Link Log

Michael Acton, Stephen Morris, John Reed, and Kathrin Hille, Financial Times:

Apple plans to shift the assembly of all US-sold iPhones to India as soon as next year, according to people familiar with the matter, as President Donald Trump’s trade war forces the tech giant to pivot away from China.

The push builds on Apple’s strategy to diversify its supply chain but goes further and faster than investors appreciate, with a goal to source from India the entirety of the more than 60mn iPhones sold annually in the US by the end of 2026.

Obviously this is not fulfilling the stated aim of U.S. tariffs to onshore manufacturing of all kinds of products, including iPhones. But it seems unlikely to substantially lessen our global dependence on supply chains in China, either — in addition to individual parts sourced there, these reporters say factories in China are still responsible for “pre-assembled component sets” which are brought to India for final iPhone assembly.

Ryan Whitwam, Ars Technica:

As Google points out, these products have had a long life, and they’re not being rendered totally inoperable. Come October 25, 2025, these devices will no longer receive software updates or connect to Google’s cloud services. That means you won’t be able to control them from the Google Home app or via Assistant (or more likely Gemini by that point). The devices will still work as a regular dumb thermostat to control temperature, and scheduling will remain accessible from the thermostat’s screen.

Google stopped selling the second-generation Nest Thermostat in 2015. A ten-year lifespan may be acceptable by consumer electronics standards, it is not impressive for a thermostat. And, while a typical programmable thermostat might slowly fail on its own accord, it is disconcerting that Google can simply pull the plug on its smart features.

This is, however, a fairly graceful degradation of its functionality, all things considered. Nests will apparently continue to work like a programmable thermostat. Also, after Ecobee ended support for its earliest thermostat models last year, it sounded like newer models’ HomeKit integration would allow smart features to keep working when Ecobee discontinues those, too. It would be better if Google could have done something similar with the Nest. It is not encouraging for the smart home fantasy.

Do you want to block all YouTube ads in Safari on your iPhone, iPad, and Mac?

Then download Magic Lasso Adblock — the ad blocker designed for you.

Magic Lasso Adblock: YouTube Ad Blocker for Safari

As an efficient, high performance, and native Safari ad blocker, Magic Lasso blocks all intrusive ads, trackers, and annoyances — delivering a faster, cleaner, and more secure web browsing experience.

Magic Lasso Adblock is easy to set up, doubles the speed at which Safari loads, and also blocks all YouTube ads; including all:

  • video ads

  • pop up banner ads

  • search ads

  • plus many more

With over 5,000 five star reviews, it’s simply the best ad blocker for your iPhone, iPad, and Mac.

And unlike some other ad blockers, Magic Lasso Adblock respects your privacy, doesn’t accept payment from advertisers and is 100% supported by its community of users.

So, join over 350,000 users and download Magic Lasso Adblock today.

Cory Doctorow:

The important thing about Facebook’s carelessness is that it wasn’t the result of the many grave personality defects in Facebook’s top executives – it was the result of policy choices. Government decisions not to enforce antitrust law, to allow privacy law to wither on the vine, to expand IP law to give Facebook a weapon to shut down interoperable rivals – these all created the enshittogenic environment that allowed the careless people who run Facebook to stop caring.

The corollary: if we change the policy environment, we can make these careless people – and their successors, who run other businesses we rely upon – care. They may never care about us, but we can make them care about what we might do to them if they give in to their carelessness.

This is a prudent conclusion to draw from “Careless People”. It is tempting to wonder if things would be much different with others in charge, but what Meta represents today is not an individualized problem.

The European Commission:

Today, the European Commission found that Apple breached its anti-steering obligation under the Digital Markets Act (DMA), and that Meta breached the DMA obligation to give consumers the choice of a service that uses less of their personal data. Therefore, the Commission has fined Apple and Meta with €500 million and €200 million respectively.

The two decisions come after extensive dialogue with the companies concerned allowing them to present in detail their views and arguments.

A Financial Times article last month suggested these fines would be “minimal”, but I suppose that is entirely relative. Apple and Meta could have been fined up to 10% of their annual worldwide revenue — earnings which total hundreds of billions of dollars each — so €500 million does, in fact, seem to be “minimal”. And that speaks to the power and size of these corporations. Call it a warning.

Jon Brodkin, Ars Technica:

“The European Commission is attempting to handicap successful American businesses while allowing Chinese and European companies to operate under different standards,” Meta Chief Global Affairs Officer Joel Kaplan said.

[…]

“Today’s announcements are yet another example of the European Commission unfairly targeting Apple in a series of decisions that are bad for the privacy and security of our users, bad for products, and force us to give away our technology for free,” Apple said. “We have spent hundreds of thousands of engineering hours and made dozens of changes to comply with this law, none of which our users have asked for. Despite countless meetings, the Commission continues to move the goal posts every step of the way.”

I am halfway through “The Big Myth” and it is striking to read so many of the same complaints from detractors of regulation no matter when or for what issue. Pick any of the past couple-hundred years and it is apparently a regulatory sweet spot, according to industry representatives at the time. These complaints feel derivative.

That does not mean all new regulation is justified, well-considered, or without negative consequences. However, it is not as though either Apple or Meta stumbled into the exact structure they did to comply with their interpretation of the law on paper while evading the Commission’s expectations. Nobody expects either company to “give away [their] technology for free”, in the words of an unnamed Apple spokesperson. One cannot, for example, run iOS apps on non-Apple system, and the company builds the cost of software and updates into each product’s price.

Melissa Lewis on Bluesky:

TIL: The 2000s piracy PSA used a font designed by the fantastic Just van Rossum, whose brother Guido created the Python programming language.

[…]

I reached out to van Rossum, and Xband Rough is indeed an “illegal clone” of FF Confidential; it’s just been around forever and is ubiquitous. I have no idea whether the PSA used the original, and felt too shy to ask!

Rib”:

Naturally, it would be hilarious if the anti-piracy campaign actually turned out to have used this pirated font, so I went sleuthing and quickly found a PDF from the campaign site with the font embedded (https://web.archive.org/web/[…]150605_8PP_brochure.pdf).

So I chucked it into FontForge and yep, turns out the campaign used a pirated font the entire time!

They are more like guidelines, you could say.

Matt Birchler:

A social media post flew by today where someone was complaining that they stopped paying $180 for cable and now they’re paying $200 for streaming apps. I see this sort of complaint a lot, and I find myself feeling like I’m taking crazy pills whenever I do: I had cable, I know how bad it was, and the new streaming world seems so much better to me, even if it is creeping up in price.

I always appreciate when people bring evidence to a discussion instead of basing their analysis entirely on vibes. Here, Birchler demonstrates the combined cost of streaming services is, for lots of people in the U.S., less than cable television.

I remember when the cost of cable was a routine complaint. You paid for all these channels, but you only watched a handful of things on three of them — and, so, would it not be better if we could just buy the channels we wanted?

I have nothing to support this, but I strongly suspect the rosy glasses reaction to cable in a streaming world is driven by two things. First, the lack of bundling feels worse. If you were told you could get a “complete streaming package” for $60 per month — including Apple TV Plus, Disney Plus, Hulu, Max, Netflix, Paramount Plus, Peacock, and Prime Video — that might sound like a better deal than subscribing to them individually for the same total cost. A single cable subscription made you feel like you were getting everything, while you now need multiple subscriptions if you like to watch a lot of stuff.

Second, as Birchler acknowledges, some stuff still is not available on streaming, and so some people still feel they must add a cable subscription, too. Because most of the big streaming services are owned by the same broadcasters as cable channels, it gives them an opportunity to double-dip.

Martin Patriquin, the Logic:

More than 25 different Facebook accounts, some with Canadian-themed names, have promoted multiple fake news articles involving political actors, including a three-minute video of a deepfake CBC report fronted by anchor Rosemary Barton, in which a deepfake Musk, appearing on a deepfake Joe Rogan podcast, accuses a deepfake Carney of lying about a non-existent passive income scheme.

The posts are widespread on the Meta-owned platform, with 25 per cent of Canadians saying they’ve seen content on Facebook mimicking legitimate news in the last month, according to the Canadian Digital Media Research Network (CDMRN), which is part of a digital literacy coalition monitoring the federal election campaign.

Leyland Cecco, the Guardian:

More than a quarter of Canadians have been exposed to fake political content on social media that is “more sophisticated and more politically polarizing” as the country prepares to vote in a federal election, researchers have found, warning that platforms must increase protections amid a “dramatic acceleration” of online disinformation in the final weeks of the campaign.

In a new report released on Friday, Canada’s Media Ecosystem Observatory found a growing number of Facebook ads impersonating legitimate news sources were instead promoting fraudulent investment schemes, often involving cryptocurrency.

Rob Brown, reporter for CBC News in Calgary, interviewed Aengus Bridgman of the Media Ecosystem Observatory — previously linked — about Meta’s restriction of news links for Canadian users. This is one effect of the Online News Act, which required Google and Meta to pay news publishers for links on their platforms. Meta, in deciding not to, has effectively permitted only links which do not qualify as “news” to spread among Canadians on its platforms.

Meta may be a belligerent and frustrating company, but the Online News Act remains a blight. In a stopped-clock credit to the Conservatives, they pledge to reverse it, something which all parties ought to consider. We can do better with policies that do not, in practice, discourage the sharing of links to news stories.

Siddharth Venkataramakrishnan, Financial Times:

One hint that we might just be stuck in a hype cycle is the proliferation of what you might call “second-order slop” or “slopaganda”: a tidal wave of newsletters and X threads expressing awe at every press release and product announcement to hoover up some of that sweet, sweet advertising cash.

That AI companies are actively patronising and fanning a cottage economy of self-described educators and influencers to bring in new customers suggests the emperor has no clothes (and six fingers).

The (verified) X accounts producing threads of links to bad A.I. products, boosted by dozens of replies from other verified X accounts, are annoying spam, but seem relatively harmless. But the newsletters profiled here are curious.

One is Rowan Cheung’s Rundown AI newsletter, which Cheung bills as the “world’s most read daily AI newsletter”, which is different from the other newsletter in the article, Zain Kahn’s Superhuman AI, the “world’s biggest AI newsletter”. As alluded to by Venkataramakrishnan but not expanded upon, both attract some heavy-hitting sponsors. The Rundown was recently sponsored by Salesforce, HubSpot, Sana, and Writer, while Superhuman’s recent sponsors include companies like HubSpot, Sana, and Writer — no Salesforce.

While Cheung’s newsletter is mostly A.I. boosterism with sponsorships, there is a block near the end of each issue for a sibling product: the Rundown University. The first thing you need to know about it is that it is not a university, obviously. It is online training through individual “courses” offered at $50 apiece with individual lessons on using A.I. tools, some of which — like Gamma and Zapier — happen to have sponsored of the newsletter. Or, if you want access to all the “courses” plus workshops, tutorials, and some kind of group chat, you can get all that for just a penny shy of $1,000 per year. Just above the footer sits a carousel of inspirational quotes about A.I. from people like Sam Altman, Jeff Bezos, Mark Cuban, and Elon Musk. None are actually specific to Rundown “University”, just vibes about the importance of A.I. and its impact. It all feels a bit much.

I am fascinated by the knock-on effects of a hype cycle, and A.I. has produced some magnificent examples — including those above. It is illuminating to search Google for a phrase like intitle:"how" intitle:"is using ai to" and witnessing what is ostensibly breathtaking innovation across industries. A 2023 Guardian story says the “oldest surviving newspaper in the world” — untrue and in spirit only — is using ChatGPT to generate articles from council meeting minutes. According to the Harvard Business Review, construction companies are using large language models to, among other things, summarize documents. Stitch Fix is, according to a disguised ad in Vogue Business, using A.I. to detect trends.

There are countless examples of articles like these illustrating how companies are benefitting from the glow of hype while contributing to it. None of this is to say it is necessarily unearned — maybe detecting money laundering really is more reliable when you run it through A.I. processes. But I remember stories like these in the days when the hot new thing was called “machine learning” or, before that, “big data”. I would not be surprised if these technologies are truly beneficial yet it is hard not to feel the weight of hype and the marketing people behind it all.

Steve Klabnik:

The underlying [verification] protocol is totally open, but you can make an argument that most users will use the main client, and therefore, in practice it’s more centralized than not. My mental model of it is the bundled list of root CAs that browsers ship; in theory, DNS is completely decentralized, but in practice, a few root CAs are more trusted than others. It’s sort of similar here, except there’s no real “delegation” involved: verifiers are peers, not a tree.

This core design allows Bluesky to adjust the way it works in the future fairly easily, they could allow you to decide who to trust, for example. We’ll see how this feature evolves over time.

The way Bluesky described verification made it sound like a centralized service, but it is not. I have corrected my post.

In a post attributed to the Bluesky Team, the company announced a familiar verification method with a twist:

In 2023, we launched our first layer of verification: letting individuals and organizations set their domain as their username. Since then, over 270,000 accounts have linked their Bluesky username to their website. Domain handles continue to be an important part of verification on Bluesky. At the same time, we’ve heard from users that a larger visual signal would be useful in knowing which accounts are authentic.

Now, we’re introducing a new layer — a user-friendly, easily recognizable blue check. Bluesky will proactively verify authentic and notable accounts and display a blue check next to their names. Additionally, through our Trusted Verifiers feature, select independent organizations can verify accounts directly. Bluesky will review these verifications as well to ensure authenticity.

The domain-based verification Bluesky already implemented was a good start, but incomplete. My profile is connected to my personal domain but, even with that single line of text, there is no obvious indicator. You can see the problem on Bluesky’s own profile which tells you to “check username👆” to confirm it is, indeed, the real one.

Then there is the problem of public personalities. Maybe a musician or actor wants to confirm their profile is really them, but is domain-based verification really the best way for them? Does Pedro Pascal have a dot-com? What about a journalist who could “verify” an account connected to an employer, but they also want a separate personal account? Both ought to be verified, but only one is employer-connected. Then, when they leave that employer, they will need to change their username, and Bluesky does not automatically redirect moved profiles. (Followers, posts, and so forth are moved to the new profile, but any links to posts made under the previous profile are not redirected.)

A verification checkmark is not an offensive idea unto itself, but it comes with a new set of concerns. First, what does it mean? Bluesky says it is for “authentic and notable accounts”, but what that means is not clear. Twitter used to assign itself an authoritative role in determining which accounts fit similar criteria. In doing so, it helped make this badge a bizarre mark of status. Now, Meta and X let you simply buy a badge to confirm an account belongs to the person or organization claimed. If the goal is to avoid controversy with notable figures, surely self-verification and manual profile confirmation achieve those purposes. But a parody account is also legitimate in its own way, right?

Second, while it makes sense to have a quick identifier of accounts susceptible to impersonation, the badge also comes with risks. If such an account is hijacked, for example, its posts carry additional weight.

Bluesky seems like it is trying to solve some of these issues by allowing others to vouch for the authenticity of an account. In theory, this minimizes its own role in being the voice of authority. In its example, the New York Times’ account can verify the authenticity of others’ accounts. But Bluesky still plays a central role in this process — it appears to determine whether an account can become a Trusted Verifier, and its moderators confirm each verification request from third-party verifiers. I take it this latter requirement is necessary because it is not clear to me whether there are any limits to which accounts a Trusted Verifier can approve. Still, it means Bluesky is the final say in which accounts belong to the person or organization claimed.

Update: I was wrong, according to Bluesky technical advisor Jeremy Johnson:

anyone can publish a verify record, any app can choose who to display verifies from. And as this thing bakes a bit we’re going to make it easier to pick different verifiers in our app.

If you were to run your own app view then you definitely don’t have to care at all what Bluesky PBC does here, just collect all the app.bsky.graph.verification records and go ham.

It sounds like I could verify my own accounts — or, indeed, vouch for any account — but it is up to the client how it wants to display that verification attempt. Bluesky itself is only trusting itself and select others for now.

Todd Vaziri:

I’m particularly obsessed with moments that reveal the craft and artistry of the magic trick of a shot that slightly shatters the illusion of cinema. These revealing moments have been in movies since the dawn of cinema, and are everywhere (if you know exactly where to look).

I have always loved spotting “mistakes” in movies. Not from the perspective of ha ha, you messed up, but more because of exactly what Vaziri describes here: they show the little moments of craft. These ones are charming.

Online privacy isn’t just something you should be hoping for – it’s something you should expect. You should ensure your browsing history stays private and is not harvested by ad networks.

Magic Lasso Adblock: No ads, no trackers, no annoyances, no worries

By blocking ad trackers, Magic Lasso Adblock stops you being followed by ads around the web.

As an efficient, high performance and native Safari ad blocker, Magic Lasso blocks all intrusive ads, trackers, and annoyances on your iPhone, iPad, and Mac. And it’s been designed from the ground up to protect your privacy.

Users rely on Magic Lasso Adblock to:

  • Remove ad trackers, annoyances, and background crypto-mining scripts

  • Browse common websites 2.0× faster

  • Block all YouTube ads, including pre-roll video ads

  • Double battery life during heavy web browsing

  • Lower data usage when on the go

With over 5,000 five star reviews; it’s simply the best ad blocker for your iPhone, iPad, and Mac.

And unlike some other ad blockers, Magic Lasso Adblock respects your privacy, doesn’t accept payment from advertisers and is 100% supported by its community of users.

So, join over 350,000 users and download Magic Lasso Adblock today.

Benjamin Mayo, 9to5Mac:

Apple today announced that it has officially rebranded Search Ads as ‘Apple Ads’, reflecting the expanding scope of Apple’s advertising business.

When Apple first launched ads in the App Store, they were only shown as promoted search results, hence the name ‘Search Ads’. But the company now offers advertising placements in many more places beyond just the Search tab, so the old name had become a bit anachronistic.

Seb Joseph and Krystal Scanlon, Digiday:

The timing matters. Apple has spent years building its defenses, designing its own chips, overhauling supply chains — but tariffs on Chinese imports, especially under Trump’s return to the campaign trail, are reintroducing uncertainty. Some products have dodged the impact, others haven’t. And with hardware margins already tight, Apple needs new ways to protect its bottom line.

I do not think it is nitpicking to dispute calling margins of 35% on hardware “tight”.

Still, Apple is at risk of being squeezed in both hardware and software — to the extent a corporation the size of Apple can actually be squeezed, of course. Its hardware made in China is now exempt from Trump’s escalating and volatile tariff demands, but that could obviously change if Tim Cook is insufficiently grateful. Meanwhile, its Google search deal with 100% margins is at risk of being disallowed.

The advertising market is an obvious but dispiriting place to find money. Apple already has a few spots available in the App Store, and in News and Stocks, and I could see the potential for placements in apps like Maps, Music, Podcasts, and Wallet.

This rebranding and the increasingly important Services revenue charts look like a forecast for more ads. I hope I am wrong. I do not use News or Stocks, but the ads in the App Store are already a gross exploitation of Apple’s position owning these platforms. It is the kind of move that encourages understandable regulatory scrutiny.

Dan Goodin, Ars Technica:

Following months of backlash, Microsoft later suspended Recall. On Thursday, the company said it was reintroducing Recall. It currently is available only to insiders with access to the Windows 11 Build 26100.3902 preview version. Over time, the feature will be rolled out more broadly.

Kevin Beaumont:

After a bunch of discussions with a bunch of folks, it’s pretty clear there’s been zero published research on Copilot Recall in almost a year – all the news articles have just reprinted Microsoft’s talking points saying it is secure now.

Beaumont says there are improvements to the onboarding process and security, but also found there is still no way for applications to opt out of being recorded, and it still captures private information like Signal chats and credit card numbers. Oh, and Beaumont may have found the decryption key. I see the utility in a feature like this, but I am not sure that outweighs the risks for the user or anyone they communicate with.

Laurens Hof, the Fediverse Report:

There is a technical story, of how Bluesky and the AT Protocol (ATProto) do composable moderation for specific countries. But this is not just an interesting technology, it has implications of government censorship more broadly. Not only is the Turkish censorship of accounts even easier to sidestep, it also allows for new ways to highlight and create visibility for the content that the Turkish government wants to be hidden. To explain how that all works, first a closer look at how moderation works on Bluesky.

I understand why some would disagree with Bluesky’s approach and prefer the way of Mastodon. But I do not think Bluesky’s handling is invalid or necessarily inferior — just different.

Brian Krebs:

A critical resource that cybersecurity professionals worldwide rely on to identify, mitigate and fix security vulnerabilities in software and hardware is in danger of breaking down. The federally funded, non-profit research and development organization MITRE warned today [April 15] that its contract to maintain the Common Vulnerabilities and Exposures (CVE) program — which is traditionally funded each year by the Department of Homeland Security — expires on April 16.

[…]

Update, April 16, 11:00 a.m. ET: The CVE board today announced the creation of non-profit entity called The CVE Foundation that will continue the program’s work under a new, unspecified funding mechanism and organizational structure.

I do not love how I am learning how many critical things worldwide are dependent on an increasingly unstable U.S. government.

Nicole Brockbank, CBC News:

Anvi Ahuja noticed a “freaky” new text message from a number she didn’t know right after getting back to her downtown Toronto apartment last month.

The text was a transcript of the conversation she’d just had with her roommates during their eight-minute Lyft ride home from a friend’s place.

[…]

The company confirms the incident took place, but has offered varying explanations.

None of Lyft’s explanations make sense to me. Bizarre and creepy.

Mike Isaac, New York Times:

In 2012, when Facebook chief executive Mark Zuckerberg cut a $1 billion check to buy the photo-sharing app Instagram, most people thought he had lost his marbles.

“A billion dollars of money?” joked Jon Stewart, then the host of The Daily Show. “For a thing that kind of ruins your pictures?”

Mr. Stewart called the decision “really lame.” His audience — and much of the rest of the world — agreed that Mr. Zuckerberg had overpaid for an app that highlighted a bunch of photo filters.

While Stewart’s bit remains funny, I must again note that many people with actual expertise in this area treated the acquisition as a reasonable cost to neutralize a surging competitor.

Cecilia Kang, Mike Isaac, and David McCabe, New York Times:

The case against Meta could affect its 3.5 billion users, who on average log on to Facebook, Instagram or WhatsApp multiple times a day for news, shopping and texting. Instagram and WhatsApp have attracted more users in recent years as Facebook, Meta’s flagship app, has stopped growing.

“For more than 100 years, American public policy has insisted firms must compete if they want to succeed,” said Daniel Matheson, the F.T.C.’s lead litigator in the case, in his opening remarks. “The reason we are here is that Meta broke the deal.”

“They decided that competition was too hard and it would be easier to buy out their rivals than to compete with them,” he added.

Lily Jamali, BBC News:

Meta countered that the lawsuit from the FTC, which reviewed and approved those acquisitions, is “misguided.”

Meta “acquired Instagram and WhatsApp to improve and grow them alongside Facebook,” the company’s attorney Mark Hansen argued.

To my layperson’s eyes, this does not seem like a counterpoint to the FTC’s arguments as much as it is a reframing of them.

Jennifer Newstead, Meta’s chief legal officer:

In order for the FTC to win this case, they need to prove both that Meta has a dominant share in a properly defined product market that includes all competitors, and that the two acquisitions harmed competition and consumers. They are wrong on both claims. That’s why they’ve gerrymandered a fictitious market in which Facebook and Instagram compete only with Snapchat and an app called MeWe. In reality, more time is spent on TikTok and YouTube than on either Facebook or Instagram – if you only add TikTok and YouTube into the FTC’s social media market definition, Meta has <30% market share.

This is going to be a fascinating trial. It seems clear based on evidence in emails, chats, and underhanded tactics that Instagram and WhatsApp were acquired to neutralize their competitive power. Yet we have no idea what the tech landscape of today would look like had both remained independent companies. Meta’s products still have competition from other social networks and, in theory, it must fight them for every user-minute and ad dollar. However, we know for certain Meta does not need to compete today against Instagram and WhatsApp.