Kurt Wagner and Katie Roof, Bloomberg:

Elon Musk said his xAI artificial intelligence startup has acquired the X platform, which he also controls, at a valuation of $33 billion, marking a surprise twist for the social network formerly known as Twitter.

This feels like it has to be part of some kind of financial crime, right? Like, I am sure it is not; I am sure this is just a normal thing businesses do that only feels criminal, like how they move money around the world to avoid taxes.

Wagner and Roof:

The deal gives the new combined entity, called XAI Holdings, a value of more than $100 billion, not including the debt, according to a person familiar with the arrangement, who asked not to be identified because the terms weren’t public. Morgan Stanley was the sole banker on the deal, representing both sides, other people said.

For perspective, that is around about the current value of Lockheed Martin, Rio Tinto — one of the world’s largest mining businesses — and Starbucks. All of those companies make real products with real demand — unfortunately so, in the case of the first. xAI has exactly one external customer today. And it is not like unpleasant social media seems to be a booming business.

Kate Conger and Lauren Hirsch, New York Times:

This month, X continued to struggle to hit its revenue targets, according to an internal email seen by The New York Times. As of March 3, X had served $91 million of ads this year, the message said, well below its first-quarter target of $153 million.

This is including the spending of several large advertisers. For comparison, in the same quarter in the pre-Musk era, Twitter generated over a billion dollars in advertising revenue.

I am begging for Matt Levine to explain this to me.

⌥ Permalink

Allison Morrow, CNN:

Tech columnists such as the New York Times’ Kevin Roose have suggested recently that Apple has failed AI, rather than the other way around.

“Apple is not meeting the moment in AI,” Roose said on his podcast, Hard Fork, earlier this month. “I just think that when you’re building products with generative AI built into it, you do just need to be more comfortable with error, with mistakes, with things that are a little rough around the edges.”

To which I would counter, respectfully: Absolutely not.

Via Dan Moren, of Six Colors:

The thesis of the piece is not about excusing Apple’s AI missteps, but zooming out to take a look at the bigger picture of why AI is everywhere, and make the argument that maybe Apple is well-served by not necessarily being on the cutting edge of these developments.

If that is what this piece is arguing, I do not think Apple makes a good case for it. When it launched Apple Intelligence, it could have said it was being more methodical, framing a modest but reliable feature set as a picture of responsibility. This would be a thin layer of marketing speak covering the truth, of course, but that would at least set expectations. Instead, what we got was a modest and often unreliable feature set with mediocre implementation, and the promise of a significantly more ambitious future that has been kicked down the road.

These things do not carry the Apple promise, as articulated by Morrow, of “design[ing] things that are accessible out of the box”, products for which “[y]ou will almost never need a user manual filled with tiny print”. It all feels flaky and not particularly nice to use. Even the toggle to turn it off is broken.

⌥ Permalink

Online privacy isn’t just something you should be hoping for – it’s something you should expect. You should ensure your browsing history stays private and is not harvested by ad networks.

By blocking ad trackers, Magic Lasso Adblock stops you being followed by ads around the web.

As an efficient, high performance and native Safari ad blocker, Magic Lasso blocks all intrusive ads, trackers and annoyances on your iPhone, iPad, and Mac. And it’s been designed from the ground up to protect your privacy.

Users rely on Magic Lasso Adblock to:

• Remove ad trackers, annoyances and background crypto-mining scripts

• Browse common websites 2.0× faster

• Block all YouTube ads, including pre-roll video ads

• Double battery life during heavy web browsing

• Lower data usage when on the go

With over 5,000 five star reviews; it’s simply the best ad blocker for your iPhone, iPad, and Mac.

And unlike some other ad blockers, Magic Lasso Adblock respects your privacy, doesn’t accept payment from advertisers and is 100% supported by its community of users.

So, join over 350,000 users and download Magic Lasso Adblock today.

⌥ Permalink

Meta:

Formerly a place to view friend requests and People You May Know, the Friends tab will now show your friends’ stories, reels, posts, birthdays and friend requests.

You know, I think this concept of showing people things they say they want to see might just work.

Meta says this is just one of “several ‘O.G.’ Facebook experiences [coming] throughout the year” — a truly embarrassing sentence. But Mark Zuckerberg said in an autumn earnings call that Facebook would “add a whole new category of content which is A.I. generated or A.I. summarized content, or existing content pulled together by A.I. in some way”. This plan is going just great. I think the way these things can be reconciled is exactly how Facebook is doing it: your friends go in a “Friends” tab, but you will see all the other stuff it wants to push on you by default. Just look how Meta has done effectively the same thing in Instagram and Threads.

⌥ Permalink

Jeff Johnson in November 2023:

When people wistfully proclaim that they wish for the next major macOS version to be a “Snow Leopard update”, they’re wishing for the wrong thing. No major update will solve Apple’s quality issues. Major updates are the cause of quality issues. The solution would be a long string of minor bug fix updates. What people should be wishing for are the two years of stability and bug fixes that occurred after the release of Snow Leopard. But I fear we’ll never see that again with Tim Cook in charge.

I read an article today from yet another person pining for a mythical Snow Leopard-style MacOS release. While I sympathize with the intent of their argument, it is largely fictional and, as Johnson writes, it took until about two years into Snow Leopard’s release cycle for it to be the release we want to remember:

It’s an iron law of software development that major updates always introduce more bugs than they fix. Mac OS X 10.6.0 was no exception, of course. The next major update, Mac OS X 10.7.0, was no exception either, and it was much buggier than 10.6.8 v1.1, even though both versions were released in the same week.

What I desperately miss is that period of stability after a few rounds of bug fixes. As I have previously complained about, my iMac cannot run any version of MacOS newer than Ventura, released in 2022. It is still getting bug and security fixes. In theory, this should mean I am running a solid operating system despite missing some features.

It is not. Apple’s engineering efforts quickly moved toward shipping MacOS Sonoma in 2023, and then Sequoia last year. It seems as though any bug fixes were folded into these new major versions and, even worse, new bugs were introduced late in the Ventura release cycle that have no hope of being fixed. My iMac seizes up when I try to view HDR media; because this Extended Dynamic Range is an undocumented enhancement, there is no preference to turn it off. Recent Safari releases have contained several bugs related to page rendering and scrolling. Weather sometimes does not display for my current location.

Ventura was by no means bug-free when it shipped, and I am disappointed even its final form remains a mess. My MacBook Pro is running the latest public release of MacOS Sequoia and it, too, has new problems late in its development cycle; I reported a Safari page crashing bug earlier this week. These are on top of existing problems, like how there is no way to change the size of search results’ thumbnails in Photos.

Alas, I am not expecting many bugs to be fixed. It is, after all, nearly April, which means there are just two months until WWDC and the first semi-public builds of another new MacOS version. I am hesitant every year to upgrade. But it does not appear much effort is being put into the maintenance of any previous version. We all get the choice of many familiar bugs, or a blend of hopefully fewer old bugs plus some new ones.

⌥ Permalink

Remember when Substack’s co-founders went to great lengths to explain what they had built was little more than infrastructure? It was something they repeated earlier this year:

You need to have your own corner of the internet, a place where you can build a home, on your own land, with assets you control.

Our system gives creators ownership. With Substack, you have your own property to build on: content you own, a URL of your choosing, a website for your work, and a mailing list of your subscribers that you can export and take with you at any time.

This is a message the company reinforces because it justifies a wildly permissive environment for posters that requires little oversight. But it is barely more true that Substack is “your own land, with assets you control” than, say, a YouTube channel. The main thing Substack has going for it is that you can export a list of subscribers’ email accounts. Otherwise, the availability of your material remains subject to Substack’s priorities and policies.

What Substack in fact offers, and what differentiates it from a true self-owned “land”, is a comprehensive set of media formats and opportunities for promotion.

Charlotte Klein, New York magazine:

Substack today has all of the functionalities of a social platform, allowing proprietors to engage with both subscribers (via the Chat feature) or the broader Substack universe in the Twitter-esque Notes feed. Writers I spoke to mentioned that for all of their reluctance to engage with the Notes feature, they see growth when they do. More than 50 percent of all subscriptions and 30 percent of paid subscriptions on the platform come directly from the Substack network. There’s been a broader shift toward multimedia content: Over half of the 250 highest-revenue creators were using audio and video in April 2024, a number that had surged to 82 percent by February 2025.

Substack is now a blogging platform with email capabilities, a text-based social platform, a podcasting platform, and a video host — all of which can be placed behind a paywall. This is a logical evolution for the company. But please do not confuse this with infrastructure. YouTube can moderate its platform as it chooses and so can Substack. The latter has decided to create a special category filled to the brim with vaccine denialism publications that have “tens of thousands of paid subscribers”, from which Substack takes ten percent of earnings.

⌥ Permalink

The high-test idiocy of a senior U.S. politician inviting a journalist to an off-the-record chat planning an attack on Yemen, killing over thirty people and continuing a decade of war, seems to have popularized a genre of journalism dedicated to the administration’s poor digital security hygiene. Some of these articles feel less substantial; others suggest greater crimes. One story feels like deja vu.

Dhruv Mehrotra and Tim Marchman, Wired:

The Venmo account under [Mike] Waltz’s name includes a 328-person friend list. Among them are accounts sharing the names of people closely associated with Waltz, such as [Walker] Barrett, formerly Waltz’s deputy chief of staff when Waltz was a member of the House of Representatives, and Micah Thomas Ketchel, former chief of staff to Waltz and currently a senior adviser to Waltz and President Donald Trump.

[…]

One of the most notable appears to belong to [Susie] Wiles, one of Trump’s most trusted political advisers. That account’s 182-person friend list includes accounts sharing the names of influential figures like Pam Bondi, the US attorney general, and Hope Hicks, Trump’s former White House communications director.

In 2021, reporters for Buzzfeed News found Joe Biden’s Venmo account and his contacts. Last summer, the same Wired reporters plus Andrew Couts found J.D. Vance’s and, in February, reporters for the American Prospect found Pete Hegseth’s. It remains a mystery to me why one of the most popular U.S. payment apps is this public.

⌥ Permalink

Meredith Whittaker, president of Signal — which has recently been in the news — in an op-ed for the Financial Times:

The UK is part and parcel of a dangerous trend that threatens the cyber security of our global infrastructures. Legislators in Sweden recently proposed a law that would force communication providers to build back door vulnerabilities. France is poised to make the same mistake when it votes on the inclusion of “ghost participants” in secure conversations via back doors. “Chat control” legislation haunts Brussels.

There is some good news: French legislators ultimately rejected this provision.

⌥ Permalink

Like those since 2020, WWDC 2025 appears to be an entirely online event with a one-day in-person event. While it is possible there will be live demos — I certainly hope that is the case — I bet it is a two-hour infomercial again.

If you are planning on travelling there and live outside the United States, there are some things you should know and precautions you should take, particularly if you are someone who is transgender or nonbinary. It is a good thing travel is not required, and hopefully Apple will once again run labs worldwide.

⌥ Permalink

Jason Koebler, 404 Media:

The best way to think of the slop and spam that generative AI enables is as a brute force attack on the algorithms that control the internet and which govern how a large segment of the public interprets the nature of reality. It is not just that people making AI slop are spamming the internet, it’s that the intended “audience” of AI slop is social media and search algorithms, not human beings.

[…]

“Brute force” is not just what I have noticed while reporting on the spammers who flood Facebook, Instagram, TikTok, YouTube, and Google with AI-generated spam. It is the stated strategy of the people getting rich off of AI slop.

Regardless of whether you have been following Koebler’s A.I. slop beat, you owe it to yourself to read this article at least. The goal, Koelber surmises, is for Meta to target slop and ads at users in more-or-less the same way and, because this slop is cheap and fast to produce, it is a bottomless cup of engagement metrics.

Koebler, in a follow-up article:

As I wrote last week, the strategy with these types of posts is to make a human linger on them long enough to say to themselves “what the fuck,” or to be so horrified as to comment “what the fuck,” or send it to a friend saying “what the fuck,” all of which are signals to the algorithm that it should boost this type of content but are decidedly not signals that the average person actually wants to see this type of thing. The type of content that I am seeing right now makes “Elsagate,” the YouTube scandal in which disturbing videos were targeted to kids and resulted in various YouTube reforms, look quaint.

Matt Growcoot, PetaPixel:

Meta is testing an Instagram feature that suggests AI-generated comments for users to post beneath other users’ photos and videos.

Meta is going to make so much money before it completely disintegrates on account of nobody wanting to spend this much time around a thin veneer over robots.

⌥ Permalink

Grace Dean, BBC News:

Ms O’Carroll’s lawsuit argued that Facebook’s targeted advertising system was covered by the UK’s definition of direct marketing, giving individuals the right to object.

Meta said that adverts on its platform could only be targeted to groups of a minimum size of 100 people, rather than individuals, so did not count as direct marketing. But the Information Commissioner’s Office (ICO) disagreed.

“Organisations must respect people’s choices about how their data is used,” a spokesperson for the ICO said. “This means giving users a clear way to opt out of their data being used in this way.”

Meta, in response, says “no business can be mandated to give away its services for free”, a completely dishonest way to interpret the ICO’s decision. There is an obvious difference between advertising and personalized advertising. To pretend otherwise is nonsense. Sure, personalized advertising makes Meta more money than non-personalized advertising, but that is an entirely different problem. Meta can figure it out. Or it can be a big soggy whiner about it.

⌥ Permalink

John Voorhees, MacStories:

The update [next month] will enable 24-bit, 48 kHz lossless audio, which Apple says is supported by over 100 million songs on Apple Music. Using the headphones’ USB-C cable, musicians will enjoy ultra-low latency and lossless audio in their Logic Pro workflows. The USB-C cable will allow them to produce Personalized Spatial Audio, too.

Allow me to recap the absurd timeline of lossless support for AirPods models.

In December 2020, Apple launched the first AirPods Max models promising “high-fidelity sound” and “the ultimate personal listening experience”. These headphones are mostly designed for wireless listening, but a 3.5mm-to-Lightning cable allows you to connect them to analog sources. Five months later, Apple announces lossless audio in Apple Music. These tracks are not delivered in full fidelity to any AirPods model, including the AirPods Max, because of Bluetooth bandwidth limits, nor when AirPods Max are used in wired mode.

In September 2023, Apple updates the AirPods Pro 2 with a USB-C charging case and adds lossless audio playback over “a groundbreaking wireless audio protocol”, but only when using the Vision Pro — a capability also added to the AirPods 4 line. These headphones all have the H2 chip; the pre-USB-C AirPods Pro 2 also had the H2, but do not support lossless audio.

In September 2024, Apple announces a seemingly minor AirPods Max update with new colours and a USB-C port where a Lightning one used to be. Crucially, it still contains the same H1 chip as the Lightning version.

In March 2025, Apple says lossless audio will now be supported by the AirPods Max, but only in a wired configuration, and only for the USB-C model. I feel like there must be technical reasons for this mess, but it is a mess nonetheless.

⌥ Permalink

Simon Sharwood, the Register:

Over the weekend, users noticed their Timelines went missing.

Google seems to have noticed, too, as The Register has seen multiple social media posts in which Timelines users share an email from the search and ads giant in which it admits “We briefly experienced a technical issue that caused the deletion of Timeline data for some people.”

The email goes on to explain that most users that availed themselves of a feature that enables encrypted backups will be able to restore their Maps Timelines data.

Once again, Google provides no explanation for why it is incapable of reliably storing user data, and no customer support. Users are on their own.

⌥ Permalink

Want to experience twice as fast load times in Safari on your iPhone, iPad, and Mac?

Then download Magic Lasso Adblock — the ad blocker designed for you.

As an efficient, high performance, and native Safari ad blocker, Magic Lasso blocks all intrusive ads, trackers, and annoyances – delivering a faster, cleaner, and more secure web browsing experience.

By cutting down on ads and trackers, common news websites load 2× faster and browsing uses less data while saving energy and battery life.

Rely on Magic Lasso Adblock to:

• Improve your privacy and security by removing ad trackers

• Block all YouTube ads, including pre-roll video ads

• Block annoying cookie notices and privacy prompts

• Double battery life during heavy web browsing

• Lower data usage when on the go

With over 5,000 five star reviews; it’s simply the best ad blocker for your iPhone, iPad. and Mac.

And unlike some other ad blockers, Magic Lasso Adblock respects your privacy, doesn’t accept payment from advertisers, and is 100% supported by its community of users.

So, join over 350,000 users and download Magic Lasso Adblock today.

⌥ Permalink

Lucy Mangan, the Guardian:

There have been a few contenders for the crown [of “televisual perfection”] over the years, but none has come as close as Jack Thorne’s and Stephen Graham’s astonishing four-part series Adolescence, whose technical accomplishments – each episode is done in a single take – are matched by an array of award-worthy performances and a script that manages to be intensely naturalistic and hugely evocative at the same time. Adolescence is a deeply moving, deeply harrowing experience.

I did not intend on watching the whole four-part series today, maybe just the first and second episodes. But I could not turn away. The effectively unanimous praise for this is absolutely earned.

The oner format sounds like it could be a gimmick, the kind of thing that screams a bit too loud and overshadows what should be a tender and difficult narrative. Nothing could be further from the truth. The technical decisions force specific storytelling decisions, in the same way that a more maximalist production in the style of, say, David Fincher does. Fincher would shoot fifty versions of everything and then assemble the best performances into a tight machine — and I love that stuff. But I love this, too, little errors and all. It is better for these choices. The dialogue cannot get just a little bit tighter in the edit, or whatever. It is all just there.

I know nothing about reviewing television or movies but, so far as I can tell, everyone involved has pulled this off spectacularly. You can quibble with things like the rainbow party-like explanation of different emoji — something for which I cannot find any evidence — that has now become its own moral panic. I get that. Even so, this is one of the greatest storytelling achievements I have seen in years.

Update: Watch it on Netflix. See? The ability to edit means I can get away with not fully thinking this post through.

⌥ Permalink

Reid Tatoris, Harsh Saxena, and Luis Miglietti, of Cloudflare:

Today, we’re excited to announce AI Labyrinth, a new mitigation approach that uses AI-generated content to slow down, confuse, and waste the resources of AI Crawlers and other bots that don’t respect “no crawl” directives. When you opt in, Cloudflare will automatically deploy an AI-generated set of linked pages when we detect inappropriate bot activity, without the need for customers to create any custom rules.

Two thoughts:

1. This is amusing. Nothing funnier than using someone’s own words or, in this case, technology against them.

2. This is surely going to lead to the same arms race as exists now between privacy protections and hostile adtech firms. Right?

⌥ Permalink

There is a long line of articles questioning Apple’s ability to deliver on artificial intelligence because of its position on data privacy. Today, we got another in the form of a newsletter.

Reed Albergotti, Semafor:

Meanwhile, Apple was focused on vertically integrating, designing its own chips, modems, and other components to improve iPhone margins. It was using machine learning on small-scale projects, like improving its camera algorithms.

[…]

Without their ads businesses, companies like Google and Meta wouldn’t have built the ecosystems and cultures required to make them AI powerhouses, and that environment changed the way their CEOs saw the world.

Again, I will emphasize this is a newsletter. It may seem like an article from a prestige publisher that prides itself on “separat[ing] the facts from our views”, but you might notice how, aside from citing some quotes and linking to ads, none of Albergotti’s substantive claims are sourced. This is just riffing.

I remain skeptical. Albergotti frames this as both a mindset shift and a necessity for advertising companies like Google and Meta. But the company synonymous with the A.I. boom, OpenAI, does not have the same business model. Besides, Apple behaves like other A.I. firms by scraping the web and training models on massive amounts of data. The evidence for this theory seems pretty thin to me.

But perhaps a reluctance to be invasive and creepy is one reason why personalized Siri features have been delayed. I hope Apple does not begin to mimic its peers in this regard; privacy should not be sacrificed. I think it is silly to be dependent on corporate choices rather than legislation to determine this, but that is the world some of us live in.

Let us concede the point anyhow, since it suggests a role Apple could fill by providing an architecture for third-party A.I. on its products. It does not need to deliver everything to end users; it can focus on building a great platform. Albergotti might sneeze at “designing its own chips […] to improve iPhone margins”, which I am sure was one goal, but it has paid off in ridiculously powerful Macs perfect for A.I. workflows. And, besides, it has already built some kind of plugin architecture into Apple Intelligence because it has integrated ChatGPT. There is no way for other providers to add their own extension — not yet, anyhow — but the system is there.

Gus Mueller:

The crux of the issue in my mind is this: Apple has a lot of good ideas, but they don’t have a monopoly on them. I would like some other folks to come in and try their ideas out. I would like things to advance at the pace of the industry, and not Apple’s. Maybe with a blessed system in place, Apple could watch and see how people use LLMs and other generative models (instead of giving us Genmoji that look like something Fisher-Price would make). And maybe open up the existing Apple-only models to developers. There are locally installed image processing models that I would love to take advantage of in my apps.

Via Federico Viticci, MacStories:

Which brings me to my second point. The other feature that I could see Apple market for a “ChatGPT/Claude via Apple Intelligence” developer package is privacy and data retention policies. I hear from so many developers these days who, beyond pricing alone, are hesitant toward integrating third-party AI providers into their apps because they don’t trust their data and privacy policies, or perhaps are not at ease with U.S.-based servers powering the popular AI companies these days. It’s a legitimate concern that results in lots of potentially good app ideas being left on the table.

One of Apple’s specialties is in improving the experience of using many of the same technologies as everyone else. I would like to see that in A.I., too, but I have been disappointed by its lacklustre efforts so far. Even long-running projects where it has had time to learn and grow have not paid off, as anyone can see in Siri’s legacy.

What if you could replace these features? What if Apple’s operating systems were great platforms by which users could try third-party A.I. services and find the ones that fit them best? What if Apple could provide certain privacy promises, too? I bet users would want to try alternatives in a heartbeat. Apple ought to welcome the challenge.

Damian Carrington, the Guardian:

Their exploration of future fossils has led [Prof. Sarah] Gabbott and [Prof. Jan] Zalasiewicz to draw some conclusions. One is that understanding how human detritus could become fossils points towards how best to stop waste piling up in the environment.

“In the making of fossils, it’s the first few years, decades, centuries and millennia which are really crucial,” says Zalasiewicz. “This overlaps with the time in which we have the capacity to do something about it.”

Gabbott says: “The big message here is that the amount of stuff that we are now making is eye-watering – it’s off the scale.” All of the stuff made by humans by 1950 was a small fraction of the mass of all the living matter on Earth. But today it outweighs all plants, animals and microbes and is set to triple by 2040.

It is disconcerting to understand our evidence of civilization accumulated over the span of many tens of thousands of years, yet we have equalized that within just a few decades. We are converting so much of the matter on this planet into things we care about for only a few minutes to a few years, but their mark will last forever.

Gabbott and Zalasiewicz’s book “Discarded” is out now. I hope my local library stocks it soon.

⌥ Permalink

Benedict Evans:

That takes us to xR, and to AI. These are fields where the tech is fundamental, and where there are real, important Apple kinds of questions, where Apple really should be able to do something different. And yet, with the Vision Pro Apple stumbled, and then with AI it’s fallen flat on its face. This is a concern.

The Vision Pro shipped as promised and works as advertised. But it’s also both too heavy and bulky and far too expensive to be a viable mass-market consumer product. Hugo Barra called it an over-engineered developer kit — you could also call it an experiment, or a preview or a concept. […]

The main problem, I think, with the reception of the Vision Pro is that it was passed through the same marketing lens as Apple uses to frame all its products. I have no idea if Apple considers the sales of this experiment acceptable, the tepid developer adoption predictable, or the skeptical press understandable. However, if you believe the math on display production and estimated sales figures, they more-or-less match.

Of course, as Evans points out, Apple does not ship experiments:

The new Siri that’s been delayed this week is the mirror image of this. […]

However, it clearly is a problem that the Apple execution machine broke badly enough for Apple to spend an hour at WWDC and a bunch of TV commercials talking about vapourware that it didn’t appear to understand was vapourware. The decision to launch the Vision Pro looks like a related failure. It’s a big problem that this is late, but it’s an equally big problem that Apple thought it was almost ready.

Unlike the Siri feature delay, I do not think the Vision Pro’s launch affects the company’s credibility at all. It can keep pushing that thing and trying to turn it into something more mass-market. This Siri stuff is going to make me look at WWDC in a whole different light this year.

Mark Gurman, Bloomberg:

Chief Executive Officer Tim Cook has lost confidence in the ability of AI head John Giannandrea to execute on product development, so he’s moving over another top executive to help: Vision Pro creator Mike Rockwell. In a new role, Rockwell will be in charge of the Siri virtual assistant, according to the people, who asked not to be identified because the moves haven’t been announced.

[…]

Rockwell is known as the brains behind the Vision Pro, which is considered a technical marvel but not a commercial hit. Getting the headset to market required a number of technical breakthroughs, some of which leveraged forms of artificial intelligence. He is now moving away from the Vision Pro at a time when that unit is struggling to plot a future for the product.

If you had no context for this decision, it looks like Rockwell is being moved off Apple’s hot new product and onto a piece of software that perennially disappoints. It looks like a demotion. That is how badly Siri needs a shakeup.

Giannandrea will remain at the company, even with Rockwell taking over Siri. An abrupt departure would signal publicly that the AI efforts have been tumultuous — something Apple is reluctant to acknowledge. Giannandrea’s other responsibilities include oversight of research, testing and technologies related to AI. The company also has a team reporting to Giannandrea investigating robotics.

I figured as much. Gurman does not clarify in this article how much of Apple Intelligence falls under Giannandrea’s rubric, and how much is part of the “Siri” stuff that is being transferred to Rockwell. It does not sound as though Giannandrea will have no further Apple Intelligence responsibilities — yet — but the high-profile public-facing stuff is now overseen by Rockwell and, ultimately, Craig Federighi.

⌥ Permalink

There is a free market argument that can be made about how Apple gets to design its own ecosystem and, if it is so restrictive, people will be more hesitant to buy an iPhone since they can get more choices with an Android phone. I get that. But I think it is unfortunate so much of our life coalesces around devices which are so restrictive compared to those which came before.

Recall Apple’s “digital hub” strategy. The Mac would not only connect to hardware like digital cameras and music players; the software Apple made for it would empower people to do something great with those photos and videos and their music.

The iPhone repositioned that in two ways. First, the introduction of iCloud was a way to “demote” the Mac to a device at an equivalent level to everything else. Second, and just as importantly, is how it converged all that third-party hardware into a single device: it is the digital camera, the camcorder, and the music player. As a result, its hub-iness comes mostly in the form of software. If a developer can assume the existence of particular hardware components, they have extraordinary latitude to build on top of that. However, because Apple exercises control over this software ecosystem, it limits its breadth.

Like the Mac of 2001, it is also a hub for accessories — these days, things like headphones and smartwatches. Apple happens to make examples of both. You can still connect third-party devices — but they are limited.

Eric Migicovsky, of Pebble:

I want to set expectations accordingly. We will build a good app for iOS, but be prepared – there is no way for us to support all the functionality that Apple Watch has access to. It’s impossible for a 3rd party smartwatch to send text messages, or perform actions on notifications (like dismissing, muting, replying) and many, many other things.

Even if you believe Apple is doing this not out of anticompetitive verve, but instead for reasons of privacy, security, API support, and any number of other qualities, it still sucks. What it means is that Apple is mostly competing against itself, particularly in smartwatches. (Third-party Bluetooth headphones, like the ones I have, mostly work fine.)

The European Commission announced guidance today for improving third-party connectivity with iOS. Apple is, of course, miserable about this. I am curious to see the real-world results, particularly as the more dire predictions of permitting third-party app distribution have — shockingly — not materialized.

Imagine how much more interesting this ecosystem could be if there were substantial support across “host” platforms.

⌥ Permalink

The RSS feed for this website runs through Feedpress and, at some point in November, I must have done something to cause it to behave unreliably. It took me a while to track down in part because I have the JSON feed in NetNewsWire, but not the RSS feed. A silly oversight, I admit.

I think it is fixed, but please let me know if I have still made a mess of things. I recommend subscribing to the JSON feed anyhow if that is an option for you.

⌥ Permalink

Liv McMahon and Lily Jamali, BBC News:

TikTok’s bid to overturn a law which would see it banned or sold in the US from early 2025 has been rejected.

[…]

TikTok says it will now take its fight to the US Supreme Court, the country’s highest legal authority.

The court’s opinion (PDF) is not particularly long. As this is framed as a question of national security, the court gives substantial deference to the government’s assessment of TikTok’s threat. It also views the legislation passed earlier this year to limit data brokers as a complementary component of this TikTok divest-or-ban law.

I still do not find this argument particularly compelling. There is still too much dependence on classified information and too little public evidence. A generous interpretation of this is the court knows something I do not, and perhaps this is completely justified. But who knows? The paranoia over this app is leaking but the proof is not.

Donald Trump’s victory in the 2024 US Presidential Election may also present a lifeline for the app.

Despite unsuccessfully attempting to ban TikTok during his first term in 2020, he said in the run-up to the November elections he would not allow the ban on TikTok to take effect.

I would be shocked if the incoming administration remains committed to overturning this ban, and not just because of its historically flaky reputation. This very decision references the actions of the first Trump presidency, though it owes more to the more tailored policies of the Biden administration.

If the U.S. Supreme Court does not stay this order and TikTok’s U.S. operations are not jettisoned from its global business, the ban will go into effect the day before Trump’s inauguration.

⌥ Permalink

Last month, Brazilian competition authorities ruled against Apple, finding in an increasingly familiar pattern that its anti-steering App Store rules are illegal. It imposed a twenty-day deadline for compliance.

Filipe Espósito, 9to5Mac:

According to a new Valor Econômico report, a Brazilian Federal Court judge has ruled that the decision by Cade, the Brazilian regulator, is “disproportionate and unnecessary.” The judge understood that the measures imposed by the regulator “change, in a sensitive and structural way” Apple’s business operation.

Cade ruled on November 26 that Apple would have 20 days to comply with antitrust legislation, otherwise it would be fined R$250,000 (US$42,000) per day. Apple had previously appealed on the grounds that the changes requested were too complex and would take too long to be made, so the company wouldn’t be able to meet the 20-day deadline.

Twenty days does seem like a tight turnaround. I have obviously no idea what it would take to copy-and-paste the same policies it uses in Japan, Korea, and the United States, but perhaps it would be easier to rip off the bandage and do so worldwide.

⌥ Permalink

Howard Oakley:

Over those 11 years, governments have come and gone, my grandchildren have grown up and one is now at university, we survived Covid, lost QuickTime and 32-bit code, and now use Apple silicon Macs. But one thing has remained unchanged through all of that, the Finder column width bug.

Maybe this is the year this bug will bubble up to the top of an intern’s to-fix list. As a dedicated user of the column view, I would not miss it.

⌥ Permalink

Want to experience twice as fast load times in Safari on your iPhone, iPad and Mac?

Then download Magic Lasso Adblock — the ad blocker designed for you.

As an efficient, high performance, and native Safari ad blocker, Magic Lasso blocks all intrusive ads, trackers, and annoyances – delivering a faster, cleaner, and more secure web browsing experience.

By cutting down on ads and trackers, common news websites load 2× faster and browsing uses less data while saving energy and battery life.

Rely on Magic Lasso Adblock to:

• Improve your privacy and security by removing ad trackers

• Block all YouTube ads, including pre-roll video ads

• Block annoying cookie notices and privacy prompts

• Double battery life during heavy web browsing

• Lower data usage when on the go

With over 5,000 five star reviews; it’s simply the best ad blocker for your iPhone, iPad. and Mac.

And unlike some other ad blockers, Magic Lasso Adblock respects your privacy, doesn’t accept payment from advertisers, and is 100% supported by its community of users.

So, join over 350,000 users and download Magic Lasso Adblock today.

⌥ Permalink

Go figure — just one day after writing about how Apple’s ambiguous descriptions of supposedly clever features has the potential to rob trust, my phone has become haunted.

I saw a suggestion from Siri that I turn on Do Not Disturb until the end of an event in my calendar — a reservation at a restaurant from 8:30 until 10:00 this morning. No such matching event was in Fantastical. It was, however, shown in the Calendar app as a Siri Suggestion.

What I think happened is that I was looking at that restaurant on OpenTable at perhaps 8:00 this morning. I was doing so in my web browser on my Mac, and I was not logged into OpenTable. My Mac and iPhone are both running operating system beta builds with Apple Intelligence enabled. Siri must have interpreted this mere browsing as me making a reservation, and then added it to my calendar without my asking, and then made a suggestion based on that fictional event.

This was not helpful. It was, in fact, perplexing and creepy. I do not know how all of these things were able to work together to produce this result, but I do not like it at all. It is obvious how this would make anyone question whether they can trust Apple Intelligence, A.I. systems generally, Siri, and their personal privacy. Truly bizarre.

⌥ Permalink

Spencer Ackerman has been a national security reporter for over twenty years, and was partially responsible for the Guardian’s coverage of NSA documents leaked by Edward Snowden. He has good reason to be skeptical of privacy claims in general, and his experience updating his iPhone made him worried:

Recently, I installed Apple’s iOS 18.1 update. Shame on me for not realizing sooner that I should be checking app permissions for Siri — which I had thought I disabled as soon as I bought my device — but after installing it, I noticed this update appeared to change Siri’s defaults.

Apple has a history with changing preferences and dark patterns. This is particularly relevant in the case of the iOS 18.1 update because it was the one with Apple Intelligence, which creates new ambiguity between what is happening on-device and what goes to a server farm somewhere.

Allen Pike:

While easy tasks are handled by their on-device models, Apple’s cloud is used for what I’d call moderate-difficulty work: summarizing long emails, generating patches for Photos’ Clean Up feature, or refining prose in response to a prompt in Writing Tools. In my testing, Clean Up works quite well, while the other server-driven features are what you’d expect from a medium-sized model: nothing impressive.

Users shouldn’t need to care whether a task is completed locally or not, so each feature just quietly uses the backend that Apple feels is appropriate. The relative performance of these two systems over time will probably lead to some features being moved from cloud to device, or vice versa.

It would be nice if it truly did not matter — and, for many users, the blurry line between the two is probably fine. Private Cloud Compute seems to be trustworthy. But I fully appreciate Ackerman’s worries. Someone in his position necessarily must understand what is being stored and processed in which context.

However, Ackerman appears to have interpreted this setting change incorrectly:

I was alarmed to see that even my secure communications apps, like Proton and Signal, were toggled by default to “Learn from this App” and enable some subsidiary functions. I had to swipe them all off.

This setting was, to Ackerman, evidence of Apple “uploading your data to its new cloud-based AI project”, which is a reasonable assumption at a glance. Apple, like every technology company in the past two years, has decided to loudly market everything as being connected to its broader A.I. strategy. In launching these features in a piecemeal manner, though, it is not clear to a layperson which parts of iOS are related to Apple Intelligence, let alone where those interactions are taking place.

However, this particular setting is nearly three years old and unrelated to Apple Intelligence. This is related to Siri Suggestions which appear throughout the system. For example, the widget stack on my home screen suggests my alarm clock app when I charge my iPhone at night. It suggests I open the Microsoft Authenticator app on weekday mornings. When I do not answer the phone for what is clearly a scammer, it suggests I return the missed call. It is not all going to be gold.

Even at the time of its launch, its wording had the potential for confusion — something Apple has not clarified within the Settings app in the intervening years — and it seems to have been enabled by default. While this data may play a role in establishing the “personal context” Apple talks about — both are part of the App Intents framework — I do not believe it is used to train off-device Apple Intelligence models. However, Apple says this data may leave the device:

Your personal information — which is encrypted and remains private — stays up to date across all your devices where you’re signed in to the same Apple Account. As Siri learns about you on one device, your experience with Siri is improved on your other devices. If you don’t want Siri personalization to update across your devices, you can disable Siri in iCloud settings. See Keep what Siri knows about you up to date on your Apple devices.

While I believe Ackerman is incorrect about the setting’s function and how Apple handles its data, I can see how he interpreted it that way. The company is aggressively marketing Apple Intelligence, even though it is entirely unclear which parts of it are available, how it is integrated throughout the company’s operating systems, and which parts are dependent on off-site processing. There are people who really care about these details, and they should be able to get answers to these questions.

All of this stuff may seem wonderful and novel to Apple and, likely, many millions of users. But there are others who have reasonable concerns. Like any new technology, there are questions which can only be answered by those who created it. Only Apple is able to clear up the uncertainty around Apple Intelligence, and I believe it should. A cynical explanation is that this ambiguity is all deliberate because Apple’s A.I. approach is so much slower than its competitors and, so, it is disincentivized from setting clear boundaries. That is possible, but there is plenty of trust to be gained by being upfront now. Americans polled by Pew Research and Gallup have concerns about these technologies. Apple has repeatedly emphasized its privacy bonafides. But these features remain mysterious and suspicious for many people regardless of how much a giant corporation swears it delivers “stateless computation, enforceable guarantees, no privileged access, non-targetability, and verifiable transparency”.

All of that is nice, I am sure. Perhaps someone at Apple can start the trust-building by clarifying what the Siri switch does in the Settings app, though.

Cade Metz, New York Times:

Mr. [Sam] Altman said he was “tremendously sad” about the rising tensions between the two one-time collaborators.

“I grew up with Elon as like a mega hero,” he said.

But he rejected suggestions that Mr. Musk could use his increasingly close relationship with President-elect Trump to harm OpenAI.

“I believe pretty strongly that Elon will do the right thing and that it would be profoundly un-American to use political power to the degree that Elon would hurt competitors and advantage his own businesses,” he said.

Alex Heath, the Verge:

Jeff Bezos and President-elect Donald Trump famously didn’t get along the last time Trump was in the White House. This time, Bezos says he’s “very optimistic” and even wants to help out.

“I’m actually very optimistic this time around,” Bezos said of Trump during a rare public appearance at The New York Times DealBook Summit on Wednesday. “He seems to have a lot of energy around reducing regulation. If I can help him do that, I’m going to help him.”

Emily Swanson, the Guardian:

“Mark Zuckerberg has been very clear about his desire to be a supporter of and a participant in this change that we’re seeing all around America,” Stephen Miller, a top Trump deputy, told Fox.

Meta’s president of global affairs, Nick Clegg, agreed with Miller. Clegg said in a recent press call that Zuckerberg wanted to play an “active role” in the administration’s tech policy decisions and wanted to participate in “the debate that any administration needs to have about maintaining America’s leadership in the technological sphere,” particularly on artificial intelligence. Meta declined to provide further comment.

There are two possibilities. The first is that these CEOs are all dummies with memory no more capacious than that of an earthworm. The second is that these people all recognize the transactional and mercurial nature of the incoming administration, and they have begun their ritualistic grovelling. Even though I do not think money and success is evidence of genius, I do not think these CEOs are so dumb they actually believe in the moral fortitude of these goons.

⌥ Permalink

Ben Cohen, Wall Street Journal:

Only four years ago, when it was less popular for podcasts than both Spotify and Apple, YouTube becoming a podcasting colossus sounded about as realistic as Martin Scorsese releasing his next movie on TikTok.

But this year, YouTube passed the competition and became the most popular service for podcasts in the U.S., with 31% of weekly podcast listeners saying it’s now the platform they use the most, according to Edison Research.

This is notable, but Cohen omits key context for why YouTube is suddenly a key podcast platform: Google Podcasts was shut down this year with users and podcasters alike instructed to move to YouTube. According to Buzzsprout’s 2023 analytics, Google Podcasts was used by only 2.5% of global listeners. YouTube is not listed in their report, perhaps because it exists in its own bubble instead of being part of the broader RSS-feed-reading podcast client ecosystem.

But where Google was previously bifurcating its market share, it aligned its users behind a single client. And, it would seem, that audience responded favourably.

John Herrman, New York magazine:

Then, just as the 2010s podcasting bubble was about to peak, TikTok arrived. Here was a video-first platform that was basically only a recommendation engine, minus the pretense and/or burden of sociality — a machine for automating and allocating virality. Its rapid growth drove older, less vibrant social-media platforms wild with envy and/or panic. They all immediately copied it, refashioning themselves as algorithmic short-video apps almost overnight. Suddenly, on every social-media platform — including YouTube, which plugged vertical video “Shorts” into its interface and rewarded creators who published them with followers, attention, and money — there was a major new opportunity for rapid, viral growth. TikTok’s success (and imitation by existing megaplatforms) triggered a formal explosion in video content as millions of users figured out what sorts of short videos worked in this new context: Vine-like comedy sketches; dances; product recommendations; rapid-fire confessionals. The list expanded quickly and widely, but one surprising category broke through: podcast clips.

Of the top twenty podcasts according to Edison Research, fifteen have what I would deem meaningful and regular video components. I excluded those with either a still piece of artwork or illustrated talking heads, and those which only occasionally have video.

Dave Winer:

[…] We’re losing the word “podcast” very quickly. It’s coming to mean video interviews on YouTube mostly. Our only hope is upgrading the open platform in a way that stimulates the imagination of creators, and there’s no time to waste. If you make a podcast client, it’s time to start collaborating with competitors and people who create RSS-based podcasts to take advantage of the open platforms, otherwise having a podcast will mean getting approved by Google, Apple, Spotify, Amazon etc. […]

I hope this is not the case. Luckily, YouTube seems to be an additional place for podcasters so far. I found every show in the top twenty available for download through Overcast in an audio-only format. Also, YouTube channels have RSS feeds, though that is not very useful in an audio-only client like Overcast. Also, Google’s commitment to RSS is about as good as the company’s commitment to anything.

⌥ Permalink

Out of the U.S. today comes a slew of new proposed restrictions against data brokers and their creepy practices.

The Consumer Financial Protection Bureau:

[…] The proposed rule would limit the sale of personal identifiers like Social Security Numbers and phone numbers collected by certain companies and make sure that people’s financial data such as income is only shared for legitimate purposes, like facilitating a mortgage approval, and not sold to scammers targeting those in financial distress. The proposal would make clear that when data brokers sell certain sensitive consumer information they are “consumer reporting agencies” under the Fair Credit Reporting Act (FCRA), requiring them to comply with accuracy requirements, provide consumers access to their information, and maintain safeguards against misuse.

The Federal Trade Commission:

The Federal Trade Commission will prohibit data broker Mobilewalla, Inc. from selling sensitive location data, including data that reveals the identity of an individual’s private home, to settle allegations the data broker sold such information without taking reasonable steps to verify consumers’ consent.

And also the Federal Trade Commission:

The Federal Trade Commission is taking action against Gravy Analytics Inc. and its subsidiary Venntel Inc. for unlawfully tracking and selling sensitive location data from users, including selling data about consumers’ visits to health-related locations and places of worship.

Both of the proposed FTC orders require these businesses to “maintain a sensitive location data program designed to develop a list of sensitive locations and prevent the use, sale, license, transfer, sharing, or disclosure of consumers’ visits to those locations”. These include, for example and in addition to those in the above quotes, shelters, labour union offices, correctional facilities, and military installations. This order was previewed last month in Wired.

As usual, I am conflicted about these policies. While they are yet another example of Lina Khan’s FTC and other government bureaucrats cracking down on individually threatening data brokers, it would be far better for everyone if this were not handled on a case-by-case basis. These brokers have already caused a wealth of damage around the world, and only they are being required to stop. Other players in the rest of the data broker industry will either self-govern or hope they do not fall into the FTC’s crosshairs, and if you believe the former is more likely, you have far greater faith in already-shady businesses than I do.

There is another wrench in these proposals: we are less than two months away from a second Trump presidency, and the forecast for the CFPB looks unfriendly. It was kneecapped during the first administration and it is on the chopping block for those overseeing a advisory committee masquerading as a government agency. The future of the FTC is more murky, with some indicators it will continue its current path — albeit from a Republican-skewed perspective — while others suggest a reversal.

The centring of the U.S. in the digital activity of a vast majority of us gives it unique power on privacy — power it has, so far, used in only very small doses. The future of regulatory agencies like these has relevance to all of us.

⌥ Permalink

Enron is not really back. Someone managed to grab the Enron.com URL and put up an inspirational faux corporate video and a Shopify merch store. It is all very funny.

What is more amusing to me is stumbling across a preserved-in-amber Enron website. There is an earnings press release from July 2001, mere months before the whole thing went to hell in public. There are descriptions of the company’s vast products.

But this, too, is unofficial. It was created by Facundo Pignanelli to preserve this noteworthy chapter in corporate fraud. There is even an Instagram account. This is all very strange.

⌥ Permalink

Do you want to block all YouTube ads in Safari on your iPhone, iPad and Mac?

Then download Magic Lasso Adblock – the ad blocker designed for you.

As an efficient, high performance, and native Safari ad blocker, Magic Lasso blocks all intrusive ads, trackers, and annoyances – delivering a faster, cleaner, and more secure web browsing experience.

Magic Lasso Adblock is easy to setup, doubles the speed at which Safari loads, and also blocks all YouTube ads; including all:

• video ads

• pop up banner ads

• search ads

• plus many more

With over 5,000 five star reviews; it’s simply the best ad blocker for your iPhone, iPad, and Mac.

And unlike some other ad blockers, Magic Lasso Adblock respects your privacy, doesn’t accept payment from advertisers, and is 100% supported by its community of users.

So, join over 350,000 users and download Magic Lasso Adblock today.

⌥ Permalink

Brendan Nystedt, reporting for Wired on a new generation of admirers of crappy digital cameras from the early 2000s:

For those seeking to experiment with their photography, there’s an appeal to using a cheap, old digital model they can shoot with until it stops working. The results are often imperfect, but since the camera is digital, a photographer can mess around and get instant gratification. And for everyone in the vintage digital movement, the fact that the images from these old digicams are worse than those from a smartphone is a feature, not a bug.

Om Malik attributes it to wabi-sabi:

Retromania? Not really. It feels more like a backlash against the excessive perfection of modern cameras, algorithms, and homogenized modern image-making. I don’t disagree — you don’t have to do much to come up with a great-looking photo these days. It seems we all want to rebel against the artistic choices of algorithms and machines — whether it is photos or Spotify’s algorithmic playlists versus manually crafted mixtapes.

I agree, though I do not see why we need to find just one cause — an artistic decision, a retro quality, an aesthetic trend, a rejection of perfection — when it could be driven by any number of these factors. Nailing down exactly which of these is the most important factor is not of particular interest to me; certainly, not nearly as much as understanding that people, as a general rule, value feeling.

I have written about this before and it is something I wish to emphasize repeatedly: efficiency and clarity are necessary elements, but are not the goal. There needs to be space for how things feel. I wrote this as it relates to cooking and cars and onscreen buttons, and it is still something worth pursuing each and every time we create anything.

I thought about this with these two articles, but first last week when Wil Shipley announced the end of Delicious Library:

Amazon has shut off the feed that allowed Delicious Library to look up items, unfortunately limiting the app to what users already have (or enter manually).

I wasn’t contacted about this.

I’ve pulled it from the Mac App Store and shut down the website so nobody accidentally buys a non-functional app.

Delicious Library was many things: physical and digital asset management software, a kind of personal library, and a wish list. But it was also — improbably — fun. Little about cataloguing your CDs and books sounds like it ought to be enjoyable, but Shipley and Mike Matas made it feel like something you wanted to do. You wanted to scan items with your Mac’s webcam just because it felt neat. You wanted to see all your media on a digital wooden shelf, if for no other reason than it made those items feel as real onscreen as they are in your hands.

Delicious Library became known as the progenitor of the “delicious generation” of applications, which prioritized visual appeal as much as utility. It was not enough for an app to be functional; it needed to look and feel special. The Human Interface Guidelines were just that: guidelines. One quality of this era was the apparently fastidious approach to every pixel. Another quality is that these applications often had limited features, but were so much fun to use that it was possible to overlook their restrictions.

I do not need to relitigate the subsequent years of visual interfaces going too far, then being reeled in, and then settling in an odd middle ground where I am now staring at an application window with monochrome line-based toolbar icons, deadpan typography, and glassy textures, throwing a heavy drop shadow. None of the specifics matter much. All I care about is how these things feel to look at and to use, something which can be achieved regardless of how attached you are to complex illustrations or simple line work. Like many people, I spend hours a day staring at pixels. Which parts of that are making my heart as happy as my brain? Which mundane tasks are made joyful?

This is not solely a question of software; it has relevance in our physical environment, too, especially as seemingly every little thing in our world is becoming a computer. But it can start with pixels on a screen. We can draw anything on them; why not draw something with feeling? I am not sure we achieve that through strict adherence to perfection in design systems and structures.

I am reluctant to place too much trust in my incomplete understanding of a foreign-to-me concept rooted in another country’s very particular culture, but perhaps the sabi is speaking loudest to me. Our digital interfaces never achieve a patina; in fact, the opposite is more often true: updates seem to erase the passage of time. It is all perpetually new. Is it any wonder so many of us ache for things which seem to freeze the passage of time in a slightly hazier form?

I am not sure how anyone would go about making software feel broken-in, like a well-worn pair of jeans or a lounge chair. Perhaps that is an unattainable goal for something on a screen; perhaps we never really get comfortable with even our most favourite applications. I hope not. It would be a shame if we lose that quality as software eats our world.

Barry Schwartz, Search Engine Roundtable:

Google launched a new feature in the Google App for iOS named Page Annotation. When you are browsing a web page in the Google App native browser, Google can “extract interesting entities from the webpage and highlight them in line.” When you click on them, Google takes you to more search results.

This was announced nearly two weeks ago in a subtle forum post. If there was a press release, I cannot find it. It was only picked up by the press thanks to Schwartz’s November 21 article, but those stories were not published until just before the U.S. Thanksgiving long weekend, so this news was basically buried.

Google is now injecting “Page Annotations”, which are kind of like Skimlinks but with search results. The results from a tapped Page Annotation are loaded in a floating temporary sheet, so it is not like users are fully whisked away — but that is almost worse. In the illustration from Google, a person is apparently viewing a list of Japanese castles, into which Google has inserted a link on “Osaka Castle”. Tapping on an injected link will show Google’s standard search results, which are front-loaded with details about how to contact the castle, buy tickets, and see a map. All of those things would be done better in a view that cannot be accidentally swiped away.

Maybe, you are thinking, it would be helpful to easily trigger a search from some selected text, and that is fair. But the Google app already displays a toolbar with a search button when you highlight any text in this app.

Owners of web properties are only able to opt out by completing a Google Form, but you must be signed into the same Google account you use for Search Console. Also, if a property is accessible at multiple URLs — for example, http and https, or www and non-prefixed — you must include each variation separately.

For Google to believe it has the right to inject itself into third-party websites is pure arrogance, yet it is nothing new for the company. It has long approached the web as its own platform over which it has control and ownership. It overlays dialogs without permission; it invented a proprietary fork of HTML and it pushed its adoption for years. It can only do these things because it has control over how people use the web.

⌥ Permalink

From the official Bluesky account:

With this release, you can now display replies by “hotness,” which weights liked replies that are more recent more heavily.

I believe this replaced the past reply sorting of oldest to newest. People seem worried this can be gamed, but there is good news: you can just change it. There are options for oldest replies, newest replies, most-liked, and one that is completely randomized. Also, you can still set it to prioritize people you follow.

Imagine that: options for viewing social media that give control back to users. Threads is experimenting, but Meta still fundamentally distrusts users to make decisions like these.

⌥ Permalink

Adam Satarino, New York Times:

But as Ms. [Margrethe] Vestager closes out her era in Brussels, regulating the tech industry has become more mainstream around the world. Thanks to her, Europe is now widely seen as the pioneer of the toughest laws against tech. U.S. regulators have in recent years followed Europe by bringing antitrust lawsuits against Google, Apple, Meta and Amazon. Regulators in South Korea, Australia, Brazil, Canada and elsewhere are also taking on the tech giants.

Vestager’s term has been defined by patience. Owing to both the rapid growth in size and complexity of technology firms, and tedious legal processes, these cases have taken considerable time. Some of the earliest cases Vestager brought have just been settled. It is still too early to tell whether the many changes resulting from these cases will have a radical effect on the technology landscape.

However, as Satarino writes, her approach has been influential worldwide. The technology in seemingly every country outside authoritarian states like China and Russia has been under the thumb of big companies most often based in the United States. Sometimes, those products and services clash with local expectations and values, or consume business viability. Not all of these corporations got where they are by illegitimate means, or are unanimously behaving in illegally anticompetitive ways. But it is sensible to investigate and become a correcting force.

For too long, regulators were too hesitant to question tech companies. These businesses were perpetually too new and too complicated. Vestager broke the dam.

⌥ Permalink

Competition Bureau Canada:

The Competition Bureau is taking legal action against Google for anti-competitive conduct in online advertising technology services in Canada. Following a thorough investigation, the Bureau has filed an application with the Competition Tribunal that seeks to remedy the conduct for the benefit of Canadians.

This has become a familiar announcement: a consumer protection agency, somewhere in the world, is questioning whether a giant technology conglomerate has abused its power. A dam has burst.

⌥ Permalink

Leah Nylen, Josh Sisco, and Dina Bass, Bloomberg:

The US Federal Trade Commission has opened an antitrust investigation of Microsoft Corp., drilling into everything from the company’s cloud computing and software licensing businesses to cybersecurity offerings and artificial intelligence products.

Seems like a lot of people who thought Microsoft would escape antitrust investigations in the U.S. might have been a little too eager.

This kind of scrutiny is a good thing, and long overdue. Yet one of the unavoidable problems of reducing the influence of these giant corporations now is the pain it is going to cause — almost by definition. If a corporation is abusing its power and scale to such a degree the FTC initiates an investigation, unwinding that will have — to put it mildly — an effect. We are seeing this in the Google case. This is true for any situation where a business or a group of people with too much influence needs correcting. That does not mean it should not happen.

It is true that Microsoft’s products and services are the backbone of businesses and governments the world over. These are delivered through tight integrations, all of which encourages further fealty to this singular solution. For example, it used its dominant position with Office 365 to distribute Teams for free, thereby making it even harder for other businesses to compete. It then leveraged Outlook and Teams to boost its web browser, after doing the same with Windows. If it charged for Teams out of the gate, this would be having a different discussion.

Obviously, the FTC’s concerns with Microsoft’s business practices stretch well beyond bundling Teams. According to this Bloomberg report, the Commission is interested in cloud and identity tying, too. On the one hand, it is enormously useful to businesses to have a suite of products with a single point of management and shared credentials. On the other hand, it is a monolithic system that is a non-starter for potential competitors.

The government is understandably worried about the security and stability risks of global dependence on Microsoft, too, but this is odd:

The CrowdStrike crash that affected millions of devices operating on Microsoft Windows systems earlier this year was itself a testament to the widespread use of the company’s products and how it directly affects the global economy.

This might just be Bloomberg’s contextualizing more than it is relevant to the government’s position. But, still, it seems wrong to me to isolate Windows as the problem instead of Crowdstrike itself, especially with better examples to be found in the SolarWinds breach and its track record with first-party security.

⌥ Permalink

Ronan Farrow, the New Yorker:

Decisions by the White House and by Republican lawmakers about spyware will have implications across a variety of policy areas that Trump and his associates are upending and that reach far beyond Washington. In recent years, an array of states, including Texas, Florida, and California have reportedly purchased spyware and other surveillance technologies; legislators and regulators will dictate whether that trend continues. Since the fall of Roe v. Wade, at least two states have already used private personal data to prosecute people for getting abortions. That practice could expand with more widespread and affordable access to this technology.

This article appears to have been timed to coincide with the release of a new documentary on HBO, showing Farrow reporting out stories on NSO Group and other commercial spyware makers. It is not the most substantive piece and I think that plus the headline — “The Technology the Trump Administration Could Use to Hack Your Phone” — is more distracting than it is illuminating. U.S. administrations have, since George W. Bush, used terrorism as a means of hand-waving away civil liberties protections, including domestic spying. Barack Obama’s administration famously killed U.S. citizens without trial, an action which remains shocking to me to this day regardless of who carried it out. In his first administration, Donald Trump compromised the legitimacy of all manner of domestic and foreign politics.

So, to the question of whether the U.S. would begin using fancy spyware on citizens’ phones under any administration, the answer seems more like a question of when and not if. It is just one more tool of a long series of violations. The next Trump administration seems unlikely to be more restrained than the first but, when this happens, I bet it becomes part of the churn-and-burn media cycle. It will barely register except to those who already find this sort of stuff disturbing.

By the way, the documentary itself is fine. It is only about an hour long and is mostly a behind-the-scenes look at the reporting. I am not sure that there is anything new-for-2024 within. Farrow’s New Yorker articles about the subject are far more illuminating.

⌥ Permalink

Michael Kan, PC Magazine:

Mozilla points to a key but less eye-catching proposal from the DOJ to regulate Google’s search business, which a judge ruled as a monopoly in August. In their recommendations, federal prosecutors urged the court to ban Google from offering “something of value” to third-party companies to make Google the default search engine over their software or devices. 

“The proposed remedies are designed to end Google’s unlawful practices and open up the market for rivals and new entrants to emerge,” the DOJ told the court. The problem is that Mozilla earns most of its revenue from royalty deals — nearly 86% in 2022 — making Google the default Firefox browser search engine.

This is probably another reason why U.S. prosecutors want to jettison Chrome from Google: they want to reduce any benefit it may accrue from trying to fix its illegal search monopoly. But it seems Google’s position in the industry is so entrenched that correcting it will hurt lots of other businesses, too. That does not mean it should not be broken up or that the DOJ’s proposed remedies are wrong, however.

⌥ Permalink

X on Wednesday announced a new set of terms, something which is normally a boring and staid affair. But these are a doozy:

Here’s a high-level recap of the primary changes that go into effect on November 15, 2024. You may see an in-app notice about these updates as well.

• Governing law and forum changes: For users residing outside of the European Union, EFTA States, and the United Kingdom, we’ve updated the governing law and forum for lawsuits to Texas as specified in our terms. […]

Specifically, X says “disputes […] will be brought exclusively in the U.S. District Court for the Northern District of Texas or state courts located in Tarrant County, Texas, United States”. X’s legal address is on a plot of land shared with SpaceX and the Boring Company near Bastrop, which is in the Western District. This particular venue is notable as the federal judge handling current X litigation in the Northern District owns Tesla stock and has not recused himself in X’s suit against Media Matters, despite stepping aside on a similar case because of a much smaller investment in Unilever. The judge, Reed O’Connor, is a real piece of work from the Federalist Society who issues reliably conservative decisions and does not want that power undermined.

An investment in Tesla does not necessarily mean a conflict of interest with X, an ostensibly unrelated company — except it kind of does, right? This is the kind of thing the European Commission is trying to figure out: are all of these different businesses actually related because they share the same uniquely outspoken and influential figurehead? Musk occupies such a particularly central role in all these businesses and it is hard to disentangle him from their place in our society. O’Connor is not the only judge in the district, but it is notable the company is directing legal action to that venue.

But X is only too happy to sue you in any court of its choosing.

Another of the X terms updates:

• AI and machine learning clarifications: We’ve added language to our Privacy Policy to clarify how we may use the information you share to train artificial intelligence models, generative or otherwise.

This is rude. It is a “clarifi[cation]” described in vague terms, and what it means is that users will no longer be able to opt out of their data being used to train Grok or any other artificial intelligence product. This appears to also include images and video, posts in private accounts and, if I am reading this right, direct messages.

Notably, Grok is developed by xAI, which is a completely separate company from X. See above for how Musk’s companies all seem to bleed together.

• Updates to reflect how our products and services work: We’ve incorporated updates to better reflect how our existing and upcoming products, features, and services work.

I do not know what this means. There are few product-specific changes between the old and new agreements. There are lots — lots — of new ways X wants to say it is not responsible for anything at all. There is a whole chunk which effectively replicates the protections of Section 230 of the CDA, you now need written permission from X to transfer your account to someone else, and X now spells out its estimated damages from automated traffic: $15,000 USD per million posts every 24 hours.

Oh, yeah, and X is making block work worse:

If your posts are set to public, accounts you have blocked will be able to view them, but they will not be able to engage (like, reply, repost, etc.).

The block button is one of the most effective ways to improve one’s social media experience. From removing from your orbit people who you never want to hear from for even mundane reasons, to reducing the ability for someone to stalk or harass, its expected action is vital. This sucks. I bet the main reason this change was made is because Musk is blocked by a lot of people.

All of these changes seem designed to get rid of any remaining user who is not a true believer. Which brings us to today.

Sarah Perez, TechCrunch:

Social networking startup Bluesky, which just reported a gain of half a million users over the past day, has now soared into the top five apps on the U.S. App Store and has become the No. 2 app in the Social Networking category, up from No. 181 a week ago, according to data from app intelligence firm Appfigures. The growth is entirely organic, we understand, as Appfigures confirmed the company is not running any App Store Search Ads.

As of writing, Bluesky is the fifth most popular free app in the Canadian iOS App Store, and the second most popular free app in the Social Networking category. Threads is the second most popular free app, and the most popular in the Social Networking category.

X is number 74 on the top free apps list. It remains classified as “News” in the App Store because it, like Twitter, has always compared poorly against other social media apps.

⌥ Permalink

Gian Volpicelli and Samuel Stolton, Bloomberg:

Under the EU’s Digital Services Act, the bloc can slap online platforms with fines of as much as 6% of their yearly global revenue for failing to tackle illegal content and disinformation or follow transparency rules. Regulators are considering whether sales from SpaceX, Neuralink, xAI and the Boring Company, in addition to revenue generated from the social network, should be included to determine potential fines against X, people familiar with the matter said, asking not to be identified because the information isn’t public.

These are all businesses privately owned by Elon Musk; Tesla, as a publicly traded company, is reportedly not being factored into the calculation. According to a Bloomberg source, the Commission is trying to decide if they should be penalizing the owner of the business and not the business itself.

Matt Levine, in Bloomberg’s Money Stuff newsletter:

See, you’re not really supposed to do that: X is its own company, with its own corporate structure and owners; 6% of X’s revenue is 6% of X’s revenue, not 6% of the revenue of Musk’s other companies. But if everyone thinks of the Musk Mars Conglomerate as a single company, then there’s a risk that it will be treated that way.

I can see how the penalty formula should not be stymied by carefully structured corporations. There should be a way to fine businesses breaking the law, even if their ownership is obfuscated.

But that is not what is happening here. As reported, this seems like an overreach to me. Even though Musk himself disregards barriers between his companies, as Levine also documents, a penalty for the allegedly illegal behaviour of X should probably be levied only against X.

⌥ Permalink

Dominic Wellington responded thoughtfully to speculation, including my own that a device management key for suppressing screen recording alerts in MacOS Sequoia was added in part because of employee monitoring software:

[…] I know perfectly well that these sorts of tools exist and are deployed by companies, but I suspect they are more prevalent in the sorts of lower-paid jobs that don’t rate fancy expensive Macs. This is why I don’t think employee surveillance (or test proctoring, which is Nick Heer’s other example) can be sufficient explanation for Apple walking back the frequency of this notification. Meanwhile, Zoom et al are near-universal on corporate Macs, and are going to be correspondingly closer to top of mind for administrators of Mac fleets.

This is a fair and considered response, and I think Wellington is right. Even though screen recording capabilities are widespread in employee surveillance products, I do not know that they are very popular. I oversold the likelihood of this being a reflection of that software.

⌥ Permalink

Joe Rossignol, MacRumors:

Apple sells two external displays, including the Pro Display XDR and the Studio Display, but neither has received hardware upgrades in years. In fact, the Pro Display XDR is nearly five years old, having been released all the way back in December 2019.

Via Michael Tsai:

This is not surprising, since Apple has historically taken a long time to update its displays. I don’t think the panels necessarily need to be updated. But it’s disappointing because the Studio Display has well documented camera problems and power issues. I had high hopes that, coming from Apple, it would be reliable as a USB hub, but I end up directly connecting as many storage devices as possible to the meager ports on my MacBook Pro.

Displays are a product category conducive to infrequent updates. The plentiful problems I have been reading with the Studio Display, in particular, worry me. Most sound like software problems, but that is not consolation. Apple’s software quality has been insufficiently great for years and, so, it does not surprise me that a display running iOS is not as reliable as a display that does not use an entire mobile operating system.

⌥ Permalink

Charlie Warzel, the Atlantic:

Even in a decade marred by online grifters, shameless politicians, and an alternative right-wing-media complex pushing anti-science fringe theories, the events of the past few weeks stand out for their depravity and nihilism. As two catastrophic storms upended American cities, a patchwork network of influencers and fake-news peddlers have done their best to sow distrust, stoke resentment, and interfere with relief efforts. But this is more than just a misinformation crisis. To watch as real information is overwhelmed by crank theories and public servants battle death threats is to confront two alarming facts: first, that a durable ecosystem exists to ensconce citizens in an alternate reality, and second, that the people consuming and amplifying those lies are not helpless dupes but willing participants.

On one of the bonus episodes of “If Books Could Kill”, the hosts discuss Harry Frankfurt’s “On Bullshit” which, after they re-read it, disappointed them. They thought the idea was interesting but were frustrated by the lack of examples and, in trying to find examples of their own, found it difficult to find those which were only bullshit and not lies.

I feel as though they missed the most obvious family of examples: all conspiracy theories necessarily become bullshit, if they did not already begin that way. Consider how the theories cited by Warzel begin with a nugget of truth, from which a theory is extrapolated to serve a narrative role — against (typically) Democratic Party politicians, against Jewish people, against scientific understanding, in favour of a grand unifying order that purportedly explains everything. The absence of evidence for a conspiracy theory is, itself, evidence to believers. All of this is steeped in bullshit. Believers in these things do not care to find understanding in known facts; rather, they perceive the world through this lens and bullshit until it all fits.

This story by Warzel documents that trajectory with perfect pitch. It is now politically incorrect in many circles to have beliefs that align with those of experts in their fields. Regardless of what is being discussed, the only safe speech is aggrieved bullshit. In a disaster, however, such speech can be dangerous if people believe it.

⌥ Permalink

Apple in the release notes for MacOS 15.1 beta:

Applications using our deprecated content capture technologies now have enhanced user awareness policies. Users will see fewer dialogs if they regularly use apps in which they have already acknowledged and accepted the risks.

John Gruber:

Why in the world didn’t Apple take regular use of a screen-recording app into account all along?

Benjamin Brooks:

I think this is the question you ask when you have not used a Corporate Mac in the last 4-5 years. For those who are, you know that companies install applications which take screenshots and screen recordings of certain or all activities being done on the Mac. You know, for security.

When users began noticing the screen recording permissions prompt over the summer, I remember lots of people speculating Apple added it because of possible spyware or domestic violence behaviour. That is a plausible explanation.

But Brooks’ keen observation is something I, in hindsight, should have also considered, and I am kicking myself for forgetting about the possibility. I now remember linking to things like employee surveillance software and online test proctoring — applications which monitor users’ screens effectively by force, something one will agree to unless they want to change jobs or not complete an exam. I believe this is supported by — and casts a new light upon — a device management key available to system administrators for suppressing those permissions prompts.

⌥ Permalink

I am not much of a true crime podcast listener, but the first three episodes of “Kill List” — Overcast link — have transfixed me.

Jamie Bartlett:

Besa Mafia was a dark net site offering hitmen for hire. It worked something like this: a user could connect to the site using the Tor browser and request a hit. They’d send over some bitcoin (prices started from $5,000 USD for ‘death by shotgun’). Then they’d upload the name, address, photographs, of who they wanted killed. Plus any extra requests: make it look like a bungled robbery; need it done next week, etc. The website owner, a mysterious Romanian called ‘Yura’ would then connect them with a specialist hitman to carry out the commission.

[…]

In the end, Carl investigated one hundred and seventy five kill requests. Each one a wannabe murderer. Each one a potential victim — who Carl often phones and break the crazy news. “The hardest calls I’ve ever made” Carl tells me. “How do you explain that someone wants you dead?!” (Carl would be indirect, gentle. He tried to make sure the victim felt in control. But often they hung up. “They didn’t believe me. They thought I was a scammer”).

I am not sure I agree with Bartlett’s conclusion — “more and more complex crimes will be solved by podcast journalists” is only true to the extent any crime is “solved” by any journalist — but it does appear this particular podcast has had quite the impact already. What a fascinating and dark story this is.

⌥ Permalink

A bit of background, for those not steeped in the world of WordPress development: there exists a plugin called Advanced Custom Fields (ACF) which allows developers to create near-endless customization options for end clients in the standard page and post editor. It is hard to explain in a single paragraph — the WordPress.com guide is a good overview — but its utility is so singular as to be an essential component for many WordPress developers.

ACF was created by Elliot Condon who, in 2021, sold it to Delicious Brains. At this point, it was used on millions of websites, a few of which I built. I consider it near-irreplaceable for some specific and tricky development tasks. A year later, the entire Delicious Brains plugin catalogue was sold to WPEngine.

Matt Mullenweg:

On behalf of the WordPress security team, I am announcing that we are invoking point 18 of the plugin directory guidelines and are forking Advanced Custom Fields (ACF) into a new plugin, Secure Custom Fields. SCF has been updated to remove commercial upsells and fix a security problem.

[…]

Similar situations have happened before, but not at this scale. This is a rare and unusual situation brought on by WP Engine’s legal attacks, we do not anticipate this happening for other plugins.

This is an awfully casual way of announcing WordPress is hijacking one of the most popular third-party plugins in the directory. Mullenweg cites policy for doing so — WordPress can “make changes to a plugin, without developer consent, in the interest of public safety” — but the latter paragraph I quoted above makes clear the actual motive here. The “security problem” triggering this extraordinary action is a real but modest change to expand a patch from a previous update. But WordPress has removed the ability for WPEngine to make money off its own plugin — and if users have automatic plugin updates turned on, their ACF installation will be overwritten with WordPress’ unauthorized copy.

Iain Poulson, of ACF:

The change to our published distribution, and under our ‘slug’ which uniquely identifies the ACF plugin and code that our users trust in the WordPress.org plugin repository, is inconsistent with open source values and principles. The change made by Mullenweg is maliciously being used to update millions of existing installations of ACF with code that is unapproved and untrusted by the Advanced Custom Fields team.

It is nearly impossible to get me to feel sympathetic for anything touched by private equity, but Mullenweg has done just that. He really is burning all goodwill for reasons I cannot quite understand. I do understand the message he is sending, though: Mullenweg is prepared to use the web’s most popular CMS and any third-party contributions as his personal weapon. Your carefully developed plugin is not safe in the WordPress ecosystem if you dare cross him or Automattic.

⌥ Permalink

CBC News:

All Calgary Public Library locations closed early on Friday after a cybersecurity breach compromised some systems, according to a spokesperson.

All locations were shut down as of 5 p.m.

Between this and the Internet Archive, criminals are picking terrible targets this week. I am not saying there are acceptable attacks, but these ones are particularly cruel.

⌥ Permalink

I have been trying to stay informed of the hostile relationship between WordPress, Automattic, and Matt Mullenweg, and third-party hosting company WPEngine. Aram Zucker-Scharff put together a helpful and massive set of links to news coverage. Michael Tsai has a good collection of links, too, and Emma Roth and Samantha Cole have published notable articles.

From a distance, it looks like an expensive pissing match between a bunch of increasingly unlikable parties, and I would very much appreciate if it never affects my self-hosted version of WordPress. Maybe it is a little confusing that WPEngine is not affiliated with WordPress, but I only learned this week that WordPress.org is personally owned by Mullenweg and is not actually affiliated with Automattic or WordPress.com. From Mullenweg’s perspective, this confusion is beneficial, but the confusion with WPEngine is not. From my perspective, I would not like to be confused.

Also, if Mullenweg is mad about WPEngine — and Silver Lake, its private equity owner — benefitting from the open source nature of WordPress without what he feels is adequate compensation, I am not sure he has a leg to stand on. It does not sound like WPEngine is doing anything illegal. It is perhaps rude or immoral to build a private business named after and on the back of an open source project without significantly contributing, but surely that is the risk of developing software with that license. I am probably missing something here.

⌥ Permalink

Well, add XOXO to the list of conferences I was never able to attend. The final edition occurred this year and it looked pretty special.

Happily, if you — as I — were unable to attend in person, Andy Baio has begun uploading videos of this year’s talks. I have watched those from Cabel Sasser, Dan Olson, Molly White, and Sarah Jeong. These are all worth your time — and so are, I am sure, the ones I have not yet seen.

Update: Be sure to watch Sasser’s talk before exploring an amazing archive he is assembling. Seriously — watch first, then click.

⌥ Permalink

Jonathan M. Gitlin, Ars Technica:

Last night, after a wait of roughly an hour after the official start time, Elon Musk spoke to a crowd of Tesla fans and some journalists on a film studio backlot in California to give us an update on the company’s much-talked-about pivot to robotics. […]

[…]

After promising that “unsupervised FSD” is coming to all of Tesla’s five models — “now’s not the time for nuance,” Musk told a fan — he showed off a driverless minibus and then a horde of humanoid robots, which apparently leverage the same technology that Tesla says will be ready for autonomous driving with no supervision. These robots — “your own personal R2-D2,” he said — will apparently cost less than “$30,000” “long-term,” Musk claimed, adding that these would be the biggest product of all time, as all 8 billion people on earth would want one, then two, he predicted.

These announcements are almost certainly bullshit, and correctly contextualized by Gitlin. Mix the axiom “what can be asserted without evidence can also be dismissed without evidence” with the boy who cried “wolf!”, and the result is this media event — and that is without factoring in the usual Tesla sloppiness. These are three brand new products, all of which are purportedly future-defining, rambled about in the span of about thirty minutes on a random Thursday in October. Nothing is finished. Musk called two of the products “Cybercab” and “Optimus Robots”, but the company’s website refers to them as “Robotaxi” and “Tesla Bot”. Everything is hypothetical until proven otherwise.

The robot is particularly galling. The automotive industry has a long history of building humanoid robots: Honda’s ASIMO, Toyota’s Partner series, and General Motors’ work on NASA’s Robonaut 2. Some of these perform more specialized tasks. All of them have been around for a while. None of them are in widespread use. Tesla’s should be treated as an elaborate fiction until anyone outside the company can confirm even the most fundamental qualities it is claimed to possess.

Oh, and speaking of claims on the website, I want to address this:

To create a sustainable future, we must democratize transportation. We do this by making driving more efficient, affordable and safe. Autonomy makes this future possible, today.

Musk — for the featherweight of his words — said the Robotaxi would cost “less than $30,000” and be available “before 2027” — that is, to be clear, not “today”. If this thing ever ships, it will still require car-like infrastructure and ample space, even though it carries only two people.

Public transit, which is available today, is the very definition of democratized transportation, especially if it has been carefully considered for the needs of people with disabilities. It is inexpensive for end users, requires less space per person than any car, and has a beneficial feedback loop of safety and usage. I am not arguing the two cannot coexist; perhaps some of this stuff makes sense in low-density sprawl. But I have little confidence the future will look like Musk’s vision, or that Tesla will be delivering it. Why would anyone still believe this too-rich carnival barker who lies all the time?

⌥ Permalink

Want to experience twice as fast load times in Safari on your iPhone, iPad and Mac?

Then download Magic Lasso Adblock — the ad blocker designed for you.

As an efficient, high performance, and native Safari ad blocker, Magic Lasso blocks all intrusive ads, trackers, and annoyances – delivering a faster, cleaner, and more secure web browsing experience.

By cutting down on ads and trackers, common news websites load 2× faster and browsing uses less data while saving energy and battery life.

Rely on Magic Lasso Adblock to:

• Improve your privacy and security by removing ad trackers

• Block all YouTube ads, including pre-roll video ads

• Block annoying cookie notices and privacy prompts

• Double battery life during heavy web browsing

• Lower data usage when on the go

With over 5,000 five star reviews; it’s simply the best ad blocker for your iPhone, iPad. and Mac.

And unlike some other ad blockers, Magic Lasso Adblock respects your privacy, doesn’t accept payment from advertisers, and is 100% supported by its community of users.

So, join over 350,000 users and download Magic Lasso Adblock today.

⌥ Permalink

Apple is a famously tight-knit business. Its press releases and media conferences routinely drum the integration of hardware, software, and services as something only Apple is capable of doing. So it sticks out when features feel like they were developed by people who do not know what another part of the company is doing. This happened to me twice in the past week.

Several years ago, Apple added a very nice quality-of-life improvement to the Mac operating system: software installers began offering to delete themselves after they had done their job. This was a good idea.

In the ensuing years, Apple made some other changes to MacOS in an effort to — it says — improve privacy and security. One of the new rules it imposed was requiring the user to grant apps specific permission to access certain folders; another was a requirement to allow one app to modify or delete another.

And, so, when I installed an application earlier this month, I was shown an out-of-context dialog at the end of the process asking for access to my Downloads folder. I granted it. Then I got a notification that the Installer app was blocked from modifying or deleting another file. To change it, I had to open System Settings, toggle the switch, enter my password, and then I was prompted to restart the Installer application — but it seemed to delete itself just fine without my doing so.

This is a built-in feature, triggered by where the installer has been downloaded, using an Apple-provided installation packaging system.¹ But it is stymied by a different set of system rules and unexpected permissions requests.

---

Another oddity is in Apple’s two-factor authentication system. Because Apple controls so much about its platforms, authentication codes are delivered through a system prompt on trusted devices. Preceding the code is a notification informing the user their “Apple Account is being used to sign in”, and it includes a map of where that is.

This map is geolocated based on the device’s IP address, which can be inaccurate for many reasons — something Apple discloses in its documentation:

This location is based on the new device’s IP address and might reflect the network that it’s connected to, rather than the exact physical location. If you know that you’re the person trying to sign in but don’t recognize the location, you can still tap Allow and view the verification code.

It turns out one of the reasons the network might think you are located somewhere other than where you are is because you may be using iCloud Private Relay. Even if you have set it to “maintain general location”, it can sometimes be incredibly inaccurate. I was alarmed to see a recent attempt from Toronto when I was trying to sign into iCloud at home in Calgary — a difference of over 3,000 kilometres.

The map gives me an impression of precision and security. But if it is made less accurate in part because of a feature Apple created and markets, it is misleading and — at times — a cause of momentary anxiety.

What is more, Safari supports automatically filling authentication codes delivered by text message. Apple’s own codes, though, cannot be automatically filled.

---

These are small things — barely worth the bug report. They also show how features introduced one year are subverted by those added later, almost like nobody is keeping track of all of the different capabilities in Apple’s platforms. I am sure there are more examples; these are just the ones which happened in the past week, and which I have been thinking about. They expose little cracks in what is supposed to be a tight, coherent package of software.

Speaking of the Internet Archive, Matt Sephton, in August, posted about the surprise loss of his account there:

Recently at Internet Archive a “glitch” (their choice of word) deleted a great many accounts, including my account that had been at archive.org/details/@gingerbeardman since 2015.

I had meant to post this nearer to when it happened but, like others, my requests for comment went unanswered, even when sent directly to an organization representative instead of a generic media inbox. Parts of Sephton’s account were thankfully restored, but only after this post was sent to Hacker News.

I find the Internet Archive’s utility unparalleled. I find some of its recent behaviour frustrating.

⌥ Permalink

Brendan Jones:

The rise of Mastodon has made me so much more aware of government services requiring us to use private companies’ systems to communicate with them and access services.

Sitting on a Dutch train just now I was shown on a screen “feeling unsafe in the train? Contact us via WhatsApp”.

Jones says the railway operator’s website also contains SMS reporting instructions, but that was not shown on the train itself.

One of the side effects of the decline of née Twitter is in the splintering of its de facto customer support and alert capabilities. Plenty of organizations still use it that way. But it should only be one option. Apps like WhatsApp should not be the preferred contact method, either. Private companies’ contact methods should be available, sure — meet people where they are — but a standard method should always be as easily available.

⌥ Permalink

Jason Scott:

Someone is DDOSing the internet archive, so we’ve been down for hours. According to their twitter, they’re doing it just to do it. Just because they can. No statement, no idea, no demands.

An X account claiming responsibility says it is a politically motivated attack. If that is true, it is an awfully stupid rationale and a poor choice of target.

Wes Davis, the Verge:

Here’s what the popup said:

“Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!”

HIBP refers to Have I Been Pwned?, a website where people can look up whether or not their information has been published in data leaked from cyber attacks. It’s unclear what is happening with the site, but attacks on services like TweetDeck have exploited XSS or cross-site scripting vulnerabilities with similar effects.

I have no idea if this group actually obtained any Internet Archive user data. The site has only a placeholder page directing visitors to its X account for status updates, but I see nothing there or on Brewster Kahle’s personal one.

Update: Three minutes after publishing this post, I received an alert from Have I Been Pwned that my Internet Archive account was one of over 31 million total which had been exposed. Troy Hunt, who runs HIBP, and Lawrence Abrams of Bleeping Computer both tried contacting the Internet Archive with no response.

⌥ Permalink

Sarah Krouse, Dustin Volz, Aruna Viswanatha, and Robert McMillan, Wall Street Journal (probably paywalled; sorry):

A cyberattack tied to the Chinese government penetrated the networks of a swath of U.S. broadband providers, potentially accessing information from systems the federal government uses for court-authorized network wiretapping requests.

For months or longer, the hackers might have held access to network infrastructure used to cooperate with lawful U.S. requests for communications data, according to people familiar with the matter, which amounts to a major national security risk. The attackers also had access to other tranches of more generic internet traffic, they said.

Zack Whittaker, TechCrunch:

The 30-year-old law that set the stage for recent backdoor abuse is the Communications Assistance for Law Enforcement Act, or CALEA, which became law in 1994 at a time when cell phones were a rarity and the internet was still in its infancy.

CALEA requires that any “communications provider,” such as a phone company or internet provider, must provide the government all necessary assistance to access a customer’s information when presented with a lawful order. In other words, if there is a means to access a customer’s data, the phone companies and internet providers must provide it.

Bruce Schneier:

For years, the security community has pushed back against these backdoors, pointing out that the technical capability cannot differentiate between good guys and bad guys. And here is one more example of a backdoor access mechanism being targeted by the “wrong” eavesdroppers.

Riana Pfefferkorn:

It is not the ‘90s anymore, when CALEA got enacted, the law requiring telecom wiretappability for law enforcement. China and Russia and DPRK are formidable cyber foes now. DOJ, FBI, etc. want to change CALEA so that encrypted apps like Signal or WhatsApp aren’t exempt from it anymore. But this hack shows that if anything, the law needs to change in the *other* direction. The hack needs to be a wake-up call to law enforcement that as long as they keep opposing encryption for communications, they’re enabling China to smack us in the face with our own hand while saying “stop hitting yourself!”

According to a 2016 paper from Public Safety Canada, “Australia, the U.S., the UK and many other European nations require CSPs [Communications Service Providers] to have an interception capability”; it also notes Canada does not. Such a requirement is understandable from an investigative perspective. But, as Pfefferkorn says, capabilities like these have been exploited before, and it will happen again. These are big targets and there are no safe backdoors.

That brings me — for the second time today — to the need for comprehensive privacy legislation basically everywhere but, in particular, in the United States, the hub of the world’s communications. Protecting private data would dramatically curtail this kind of access violation by removing backdoors, restrict one aspect of TikTok panic, and reduce the exploitation of our behavioural data by creepy ad tech businesses. It is not a panacea and I am sure there are worrisome side effects for law enforcement, but it would likely be more effective than tackling these problems on an individual basis.

⌥ Permalink

I have to say, it is quite an odd thing to be listening to a podcast and hear one’s own name. This recently happened to me on the latest episode of “Upgrade”. It feels like I am about to be called to the principal’s office or something. But I was not.

Myke Hurley and Jason Snell discussed an article I wrote about the more granular control available to users in iOS 18 when apps request access to their contacts. (My piece is a response to a New York Times story; Snell also linked to both with some commentary.) Their chat centres Apple’s scale and influence. Even little decisions the company makes are capable of transforming entire industries.

Hurley raises an apt comparison to App Tracking Transparency, which is exactly what I was thinking about when I wrote my piece. I am similarly unsympathetic to corporate empires built on illicitly obtained data. If you cannot make money when users are given a choice to consent, your business model probably sucks. But I do think it is concerning how powerful both of the major players were in the aftermath of that announcement: Meta, for hoarding behavioural data on billions of people; and Apple, for its ability to give users options.

I see parallels to Google’s power over the web. The near-uniform layout and structure of webpages is thanks to Google’s specific suggestions for improving the likelihood of ranking higher. The main difference is Google’s suggestions are sort of optional; if a website’s owner does not care much about search traffic, they can do whatever they want. The prompts on iOS, on the other hand, are baked into the system.

As Snell says, these apps “have to make the case” for granting permission. I do not think that is such a bad thing, and I am amenable to their suggestion of Apple’s built-in apps being placed on a level playing field. I think a lot of this would be more predictable if privacy laws were stronger. A basic level of privacy protections should not be a competitive advantage, nor should users be required to navigate either unceasing permissions dialogs or terms of service agreements to understand the myriad ways their personal information is being exploited — because their personal information should not be exploited.

⌥ Permalink

Karl Bode, Techdirt:

Scientists say that low earth orbit (LEO) satellite constellations being built by Amazon, Starlink, and AT&T pose a dire threat to astronomy and scientific research, and that too little is being done to address the issue.

There are costs to suddenly widespread satellite connectivity. Apple’s partner in its offering, Globalstar, operates a constellation of satellites which would similarly be concerning to scientists.

It is a tricky balance. Adding redundant communications layers in our everyday devices can be useful and is, plausibly, of lifesaving consequence. Yet it also means the sky is littered with fields of objects which interfere with ground-based instruments. The needs of scientists might seem more abstract and less dire than, say, people seeking help in a natural disaster — I understand that. But I am not certain we will be proud of ourselves fifty years from now if we realize astronomical research has been severely curtailed because a bunch of private companies decided to compete in our shared sky. There is surely a balance to be struck.

⌥ Permalink

Speaking of podcasts, Michael Hobbes dove into Jonathan Haidt’s “The Anxious Generation” — previously mentioned — for his “If Books Could Kill” podcast. At two hours, it is the longest single episode they have done, but it is worth it for Hobbes’ careful exploration. There is some profanity.

⌥ Permalink

I enjoyed this appearance by Jony Ive on the “Live in Seven Songs” podcast. There are no revelations for anyone familiar with Ive’s life story, but it is a lovely conversation for anyone who enjoys listening to someone who is passionate about their life’s work.

⌥ Permalink

Natasha Lomas, TechCrunch:

One big change Apple announced Thursday is that developers who include link-outs in their apps will no longer need to accept the newer version of its business terms — which requires they commit to paying the Core Technology Fee (CTF) the EU is investigating.

In another notable revision of approach, Apple is giving developers more flexibility around how they can communicate external offers and the types of offers they can promote through their iOS apps. Apple said developers will be able to inform users about offers available anywhere, not only on their own websites — such as through other apps and app marketplaces.

These are good changes. Users will also be able to turn off the scary alerts when using external purchasing mechanisms. But there is a catch.

Juli Clover, MacRumors:

There are two fees that are associated with directing customers to purchase options outside of the App Store. A 5 percent initial acquisition fee is paid for all sales of digital goods and services that the customer makes on any platform that occur within a 12-month period after an initial install. The fee does not apply to transactions made by customers that had an initial install before the new link changes, but is applicable for new downloads.

Apple says that the initial acquisition fee reflects the value that the App Store provides when connecting developers with customers in the European Union.

The other new fee is a Store Services Fee of 7% or 20% assessed annually. Apple says it “reflects the ongoing services and capabilities that Apple provides developers”:

[…] including app distribution and management; App Review; App Store trust and safety; re-discovery, re-engagement and promotional tools and services; anti-fraud checks; recommendations; ratings and reviews; customer support; and more.

Contrary to its name, this fee does not apply solely to apps acquired through the App Store; rather, it is assessed against any digital purchase made on any platform. If an app is first downloaded on an iPhone and then, within a year, the user ultimately purchases a subscription in the Windows version of the same app, Apple believes it deserves 7–20% of the cost of that subscription in perpetuity, plus 5% for the first year’s instance. This seems to be the case no matter whether the iPhone version of that app is ever touched again.

I am not sure what business standards apply here and whether it is completely outlandish, but it sure feels that way. The App Store certainly helps with app discovery to some degree, and Apple does provide a lot of services whether developers want them or not. Yet this basically ties part of a developer’s entire revenue stream to Apple; the part is unknown but will be determined based on whichever customers used the iPhone version of an app first.

I think I have all this right based on news reports from those briefed by Apple and the new contract (PDF), but I might have messed something up. Please let me know if I got some detail wrong. This is all very confusing and, though I do not think that is deliberate, I think it struggles to translate its priorities into straightforward policy. None of these changes applies to external purchases in the U.S., for example. But what I wrote at the time applies here just the same: it is championing this bureaucracy because it believes it is entitled to a significant finder’s fee, regardless of its actual contribution to a customer’s purchase.

⌥ Permalink

Jason Snell, Six Colors:

Apple’s recent feature changes suggest a value system that’s wildly out of balance, preferring to warn (and control) users no matter how damaging it is to the overall user experience. Maybe the people in charge should be forced to sit down and watch that Apple ad that mocks Windows Vista. Vista’s security prompts existed for good reasons — but they were a user disaster. The Apple of that era knew it. I’d guess a lot of people inside today’s Apple know it, too — but they clearly are unable to win the arguments when it matters.

The first evidence of this relentless slog of permissions prompts occurred on iOS. Want to allow this app to use the camera? Tap allow. See your location? Tap allow. Access your contacts? Tap allow. Send you notifications? Tap allow. On and on it goes, sweeping up the Mac in this relentless offloading of responsibility onto users.

On some level, I get it. Our devices are all synced with one another, passing our identities and secret information between them constantly. We install new applications without thinking too much about what they could be doing in the background. We switch on automatic updates with similar indifference. (If you are somebody who does not do these things, please do not write. I know you are there; I respect you; you are one of few.)

But relentless user confirmation is not a good answer for privacy, security, or competition. It merely kicks the can down the road, and suggests users cannot be trusted, yet must bear all the responsibility for their choices.

⌥ Permalink

Kylie Robinson, of the Verge, obtained internal sales data from Humane. Not only is the A.I. Pin not selling super well, but many of them are being returned. That is a huge frustration, I imagine, for lots of people who worked on this product. Also, maybe it is simply an indicator it is not very good: for its own reasons, and also perhaps because it is hard to start a new platform, and maybe because integrating with established platforms is often a struggle.

That is what everyone is talking about. I wanted to highlight a different part of Robinson’s thorough report:

Once a Humane Pin is returned, the company has no way to refurbish it, sources with knowledge of the return process confirmed. The Pin becomes e-waste, and Humane doesn’t have the opportunity to reclaim the revenue by selling it again. The core issue is that there is a T-Mobile limitation that makes it impossible (for now) for Humane to reassign a Pin to a new user once it’s been assigned to someone. One source said they don’t believe Humane has disposed of the old Pins because “they’re still hopeful they can solve this problem eventually.” T-Mobile declined to comment and referred us to Humane.

It is inexcusable for a device to be launched in 2024 without considering the environmental effects of its disposal. Perhaps Humane can recover some of the hardware components for reuse or recycling — this is unclear to me — but for a product to be useful only to its original owner is terrible, even for its first generation.

⌥ Permalink

Alfonso Maruccia, TechSpot:

Its most recent financials show Mozilla gets $510 million out of its $593 million in total revenue from its Google partnership. This precarious financial position is a side effect of its deal with Alphabet, which made Google the search engine default for newer Firefox installations.

Jason Del Rey, Fortune:

Mozilla is putting on a brave face for now, and not directly addressing the existential threat that the ruling appears to pose.

“Mozilla has always championed competition and choice online, particularly in search,” a spokesperson said in a statement to Fortune on Monday. “We’re closely reviewing the court’s decision, considering its potential impact on Mozilla and how we can positively influence the next steps… Firefox continues to offer a range of search options, and we remain committed to serving our users’ preferences while fostering a competitive market.”

It is possible Mozilla will not be impacted by remedies to Google’s illegal monopoly, the details of which will begin to take shape next month. It seems possible Mozilla could be losing virtually all its revenue, thereby destabilizing the organization behind one of the few non-Chromium browsers and the best documentation of web technologies available anywhere.

Trying to untangle an illegal monopolist is necessarily difficult. This will be a long and painful process for everyone. The short-term resolutions might be ineffectual and irritating, and they may not change Google’s market position. But it is important to get on the record that Google has engaged in illegal conduct to protect its dominance, and so it will be subjected to new oversight and scrutiny. This exercise is worth it because there ought to be limits to market power and anticompetitive behaviour.

⌥ Permalink

Since owners of web properties became aware of the traffic-sending power of search engines — most often Google in most places — they have been in an increasingly uncomfortable relationship as search moves beyond ten relevant links on a page. Google does not need websites, per se; it needs the information they provide. Its business recommendations are powered in part by reviews on other websites. Answers to questions appear in snippets, sourced to other websites, without the user needing to click away.

Publishers and other website owners might consider this a bad deal. They feed Google all this information hoping someone will visit their website, but Google is adding features that make it less likely they will do so. Unless they were willing to risk losing all their Google search traffic, there was little a publisher could do. Individually, they needed Google more than Google needed them.

But that has not been quite as true for Reddit. Its discussions hold a uniquely large corpus of suggestions and information on specific topics and in hyper-local contexts, as well as a whole lot of trash. While the quality of Google’s results have been sliding, searchers discovered they could append “Reddit” to a query to find what they were looking for.

Google realized this and, earlier this year, signed a $60 million deal with Reddit allowing it to scrape the site to train its A.I. features. Part of that deal apparently involved indexing pages in search as, last month, Reddit restricted that capability to Google. That is: if you want to search Reddit, you can either use the site’s internal search engine, or you can use Google. Other search engines still display results created from before mid-July, according to 404 Media, but only Google is permitted to crawl anything newer.

It is unclear to me whether this is a deal only available to Google, or if it is open to any search engine that wants to pay. Even if it was intended to be exclusive, I have a feeling it might not be for much longer. But it seems like something Reddit would only care about doing with Google because other search engines basically do not matter in the United States or worldwide.¹ What amount of money do you think Microsoft would need to pay for Bing to be the sole permitted crawler of Reddit in exchange for traffic from its measly market share? I bet it is a lot more than $60 million.

Maybe that is one reason this agreement feels uncomfortable to me. Search engines are marketed as finding results across the entire web but, of course, that is not true: they most often obey rules declared in robots.txt files, but they also do not necessarily index everything they are able to, either. These are not explicit limitations. Yet it feels like it violates the premise of a search engine to say that it will be allowed to crawl and link to other webpages. The whole thing about the web is that the links are free. There is no guarantee the actual page will be freely accessible, but the link itself is not restricted. It is the central problem with link tax laws, and this pay-to-index scheme is similarly restrictive.

This is, of course, not the first time there has been tension in how a site balances search engine visibility and its own goals. Publishers have, for years, weighed their desire to be found by readers against login requirements and paywalls — guided by the overwhelming influence of Google.

Google used to require publishers provide free articles to be indexed by the search engine but, in 2017, it replaced that with a model that is more flexible for publishers. Instead of forcing a certain number of free page views, publishers are now able to provide Google with indexable data.

Then there are partnerships struck by search engines and third parties to obtain specific kinds of data. These were summarized well in the recent United States v. Google decision (PDF), and they are probably closest in spirit to this Reddit deal:

GSEs enter into data-sharing agreements with partners (usually specialized vertical providers) to obtain structured data for use in verticals. Tr. at 9148:2-5 (Holden) (“[W]e started to gather what we would call structured data, where you need to enter into relationships with partners to gather this data that’s not generally available on the web. It can’t be crawled.”). These agreements can take various forms. The GSE might offer traffic to the provider in exchange for information (i.e., data-for-traffic agreements), pay the provider revenue share, or simply compensate the provider for the information. Id. at 6181:7-18 (Barrett-Bowen).

As of 2020, Microsoft has partnered with more than 100 providers to obtain structured data, and those partners include information sources like Fandango, Glassdoor, IMDb, Pinterest, Spotify, and more. DX1305 at .004, 018–.028; accord Tr. at 6212:23–6215:10 (Barrett-Bowen) (agreeing that Microsoft partners with over 70 providers of travel and local information, including the biggest players in the space).

The government attorneys said Bing is required to pay for structured data owing to its smaller size, while Google is able to obtain structured data for free because it sends partners so much traffic. The judge ultimately rejected their argument Microsoft struggled to sign these agreements or it was impeded in doing so, but did not dispute the difference in negotiating power between the two companies.

Once more, for emphasis: Google usually gets structured data for free but, in this case, it agreed to pay $60 million; imagine how much it would cost Bing.

This agreement does feel pretty unique, though. It is hard for me to imagine many other websites with the kind of specific knowledge found aplenty on Reddit. It is a centralized version of the bulletin boards of the early 2000s for such a wide variety of interests and topics. It is such a vast user base that, while it cannot ignore Google referrals, it is not necessarily reliant on them in the same way as many other websites are.

Most other popular websites are insular social networks; Instagram and TikTok are not relying on Google referrals. Wikipedia would probably be the best comparison to Reddit in terms of the contribution it makes to the web — even greater, I think — but every article page I tried except the homepage is overwhelmingly dependent on external search engine traffic.

Meanwhile, pretty much everyone else still has to pay Google for visitors. They have to buy the ads sitting atop organic search results. They have to buy ads on maps, on shopping carousels, on videos. People who operate websites hope they will get free clicks, but many of them know they will have to pay for some of them, even though Google will happily lift and summarize their work without compensation.

I cannot think of any other web property which has this kind of leverage over Google. While this feels like a violation of the ideals and principles that have built the open web on which Google has built its empire, I wonder if Google will make many similar agreements, if any. I doubt it — at least for now. This feels funny; maybe that is why it is so unique, and why it is not worth being too troubled by it.

Apple, in a Developer News bulletin:

In macOS Sequoia, users will no longer be able to Control-click to override Gatekeeper when opening software that isn’t signed correctly or notarized. They’ll need to visit System Settings > Privacy & Security to review security information for software before allowing it to run.

This is one of those little things which will go unnoticed by most users, but will become a thorn in the side of anyone who relies on it. These are likely developers and other people who are more technologically literate placed in the position of increasingly fighting with the tools they use to get things done. It may be a small thing, but small things add up.

Update: The weekly permission prompts for screen and audio recording, on the other hand, might be noticed by a lot more people.

⌥ Permalink

Reddit user devanxd2000:

I was digging into the system files for the update and I found a bunch of json files containing what appears to be prompts given to the AI in the background. I found it interesting and thought I’d share.

You can find them here: /System/Library/AssetsV2/​com_apple_​MobileAsset_UAF_FM​_GenerativeModels

There’ll be a bunch of folders, some of them will have metadata.json files like this.

Wes Davis, the Verge:

Files I browsed through refer to the model as “ajax,” which some Verge readers might recall as the rumored internal name for Apple’s LLM last year.

It is unclear to me if these directly represent the instructions which interpret and produce the results users see. These could be something else, like a file involved in the development process but not related to how it functions on a user’s device; we just do not know.

But, assuming — quite fairly, I might add — that these instructions are what underpins features like message summaries and custom Memories in Photos, it is kind of interesting to see them written in plain English. They advise the model to “only output valid [JSON] and nothing else”, and warn it “do not hallucinate” and “do not make up factual information”. The latter two are just good rules for life. I am not sure what I expected, but I guess it was not these kinds of visible instructions. But, I guess it would make sense for it to feed through what I presume is the same system underpinning the revised version of Siri, which needs to interpret everything from plain English commands. After all, programming is just a specific version of a language.

⌥ Permalink

Ashley Belanger, Ars Technica:

Google just lost a massive antitrust trial over its sprawling search business, as US district judge Amit Mehta released his ruling, showing that he sided with the US Department of Justice in the case that could disrupt how billions of people search the web.

“Google is a monopolist, and it has acted as one to maintain its monopoly,” Mehta wrote in his opinion. “It has violated Section 2 of the Sherman Act.”

Google will surely contest this finding when its implications are known; Mehta has not announced what actions the government will take against Google.

The opinion is full of details about the precise nature of how Google search and its ads work together, Google’s relationship with Apple and other third parties, and how its business has changed over time. For example, the judge notes Google adjusted ad pricing to maintain a specific growth target, and increased it incrementally to mask it in the typical fluctuations of ad costs. He also cites a finding that “thirteen months of user data acquired by Google is equivalent to over 17 years of data on Bing” in informing the quality of search results. Meanwhile, Google pays Apple a redacted amount through its revenue sharing agreement for default placement in Safari, and it pays for searches performed through Chrome on Apple devices as well. There is a lot more in here, and I fully intend on re-reading the opinion with a bunch of questions I have in mind.

Google really does have great search results a lot of the time, even though it has stumbled in recent years. DuckDuckGo is my default but I find myself often turning to Google for local results, very old results, and news. (DuckDuckGo is powered by Bing, which prioritizes MSN-syndicated versions of articles that I do not want.) Google has not fallen into the same trap as Bing by wholly cluttering the results page. Microsoft still has no taste.

But two things can be true: Google can be the best search engine for most people, most of the time, because it is very good; and, also, Google can have abused its market-leading position to avoid competition and maintain its advertising revenue. Those are not inconsistent with each other. In fact, per the judge’s citation of how long it would take for Bing to amass the same information about user activity as Google does in a year, it is fully possible its quality and its dominance are related, something the judge nods toward. In fact, Google’s position is now so entrenched “it would not lose search revenue if were to significantly reduce the quality of its search product”.

Notably, Mehta did not sanction Google for failing to preserve evidence in the case, writing:

On the request for sanctions, the court declines to impose them. Not because Google’s failure to preserve chat messages might not warrant them. But because the sanctions Plaintiffs request do not move the needle on the court’s assessment of Google’s liability. […]

In cases where the judge found evidence of monopolistic and abusive behaviour, the lack of supporting text messages and other communications would not have made a difference; this is also true, the judge says, for his finding of a lack of anticompetitive behaviour in SA360.

⌥ Permalink

The Media Ecosystem Observatory:

On August 1, 2023, in response to Bill C-18, Meta blocked Canadians from viewing, accessing, and sharing news article links on its platforms. Over the past 12 months, our team of researchers has closely monitored the effects of the ban particularly on Canadian news organizations and how Canadians engage with news and political content online. 

“Old News, New Reality: A Year of Meta’s News Ban in Canada” is the first data-informed analysis on what happened in Canada after Meta banned access to news on its platforms for Canadians. […]

I read the report; I was underwhelmed. Its authors provide no information about how news websites and apps have performed in the past year. Instead, they use the popularity of news outlets on social media as a proxy for their popularity generally and have found — unsurprisingly — that many Canadian publications have reduced or stopped using Meta platforms to promote their work. This decline was not offset by other social platforms. But this says nothing about how publications have fared in general.

Unfortunately, only publishers would be able to compare the use of their websites and apps today compared to a year ago. Every other source only provides an estimate. Semrush, for example, says it has a “unique panel of over 200 million” users and it ingests billions of data points each month to build a picture of actual browsing. Its ranking, which I have preserved in its current June 2024 state, indicates a 6.7% decline in traffic to the CBC’s website compared to June a year ago, a 6.2% decline for CTV News, a 4.2% decline for Global News, a 12.3% increase for City News, a 27.8% decline for the Star, and a 20.4% increase for the National Post. Among the hardest-hit publications were French language publications like Journal de Montreal and TVA Nouvelles. Some of these traffic losses are pretty large, but none are anywhere near the 43% decline in “online engagement” cited in this report.

I could not find a source for app popularity in Canada over time — or, at least, not one I could access.

To be sure, it would not surprise me to learn traffic had dropped for many publishers. But it is a mixed bag, with some indicating large increases in web visitors. The point I am trying to make is that we simply do not have a good picture of actual popularity, and this Observatory report is only confusing matters. Social media buzz is not always a good representation of actual readership, and it is frustrating that the only information we can glean is irrelevant.

⌥ Permalink

Jason Snell, Six Colors:

Last quarter, Apple made about $22 billion in profit from products and $18 billion from Services. It’s the closest those two lines have ever come to each other.

This is what was buzzing in the back of my head as I was going over all the numbers on Thursday. We’re not quite there yet, but it’s hard to imagine that there won’t be a quarter in the next year or so in which Apple reports more total profit on Services than on products.

When that happens, is Apple still a products company? Or has it crossed some invisible line?

The most important thing Snell gets at in this article, I think, is that the “services” which likely generate the most revenue for Apple — the App Store, Apple Pay transactions, AppleCare, and the Google search deal — are all things which are tied specifically to its hardware. It sells subscriptions to its entertainment services elsewhere, for example, but they are probably not as valuable to the company as these four categories. It would be disappointing if Apple sees its hardware products increasingly as vehicles for recurring revenue.

⌥ Permalink

Tim Berners-Lee in 1998:

Keeping URIs so that they will still be around in 2, 20 or 200 or even 2000 years is clearly not as simple as it sounds. However, all over the Web, webmasters are making decisions which will make it really difficult for themselves in the future. Often, this is because they are using tools whose task is seen as to present the best site in the moment, and no one has evaluated what will happen to the links when things change. The message here is, however, that many, many things can change and your URIs can and should stay the same. They only can if you think about how you design them.

Jay Hoffmann:

Links give greater meaning to our webpages. Without the link, we would lose this significant grammatical tool native the web. And as links die out and rot on the vine, what’s at stake is our ability to communicate in the proper language of hypertext.

A dead link may not seem like it means very much, even in the aggregate. But they are. One-way links, the way they exist on the web where anyone can link to anything, is what makes the web universal. In fact, the first name for URL’s was URI’s, or Universal Resource Identifier. It’s right there in the name. And as Berners-Lee once pointed out, “its universality is essential.”

In 2018, Google announced it was deprecating its URL shortener, with no new links being created after March 2019. All existing shortened links would, however, remain active. It announced this in a developer blog post which — no joke — returns a 404 error at its original URL, which I found via 9to5Google. Google could not bother to redirect posts from just six years ago to their new valid URLs.

Google’s URL shortener was in the news again this month because the company has confirmed it will turn off these links in August 2025 except for those created via Google’s own apps. Google Maps, for example, still creates a goo.gl short link when sharing a location.

In principle, I support this deprecation because it is confusing and dangerous for Google’s own shortened URLs to have the same domain as ones created by third-party users. But this is a Google-created problem because it designed its URLs poorly. It should have never been possible for anyone else to create links with the same URL shortener used by Google itself. Yet, while it feels appropriate for a Google service to be unreliable over a long term, it also should not be ending access to links which may have been created just about five years ago.

By the way, the Sophos link on the word “dangerous” in that last paragraph? I found it via a ZDNet article where the inline link is — you guessed it — broken. Sophos also could not bother to redirect this URL from 2018 to its current address. Six years ago! Link rot is a scourge.

⌥ Permalink

Mark Bergen and Dawn Chmielewski, reporting for Vox — or perhaps Recode — in June 2016:

The latest charge comes from SourceFed, a stray pop culture web and video site. It uploaded a short YouTube video on Thursday charging Google with deliberately altering search recommendations — through its function that automatically offers suggestions as a query is typed — to give positive treatment to Clinton.

Google vehemently denied the charges. “Google Autocomplete does not favor any candidate or cause,” a rep wrote. “Claims to the contrary simply misunderstand how Autocomplete works.”

A spokesperson for Google explained the search engine’s autocomplete feature will “not show a predicted query that is offensive or disparaging”, which is understandable. Eight years later, that appears to be how Google continues to work. A search for donald trump cr offers just one autocompleted suggestion: crypto. Another, for donald trump fe, presents no autocompletion suggestions even though he is a convicted felon. One can see why Google would choose to err on the safe side.

Mike Masnick, Techdirt, after a series of similar claims spread over the past few weeks:

The key point here is that some of this stuff just happens. It’s part of how algorithms work. Sometimes they make mistakes. Sometimes you disagree with why they do things. And people need to stop overreacting to it all. Most of the examples discussed in this article were just normal things that happen all the time, but which got a ton of extra attention because everyone’s on edge and amped up.

That doesn’t mean people shouldn’t be on the lookout for stuff, but don’t immediately jump to conclusions and assume malfeasance.

It is reasonable to want to hold technology companies to a high standard and expect them to be more competent, especially when it comes to election-related topics. In some cases, systems are being triggered as they should, but they are poorly explained to users by generic error messages. Others are just broken. None of this should be surprising in an era where even the largest platforms seem to be so fragile as to be held together by the software equivalent of thumbtacks and glue sticks.

⌥ Permalink

Karissa Bell, Engadget:

Zuckerberg then launched into a lengthy rant about his frustrations with “closed” ecosystems like Apple’s App Store. None of that is particularly new, as the Meta founder has been feuding with Apple for years. But then Zuckerberg, who is usually quite controlled in his public appearances, revealed just how frustrated he is, telling Huang that his reaction to being told “no” is “fuck that.”

It all has a whiff of the image consultant, with notes of Musk.

Everybody knows a corporate executive wearing boring business clothes and answering questions with defined talking points is playing a role. This costume Zuckerberg is wearing is just as much of a front. The billionaire CEO of a publicly traded social media company cannot be a rebel in any meaningful sense.

⌥ Permalink

Nilay Patel, of the Verge, interviewed Hanneke Faber, CEO of Logitech, for the Decoder podcast.

NP […] You sell me the keyboard once. It’s got Options Plus. It has an AI button. I push the button, and someone has to make sure the software still works. Someone probably has to pay ChatGPT for access to the service. Where is that going to come from? Are you baking that into the margin of the keyboard or the mouse?

HF Absolutely. We’re baking that in, and I’m not particularly worried about that. What I’m actually hoping is that this will contribute to the longevity of our products, that we’ll have more premium products but products that last longer because they’re superior and because we can continue to update them over time. And again, I talked about doubling the business and reducing the carbon footprint by half. The longevity piece is really important.

I’m very intrigued. The other day, in Ireland, in our innovation center there, one of our team members showed me a forever mouse with the comparison to a watch. This is a nice watch, not a super expensive watch, but I’m not planning to throw that watch away ever. So why would I be throwing my mouse or my keyboard away if it’s a fantastic-quality, well-designed, software-enabled mouse. The forever mouse is one of the things that we’d like to get to.

Faber goes on to say this is a mouse with always-updated software, “heavier” — which I interpreted as more durable — and something which could provide other services. In response to Patel’s hypothetical of paying $200 one time, Faber said the “business model obviously is the challenge there”, and floats solving that through either a subscription model or inventing new products which get buyers to upgrade.

The part of this which is getting some attention is the idea of a subscription model for a mouse which is, to be fair, stupid. But the part which I was surprised by is the implication that longevity is not a priority for business model reasons. I am not always keen to ascribe these things to planned obsolesce, yet this interview sure looks like Faber is outright saying Logitech does not design products with the intention of them lasting for what at least seems like “forever”.

To be fair, I have not bought anything from Logitech in a long time, and I do not remember when I last did. I believe its cable may have terminated in a PS/2 plug. I switched to a trackpad on my desk long ago. When I bought my Magic Trackpad in 2015, I assumed I would not have to replace it for at least a decade; nine years later, I have not even thought about getting a new one. Even if its built-in battery dies — its sole weakness — I think I will be able to keep using it in wired mode.

But then I went on Wikipedia to double-check the release date of the second-generation Magic Trackpad, and I scrolled to the “Reception” section. Both generations were criticized as being too expensive at $70 for the first version, and $130 for the second. But both price tags seem like a good deal for a quality product. Things should be built with the intention they will last a long time, and a $200 mouse is a fine option if it is durable and could be repaired if something breaks.

I know this is something which compromises business models built on repeat business from the same customers, whether that means replacing a broken product or a monthly recurring charge. But it is rare for a CEO to say so in such clear terms. I appreciate the honesty, but I am repelled by the idea.

⌥ Permalink

Lily Dupuis, CBC News:

Calgary: Blue Sky City.

That’s the new city slogan unveiled by Calgary Economic Development and Tourism Calgary on Wednesday, replacing “Be Part of the Energy,” marking the start of a new era of branding.

Strategists with the groups say this new brand is a nod to innovation — Calgary being a city of blue-sky thinking — and one that reflects all Calgarians.

Richard White:

Calgary tried to rebrand itself in the late ‘90s as the “Heart of the New West.” And when that didn’t work, in 2011 we tried “Be Part of the Energy.” It didn’t work either. The fact is, the best city nicknames are not contrived in workshops and brainstorming sessions, they happen at more a grassroots level or based on some obvious fact. I wonder, “Can a city give itself a nickname?”

Daughter is responsible for this rebranding:

We created a visual language inspired by beadwork, a cross-cultural art form where individual elements come together to form something strong, beautiful, and greater than the sum of its parts — a balance of individuality and collective identity. This is reflected in a dynamic logo system, and a broader visual language of beadwork and patterning.

I do not like linking to hard paywalled things, but Armin Vit of Brand New recently reviewed this new identity and it is exceptionally thoughtful:

I was in Calgary once in the dead of winter for a quick in-and-out trip so I saw a limited range of the city, which felt a little desolate in the 48 hours I was there and it was just brutally cold too. Sunny, though! So I can attest to that. Overall, this helps present Calgary in, almost literally, a new light and it should help in attracting visitors and business or at least consider it as a viable alternative to the more popular Canadian destinations like Toronto, Montréal, and Vancouver.

Even though it intersects perfectly with my local interests and design career, I have been sitting on this news for a while because it is the kind of thing which needs to settle. It is a huge ask to give a city a marketable identity. The most successful of them, as White points out, are given by others or earned, not self-created.

That must have been a tall order for Daughter. Mohkinstsis, and other names for this area before it was colonized, are a reference to our two major rivers and the elbow junction where they meet. Post-colonization, the city was known first as the “sandstone city” and then the Stampede City. “Calgary” possibly traces its name to Old Norse words for “cold garden”. But the city, as Calgary, is relatively new — incorporated just 140 years ago — and we are in the midst of attempting to correct for the terrible legacy of colonizer violence. Wrapping all of this together in a pleasant visual identity to market to tourists is surely a difficult task.

I think Daughter and the others involved in this rebrand have largely succeeded. Past rebranding attempts have centred an outdated cowboy image and our filthy petrochemical industry. To that end, it sure looks a little like greenwashing — or, perhaps, bluewashing. But, while locals like White have reacted somewhat negatively to the change, the more international commenters on Brand New are effusive in their praise.

I think it is an impressive rebrand, though the typesetting of the “blue sky city” tagline looks disconnected to my eyes from the rest of the work. Perhaps this is only a reflection of my writing this under a cloudy sky. Everything in this package positions Calgary as a destination which may be overlooked outside of ten days each July, but it also suggests a nagging subtext: Montreal, Toronto, and Vancouver speak for themselves, but Calgary needs to be taglined and positioned. We are a city of a million and a half people and we are not yet acting like it.

⌥ Permalink

Anthony Chavez, of Google:

[…] Instead of deprecating third-party cookies, we would introduce a new experience in Chrome that lets people make an informed choice that applies across their web browsing, and they’d be able to adjust that choice at any time. We’re discussing this new path with regulators, and will engage with the industry as we roll this out.

Oh good — more choices.

Hadley Beeman, of the W3C’s Technical Architecture Group:

Third-party cookies are not good for the web. They enable tracking, which involves following your activity across multiple websites. They can be helpful for use cases like login and single sign-on, or putting shopping choices into a cart — but they can also be used to invisibly track your browsing activity across sites for surveillance or ad-targeting purposes. This hidden personal data collection hurts everyone’s privacy.

All of this data collection only makes sense to advertisers in the aggregate, but it only works because of specifics: specific users, specific webpages, and specific actions. Privacy Sandbox is imperfect but Google could have moved privacy forward by ending third-party cookies in the world’s most popular browser.

⌥ Permalink

Anthony Ha, of TechCrunch, interviewed Jean-Paul Schmetz, CEO of Ghostery, and I will draw your attention to this exchange:

AH I want to talk about both of those categories, Big Tech and regulation. You mentioned that with GDPR, there was a fork where there’s a little bit of a decrease in tracking, and then it went up again. Is that because companies realized they can just make people say yes and consent to tracking?

J-PS What happened is that in the U.S., it continued to grow, and in Europe, it went down massively. But then the companies started to get these consent layers done. And as they figured it out, the tracking went back up. Is there more tracking in the U.S. than there is in Europe? For sure.

AH So it had an impact, but it didn’t necessarily change the trajectory?

J-PS It had an impact, but it’s not sufficient. Because these consent layers are basically meant to trick you into saying yes. And then once you say yes, they never ask again, whereas if you say no, they keep asking. But luckily, if you say yes, and you have Ghostery installed, well, it doesn’t matter, because we block it anyway. And then Big Tech has a huge advantage because they always get consent, right? If you cannot search for something in Google unless you click on the blue button, you’re going to give them access to all of your data, and you will need to rely on people like us to be able to clean that up.

The TechCrunch headline summarizes this by saying “regulation won’t save us from ad trackers”, but I do not think that is a fair representation of this argument. What it sounds like, to me, is that regulations should be designed more effectively.

The E.U.’s ePrivacy Directive and GDPR have produced some results: tracking is somewhat less pervasive, people have a right to data access and portability, and businesses must give users a choice. That last thing is, as Schmetz points out, also its flaw, and one it shares with something like App Tracking Transparency on iOS. Apps affected by the latter are not permitted to keep asking if tracking is denied, but they do similarly rely on the assumption a user can meaningfully consent to a cascading system of trackers.

In fact, the similarities and differences between cookie banner laws and App Tracking Transparency are considerable. Both require some form of consent mechanism immediately upon accessing a website or an app, assuming a user can provide that choice. Neither can promise tracking will not occur should a user deny the request. Both are interruptive.

But cookie consent laws typically offer users more information; many European websites, for example, enumerate all their third-party trackers, while App Tracking Transparency gives users no visibility into which trackers will be allowed. The latter choice is remembered forever unless a user removes and reinstalls the app, while websites can ask you for cookie consent on each visit. Perhaps the latter may sometimes be a consequence of using Safari; it is hard to know.

App Tracking Transparency also has a system-wide switch to opt out of all third-party tracking. There used to be something similar in web browsers, but compliance was entirely optional. Its successor effort, Global Privacy Control, is sadly not as widely supported as it ought to be, but it appears to have legal teeth.

Both of these systems have another important thing in common: neither are sufficiently protective of users’ privacy because they burden individuals with the responsibility of assessing something they cannot reasonably comprehend. It is patently ridiculous to put the responsibility on individuals to mitigate a systemic problem like invasive tracking schemes.

There should be a next step to regulations like these because user tracking is not limited to browsers where Ghostery can help — if you know about it. A technological response is frustrating and it is unclear to me how effective it is on its own. This is clearly not a problem only regulation can solve but neither can browser extensions. We need both.

Thom Holwerda:

A story that’s been persistently making the rounds since the CrowdStrike event is that while several airline companies were affected in one way or another, Southwest Airlines escaped the mayhem because they were still using Windows 3.1. It’s a great story that fits the current zeitgeist about technology and its role in society, underlining that what is claimed to be technological progress is nothing but trouble, and that it’s better to stick with the old. At the same time, anybody who dislikes Southwest Airlines can point and laugh at the bumbling idiots working there for still using Windows 3.1. It’s like a perfect storm of technology news click and ragebait.

Too bad the whole story is nonsense.

I would say Holwerda’s debunking is a thorough exploration of how so many media outlets got this story wrong but — and I mean this in the nicest possible way — that would be overselling it. As Holwerda admits, it took scarcely any research to fact check a claim carried by Tom’s Hardware, Tech Radar, Forbes, Digital Trends, and lots of others. Embarrassing.

⌥ Permalink

Since 2022, the European Parliament has been trying to pass legislation requiring digital service providers to scan for and report CSAM as it passes through their services.

Giacomo Zandonini, Apostolis Fotiadis, and Luděk Stavinoha, Balkan Insight, with a good summary in September:

Welcomed by some child welfare organisations, the regulation has nevertheless been met with alarm from privacy advocates and tech specialists who say it will unleash a massive new surveillance system and threaten the use of end-to-end encryption, currently the ultimate way to secure digital communications from prying eyes.

[…]

The proposed regulation is excessively “influenced by companies pretending to be NGOs but acting more like tech companies”, said Arda Gerkens, former director of Europe’s oldest hotline for reporting online CSAM.

This is going to require a little back-and-forth, and I will pick up the story with quotations from Matthew Green’s introductory remarks to a panel before the European Internet Services Providers Association in March 2023:

The only serious proposal that has attempted to address this technical challenge was devised — and then subsequently abandoned — by Apple in 2021. That proposal aimed only at detecting known content using a perceptual hash function. The company proposed to use advanced cryptography to “split” the evaluation of hash comparisons between the user’s device and Apple’s servers: this ensured that the device never received a readable copy of the hash database.

[…]

The Commission’s Impact Assessment deems the Apple approach to be a success, and does not grapple with this failure. I assure you that this is not how it is viewed within the technical community, and likely not within Apple itself. One of the most capable technology firms in the world threw all their knowledge against this problem, and were embarrassed by a group of hackers: essentially before the ink was dry on their proposal.

Daniel Boffey, the Guardian, in May 2023:

Now leaked internal EU legal advice, which was presented to diplomats from the bloc’s member states on 27 April and has been seen by the Guardian, raises significant doubts about the lawfulness of the regulation unveiled by the European Commission in May last year.

The European Parliament in a November 2023 press release:

In the adopted text, MEPs excluded end-to-end encryption from the scope of the detection orders to guarantee that all users’ communications are secure and confidential. Providers would be able to choose which technologies to use as long as they comply with the strong safeguards foreseen in the law, and subject to an independent, public audit of these technologies.

Joseph Menn, Washington Post, in March, reporting on the results of a European court ruling:

While some American officials continue to attack strong encryption as an enabler of child abuse and other crimes, a key European court has upheld it as fundamental to the basic right to privacy.

[…]

The court praised end-to-end encryption generally, noting that it “appears to help citizens and businesses to defend themselves against abuses of information technologies, such as hacking, identity and personal data theft, fraud and the improper disclosure of confidential information.”

This is not directly about the proposed CSAM measures, but it is precedent for European regulators to follow.

Natasha Lomas, TechCrunch, this week:

The most recent Council proposal, which was put forward in May under the Belgian presidency, includes a requirement that “providers of interpersonal communications services” (aka messaging apps) install and operate what the draft text describes as “technologies for upload moderation”, per a text published by Netzpolitik.

Article 10a, which contains the upload moderation plan, states that these technologies would be expected “to detect, prior to transmission, the dissemination of known child sexual abuse material or of new child sexual abuse material.”

Meredith Whittaker, CEO of Signal, issued a PDF statement criticizing the proposal:

Instead of accepting this fundamental mathematical reality, some European countries continue to play rhetorical games. They’ve come back to the table with the same idea under a new label. Instead of using the previous term “client-side scanning,” they’ve rebranded and are now calling it “upload moderation.” Some are claiming that “upload moderation” does not undermine encryption because it happens before your message or video is encrypted. This is untrue.

Patrick Breyer, of Germany’s Pirate Party:

Only Germany, Luxembourg, the Netherlands, Austria and Poland are relatively clear that they will not support the proposal, but this is not sufficient for a “blocking minority”.

Ella Jakubowska on X:

The exact quote from [Věra Jourová] the Commissioner for Values & Transparency: “the Commission proposed the method or the rule that even encrypted messaging can be broken for the sake of better protecting children”

Věra Jourová on X, some time later:

Let me clarify one thing about our draft law to detect online child sexual abuse #CSAM.

Our proposal is not breaking encryption. Our proposal preserves privacy and any measures taken need to be in line with EU privacy laws.

Matthew Green on X:

Coming back to the initial question: does installing surveillance software on every phone “break encryption”? The scientist in me squirms at the question. But if we rephrase as “does this proposal undermine and break the *protections offered by encryption*”: absolutely yes.

Maïthé Chini, the Brussels Times:

It was known that the qualified majority required to approve the proposal would be very small, particularly following the harsh criticism of privacy experts on Wednesday and Thursday.

[…]

“[On Thursday morning], it soon became clear that the required qualified majority would just not be met. The Presidency therefore decided to withdraw the item from today’s agenda, and to continue the consultations in a serene atmosphere,” a Belgian EU Presidency source told The Brussels Times.

That is a truncated history of this piece of legislation: regulators want platform operators to detect and report CSAM; platforms and experts say that will conflict with security and privacy promises, even if media is scanned prior to encryption. This proposal may be specific to the E.U., but you can find similar plans to curtail or invalidate end-to-end encryption around the world:

• In Australia, lawmakers at long last clarified they do not expect technology providers to evade end-to-end encryption — but they tried really hard to make that happen.

• Canadian officials have tested the waters on mandating back doors in encryption, along with the rest of the “Five Eyes” alliance.

• The United Kingdom has laid the groundwork for working around encryption when “feasible technology” exists, but it also seems to allow Ofcom to compel businesses to develop it.

• The United States is reportedly aligned with E.U. officials to create encryption workarounds, and lawmakers keep introducing bills to that end.

I selected English-speaking areas because that is the language I can read, but I am sure there are more regions facing threats of their own.

We are not served by pretending this threat is limited to any specific geography. The benefits of end-to-end encryption are being threatened globally. The E.U.’s attempt may have been pushed aside for now, but another will rise somewhere else, and then another. It is up to civil rights organizations everywhere to continue arguing for the necessary privacy and security protections offered by end-to-end encryption.

Javier Espinoza and Michael Acton, Financial Times:

Apple has warned that it will not roll out the iPhone’s flagship new artificial intelligence features in Europe when they launch elsewhere this year, blaming “uncertainties” stemming from Brussels’ new competition rules.

This article carries the headline “Apple delays European launch of new AI features due to EU rules”, but it is not clear to me these features are “delayed” in the E.U. or that they would “launch elsewhere this year”. According to the small text in Apple’s WWDC press release, these features “will be available in beta […] this fall in U.S. English”, with “additional languages […] over the course of the next year”. This implies the A.I. features in question will only be available to devices set to U.S. English, and acting upon text and other data also in U.S. English.

To be fair, this is a restriction of language, not geography. Someone in France or Germany could still want to play around with Apple Intelligence stuff even if it is not very useful with their mostly not-English data. Apple is saying they will not be able to. It aggressively region-locks alternative app marketplaces to Europe and, I imagine, will use the same infrastructure to keep users out of these new features.

There is an excerpt from Apple’s statement in this Financial Times article explaining which features will not launch in Europe this year: iPhone Mirroring, better screen sharing with SharePlay, and Apple Intelligence. Apple provided a fuller statement to John Gruber. This is the company’s explanation:

Specifically, we are concerned that the interoperability requirements of the DMA could force us to compromise the integrity of our products in ways that risk user privacy and data security. We are committed to collaborating with the European Commission in an attempt to find a solution that would enable us to deliver these features to our EU customers without compromising their safety.

Apple does not explain specifically how these features run afoul of the DMA — or why it would not or could not build them to clearly comply with the DMA — so this could be mongering, but I will assume it is a good-faith effort at compliance in the face of possible ambiguity. I am not sure Apple has earned a benefit of the doubt, but that is a different matter.

It seems like even the possibility of lawbreaking has made Apple cautious — and I am not sure why that is seen as an inherently bad thing. This is one of the world’s most powerful corporations, and the products and services it rolls out impact a billion-something people. That position deserves significant legal scrutiny.

I was struck by something U.S. FTC chair Lina Khan said in an interview at a StrictlyVC event this month:

[…] We hear routinely from senior dealmakers, senior antitrust lawyers, who will say pretty openly that as of five or six or seven years ago, when you were thinking about a potential deal, antitrust risk or even the antitrust analysis was nowhere near the top of the conversation, and now it is up front and center. For an enforcer, if you’re having companies think about that legal issue on the front end, that’s a really good thing because then we’re not going to have to spend as many public resources taking on deals that we believe are violating the laws.

Now that competition laws are being enforced, businesses have to think about them. That is a good thing! I get a similar vibe from this DMA response. It is much newer than antitrust laws in both the U.S. and E.U. and there are things about which all of the larger technology companies are seeking clarity. But it is not an inherently bad thing to have a regulatory layer, even if it means delays.

Is that not Apple’s whole vibe, anyway? It says it does not rush into things. It is proud of withholding new products until it feels it has gotten them just right. Perhaps you believe corporations are a better judge of what is acceptable than a regulatory body, but the latter serves as a check on the behaviour of the former.

Apple is not saying Europe will not get these features at all. It is only saying it is not sure it has built them in a DMA compliant way. We do not know anything more about why that is the case at this time, and it does not make sense to speculate further until we do.

⌥ Permalink

After Robb Knight found — and Wired confirmed — Perplexity summarizes websites which have followed its opt out instructions, I noticed a number of people making a similar claim: this is nothing but a big misunderstanding of the function of controls like robots.txt. A Hacker News comment thread contains several versions of these two arguments:

• robots.txt is only supposed to affect automated crawling of a website, not explicit retrieval of an individual page.

• It is fair to use a user agent string which does not disclose automated access because this request was not automated per se, as the user explicitly requested a particular page.

That is, publishers should expect the controls provided by Perplexity to apply only to its indexing bot, not a user-initiated page request. Wary of being the kind of person who replies to pseudonymous comments on Hacker News, this is an unnecessarily absolutist reading of how site owners expect the Robots Exclusion Protocol to work.

To be fair, that protocol was published in 1994, well before anyone had to worry about websites being used as fodder for large language model training. And, to be fairer still, it has never been formalized. A spec was only recently proposed in September 2022. It has so far been entirely voluntary, but the draft standard proposes a more rigid expectation that rules will be followed. Yet it does not differentiate between different types of crawlers — those for search, others for archival purposes, and ones which power the surveillance economy — and contains no mention of A.I. bots. Any non-human means of access is expected to comply.

The question seems to be whether what Perplexity is doing ought to be considered crawling. It is, after all, responding to a direct retrieval request from a user. This is subtly different from how a user might search Google for a URL, in which case they are asking whether that site is in the search engine’s existing index. Perplexity is ostensibly following real-time commands: go fetch this webpage and tell me about it.

But it clearly is also crawling in a more traditional sense. The New York Times and Wired both disallow PerplexityBot, yet I was able to ask it to summarize a set of recent stories from both publications. At the time of writing, the Wired summary is about seventeen hours outdated, and the Times summary is about two days old. Neither publication has changed its robots.txt directives recently; they were both blocking Perplexity last week, and they are blocking it today. Perplexity is not fetching these sites in real-time as a human or web browser would. It appears to be scraping sites which have explicitly said that is something they do not want.

Perplexity should be following those rules and it is shameful it is not. But what if you ask for a real-time summary of a particular page, as Knight did? Is that something which should be identifiable by a publisher as a request from Perplexity, or from the user?

The Robots Exclusion Protocol may be voluntary, but a more robust method is to block bots by detecting their user agent string. Instead of expecting visitors to abide by your “No Homers Club” sign, you are checking IDs. But these strings are unreliable and there are often good reasons for evading user agent sniffing.

Perplexity says its bot is identifiable by both its user agent and the IP addresses from which it operates. Remember: this whole controversy is that it sometimes discloses neither, making it impossible to differentiate Perplexity-originating traffic from a real human being — and there is a difference.

A webpage being rendered through a web browser is subject to the quirks and oddities of that particular environment — ad blockers, Reader mode, screen readers, user style sheets, and the like — but there is a standard. A webpage being rendered through Perplexity is actually being reinterpreted and modified. The original text of the page is transformed through automated means about which neither the reader or the publisher has any understanding.

This is true even if you ask it for a direct quote. I asked for a full paragraph of a recent article and it mashed together two separate sections. They are direct quotes, to be sure, but the article must have been interpreted to generate this excerpt.¹

It is simply not the case that requesting a webpage through Perplexity is akin to accessing the page via a web browser. It is more like automated traffic — even if it is being guided by a real person.

The existing mechanisms for restricting the use of bots on our websites are imperfect and limited. Yet they are the only tools we have right now to opt out of participating in A.I. services if that is something one wishes to do, short of putting pages or an entire site behind a user name and password. It is completely reasonable for someone to assume their signal of objection to any robotic traffic ought to be respected by legitimate businesses. The absolute least Perplexity can do is respecting those objections by clearly and consistently identifying itself, and excluding websites which have indicated they do not want to be accessed by these means.

Dhruv Mehrotra and Tim Marchman, of Wired, were able to confirm Robb Knight’s finding that Perplexity ignores the very instructions it gives website owners to opt out of scraping. And there is more:

The WIRED analysis also demonstrates that despite claims that Perplexity’s tools provide “instant, reliable answers to any question with complete sources and citations included,” doing away with the need to “click on different links,” its chatbot, which is capable of accurately summarizing journalistic work with appropriate credit, is also prone to bullshitting, in the technical sense of the word.

I had not played around with Perplexity very much, but I tried asking it “what is the bullshit web?”. Its summaries in response to prompts with and without a question mark are slightly different but there is one constant: it does not cite my original article, only a bunch of (nice) websites which linked to or reblogged it.

⌥ Permalink

Takeshi Narabe, the Asahi Shimbun:

SoftBank Corp. announced that it has developed voice-altering technology to protect employees from customer harassment.

The goal is to reduce the psychological burden on call center operators by changing the voices of complaining customers to calmer tones.

The company launched a study on “emotion canceling” three years ago, which uses AI voice-processing technology to change the voice of a person over a phone call.

Penny Crosman, the American Banker:

Call center agents who have to deal with angry or perplexed customers all day tend to have through-the-roof stress levels and a high turnover rate as a result. About 53% of U.S. contact center agents who describe their stress level at work as high say they will probably leave their organization within the next six months, according to CMP Research’s 2023-2024 Customer Contact Executive Benchmarking Report.

Some think this is a problem artificial intelligence can fix. A well-designed algorithm could detect the signs that a call center rep is losing it and do something about it, such as send the rep a relaxing video montage of photos of their family set to music.

Here we have examples from two sides of the same problem: working in a call centre sucks because dealing with usually angry, frustrated, and miserable customers sucks. The representative probably understands why some corporate decision made the customer angry, frustrated, and miserable, but cannot really do anything about it.

So there are two apparent solutions here — the first reconstructs a customer’s voice in an effort to make them sound less hostile, and the second shows call centre employees a “video montage” of good memories as an infantilizing calming measure.

Brian Merchant wrote about the latter specifically, but managed to explain why both illustrate the problems created by how call centres work today:

If this showed up in the b-plot of a Black Mirror episode, we’d consider it a bit much. But it’s not just the deeply insipid nature of the AI “solution” being touted here that gnaws at me, though it does, or even the fact that it’s a comically cynical effort to paper over a problem that could be solved by, you know, giving workers a little actual time off when they are stressed to the point of “losing it”, though that does too. It’s the fact that this high tech cost-saving solution is being used to try to fix a whole raft of problems created by automation in the first place.

A thoughtful exploration of how A.I. is really being used which, combined with the previously linked item, does not suggest a revolution for anyone involved. It looks more like cheap patch on society’s cracking dam.

⌥ Permalink

Jonathan Maze, Restaurant Business Online:

McDonald’s is ending its two-year-old test of drive-thru, automated order taking (AOT) that it has conducted with IBM and plans to remove the technology from the more than 100 restaurants that have been using it.

[…]

McDonald’s has taken a deliberative approach on drive-thru AI even as many other restaurant chains have jumped fully on board. Checkers and Rally’s, Hardee’s, Carl’s Jr., Krystal, Wendy’s, Dunkin and Taco Johns are either testing or have implemented the technology in its drive-thrus.

Some of those chains “fully on board” with A.I. order-taking are customers of Presto which, according to reporting last year in Bloomberg, relied on outsourced workers in the Philippines for roughly 70% of the orders processed through its “A.I.” system. In a more recent corporate filing, human intervention has fallen to 54% of orders at “select locations” where Presto has launched what it calls its “most advanced version of [its] A.I. technology”. However, that improvement only applies to 55 of 202 restaurant locations where Presto is used. It does not say in that filing how many orders need human intervention at the other 147 locations.

Perhaps I am being unfair. Any advancements in A.I. are going to start off rocky, and will take a while to improve. They will understandably be mired in controversy, too. I am fond of how Cory Doctorow put it:

[…] their [A.I. vendors’] products aren’t anywhere near good enough to do your job, but their salesmen are absolutely good enough to convince your boss to fire you and replace you with an AI model that totally fails to do your job.

We can choose to create a world where even the smallest expressions of human creativity in our work are eliminated to technology — or we can choose not to. I am not a doomsday person about A.I.; I have found it sometimes useful in home and work contexts. But I am not buying the hype either. The problem is that I think Doctorow might be right: the people making decisions may hold their nose over any concerns they could have about trust as they realize how much more productive someone can be when they no longer have to think so much, and how much less they can be paid. And then whatever standards we have for good enough fall off a cliff.

But the McDonald’s experiment is probably just silly.

⌥ Permalink

Kif Leswing, CNBC:

Nvidia, long known in the niche gaming community for its graphics chips, is now the most valuable public company in the world.

[…]

Nvidia shares are up more than 170% so far this year, and went a leg higher after the company reported first-quarter earnings in May. The stock has multiplied by more than ninefold since the end of 2022, a rise that’s coincided with the emergence of generative artificial intelligence.

I know computing is math — even drawing realistic pictures really fast — but it is so funny to me that Nvidia’s products have become so valuable for doing applied statistics instead of for actual graphics work.

⌥ Permalink

Patrick McGee, Financial Times, August 2022:

In interviews with 15 female Apple employees, both current and former, the Financial Times has found that Mohr’s frustrating experience with the People group has echoes across at least seven Apple departments spanning six US states.

The women shared allegations of Apple’s apathy in the face of misconduct claims. Eight of them say they were retaliated against, while seven found HR to be disappointing or counterproductive.

Ashley Belanger, Ars Technica, last week:

Apple has spent years “intentionally, knowingly, and deliberately paying women less than men for substantially similar work,” a proposed class action lawsuit filed in California on Thursday alleged.

[…]

The current class action has alleged that Apple continues to ignore complaints that the company culture fosters an unfair and hostile workplace for women. It’s hard to estimate how much Apple might owe in back pay and other damages should women suing win, but it could easily add up if all 12,000 class members were paid thousands less than male counterparts over the complaint’s approximately four-year span. Apple could also be on the hook for hundreds in civil penalties per class member per pay period between 2020 and 2024.

I pulled the 2022 Financial Times investigation into this because one of the plaintiffs in the lawsuit filed last week also alleges sexual harassment by a colleague which was not adequately addressed.

Stephen Council, SFGate:

The lawyer said that asking women about pay expectations “locks” past pay discrimination in and that the requirements of a job should determine pay. Finberg isn’t new to the fight over tech pay; he represented employees suing Oracle and Google for gender-based pay discrimination, securing $25 million and $118 million settlements, respectively.

Last year, Apple paid $25 million to settle claims it discriminated in U.S. hiring in favour of people whose ability to remain in the U.S. depended on their employment status.

⌥ Permalink

Ina Fried, Axios:

Adobe on Tuesday updated its terms of service to make explicit that it won’t train AI systems using customer data.

The move follows an uproar over largely unrelated changes Adobe made in recent days to its terms of service — which contained wording that some customers feared was granting Adobe broad rights to customer content.

Again, I must ask whether businesses are aware of how little trust there currently is in technology firms’ A.I. use. People misinterpret legal documents all the time — a minor consequence of how we have normalized signing a non-negotiable contract every time we create a new account. Most people are not equipped to read and comprehend the consequences of those contracts, and it is unsurprising they can assume the worst.

⌥ Permalink

The U.S. Federal Trade Commission:

The Federal Trade Commission is taking action against software maker Adobe and two of its executives, Maninder Sawhney and David Wadhwani, for deceiving consumers by hiding the early termination fee for its most popular subscription plan and making it difficult for consumers to cancel their subscriptions.

A federal court complaint filed by the Department of Justice upon notification and referral from the FTC charges that Adobe pushed consumers toward the “annual paid monthly” subscription without adequately disclosing that cancelling the plan in the first year could cost hundreds of dollars. Wadhwani is the president of Adobe’s digital media business, and Sawhney is an Adobe vice president.

The inclusion of two Adobe executives as co-defendants is notable, though not entirely unique — in September, the FTC added three executives to its complaint against Amazon, a move a judge recently upheld.

The contours of the case itself bear similarities to the Amazon Prime one, too. In both cases, customers are easily coerced into subscriptions which are difficult to cancel. Executives were aware of customer complaints, according to the FTC, yet they allegedly allowed or encouraged these practices. But there are key differences between these cases as well. Amazon Prime is a monthly cancel-anytime subscription — if you can navigate the company’s deliberately confusing process. Adobe, on the other hand, offers three ways to pay for many of its products: on a monthly basis which can be cancelled at any time, on an annual basis, or on a monthly basis locked into an annual contract. However, it predominantly markets its products with the latter option, and preselects it when subscribing. That is where the pain begins.

The difficulty and cost of cancelling an Adobe subscription is legendary. It is right up there with gyms for how badly it treats its customers. It has designed a checkout process that defaults people into an annual contract, and a cancellation workflow which makes extricating oneself from that contract tedious, time-consuming, and expensive. If Adobe wanted to make it obvious what users were opting into at checkout, and easy for them to end a subscription, it could have designed those screens in that way. Adobe did not.

⌥ Permalink

Robb Knight blocked various web scrapers via robots.txt and through nginx. Yet Perplexity seemed to be able to access his site:

I got a perfect summary of the post including various details that they couldn’t have just guessed. Read the full response here. So what the fuck are they doing?

[…]

Before I got a chance to check my logs to see their user agent, Lewis had already done it. He got the following user agent string which certainly doesn’t include PerplexityBot like it should: […]

I am sure Perplexity will respond to this by claiming it was inadvertent, and it has fixed the problem, and it respects publishers’ choices to opt out of web scraping. What matters is how we have only a small amount of control over how our information is used on the web. It defaults to open and public — which is part of the web’s brilliance, until the audience is no longer human.

Unless we want to lock everything behind a login screen, the only mechanisms for control that we have are dependent on companies like Perplexity being honest about their bots. There is no chance this problem only affects the scraping of a handful of independent publishers; this is certainly widespread. Without penalty or legal reform, A.I. companies have little incentive not to do exactly the same as Perplexity.

⌥ Permalink

Kashmir Hill, New York Times:

[Clearview AI] A facial recognition start-up, accused of invasion of privacy in a class-action lawsuit, has agreed to a settlement, with a twist: Rather than cash payments, it would give a 23 percent stake in the company to Americans whose faces are in its database.

This is an awful move by an awful company. It turns U.S. victims of its global privacy invasion into people who are invested and complicit in its success.

⌥ Permalink

Pavan Davuluri, of Microsoft:

Today, we are communicating an additional update on the Recall (preview) feature for Copilot+ PCs. Recall will now shift from a preview experience broadly available for Copilot+ PCs on June 18, 2024, to a preview available first in the Windows Insider Program (WIP) in the coming weeks. Following receiving feedback on Recall from our Windows Insider Community, as we typically do, we plan to make Recall (preview) available for all Copilot+ PCs coming soon.

Microsoft has always struggled to name its products coherently, but Microsoft Copilot+ PCs with Recall (preview) available first through the Windows Insider Program (WIP) has to take the cake. Absolute gibberish.

Anyway, it is disappointing to see Microsoft botch the announcement of this feature so badly. Investors do not seem to care about how untrustworthy the company is because, face it, how many corporations big and small are going to abandon Windows and Office? As long as its leadership keeps saying the right things, it seems it is still comfortable to sit in the afterglow of its A.I. transformation.

⌥ Permalink

Online privacy isn’t just something you should be hoping for — it’s something you should expect. You should ensure your browsing history stays private and is not harvested by ad networks.

By blocking ad trackers, Magic Lasso Adblock stops you being followed by ads around the web.

It’s a native Safari content blocker for your iPhone, iPad, and Mac that’s been designed from the ground up to protect your privacy.

Rely on Magic Lasso Adblock to:

• Remove ad trackers, annoyances and background crypto-mining scripts

• Browse common websites 2.0× faster

• Double battery life during heavy web browsing

• Lower data usage when on the go

So, join over 300,000 users and download Magic Lasso Adblock today.

My thanks to Magic Lasso Adblock for sponsoring Pixel Envy this week.

⌥ Permalink

Eryk Salvaggio, Tech Policy Press:

People are growing ever more frustrated by the intrusiveness of tech. This frustration feeds a cycle of fear that can be quickly dismissed, but doing so strikes me as either foolish or cynical. I am not a lawyer, but lately I have been in a lot of rooms with lawyers discussing people’s rights in the spheres of art and AI. One of the things that has come up recently is the challenge of translating oftentimes unfiltered feelings about AI into a legal framework.

[…]

I would never claim to speak to the concerns of everyone I’ve spoken with about AI, but I have made note of a certain set of themes. I understand these as three C’s for data participation: Context, Consent, and Control.

This is a thoughtful essay about what it means for creation to be public, and the imbalanced legal architecture covering appropriation and reuse. I bet many people feel this in their gut — everything is a remix, yet there are vast differences between how intellectual property law deals with individuals compared to businesses.

If I were creating music by hand which gave off the same vibes as another artist, I would be worried about a resulting lawsuit, even if I did not stray into the grey area of sampling. And I would have to obtain everything legally — if I downloaded a song off the back of a truck, so to speak, I would be at risk of yet more legal jeopardy, even if it was for research or commentary. Yet an A.I. company can scrape all the music that has ever been published to the web, and create a paid product that will reproduce any song or artist you might like without credit or compensation; they are arguing this is fair use.

This does not seem like a fair situation, and it is not one that will be remedied by making copyright more powerful. I appreciated Salvaggio’s more careful assessment.

⌥ Permalink

Renee Dudley and Doris Burke, reporting for ProPublica which is not, contrary to the opinion of one U.S. Supreme Court jackass justice, “very well-funded by ideological groups” bent on “look[ing] for any little thing they can find, and they try[ing] to make something out of it”, but is instead a distinguished publication of investigative journalism:

Microsoft hired Andrew Harris for his extraordinary skill in keeping hackers out of the nation’s most sensitive computer networks. In 2016, Harris was hard at work on a mystifying incident in which intruders had somehow penetrated a major U.S. tech company.

[…]

Early on, he focused on a Microsoft application that ensured users had permission to log on to cloud-based programs, the cyber equivalent of an officer checking passports at a border. It was there, after months of research, that he found something seriously wrong.

This is a deep and meaningful exploration of Microsoft’s internal response to the conditions that created 2020’s catastrophic SolarWinds breach. It seems that both Microsoft and the Department of Justice knew well before anyone else — perhaps as early as 2016 in Microsoft’s case — yet neither did anything with that information. Other things were deemed more important.

Perhaps this was simply a multi-person failure in which dozens of people at Microsoft could not see why Harris’ discovery was such a big deal. Maybe they all could not foresee this actually being exploited in the wild, or there was a failure to communicate some key piece of information. I am a firm believer in Hanlon’s razor.

On the other hand, the deep integration of Microsoft’s entire product line into sensitive systems — governments, healthcare, finance — magnifies any failure. The incompetence of a handful of people at a private corporation should not result in 18,000 infected networks.

Ashley Belanger, Ars Technica:

Microsoft is pivoting its company culture to make security a top priority, President Brad Smith testified to Congress on Thursday, promising that security will be “more important even than the company’s work on artificial intelligence.”

Satya Nadella, Microsoft’s CEO, “has taken on the responsibility personally to serve as the senior executive with overall accountability for Microsoft’s security,” Smith told Congress.

[…]

Microsoft did not dispute ProPublica’s report. Instead, the company provided a statement that almost seems to contradict Smith’s testimony to Congress today by claiming that “protecting customers is always our highest priority.”

Microsoft’s public relations staff can say anything they want. But there is plenty of evidence — contemporary and historic — showing this is untrue. Can it do better? I am sure Microsoft employs many intelligent and creative people who desperately want to change this corrupted culture. Will it? Maybe — but for how long is anybody’s guess.

⌥ Permalink

Based on what I can surmise from the upload dates, this collection of computer brochures has been around for years, but I was only recently made aware of it thanks to the latest issue of Web Curios. What a lovely collection of history in both technology and a very particular era in design.

⌥ Permalink

The Asahi Shimbun, in a non-bylined report:

The new law designates companies that are influential in four areas: smartphone operating systems, app stores, web browsers and search engines.

The new law will prohibit companies from giving preferential treatment for the operator’s own payment system and from preventing third-party companies from launching new application stores.

[…]

The new legislation sets out exceptional rules in cases to protect security, privacy and youth users.

Penalties are 20–30% of Japanese revenue. Japan is one of very few countries in the world where the iPhone’s market share exceeds that of Android phones. I am interested to know if Apple keeps its policies for developers consistent between the E.U. and Japan, or if they will diverge.

⌥ Permalink

“Conspirador Norteño” in January 2023:

BNN (the “Breaking News Network”, a news website operated by tech entrepreneur and convicted domestic abuser Gurbaksh Chahal) allegedly offers independent news coverage from an extensive worldwide network of on-the-ground reporters. As is often the case, things are not as they seem. A few minutes of perfunctory Googling reveals that much of BNN’s “coverage” appears to be mildly reworded articles copied from mainstream news sites. For science, here’s a simple technique for algorithmically detecting this form of copying.

Kashmir Hill and Tiffany Hsu, New York Times:

Many traditional news organizations are already fighting for traffic and advertising dollars. For years, they competed for clicks against pink slime journalism — so-called because of its similarity to liquefied beef, an unappetizing, low-cost food additive.

Low-paid freelancers and algorithms have churned out much of the faux-news content, prizing speed and volume over accuracy. Now, experts say, A.I. could turbocharge the threat, easily ripping off the work of journalists and enabling error-ridden counterfeits to circulate even more widely — as has already happened with travel guidebooks, celebrity biographies and obituaries.

See, it is not just humans producing abject garbage; robots can do it, too — and way better. There was a time when newsrooms could be financially stable on display ads. Those days are over for a team of human reporters, even if all they do is rewrite rich guy tweets. But if you only need to pay a skeleton operations staff to ensure the robots continue their automated publishing schedule, well that becomes a more plausible business venture.

Another thing of note from the Times story:

Before ending its agreement with BNN Breaking, Microsoft had licensed content from the site for MSN.com, as it does with reputable news organizations such as Bloomberg and The Wall Street Journal, republishing their articles and splitting the advertising revenue.

I have to wonder how much of an impact this co-sign had on the success of BNN Breaking. Syndicated articles on MSN like these are shown in various places on a Windows computer, and are boosted in Bing search results. Microsoft is increasingly dependent on A.I. for editing its MSN portal with predictable consequences.

“Conspirador Norteño” in April:

The YouTube channel is not the only data point that connects Trimfeed to BNN. A quick comparison of the bylines on BNN’s and Trimfeed’s (plagiarized) articles shows that many of the same names appear on both sites, and several X accounts that regularly posted links to BNN articles prior to April 2024 now post links to Trimfeed content. Additionally, BNN seems to have largely stopped publishing in early April, both on its website and social media, with the Trimfeed website and related social media efforts activating shortly thereafter. It is possible that BNN was mothballed due to being downranked in Google search results in March 2024, and that the new Trimfeed site is an attempt to evade Google’s decision to classify Trimfeed’s predecessor as spam.

The Times reporters definitively linked the two and, after doing so, Trimfeed stopped publishing. Its domain, like BNN Breaking, now redirects to BNNGPT, which ostensibly uses proprietary technologies developed by Chahal. Nothing about this makes sense to me and it smells like bullshit.

⌥ Permalink

Apple’s Human Interface Guidelines:

[Beginning in iOS 18 and iPadOS 18] People can customize the appearance of their app icons to be light, dark, or tinted. You can create your own variations to ensure that each one looks exactly the way you way you want. See Apple Design Resources for icon templates.

Design your dark and tinted icons to feel at home next to system app icons and widgets. You can preserve the color palette of your default icon, but be mindful that dark icons are more subdued, and tinted icons are even more so. A great app icon is visible, legible, and recognizable, even with a different tint and background.

Louie Mantia:

Apple’s announcement of “dark mode” icons has me thinking about how I would approach adapting “light mode” icons for dark mode. I grabbed 12 icons we made at Parakeet for our clients to illustrate some ways of going about it.

I appreciated this deep exploration of different techniques for adapting alternate icon appearances. Obviously, two days into the first preview build of a new operating system is not the best time to adjudicate its updates. But I think it is safe to say a quality app from a developer that cares about design will want to supply a specific dark mode icon instead of relying upon the system-generated one. Any icon with more detail than a glyph on a background will benefit.

Also, now that there are two distinct appearances, I also think it would be great if icons which are very dark also had lighter alternates, where appropriate.

⌥ Permalink