some fairly popular independent musicians that suggest they’re making a pretty good living from streaming. But often, unless musicians have blockbuster numbers, they aren’t making a great deal.

This is one hell of a paradox. The more each of us are listening to music through streaming platforms, the less many artists are getting paid unless we’re only listening to the Billboard charts. Sisario links to a study that indicates switching to a payout model based on individual users’ listening habits would help, but only by “a few euros per year” for indie musicians.

If streaming music is the future, it must be advantageous for the artists, not just the labels. A more equitable payment model begins with contracts that do not exploit artists.

Intel CEO Pat Gelsinger’s New Strategy

I snarked the other day about the declining quality of the Intel marque, but I was persuaded that this is the right direction for the company after reading today’s daily update from Ben Thompson:

Yesterday’s keynote delivered on almost every meaningful strategy change I have asked from Intel, from building out a foundry business to re-organizing the company (it’s not a split, but close) to explicitly addressing geopolitics to embracing modularity to channeling Andy Grove.

Just as important, though, was the way in which Gelsinger delivered this news: he was transparent about how Intel had screwed up, demonstrated tremendous clarity of thought about Intel’s strategy, particularly in the Q&A, and was captivating and inspiring about why Intel’s best days were ahead of it. Of course a keynote is just a keynote — Intel has real work to do — but Gelsinger absolutely left the impression that if there is any chance of Intel delivering on his promises he will realize it.

There is a lot of nostalgic spin in this presentation but, if you peel away the saccharine layers, it seems like Gelsinger has the insider perspective to structure a better path forward, and an encouraging level of staff support.

Mac OS X Turns Twenty

Cupertino, California — March 21, 2001 — Apple today announced that beginning this Saturday, March 24, customers can buy Mac OS X in retail stores around the world.

So began the press release twenty years ago. By this point, Mac OS X Server was two years old and Apple had been showing off beta versions of the consumer product to developers for a year and a half. Even the radical Aqua user interface was old news by the time Cheetah dropped in 2001.

This first version was, by all accounts, pretty hard to live with day to day. John Siracusa, Ars Technica:

Mac OS X is slower than Mac OS 9 on the same hardware. The interface is less responsive overall. All classic applications take a minor speed hit. RAM usage is considerable due to the “double-OS” nature of the classic environment. Despite a superior VM system, OS X can and does get into trouble when the paging activity starts to build on systems with close to the minimum-required 128MB RAM.

Jason Snell, Macworld:

Apple bought [NeXT] in December of 1996. Mac OS X 10.0 shipped in March of 2001. As powerful and sophisticated as NextStep was, it took the new Apple software organization — led by NeXT’s Avie Tevanian — more than four years from acquisition to a “completed” version of Mac OS X. (And stopping the clock 20 years ago this week is probably unfair. I’d mark the end of the Mac OS X transition as April 2002, when Steve Jobs held a funeral for Mac OS 9 because OS X was finally good enough.)

Rocky as that first version apparently was — and I say “apparently” because the first Mac I used ran 10.2 Jaguar — it set into motion Apple’s renaissance and enabled its current suite of products. The iPhone, as Jobs famously said, “runs OS X” — albeit a forked, stripped-down, mobile optimized version ported to a different CPU architecture. But that decision made possible Apple’s current lineup: iPadOS, watchOS, tvOS,1 the HomePod’s operating system, and even the dedicated OS that runs the Touch Bar. All of these things were built on the work that began with the iPhone which, in turn, was built on Mac OS X.

“Mac OS X” is no longer. In 2012, Apple dropped the “Mac” from the name to much consternation; in 2016, the “Mac” came back and the X was dropped, to form “macOS”, which I capitalize differently because I think it looks goofy. That set the template for last year’s big shift — MacOS 10.something was no longer, and it is now at version 11. This comes at the same time as Apple is moving away from Intel’s x86 processors and onto its in-house ARM-based systems.

And none of this would have happened if not for Mac OS X’s origin at NeXT, Apple’s acquisition of which brought NextStep and brought back Steve Jobs.

Mac OS X is, in many ways, the reason Apple grew into the gigantic company that it is today. It took the right leader in Jobs, who died ten years ago this October, and the right software foundation in NextStep, along with hundreds of committed designers and developers to rebuild a has-been company. The story of Mac OS X is the story of rejuvenation of historic scale.

See Also: John Siracusa’s fifteen year history of reviewing Mac OS X.


  1. The first version of the Apple TV was based on a fork of Tiger↩︎

Most Links to Shortcuts Are Currently Broken

John Voorhees, MacStories:

iCloud links to shortcuts broke sometime in the past 24 hours. Instead of opening the Shortcuts app and allowing users to install a shared shortcut, tapping a shortcut link displays an alert with the message ‘Shortcut Not Found,’ explaining that the link may be invalid or the shortcut may have been deleted. Based on our internal testing, the issue appears to affect all shortcut links created before yesterday.

This has been all over my Twitter timeline for hours, but Apple’s iCloud status webpage is still all green — everything is apparently just fine with Shortcuts. The best case scenario is that this is a remote problem that Apple can correct; the worst case is that entire libraries of shared shortcuts are now invalidated and must be re-created. Let us all hope that is not the case.

Update: About a day after people started noticing this problem, Apple has issued a statement to Federico Viticci:

We are aware of an issue where previously shared shortcuts are currently unavailable. Newly shared shortcuts are available, and we are working to restore previously shared shortcuts as quickly as possible.

The iCloud system status page remains all green.

New York Department of Financial Services Finds Goldman Sachs Did Not Violate Fair Lending Laws in Apple Card Cases

In November 2019, David Heinemeier Hansson wrote on Twitter about a huge discrepancy between the credit offered to him and his wife when each applied for an Apple Card. Steve Wozniak echoed those complaints, and New York’s Department of Financial Services opened an investigation.

Today, the Department announced its findings:

In the course of the investigation, consumers expressed the belief that they should have received the same Apple Card offers as their spouses because they shared bank accounts and other assets. For example, consumers voiced the belief that if they shared credit cards with spouses, even if only as authorized users, they were entitled to the same credit terms as spouses. In reality, however, underwriters are not required to treat authorized users the same as account holders, and may consider many other factors.

In terms of gender, the Department found, based on its data analysis, that Apple Card applications from women and men with similar credit characteristics generally had similar outcomes. For all consumers who reported concerns about their Apple Card credit application outcomes to the Department, evidence showed that those decisions were explainable, lawful, and consistent with the Bank’s credit policy. However, the Department concluded, deficiencies in customer service and a perceived lack of transparency undermined consumer trust in fair credit decisions.

From the report (PDF):

Consumers also complained to the Department of a lack of transparency in the process for determining credit terms. Although the law requires lenders to explain underwriting decisions to applicants only in the event of a denial of credit, the Department notes that transparency as to account holders’ credit terms supports consumer trust. The Consumer suggested on Twitter that the Bank used a “black box” algorithm that produced unexplainable outcomes. Although the Bank was able to explain, at the request of the Department, the credit decisions for all of the individuals who filed complaints, lack of transparency to the complainants themselves in this case seemed to produce confusion that could have been mitigated.

The report cites the Path to Apple Card program as an example of better transparency.

The problems experienced by Hansson and Wozniak — and, presumably, plenty of other couples who applied for the Apple Card — seem to be less about specific discriminatory treatment, according to this report. Rather, they reflect the financial industry’s secrecy and the murky world of credit scores. Apple chose to enter this miserable marketplace, but at least it appears to be trying to do something to improve it.

After Union Push, Medium Follows the Trend

Medium CEO Ev Williams, in a companywide email:

Though Medium has been an open platform since day one, we’ve had an editorial team almost as long. The original thesis was that we wanted to establish that Medium was both open and high quality. We wanted to set the bar high. We were successful in doing that, and, since then, the editorial part of our company has gone through many iterations as we’ve strived to find the right way to integrate it. In 2014–16, we published great original content but we didn’t have the right business model to support it.

[…]

As I wrote a couple of weeks ago, I strongly believe that the editorial talent we have assembled here is a strategic asset that is in line with our business and strategy. For the foreseeable future, we will focus that talent on supporting independent voices on our platform. This means identifying writers — both already on Medium and not — and offering them deals, support, editing, and feedback to help them tell great stories and find their audience.

So instead of house publications like OneZero, GEN, and the just-launched Momentum, Medium is following Substack’s strategy of hiring individual writers. This is because, as Williams writes, “the role of publications — in the world, not just on Medium — has decreased in the modern era”, which is a sentiment I worry deeply about. I love following the work of individual writers, but there are also plenty of publications that I read because I trust them and their editorial standards.

As I was writing this, I was reminded of something Steve Jobs said eleven years ago:

I don’t want to see us descend into a nation of bloggers … I think we need editorial oversight now more than ever.

With a somewhat liberal definition of “bloggers”, this remains true. There is plenty of great reporting done every day by people who are not star journalists.

Medium’s latest pivot is yet another example of the company’s inability to focus on anything, at all, ever. About seven years ago, Medium had a handful of in-house publications like Steven Levy’s Backchannel and the Nib. Those brought in regular readers, so the next step was monetization.

Davey Alba, writing for Buzzfeed News in 2017:

Then Medium shifted to branded content partnerships. And then decided it wanted to host boutique online publications. In late 2015 and early 2016, it brought more than a dozen small, separate publishing operations onto the platform, while Medium’s in-house publications either quietly wound down or moved away from the platform. A year later, the platform pivoted again, firing a third of its employees — 50 workers in nonengineering roles — and shutting down its New York and DC offices. The publishing partners — beloved sites like The Awl, The Ringer, Pacific Standard, and ThinkProgress — left Medium in a mass exodus.

Now, a few months later, Williams has a new model, one that he maintains is the right one for today’s state of affairs in online publishing. The current membership model includes a small team of editors — jobs that had existed at the company until January 2017 when it unceremoniously eliminated them. The only difference now seems to be that the company’s new-again editorial staff will be much smaller — and this time, editors won’t be attached to particular editorial brand names, but rather work for Medium as a whole. It appears, in other words, that Williams has pivoted so many times he’s ended up right back where he started.

That was then; this is now, with Medium pivoting to Substack because it cannot commit to sticking with anything or maintaining job security. And that latter thing seems to be related to this latest corporate shift.

Edward Ongweso Jr, Vice:

The move comes less than one month after all Medium employees — including the editorial unit — attempted to unionize and lost by one vote. Employees at the company say that journalists who work at Medium’s nine publications were not the initial driving force behind the union, but were some of the most vocal supporters of it. The news media industry (including VICE) is highly unionized; the tech industry is not.

Four current Medium employees told Motherboard that in the leadup to the vote, Medium and Williams himself discouraged the company from unionizing. Medium hired the unionbusting firm Kauff McGuire & Margolis in the leadup to the February union vote. Williams also held “coffee chats” with small groups of workers, where four current employees told Motherboard that Williams said that it would be difficult to raise money from venture capitalists if the union won the vote.

Medium keeps trying to eat its tail, and venture capital firms keep sinking tens of millions of dollars into its flailing efforts. Five years from now, Medium could have pivoted two or three more times, or it could be entirely wiped from the web. It’s anybody’s guess.

Intel Is Trying to Court Apple for Chip Manufacturing at New Foundries

Juli Clover, MacRumors:

Intel CEO Pat Gelsinger today shared some details on Intel’s future plans, which includes the founding of a separate “Intel Foundry Services” business and two new chip factories that are being built in Arizona. Going forward, Intel wants to become a major provider of foundry capacity in the United States and Europe, manufacturing chips for other companies.

When discussing Intel’s new plans, Gelsinger said that Intel plans to pursue Apple as a potential customer, which would see Intel producing Apple silicon chips for use in Apple devices if Apple does indeed decide to use Intel’s services.

Intel’s recent ads highlighted some of the unique qualities of non-Apple notebooks but, if not for the Intel logo at the end, they could have been ads for just about any component maker. Now Intel wants to make Apple’s processors — of course, all of those will be entirely Apple-branded, leaving Intel as just another supplier.

Intel is missing the boat on being the Heinz of computers.

Backblaze B2 Was Leaking Metadata to Facebook

Ben Cox:

WTF? @backblaze’s B2 web UI seems to submit all of the names and sizes of my files in my B2 bucket to facebook. I noticed because I saw “waiting for facebook.com” at the bottom while trying to download a backup…

Yev Pusin of Backblaze:

We use Google Tag Manager to help deploy key third-party code in a streamlined fashion. The Google Tag Manager implementation includes a Facebook trigger. On March 8, 2021 at 8:39 p.m. Pacific time, a new Facebook campaign was created that started firing a Facebook advertising pixel, intended to only run on marketing web pages. However, it was inadvertently configured to run on signed-in pages. […]

We promptly investigated the matter and, once we were able to identify, verify, and replicate the issue, we removed the offending code from the signed-in pages on March 21, 2021 at 11:19 p.m. Pacific time.

Via Michael Tsai:

There is a long history of engineering problems. Just one example: it seems to still be the case that the Backblaze client reports files as successfully backed up as many as eight hours before they are actually committed to the server. If something happens to your Mac in the interim, you won’t be able to restore them.

I am a keen Backblaze user, but I am frustrated by its limitations and quality problems like these. I still do not fully understand why Apple does not offer a sort of Time Machine in the Cloud product — but, given last year’s report on abandoned plans to allow for end-to-end encryption for iCloud backups, perhaps that is for the best.

Verizon to Centre Media Arm Around New Subscription Platform Yahoo Plus

Sara Fischer, Axios:

Verizon Media Group, the media division within Verizon, has 3 million people that pay for subscriptions across its portfolio of Yahoo-related products, like Yahoo Fantasy, Yahoo Finance and others, executives tell Axios.

Moving forward, the goal will be to rebrand most of its media franchises as Yahoo products, and to focus on selling subscriptions to those products via a rebranded subscription portfolio called “Yahoo Plus.”

“Yahoo is the future of our consumer facing brand,” says Joanna Lambert, Head of Consumer at Verizon Media.

Good luck with that, is something I am writing only half-sarcastically. Yahoo is a web company with a unique legacy so, partly for reasons of nostalgia, I like the idea of it staging a comeback. But I’m not sure attaching yet another plus sign to a brand that screams “mid-nineties”, now owned by a telecom provider, is an indicator of an innovation renaissance.

Judge Certifies Class Action Lawsuit Against Apple for Butterfly Keyboards

Adi Robertson, the Verge:

A judge has certified a class action suit against Apple for its fragile butterfly keyboard design. The suit covers anyone who purchased an Apple MacBook with a butterfly keyboard in seven states: California, New York, Florida, Illinois, New Jersey, Washington, and Michigan. That includes people who bought a MacBook model dating between 2015 and 2017, a MacBook Pro model between 2016 and 2019, or a MacBook Air between 2018 and 2019.

[…]

This suit claims Apple knew for years that its butterfly switches were defective — and that its incremental changes weren’t fixing the core problem. It cites internal communications inside Apple, including an executive who wrote that “no matter how much lipstick you try to put on this pig [referring to the butterfly keyboard] … it’s still ugly.”

The question for me is not whether Apple knew that the switches had an increased predisposition to fail. A document (PDF) filed in this lawsuit in August last year suggests — if you read between the heavy redactions — that Apple was allegedly aware of its poorer performance as far back as June 2013, and Genius Bar reports in 2016 and 2017 suggested a failure rate twice that of its predecessor. I recognize this question is half of what this lawsuit is about, so I am interested to see what eventually comes out in the trial, but public evidence has long indicated that these keyboards are less reliable than those they replaced.

But I am more curious about why it took so long to address these glaring problems. Why did this seem, from an outsider’s perspective, to not be among the highest priorities in the company? Why not, after the first year, stick the guts of the newer MacBook Pro model into a revised version of the old case? The question for me is not as much why did Apple try this keyboard in the first place? as it is why did it continue selling Macs with this keyboard? — that, for me, is a greater concern.

I wonder how much of the Mac’s nosedive in resale value may be attributed to the butterfly keyboard. It has certainly dented Apple’s reputation for delivering premium quality hardware.

The HomePod Mini Contains an As-Yet Unused Temperature and Humidity Sensor

Mark Gurman, Bloomberg (via Dan Moren):

The Cupertino, California-based technology giant never disclosed this component and the device currently lacks consumer-facing features that use it. The company has internally discussed using the sensor to determine a room’s temperature and humidity so internet-connected thermostats can adjust different parts of a home based on current conditions, according to people familiar with the situation. The hardware could also let the HomePod mini automatically trigger other actions, say turning a fan on or off, depending on the temperature.

As far as hidden components go, this is much better than finding out your thermostat has a microphone.

Irrelevant Inside

I do not have any strong feelings about the new Intel ads featuring Justin Long; I don’t really have any feelings about them at all. They’re just kind of there, out in the ether, badly composited and referencing a fifteen year old campaign.

But I couldn’t quite understand why they seemed incomplete until I read this excellent piece from Jack Wellborn:

Make fun of Apple or not, the goal of this campaign should have been “a laptop without Intel is like a burger without Heinz”. Instead, Intel commoditized itself by creating an ad campaign that highlights all of the benefits of PC laptops regardless of what’s inside of them.

The original Mac vs. PC ads worked before and after the Mac transitioned to Intel because they almost exclusively referenced software differences. In fact, that was the more-or-less the point of the campaign: the guts of the computer may be similar, but their capabilities are worlds apart because of their software.

The funny thing about these Intel ads is that they could work just as well for PC makers that use AMD or ARM processors.

Privacy, Policy

Earlier this week, Patrick McGee and Yuan Yang explained in the Financial Times how some high-profile developers based in China were seeking to evade tracking permission requests on iOS. Here is today’s update:

On Thursday, Apple fired pre-emptive warnings to at least two Chinese apps, telling them to cease and desist after naming a dozen parameters such as “setDeviceName” that could be used “to create a unique identifier for the user’s device”.

“We found that your app collects user and device information to create a unique identifier for the user’s device,” reads a screenshot of a warning to one developer who was using a new way of identifying users called CAID, which was developed by the state-backed China Advertising Association.

This is promising news; it appears that Apple will be taking seriously any attempt at tracking users without their permission, something which was unfortunately unclear in McGee and Yang’s earlier report.

There are two reasons this is noteworthy. The first is that this tracking ID and these developers are connected to the government of China, a country with a human rights record as of late that has differed from Apple’s professed values. Apple has been mostly compliant with escalating demands, presumably because of its manufacturing dependence. So, the thinking goes, would Apple risk challenging apps from politically-connected companies?

The second reason is that Apple has also shown more deference to rule-breaking from big-name developers. Uber, for example, was granted an in-person meeting after it was found to be tracking device serial numbers in a manner disguised from App Review by geofencing, and was not punished for this insidious privacy violation. As Michael Tsai observed:

That said, it’s got to be a tough situation for Apple to be in. They’re trying to protect their customers, but denying them access to an important transportation service would harm them far more than what Uber did. And what if this were an app that provided an essential medical function? The store is full of apps that flout the rules, but I don’t think Apple could ignore the geofencing. It looks like it tried to thread the needle by getting Uber to comply with the rules but then being lenient.

What if high-profile developers just stop playing by the App Store rules? If ByteDance implements the CAID tracking mechanism anyway, would Apple pull TikTok from the store, particularly as there is that ongoing Epic Games lawsuit? I recognize that Apple has nothing that competes with TikTok and, so, this is not a comparable case. Still, that would surely look like a risky move to pull with lawmakers watching.

But if Apple is deferential, that looks like it is permitting different rules for some developers: perhaps because they are from China, perhaps because they are well-known, or perhaps because of antitrust litigation. None of those are acceptable options.

The only choice is for Apple to permit no leeway for any developer, big or small, if they break its rules. Apple has long promised that this is the case anyhow, but it has granted plenty of exemptions. If it only wants to allow native iOS apps to be installed from its own moderated store, it must be especially careful in enforcing these privacy rules evenly.

The Facial Recognition Pandora’s Box Has Been Opened. Now What?

Kashmir Hill has continued to report on Clearview AI after breaking the news of its existence early last year. Today, for the New York Times Magazine, she shared an update on the company:

It seemed entirely possible that Clearview AI would be sued, legislated or shamed out of existence. But that didn’t happen. With no federal law prohibiting or even regulating the use of facial recognition, Clearview did not, for the most part, change its practices. Nor did it implode. While it shut down private companies’ accounts, it continued to acquire government customers. Clearview’s most effective sales tool, at first, was a free trial it offered to anyone with a law-enforcement-affiliated email address, along with a low, low price: You could access Clearview AI for as little as $2,000 per year. Most comparable vendors — whose products are not even as extensive — charged six figures. The company later hired a seasoned sales director who raised the price. “Our growth rate is crazy,” Hoan Ton-That, Clearview’s chief executive, said.

Clearview has now raised $17 million and, according to PitchBook, is valued at nearly $109 million. As of January 2020, it had been used by at least 600 law-enforcement agencies; the company says it is now up to 3,100. […]

Any way you cut it, this is disturbing. The public’s reaction to news of Clearview’s existence was overwhelmingly negative, but police saw that article as an advertisement.

Shameless companies will not change from public pressure.

Hill:

Clearview is now fighting 11 lawsuits in the state [Illinois], including the one filed by the A.C.L.U. in state court. In response to the challenges, Clearview quickly removed any photos it determined came from Illinois, based on geographical information embedded in the files it scraped — but if that seemed on the surface like a capitulation, it wasn’t.

Clearview assumes that it can scrape, store, and transform anything in the public realm unless it is certain it would be prohibited from doing so. Data is inherently valuable to the company, so it is incentivized to capture as much as possible.

But that means there is likely a whole bunch of stuff in its systems that it cannot legally use but has no way of knowing that. For example, there are surely plenty of photos taken in Illinois that do not have GPS coordinates in their metadata. Why would any of those be cleared from Clearview’s inventory? Clearview also allows people to request removal from its systems, but there are surely photographs from those people that are not positively matched, so the company has no way of identifying them as part of a removal request.

This is an aside, but that raises an interesting question: if images scraped without legal consent were used to train Clearview’s machine learning models, is it truly possible to remove those illegal images?

If Clearview were even slightly more ethical, it would only scrape the images it has explicit permission to access. I would still disagree with that on its face, but at least it would be done with permission. But this is the perhaps inevitable consequence of the Uber-like fuck your rules philosophy — as Hill writes, it is a “gamble that the rules would successfully be bent in their favor”.

Sadly, that Silicon Valley indifference to legality and ethics will not remain localized. There is no way to know for certain that Clearview has complied with the Privacy Commissioner’s recommendation that the company must delete all collected data on Canadians.

Hill digs into Clearview’s origin story, too, which of course involves Peter Thiel and someone who is even more detestable:

After I broke the news about Clearview AI, BuzzFeed and The Huffington Post reported that Ton-That and his company had ties to the far right and to a notorious conservative provocateur named Charles Johnson. I heard the same about Johnson from multiple sources. So I emailed him. At first, he was hesitant to talk to me, insisting he would do so only off the record, because he was still frustrated about the last time he talked to a New York Times journalist, when the media columnist David Carr profiled him in 2014.

“Provacateur” is an awfully kind description of Johnson, though Hill expands further in the successive paragraphs. Just so we’re clear here, Johnson is a hateful subreddit in human form; a moron attached to a megaphone. Johnson has a lengthy rap sheet of crimes against intelligence, decency, facts, and ethics. He has denied the Holocaust, and did Jacob Wohl’s dumb bit before Wohl was old enough to vote.

Johnson is, apparently, a sort of unofficial cofounder of Clearview, who agreed to talk with Hill apparently because he thought it would rehabilitate his image. Reading between the lines, as of earlier this month he still held shares in a company that seeks to eradicate privacy on a global scale, so I am not sure how that is supposed to make me think more highly of him.

I thought this was amusing:

Johnson believes that giving this superpower only to the police is frightening — that it should be offered to anyone who would use it for good. In his mind, a world without strangers would be a friendlier, nicer world, because all people would be accountable for their actions.

I thought “cancel culture” was a scourge; I guess some fairly terrible people want to automate it.

Let’s not give this “superpower” to anyone.

The Case for Better Watch Typography

Liz Stinson, Hodinkee:

Hermès’ approach to watch typography is unusually poetic. In reality, only a small and decreasing number of watchmakers go to the trouble of creating custom lettering for their dials. More often, watch brands use off-the-rack fonts that are squished and squeezed onto the dial’s limited real estate. Patek Philippe, for example, has used ITC American Typewriter and Arial on its high-end watches. French brand Bell & Ross deploys the playful 1980 typeface Isonorm for the numerals on many of its timepieces. Rolex uses a slightly modified version of Garamond for its logo. And Audemars Piguet has replaced the custom lettering on its watches with a stretched version of Times Roman.

Picture this: you sit yourself into the leather armchair that has sunken into the plush carpet on the jewellery store’s floor. You sip your complementary sparkling water as a staff member passes you a soft-lined box, inside which lays your dream watch, a Patek Philippe 5207G Grand Complications. This is among the finest examples of watchmaking and you have convinced yourself that it is worth its seven-figure pricetag. You lift it up to your eye and there you see it: Arial.

I’m not even joking — look at it. This watch has a tourbillon because of course it does, and the word Tourbillon is set in Arial of all typefaces. The calendar’s numbers also appear to be set in Arial and, to make matters worse, it appears to have been stretched vertically to fit, though it could be Arial Narrow. (Update: The numbers actually appear to be in a stretched Helvetica, so this watch has Arial and Helvetica on its face. Neat.) It is the same story across the Patek lineup, and it is a miserable detail in some truly fine work. Noted watch collector and typography enthusiast John Mayer would not be pleased.