After I linked to Josh Dzieza’s long report about subsea cable repair, I got an email from Joshua Ochs who pointed me to Neal Stephenson’s 1996 essay, published in Wired, about the laying of the FLAG cable.

There is some poetry here. The only way I read that original article, published it, and then received that email is because of all of this infrastructure. I may be writing this on a laptop with no wires coming out of it, but that is not really how I am connected to the internet. Instead, one cable after another has carried my bytes.

If you have not read it before, I think you should set aside some time for it. But do note: it is over forty thousand words. You should still read it. Also, there are parts of it which have not aged well — from predictable cultural perspectives, to a comparison made of the demise of the Library of Alexandria which will make you double-take the dateline. And I recommend spending time with the whole thing because it is amazing.

Tim Maly, writing for Nieman fifteen years after its publication:

The dot-com world’s dangerously myopic narcissism was visible to those with the right kind of eyes, and “Mother Earth Mother Board” is 42,535 words of emergency optical surgery. Stephenson wants to show you that everything’s been done before, only crazier.

The essay is apparently a legendary work but, as with so many critically lauded things, it escaped my field of view. If you have time this weekend, do not let it escape yours.

Josh Dzieza, the Verge:

[…] It’s a truism that people don’t think about infrastructure until it breaks, but they tend not to think about the fixing of it, either. In his 2014 essay, “Rethinking Repair,” professor of information science Steven Jackson argued that contemporary thinking about technology romanticizes moments of invention over the ongoing work of maintenance, though it is equally important to the deployment of functional technology in the world. There are few better examples than the subsea cable industry, which, for over a century, has been so effective at quickly fixing faults that the public has rarely had a chance to notice. Or as one industry veteran put it, “We are one of the best-kept secrets in the world, because things just work.”

I bet this essay appears on a good many best of lists at the end of the year. It is tremendous. Necessary reporting well-told and richly illustrated. Normally, I find these kinds of high production value presentations more distracting than they are helpful, but this is exactly the opposite. A wonderful exploration of the kind of quiet profession that makes core parts of life possible for everybody else.

Harris Brewis is back with a four-hour examination of plagiarism on YouTube. Yeah, it is a big one; I watched it in two parts because I needed to charge my headphones, because that is the world in which we now live, and it effectively monopolized my lazy Sunday.

Its subject matter is a little inside baseball — I do not watch nearly enough YouTube to know any of the creators examined — but it is a thoughtful look at what plagiarism on YouTube is like and a particularly damning exposé of one person specifically. It is extremely long but it kind of needs to be in order to accommodate examples in a fuller context.

As you may expect, there is a part of the conclusion which touches on generative media tools: how they can be used to disguise plagiarism in text, and how they themselves are farming the broader works of others. I found this interesting as I have been writing about intellectual property and generative tools a little bit. I am not sure if Brewis’ presentation of copyright is correct — that is to be determined — but it does seem like these tools do something more akin to plagiarism than strict copyright violation. Attorneys at Heer Law — no relation, as far as I know — note that plagiarism “is an ethical offence — rather than a legal offence — and it does not necessarily encompass copyright infringement”. That feels right to me as a description of what something like ChatGPT does in producing something nominally original.

If you have not yet read it, Tyler Vigen’s story about researching the reason for building one specific pedestrian bridge over one stretch of a highway in Minnesota is — hand on heart — as good as everyone says it is, and I recommend spending the time with it and its many notations. A full mystery, told fully.

Kim Zetter, Wired:

As summer turned to fall, behind closed doors, suspicions began to grow among people across government and the security industry that something major was afoot. But the government, which had spent years trying to improve its communication with outside security experts, suddenly wasn’t talking. Over the next few months, “people who normally were very chatty were hush-hush,” a former government worker says. There was a rising fear among select individuals that a devastating cyber operation was unfolding, he says, and no one had a handle on it.

In fact, the Justice Department and Volexity had stumbled onto one of the most sophisticated cyberespionage campaigns of the decade. The perpetrators had indeed hacked SolarWinds’ software. Using techniques that investigators had never seen before, the hackers gained access to thousands of the company’s customers. Among the infected were at least eight other federal agencies, including the US Department of Defense, Department of Homeland Security, and the Treasury Department, as well as top tech and security firms, including Intel, Cisco, and Palo Alto Networks—though none of them knew it yet. Even Microsoft and Mandiant were on the victims list.

Zetter’s thorough investigation into the circumstances of the 2020 SolarWinds breach — including her previously reported story about the FBI’s foreknowledge — is worth your time. It is also a reminder to me that the circumstances of Bloomberg’s Supermicro story, another supposed supply chain compromise, remain mysteriously uncorroborated and without similar on-the-record journalism.

Ben Taub, the New Yorker:

It was against this backdrop [of the “golden age of fraud”] that German institutions supported Wirecard. The country’s traditional industry is in cars and energy systems — BMW, Volkswagen, Daimler, Siemens. Wirecard represented the nation’s challenge to Silicon Valley, its leap into financial technology and the digital era. “German politicians were proud to be able to say, Hey, we have a fintech company!” Florian Toncar, a German parliamentarian, observed. Wirecard’s rising stock price was regarded as a sign that the business was dependable, that its critics were clueless or corrupt. The German business newspaper Handelsblatt called Wirecard’s C.E.O. a “mastermind” who had “come across the German financial scene like the Holy Spirit.” But it was not regulators or auditors who ultimately took the company down; it was a reporter and his editors, in London.


“You cannot understand Wirecard if you understand Wirecard only as fraud,” Felix Holtermann, a financial reporter at Handelsblatt, told me. “It’s not a Potemkin village, it’s not a Bernie Madoff case.” According to Holtermann, who has also written a book about the company, Marsalek routinely “used his power to override Wirecard’s very, very small compliance department” to issue bank accounts, credit cards, and debit cards to Russian oligarchs who were on European financial blacklists. “Germany was, and still is, the money-laundering saloon of Europe,” he said. “Only the biggest washing machine broke.”

The story of Wirecard is outside my usual reading catalogue; I do not spend a lot of time on the Financial Times’ Alphaville pages. So it is unsurprising that I missed the initial cracks of this story as they were reported in 2015. In a way, I am glad I only experienced this for the first time through Taub’s article. It is staggering.

Megan Garber, the Atlantic:

In his 1985 book, Amusing Ourselves to Death, the critic Neil Postman described a nation that was losing itself to entertainment. What Newton Minow had called “a vast wasteland” in 1961 had, by the Reagan era, led to what Postman diagnosed as a “vast descent into triviality.” Postman saw a public that confused authority with celebrity, assessing politicians, religious leaders, and educators according not to their wisdom, but to their ability to entertain. He feared that the confusion would continue. He worried that the distinction that informed all others — fact or fiction — would be obliterated in the haze.


These are Postman’s fears in action. They are also Hannah Arendt’s. Studying societies held in the sway of totalitarian dictators — the very real dystopias of the mid-20th century — Arendt concluded that the ideal subjects of such rule are not the committed believers in the cause. They are instead the people who come to believe in everything and nothing at all: people for whom the distinction between fact and fiction no longer exists.

This is an unquestionably thoughtful piece that explores the seemingly agreed-upon phenomenon of citizens of the United States — in Garber’s terms, but I do not think it is limited to the one country — viewing society from an increasingly detached perspective. Instead of people and ongoing events, we see only characters in a storyline. I think it is very well worth your time and consideration.

But I think it is telling that Garber repeatedly references decades-old books and essays which say, more or less, the same thing. These are issues which society has grappled with for decades. Granted, public trust in government and institutional figureheads has been declining and, so, perhaps some people are filling in the mistrust with their imagination. It also feels forced, to me, to drag these well-trodden arguments into a more contemporary framing by using the word “metaverse”, which I am not sure entirely makes sense here despite Garber’s justifications.

That aside, I appreciate Garber’s updated exploration of the confused zone between what we consider the real world and what we treat as entertainment. The rapid pace at which studios option current events seems, to me, to be both a cause of this phenomenon as well as a product of it — all of those streaming services demand exclusive shows, and it is more exciting to watch a simplified and enhanced version of real life. I am surprised Garber did not cite the Social Network as an accelerant; I have noticed fictional events from the film being casually used when describing Facebook’s origins. People describe others as “real-life NPCs” and it can be hard to know when they are doing so earnestly or ironically.

One other thing; Garber:

The efforts to hold the instigators of the insurrection to account have likewise unfolded as entertainment. “Opinion: January 6 Hearings Could Be a Real-Life Summer Blockbuster,” read a CNN headline in May — the unstated corollary being that if the hearings failed at the box office, they would fail at their purpose. (“Lol no one is watching this,” the account of the Republican members of the House Judiciary Committee tweeted as the hearings were airing, attempting to suggest such a failure.)

Garber notes reasons the hearings actually drew large audiences. She does not mention one other explanation for that: the Committee hired former ABC News producers to make it more compelling for television viewers, and they leveraged connections to put it in prime time slots. It is fair to portray this as a way to turn dry scraps of testimony and a confusing series of events into an understandable storyline. A more cynical read is that these producers treated real life as entertainment fodder. As this essay suggests, the line has fully blurred.

Andy Greenberg, author of “Sandworm”, has a new book out called “Tracers in the Dark” about the new investigative techniques to find criminals who use Tor and cryptocurrencies. Over the past month and a half, Wired has dripped out a lengthy excerpt from the book. The final part was published this week and I spent today reading the whole thing in full.

It leaves much to think about. There are huge ethical questions with unsatisfying answers. For example, Hansa was secretly operated by Dutch police for about a month before it was shut down. But when Greenberg asked investigators whether they had any qualms about facilitating thousands of drug sales, they seemed to give it little thought.

Nevertheless, it is an extraordinary look into a large and expertly coordinated investigation of a modern-day drug market kingpin, well narrated by Greenberg. I was a big fan of “Sandworm”, and I am looking forward to this book becoming available for me at my library.

Perhaps you, like I, have previously attempted to untangle the dense vocabulary inherent to the “crypto” or cryptocurrency or “Web3” space. Maybe you have read Kevin Roose’s guide in the New York Times, or a version of Roose’s essay edited to add context and remove puffery on Molly White’s website, or Rusty Foster’s explanation of Terra; maybe you watched Dan Olson’s video. Maybe you, like I, have done all of those things and only wish there was something much longer to ingest.

Well, good news: the current print issue of Bloomberg Businessweek has been dedicated to a single essay by Matt Levine about how all of this came to be. Yes, it is very long. But it is a Matt Levine piece, so it is also very readable, entertaining, and clearheaded. This is not a critique of the crypto space, nor does it promote those efforts. I am not sure it is truly neutral; nothing is. What it is is a self-contained encyclopedia of that entire world. Good luck.

Ed Caesar, the New Yorker:

North Korea’s cybercrime program is hydra-headed, with tactics ranging from bank heists to the deployment of ransomware and the theft of cryptocurrency from online exchanges. It is difficult to quantify how successful Pyongyang’s hackers have been. Unlike terrorist groups, North Korea’s cybercriminals do not claim responsibility when they strike, and the government issues reflexive denials. As a result, even seasoned observers sometimes disagree when attributing individual attacks to North Korea. Nevertheless, in 2019, a United Nations panel of experts on sanctions against North Korea issued a report estimating that the country had raised two billion dollars through cybercrime. Since the report was written, there has been bountiful evidence to indicate that the pace and the ingenuity of North Korea’s online threat have accelerated.

According to the U.N., many of the funds stolen by North Korean hackers are spent on the Korean People’s Army’s weapons program, including its development of nuclear missiles. The cybercrime spree has also been a cheap and effective way of circumventing the harsh sanctions that have long been imposed on the country. In February, John C. Demers, the Assistant Attorney General for the National Security Division of the Justice Department, declared that North Korea, “using keyboards rather than guns,” had become a “criminal syndicate with a flag.”

There are elements of this report that I do not love,1 but it is an extraordinary look at the effects of an advanced persistent threat actor whose motivation is almost solely financial gain. American and Israeli governments collaborated on malware for espionage and hardware destruction in Iran; the Russian government unleashed Petya and NotPetya to attack Ukraine in an act of war; “Five Eyes” governments share the Warriorpride espionage framework (PDF) for smartphones. But none of these countries’ governments seem interested in siphoning cash just because they can. North Korea, sanctioned internationally and with limited resources, needs money and has invested in a world-class digital subterfuge team to get it.

  1. For example, Priscilla Moriuchi, who is now at Harvard and was previously at the NSA, said in an interview quoted here that “North Koreans understand criminality”. It sounds like Moriuchi means the North Korean government and its agencies, not North Korean people generally, but this imprecision frustrates me because it implies that an entire country’s population is criminally-minded. ↥︎

In Wired, Lauren Goode wrote about how the apps and services she uses will not let her forget about the wedding she cancelled:

[…] The internet is clever, but it’s not always smart. It’s personalized, but not personal. It lures you in with a timeline, then fucks with your concept of time. It doesn’t know or care whether you actually had a miscarriage, got married, moved out, or bought the sneakers. It takes those sneakers and runs with whatever signals you’ve given it, and good luck catching up.


I want a chisel, not a sledgehammer, with which to delete what I no longer need. I don’t want to have to empty my photo albums just because tech companies decided to make them “smart” and create an infinite loop of grief. That feels like a fast path to emotional bankruptcy, a way to “rip out so much of ourselves to be cured of things faster than we should,” as the writer André Aciman put it. “To feel nothing so as not to feel anything—what a waste.” There it is: What a waste. Not wasted time, even if that is also true; that would be too cynical. A waste of potential joy.

This essay is a phenomenal exploration of coping with our decreased agency over our memory.

One of the Google engineers that Goode interviewed for this story explained that they implemented their Memories feature because, in part, many pictures were not viewed after they were taken. It seems that few people considered that, sometimes, we do not want to see those photos again — or, if we do, that we would like to do so on our own terms.

It’s a Friday before a long weekend and I kind of unloaded in the two earlier posts today. Sorry about that. Here’s something a bit lighter, from Katy Vine in Texas Monthly:

Agent Reed didn’t know what to make of Fosdick and T. R.: First these two guys crash into the Gulf of Mexico together, then each flies into this tiny airport within days of each other, and two weeks later, T. R.’s jet bursts into flames. The more Reed dug, the more certain he became that the Citation fire was just one piece of a grand scheme.

The T.R. character in this article seemed to model his life on James Bond, but I think he comes across more like Sterling Archer. Just, you know, not nearly as funny. A remarkable story for your weekend read.

Arundhati Roy, writing in the Financial Times:

But unlike the flow of capital, this virus seeks proliferation, not profit, and has, therefore, inadvertently, to some extent, reversed the direction of the flow. It has mocked immigration controls, biometrics, digital surveillance and every other kind of data analytics, and struck hardest — thus far — in the richest, most powerful nations of the world, bringing the engine of capitalism to a juddering halt. Temporarily perhaps, but at least long enough for us to examine its parts, make an assessment and decide whether we want to help fix it, or look for a better engine.


Whatever it is, coronavirus has made the mighty kneel and brought the world to a halt like nothing else could. Our minds are still racing back and forth, longing for a return to “normality”, trying to stitch our future to our past and refusing to acknowledge the rupture. But the rupture exists. And in the midst of this terrible despair, it offers us a chance to rethink the doomsday machine we have built for ourselves. Nothing could be worse than a return to normality.

Historically, pandemics have forced humans to break with the past and imagine their world anew. This one is no different. It is a portal, a gateway between one world and the next.

There are two clear lessons I hope we draw from this situation that, months ago, I would find unfathomable. The first is that we desperately need competent, transparent, and humble leadership at all levels. I feel somewhat lucky in that respect, but not entirely so; I understand that not everyone is so fortunate.

The second lesson that we should learn is that we need to care for the wellbeing of one another long before we are forced to do so. It should be abundantly clear that even small vulnerabilities are exacerbated when they are tested.

The “normal” that I hope we return to is one in which we are once again free to travel, gather as friends, go to shows, eat and drink at new restaurants and bars, and spend more time together. But that should not mean going back to underpaying people in positions that have always been vital; we should not underestimate the strengthening qualities of good governance, public research, and civil service.

Nitasha Tiku, Wired:

All of those precepts sent Google’s workforce into full tilt after the travel ban was announced. Memegen went flush with images bearing captions like “We stand with you” and “We are you.” Jewglers and HOLA, affinity groups for Jewish and Latinx employees, quickly pledged their support for Google’s Muslim group. According to The Wall Street Journal, members of one mailing list brainstormed whether there might be ways to “leverage” Google’s search results to surface ways of helping immigrants; some proposed that the company should intervene in searches for terms like “Islam,” “Muslim,” or “Iran” that were showing “Islamophobic, algorithmically biased results.” (Google says none of those ideas were taken up.) At around 2 pm that Saturday, an employee on a mailing list for Iranian Googlers floated the possibility of staging a walkout in Mountain View. “I wanted to check first whether anyone thinks this is a bad idea,” the employee wrote. Within 48 hours, a time had been locked down and an internal website set up.


In his short, off-the-cuff remarks to the packed courtyard, Pichai called immigration “core to the founding of this company.” He tried to inject a dose of moderation, stressing how important it was “to reach out and communicate to people from across the country.” But when he mentioned Brin’s appearance at the airport, his employees erupted in chants of “Ser-gey! Ser-gey! Ser-gey!” Brin finally extricated himself from the crowd and shuffled up to the mic, windbreaker in hand. He, too, echoed the protesters’ concerns but tried to bring the heat down. “We need to be smart,” he said, “and that means bringing in folks who have some different viewpoints.” As he spoke, a news chopper flew overhead.

And that was pretty much the last time Google’s executives and workers presented such a united front about anything.

Tiku presents a deep, well-investigated look at an increasingly toxic internal culture as executives pursued morally-challenged money making opportunities.

Craig Mod:

It feels — intuitively — that software (beyond core functionality) should aim for speed. Speed as a proxy for efficiency. If a piece of software is becoming taurine-esque, unwieldy, then perhaps it shouldn’t be a single piece of software. Ultimately, to be fast is to be light. And to be light is to lessen the burden on someone or some task. This is the ultimate goal: For our pocket supercomputers to lesson burdens, not increase them. For our mega-powered laptops to enable a kind of fluency — not battle, or struggle — of creation.

This essay speaks to me on a gut level; I’m sure many of you will have a similar appreciation for it.

Mod’s essay is positive and delightful. I will say — in a more negative and grouchy tone — that slow software invariably irritates me, in a very thousand cuts kind of way. I use Windows at work and I wince every time I click on the Start menu and have to wait for the second-long superfluous render-blocking animation to play. Some of the very slow animations in tvOS make me feel the same way — for example, when exiting the screen saver. Don’t get me wrong — animation adds expected polish — but it should not be an impediment.

Slow software feels imprecise and untrustworthy. Fast software feels implicitly more reliable and cared-for. I have a top-of-the-line iMac; not only should I not feel sluggishness in any day-to-day task, everything ought to feel instantaneous. I wish this were a higher priority for all software firms at an organizational level. For me, at least, it determines what I use.

Hubert Horan, American Affairs Journal:

Above all, Uber argued that its business model and technology were so innovative that it had created an entirely new industry (“ridesharing”) based on entirely new business concepts (the “sharing economy”). It insisted that it was a “tech company” selling sophisticated software, and could not possibly be compared to taxi companies. In fact, however, Uber carries people from point A to point B, just like taxis have for a hundred years. The “tech company” claim was really an attempt to get people to ignore its huge losses, since tech companies like Facebook had quickly grown into profitability. The “software” claim was designed to justify preventing its drivers from getting the labor law protections employees are entitled to, based on the argument that they were totally independent entrepreneurs who had freely chosen to purchase Uber’s superi or software products. Furthermore, nothing in Uber’s business model is actually being shared. The only meaningful economic distinction between “taxis” and “ridesharing” is that the latter avoids regulations that traditional taxis must still obey and depends on billions in predatory investor subsidies.

Uber’s claim that its growth resulted from customers freely choosing its superior service in competitive markets is fundamentally false. Competitive markets use price and profit signals to help allocate resources to more efficient uses. Uber grew because its years of billion-dollar subsidies totally distorted those signals, and allowed it to drive more efficient producers out of business.

About a year and a half ago, I linked to a couple of pieces arguing that Uber’s most impressive revolutionary gesture would be if the company functioned as a long-term business. They have lost — and I’m going to write this out in full and italicize it — fourteen billion dollars in the last four years. Horan’s analysis of Uber’s performance to date is second-to-none, and he’s reasonably skeptical of attempts to distract from the company’s mismanagement and losses through the invocation of autonomous vehicles.

Drew Magary, Deadspin:

I remember hosting the Deadspin Awards in New York the night of December 5th and then heading over to a karaoke bar for a staff after-party, where I ate some pizza, drank a beer, sang one song (Tom Petty’s “You Got Lucky,” which would soon prove either fitting or ironic, depending upon your perspective), and that’s it. After that comes a great void. I don’t remember inexplicably collapsing in a hallway, fracturing my skull because I had no way to brace myself for the impact. I don’t remember sitting up after that, my co-workers alarmed at the sight of blood trickling out of the back of my head. I don’t remember puking all over Barry Petchesky’s pants, vomit being one of many fun side effects of your brain exploding, as he held my head upright to keep me from choking on my own barf. I don’t remember Kiran Chitanvis quickly calling 911 to get me help. I don’t remember getting into an ambulance with Victor Jeffreys and riding to an uptown hospital, with Victor begging me for the passcode to my phone so that he could call my wife. He says I made an honest effort to help, but my circuits had already shorted out and I ended up giving him sequences of four digits that had NOTHING to do with the code. Flustered, he asked me for my wife’s phone number outright. Instead, I unwittingly gave him a series of 10 digits unrelated to the number he sought.

I don’t remember that. I don’t remember bosswoman Megan Greenwell trailing behind the ambulance in a cab with her husband and staying at the hospital ALL NIGHT to plead with them to give me a closer look (at first, the staff thought I was simply inebriated; my injury had left me incoherent enough to pass as loaded) because she suspected, rightly, that something was very wrong with me. I don’t remember doctors finally determining that I had suffered a subdural hematoma, or a severe brain bleed: A pool of blood had collected in my brain and was pressing against my brain stem. I was then rushed to another hospital for surgery, where doctors removed a piece of my skull, drained the rogue blood, implanted a small galaxy in my brain to make sure my opinions remain suitably vast, put the hunk of skull back in, and also drilled a hole in the TOP of my head to relieve the pressure. They also pried my eyes open and peeled the contact lenses off my eyeballs. They then put me into a medically-induced coma (SO METAL) so that my brain could rest and heal without Awake Drew barging in and fucking everything up.

I don’t remember any of that. I told you I wouldn’t be a very reliable narrator.

This is many things. It is gutting, inspiring, saddening, frustrating, at times very funny because Drew Magary wrote it so of course it is, illuminating, and moving. But, as a piece of writing, it’s perfect. Put this on your reading list for the weekend, or read it now. I don’t care which; it’s worth your time.

This essay by Paul Ford, published in Wired, is magnificent. I’ve been letting it stew all day, re-reading it a couple of times here and there. It’s beautiful, haunting, gutting, and romantic. Two excerpts from a dozen or more I could have picked to share here. First:

I keep meeting people out in the world who want to get into this industry. Some have even gone to coding boot camp. They did all the exercises. They tell me about their React apps and their Rails APIs and their page design skills. They’ve spent their money and time to gain access to the global economy in short order, and often it hasn’t worked.

I offer my card, promise to answer their emails. It is my responsibility. We need to get more people into this industry.

But I also see them asking, with their eyes, “Why not me?”

And here I squirm and twist. Because— because we have judged you and found you wanting. Because you do not speak with a confident cadence, because you cannot show us how to balance a binary tree on a whiteboard, because you overlabored the difference between UI and UX, because you do not light up in the way that we light up when hearing about some obscure bug, some bad button, the latest bit of outrageousness on Hacker News. Because the things you learned are already, six months later, not exactly what we need. Because the industry is still overlorded by people like me, who were lucky enough to have learned the etiquette early, to even know there was an etiquette.

Tech is, of course, not the sole industry with an insular and specific culture; but, it is something that can be changed by readers of websites like this one, or Wired. Technology has been commoditized so that you see people of every age, race, gender, and personality walking around with a smartphone or a DSLR or a smartwatch or wireless headphones, but the creation of these things haven’t followed suit at the same rate.

The second excerpt:

I have no desire to retreat to the woods and hear the bark of the fox. I like selling, hustling, and making new digital things. I like ordering hard drives in the mail. But I also increasingly enjoy the regular old networks: school, PTA, the neighbors who gave us their kids’ old bikes. The bikes represent a global supply chain; when I touch them, I can feel the hum of enterprise resource planning software, millions of lines of logistics code executed on a global scale, bringing the handlebars together with the brakes and the saddle onto its post. Then two kids ride in circles in the supermarket parking lot, yawping in delight. I have no desire to disrupt these platforms. I owe my neighbors a nice bottle of wine for the bikes. My children don’t seem to love computers as I do, and I doubt they will in the same way, because computers are everywhere, and nearly free. They will ride on different waves. Software has eaten the world, and yet the world remains.

This sounds dour and miserable but it isn’t all that — I promise. As much as Ford examines the failings of the industry in this essay, there’s an undercurrent of optimism.

In some ways, Ford’s piece reminds me of Frank Chimero’s 2018 essay about how web development is increasingly like building software instead of just writing a document. I remember when I learned that I could view the source of a webpage, and that’s how I began to learn how to build stuff for the web. That foundation drove my career and a passion for learning how things are made. Things are different now, of course. Common toolchains now generate gnarly HTML and indecipherable CSS; the web is less elegant and human-driven. But I’m not sure that different and harder are necessarily worse.

Thinking more comprehensively about Ford’s essay, perhaps there’s a new perspective that can be brought only by those new to tech. After growing up with the stratospheric rise of the industry and seeing how it has strained, maybe that context will inform how they read this piece.

Joel Schectman and Christopher Bing, Reuters:

A team of former U.S. government intelligence operatives working for the United Arab Emirates hacked into the iPhones of activists, diplomats and rival foreign leaders with the help of a sophisticated spying tool called Karma, in a campaign that shows how potent cyber-weapons are proliferating beyond the world’s superpowers and into the hands of smaller nations.


The ex-Raven operatives described Karma as a tool that could remotely grant access to iPhones simply by uploading phone numbers or email accounts into an automated targeting system. The tool has limits — it doesn’t work on Android devices and doesn’t intercept phone calls. But it was unusually potent because, unlike many exploits, Karma did not require a target to click on a link sent to an iPhone, they said.

In 2016 and 2017, Karma was used to obtain photos, emails, text messages and location information from targets’ iPhones. The technique also helped the hackers harvest saved passwords, which could be used for other intrusions.

It isn’t clear whether the Karma hack remains in use. The former operatives said that by the end of 2017, security updates to Apple Inc’s iPhone software had made Karma far less effective.

This story is just one part of a deeper investigation from Schectman and Bing into surveillance activities by the United Arab Emirates on dissidents and activists, which is worth reading. Remarkably, it even cites a named source.

The timing of the capabilities of this exploit coincide with the introduction of iMessage media previews. If I were looking to create a security hole in an iPhone without any user interaction, that’s the first place I’d look. Also, note that this report states that this exploit is now “far less effective”; it does not say that the vulnerabilities have been patched.