Pixel Envy

Written by Nick Heer.

Link Log Archives

Apple Watch Series 7 Has a Mysterious 60.5GHz Wireless Data Transfer Frequency

Joe Rossignol, MacRumors:

Apple Watch Series 7 models are equipped with a new module that enables 60.5GHz wireless data transfer, according to FCC filings viewed by MacRumors, but this functionality may be reserved for Apple’s internal use only for now.

[…]

It’s unclear how fast the Apple Watch’s wireless data transfer would be, but our understanding is that USB 2.0 speeds up to 480 Mbps might be possible. It’s also unclear if the technology will ever be made available as a consumer-facing feature on the Apple Watch or other Apple products in the future, such as a long-rumored portless iPhone.

I am getting way ahead of myself here, but I am perplexed by the rumoured goal of an iPhone without external connectors. Wireless audio is something I get: AirPods are, for most people, nicer to use with an iPhone than wired headphones. But I still have not picked up either a Qi charging pad or any MagSafe accessory for my iPhone. I still have not been convinced.

I hope this is not simply a way to require that people purchase a separate MagSafe charging puck — $39 in the U.S. — and wall plug — $19 in the U.S. — to boost the average selling price of a new iPhone order. That is especially true as we learned this week that the iPhone 13 Pro’s giant camera bump makes it sit awkwardly on the MagSafe Duo, a product released less than a year ago.

Anyway, all that is speculative and for later. What is news now is that the Apple Watch Series 7 has this mysterious extremely high frequency data transfer. I am sure we will learn more when these models begin shipping. That will likely be around October 15, since preorders begin Friday, October 8. Mark your calendars. (Thanks to Josh Calvetti for the tip.)

Study by Lockdown Privacy Finds Big-Name Apps Like DoorDash, Peacock TV, and Yelp Ignore Tracking Opt-Outs

Johnny Lin and Sean Halloran:

When it comes to stopping third-party trackers, App Tracking Transparency is a dud. Worse, giving users the option to tap an “Ask App Not To Track” button may even give users a false sense of privacy: users who would have otherwise been more cautious with giving their data to an app might let their guard down, thinking that they’re “safe” from third-party tracking. Furthermore, we found that some apps didn’t even bother to show the ATT dialog, despite contacting numerous third-party trackers.

The core problem is that App Tracking Transparency is entirely based on the honor system, so it suffers the same fatal flaw as Apple’s “Privacy Nutrition Facts”. App developers can choose whether or not to be honest about tracking, and if all their competitors are lying, why would they choose to be honest? Since the App Store has millions of apps, slipping by the rules is not only easy, but as our testing showed, it’s the norm.

Contrast the tantrum thrown by privacy-hostile ad tech companies after App Tracking Transparency was announced against the results of this study: a tiny reduction in the amount of tracking in selected high-profile apps. Lin and Halloran say Peacock TV tried to track 57 times when permission was granted and 15 times when it was not — the biggest drop by percentage I could see — while there was no difference in many apps, and a few apps actually initiated tracking more times when the user declined. Private information was still being sent to third-party trackers even when tracking was denied.

But App Tracking Transparency is being blamed for some loss in tracking fidelity, according to Alex Kantrowitz, writing in his Big Technology newsletter:

“Just completely running blind” is how Aaron Paul, a performance Facebook marketer, described it. Paul said his company, Carousel, moved from spending millions of dollars each day on Facebook to a few hundred thousand dollars. Before the iOS changes, Facebook generated 80% of the traffic Carousel sent to its product pages. Now it accounts for 20%.

Apple’s iOS changes may lead to irreparable harm to Facebook’s ad business. This moment has demonstrated to Paul and his fellow performance buyers that relying on one channel (albeit a very effective one) is risky. So they’re looking to diversify their ad spend. Paul said he’s moved his ad budget elsewhere, including “Snapchat and TikTok, but also silent killers like email.” On Twitter, Facebook marketers discussing Apple’s changes almost unanimously agreed they needed to follow suit.

The disconnect in these findings may be explained by the many apps that are following the rules, particularly those from smaller or independent developers — who cannot afford to incur the wrath of App Review — and from really big developers where it would be obvious if they did not comply. In the middle lies this assortment of apps not quite notable enough to attract attention — at least, until this study came out.

I do not think it is surprising there are bad actors ignoring or abusing this feature. The nature of this feature is such that it is impossible to guarantee that apps will respect users’ privacy and choices. Groups of developers have already tried to create workarounds, though Apple has said that it would block any attempt to use them. What will Apple’s response be to this selection of apps?

Lin and Halloran:

In the Settings app, Apple needs to be extremely clear that iOS currently does not and cannot stop third-party tracking. Before iOS 14.5, every app permission (Camera, Contacts, etc) in the Privacy panel has always been enforced by iOS, ensuring that certain apps can or can’t access certain features. iOS 14.5’s Tracking permission breaks this ten-year-old iOS pattern and misleads users into thinking that it’s enforced like every other permission. In fact, iOS even claims something completely untrue here: that “new app tracking requests are automatically denied.”

A quick correction: the quote at the end refers to the dialog box that asks whether an app is allowed to track. If you have “Allow Apps to Request to Track” switched off, you will never see a tracking prompt, and all will be treated as though you tapped “Ask App Not to Track”. I do not think that it is “untrue”.

That aside, I do think the similarities between other permission prompts and the one for app tracking could be misleading. I do not think this is deliberate. But I can see how many people could view their effects similarly, even though the negative option is to “ask” for the app to comply with the user’s request instead of simply disallowing permission.

Visual Lookup With Siri Knowledge in Photos Is Only Available in the U.S., Which Is Something I Learned Earlier Today

Until this evening, I had mostly forgotten about Visual Lookup, the feature where you can take a picture of something and Siri will tell you what is in the photo. But I spotted a tree today that I wanted to know more about, and was disappointed when Siri refused to identify it. Then I noticed that it had not identified anything at all: not plants, not landmarks, not any type of bird.

I thought I had somehow misconfigured a zero-configuration feature, so I tweeted about it. It turns out that Visual Lookup is only available in the United States — but you will have a hell of a time figuring that out from Apple’s website.

If you visit the iOS 15 webpage, the only footnote pertaining to Visual Lookup is that it is “available on iPhone with A12 Bionic and later”, and my iPhone 12 Pro checks that box. Live Text is available in Canada, so I falsely assumed the same should be true for Visual Lookup. There is a general footnote indicating that “some features, applications, and services may not be available in all regions or all languages”, but there is no link to a more specific page, nor is there one on the feature list page.

I found the feature availability page by searching the web. And then you have to know that it is called Visual Lookup and that it is not indexed under “Photos” or “Siri”. Only then will you learn that it is only available in the U.S..

In fairness, Apple’s Canadian marketing page does not have Visual Lookup, which ought to have clued me in. But Apple’s marketing is worldwide, and its press release in Canada did not give any indication that it was a feature only for iPhones that speak American.1

Anyway, I changed the language on my phone about half an hour ago, plugged it in, and have now learned through Siri the tree I spotted is a horse chestnut or buckeye. Neat.


  1. One side effect of all tech companies being based in the U.S. is that feature availability typically means U.S.-first, followed by the rest of the world, which is where I and billions more people happen to live. ↩︎

iOS 15 is ‘Also Available’

Kirk McElhearn and Joshua Long writing at Intego’s Mac Security blog:

Apple released iOS 15 and iPadOS 15 on Monday, September 20, and, as usual, many people updated their iPhones, iPads, and iPod touches to the new operating systems. But unlike in the past, Apple is not pushing people to make the upgrade. For the first time, Apple is going to maintain the previous operating system for users who don’t want to upgrade. You can choose to remain on iOS 14, and still get essential security updates, if you’d rather not move to iOS 15. (When I mention iOS in this article, I also include iPadOS.) This is similar to the way Apple manages macOS; you can upgrade to the new version, or continue to receive security updates on the previous version.

When Apple announced it would be creating two update tracks, I assumed that minor updates to the existing operating system would be listed in the “Also Available” section. But it turns out that is not the case: new versions of iOS 14 are given top billing in the software update screen, and iOS 15 is in the secondary area, kind of like Apple is shy about its availability. This is a much quieter notification than in years’ past.

‘How Important Is Night Photography?’

Brian X. Chen, New York Times:

So in summary, the iPhone 13 cameras are slightly better than those of last year’s iPhones. Even compared with iPhones from three years ago, the cameras are much better only if you care about taking nice photos in the dark.

Just how important is night photography? I posed the question to Jim Wilson, a longtime staff photographer for The New York Times, as he was taking pictures of the new iPhones for this review. He said it would be a crucial feature for people like him, but not as important for casual shooters.

“Sometimes I wait until the night to make an ordinary scene look different and exciting,” he said. “But for most people who aren’t professional photographers, this is of no consequence.”

Via Nilay Patel on Twitter:

The NYT does not believe regular people stand to benefit from better iPhone photos in the dark. I live for this review from another planet every year.

The Times called the iPhone 13 “the most incremental upgrade ever”, which is certainly one way to frame noticeable improvements in battery life and camera quality. Chen does not mention the former, and seems unimpressed with the latter. This review includes a picture of a dog shot with an iPhone XS that is basically unusable. While I agree that most people should hold onto their phones for a few years — I plan on hanging onto my iPhone 12 Pro for at least another year’s worth of revisions, if not longer — someone coming from an iPhone XS would find lots of changes to love in the iPhone 13 line.

Also, better low-light capability undoubtably improves the whole camera system. Smartphone sensors are tiny; to them, anything sub-daylight is a lower-light situation. Hardware and software improvements that benefit performance in poor lighting conditions — aside from something specific like Night Mode — will also show benefits in mediocre lighting conditions.

I am not saying that Chen ought to have given a more positive review to these phones. I have not touched them; I have no idea. But his piece seems out of step with every other review I have read. I do not get it.

Federico Viticci on Safari in iOS 15

Federico Viticci of MacStories has published his annual longform review of the iOS and iPadOS updates, and it is typically comprehensive and carefully constructed. Given my criticisms of Safari’s redesign this summer, I wanted to highlight his impressions:

And here’s the thing: the way I see it, this year’s Safari is an excellent upgrade over iOS 14, with desktop-class features that are finally making their way to mobile devices and a design direction that paves a new path for Apple to follow over the coming years. I have some reservations, particularly regarding the iPad version of Safari. But overall, I feel like the struggles with Safari’s design earlier this summer were necessary for Apple to end up in a much better place than iOS 14’s Safari.

The new Safari, especially on iPhone, may take a while to get used to, but I’m a convert, and I wouldn’t want to go back to Safari’s older look on iPhone now. Let’s take a look.

I feel entirely the same. There is a setting for reverting to the previous layout, but I urge you to give this new version a fair shake.

The one annoyance I continue to have on iOS is when I trigger the tab bar when I mean to drag the home indicator, and vice-versa. These gestures are all very clever but they tend to collide on an iPhone’s relatively small display.

On my iPad — and on my Mac, where I have been running beta versions of Safari 15 for weeks — I still think this redesign is a mess. It is unnecessarily cramped, it is visually unappealing, and there are usability problems even if you enable the separate tab bar to mimic previous versions. The best updates to Safari 15 on iPad and Mac will be those that make it look and work more like Safari 14.

But everything else works pretty well, at least. Tab Groups have made it easier for me to keep several projects organized, I am glad to see extensions in iOS and iPadOS, and I like the improved Safari start page.

Amplosion for iOS

If you have updated to iOS 15, you get to take advantage of Safari Extensions on your iPhone. A great place to start is with Christian Selig’s Amplosion, which automatically redirects bad Google AMP links to good normal links. Even if you like Google AMP links for whatever bizarre inhuman reason — who am I to judge? — Amplosion is worth getting just for its beautiful set of icons.

Remember beautiful and fun icon design? Those were the times.

Do not miss Selig’s announcement video.

Alberta’s Proof-of-Vaccination Program Begins Today

Natalie Valleau, CBC News:

The Alberta government launched its COVID-19 immunization record on Sunday so vaccinated individuals can print out a card-sized copy — but it turns out getting your name on one isn’t difficult.

After the site launched, many took to Twitter to exclaim that the PDF was not locked and that virtually anyone can edit the information on it if they have access to Adobe Reader.

I get the concern, but a home-printable copy of a Helvetica-typeset list of vaccinations is not some unforgeable document. It is trivial to unlock PDFs, too. This is apparently a stopgap measure until QR code-based authentication rolls out later, and it sure feels half-assed. It is not even the size of something you can easily fit in your wallet.

I think it is pretty objectionable they launched this program at a separate URL — albertavaccinerecord.ca — instead of a subdomain of alberta.ca. The first time I saw the address, I had to visit the Alberta Government’s website to verify that it was a legitimate address. I bet very few people did the same. This teaches terrible security practices.

Monotype Acquires Hoefler&Co, and Jonathan Hoefler Is Leaving

Monotype:

Monotype today announced that it has acquired Hoefler&Co, the prominent type foundry based in New York City. Hoefler&Co is one of the most iconic names in type design, having designed the fonts that give voice to many of the world’s foremost institutions, publications, causes, and brands.

Jonathan Hoefler on the Hoefler&Co website:

In the meantime, I’ll be stepping down from my role in the company, to finally make the time to recharge, reflect, and explore some new ideas. In these past few years, participating in a documentary and using typography to help elect a president have been potent reminders of just how many ways there are for type to make a difference, and just how many people are moved by the splendor of typography.

I hope Monotype will be a good steward of the Hoefler&Co collection, but it is always a little bit disappointing to see a seemingly successful independent business get swallowed up by some giant.

In a Story About Increasing Activism at Apple, the New York Times Offers No Credit to the Verge

Apple held an all-hands meeting with employees earlier today. We know this because Zoë Schiffer, of the Verge, reported it on Twitter and live tweeted through it. Schiffer has been a go-to reporter on internal activism efforts at Apple, breaking story after story about employees’ complaints.

But you would not know that if you only read today’s piece from Jack Nicas and Kellen Browning of the New York Times. The article is mostly a retread of ground already covered by Schiffer, but without a single attribution to Schiffer’s work. The Times Guidelines on Integrity document is clear what the reporters ought to be doing:

Our preference, when time and distance permit, is to do our own reporting and verify another organization’s story; in that case, we need not attribute the facts. But even then, as a matter of courtesy and candor, we credit an exclusive to the organization that first broke the news.

Nicas and Browning certainly have their own sources within Apple. Given the number of employees present during today’s all-hands, its contents were certain to leak to someone on the Apple beat. The Times says it has a recording of the meeting, too.

But Schiffer was first to report on all of these stories. The Times should be giving credit.

Facebook’s Design at Scale Means Every Decision Has Extraordinary Consequence

Charlie Warzel:

I’ve come to believe that arguments weighing Facebook’s good and bad outcomes are probably a dead end. What seems rather indisputable is that as currently designed (to optimize scale, engagement, profit) there is no way to tweak the platform in a way that doesn’t ultimately make people miserable or that destabilizes big areas of culture and society. The platform is simply too big. Leave it alone and it turns into a dangerous cesspool; play around with the knobs and risk inadvertently censoring or heaping world historic amounts of attention onto people or movements you never anticipated, creating yet more unanticipated outcomes. If there’s any shred of sympathy I have for the company, it’s that there don’t seem to be any great options.

I think there are plenty of overwrought claims about Facebook that are really not about Facebook and mostly about scoring political points. It can feel performative when people say things like “Facebook is not compatible with democracy.” But I do believe that Facebook, at its current scale and in its current design, is not really compatible with humanity.

Working through the Wall Street Journal’s Facebook Files series this week has been an educational experience. These articles are chock full of evidence from inside the company effectively proving what has long been assumed externally: that it has all of the research and data to show the dangers of its platform, yet attempts to control for them are either shot down for profit reasons or, if implemented, cause unintended consequences that are just as bad. The world coalesced around Facebook’s properties as a primary communications channel and we are worse for it — but we struggle to turn away.

Police Mine Tech Companies for Individuals’ Information With Broad Warrants

Johana Bhuiyan, the Guardian:

Geofence location warrants and reverse search warrants such as the ones McCoy dealt with are increasingly becoming the tool of choice for law enforcement. Google revealed for the first time in August that it received 11,554 geofence location warrants from law enforcement agencies in 2020, up from 8,396 in 2019 and 982 in 2018.

It’s a concerning trend, argue experts and advocates. They worry the increase signals the start of a new era, one in which law enforcement agencies find ever more creative ways to obtain user information from data-rich tech companies. And they fear agencies and jurisdictions will use this relatively unchecked mechanism in the context of new and controversial laws such as the criminalization of nearly all abortions in Texas.

If this topic sounds familiar to you, thank you for being a regular reader. I think this is a critical topic to understand since how law enforcement, which is generally prohibited from monitoring large groups of people indiscriminately, is able to work around pesky restrictive laws by subpoenaing advertisers and data brokers. Byron Tau of the Wall Street Journal has covered this extensively, and so has Joseph Cox of Vice and reporters at Buzzfeed News. In some cases, law enforcement is able to collect information without a warrant, as Tau revealed in an article earlier this week.

Where I think this article jumps the rails is in its attempt to tie Apple’s proposed CSAM detecting efforts to the above warrantless data collection methods:

For tech companies that count advertising among their revenue streams – or as a major source of revenue, as is the case for Google, there’s no real technical solution to curbing government requests for their data. “It would be technically impossible to have this data available to advertisers in a way that police couldn’t buy it, subpoena it or take it with a warrant,” Cahn said.

That’s why Apple’s now-postponed plan to launch a feature that scans for CSAM caused such a furor. When the FBI in 2019 asked Apple to unlock the phone of the suspect in a mass shooting in San Bernardino, California, Apple resisted the request arguing the company couldn’t comply without building a backdoor, which it refused to do. Once Apple begins scanning and indexing the photos of anyone who uses its devices or services, however, there’s little stopping law enforcement from issuing warrants or subpoenas for those images in investigations unrelated to CSAM.

While I understand the concern, this is simply not how the proposed feature would work.

For one thing, Apple is already able to respond to warrants with photos stored in iCloud. The CSAM detection proposal would not change that.

For another, photos are not really being scanned or indexed, but compared against hashes of known CSAM photos and flagged with information about whether a match was found. These would only be for photos stored in iCloud, so someone could disable the feature by disabling iCloud Photo Library.

Perhaps I am missing something key here, but Bhuiyan’s attempt to connect this feature with dragnet warrants seems tenuous at best. When law enforcement subpoenas Apple, they ask for information connected to specific Apple IDs or iCloud accounts. That is very different from the much scarier warrants issued based on the devices connected to a location, or the users that are connected with search queries.

Ad tech companies and data brokers have so much information about individual users that their databases can be used as a proxy for mass surveillance — that is a more pressing ongoing concern.

The iPhone 13 Pro’s Camera Bump Is News in Big

It seems like so long ago that the iPhone 6 launched and, with it, the ”really very pragmatic optimization” of the camera bump, and even longer still since the original iPhone presentation where Steve Jobs barely acknowledged that it had a “two megapixel camera built in”. Now look at the camera. It is less of a bump and more of a boulder.

Apple’s accessory design guidelines have not been updated with these phones yet. But if the webpage rendering is anything to go by, the bump is now over 50% of the width of the back glass and over 25% of its height. This is not a complaint, per se, as I appreciate the technical achievements of building so much camera into so little space. But I have to wonder how much farther this can go. Will a not-too-distant iPhone model just make the whole phone as thick as the camera bump, as if for the cycle to start anew?

SEC Charges App Annie With Securities Fraud in $10 Million Settlement

Issie Lapowsky, Protocol:

The Securities and Exchange Commission announced Tuesday that it’s charging App Annie, the mobile app data provider, with securities fraud, accusing the company of “engaging in deceptive practices” and misrepresenting the origins of its data. App Annie will pay a $10 million settlement, according to the announcement, although the company has not admitted to any of the SEC’s findings.

The ability for companies to settle charges like these without admitting fault is a fascinating piece of legal spin I would love to learn more about. I looked at all of the press releases issued by the SEC since July 1. About one-third of them contained some variation of the phrase “without admitting or denying the SEC’s findings” — including for settlements for inflated income reporting by Kraft Heinz, misreporting a security breach of Pearson, auditing interference by Ernst & Young, and UBS failing to control for risky investments. Allegedly.

We all have to use the word “allegedly” because none of the above companies — including App Annie — admitted guilt, nor were found guilty. They all get to pretend as though they have not broken the law. This settlement process may be less expensive than taking these cases to trial, but the result is that fraud and systemic abuse is treated as a business expense. And remember: these press releases are all from the last ten weeks.

Anyway, all of that is surely beyond the scope of this little website. I wanted to look at that App Annie settlement in more detail and got sidetracked. Here:

[…] The order finds that App Annie and Schmitt understood that companies would only share their confidential app performance data with App Annie if it promised not to disclose their data to third parties, and as a result App Annie and Schmitt assured companies that their data would be aggregated and anonymized before being used by a statistical model to generate estimates of app performance. Contrary to these representations, the order finds that from late 2014 through mid-2018, App Annie used non-aggregated and non-anonymized data to alter its model-generated estimates to make them more valuable to sell to trading firms.

A reminder that App Annie’s data collection practices, like other similar companies, are horrible and creepy.

Video From Today’s ‘California Streaming’ Apple Event

John Voorhees at MacStories has posted copies of all of the videos from today’s “California Streaming” launch of the iPhone 13 lineup, Apple Watch Series 7, and new iPad and iPad Mini models. Apple did not launch new AirPods — which is a bit embarrassing for me — but at least I was not peddling rumours about a big Apple Watch redesign or satellite connectivity in the iPhone.

To find these videos, you may have to look at little harder than simply visiting YouTube and searching for “Apple”. Right now, the top-ranked video for that query is a live stream of a cryptocurrency scam. When I checked earlier, over fifteen thousand people were watching, and the channel broadcasting it somehow has over a million subscribers. As of writing, it is still live, and the Bitcoin and Ethereum addresses associated with the scam have received over $170,000 in just a few hours today.

Google has not responded to my questions about how easy it is to hijack an obviously popular brand term on YouTube with a commonplace scam like this one.

Update: A Google spokesperson confirmed the channel was terminated.

Some Epic v. Apple Post-Decision Followup

How was your weekend? Mine was pretty quiet. I made a peach crumble that I daresay turned out real nice, even though my baking skills are terrible — which is why I make crumbles instead of pies.

Epic Games’ lawyers, on the other hand, were hard at work. The company paid its court-ordered six million dollar penalty — which CEO Tim Sweeney announced with a low-resolution Apple Pay logo for some reason — and filed its expected appeal.

Sarah Perez, TechCrunch:

The appellate court will revisit how Judge Gonzalez Rogers defined the market where Epic Games had argued Apple was acting as a monopolist. Contrary to both parties’ wishes, Gonzalez Rogers defined it as the market for “digital mobile gaming transactions” specifically. Though an appeal may or may not see the court shifting its opinion in Epic Games’ favor, a new ruling could potentially help to clarify the vague language used in the injunction to describe how Apple must now accommodate developers who want to point their customers to other payment mechanisms.

After some catch-up reading today, I think my takeaway on Friday stands. This ruling was well-written and well-articulated; but, while the intention of the injunction was implied, its implications for Apple and developers are still unclear.

I generally agree with Marco Arment’s imagined result:

As a developer, I’d love to see more changes to Apple’s control over iOS. But it’s hard to make larger changes without potentially harming much of what makes iOS great for both users and developers.

Judge Gonzalez Rogers got it right: we needed a minor course correction to address the most egregiously anticompetitive behavior, but most of the way Apple runs iOS is best left to Apple.

I still think there are more things that regulators ought to be looking into when it comes to the expansive offerings of companies like Apple, Google, and Microsoft. But I think Arment makes a good case for the almost status quo.

(Update: I keep thinking about the likelihood of the sideloading doomsday scenarios that Arment writes about. This next part of the parenthetical will only make sense if you read his post: I could see Facebook creating its own app marketplace for iOS, but I am unclear why developers would need to submit their apps to multiple marketplaces, so long as Apple gets to keep its first-party App Store. An adjacent anxiety is the piecemeal way application marketplaces are being regulated. If Apple would like to retain some level of control over the way the iOS app model works around the world, I hope it sees what regulators are looking into and is able to work with them to assuage their concerns, because a Facebook app marketplace is a worrisome prospect indeed.)

I also appreciated Ben Thompson’s take summarizing some of the court’s definitions and legal justifications; here, quoting Judge Gonzalez Rogers’ decision:

If Apple could no longer require developers to use IAP for digital transactions, Apple’s competitive advantage on security issues, in the broad sense, would be undermined and ultimately could decrease consumer choice in terms of smartphone devices and hardware…to a lesser extent, the use of different payment solutions for each app may reduce the quality of the experience for some consumers by denying users the centralized option of managing a single account through IAP. This would harm both consumers and developers by weakening the quality of the App Store to those that value this centralized system.

That was a lot of legalese, but this is the takeaway: IAP is distinct intellectual property from developer tools broadly; it is the entire set of app management tools, not just a payment processor; and Apple has legitimate competitive justification to require IAP be used for in-app purchases.

Interesting days ahead for the App Store. This modest corrective action is, I think, a good step toward a store that improves users’ experiences while opening up new possibilities. I still hope Apple takes greater advantage to simultaneously release regulatory pressure and the hostility felt by developers.

Apple Issues Software Updates to Patch at Least One Vulnerability Exploited by NSO Group

Apple today released iOS 14.8, iPadOS 14.8, WatchOS 7.6.2, and MacOS updates to patch two vulnerabilities exploited in the wild, including one by NSO Group. Bill Marczak, et al., of Citizen Lab:

Because the format of the files matched two types of crashes we had observed on another phone when it was hacked with Pegasus, we suspected that the “.gif” files might contain parts of what we are calling the FORCEDENTRY exploit chain.

Citizen Lab forwarded the artifacts to Apple on Tuesday, September 7. On Monday, September 13, Apple confirmed that the files included a zero-day exploit against iOS and MacOS. They designated the FORCEDENTRY exploit CVE-2021-30860, and describe it as “processing a maliciously crafted PDF may lead to arbitrary code execution.”

The exploit works by exploiting an integer overflow vulnerability in Apple’s image rendering library (CoreGraphics). We are publishing limited technical information about CVE-2021-30860 at this time.

NSO Group’s spyware is almost always deployed in a highly targeted way but, now that some knowledge about this vulnerability is public, it is only a matter of time before it is exploited more broadly. Update your software today.

Nearly Six Million High-Profile Facebook Users Are Effectively Exempt From Platform Rules

Jeff Horwitz, Wall Street Journal:

Mark Zuckerberg has publicly said Facebook Inc. allows its more than three billion users to speak on equal footing with the elites of politics, culture and journalism, and that its standards of behavior apply to everyone, no matter their status or fame.

In private, the company has built a system that has exempted high-profile users from some or all of its rules, according to company documents reviewed by The Wall Street Journal.

The program, known as “cross check” or “XCheck,” was initially intended as a quality-control measure for actions taken against high-profile accounts, including celebrities, politicians and journalists. Today, it shields millions of VIP users from the company’s normal enforcement process, the documents show. Some users are “whitelisted” — rendered immune from enforcement actions — while others are allowed to post rule-violating material pending Facebook employee reviews that often never come.

I do not think it is surprising that moderation of high-profile accounts is treated differently than that of average users, nor do I necessarily think it is wrong. Social media is all grown up, with celebrities and organizations treating it as an official broadcast system. The U.S. Securities and Exchange Commission treats Facebook posts as adequate investor disclosure.

But what Facebook has built, according to Horwitz, is not a system to protect the integrity and security of Facebook users with a large audience. It is an over-broad attempt to ward off what employees call “PR fires” — a side effect of which being that the users with the biggest megaphones are given another channel by which to spread whatever information they choose with little consequence.

Also, nearly six million users are enrolled in this thing?

Horwitz:

The documents that describe XCheck are part of an extensive array of internal Facebook communications reviewed by The Wall Street Journal. They show that Facebook knows, in acute detail, that its platforms are riddled with flaws that cause harm, often in ways only the company fully understands.

Moreover, the documents show, Facebook often lacks the will or the ability to address them.

This is the first in a series of articles based on those documents and on interviews with dozens of current and former employees.

I recently finished “An Ugly Truth”. If you have been paying attention to reporting on Facebook recently, you likely will not be surprised by its contents, but it is worthwhile to have so much encapsulated in a single work.

“An Ugly Truth” is a deliberate summary of about the last five years of Facebook’s internal practices and external controversies. In a way, that is fair: some of the most consequential actions in the company’s history were made from the 2016 U.S. presidential election onward. But many of the problems raised by the book have their roots in decisions made years prior, when mainstream publications — like the one its authors work at — were more comfortable extolling the assumed virtues of connecting as many people on a single discussion platform.

The outcome of that election caused many publications to question those assumptions, as acknowledged by the book’s authors, and I think it tainted some of the investigations critical of Facebook as merely being “anti-Trump”. As much as he singlehandedly tested the limits of platform moderation, that should not be the case. Privacy advocates were raising similar concerns about Facebook for years before that election and, when mainstream outlets got more involved, they were able to use more resources to dig deeper.

Aside from the new information that may be uncovered in this Journal series, it may also be able to present it in a way that could seem less politically charged. I welcome that.

A Security Researcher Accidentally Deleted All Shared Shortcuts Because of ‘Inconsistent’ Security Controls in CloudKit

Remember how, back in March, all links to Shortcuts just stopped working? I had a lot of guesses about why that was — an internal software update went poorly, perhaps? Or maybe a single server’s problems cascaded across an entire data centre? The truth is, as always, far more wild than you might expect.

Frans Rosén of Detectify:

Quite early on I noticed that a lot of Apple’s own apps used a technology called CloudKit and you could say it is Apple’s equivalent to Google’s Firebase. It has a database storage that is possible to authenticate to and directly fetch and save records from the client itself.

[…]

It was quite complex to understand all different authentication flows, and security roles, and this made me curious. Could it be that this was not only complex for me to understand, but also for teams using it internally at Apple? I started investigating where it was being used and for what.

The climax of this post is a screenshot of an email Rosén sent to Apple’s security team with the subject line “Urgent – CloudKit issue, access misconfiguration with com.apple.shortcuts, accidentally deleted whole public _defaultZone and now gallery and all shared shortcuts for all users are gone”. I guess the answer to the earlier question is “yes”.

What a story.

An Open Letter to Tim Cook on Why Apple Should Compromise With Antitrust Regulators

Roger McNamee, in an open letter in Time:

At this point, antitrust intervention in Europe, the U.S., or both is almost certain. By refusing to engage with the legitimate concerns of policymakers, Apple is risking its core security and privacy brand to protect business practices that are not essential to its future.

[…]

It is a strategic error for Apple’s lobbyists and surrogates in Washington to argue against every new antitrust law targeting the tech industry. Apple has made itself a target by being incredibly successful and by adopting communications strategies that mimic tech giants whose anticompetitive behavior is substantially more damaging. Apple is almost certain to lose something, but there is still room to protect your most valuable assets. There may also be an opportunity to gain competitive advantage. Google’s Android operating system has roughly 85% global share in smartphones and smart devices, so robust antitrust intervention against Google may give Apple an opportunity to gain market share in its most important business.

This was published yesterday; even though the judgement in Epic Games v. Apple was handed down today, I think it holds up well.

If there is some ambiguity as to what rules the permanent injunction permits Apple to create around in-app purchases, my hope is that the company uses this as an opportunity to ease off a little. I am not saying that I expect this to happen — today’s judgement indicates that Apple has little reason to stop pursuing its existing App Store strategy, with only the aforementioned exception. But a world in which Apple is not in an antagonistic role with developers is a better one for everyone, assuming that Apple can maintain or improve upon iOS’ privacy and security reputation. These fights are just noise.