All you need to know about this story is that it took journalists a full week to realise this.
Essential tweeted on June 28 that they were “working hard to make sure each product meets our quality standards”, which sounds like a PR-friendly way of saying “this product is delayed for an indeterminate amount of time”. They’re still saying that it will be out “this summer”, which gives them until mid-September.
Some asshole switched Justin Williams’ cell number to a different SIM card and used that to bypass the two-factor authentication for his PayPal account:
I have spent the morning trying to evaluate my security practices and there’s not much I can think about that I’d do otherwise. Twitter tells me I shouldn’t use SMS-based 2 factor authentication and should use app-based 2 factor instead. I agree! The problem is that some sites like PayPal don’t offer the better security. The alternative is to just go back to single factor, which I am not so sure is the best solution either.
Williams’ security setup is similar to mine: unique passwords generated by a password manager, two-factor authentication switched on everywhere I can, encrypted everything — the usual. But all these barriers seem like they’re simply a minor inconvenience to someone who is intent on breaching my accounts.
Williams:
I don’t even place blame on PayPal for this directly. The fault lies with the AT&T call center representative who let someone manipulate my account without knowing my passcode.
The security questions and secondary authentication mechanisms that users set should prevent anyone from accessing the account without a correct answer, including customer service representatives; a policy like that, however, will likely get pushback from anyone not sufficiently technically-inclined. It’s hard to balance customer service with security, but changes to actual service functionality — cancelling an account, changing the SIM card, updating the address, and so on — should always require a greater level of authentication or be done in person.
Yesterday, I linked to Lauren Goode’s review of the Amazon Echo Look which, among other things, suggested that she buy a blue blouse similar to the blue blouse she already owns.
Well, Rob Marquardt bought a kitchen faucet a year ago from Amazon and they simply won’t let him forget about it. How many faucets does Amazon think one person needs in their kitchen? Is it two? Is it six? Nobody is quite certain. But I don’t think I’ll be letting the Echo Look pick my clothes in the morning, or do my shopping for me.
Lauren Goode tried Amazon’s outfit-picking robot for the Verge, and it didn’t exactly thrill her:
I’m finding as I get older, however, that what I’m wearing is less about what’s cool right now right this minute and more about practicality. Is this item appropriate for a funeral? Is this too casual for an interview, or too precious for a casual coffee? Am I going to be freezing at a friend’s wedding if I wear this? If the answer is yes: why are you not recommending I buy a jacket or shawl for that? Is this something that someone half my age would wear? (Yes, if it’s in the Juniors department.) I’m looking for more context, basically. Amazon, perhaps more than any e-commerce company, has the ability to do this. Amazon says this is “just the beginning” with the Echo Look and that it will get smarter over time, but the Echo Look app is just not there yet.
I sometimes forget to check the weather before getting dressed for the day and end up wearing something grotesquely inappropriate for the conditions. About a week ago, I wore a light sweater because I stepped out on my balcony before work and it was a bit chilly. It ended up being nearly 30°C, which is only sweater weather if you spend a lot of time on the Sun’s anvil.
That’s the kind of thing I feel the Echo Look should be best at doing, but it doesn’t sound like those kinds of recommendations are necessarily reliable.
It seems to be a fairly confused kind of a device. On the one hand, it can keep track of the outfits you wear daily so that you don’t find yourself wearing the same one to meet with the same clients a week apart, which should be appealing to those more fashion-conscious. On the other hand, if you’re fashion-conscious, you probably wouldn’t place much trust in a robot telling you what to wear, or what to buy:
I wasn’t really expecting spot-on clothing recommendations from Amazon just yet, try as it might to establish itself in the fashion world. But it never recommended shoes or accessories (which I am most likely to buy from Amazon), and it had a tendency to suggest I shop for other items in a similar color pattern (if I already have a blue blouse I don’t need another blue blouse). It also once suggested I might be interested in a similar top from the Junior’s department even though I haven’t shopped in that section of a store in a very long time.
“I see you bought a vacuum cleaner. Do youuu… want another one?” — Amazon
I rag on Siri a lot, but Amazon almost certainly has the world’s largest database of shopping trends. Surely they could do better than suggesting stuff that’s identical to what you already own or just bought. If their AI can’t get that right, why would you trust it to dress you every day?
At the moment, Apple maintains tight control over ad delivery in its popular news app, and publishers say they are not generating much revenue there.
Publishers can set up ad campaigns to run in their Apple News articles, with all types of ad formats including standard banner ads and videos. “It just takes a lot of additional effort,” said one top publishing executive, speaking on condition of anonymity.
To fix that and keep media partners happy, Apple plans to allow publishers to use the ad tech they already employ on their sites, such as Google’s DoubleClick for Publishers, to deliver ads into Apple News.
The entire reason I — and others — use Apple News is because it sucks a lot less to read articles in there than it does on the web.
Publishers need to find ways to do ads that don’t interrupt or delay the reading experience. I don’t know why this is so hard for them to understand.
The short answer is that the data tells them otherwise. Enough readers apparently tolerate really crappy ads that move text all over the place to play a thirty second video ad for Frosted Flakes — or, at least, they’re just effective enough to pay for the users who click away and those that run ad blockers.
As long as publishers don’t control their own ads, bad ads will persist. But building the infrastructure for an online advertising department is expensive, especially when compared to copying and pasting one of Google’s JavaScript snippets, and only very major publications can even attempt to do so — the Economist being one example.
re: Apple News ad changes, I have to think (and have it on good authority) that without those changes, publishers will leave
So yes, it “junks” up the news experience, but publishers (and I mean big ones) are threatening to leave otherwise.
Apple News is entirely dependent on retaining big publishers; without them, the app collapses. Adding third-party advertising support ought to make publishers happy, but it’s probably going to suck for readers. So what can Apple do?
Sloane:
There also are plans to enable micropayment options so people can access articles for cents at a time, according to another Apple publishing partner.
That’s one way, but I’m not convinced it will work. If people are given the option of paying a single cent upfront for every article they read, I doubt they’ll take that option when an apparently free version exists on the web — even though it might ultimately cost them twenty or thirty times as much.
In a game largely sanctioned by TV-ratings firm Nielsen, television networks try to hide their shows’ poor performances on any given night by forgetting how to spell.
That explains the appearance of “NBC Nitely News,” which apparently aired on the Friday of Memorial Day weekend this year, when a lot of people were away from their TVs. The retitling of “NBC Nightly News” fooled Nielsen’s automated system, which listed “Nitely” as a separate show.
Hiding the May 26 program from Nielsen dramatically improved the show’s average viewership that week. Instead of falling further behind first-place rival “ABC World News Tonight,” NBC news narrowed the gap.
According to Flint, this is a not-uncommon practice for broadcast networks because higher average viewership numbers mean a higher commanding price for advertising.
A more recent and less fictitious example is electronic logging devices on trucks. These are intended to limit the hours people drive, but what do you do if you’re caught ten miles from a motel?
The device logs only once a minute, so if you accelerate to 45 mph, and then make sure to slow down under the 10 mph threshold right at the minute mark, you can go as far as you want.
So we have these tired truckers staring at their phones, bunny-hopping down the freeway late at night.
Of course there’s an obvious technical countermeasure. You can start measuring once a second.
Notice what you’re doing, though. Now you’re in an adversarial arms race with another human being that has nothing to do with measurement. It’s become an issue of control, agency and power.
You thought observing the driver’s behavior would get you closer to reality, but instead you’ve put another layer between you and what’s really going on.
If they wanted to, Nielsen could fix this problem with more data. They could do fuzzy matches for similarly-named programs and manually verify viewership numbers for each show. But that’s just increasing the number of steps networks have to take in order to inflate their viewership averages — instead of “Nitely News”, it could become “Lester Holt’s Hour of Power”. Every time Nielsen makes an adjustment, major networks would simply adjust.
I’m becoming increasingly convinced that making adjustments to products based purely on analytics data is a futile exercise, and can encourage obviously obtuse behaviours:
NBC in 2015 persuaded almost a dozen of its local TV station affiliates to rerun “Nightly News” after 2 a.m. At the time, NBC said, it was focused “on ways to reach our audience when and how they want to be reached.”
A rival network thought otherwise and alerted NBC advertisers to the practice. After learning of the stunt, many advertisers cried foul. They told NBC whoever was watching the newscast at that hour wasn’t the kind of consumer they wanted to reach. NBC said it quickly discontinued the practice.
You’ve seen similar practices to this on the web, only worse and far more extreme. Remember the era of paginated articles, where you’d get halfway through and have to click through to view the second half? Those were all the rage for two reasons: first, an increase in ad impressions; second, an increase in page views. The latter is part of a pretty typical SEO trick, since Google reportedly boosts rankings for websites that see more page views in a single session. However, this creates a terrible experience for readers. And every time Google makes an adjustment to the way they rank websites, a bunch of people scramble to try to figure out how to game the data for better rankings.
None of this actually helps people, though. Collecting a bunch of user data and blindly following it doesn’t always help make a better product — in fact, it sometimes produces a worse product — and it’s a privacy nightmare.
I get that Intel Inside is one of the most successful marketing campaigns in business history. It’s just that after 36 years, that logo starts to feel more like a pollutant than an advertising device.
Thankfully, Macs have remained 100% free of Intel branding since Apple adopted its processors way back in 2006.
We have Steve Jobs’s sensibilities to thank for this. But how it all happened is a fun little story.
Back in August 2007, about a year after Apple began shipping Intel Macs,1 they held an event at their on-campus Town Hall theatre where they launched the first aluminum iMac, iLife ’08, and iWork ’08. After the event, they held a less-formal question-and-answer session between Steve Jobs, Tim Cook, Phil Schiller, and the journalists in the audience. Bob Keefe of Cox Newspapers asked:
Can you say why you all are not participating in the Intel Inside program, putting the stickers on your new or previous Macs?
Jobs’ reply is now pretty famous:
Uh. What can I say? We like our own stickers better.
He provided cogent explanation of why the branding isn’t necessary, and Schiller jumped in to point out that all the promotional deals that manufacturers have made actually make the products worse for users.
Keefe’s question unfortunately prompted a rash of ridicule. Jason Snell, Macworld (then at Macuser):
Yes, access to Jobs is limited. So I can see why a reporter like Keefe would use the opportunity to ask Jobs a question and get a quote for a story he was working on. It’s not something I think I would’ve done, because to me it’s a selfish act that makes everyone in the room subservient to one writer’s deadline and story idea. […]
But I can’t condemn Keefe for asking the question. I wouldn’t have asked it, and it was a bit moldy and off topic, but damned if its end result wasn’t a great distillation of Apple’s product philosophy.
Segall, again, on the effects of the Intel Macs:
Today, even though some speculate that Apple will switch to ARM processors, one cannot diminish the importance of Steve’s switch to Intel in 2006.
His decision instantly demolished the argument that PCs had a built-in advantage over Macs.
With processor parity, Apple could focus 100% on the things that set Macs apart on a more human level: software, design, quality and simplicity.
If Apple were to switch to ARM processors in the Mac — and, I think, that’s a very big “if” — it would no longer be possible to directly compare specific Mac models against their Windows counterparts, if that was all a buyer may be interested in. But that could work to Apple’s distinct advantage; for the last several years, they’ve been emphasizing things that work better on the Mac because of the hardware and software integration. A custom processor seems like it would fall into that line of thought.
At this time, Apple was also in the middle of creating a fork of Mac OS X that would run on low-performance ARM processors in the iPhone. Wild, right? ↩︎
Here’s the bottom line with all this: password strength meters which simply run JavaScript in the client and apply basic mathematics are woefully inadequate. Likewise, websites applying similar maths to enforce “strong” passwords in no way guarantee that actual strong passwords will be chosen. All these calculators neglect the human element of passwords and that’s an enormously important part of the picture.
I know blog posts on passwords aren’t super dynamic and fun, but this is a great piece to show friends and family. Password cracking software has adapted to work with the XKCD-style multi-word passphrase format, so pure length isn’t the answer any more; secure passwords are long, complex, and unique. That makes those passwords very hard to remember, but products like 1Password and features like Touch ID are slowly making laboriously typing passwords a relic of the past.
Have you ever watched an event unfold that is so embarrassing for those involved that you get deeply embarrassed? I’ve tried watching more episodes of “Planet of the Apps”, and I’m finding it hard to see the show as anything other than a cynical, merchandise-driven, and tasteless attempt at original programming. The first time that I watched the premiere episode, I was under the impression that it just wasn’t the show for me; after re-watching it, though, I don’t think it’s just me.
A huge, groundbreaking study from Cracked Labs shows the scale of big data collection in nearly every aspect of daily life. Wolfie Christl:
One major reason that corporate tracking and profiling has become so pervasive lies in the fact that nearly all websites, mobile app providers, and many device vendors actively share behavioral data with other companies.
A few years ago most websites began embedding tracking services that transmit user data to third parties into their websites. Some of these services provide visible functionality to users. When a website shows, for example, a Facebook like button or an embedded YouTube video, user data is transmitted to Facebook or Google. Many other services related to online advertising remain hidden, though, and largely serve only one purpose, namely to collect user data. It is widely unknown exactly which kinds of user data digital publishers share and how third parties use this data. At least part of these tracking activities can be examined by everybody; by installing the browser extension Lightbeam, for example, one can visualize the hidden network third-party trackers.
A recent study examined one million different websites and found more than 80,000 third-party services that receive data about the visitors of these websites. Around 120 of these tracking services were found on more than 10,000 websites, and six companies monitor users on more than 100,000 websites, including Google, Facebook, Twitter, and Oracle’s BlueKai. A study on 200,000 users from Germany visiting 21 million web pages showed that third-party trackers were present on 95% of the pages visited. Similarly, most mobile apps share information on their users with other companies. A 2015 study of popular apps in Australia, Brazil, Germany, and the US found that between 85% and 95% of free apps and even 60% of paid apps connect to third parties that collect personal data.
Consider that there are thousands of these companies. Consider, too, that many of them share information between themselves, and that you won’t necessarily know when you’re providing information to any of these companies because, oftentimes, the privacy policy on different websites won’t always disclose which trackers and advertising scripts they are using at any given time. Finally, consider that there’s virtually no way to opt out of this kind of mass data collection, because it’s largely beyond your control.
The ICO has ruled the Royal Free NHS Foundation Trust failed to comply with the Data Protection Act when it provided patient details to Google DeepMind.
The Trust provided personal data of around 1.6 million patients as part of a trial to test an alert, diagnosis and detection system for acute kidney injury.
But an ICO investigation found several shortcomings in how the data was handled, including that patients were not adequately informed that their data would be used as part of the test.
Elizabeth Denham, Information Commissioner, weighs in on the findings on the ICO blog:
But what stood out to me on looking through the results of the investigation is that the shortcomings we found were avoidable. The price of innovation didn’t need to be the erosion of legally ensured fundamental privacy rights. I’ve every confidence the Trust can comply with the changes we’ve asked for and still continue its valuable work. This will also be true for the wider NHS as deployments of innovative technologies are considered.
Denham makes this point specifically regarding health information, but it should be applied to all kinds of data, particularly when multiple streams of data are collected and connected. It may be harder to innovate in a big data way without collecting information on a big data scale — much like how it may be more difficult to investigate crimes when everyone’s phone isn’t being wiretapped at all times. But we should ensure that we are vigilant about reducing the erosion of our privacy protections in both the public and private sectors, even if that means waiting longer for innovative new technologies.
Timothy W. Martin, Wall Street Journal (work around the paywall via Twitter, or read the CNet summary):
Samsung Electronics Co. is developing a voice-activated speaker powered by its digital assistant Bixby, according to people familiar with the matter, joining a proliferating arms race in tabletop devices.
[…]
One variable slowing Samsung’s progress is the postponed U.S. launch of the English-language version of Bixby, which would operate the speaker much as Alexa operates Amazon’s Echo device, according to people familiar with the matter. Bixby’s voice features were a key selling point for the world’s largest smartphone maker’s latest flagship model, the Galaxy S8, introduced April 21.
The company vowed the English-language Bixby would be ready by spring, but now Samsung internally believes those voice features are unlikely before the second half of July, one of the people said. The Galaxy S8 is Samsung’s first device to feature Bixby.
Some followup on Katie Benner’s brutal New York Times article about widespread sexual harassment from venture capitalists when female founders attempt to raise funding for their companies. And this followup is actually a piece from back in 2014, when Jeff Bercovici of Forbespublished an account from a female founder who requested anonymity:
After some small talk, he sat next to me on the couch and commented that I looked stressed. He put down his glass of wine and reached to massage my shoulders. As he slid his hands further, I made a nervous joke, quickly trying to shift my weight away from him. I leaned into the corner of the couch and crossed my legs, attempting to put an obstacle in his way. Undeterred, he continued to reach for me.
I got up and walked across the room. Trying to keep it light, I comment on how often men made inappropriate advances towards me during business meetings, hoping he’d get the message.
“Yeah, that’s tough. You can’t really say anything because it’s one tight knit community,” he said, probably thinking he sounded sympathetic.
If I chose to complain—or make a scene and wake up his children who slept nearby—it would be another case of he said / she said, like the countless harassment cases that have made headlines in the tech community but have not done much to change status quo. Given his standing in the community and his personal wealth, who would believe my claims as anything more than those of a spurned little girl upset that a VC had chosen not to invest in her company?
Anyone who claims that Silicon Valley is a meritocracy is talking out of their ass. If male founders were subject to the same pervasive sexual harassment as women face, reforms would have happened a long time ago.
Yet, despite high-profileresignations lately from men implicated in these reports, I’m not really sure any meaningful reforms are currently taking place. Top venture capital companies are overwhelmingly run by men, and their power allows a festering quiet environment where women are propositioned to exchange sex for funding. The relative dearth female venture capital partners is, quite possibly, a symptom as well for a much bigger and more pervasive problem — women simply aren’t respected or treated as seriously as their male counterparts. That’s something that needs to be fixed everywhere, but for an industry that encourages reinventing the world, it’s especially problematic.
One female entrepreneur recounted how she had been propositioned by a Silicon Valley venture capitalist while seeking a job with him, which she did not land after rebuffing him. Another showed the increasingly suggestive messages she had received from a start-up investor. And one chief executive described how she had faced numerous sexist comments from an investor while raising money for her online community website.
What happened afterward was often just as disturbing, the women told The New York Times. Many times, the investors’ firms and colleagues ignored or played down what had happened when the situations were brought to their attention. Saying anything, the women were warned, might lead to ostracism.
Now some of these female entrepreneurs have decided to take that risk. More than two dozen women in the technology start-up industry spoke to The Times in recent days about being sexually harassed. Ten of them named the investors involved, often providing corroborating messages and emails, and pointed to high-profile venture capitalists such as Chris Sacca of Lowercase Capital and Dave McClure of 500 Startups, who did not dispute the accounts.
Journalists often try to get two unaffiliated sources to corroborate claims like these; Benner got over two dozen women reporting their own experiences, many of them attributed to them. Given the culture of Silicon Valley that has been reported in countless articles, including Benner’s piece, that’s a brave move.
This story is well-reported and shocking but, alas, unsurprising. The day before the Times published their piece — and, presumably, around the time that Benner contacted Chris Sacca for a response — he published a thing on Medium to preempt some of the criticism he would inevitably face. It sounds like an acknowledgement of his mistakes but, just a day after Benner’s piece was published, Susan J. Fowler — yes, that Susan J. Fowler — said on Twitter that Sacca messaged her to try to get her to stop tweeting about him. Gross.
Update: Matthew Panzarino and Jonathan Shieber of TechCrunch are reporting that Dave McClure has resigned.
This is, naturally, the tenth anniversary of the iPhone Photography Awards, and the winning photographs this year are — as you’d expect — stunning. Be sure you don’t miss the winners and honourable mentions in the sub-categories like news and events, nature, and landscape.
Even with some digging, I know very little about the iPhone Photography Awards, largely because they don’t explain a lot about themselves. There seems to be no published documentation about who the judges are or what they’re looking for, and — combined with its entry fees — I don’t know how respectable it is as a talent-based contest. It may very well be completely legitimate, but they don’t provide a lot of information, which is why I’m a little hesitant to link to it.
But it is the longest-running iPhone-specific photography contest around, as far as I can tell, and that makes for a rare opportunity to compare some of the best iPhone photography of this year against some of the best shot with the original iPhone. That camera may have been nothing to shout about, but it was paired — eventually — with the ability to share and edit those photos directly on the device. That changed everything about what we can do with the camera we always have with us.
Aside from image quality, I think the most noticeable change in recent years is the variety of locations that have been featured amongst the winners. The original iPhone was only sold in seven countries which, even when travel is taken into consideration, severely limited its ability to capture the world. But its availability quickly ramped up with successive generations, and you can now find photos shot with an iPhone pretty much everywhere.
JAY-Z’s thirteenth studio album, 4:44, drops tonight at midnight, and it’s an exclusive to TIDAL subscribers and Sprint customers. However, fans will have to sign up for TIDAL before midnight in order to hear the album. After midnight, the album will only be available to Sprint customers, a source close to TIDAL confirmed to The FADER.
I get the motivation for artist to make their new release exclusive to a single platform for a period. Aside from limitations arising from deliberate artistic decisions, they’re a way for a musician to make a little extra money from the deal in a climate of decreasing album sales and low streaming royalties. They also create an opportunity for the platform to get a bunch of new subscribers — the only time anyone talks about Tidal is when they have an exclusive new release.
I don’t get the strategy around this release, though. Why set an arbitrary deadline for subscriptions before the album drops? I doubt anyone is going to switch mobile carriers to get this record — even though it’s probably Jay-Z’s best work since ‘The Black Album’ — and it isn’t like people don’t have options if they missed the signup window. What’s the goal here?
In the last four years, Jay Z has released two albums, both through non-traditional means. While most artists would sign with a record label to release their album, the most successful hip-hop artist of all time, a man worth $810 million, has made deals with a smartphone maker and carrier to cover distribution and promotion. The total value of the agreements, which include not just Jay Z’s music, but his businesses is a whopping $220 million.
No matter how good I think this record is — and I do genuinely think it’s one of my favourite Jay-Z records — it will always be a little undermined and sullied by how much of a corporate play it is.
Canadian courts can force internet search leader Google to remove results worldwide, the country’s top court ruled on Wednesday, drawing criticism from civil liberties groups arguing such a move sets a precedent for censorship on the internet.
In its 7-2 decision, Canada’s Supreme Court found that a court in the country can grant an injunction preventing conduct anywhere in the world when it is necessary to ensure the injunction’s effectiveness.
“The internet has no borders – its natural habitat is global,” the Supreme Court wrote in its judgment. “The only way to ensure that the interlocutory injunction attained its objective was to have it apply where Google operates – globally.”
This seems like a grave overreach of a single court’s powers with a dangerous precedent. If a less-friendly country did anything like this, it would immediately be seen as a global threat.
I recognize that I’m posting this in the wake of defending the E.U.’s decision to fine Google €2.4 billion for anticompetitive behaviour — a decision that will likely have global consequences. But that was a single finding around a single case, and it doesn’t outright state that Google must change their global practices to comply.
Earlier this week, I wrote about the chilling effect money is having on the freedom of the press. As I was in the middle of writing that post, Kate Wagner of McMansion Hell announced that she had received a cease and desist letter from one of Zillow’s attorneys.
The EFF stepped into assist Wagner and, earlier today, sent their legal response to Zillow (PDF), ending in this truly magnificent paragraph:
Our client intends to relaunch McMansionHell.com shortly and will not be deleting any posts. In the interests of compromise, and because Wagner no longer wishes to use Zillow’s website, she will no longer source photographs from Zillow for her blog. Given this, we sincerely hope Zillow will have the good sense not to trouble a court of law with this matter. However, if Zillow does intend to file suit, please be assured that our client is prepared to defend herself against your spurious claims.
Well, Zillow saw the error of their ways — and, probably, how much of a massive PR blunder they made with this — and won’t be suing Wagner:
We have decided not to pursue any legal action against Kate Wagner and McMansion Hell. We’ve had a lot of conversations about this, including with attorneys from the EFF, whose advocacy and work we respect. EFF has stated that McMansion Hell won’t use photos from Zillow moving forward.
It was never our intent for McMansion Hell to shut down, or for this to appear as an attack on Kate’s freedom of expression. We acted out of an abundance of caution to protect our partners – the agents and brokers who entrust us to display photos of their clients’ homes.
It may not have been their intention, but a letter from a lawyer can be powerful enough to make anyone stop what they’re doing — even it’s completely legal. This response sucks, though: Zillow could have at least apologized for being so deeply wrong.
Some followup on the blue status bar indicating an app using location services, which will be part of iOS 11. Matthew Panzarino:
Thanks I guess. But this is hurting the user more than it’s helping. It’s Apple pointing fingers on battery life. The Politibar.
I know this came from some bad behavior on behalf of location apps but it puts the onus on the wrong party.
I get where Panzarino is coming from here, but I disagree that this is mis-assigning blame. Some apps should reasonably be granted background access to a user’s location, and the user should be clearly aware of when that’s the case. This status bar isn’t a problem for those apps; it is a problem for apps when they are sneaky about using location services in the background. I don’t see how that can possibly hurt users.
Also, if this is shaming apps that are eating up battery life by displaying which are using location services in the background, so be it: shaming works.
A reasonable argument could be made that Apple should apply more stringent screening to apps that use location services. Even so, they may not catch every instance of nefarious behaviour; this status bar ought to do that. A reasonable argument could be made that the iPhone’s battery should be bigger, but Apple has long tried to balance battery life expectations with thinness and lightness. I’d love to get much longer battery life from my phone, but I also don’t want my phone to have the added thickness and weight of the iPhone battery case.
Your priorities may differ, but I think it’s very helpful for users to tell them when apps may be consuming more of their battery life — particularly when they’re using location services in the background and the user isn’t fully aware of that.
A bit of follow-up from yesterday’s announcement by the European Union that they are fining Alphabet €2.4 billion for abusing its dominance in search. Ben Thompson:
The implications of saying this is monopolistic behavior goes to the very heart of Google’s business model: should Google not be allowed to sell advertising against search results for fear that it is ruining competition? Take travel sites: why shouldn’t Priceline sue Google for featuring ads for hotel booking sites above its own results? Why should Google be able to make any money at all?
This is the aspect of the European Commission’s decision that I have the biggest problem with. I agree that Google has a monopoly in search, but as the Commission itself notes that is not a crime; the reality of this ruling, though, is that making any money off that monopoly apparently is. And, by extension, those that blindly support this decision are agreeing that products that succeed by being better for users ought not be able to make money.
I think Thompson’s discomfort with the E.U.’s decision comes from an earnest place, but he drastically oversimplifies the rationale for their punishment. He lays it out beautifully: more people use Google because it’s simply better, and it isn’t like users can’t choose a different search engine — they just don’t.
But when Thompson says
Google has a monopoly in search, but as the Commission itself notes that is not a crime; the reality of this ruling, though, is that making any money off that monopoly apparently is
that isn’t what the Commission is saying at all, and it’s a total oversimplification of what they actually concluded.
Google has systematically given prominent placement to its own comparison shopping service: Google’s comparison shopping results are displayed, in a rich format, at the top of the search results, or sometimes in a reserved space on the right-hand side. They are placed above the results that Google’s generic search algorithms consider most relevant.
[…]
On the other hand, rival comparison shopping services are subject to Google’s generic search algorithms, including demotions (which lower a search entry’s rank in Google’s search results). Comparison shopping services in the EEA are prone to be demoted by at least two different algorithms, which were first applied in 2004 and 2011, respectively.
The Commission did not find either of these things objectionable on their own; they found them objectionable together, in combination with Google‘s dominance in web search. Even though Google Product Search is a glorified ad unit, it has many of the features of a product comparison website. Contra Thompson, though, my interpretation is that it doesn’t make searching for products better for users primarily because it’s an ad unit — and Google decided to bury the rankings of competing product search sites, where users might find far better deals from companies that don’t advertise with Google.
The Commission’s decision seems very nuanced, and that is potentially a problem when similar cases will be decided in the future. But that nuance might also be relieving to those who, like Thompson, worry that this case may have effects that reach far beyond the Commission’s intentions. In the future, similar cases ought to need Google’s combination of dominance in general web indexing and advertising, their encroachment into different but related markets, and their ability to reduce the discoverability of competitors.
In January, the Guardian published an alarming report from Manisha Ganguly alleging a serious encryption vulnerability in WhatsApp:
A design feature that could potentially allow some encrypted messages to reach unintended recipients is present within the WhatsApp messaging service.
Facebook-owned WhatsApp, which has about one billion users, has not made it widely known that there is an aspect of WhatsApp that results in some messages being re-encrypted and resent automatically, without first giving the sender an opportunity to verify the recipient.
Campaigners have expressed concern about how this aspect of WhatsApp could potentially be exploited to conduct surveillance.
In the first version of this article, the headline said that this was a WhatsApp “backdoor”, but Zeynep Tufekci quickly pointed out how misleading that description was in an open letter to the Guardian signed by dozens of computer security professionals:
WhatsApp’s behavior increases reliability for the user. This is a real concern, as ordinary people consistently switch away from unreliable but secure apps to more reliable and insecure apps. The imagined attack on WhatsApp, on which your reporting is based, is a remote scenario requiring an adversary capable of many difficult feats. Even then, the threat would involve only those few undelivered messages, if they exist at all, between the time the recipient changes their phone and the user receives a warning.
In the full scheme of things, this is a small and unlikely threat. The preconditions of the attack (which is not a backdoor) would in practice mean that the attacker had many other ways of getting at their target.
Despite this cogent explanation, Tufekci and the co-signers of this letter barely heard from the Guardian. They amended the problematic piece with a link to the letter and removed the word “backdoor” from their reporting, but did not retract the story. The Guardian’s ombudsman was ostensibly on a very long vacation because, try as the letter signers might, the newspaper simply wouldn’t acknowledge how deeply flawed their reporting was.
Today, however, an update in the opinion section of the paper from reader’s editor Paul Chadwick:
In a detailed review I found that misinterpretations, mistakes and misunderstandings happened at several stages of the reporting and editing process. Cumulatively they produced an article that overstated its case.
The Guardian ought to have responded more effectively to the strong criticism the article generated from well-credentialled experts in the arcane field of developing and adapting end-to-end encryption for a large-scale messaging service.
This is about the most honest and straightforward admission that the piece from January — six months ago! — should never have been published. However:
This made a relatively small, expert, vocal and persistent audience very angry.
This sentence deeply undermines the credentials and the rationale of the responsible professionals who brought this issue forward. By framing them as “small” and “vocal”, it makes them sound unreasonably concerned. Nothing could be further from the truth, as Chadwick states in the very next sentence:
Guardian editors did not react to an open letter co-signed by 72 experts in a way commensurate with the combined stature of the critics and the huge number of people potentially affected by the story.
Chadwick also refuses to suggest a retraction of the story, despite effectively stating that none of the concerns presented in the original article are valid — and acknowledging the damage that the article caused in Turkey, in particular. I agree with him stating that the article should not be deleted entirely, but I think that the message added to the top of the original article is far too soft. It should be in a big-ass yellow box, and it should explicitly state that the Guardian found the concerns that they raised to be misleading and damaging. Anything less is a tacit admission that they still stand by their story, even after implying today that they don’t.
Many apps prior to today only allowed users to pick between “Always” and “Never,” when it came to sharing their location data. Obviously, by selecting “Never,” certain apps that needed location to work would simply be unusable. With iOS 11, the third option – “While Using the App” – can be selected for any app, even if the developer didn’t make it available before.
The blue bar goes a step further to actually warn users when apps set to “Always” are actively tracking location.
Remember when Uber said that they would start tracking users’ location for up to five minutes after their ride had ended? Word on the street is that changes like the blue status bar and forcing an “Only While Using App” option when an app requests location access were directly inspired by that incident. Users should have total control over when an app is allowed access to their location, and they should know exactly when that information is being used.
The European Commission ended its seven-year competition investigation on Tuesday, concluding that the search group had abused its near-monopoly in online search to “give illegal advantage” to its own shopping service.
Margrethe Vestager, the EU’s competition commissioner, said Google “denied other companies the chance to compete” and left consumers without “genuine choice”.
“Google’s strategy for its comparison shopping service wasn’t just about attracting customers by making its product better than those of its rivals. Instead, Google abused its market dominance as a search engine by promoting its own comparison shopping service in its search results and demoting those of competitors. What Google has done is illegal under EU antitrust rules.”
The fine levied against Google — technically, I think, against Alphabet — is record-breaking for the European Union. Rani Molla, Recode:
How big? Well, it’s more than twice as big as the next biggest fine against Intel in 2009. Google, one of the world’s most valuable companies, posted $5.4 billion in profit on $24.7 billion in revenue in the first quarter of this year.
Critics have accused Vestager, the competition commissioner and antitrust chief, of unfairly singling out U.S. companies for anti-trust probes. A year ago, the European Commission ordered Apple to repay $14.5 billion in back taxes, plus interest, to the European Union after spending years funneling its profits through an Irish subsidiary in an attempt to lower its tax bill. In May, Vestager fined Facebook 110 million euros for allegedly providing incorrect or misleading information during the commissions’s probe into its acquisition of WhatsApp. That same month, Amazon reached an agreement with Vestager to conclude her commission’s anti-trust investigation into the e-commerce giant’s e-book contracts.
I think reactions painting this as anti-American or anti-Google are missing the point of the E.U.’s decision. This is about reinforcing that companies with monopoly-like market share ought to behave more cautiously than those without. Google may have the most popular search engine on the planet for a justifiable reason, but it’s not a punishment to suggest that that kind of power ought to be treated with an elevated level of care.
Speaking of rich assholes using the legal system to try to silence critics, Mike Masnick of Techdirt assessed the lawsuit filed by Bob Murray — a rich asshole — against John Oliver, HBO, and Last Week Tonight:
Anyway, when we wrote about the case yesterday, we noted that we had to do it based solely on the reporting of the Daily Beast, as they broke the story and — for reasons I still don’t understand — refused to post the actual complaint. However, now we’ve obtained the full complaint and can dig in on how incredibly silly it is. It appears to be a quintessential SLAPP lawsuit, where the entire point is not to bring a legitimate cause of action, but to chill free speech that criticizes Bob Murray. As Ken “Popehat” White notes, it’s “lawsuit as theater” and “an unapologetic political screed” — that is, apparently designed to rile people up, rather than to present a reasonable legal argument.
Luckily, Oliver has the backing of HBO’s legal department. But imagine if an independent newspaper or website published a similar story: they likely would not be able to afford a basic defence of the truth. This isn’t even about the First Amendment — it’s about whether the press can continue to publish completely factual items critical of wealthy people.
It looks like the embargo lifted for reviews of the Amazon Echo Show. Overall, it sounds like another competent front-end for Alexa, but see if you can spot a trend.
It even has a camera for video calling! Though it currently only works with other Alexa-enabled devices, including Echo and the Alexa app on your phone. It’s a neat concept, and can be fun to use. When I was testing the Echo Show at the office I shouted “call home” and the Echo in my apartment immediately startled my dog and my roommate, and being able to simply say “call mom” and have your mom’s face appear on screen feels like some Star Trek futurist wonder. But it also means that now Amazon isn’t just listening to everything you do, it’s also watching everything you do, and that can feel… creepy. Particularly if you keep the Echo Show in your bedroom.
It has this wild new feature called Drop In. Drop In lets you give people permission to automatically connect with your device. Here’s how it works. Let’s say my father has activated Drop In for me on his Echo Show. All I have to do is say, ‘Alexa, drop in on Dad.’ It then turns on the microphone and camera on my father’s device and starts broadcasting that to me. For the several seconds of the call, my father’s video screen would appear fogged over. But then there he’ll be. And to be clear: This happens even if he doesn’t answer. Unless he declines the call, audibly or by tapping on the screen, it goes through. It just starts. Hello, you look nice today.
That brings us right to Alexa’s new “Drop In” feature. Enable it, and you’ll be able to authorize specific contacts to peep in on your camera feed regardless of whether or not you actually pick up the call. When they do, they’ll see a blurred feed for the first 10 seconds, during which you have the option of disabling the camera or rejecting the call outright. You’ll also see a notification on screen whenever someone is actively viewing your feed. The feature pairs with a motion sensor in the Echo Show itself that — again, when authorized — lets your contacts know when it senses you nearby. Seems a bit creepy, but it also sounds like a pretty sensible way of keeping an eye on an aging relative.
Yeah, Drop In does seem really creepy. It may be disabled by default and blur the video feed for the first ten seconds, but it doesn’t do the equivalent of blurring for the audio. And wasn’t it just recently that people were putting tape over their the cameras on their computers just in case?
And if “Drop In” control is implemented at server side, that means even if it’s configured off, it can be turned on remotely.
I’m sure there will be plenty of people fawning over this thing, and I kind of get why — if you’re in the Amazon echosystem ecosystem and you like what Alexa can do for you, this gives you all of that plus stuff that works better on a screen. But I still see it as more invasive than helpful, and it looks like one of those digital picture frames that you could pick up at Circuit City ca. 2007. I’ll pass.