Federico Viticci on Shortcuts in iOS 12 

Federico Viticci:

While it’s still too early to comment on the long-term impact of Shortcuts, I can at least attempt to understand the potential of this new technology. In this article, I’ll try to explain the differences between Siri shortcuts and the Shortcuts app, as well as answering some common questions about how much Shortcuts borrows from the original Workflow app.

Apple has packed a lot of new features under that one word, shortcuts, in iOS 12.

South Korean Carrier to Sell ‘New’ iPhone 3GS Units 

Gordon Gottsegen, reporting for CNet:

Even though the iPhone 3GS will be sold as “brand new,” don’t expect it to work the same as a recently released iPhone. The iPhone 3GS was discontinued back in 2012, and it only runs iOS 6. As a result, many apps (and even iMessages) won’t work on the phone.

The iPhone predates Lightning cables, too, so you’ll be stuck using an old-school 30-pin connector.

Still, SK Telink is selling the iPhone 3GS for only 44,000 won, which is equivalent to $40, £30 or AU$55. So this Apple blast-from-the-past could be yours for pretty cheap — if you’re in Korea.

On the one hand, the 3GS is crazily outdated. On the other hand: $40!

Google to Fix Precise Location Data Leak in Google Home, Chromecast 

Brian Krebs:

Craig Young, a researcher with security firm Tripwire, said he discovered an authentication weakness that leaks incredibly accurate location information about users of both the smart speaker and home assistant Google Home, and Chromecast, a small electronic device that makes it simple to stream TV shows, movies and games to a digital television or monitor.

Young said the attack works by asking the Google device for a list of nearby wireless networks and then sending that list to Google’s geolocation lookup services.

“An attacker can be completely remote as long as they can get the victim to open a link while connected to the same Wi-Fi or wired network as a Google Chromecast or Home device,” Young told KrebsOnSecurity. “The only real limitation is that the link needs to remain open for about a minute before the attacker has a location. The attack content could be contained within malicious advertisements or even a tweet.”

Young is getting location data accurate to within 10 meters from his exploit. All you have to do to be exposed is open a web page and leave it open for a minute. This is the common sense fear of this whole Internet of Things movement: that these devices we’re putting on our networks aren’t secure, even the ones from big companies like Google.

(I would also argue that it’s wrong that JavaScript running on a web page is able to ping devices on your local network without any sort of prompt granting it such access.)

WhenWorks 

New iOS app and web service that makes it easy for people to book appointments with you. From their blog announcement, on what makes WhenWorks unique:

There are many competitive services in this space. What they all have in common is that they are purely web-based solutions. What makes WhenWorks unique is that it is a mobile app that integrates directly with the Calendar app on your iOS device, is far easier to configure and use, more secure, and always with you when you need it.

WhenWorks supports all of the leading calendar services (iCloud, Google Calendar, Office 365 and Outlook.com) but is particularly well-suited for those who use iCloud, due to its deep integration with the built-in Calendar on iOS.

WhenWorks was founded by John Chaffee, of BusyMac and, back in the day, Now Up-to-Date fame, and he’s put together a really good team. The pricing is outstanding too: 14-day free trial, free-to-use for up to five appointments per month after that, and just $5/month for the pro account with no limits.

It’s a really great app, and setting it up couldn’t be easier. Worth checking it out just to examine the UI and on-boarding process, and if you’re the sort of person who has a busy calendar packed with appointments, you’re nuts if you don’t try it.

How Square Made Its Own iPad Replacement 

Lauren Goode, writing for Wired:

If you know the company Square, it’s probably because you’ve paid in a store using a Square “stand”, a dock that supports a tablet, or you’ve swiped your card through Square Reader, a smartphone dongle that processes payments. These products have a soothing, decidedly Apple-y aesthetic, from the simple dongle to the all-white stand that typically houses an iPad. But since late last year, Square has been quietly selling its own custom-made tablet, the Square Register, a $999, Android-based system. And the company has taken an obsessive approach to designing the product.

There’s a local coffee place I like that has these, and they’re pretty neat. The two-screen design makes sense for a two-person interaction. Also, Square’s Apple Pay support is top-notch — in my experience Square’s Apple Pay readers are more accurate and work faster than the dinguses from their competition.

Skillshare 

My thanks to Skillshare for sponsoring last week’s DF RSS feed. With over 4 million members and more than 20,000 classes, Skillshare is basically Netflix for online learning. Interested in web development or data science? How about UX design or SEO? Mobile photography, filmmaking, creative writing, even coffee brewing? Skillshare truly has it all.

Skillshare’s production values and content quality are so much better than what you typically see on the web. High quality is obviously their first priority. Here’s a personal recommendation: “Logo Design With Aaron Draplin”. Yeah, that Aaron Draplin — cofounder of Field Notes and designer/raconteur extraordinaire. He’s one of my favorite designers in the world, a generous teacher, and fantastically compelling on camera. Get the free demo and watch Draplin’s course. (Draplin has a bunch of great courses on Skillshare already.)

And for this week only, Skillshare is offering the first 1,000 Daring Fireball readers two free months of Skillshare Premium.

How Apple Can Fix 3D Touch 

Eliz Kilic:

It’s been almost 4 years since its first introduction, yet people don’t know/use 3D Touch. Why would they? Even tech-savvy users don’t know which buttons offer 3D touch. Let alone regular users.

What would happen if we decide to make all links same color and style as the regular text? People would not know what to click on right? Why is 3D Touch be any different? We rely on our vision to decide actionability before anything else. If you can’t distinguish 3D Touchable buttons from those that are not, how are you supposed to know you can press on them?

Total agreement from me on this. It’s baffling that there’s no visual indication of what can be 3D touched.

The Talk Show: ‘AirPower, What’s That?’ 

Serenity Caldwell returns to the show for a post-WWDC wrap-up discussion. Topics include iOS 12, Memoji, Siri Shortcuts, Screen Time, Apple Books, MacOS 10.14 Mojave, dark mode, UIKit apps on the Mac, and more.

Brought to you by these outstanding sponsors:

  • Casper: You can be sure of your purchase with Casper’s 100 night risk-free, sleep-on-it trial.
  • Squarespace: Make your next move. Visit squarespace.com/talkshow and enter code talkshow for 10% off your first order.
  • Tres Pontas: Freshly-roasted coffee from a single farm in Brazil, shipped directly to you. Use code THETALKSHOW at checkout and save an extra 10 percent on any subscription.
Oprah, Apple. Apple, Oprah. 

Apple press release:

Apple today announced a unique, multi-year content partnership with Oprah Winfrey, the esteemed producer, actress, talk show host, philanthropist and CEO of OWN.

Together, Winfrey and Apple will create original programs that embrace her incomparable ability to connect with audiences around the world.

Winfrey’s projects will be released as part of a lineup of original content from Apple.

Yet another sign that Apple is dead serious about original content.

On the Sad State of Macintosh Hardware 

Quentin Carnicelli:

At the time of the writing, with the exception of the $5,000 iMac Pro, no Macintosh has been updated at all in the past year. […]

Rather than attempting to wow the world with “innovative” new designs like the failed Mac Pro, Apple could and should simply provide updates and speed bumps to the entire lineup on a much more frequent basis. The much smaller Apple of the mid-2000s managed this with ease. Their current failure to keep the Mac lineup fresh, even as they approach a trillion dollar market cap, is both baffling and frightening to anyone who depends on the platform for their livelihood.

Compare and contrast with the iPhone, which is updated not just annually, but predictably. Post-WWDC, I’ve had a few friends and readers ask whether they should just go ahead and buy a MacBook or MacBook Pro now — knowing they’re old, knowing the keyboards are of questionable reliability — or wait until fall. I have no idea if new MacBooks are coming in the fall though. It certainly seems like they should, but would you really be surprised if we don’t see new MacBooks (and iMacs) until 2019?

I’d really love to see Apple get Mac hardware on a roughly annual schedule, even if most years they’re just speed bumps, like they were a decade ago.

A Brief Moment of Honesty 

Donald Trump, in Singapore, asked whether he believes Kim Jong-un will actually destroy a nuclear site and return American POW remains:

“Honestly, I think he’s going to do these things. I may be wrong, I mean I may stand before you in six months and say, hey, I was wrong — I don’t know that I’ll ever admit that, but I’ll find some kind of an excuse.”

That’s the most honest thing he has said as president.

Not Only Is the Mac Mini Outdated, It’s No Longer Mini 

Jason Snell, writing at Six Colors back in March:

The Mac mini was last updated 1245 days ago, in October of 2014. (And that was a lackluster upgrade.) Taking a cue from my dreams about what a modern Mac mini might be like, I bought a tiny Intel NUC PC and installed macOS on it. My Mac mini was becoming unreliable and I was hoping to experiment with Intel’s hardware in advance of a real Mac mini being released.

This was intended to be a temporary experiment. And, in fact, I hope to replace the NUC with a real Mac mini just as soon as Apple finally releases that all-new Mac mini that’s hopefully percolating inside Cupertino. But in the meantime, I have been running macOS on non-Apple hardware, and it’s been an instructive experience.

Cheaper and faster, but a pain in the ass to keep updated software-wise. All of that is to be expected. But the striking thing to me is just how much smaller the Intel NUC is. It’s only a little bit bigger than an Apple TV. Calling the Mac Mini “mini” is absurd in 2018.

I wrote about this last September, when the Apple TV 4K came out:

Apple TV 4K is tiny compared to a Mac Mini, but judging by Geekbench scores (Mac Mini; iPad Pro, which uses the A10X in the Apple TV) it’s a slightly faster computer than even the maxed-out Mac Mini configuration. Apple TV 4K probably has better GPU performance too. In addition to all the performance problems stemming from the fact that the Mac Mini hasn’t been updated in three years, it’s also inarguable that it’s no longer even “mini”. You could arrange four Apple TV units in a 2 × 2 square and they’d take up the same volume as one Mac Mini.

Apple TV proves that Apple can make an amazing compact puck-sized computer. They just seem to have lost any interest in making one that runs MacOS.

Audio of Mets Pitcher Noah Syndergaard and Manager Terry Collins Getting Ejected From a Game Last Year 

I don’t know why this is only going viral now, because it’s a game from last year, but this is amazingly entertaining. The backstory: in the 2015 playoffs, Dodgers second baseman Chase Utley slid hard into second base and Mets second baseman Ruben Tejada wound up with a broken leg. It was an ugly but legal play and it resulted in MLB changing the rules on how you could slide into bases. This is the first game the Mets played against the Dodgers last year, and pitcher Noah Syndergaard — one of the hardest throwers in the history of baseball — threw a pitch at Utley.

The umps ejected Syndergaard and manager Terry Collins from the game. Umpire crew chief Tom Hallion was wearing a mic. The audio is fantastically compelling and profane. If MLB mic’d every ejection their TV ratings would soar. I’d pay double to MLB for my annual At Bat subscription if I could listen to the audio of ejections.

Update: I keep changing the URL to one that still works, because MLB’s copyright lawyers are trying to put the toothpaste back in the tube with takedown demands.

What’s the Deal With AirPower? 

9to5Mac, back in February:

According to a new report from Macotakara, Apple is on schedule to begin selling AirPower sometime in March through its own retail stores, as well as resellers such as Best Buy.

The report doesn’t offer a specific release date, with the blog’s source only saying that the release will occur sometime next month.

At this point Apple is under three months away from the one-year anniversary of AirPower’s announcement. To be clear, Apple said all along it wouldn’t be shipping until “2018”, but it’s hard not to draw the conclusion that something has gone seriously wrong with this product.

‘Do You Know What Fernet Is? It’s a Terrible Thing.’ 

I laughed my way through this interview with my friend Lê, owner of Hop Sing Laundromat, by Philly Mag’s Victor Fiorillo:

One spirit I cannot stand… is — wait a minute. You’re trying to get me in fucking trouble. I already get enough hate mail. [Another off-the-record-conversation]. OK. OK. One spirit I cannot stand is any stupid thing that is praised by a quote-unquote mixologist. Make sure you put the quote-unquote around that word. They are fucking idiots. Anybody who calls themselves a mixologist is a fucking idiot. And any spirit that a “mixologist” likes to use fucking sucks. Fernet. Fernet. Do you know what Fernet is? It’s a terrible thing. Fuck that shit. These “mixologists” don’t even know what it is. They drink it because it’s cool. Anything that makes people look cool — or that they think makes them look cool — I fucking hate that shit.

Don’t get him started on the Rocky statue, either. I say we all go into Hop Sing for the next few weeks and ask Lê if he has anything with Fernet on the menu.

From the DF Archive: ‘What if the iPad Smart Keyboard Had a Trackpad?’ 

Yours truly, a year ago, making the case for trackpad support on iPad keyboards:

In short, when you’re using the iPad’s on-screen keyboard, you have a crummy (or at the very least sub-par) keyboard for typing but a nice interface for moving the insertion point around. When you’re using the Smart Keyboard (or any other hardware keyboard) you have a decent keyboard for typing but no good way to move the insertion point or select text. Using your finger to touch the screen is imprecise, and, when an iPad is propped up laptop-style, ergonomically undesirable.

Whenever Apple executives are asked about the notion of touchscreen Macs, they argue, correctly in my opinion, that it’s a bad idea because the ergonomics are bad. It just isn’t comfortable (or precise) to reach out with your arm. There are several other good arguments against adding touchscreen support to Macs, but ergonomics are a good one to place at the top of the list.

The thing is, every ergonomic argument against touchscreen MacBooks applies exactly to using an iPad in “laptop mode” with a hardware keyboard. When using a hardware keyboard, it makes sense to keep your hands flat on the desk/table. If Apple thinks iPads are useful with hardware keyboards — and I think they could be — they need to add trackpad support of some kind.

I was in a busy coffee shop yesterday and looked around. At least 20 patrons were using notebook computers, most of them MacBooks of some sort. Old MacBook Airs (or maybe new MacBook Airs — how can you tell?), MacBook Pros, just-plain MacBooks. Some PC notebooks as well, of course. I didn’t see one person using an iPad — despite the fact that iPads outsell all Macs combined by more than 2-to-1 every single quarter. Would trackpad support alone change that? I don’t know. But it would certainly help, and it’d move us one step closer to an iOS notebook.

Apple Tries to Stop Developers From Sharing Data on Users’ Friends 

Sarah Frier and Mark Gurman, reporting for Bloomberg:

As Apple’s annual developer conference got underway on June 4, the Cupertino, California-based company made many new pronouncements on stage, including new controls that limit tracking of web browsing. But the phone maker didn’t publicly mention updated App Store Review Guidelines that now bar developers from making databases of address book information they gather from iPhone users. Sharing and selling that database with third parties is also now forbidden. And an app can’t get a user’s contact list, say it’s being used for one thing, and then use it for something else — unless the developer gets consent again. Anyone caught breaking the rules may be banned.

Hard to disagree with this policy change, but I’m not sure how Apple can police it. Boobytrap accounts?

Fortnite Is Now Available on the Nintendo Switch 

Andrew Webster, reporting for The Verge:

The biggest game in the world is coming to the hottest gaming platform. After a few leaks and rumors, today Epic Games officially announced that Fortnite is coming the Nintendo Switch. And it’s coming very soon: it’s available as a free download today. Unlike other online games such as Rocket League that have been ported to the platform, it doesn’t appear that Fortnite on the Switch will include any Nintendo-specific content, so you can keep dreaming about a Metroid skin or Wario emote. There is also no cross-play with Fortnite players on the PS4.

I’ll probably get my ass kicked trying, but Fortnite is the first serious game in years that I’ve been interested in playing. And there’s no risk, because it’s free to play — which is a big part of what I find fascinating about it.

Sony disallowing cross-platform play kind of sucks — you can cross-play between Xbox, PC (including Mac), and iOS. It just goes to show the power of being the leading platform. Nintendo is just as lock-in/control-freak minded as Sony, but only Sony is in a position to demand something like this from Epic.

The news comes not long after Epic announced that the game would be coming to Android this summer; it’s currently available on PC, PS4, Xbox One, and iOS.

If they’ve already ported Fortnite to iOS, why haven’t they ported it to Apple TV? That should be easy. The obvious answer: Apple TV is such a non-entity for gaming that Epic doesn’t even consider a relatively easy port to be worth their time.

Update: A few readers have pointed out that the big reason Epic probably doesn’t think bringing Fortnite to Apple TV would be worth their time is that it would require a gaming controller, and most Apple TV owners don’t have one. Having played on the Switch for a bit tonight (I once finished 13th out of 100 — albeit with couch-side coaching from my son, who guided me to a house with a hidden Lost-esque bunker under the basement) there’s just no way this game could possibly be played using an Apple TV remote. It needs a lot of buttons. Apple’s blind spot for gaming on Apple TV is just baffling to me, especially given the prowess of their chip team. They’ve got the hard part down — CPU/GPU performance and developer support for iOS — but are completely missing out because they don’t ship a version of the hardware with a gaming controller.

Inside the Growing Flat Earth Movement 

Alan Burdick, writing for The New Yorker:

The unsettling thing about spending two days at a convention of people who believe that Earth is flat isn’t the possibility that you, too, might come to accept their world view, although I did worry a little about that. Rather, it’s the very real likelihood that, after sitting through hours of presentations on “scientism,” lightning angels, and nasa’s many conspiracies — the moon-landing hoax, the International Fake Station, so-called satellites — and in chatting with I.T. specialists, cops, college students, and fashionably dressed families with young children, all of them unfailingly earnest and lovely, you will come to actually understand why a growing number of people are dead certain that Earth is flat. Because that truth is unnerving.

In recent years I’ve begun to feel conflicted about the internet. On the one hand, it’s been wonderful in so many ways. I’ve personally built my entire career on the fact that the internet enables me to publish as a one-person operation. But on the other hand, before the internet, kooks were forced to exist on the fringe. There’ve always been flat-earther-types denying science and John Birch Society political fringers, but they had no means to amplify their message or bond into large movements.

Dominik Wagner: ‘On My Misalignment With Apple’s Love Affair With Swift’ 

Dominik Wagner:

  • It seems to have been driven by the needs of the compiler and the gaps that needed to be filled for the static analyzer. Those seem to have been super-charged instead of catering to app developer’s actual needs: efficient, hassle free, productive (iOS) App development.

  • It is meant to offer progressive disclosure and be simple, to be used in playgrounds and learning. At the same time learning and reading through the Swift book and standard library is more akin to mastering C++. It is quite unforgiving, harsh, and complex.

This is a really thoughtful, measured take against Swift. I know a lot of developers love Swift, but I also know many who share similar misgivings about it, primarily that it isn’t optimized specifically for writing great apps.

Five iOS 12 Features Apple Didn’t Announce On-Stage Last Week 

Good rundown of some under-the-radar features from Rene Ritchie.

The Talk Show Live From WWDC 2018 

Recorded in front of a live audience at The California Theatre in San Jose, John Gruber is joined by Greg Joswiak and Mike Rockwell to discuss the news from WWDC: ARKit 2, the new USDZ file format, iOS 12, MacOS 10.14 “Mojave”, UIKit apps on MacOS, and more.

Sponsored by:

  • Instabug: In-app feedback and bug reporting for mobile apps.
  • MacStadium: Enterprise class hosting for Macs.
  • Microsoft: Build intelligent iOS apps that scale.

(With an open bar provided by Setapp.)

Instabug 

My thanks to Instabug for sponsoring this week’s DF RSS feed (as well as The Talk Show Live From WWDC 2018). Tens of thousands of companies like Lyft, eBay, and T-Mobile rely on Instabug to iterate faster and enhance their app quality.

With just one line of code, your beta testers and users can now report bugs and submit detailed feedback by just shaking their phones. Instabug automatically captures a screenshot, screen recordings, all device details and repro-steps with each bug report to be displayed in one organized dashboard, so you and your team can track all bugs, feedback and crashes in one place.

They have a cool sample app in the App Store that you can try for free, to experience their reporting interface first hand. Then, you can log into their demo dashboard and see what the reports look like from the developers’ end. I tried it out and it looks and works great, on both sides.

Try Instabug now for free. Even better, they’re offering special $150 “Instabug Credits” for DF readers. Enter promo code “DF18” to claim your credits.

Facebook Bug Set 14 Million Users’ Sharing Settings to Public 

Heather Kelly, reporting for CNN:

For a period of four days in May, about 14 million Facebook users around the world had their default sharing setting for all new posts set to public, the company revealed Thursday.

The bug, which affected those users from May 18 to May 22, occurred while Facebook was testing a new feature.

David Frum:

It’s so weird that this never happens the other way around, settings accidentally changed so that Facebook users inadvertently get more privacy than they signed up for.

Yeah, so weird. What are the odds?

How the Washington Capitals Partied in Las Vegas With the Stanley Cup 

Adam Kilgore, writing for The Washington Post:

First, the Washington Capitals won the National Hockey League championship Thursday night. And then, as their red-rocking fans were passing out in a fit of euphoria back East, they took full advantage of the location in which they claimed the franchise’s first Stanley Cup. They hit the club, prize in hand, and they partied.

Some say the sun doesn’t rise in Vegas. The Caps, led by their captain, were up to the challenge of finding out.

The whole story is great, but I love this bit so much:

The threshold for who could venture on stage started to lower. Disbelief had yet to dissipate. “How amazing is it you can walk into a bar and the Stanley Cup is there, 10 yards away?” one Capitals employee asked, standing by the bar. He then escorted onto the stage a longtime Caps season-ticket holder who had gained entry, in part, by buying acceptable clothing off the back of a man on the street for 20 bucks. (He had previously been denied on the grounds of wearing sandals and shorts.)

Ersatz Free Trials 

Daniel Jalkut:

I think it’s particularly important, in the face of all the celebration this week about Apple’s perceived changes to the App Store, to appreciate all the many ways in which this solution falls short of what many developers still hope for: bona fide support for real free trials in the App Store.

In summary: none of the mechanics of supporting ersatz free trials are substantially supported by the App Store. Every aspect of the solution is bolted on to a system which was not designed for, yet is somewhat admirably being used to simulate real support for free trials. Let me elaborate by listing several shortcomings and how they affect users, and developers, in significant ways.

Kevin Roose: ‘How I Learned to Stop Worrying and Love Electric Scooters’ 

Kevin Roose, writing for The New York Times:

Tech hubris on wheels — what’s not to loathe?

But I wanted to experience the scooter craze for myself. So for a week, I used shared e-scooters as my primary mode of transportation. I rode them to meetings, ran errands across town and went for long joy rides on the Venice Beach boardwalk. In all, I took more than a dozen scooter rides, from just a few blocks to several miles.

And here’s my verdict: E-scooters might look and feel kind of dorky, but they aren’t an urban menace or a harbinger of the apocalypse. In fact — sigh — they’re pretty great.

That’s pretty much the consensus here in San Jose from fellow WWDC attendees. We didn’t want to like these scooters but we do. The big problem is parking them — it’s just wrong that people abandon them anywhere and everywhere. The other problem is people who ride them on sidewalks rather than in the street where they belong.

Safari Technology Preview 58 Includes Support for Favicons in Tabs 

Ricky Mondello:

This release covers the same revisions of WebKit from Safari Technology Preview 57, but includes new Safari and WebKit features that will be present in Safari 12. The following Safari 12 features are new to Safari Technology Preview 58:

Icons in Tabs. You can enable showing website icons in tabs in Safari’s Tabs preferences.

This is great. I don’t want to run Mojave betas, but I’ll gladly use Safari Technology Preview builds.

The Talk Show Live From WWDC 2018 

Live streaming video (and audio) starting in about 20 minutes.

WWDC 2018: Apple’s Software Chief Details How iOS Apps Will Run on Macs | WIRED 

Lauren Goode, writing for Wired:

In an exclusive interview with Wired, Federighi said the frameworks for porting iPhone and iPad apps to the Mac have been in development for two years. He revealed some of the technical details around how this will work, and shared some of the types of iOS apps he believes make sense on the Mac. Federighi was also dismissive of touchscreen laptops — a product category that would seem like a natural addition to Apple’s line once laptops begin running touch-first mobile apps.

Still very light on technical details. I get why they announced this a year early — because they wanted to start shipping their own apps built on this — but it’s so unusual for Apple.

Apple Is Testing a Feature That Could Kill Police iPhone Unlockers 

Lorenzo Franceschi-Bicchierai, reporting for Motherboard:

But iOS 12’s killer feature might be something that’s been rumored for a while and wasn’t discussed at Apple’s event. It’s called USB Restricted Mode, and Apple has been including it in some of the iOS beta releases since iOS 11.3.

The feature essentially forces users to unlock the iPhone with the passcode when connecting it to a USB accessory everytime the phone has not been unlocked for one hour. That includes the iPhone unlocking devices that companies such as Cellebrite or GrayShift make, which police departments all over the world use to hack into seized iPhones.

I love this feature. So clever.

iOS 12 Brings iPhone X Gestures to iPad, Swipe From Top-Right to Open Control Center 

I’m not convinced this means the iPad Pro is getting a notch, but either way, I think it’s a good idea for these gestures to match.

Jamf Now 

My thanks to Jamf for sponsoring this week’s DF RSS feed. Get real-time inventory, configure Wi-Fi and email settings, deploy applications, protect company data, and even lock or wipe a device from anywhere with Jamf Now.

Jamf Now secures your devices so you can focus on your business. No IT experience needed.

Daring Fireball readers can create an account and manage three devices for free. Forever. After that, each additional device is just $2 per month. Create your free account today.

Android Developers Blog: Insider Attack Resistance 

Shawn Willden, software engineer at Google:

In the past, device makers have focused on safeguarding these keys by storing the keys in secure locations and severely restricting the number of people who have access to them. That’s good, but it leaves those people open to attack by coercion or social engineering. That’s risky for the employees personally, and we believe it creates too much risk for user data.

To mitigate these risks, Google Pixel 2 devices implement insider attack resistance in the tamper-resistant hardware security module that guards the encryption keys for user data. This helps prevent an attacker who manages to produce properly signed malicious firmware from installing it on the security module in a lost or stolen device without the user’s cooperation. Specifically, it is not possible to upgrade the firmware that checks the user’s password unless you present the correct user password. There is a way to “force” an upgrade, for example when a returned device is refurbished for resale, but forcing it wipes the secrets used to decrypt the user’s data, effectively destroying it.

This seems like a good idea, and I think the iPhone has been doing this for years. But I’d love to see someone do a rundown of the low-level security across all popular Android phones.

Robinson Meyer: ‘Unfortunately, the Electric Scooters Are Fantastic’ 

Robinson Meyer, writing for The Atlantic:

When this latest army invaded my village, it seemed no different than the rest. I had heard rumor of it for weeks, had feared and resented it, had assured friends that its occupation would end as soon as all its predecessors. But when its foot soldiers finally arrived, I was shocked to find myself charmed. Now, I cannot imagine life without them.

I speak, of course, of the electric scooters.

Teetrilogy4 

Some new Solo-inspired designs, printed and shipped by Brian Jaramillo, my decade-long partner for DF t-shirts. Great shirts, fun designs, and you get a nice discount if you order three or more.

The Talk Show: ‘Pseudorandom Gibberish’ 

Rene Ritchie returns to the show. Topics include MacBook keyboard failures, iOS passcode security, Google’s odd Duplex “demo”, Steam Link’s curious rejection from the App Store, AirPlay 2, and, of course, conjecture about next week’s WWDC.

Brought to you by these fine sponsors:

  • Away: Travel smarter with the suitcase that charges your phone. Save $20 with code talkshow.
  • Squarespace: Make your next move. Use code talkshow for 10% off your first order.
  • Eero: Finally, Wi-Fi, that works. Free shipping to the U.S. and Canada with code thetalkshow.

10 Strikes and You’re Out — the iOS Feature You’re Probably Not Using But Should

For many years now, iOS has offered an option in the Passcode section of the Settings all: “Erase all data on this iPhone after 10 failed passcode attempts.”

I’ve long been intrigued by this setting, but never turned it on, out of the vague fear that something could happen and I’d wind up with a wiped iPhone. Say, if a “friend” surreptitiously took my phone at a bar and entered 10 wrong passcodes as a prank. Something like that.

I asked on Twitter over the weekend how many people use this feature, and over 4,000 people responded to the poll. One-third use the feature, two-thirds don’t. Among those who don’t, the most common response, by far, is that they don’t use it because they’re the parents of young children, and they fear that their kids will trigger the erasure of their phone.

I had no idea until I looked into it last weekend, but it turns out this feature is far more clever than I realized, and it’s highly unlikely that your kids or jackass drinking buddies could ever trigger it. After the 5th failed attempt, iOS requires a 1-minute timeout before you can try again. During this timeout the only thing you can do is place an emergency call to 911. After the 6th attempt, you get a 5-minute timeout. After the 7th, 15 minutes. These timeouts escalate such that it would take over 3 hours to enter 10 incorrect passcodes.

It seems pretty clear from the responses to my poll that I wasn’t alone in thinking that this feature was more dangerous than it really is. I’ve got it turned on now, and I can’t think of a good reason why anyone wouldn’t enable this. 


Things 3.6 for iPad 

Speaking of task management apps for iOS, Things 3.6 addresses something I complain about every month or so: the way that most iPad apps, including Apple’s own, treat a hardware keyboard as a second-class citizen. There’s a lot of stuff going on in this video and they never once touched the screen. Very cool.

OmniFocus 3 Review 

Ryan Christoffel, writing for MacStories:

OmniFocus 3, released today for iOS (and later coming to the Mac), adds even more power and options to the app’s existing toolset, yet rather than growing more complex in the process, it’s surprisingly become more approachable. This improved user friendliness is achieved thanks to a new level of flexibility that can, upon tweaking your ideal setup, obscure the app’s complexity in everyday use. In more ways than ever before, OmniFocus provides the tools to make the app your own.

I’ve never been an OmniFocus user, but version 3’s addition of tagging (replacing OmniFocus’s previous “contexts” feature) could get me to try it. As usual for MacStories, Christoffel’s review is comprehensive and insightful.

Update: David Sparks’s review is good too.

Retrobatch 1.0 

New app from Flying Meat (makers of Acorn, my go-to image editor): a node-based batch image processor. I’ve been using it in beta for months, and I’ve only scratched the surface of what Retrobatch can do. It’s just a delightfully well-done Mac app.


Yammering on One More Time Regarding Google’s Duplex Recordings

Let me just reiterate up front that my suspicions surrounding Google’s Duplex recordings are not suspicions regarding the idea of Duplex itself. If I had to bet on who will be the first to create an AI voice system that passes for human, even within the limited constraints of a single well-defined task like booking reservations, it would be Google. If Vegas had a betting line on this, Amazon would probably have decent odds too, but surely Google would be the favorite.

We can all hear for ourselves how well Google Assistant works today. I’m not alleging that these recordings are complete fabrications, or betting against Google being further ahead in this effort than anyone else.

But everything about the way Google announced this — the curious details of the calls released so far, the fact that no one in the media has been allowed to see an actual call happen live — makes me suspect that for one or more reasons, the current state of Duplex is less than what Sundar Pichai implied on stage. His words before the first recording was played: “What you’re going to hear is the Google Assistant actually calling a real salon to schedule an appointment for you. Let’s listen.” And after the second recording: “Again, that was a real call.”

You can parse those words precisely and argue that Pichai never said they were unscripted or un-coached, or that the recordings are unedited. But that’s like saying Bill Clinton was technically truthful with his “I did not have sexual relations with that woman” statement. The implication of Clinton’s statement was that he wasn’t involved sexually with his intern, and that wasn’t true. The implication of Pichai’s statement was that right now, today, Google has a version of Duplex in its lab that can call a real restaurant or hair salon and book a reservation and sound truly human while doing so. Not soon, today. Look at the news coverage from the announcement — Mashable, The Guardian, The Verge, The Evening Standard — all of those reports on Duplex’s announcement are written in the present tense, as though it’s something Google has working, as heard, with no or very minimal editing, today.

If a few months or more from now Google can demonstrate a real Duplex call, live, that wouldn’t disprove my suspicion that they can’t do it right now in May 2018 — even though Sundar Pichai clearly implied last week that they can. If I’m wrong — if stories come out in the next week or two from journalists granted behind-the-scenes access to listen to Duplex make live calls (and watch them be parsed correctly, creating calendar events and notifications of the reservation dates and times), and those calls sound every bit as realistically human as the recordings Google has released so far — my suspicion will be proven false. And I’d be delighted by that. Part of the reason I’m so focused on Duplex is that if it really works like it does in these recordings, it’s one of the most amazing advances in technology in years.

But Google hasn’t done that, and the more I think about it, and the longer Google stonewalls on press inquiries about Duplex, the more suspicious I get that they can’t. Even if Duplex still has a low success rate, it would be amazing if, say, half its calls worked as well and sounded as good as these recordings. That would be perfectly understandable for a technology still in development.

But Pichai also said “This will be rolling out in the coming weeks as an experiment.” On the one hand, that makes me feel like maybe I am off my rocker for being so skeptical. Why in the world would Pichai say that if they weren’t at a stage in internal testing where Duplex works as the recordings suggest? But on the other hand, if they are that close, why haven’t they invited anyone from the media to see Duplex in action?

They did invite Richard Nieva from CNet to a behind-the-scenes preview before I/O, but all he got to hear were recordings, too:

In a building called the Partnerplex on Google’s sprawling campus in Mountain View, California, I’ve been invited to hear a 51-second phone recording of someone making a dinner reservation. […]

As I listen to what sounds like a man and a woman talking, Google’s top executives for Assistant, the search giant’s digital helper, watch closely to gauge my reaction. They’re showing off the Assistant’s new tricks a few days before Google I/O, the company’s annual developer conference that starts Tuesday.

Turns out this particular trick is pretty wild.

That’s because Person 2, the one who sounds like a man, isn’t a person at all. It’s the Google Assistant.

Why not let Nieva hear it live? Why not let Nieva answer the phone and book the reservation himself, as though he works at the restaurant? If it’s “weeks” away from rolling out in a limited beta to the public, that should be possible.

The job of journalists is to verify these things, not just to take a company’s word for it. Here’s Om Malik, linking to Dan Primack’s Axios story on Google’s stonewalling:

Om Malik:

“Google may well have created a lifelike voice assistant…Or it was partially staged. Or something else entirely. We just don’t know, because Google won’t answer the questions.” @danprimack doing what journalists are supposed to do. Verify and dig deeper!

Dave Winer, in the same thread:

Finally journalism starts asking obvious questions of tech.

Tech journalism has never asked basic questions like “how did you do this?”

Apple once used my software to demo their tech, which wasn’t ready.

Reporters refused to ask about this.

“How did you do this?” is a necessary question. But even broader, when you’re only shown a recording, the question is “How do we know this is real?”

Maybe Duplex, today, works just as well and sounds just as human as these recordings suggest. But maybe it doesn’t work as well as they claimed, or doesn’t sound so human,1 or takes pauses that were edited out of the clips they’ve released. We don’t know, because Google hasn’t allowed anyone to verify anything about it. It’s like a card trick where the magician, rather than an audience member, picks the card and shuffles the deck.

It’s the difference between, say, watching video of a purported self-driving car versus watching — or even better, riding as a passenger in — an actual self-driving car.

The headlines last week should have been along the lines of “Google Claims Assistant Can Make Human-Sounding Phone Calls”, not “Google Assistant Can Make Human-Sounding Phone Calls”. There’s a difference.

A recording is not a demo. You can demo hardware and software that isn’t shipping yet — most companies do, because that’s when the products are still under wraps and can make for a surprise. But there’s an obligation to be clear about the current state of the product, and to demo what you currently have working “for real”. Showing it privately to select members of the media is another acceptable strategy. Just to cite one famous example from Apple: in January 2007 the original iPhone was six months away from shipping and still needed a lot of work. But what Steve Jobs showed on stage was real — early stage software running on prototype hardware. Everything demoed was live, not a recording. And then to further prove that, after the keynote, select members of the media, including Jason Snell, Andy Ihnatko, and David Pogue, got up to 45 minutes of actual hands on time with a prototype, even though the software was at such an early stage that some of the default apps only showed screenshots of what they were supposed to look like.

That’s how you prove to the world that a demo was what you said it was. It is damn curious that Google won’t do that with Duplex. 


  1. Google now claims their plan all along has been to have Duplex identify itself to humans. I don’t understand how that squares with the efforts they clearly went through to make Duplex sound convincingly human. It seems clear that they only started thinking about disclosing Duplex as a bot to humans in response to the ethical outcry after the keynote. Ethics aside though, what makes the promise of Duplex so tantalizing as a technology is its seeming humanness. ↩︎


The Restaurant Where Google Claims to Have Booked an Actual Meal Via Duplex

At the bottom of Google’s AI Blog announcement of Duplex (“An AI System for Accomplishing Real World Tasks Over the Phone”), they included a photo of two Duplex engineers eat a meal, with the following caption:

Yaniv Leviathan, Google Duplex lead, and Matan Kalman, engineering manager on the project, enjoying a meal booked through a call from Duplex.

As suspicions around this announcement deepen, I got to wondering if we could identify this restaurant. If we could identify the restaurant, we could ask them if they had been told in advance they would be speaking to Google Duplex, among other interesting questions.

The image is cropped somewhat tightly, but they’re clearly eating Chinese food, the bench style and wall color are distinctive, and there’s a large picture hanging over their heads. So, I did the laziest thing I could possibly do: I asked my Twitter followers if any of them recognized it.

22 minutes later, we had the answer from DF reader Jay P: Hong’s Gourmet, in Saratoga, CA. This image on Yelp shows the same bench, same wall, and same picture on the wall. Next door to Hong’s Gourmet is Masu Sushi, whose sign is legibly reflected in the glass of the picture behind the Google engineers.1

My thanks to Jay P and everyone else who contributed to the thread on Twitter. Jay deserves the credit for cracking this, by going backwards from the Masu Sushi sign in the reflection.2 All I did was ask. The fact that I had an answer to my question in just 22 minutes shows that having a large follower count on Twitter is a bit of a super power. I honestly can’t think of another way to answer this question without Google PR’s help. I suppose, without Twitter, I could have just posted the question on Daring Fireball, and I might have gotten the same answer. But the threaded, public, instant nature of Twitter allowed for multiple people to contribute — we went from “this might be the place” to “this is definitely the place” in just a handful of minutes. Remarkable, really. 


  1. One weird detail is that the image from Google of the engineers has been flipped horizontally, so the reflection of the neighboring restaurant’s sign isn’t mirrored. My only guess as to why Google flipped this image is that they wanted Leviathan, the project lead, to have his name listed first in the caption. ↩︎

  2. Solving this not from the decor of the restaurant but instead from the tiny reflection of the neighboring restaurant’s sign brings to mind one word: “Enhance.” ↩︎︎