It’s Hard to Believe But Maybe Trump Neither Understands the Law Nor Has Thought This Twitter Thing Through, Not Even Sort of a Little 

Peter Baker and Daisuke Wakabayashi, reporting for The New York Times:

But the logic of Mr. Trump’s order is intriguing because it attacks the very legal provision that has allowed him such latitude to publish with impunity a whole host of inflammatory, harassing and factually distorted messages that a media provider might feel compelled to take down if it were forced into the role of a publisher that faced the risk of legal liability rather than a distributor that does not.

“Intriguing” is doing a lot of work in that sentence.

Translation From VC-Backed PR Jargon to English of Magic Leap CEO Rony Abovitz’s Statement That He’s ‘Stepping Down’

From a company-wide memo sent by Magic Leap founder Rony Abovitz Thursday:

As we’ve shared over the last several weeks, in order to set Magic Leap on a course for success, we have pivoted to focus on delivering a spatial computing platform for enterprise.

As nearly everyone has finally realized, our actual technology is nothing at all like what we promised, lied about for years, and sold gullible deep-pocketed investors on. Our con is falling apart at the seams, so we’ll milk the last few dollars out of the only investors dumb enough to give us even more money, by repeating the word “enterprise” and doing that thing with our fingers like Obi-Wan Kenobi.

We have closed significant new funding and have very positive momentum towards closing key strategic enterprise partnerships.

You’re not going to believe this but we somehow raised another $350 million. I know, right?

As the board and I planned the changes we made and what Magic Leap needs for this next focused phase, it became clear to us that a change in my role was a natural next step.

Everyone agrees the jig is up.

I discussed this with the board and we have agreed that now is the time to bring in a new CEO who can help us to commercialize our focused plan for spatial computing in enterprise. We have been actively recruiting candidates for this role and I look forward to sharing more soon.

Our Craigslist ad: “Florida company seeks Bernie Madoff type.”

I have been leading Magic Leap since 2011 (starting in my garage). We have created a new field. A new medium. And together we have defined the future of computing.

No one will remember us or anything we’ve done — unless Netflix makes one of those documentaries like the Fyre Festival one. I love that movie. Which makes me think maybe we should change our Craigslist ad to “Billy McFarland type”. Actually, when does he get out of prison?

I am amazed at everything we have built and look forward to everything Magic Leap will create in the decades to come.

I am amazed that we raised $2.4 billion and have managed to stretch this con out for 7 years and counting. We even convinced Google to invest. Google! Those guys are smart!

I will remain our CEO through the transition and am in discussions with the board with regards to how I will continue to provide strategy and vision from a board level. I remain super excited about Magic Leap’s future and believe deeply in our team and all of their incredible talent and capabilities.

I guess I should be ashamed of myself but I’m not. 

‘The Unicorns Fell Into a Ditch’ 

Matt Levine, in his excellent Money Stuff column for Bloomberg:

If restaurants and drivers complained about DoorDash but DoorDash was raking in juicy profits, you could be like “what do you want, innovate or die, the market has spoken.” But in fact restaurants and drivers complain about DoorDash, and it lost $450 million in 2019 on about $1 billion of revenue. Arguably the market has spoken and said “stop it, come on, this is dumb.”

In the old economy of price signals, you tried to build a product that people would want, and the way you knew it worked is that people would pay you more than it cost. You were adding value to the world, and you could tell because you made money. In the new economy of user growth, you don’t have to worry about making a product that people want because you can just pay them to use it, so you might end up with companies losing money to give people things that they don’t want and driving out the things they do want.

That sounds like a joke but it’s not even an exaggeration.

Bonus burn on counterfeit capitalism poster child MoviePass:

Meanwhile MoviePass itself is up for auction in its Chapter 7 bankruptcy, with bids due next month. Naively I would think that a pandemic would be good for MoviePass: If your business is buying movie tickets for $14 and selling them for $10 a month, months when all the movie theaters are shut down should be relatively profitable.

DoorDash and Pizza Arbitrage 

This piece by Ranjan Roy for his Margins newsletter is such a perfect example of counterfeit capitalism. Roy has a friend who owns a few pizzerias. They were getting complaints from customers whose deliveries were cold. What made that really odd is that his pizzerias weren’t offering delivery service. What happened is that DoorDash, with no permission, registered a phone number with Google under his restaurant’s name. The fun part of the story:

DoorDash was causing him real problems. The most common was, DoorDash delivery drivers didn’t have the proper bags for pizza so it inevitably would arrive cold. It led to his employees wasting time responding to complaints and even some bad Yelp reviews.

But he brought up another problem - the prices were off. He was frustrated that customers were seeing incorrectly low prices. A pizza that he charged $24 for was listed as $16 by DoorDash.

My first thought: I wondered if DoorDash is artificially lowering prices for customer acquisition purposes.

My second thought: I knew DoorDash scraped restaurant websites. After we discussed it more, it was clear that the way his menu was set up on his website, DoorDash had mistakenly taken the price for a plain cheese pizza and applied it to a ‘specialty’ pizza with a bunch of toppings.

My third thought: Cue the Wall Street trader in me… ARBITRAGE!

The arbitrage is good fun, but ultimately the whole thing shows how predatory these VC-backed delivery services are:

You have insanely large pools of capital creating an incredibly inefficient money-losing business model. It’s used to subsidize an untenable customer expectation. You leverage a broken workforce to minimize your genuine labor expenses. The companies unload their capital cannons on customer acquisition, while this week’s Uber-Grubhub news reminds us, the only viable endgame is a promise of monopoly concentration and increased prices. But is that even viable?

More News From Earlier This Month, Lost in the Quarantine Shuffle: ‘Uber Cuts 3,000 More Jobs, Shuts 45 Offices in Coronavirus Crunch’ 

Preetika Rana, reporting for The Wall Street Journal back on May 19 (Apple News+):

Uber Technologies Inc. is cutting several thousand additional jobs, closing more than three dozen offices and re-evaluating big bets in areas ranging from freight to self-driving technology as Chief Executive Dara Khosrowshahi attempts to steer the ride-hailing giant through the coronavirus pandemic.

Mr. Khosrowshahi announced the plans in an email to staff Monday, less than two weeks after the company said it would eliminate about 3,700 jobs and planned to save more than $1 billion in fixed costs. Monday’s decision to close 45 offices and lay off some 3,000 more people means Uber is shedding roughly a quarter of its workforce in under a month’s time. Drivers aren’t classified as employees, so they aren’t included.

Why does Uber even have 45 offices to close, and so many employees to lay off? What exactly were the ~7,000 people they’ve laid off so far doing? Last I heard, Uber had 400 iOS engineers. Just iOS. I get it that some of that work isn’t visible just by looking at the Uber app on your iPhone, because there’s a lot of unseen work that goes into making an app like Uber work worldwide. I don’t know what the right number of iOS engineers at Uber is, but I do know that 400 is bananas. Too many cooks spoil the stew; 400 cooks don’t even fit in a kitchen.

It’s like trying to build a better engineering team by buying 1,000 copies of Fred Brooks’s The Mythical Man-Month and never once reading it.

The basic idea behind Uber is both sound and genius: smartphones made possible a revolution in ride hailing. But ride hailing is inherently a low-margin business. Companies like Uber and Lyft can make ride hailing better for everyone — drivers and passengers alike — but there’s nothing they can do to change the fact that it’s by definition a low-margin business and always will be.

The best treatise I’ve read on this whole aspect of our society is Matt Stoller’s “counterfeit capitalism”, which I linked to back in September.* Just read that, or read it again. It succinctly captures something very important.

* Yes, the same Matt Stoller with whom I disagreed vociferously regarding his argument that Apple and Google are “exercising sovereign power” with their refusal to allow local health agencies to automatically collect privacy-invasive data from our phones. Stoller is a great writer and thinker, and it’s the sign of an adult mind that you can civilly disagree with someone whom you usually agree with. (And vice versa: a rational adult can agree with someone they usually disagree with.)

Coffee Shops in the Social Distancing Era 

Michael Klein, writing for The Philadelphia Inquirer:

Coffee shops and cafes, largely shut down for walk-in business since mid-March, are beginning to reopen as restrictions on takeout food ease.

La Colombe, the Philadelphia-based coffee giant, is taking pages out of the airport and pharmacy handbooks in retrofitting 30 of its cafes in six cities for safety. The first location to reopen this week is at 130 S. 19th St., just north of Rittenhouse Square, where the company began 26 years ago. Others will follow in coming weeks, including the flagship store in Fishtown. The four airport locations will have to wait.

A bunch of photos and a time-lapse video showing the perspective of a customer going through the queue. La Colombe is my favorite coffee shop in Philly — great coffee and a wonderful staff — so I’m glad to see it reopen at all. But this is not normal. (La Colombe was featured quite a bit last year at WWDC in Apple Pay presentations.)

Space Invaders 

Splendid retrospective from Game Maker’s Toolkit on Taito’s 1978 coin-op classic. What a great game.

The Pac-Man video in the same series is also excellent, and fully explains the AI behind the ghosts in a way I’ve never seen before. Four simple heuristics for the ghosts which, when combined, create the compelling illusion of intelligent coordination.

It’s also fascinating to me that, though only two years apart, Space Invaders and Pac-Mac feel like they’re from two different eras of arcade games. Space Invaders is monochrome (the machines faked color with a translucent overlay at the bottom of the screen) and (generally) slow; Pac-Man is fantastically colorful and frantically fast.

‘Will President Trump Stand With Hong Kong?’ 

The New York Times:

The resistance has compelled China and its handpicked administrators in Hong Kong, led by the embattled Carrie Lam, to make tactical retreats at times, but never for long. At her weekly news conference, Ms. Lam dutifully argued that the proposed legislation would not curtail the rights of Hong Kongers, which under the 1997 agreement with Britain were to be unchanged for 50 years, but rather was a “responsible” move to protect the law-abiding majority.

Nobody believes that. Least of all, evidently, those behind the new measures. A Chinese representative in Hong Kong declared that freedom of the press would not be limited, and then warned against using that freedom as a “pretext” to undermine security. Ms. Lam [was] equally Orwellian: “We are a very free society, so for the time being, people have the freedom to say whatever they want to say.”

Strong editorial, but I can’t see why they posed the headline as a question.

What a historical debacle that 50-year agreement was. We’re only 23 years in and Hong Kong freedom is already teetering. The assumption in 1997 was that if we opened trade relations, China would inevitably bend to the ways of the West, and that 50 years was plenty of time. It turns out the way of the West is capitalism, China is a huge market, and we’re bending to China, not the other way around.

Hong Kong iPhones still don’t have the Taiwanese flag emoji, right? But Apple Stores do make good spots to round up dozens of pro-democracy protestors for arrest.

Apple Engineer Jordyn Castor on ‘Mission Unstoppable’ 

Speaking of Apple and its generally outstanding accessibility, check out this five-minute feature on Apple engineer Jordyn Castor. Castor is blind since birth, and she’s working on Swift Playgrounds to help visually impaired students learn to program. Just so cool.

Head-to-Head Comparison of iPhone vs. Pixel in Voice to Text Transcription 

James Cham:

I don’t think that people appreciate how different the voice to text experience on a Pixel is from an iPhone. So here is a little head to head example. The Pixel is so responsive it feels like it is reading my mind!

Siri being far slower and far less accurate is a winning combination.

What really sticks out about this is that in so many regards, Apple’s accessibility features are both awesome and far ahead of everyone else. Yet voice-to-text transcription is an obvious accessibility feature, and on this front Apple is and long has been woefully behind. If Apple’s voice-to-text transcription were good, it wouldn’t just improve the ways we use (or try to use) it now — truly good voice-to-text would enable all sorts of new Star Trek-level interactions while editing text. Quick fixes in Messages, Mail, or wherever you happen to be typing.

Trump Administration Organizes Harassment of a Single Twitter Employee 

Nick Stratt, reporting for The Verge:

The White House has set its sights on a single Twitter employee after the company attached a fact-checking link to two of the president’s tweets containing lies and misinformation related to voter fraud. The charge was led on Fox News Wednesday morning, with Trump advisor Kellyanne Conway targeting Twitter’s head of site integrity, Yoel Roth, after digging up some tweets that were critical of Trump, Conway, and the administration.

Conway called the employee “horrible” and directed listeners to go after him. “Somebody in San Francisco go wake him up and tell him he’s about to get a lot more followers,” she said on air. Immediately, the call was picked up by right-wing personalities and Trump supporters, who began sharing screenshots of the employee’s tweets. Roth is already facing a torrent of abuse and harassment, including multiple death threats, reports Protocol.

Emily Birnbaum, from the aforelinked report at Protocol:

Roth has received more than 3,000 new followers over the past day, according to an analysis of his Twitter account. He hasn’t tweeted since Monday, but harassing messages are appearing every minute under his latest posts, and right-wing accounts with millions of followers, including the president’s son and the Trump campaign’s official account, have been tweeting out his name and personal information every hour since mid-Tuesday.

A Twitter spokesperson told Protocol the company is standing behind Roth and does not have any plans to fire or suspend him.

“No one person at Twitter is responsible for our policies or enforcement actions,” a Twitter spokesperson said, “and it’s unfortunate to see individual employees targeted for company decisions.”

A person familiar with the matter said Roth has faced an explosion of death threats.

They are simultaneously hamfisted, vindictive, and cruel. If there’s a method to this, they’re doing it to send a message. Push back on Trump’s blatant disregard for Twitter’s rules and the White House will single out Twitter employees for retribution.

Nine Local TV Stations Pushed the Same Amazon-Scripted Segment 

Tim Burke, reporting for Courier:

While most TV news professionals have scoffed at the idea of running Amazon-provided content as news, at least 9 stations across the country ran some form of the package on their news broadcasts. The package — you can view the script Amazon provided to news stations here — was produced by Amazon spokesperson Todd Walker. Only one station, Toledo ABC affiliate WTVG, acknowledged that Walker was an Amazon employee, not a news reporter, and noted that Amazon had supplied the video. […]

In response to a request for comment on why the station ran the package, Wes Armstead, news director of the Bluefield NBC affiliate WVVA, told Courier, “I was not aware the package was provided by Amazon.” Armstead said, “We’ll make sure it doesn’t happen again.”

Strong words, indeed.

(What’s the deal with the strange diction of local TV news personalities in the U.S.? It’s evolving into an ever-more-distinct accent that defies regional boundaries and doesn’t really exist in any other context. TV personalities on national TV don’t talk like this, only on local TV.)

The Washington Examiner: ‘Trump’s Slanderous Attack on Joe Scarborough Is Incompatible With Leadership’ 

The Washington Examiner:

But it is far, far more unfortunate that the latest person to trumpet and repeat this vile slander is the president supposedly leading this nation through a time of crisis.

Whatever his issues with Scarborough, President Trump’s crazed Twitter rant on this subject was vile and unworthy of his office. Some will undoubtedly shrug it off as Trump being Trump, but one could hardly be blamed for reading it and doubting his fitness to lead.

To say Trump owes Scarborough an apology is to put it mildly. But in the end, Scarborough won’t be the one hurt by this. Against a weak opponent, Trump somehow managed in 2016 to win despite carrying on with sad, deluded conspiracy theories about Sen. Ted Cruz’s father being involved in the assassination of John F. Kennedy. Against a less reviled opponent, he may not be so lucky in 2020.

What makes this editorial noteworthy is not the sentiment but the source.

Sean Hannity Splits With Trump on Mask Wearing 

Cristina Cabrera, reporting for TPM:

“If you can’t social distance, please wear the mask,” Hannity pleaded. “Do it for your mom, your dad, your grandma, your grandpa.”

The right-wing host asserted that “we need to use some common sense. You need to be cautious. Take precautions because we don’t want it to spread to vulnerable people,” Hannity said. “We’ve seen what happens when we do.”

During a press briefing earlier on Tuesday, Trump swiped at a reporter for wearing a mask. “You want to be politically correct,” he said.

What makes this noteworthy is not the sentiment but the source.

WSJ: ‘Facebook Executives Shut Down Efforts to Make the Site Less Divisive’ 

Jeff Horwitz and Deepa Seetharaman, reporting for The Wall Street Journal (Apple News+ link):

“Our algorithms exploit the human brain’s attraction to divisiveness,” read a slide from a 2018 presentation. “If left unchecked,” it warned, Facebook would feed users “more and more divisive content in an effort to gain user attention & increase time on the platform.” […]

But in the end, Facebook’s interest was fleeting. Mr. Zuckerberg and other senior executives largely shelved the basic research, according to previously unreported internal documents and people familiar with the effort, and weakened or blocked efforts to apply its conclusions to Facebook products.

Polarizing divisive content is to Facebook as nicotine is to cigarette makers: a component of their product which their own internal research shows is harmful, but which they choose to increase, rather than decrease, because its addictiveness is so profitable.

A 2016 presentation that names as author a Facebook researcher and sociologist, Monica Lee, found extremist content thriving in more than one-third of large German political groups on the platform. Swamped with racist, conspiracy-minded and pro-Russian content, the groups were disproportionately influenced by a subset of hyperactive users, the presentation notes. Most of them were private or secret.

The high number of extremist groups was concerning, the presentation says. Worse was Facebook’s realization that its algorithms were responsible for their growth. The 2016 presentation states that “64% of all extremist group joins are due to our recommendation tools” and that most of the activity came from the platform’s “Groups You Should Join” and “Discover” algorithms: “Our recommendation systems grow the problem.”

Those recommendation algorithms are the heart of the matter. In the old days, on, say, Usenet, there were plenty of groups for extremists. There were private email lists for extremists. But there was no recommendation algorithm promoting those groups.

The engineers and data scientists on Facebook’s Integrity Teams — chief among them, scientists who worked on newsfeed, the stream of posts and photos that greet users when they visit Facebook — arrived at the polarization problem indirectly, according to people familiar with the teams. Asked to combat fake news, spam, clickbait and inauthentic users, the employees looked for ways to diminish the reach of such ills. One early discovery: Bad behavior came disproportionately from a small pool of hyperpartisan users.

A second finding in the U.S. saw a larger infrastructure of accounts and publishers on the far right than on the far left. Outside observers were documenting the same phenomenon. The gap meant even seemingly apolitical actions such as reducing the spread of clickbait headlines — along the lines of “You Won’t Believe What Happened Next” — affected conservative speech more than liberal content in aggregate.

That was a tough sell to Mr. Kaplan, said people who heard him discuss Common Ground and Integrity proposals. […] Every significant new integrity-ranking initiative had to seek the approval of not just engineering managers but also representatives of the public policy, legal, marketing and public-relations departments.

So Facebook’s “Integrity Teams” can’t enforce integrity if it upsets the side of the U.S. political fence that is, quite obviously, more lacking in integrity.

Twitter Won’t Accept False Statements About Voting by Mail, but Falsely Accusing Someone of Murder Is OK 

Kara Swisher, in her column for the NYT today, written before Twitter flagged Trump’s two tweets regarding the legality and legitimacy of voting by mail:

Again, top company executives hope that this placement of truth against lies will serve to cleanse the stain. I think this is both naïve and will be ineffective — most people’s experience tracks with that old axiom: A lie can travel halfway around the world while truth is still getting its shoes on.

In the digital age, that would be to the moon and back 347 times, of course, which is why I am supportive of the suggestion Mr. Klausutis makes in his letter to simply remove the offending tweets.

While the always thoughtful Mr. Dorsey has said previously that he has to hew to Twitter’s principles and rules, and that the company cannot spend all of its time reacting, its approach up until now results only in Twitter’s governance getting gamed by players like Mr. Trump, in ways that are both shameless and totally expected.

So why not be unexpected with those who continue to abuse the system? Taking really valuable one-off actions can be laudable since they make an example of someone’s horrid behavior as a warning to others. While it is impossible to stop the endless distribution of a screenshot of the tweets, taking the original ones down would send a strong message that this behavior is not tolerated.

And, conversely, if they don’t take down these tweets, they’re sending a strong message that this behavior is tolerated.

Timothy Klausutis’s Full Letter to Jack Dorsey, and Twitter’s Response 

Lori Kaye Klausutis is the woman who died 19 years ago in a tragic accident, and who the president of the United States is now repeatedly baselessly insinuating was murdered by her boss, Joe Scarborough. Her widower wrote a now-much-publicized letter to Twitter CEO Jack Dorsey. His letter is worth reading in full. His request is simple, and puts Twitter is a seemingly untenable position:

My request is simple: Please delete these tweets.

I’m a research engineer and not a lawyer, but I’ve reviewed all of Twitter’s rules and terms of service. The President’s tweet that suggests that Lori was murdered — without evidence (and contrary to the official autopsy) — is a violation of Twitter’s community rules and terms of service. An ordinary user like me would be banished from the platform for such a tweet but I am only asking that these tweets be removed.

This is not just “Trump being Trump”. It’s not just “Trump versus Scarborough, and Scarborough can take it, he hosts a TV show he can fight back from”. There are completely innocent bystanders who get pulled to the forefront of something like this.


I’m asking you to intervene in this instance because the President of the United States has taken something that does not belong to him — the memory of my dead wife — and perverted it for perceived political gain.

Twitter’s response:

We are deeply sorry about the pain these statements, and the attention they are drawing, are causing the family. We’ve been working to expand existing product features and policies so we can more effectively address things like this going forward, and we hope to have those changes in place shortly.

A “Get the facts about Lori Klausutis’s death” link at the bottom of Trump’s tweets isn’t going to do anything. Deleting the tweets is the least Twitter could do to actually do anything at all about Donald Trump using their platform to inflict profound emotional pain on Klausutis’s family and friends.

As it stands, no matter how sorry Twitter is about the pain these tweets are causing, they’re implicitly OK with them.

The President of the United States Is Falsely Accusing a Critic of Murder 

Peter Baker and Maggie Astor, reporting for The New York Times:

President Trump smeared a prominent television host on Tuesday from the lectern in the Rose Garden with an unfounded allegation of murder, taking the politics of rage and conspiracy theory to a new level even as much of the political world barely took notice.

Maybe part of the reason “the political world barely took notice” is that the straight news media, exemplified by The Times, has been normalizing Trump’s escalating madness every step of the way. The New York Times front page has been that “This is fine” dog sipping coffee in a burning house. And now we’re at panel 5 in the comic, and The Times’s crackerjack bothsidesism-afflicted political reporters are maybe sort of kind of thinking it’s getting a little worrisomely warm. Maybe?

It’s like yeah, no shit, the rest of us have been pointing out every step of the way that this man is unhinged from reality.

In an attack that once would have been unthinkable for a sitting president, Mr. Trump all but accused Joe Scarborough, a former Republican congressman who now hosts the MSNBC show “Morning Joe,” of killing a staff member in 2001 even though he was 800 miles away at the time and the police ruled her death an accident.

The president’s charge amplified a series of Twitter messages in recent days that have drawn almost no rebukes from fellow Republicans eager to look the other way but have anguished the family of Lori Klausutis, who died when she suffered a heart condition that caused her to fall and hit her head on a desk. Mr. Trump doubled down on the false accusation even after Timothy Klausutis pleaded unsuccessfully with Twitter to take down the posts about his late wife because they were causing her family such deep pain.

“A lot of people suggest that and hopefully someday people are going to find out,” the president said when asked by reporters about his tweets suggesting that Mr. Scarborough had committed murder perhaps because of an affair with Ms. Klausutis. “It’s certainly a very suspicious situation. Very sad, very sad and very suspicious.”

Attention New York Times: just because he’s gone and done it doesn’t mean it still isn’t “unthinkable”.

Twitter Flags Two False Trump Tweets as False, Trump Blows Gasket 

Elizabeth Dwoskin, reporting for The Washington Post:

Twitter on Tuesday slapped a fact-check label on President Trump’s tweets for the first time, a response to long-standing criticism that the company is too hands-off when it comes to policing misinformation and falsehoods from world leaders.

It sounds like a little thing, but I would argue strenuously against the verb slapped in that context. This makes it sound like Twitter acted impetuously or unfairly. It’s a slightly loaded word and the loaded connotation does not fit with Twitter’s very sober action here.

The move, which escalates tensions between Washington and Silicon Valley in an election year, was made in response to two Trump tweets over the past 24 hours. The tweets falsely claimed that mail-in ballots are fraudulent. Twitter’s label says, “Get the facts about mail-in ballots,” and redirects users to news articles about Trump’s unsubstantiated claim.

Trump’s two tweets in question, and the information page Twitter’s label links to. Twitter’s information page is extremely factual.

Trump’s response (all dots and capitalization verbatim):

[email protected] is now interfering in the 2020 Presidential Election. They are saying my statement on Mail-In Ballots, which will lead to massive corruption and fraud, is incorrect, based on fact-checking by Fake News CNN and the Amazon Washington Post....

....Twitter is completely stifling FREE SPEECH, and I, as President, will not allow it to happen!

New ‘Unc0ver’ Jailbreak Works on All iPhones Running iOS 11 to 13.5 

Joseph Cox, reporting for Motherboard:

On Saturday, hackers and developers released the first public jailbreak for Apple’s iOS operating system that they say works at launch on all iOS devices. A hacker who worked on the jailbreak says it works by taking advantage of a vulnerability in iOS that Apple is not aware of, or a so-called zero day.

The news signals the first time a jailbreak has been released that works on all devices on launch day since iOS 10, according to iOS security researcher Pwn20wnd, who discovered the underlying vulnerability powering the new jailbreak.

“iPhones are getting more secure every year because Apple is learning their mistakes from public jailbreaks or attacks they find in the wild,” Pwn20wnd told Motherboard in an online chat.

Compare and contrast with Lily Hay Newman’s lede on the same story for Wired:

Over the years, Apple has made it prohibitively difficult to install unapproved software on its locked-down devices. But on Saturday, a hacker group called Unc0ver released a tool that will “jailbreak” all versions of iOS from 11 to 13.5. It’s been years since a jailbreak has been available for a current version of iOS for more than a few days — making this yet another knock on Apple’s faltering security image.

Neither of those linked articles supports the idea that Apple’s “security image” is faltering, and the second one dates to December 2017.

Apple Is Reopening Over 100 US Retail Stores This Week, Most With Curbside or Storefront Service Only 

Michael Steeber, reporting for 9to5Mac:

While individual US state guidance varies, you can generally expect to be required to wear a mask and pass a temperature check to enter an Apple Store for the foreseeable future. The ability to browse is limited, with Apple emphasizing online sales and in-store support.

We recently analyzed the COVID-19 response of more than two dozen top retailers in comparison to Apple’s procedures. The new safety guidelines Apple has enforced for the protection of employees and customers are among the most stringent in the industry and have proven successful at reopenings around the world.

Josh Centers, writing at The Prepared last month, proposed The Apple Store Index as an indication of where it’s actually safe to reopen retail establishments, and to what degree.

And Apple is choosing to burn millions, possibly billions of dollars in cash to keep people safe. Because as much as closing its stores is costing the company, a pile of dead employees and customers will cost even more. And Apple, being a wildly successful business even in the worst economic conditions, can withstand a lot more pressure to re-open than any politician. While many governors are having their arms figuratively twisted by President Trump and angry protestors, no one will be calling for Tim Cook’s head until at least Apple’s Q2 earnings report, due on April 30, 2020. Even then, years of strong performance under Cook and his prior experience in dealing with shareholder uprisings will insulate him for a long time.

So for that reason, no matter what my governor says, I won’t consider stepping into a crowd until Apple gives the all-clear.

It’s worth noting that Apple’s retail reopenings in China have, by all accounts, gone well.

Marc Levoy, Head of Pixel’s Camera Team, Left Google 

Nick Bastone, reporting for The Information May 13:

The mastermind behind Google’s Pixel camera, Marc Levoy, who last year showed off his team’s photography advances during a Google event in New York City, left the company in March. The exit, which hasn’t been previously reported, follows the departure of Pixel general manager Mario Queiroz, the second top executive to leave the Pixel orbit in less than a year. Both declined a request for comment.

The Pixel 4 seems like the least-acclaimed Google phone since they started calling them Pixels. Hindsight is 20-20, but I remember thinking when I watched Levoy talk about the Pixel 4 camera system on stage that he seemed … annoyed? He was stuck defending the Pixel 4 adding a telephoto lens when all of its competitors in the flagship camera phone space had added ultra-wide lenses, and his heart didn’t seem in it.

The Pixel camera hardware has never been extraordinary; what’s worth noting has always been its software. So it’ll be interesting to see where Levoy winds up.

‘Joe Rogan Got Ripped Off’ 

Andrew Wilkinson, writing on the Supercast blog:

In that post, I also speculated that Joe Rogan—the largest podcaster in the world—was likely a billionaire. Even though he probably didn’t realize it. Apparently, Joe Rogan didn’t read my post. But someone else definitely did: Daniel Ek, the CEO of Spotify, who just closed an exclusive deal with Rogan to move his show (audio and video) to the Spotify platform.

If the numbers are to be believed, it’s a steal of a deal for Spotify: for $100-$200mm they secured the largest podcast audience in the world.

I’m not exaggerating. Spotify’s market cap jumped by $3 billion in the 24h after the news of this deal broke.

The market saw what Rogan missed: Spotify took his oil.

A lot of Wilkinson’s napkin-math numbers are speculative (conversion rates, ad CPM) to some degree, but there’s no arguing with how Wall Street saw Rogan’s deal: as a coup for Spotify. If he’s really only making $100M per year, he sold way low.

Supercast is a service built for podcasters who want to monetize via subscriptions, so you can argue that Wilkinson has a vested interest in the “stay indie” argument. But he’s not arguing that Rogan should have gone with Supercast — he’s arguing only that Rogan should have kept direct control over his relationship with his listeners. And he makes an interesting point regarding Howard Stern:

For context, Howard Stern — who just before his Sirius deal was one of the most widely listened to radio personalities in the world — now has an audience of less than 1 million per episode. When I tell most people my age (early 30’s) that I love Howard Stern, I get a blank stare.

Nobody knows who he is. Stern has lost his impact on culture in exchange for a big upfront payment.

Stern has undeniably made a fortune from his 15 years at Sirius, but he’s also just as undeniably lost a huge majority of his potential listenership. The goal for someone who has poured their life into their show isn’t just to maximize the money they make — it’s to achieve a good balance between maximizing revenue, maximizing the audience size, and maximizing creative control over their work.

Even if you put money aside, Rogan’s deal with Spotify will almost certainly shrink his audience to some degree, and it gives Spotify complete control over Rogan’s relationship with his audience. I don’t think Rogan is a fool — quite the opposite. But I still think he’s underestimating the value of his show.

See also: Bari Weiss’s interview with Rogan for her column at The New York Times: “Joe Rogan Is the New Mainstream Media”.

The Project Behind a Front Page Full of Names 

Times Insider on today’s stunning front page, all text running under the headline “U.S. Deaths Near 100,000, an Incalculable Loss”:

For the front page of the paper, two ideas stood out: either a grid of hundreds of pictures of those who had lost their lives to Covid-19, or an “all type” concept, Mr. Bodkin said. Whichever approach was chosen, he said, “we wanted to take over the entire page.”

The all-type concept came to the fore. Such a treatment “would be hugely dramatic,” he said.

Luminary Raises Another $30 Million to Flush Down the Toilet 

Speaking of the business of podcasting, here’s Lucas Shaw and Priya Anand, reporting for Bloomberg:*

Luminary Media, the money-losing podcasting startup, has raised more than $30 million in a new round and is seeking more funding as it tries to ride out the global pandemic, according to people familiar with the matter.

The funds were raised at a level below last year’s $200 million valuation, said the people, who asked not to be identified because the process is private. The company, which is also cutting costs after struggling to attract subscribers, plans to use the money to fund operations and future programming.

This current round of investment would bring Luminary’s total fundraising to more than $160 million, comparable to the value of the entire company.

I called this a year ago, when I said Luminary’s initial funding of $100 million was being flushed down the toilet:

It might be a great idea to start a company to produce podcasts with celebrity hosts like Lena Dunham, Russell Brand, Trevor Noah, and whomever else Luminary has signed. Those shows, if done well, could be hugely popular and make tons of money — from ads. But a company bringing that talent together does not need $100 million in funding and will never be worth 1/100th of Netflix.

Part of the nature of podcasting is that the cost overhead is remarkably low. You can produce a truly professional show with a few hundred dollars worth of equipment and software. That’s fundamentally different from the cost structure of streaming video. Now Luminary is trying to recover the money they’ve already flushed down the toilet by flushing some more. This isn’t a good idea that just needs more time — it’s a terrible idea predicated on a complete misunderstanding of how both the podcasting and streaming video industries work. Trying to build “the Netflix of podcasting” is like trying to build the “the PlayStation of sudokus”.

When’s the last time you even heard about Luminary? Whoever is funding this round is the proverbial fool soon parted from their money.

* Again: you know.

The Square Small Business Hackathon 

My thanks to Square for sponsoring DF this week to promote their Small Business Hackathon.

You can help small businesses adapt, recover, and innovate in these challenging times by participating in the Square Small Business Hackathon, running now through June 22. Categories include Retail, Food & Beverage, Healthcare, and Services & Other. You may build for web or mobile using one of Square’s APIs and/or SDKs, in whatever programming language you prefer.

First place category winners get: $3,000 for themselves, $3,000 to donate to a small business of their choice, a Google Home, Square swag, and promotion on Square’s Twitter and YouTube channel. You can get started today.

Hertz Files for Bankruptcy, Somehow Accumulated $17 Billion in Debt 

Niraj Chokshi, reporting for The New York Times:

Though it had piled up $17 billion in debt, Hertz, which also owns the Dollar and Thrifty brands, was reporting healthy sales at the start 2020. The company’s revenue rose 6 percent in January and February.

How in the world does it make sense for a company in a low-margin, long-established business with financials like this to rack up $17 billion in debt? When times were good this amount of debt would consume decades of Hertz’s profits. This is bananas.

Carnegie Mellon Researchers: Half of Twitter Accounts Discussing COVID-19 Are Disinformation Bots 

Karen Hao, writing for MIT Technology Review:

Kathleen M. Carley and her team at Carnegie Mellon University’s Center for Informed Democracy & Social Cybersecurity have been tracking bots and influence campaigns for a long time. Across US and foreign elections, natural disasters, and other politicized events, the level of bot involvement is normally between 10 and 20%, she says.

But in a new study, the researchers have found that bots may account for between 45 and 60% of Twitter accounts discussing covid-19. […] Through the analysis, they identified more than 100 types of inaccurate covid-19 stories and found that not only were bots gaining traction and accumulating followers, but they accounted for 82% of the top 50 and 62% of the top 1,000 influential retweeters. […]

Unfortunately, there are no easy solutions to this problem. Banning or removing accounts won’t work, as more can be spun up for every one that is deleted. Banning accounts that spread inaccurate facts also won’t solve anything.

I don’t understand this conclusion at all. If a team at Carnegie Mellon can do this research, so too could a team at Twitter itself. Or Twitter could just use outside teams like the one at Carnegie Mellon.

What we know is that bots are harmful — they spread misinformation with disastrous real-world effect. And we know that both bot accounts and disinformation in the content of posts can be identified at scale, algorithmically. On a social network, anti-disinformation software wouldn’t have to eradicate all disinformation to be radically effective — it only needs to start with the posts that are reaching the most people and work down the popularity graph from there.

The argument that Twitter and Facebook can’t beat disinformation by banning it is like arguing that email providers can’t beat spam. Spam hasn’t been eradicated but it has been effectively diminished. There’s absolutely no reason Twitter and Facebook can’t defeat social media disinformation to the same degree we’ve defeated spam email. They haven’t done so because they don’t want to, presumably because they consider the “engagement” generated by these bots worth the social destruction they cause.

Update: Maybe it’s not “engagement” but “active users”. Or both. What matters is that so long as looking the other way at bot activity increases the metrics used to value Twitter and Facebook, Twitter and Facebook have perverse incentives not to combat bot activity to the extent that they could. The email spam analogy holds — conversely, email providers have zero incentive to allow spam into your mailbox because no one values the worth of an email provider by the number of messages in its user’s inboxes. (Also, you don’t find anyone yelling about spam filtering being a suppression of “free speech”.)

The Talk Show: ‘Fahrenheit Truthers’ 

Ben Thompson returns to the show and there’s no sports talk because there’s no sports. Instead: temperature scales, Joe Rogan and Spotify, and Dithering.

Brought to you by:

  • Squarespace: Make your next move. Use code talkshow for 10% off your first order.
  • Linode: Instantly deploy and manage an SSD server in the Linode Cloud. Use code talkshow20 and get $20 credit toward your next project.
  • Yes Plz: Brew yourself the best coffee. Try Yes Plz today and save $5 with code fireball5.
Bloomberg: ‘Amazon’s Audible Goes Beyond Books to Chase Spotify in Podcasts’ 

Lucas Shaw, reporting for Bloomberg:*

In recent months, Audible, the audiobook service owned by Inc., has been meeting with talent agencies and producers to discuss acquiring potential new podcast projects — or, in the terminology that Audible prefers, “Audible Originals.”

I salute Audible for continuing not to call them “podcasts” — if you can’t listen to them in whatever app you want, they’re just shows, not podcasts.

Audible is offering anywhere from a few hundred thousand dollars to a few million dollars per show, according to people familiar with the matter, more than every competitor except Spotify Technology SA. So far, Audible has already purchased shows from documentary producer John Battsek, as well as from comedians Kevin Hart and Tiffany Haddish. The acquisitions by the dominant audiobook service in the U.S. are part of a new, multimillion-dollar shopping spree, designed to establish Audible as a more enticing destination for podcast fans and to fend off growing audio-storytelling competition, particularly from Spotify.

This week’s news on Joe Rogan signing a multi-year exclusive deal with Spotify got me thinking about this. With TV shows and movies, there are a slew of deep-pocketed streaming services competing with huge offers for top talent. We saw that just a few days ago with Apple buying up the rights to Tom Hanks’s Greyhound for $70 million. But, where are the competitors to Spotify? Well, here’s Audible.

But where’s Apple in this? There was a report a year ago — also from Lucas Shaw at Bloomberg — that Apple was pursuing exclusives, but so far, nada. But if Apple does start buying exclusive audio shows, where will they go? My guess is that you’d get the content through an Apple Music subscription, but the shows would appear in the Apple Podcasts app. I don’t think it would make sense for Apple to offer yet another subscription just for audio shows, and it wouldn’t make sense for podcast-style shows to appear in the Music app rather than the Podcast app.

Audible has been funding original series for years now, but after starting with programs from well-known authors, the company is now prioritizing celebrity hosts and shows that can help broaden its audience beyond the avid audiobook listener.

Not sure if it was foresight or just good luck, but the name “Audible” is perfect for any and all audio content, not just books. It reminds me of how Amazon was “the online bookstore” for years before they expanded to other stuff, and if anything, the A→Z gimmick works better as the name of an everything store than it does a mere bookstore.

Audible is also considering changes to its business model. Under the current system, each month subscribers pay $14.95 and receive credits for one book and two original shows. Now the company is debating selling original shows individually so that customers don’t need to be subscribers to listen, said the people, who asked not to be identified while discussing terms of private business deals. Audible has also explored the possibility of rolling out a lower-priced plan that would offer access to originals but not books.

A lower-priced subscription that doesn’t include books makes the most sense to me.

Audible’s big push into the booming audio genre has confused some producers and podcast networks because it is happening at the same time that Amazon Music, a separate division of the e-commerce giant, is also ramping up its investment in podcasts. Amazon Music will add podcasts to its app in the coming months, according to people familiar with the matter. Amazon has been talking with producers and networks about hosting their shows within its app, though they have yet to finalize many deals.

Intrigue! So is there a cohesive Amazon-wide strategy here, or is it a left-hand doesn’t know what the right-hand is doing situation? Podcast-style shows are a natural fit for both Audible and Amazon Music. Like Apple, Amazon has a tightlipped culture, so it’s not surprising to me that the content producers they’re negotiating with are in the dark. It would be kind of wild, though, if a company as smart as Amazon found itself with two of its divisions competing against each other for content deals.

* You know.

Yahoo News/YouGov Poll Shows Coronavirus Conspiracy Theories Spreading on the Right May Hamper Vaccine Efforts 

Andrew Romano, reporting for Yahoo News:

According to a new Yahoo News/YouGov poll, 44 percent of Republicans believe that Bill Gates is plotting to use a mass COVID-19 vaccination campaign as a pretext to implant microchips in billions of people and monitor their movements — a widely debunked conspiracy theory with no basis in fact.

The survey, which was conducted May 20 and 21, found that only 26 percent of Republicans correctly identify the story as false. In contrast, just 19 percent of Democrats believe the same spurious narrative about the Microsoft founder and public-health philanthropist. A majority of Democrats recognize that it’s not true.

It’s slightly worse among Fox News viewers:

Take the Gates example. Half of all Americans (50 percent) who name Fox News as their primary television news source believe the disproven conspiracy theory, and 44 percent of voters who cast ballots for Trump in 2016 do as well — even though neither Fox nor Trump has promoted it. At the same time, just 15 percent of MSNBC viewers and 12 percent of Clinton voters say the story is true.

Depressing, to say the least. Social networks need to treat anti-vaccination disinformation the way they treat hate speech. This dangerous nonsense doesn’t need to be refuted, it needs to be shunned. It is as shameful to allow these theories to propagate on social networks as it is to allow KKK propaganda. Relegate these lunacies back to forwarded email chains. Keep in mind too that the people who refuse to be vaccinated aren’t just hurting themselves. They hurt their children, who don’t have a choice, and they suppress the herd immunity that protects those with immune disorders for whom vaccines are dangerous.

‘What Time Is It in London?’

Nilay Patel asked this of Siri on his Apple Watch. After too long of a wait, he got the correct answer — for London Canada. I tried on my iPhone and got the same result. Stupid and slow is heck of a combination.

You can argue that giving the time in London Ontario isn’t wrong per se, but that’s nonsense. The right answer is the common sense answer. If you had a human assistant and asked them “What’s the time in London?” and they honestly thought the best way to answer that question was to give you the time for the nearest London, which happened to be in Ontario or Kentucky, you’d fire that assistant. You wouldn’t fire them for getting that one answer wrong, you’d fire them because that one wrong answer is emblematic of a serious cognitive deficiency that permeates everything they try to do. You’d never have hired them in the first place, really, because there’s no way a person this lacking in common sense would get through a job interview. You don’t have to be particularly smart or knowledgeable to assume that “London” means “London England”, you just have to not be stupid.

Worse, I tried on my HomePod and Siri gave me the correct answer: the time in London England. I say this is worse because it exemplifies how inconsistent Siri is. Why in the world would you get a completely different answer to a very simple question based solely on which device answers your question? At least when most computer systems are wrong they’re consistently wrong.

I tried the same question on every other system I know where it should work: “What time is it in London?”

So every other service that tries to answer “What time is it in London?” gets it right. Only Siri gets it wrong. 

No Mask, No Dice

Josh Marshall, writing at Talking Points Memo, “Unpacking the Mask Debate”:

Here’s an article that is very current among mask skeptics. It’s a review by two bona-fide experts, Dr. Lisa M. Brosseau and Dr Margaret Sietsema, writing back on April 1st, a veritable lifetime ago in COVID19 terms. It was published by the Center for Infectious Disease Research and Policy at The University of Minnesota.

The gist is that there’s little to no scientific evidence that masks are effective for the population at large and that what protection there might be is minimal at best. Additionally, they argue that mask-wearing may create a false sense of security that leads people to relax more effect mitigation strategies like distancing and hand washing. So the net effect of mask-wearing may actually be more infections rather than fewer.

If you read the report closely however a few points emerge.

First, it’s not evidence that masks are not effective — few studies really show this or demonstrate it in any clear way — but a lack of evidence for their efficacy. Second, they focus heavily on health care workers, both for available studies about what works and doesn’t and for the standards we should apply for efficacy. Finally, they take a very binary approach to efficacy. They work or they don’t.

As a vocal face mask proponent, I’ve heard something like the above counterargument from a small number of mask skeptics. Basically, the pro-mask argument is that there seems to be a lot of upside to widespread mask-wearing, and effectively no downside whatsoever beyond the initial “this feels weird” social awkwardness and mild physical discomfort. (Pro tip: Keep a tin of Altoids next to your masks.)

We’re waiting for peer-reviewed studies. In the meantime, early studies and anecdotal evidence from countries with established mask-wearing social norms suggest quite strongly that mask wearing is effective. And so if there are no downsides, there really is no argument against universal face mask wearing in public, especially indoors.

One segment of anti-mask crusaders are those who insist that the whole pandemic has been so profoundly overblown that it’s effectively a hoax. This is lunacy — there’s no point arguing with them. No surprise, some of them are flat-earthers too. But there are more than lunatics who are opposed to face masks.

The in-touch-with-reality anti-mask skeptics seem to have latched onto the idea that maybe there are downsides, that wearing a mask might somehow make it more likely that you’ll get infected — the “false sense of security” argument proposed in the article Marshall cites. That’s a plausible hypothesis, and the world is full of counterintuitive truths. E.g. the fact that one typically stays drier walking, rather than running, to shelter in a rainstorm — even though running decreases your exposure time to the rain, it so greatly increases the number of droplets that hit you that you wind up wetter. Maybe wearing a face mask in a pandemic is like running in the rain, the thinking goes, counterintuitively making things worse.

The problem for masks skeptics is there’s no data that suggests this might be the case. A plausible hypothesis is only the start of the scientific method. There is longstanding evidence in Asian countries with mask-wearing norms that, at the very least, face-mask-wearing causes no harm. As Marshall notes, if anything, as evidence comes in, masking-wearing appears to be even more effective than even proponents thought.

I’m old enough to recall when wearing seat belts became mandatory. Roughly speaking, these laws spread quickly from state to state, starting with New York in 1984 and becoming the rule rather than the exception within a decade. (“Live free or die” New Hampshire is the only remaining state that doesn’t require adults to wear a seat belt.)

I recall a similar sort of opposition to these laws as we see now with mandatory face masks. Opposition to compulsory seat belt laws always seemed crazy to me, because the evidence was so overwhelming that seat belts save lives and greatly reduce injuries that it was clearly worth making an exception to the principle, widely held in America, that the government generally shouldn’t tell people what to do. But crazy or not, opposition there was. “Fuck you, I don’t want to wear one, it’s a free country.” Word for word, the same sentiment then about seat belts as now about face masks.

One of the arguments against compulsory seat-belt-wearing was that sometimes wearing a seat belt makes things worse. “What if I’m in an accident and my seat belt gets jammed, trapping me in a burning car?” “I read about a guy who wasn’t wearing a seatbelt and he walked away from a terrible accident because he was thrown out of the car before it was totaled.

I don’t agree with it, but to some degree I get it: What right does a government that sells you lottery tickets have to tell you that your odds are better if you’re wearing a seat belt?

But there’s a fundamental difference between wearing a seat belt in a car and wearing a face mask in a store. A seat belt really only protects the wearer. There are tangential arguments that society as a whole benefits from fewer car crash deaths and injuries, but the primary reason we have laws requiring you to wear a seat belt is to protect you from harm. Face mask requirements aren’t like that. They’re more like laws banning smoking in restaurants and making drunk driving a serious crime — they protect us all from harm.

From earlier in my childhood, I recall ubiquitous signs at the entrances of stores and restaurants: “No shirt, no shoes, no service.” There were variants, but that exact phrasing was common. I always considered those signs so strange, as I couldn’t imagine why anyone would even want to go into a store or restaurant without a shirt or shoes, let alone need a sign telling them that doing so was not permitted, but I figured it must have been a problem with hippies or something. (There were a lot of old people complaining about hippies long after there were any hippies left to complain about.)

Basically, other than poolside or at a beach, anyone who wants to go into a public establishment barefoot or shirtless is an asshole. It seems pretty clear that the people today angrily objecting to mandatory face masks aren’t really concerned with the epidemiological efficacy of masks. They’re concerned with asserting their perceived entitlement to be an asshole. You don’t need to hang a “No assholes allowed” sign to enforce it as a rule. 

The CDC and Several States Are Misreporting COVID-19 Test Data 

Alexis Madrigal and Robinson Meyer, reporting for The Atlantic:

The upshot is that the government’s disease-fighting agency is overstating the country’s ability to test people who are sick with COVID-19. The agency confirmed to The Atlantic on Wednesday that it is mixing the results of viral and antibody tests, even though the two tests reveal different information and are used for different reasons.

This is not merely a technical error. States have set quantitative guidelines for reopening their economies based on these flawed data points.

Several states — including Pennsylvania, the site of one of the country’s largest outbreaks, as well as Texas, Georgia, and Vermont — are blending the data in the same way. Virginia likewise mixed viral and antibody test results until last week, but it reversed course and the governor apologized for the practice after it was covered by the Richmond Times-Dispatch and The Atlantic. Maine similarly separated its data on Wednesday; Vermont authorities claimed they didn’t even know they were doing this. The widespread use of the practice means that it remains difficult to know exactly how much the country’s ability to test people who are actively sick with COVID-19 has improved.

“You’ve got to be kidding me,” Ashish Jha, the K. T. Li Professor of Global Health at Harvard and the director of the Harvard Global Health Institute, told us when we described what the CDC was doing. “How could the CDC make that mistake? This is a mess.”


Android Action Blocks 

Seems like a very cool accessibility feature primarily designed for people with cognitive disabilities. “Blocks” are Google Assistant recipes saved to the home screen as one-tap actions. Loosely, it’s sort of the Android equivalent of Siri Shortcuts, but their integration with the home screen is quite different.

Hamster Research Shows Masks Effective in Preventing COVID-19 Transmission 

The University of Hong Kong:

The study, released on Sunday, shed light on an ongoing heated debate on whether wearing masks would help prevent the transmission of the deadly coronavirus.

In each set of the experiment, hamsters were separated in two groups and placed in two cages, with one of the groups infected with Covid-19. In the first experiment, no surgical masks were placed between the two cages. In the second one, a surgical mask was placed closer to the healthy hamsters. In the third experiment, the mask was placed closer to the infected, as if the healthy ones or the infected were wearing masks.

With no partition in between the cages, two-thirds of the healthy hamsters were infected a week later. In the following two experiments with masks in between, the infection rates were lowered to one-third and one-sixth respectively.

Wear it for others, wear it for yourself. The more we learn, the more important mask wearing appears to be. We should be universally celebrating that something so simple, so cheap, with no side effects worse than fogged-up glasses, is measurably effective at stopping the spread of COVID-19.

AT&T Will Stick With ‘5G E’ Status Bar Icon Even After Being Called Out as Bullshit by Industry Ad Board 

Mike Dano, reporting for Light Reading:

A panel of the National Advertising Review Board (NARB) recommended that AT&T discontinue its “5G Evolution” advertising claims.

And AT&T said it will.

“AT&T respectfully disagrees with the reasoning and result reached by the panel majority,” the operator said in a statement to Light Reading. “AT&T’s customers nationwide continue to benefit from dramatically superior speeds and performance that its current network provides. As a supporter of the self-regulatory process, however, AT&T will comply with the NARB’s decision.”

But AT&T said the NARB’s recommendation only applies to its advertising and therefore will not affect the one element that really matters: Its service icon. AT&T said it will continue to display its “5GE” icon on its customers’ LTE phones.

What a pile of horseshit.

‘The Miracle Sudoku’ 

Ben Orlin on Twitter:

You’re about to spend the next 25 minutes watching a guy solve a Sudoku.

Not only that, but it’s going to be the highlight of your day.

I didn’t believe that either, but it’s true. Truly compelling. (Via Kottke.)

‘Hide UI’ — New Grayshift Feature Plants Hidden Passcode Monitoring Software on iPhones 

Olivia Solon, reporting for NBC News:

Software called Hide UI, created by Grayshift, a company that makes iPhone-cracking devices for law enforcement, can track a suspect’s passcode when it’s entered into a phone, according to two people in law enforcement, who asked not to be named out of fear of violating non-disclosure agreements. […]

The GrayKey device, first revealed by Forbes and detailed by security blog Malwarebytes, is a small box with two iPhone lightning cables sticking out of it that was launched in March 2018. Law enforcement officials can plug any recent model of iPhone into the cables to install an “agent” (a piece of software) on the device. The agent then attempts to crack the passcode, offering an estimate for how much time it might take.

In order for this feature to work, law enforcement officials must install the covert software and then set up a scenario to put a seized device back into the hands of the suspect, said the people familiar with the system. […] For example, a law enforcement official could tell the suspect they can call their lawyer or take some phone numbers off the device. Once the suspect has done this, even if they lock their phone again, Hide UI will have stored the passcode in a text file that can be extracted the next time the phone is plugged into the GrayKey device. Law enforcement can then use the passcode to unlock the phone and extract all the data stored on it.

Anyone who trusts their device after they know it’s been in the hands of law enforcement is a fool. You’d have to be pretty stupid to fall for this, but there are a lot of stupid people out there.

Grayshift, you will recall, was cofounded by Braden Thomas, who spent six years at Apple as a security engineer, and who is, to say the least, not popular with his former colleagues. “What a fucking piece of shit,” one former Apple engineer told me of Thomas back in January.

Tom Hanks WWII Movie ‘Greyhound’ Moves From Theatrical Release to Apple TV+ 

Mike Fleming Jr., reporting for Deadline:

In a real shocker, the WWII naval drama Greyhound that Tom Hanks wrote and stars in has abruptly changed course and will berth at Apple. Originally on the Sony Pictures theatrical calendar for Father’s Day weekend, the film instead will become the biggest feature film commitment made by Apple to premiere on Apple TV+. It is the latest in a growing indication that Apple is making its move, and becoming as aggressive as any streamer or studio in auctions for the acquisition of films and TV projects. […]

It was going to be a major theatrical release for Sony — first slotted for May 8 but then moved into Father’s Day weekend June 19, until the pandemic washed out every studio’s plans and shuttered movie theaters around the world. That’s when the decision was made to alter course. The picture quietly was shopped in stealthy fashion, and it became a bidding battle between the big streamers. I’m told a deal closed in the $70 million range, with the auction brokered by CAA Media Finance and FilmNation.

It’s good to have a bankroll. I get the feeling that the COVID quarantine is accelerating Apple’s aggressiveness in streaming, but when opportunity knocks, you answer the door.

How the FBI Cracked Pensacola Shooter’s iPhone: An Automated Passcode Guesser 

Kevin Collier and Cyrus Farivar, reporting for NBC News:

The FBI was able to eventually access Alshamrani’s phone not by an unprecedented technical feat, but rather by “an automated passcode guesser,” according to a person familiar with the situation who spoke on condition of anonymity because the person was not authorized to speak publicly on the matter.

Each attempt at unlocking an iPhone through this sort of brute force technique takes about 80 ms to process; this cannot be sped up externally because the guesses can only be computed on the device’s secure enclave — a limit of about 12.5 guesses per second.

You may recall from earlier this year that these guessers are thus very effective against short numeric passcodes. On average, a 4-digit passcode would take 7 minutes to guess (14 minutes at the maximum, if the last possible combination were the last to be guessed). A 6-digit passcode — the current default — would take on average 11 hours to crack, 22 hours tops.

A 6-character alphanumeric passphrase — A-Z, a-z, 0-9 — would take on average 72 years to guess. That’s just 6 characters. And that’s if it only contains letters and numbers, no punctuation characters or spaces — and if the person programming the automated guesser somehow knows or guesses that the passphrase contains only letters and numbers, and that it’s exactly 6 characters in length. (When your iOS device is locked by a numeric code, the unlock screen shows you how many digits the passcode contains; when your device is locked by a passphrase, the length is not revealed.)

So you can see why the FBI and DOJ are still pressuring Apple to build backdoors into devices — if the Pensacola shooter had used a decent alphanumeric passphrase it’s very unlikely they’d have been able to get into his iPhone.

On the other hand, law enforcement benefits greatly from the fact that the default iOS passcode remains only 6 numeric digits. I suspect Apple is doing this more as a concession to user convenience than as favor to law enforcement, but one shouldn’t look a gift horse in the mouth.

’Howard Stern Is Getting Ripped Off‘ 

Andrew Wilkinson, back in September:

In 2005, Howard Stern shocked the world by leaving terrestrial radio and accepting a $500 million dollar deal to move his show to Sirius satellite radio. In 2015, he renewed with a 5-year deal for $90 million per year.

People were blown away by the numbers. He was making out like a bandit! Had he been a CEO receiving the same pay, he would have qualified as the third highest paid CEO in America in 2014.

As of today, Howard is getting seriously ripped off.

Stern’s deal with Sirius XM expires at the end of the year.

And, presciently, regarding Joe Rogan:

Take a look at Joe Rogan, who currently has the most popular talk show podcast with over 200 million downloads per month. This number comes from Joe himself, but let’s assume he was exaggerating and it’s only 100 million downloads per month.

Assuming he sells ads at a low $18 CPM (cost per thousand listeners) and sells out his ad spots, he’s making approximately $64mm in annual revenue. If he’s on the higher end, at $50 CPM, he could be making as much as $240mm per year. The only factor that would change this is how many free ads Joe gives to companies that he has a personal equity stake in (like Onnit, the supplement brand he co-owns).

That means that Joe makes somewhere between $64-$240 million per year in revenue from his podcast advertising alone — and that’s handicapping his audience by half what he claims to have. That number also doesn’t include any additional revenue generated from his wildly popular YouTube channel, which has over 6 million subscribers.

$20 CPM is a fair ballpark estimate, and while we can’t verify his listener numbers, we know that his show ranks second at iTunes’s podcast directory. We don’t know yet what Spotify is paying him for exclusivity, but his show should have been generating $50+ million per year on its own. It seems likely that Joe Rogan is now the highest paid broadcaster in the world. Depending on the length of the deal, it really could be a billion dollar deal. Spotify’s stock jumped over 8 percent today on the news, which is over $2 billion at their current market cap.

However much Howard Stern was getting underpaid by Sirius six months ago, it’s even more so now.

‘Joe Rogan Experience’ Podcast Will Be Exclusive to Spotify 

Todd Spangler, reporting for Variety:

“The Joe Rogan Experience,” one of podcasting’s longest-running and most popular shows, will be launching on Spotify exclusively this year. The Rogan-hosted comedy talk-show series will debut on Spotify on Sept. 1, 2020, on a nonexclusive basis — before becoming exclusive to the platform later in 2020 under the multiyear licensing deal. With Rogan, Spotify has landed one of the podcasting biz’s whales. It currently ranks as the No. 2 most popular show on Apple Podcasts (after Barstool Sports’ “Call Her Daddy”), per Podcast Insights.

Exclusive means that come January, you’ll only be able to listen to his show in Spotify. That’s a bit of a gamble, insofar as up until now, his show hasn’t been available at all on Spotify — Spotify’s terms are such that it makes no sense for any show to allow Spotify to play it unless Spotify is paying the show. But if Howard Stern’s fans followed him to Sirius satellite radio — which at the time he made the move required not just a subscription to the service, but dedicated hardware to receive the satellite transmission and an extra subscription specifically for Stern’s show — it seems like a sure bet that most of Rogan’s fans will follow him to Spotify, where all they really need to do is download an app that a lot of them probably already have installed anyway.

(Personally, my second favorite podcast is The Bill Simmons Podcast, and during the NFL season it’s probably my very favorite. But if it went Spotify exclusive (Spotify bought Simmons’s The Ringer website and podcast network a few months ago), I’d probably stop listening. But I’m an outlier.)

A source familiar with the deal said Rogan became sold on Spotify’s ability to build his audience worldwide, after initially resisting distributing the podcast on the platform because he saw it as primarily a music service.

More power to Rogan for what’s surely a massive deal, but does anyone believe that what sold Rogan on Spotify was anything other than money?

“The podcast is moving to @spotify!” he wrote on Instagram. “It will remain FREE, and it will be the exact same show. It’s just a licensing deal, so Spotify won’t have any creative control over the show. They want me to just continue doing it the way I’m doing it right now.”

It’s interesting to me, as someone with (to put it mildly) rather strong feelings on the advantages of publishing on the open internet, that Rogan sees moving to one exclusive app, with invasive tracking, as not exerting any sort of “creative control over the show”. I’m not trying to be coy, I know what he means — the content of the show will remain as-is, with no influence from Spotify. (So they say.) But I’m a big believer in Marshall McLuhan’s axiom: “The medium is the message.” Open podcasts and Spotify podcasts are similar, for sure, but they are not the same medium.

Department of Justice Reopens Spat With Apple Over iPhone Encryption

Katie Benner and Adam Goldman, reporting for The New York Times, “FBI Finds Links Between Pensacola Gunman and Al Qaeda”:

The F.B.I. recently bypassed the security features on at least one of Mr. Alshamrani’s two iPhones to discover his Qaeda links. Christopher A. Wray, the director of the F.B.I., said the bureau had “effectively no help from Apple,” but he would not say how investigators obtained access to the phone.

That would certainly be interesting to know — but I don’t expect the FBI to reveal how they got in. But privacy advocates should not succumb to the argument that because the FBI did get into one of these iPhones, that it all worked out fine in the end. The problem with this argument is that it’s implicitly based on the assumption that it would not be fine if a phone were so secure that the FBI could not get into it. Strong encryption is, on the whole, a good thing, and should remain legal — regardless whether there are known ways to circumvent it.

The investigation has served as the latest skirmish in a fight between the Justice Department and Apple pitting personal privacy against public safety. Apple stopped routinely allowing law enforcement officials into phones in 2014 as it beefed up encryption.

This framing is entirely wrong. This suggests that Apple has the ability to “just unlock” an iPhone encrypted with a passcode or passphrase. They don’t. The difference between 2014 and today isn’t that Apple previously was cooperative with law enforcement requests and now is not — the difference is that modern iPhones can’t be “unlocked” the way older ones could, because the security on modern iPhones is so much better now.

It has argued that data privacy is a human rights issue and that if it were to develop a way to allow the American government into its phones, hackers or foreign governments like China could exploit the same tool.

But law enforcement officials have said that Apple is creating a haven for criminals. The company’s defiance in the Pensacola shooting allowed any possible co-conspirators to fabricate and compare stories, destroy evidence and disappear, Mr. Wray said.

Apple did not defy anyone here. They chose, years ago, to design secure systems that have no backdoors to unlock. Not for tech support (“I forgot my passcode”), not for law enforcement. Wray knows this. Their badmouthing of Apple’s intentions in this case is just another example of their trying to scare people into supporting legislation to make secure encryption illegal. The message from Barr and Wray to Apple is implicitly this: If you won’t add backdoors to your devices we’re going to keep saying you’re aiding terrorists and deviant criminals.

Mr. Barr has maintained one of the department’s “highest priorities” is to find a way to get technology companies to help law enforcement gain lawful access to encrypted technology.

“Privacy and public safety are not mutually exclusive,” he said. “We are confident that technology companies are capable of building secure products that protect user information and, at the same time, allow for law enforcement access when permitted by a judge.”

This is not mathematically possible, and newsrooms should stop publishing these claims from law enforcement officials without comment from encryption experts. Saying you want technology companies to make a backdoor that only “good guys” can use is like saying you want guns that only “good guys” can fire. It’s not possible, and no credible cryptographer would say that it is. You might as well say that you want Apple to come up with a way for 1 + 1 to equal 3.

If law enforcement officials choose to wage a campaign to make strong encryption illegal under the guise that only “good guys” would have the circumvention keys, that’s on them, but news media need to get their shit together on the fact that what law enforcement claims to be asking for is impossible, and what is possible — adding backdoors — would be a security disaster.

Apple issued a statement responding to Barr and Wray (via The Verge):

The terrorist attack on members of the US armed services at the Naval Air Station in Pensacola, Florida was a devastating and heinous act. Apple responded to the FBI’s first requests for information just hours after the attack on December 6, 2019 and continued to support law enforcement during their investigation. We provided every piece of information available to us, including iCloud backups, account information and transactional data for multiple accounts, and we lent continuous and ongoing technical and investigative support to FBI offices in Jacksonville, Pensacola, and New York over the months since. […]

We sell the same iPhone everywhere, we don’t store customers’ passcodes and we don’t have the capacity to unlock passcode-protected devices.

Apple cooperated in every way they technically could. The DOJ is not asking for Apple’s cooperation unlocking existing iPhones — they’re asking Apple to make future iPhones insecure. 

A Spectacularly Bad Washington Post Story on Apple and Google’s Exposure Notification Project

A Washington Post story today on Apple and Google’s joint effort on COVID-19 exposure notification project, from reporters Reed Albergotti and Drew Harwell, is the worst story I’ve seen in the Post in memory. It’s so atrociously bad — factually wrong and one-sided in opinion — that it should be retracted.

Start with the headline: “Apple and Google Are Building a Virus-Tracking System. Health Officials Say It Will Be Practically Useless.” It’s not a “virus-tracking system”, and the health officials the Post talked to don’t know what they’re talking about.

But as the tech giants have revealed more details, officials now say the software will be of little use. Due to strict rules imposed by the companies, the system will notify smartphone users if they’ve potentially come into contact with an infected person, but it won’t share any data with health officials or reveal where those meetings took place.

Notifying people when they’ve potentially come into contact with an infected person sounds useful to me. It’s true that by design, Apple and Google’s system does not track location. It’s true that location information would be potentially useful to health officials. But the exposure notifications alone are inherently useful, even without location data attached.

The gist of Apple and Google’s project is that it attempts to balance privacy with the usefulness of tracking potential exposure. It’s right there in the name of the project: “Privacy-Protecting Contact Tracing”. The Post’s sources for this story seemingly want a system with no regard for privacy at all. I wish that were an exaggeration.

But Apple and Google have refused, arguing that letting the apps collect location data or loosening other smartphone rules would undermine people’s privacy. The companies are also concerned that easing the restrictions around apps’ Bluetooth use would drain phone battery life, which could irritate customers. That unbending stance has led some health authorities to abandon hopes of building a fully functioning contact-tracing app.

“Unbending stance” is a rather harsh description of Apple and Google’s desire not to “undermine people’s privacy” or “drain phone battery life”. This isn’t an “unbending stance”. It’s table stakes for designing a system that people will actually install and use. Imagine trying to sell the public on a system that undermines their privacy or unduly drains their phone batteries — let alone a system that does both.

But Helen Nissenbaum, a professor of information science and director of the Digital Life Initiative at Cornell University, called Apple and Google’s use of privacy to defend their refusal to allow public health officials access to smartphone technology a “flamboyant smokescreen.” She said it was ironic that the two companies had for years tolerated the mass collection of people’s data but were now preventing its use for a purpose that is “critical to public health.”

“If it’s between Google and Apple having the data, I would far prefer my physician and the public health authorities to have the data about my health status,” she said. “At least they’re constrained by laws.”

Nissenbaum obviously has no idea whatsoever how this system is designed to work, despite the fact that Apple and Google have published a succinct 7-page FAQ that explains it in simple, easy-to-understand terms. It seems clear that neither the reporters from the Post nor Nissenbaum have read that FAQ, or if they did, that they don’t understand it. (Or willfully ignored it.)

Google and Apple will not “have the data”. It is stored entirely and only on each user’s own device. We, the users, will have the data, and we, the users, can share that data with our doctors.

And how in the world did “At least they’re constrained by laws” make it into this story? Nissenbaum believes Apple and Google are not constrained by laws? That will be news to both companies’ legal compliance departments, who I presume will soon be laid off.

The Apple-Google system uses the short-range Bluetooth antennas in people’s smartphones to log when two people come into contact for a short period of time, but not where that contact took place. An alert is sent if one of the people tests positive for a coronavirus infection, but that information is not shared with public health officials or contact-tracing teams.

That’s close to an accurate description — sort of, if you squint your eyes — but what the Post omits is essential. The information is not shared automatically with health officials, but if you opt into the system and get a notification that you’ve potentially been in contact with someone who has tested positive, you can then share that information with your doctor. Only doctors and registered health officials can confirm that a user in this system has tested positive for COVID-19 — otherwise, it would be open season for pranksters.

The tension over virus-tracking apps reflects a major power imbalance between the tech giants and state and local health officials, who argue that Apple and Google’s technical decisions have undermined their response to a global health emergency. It also highlights the tech giants’ ability to exert unfettered control over how billions of smartphones work.

This is nonsense. Smartphones comply with a veritable mountain of regulations and laws around the world. If you use an iPhone just look in Settings → General → Legal & Regulatory.

“They are exercising sovereign power. It’s just crazy,” said Matt Stoller, the director of research at the American Economic Liberties Project, a Washington think tank devoted to reducing the power of monopolies. Apple and Google have “decided for the whole world,” he added, “that it’s not a decision for the public to make. … You have a private government that is making choices over your society instead of democratic governments being able to make those choices.”

This quote is what’s crazy. Again, this guy Stoller clearly has no idea what he’s talking about. Apple and Google deciding how their operating systems work, in compliance with all existing laws, all around the world, is not “exercising sovereign power”. No one here is alleging that Apple or Google are doing anything even vaguely illegal. They’re not toeing some sort of line, they’re not taking advantage of any sort of loopholes.

And if Apple and Google did what Stoller and Nissenbaum seem to want them to do — track location data of every person you’re in contact with and report that data automatically to government health officials, they almost certainly would be breaking all sorts of laws around the world. The whole point of Europe’s well-intentioned but overzealous GDPR law — 88 dense pages in PDF — is, quoting from its preamble, “Natural persons should have control of their own personal data.” That’s exactly the point of Apple and Google’s system — and seemingly exactly the opposite of what every source in this Post story thinks Apple and Google should do.

Also, regarding Stoller’s advocacy for democracy, good luck finding public support for a system that turns phones into surveillance devices that report anything at all automatically to the government, let alone something as sensitive as who we’ve been in contact with and where we’ve been. I’ll grant that one can make a case that a system where government health officials have access to such data from our phones, automatically, could be useful in tracking COVID-19 infections. But try getting popular support for it. And no one I’ve seen has made the case that such a system is necessary for using phones in the aid of contact tracing.

There is not much overlap between (a) people who have thought long and hard about the very complicated ways smartphones can be used to abuse personal privacy with tracking and data collection; and (b) public health officials admirably trying to track COVID-19. None of the few people in the intersection of those two groups were quoted in this story.

The companies have argued that limiting the data the apps use could bolster their adoption rate, because people may not trust or use an app that logs their location for later use by public health authorities.

You think so?

But some parts of the U.S., including Apple and Google’s home state, say the restrictions have rendered the apps effectively useless.

None of these apps are out yet, because the APIs in iOS and Android aren’t out yet.

Contact tracers today use phone calls and interviews to track people’s movements, and rely almost entirely on people’s memory. Minute-by-minute location logs recorded by people’s phones, some officials have argued, could ease that burden by providing a more precise and automated way to track new outbreaks.

In what other context would the above paragraph pass the sniff test? “Some officials” — unnamed, unsourced — are arguing that the government should enjoy “minute-by-minute location logs recorded by people’s phones” and this is given zero pushback in a news story. No pushback at all on this argument, describing a scenario that is the very definition of a potential privacy fiasco.

“The limitations of those kind of apps are extensive,” said Mike Reid, an assistant professor of medicine at University of California, San Francisco, who’s leading the effort to train contact tracers in the state. “I don’t think they have an important role to play for most of the population.”

The contact tracers, he said, will be using software made by Salesforce and Accenture to help reach patients by phone and are trained on how to protect sensitive patient information.

“We go to pains to minimize the amount of data we take from people and we ask consent from people we’re talking to on the phone. We go to considerable lengths to ensure there are strong technical controls to ensure the anonymization of our platforms,” he said. “Can you say the same thing about these big tech companies? I’m not sure.”

Yeah, so it would be better if Apple and Google minimized the data and stored it only on the devices themselves, rather than collecting it on their servers. And they should explain in detail how their system protects privacy and ensures anonymity from start to finish.


Also — also! — we now have someone who will be training contact tracers in California, who voluntarily went on the record that Salesforce and Accenture are more worthy of trust for contract-tracing privacy protection (with detailed location data!) than the Apple/Google proposal. Goddamn.

With the Apple and Google approach, “we’ve overcompensated for privacy and still created other risks and not solved the problem,” said Ashkan Soltani, the former chief technologist of the Federal Trade Commission. “I’d personally be more comfortable if it were a health agency that I trusted and there were legal protections in place over the use of the data and I knew it was operated by a dedicated security team.”

It is legit amazing to see Ashkan Soltani, of all people, say “we’ve overcompensated for privacy.”

Tom Frieden, the former director of the Centers for Disease Control and Prevention now working with the health organization Vital Strategies, said the proximity-tracing system as proposed by Apple and Google has “been largely a distraction.”

“There are very serious questions about its feasibility and its ability to be done with adequate respect for privacy, and it has muddied the water for what actually needs to happen,” Frieden said in an interview Wednesday. “This was an approach that was done with not much understanding and a lot of overpromising.”

Here is Apple and Google’s joint announcement. What exactly did either company overpromise? Did a bunch of idiots who weren’t involved, didn’t read the specs, and don’t even understand the proposal jump to overpromise-y conclusions? Sure. But how is that Apple or Google’s fault?

The proximity-tracing systems are “a bright shiny object,” he said, “but right now they’re doing nothing to stop the pandemic.”

Maybe because they’re not fucking out yet? Hallelujah, holy shit — where’s the Tylenol?