Hacking McDonald’s Notoriously Finicky Ice Cream Machines 

Andy Greenberg, writing for Wired:

Of all the mysteries and injustices of the McDonald’s ice cream machine, the one that Jeremy O’Sullivan insists you understand first is its secret passcode.

Much crazier story than you’d think.

(Here’s a cached version that gets you around Wired’s odious paywall and super-annoying animated ads.)

‘A Very Good Weird’: Israel Drops Outdoor COVID Mask Order 

Dan Williams, reporting for Reuters:

Israelis went about barefaced on Sunday after the order to wear masks outdoors was rescinded in another step towards relative normality thanks to the country’s mass-vaccination against COVID-19. With about 81% of citizens or residents over 16 - the age group eligible for the Pfizer/BioNTech vaccine in Israel - having received both doses, contagions and hospitalisations are down sharply. […]

“Being without a mask for the first time in a long time feels weird. But it’s a very good weird,” Amitai Hallgarten, 19, said while sunning himself at a park. “If I need to be masked indoors to finish with this - I’ll do everything I can.”

A good weird, indeed.

More on Eliminating Outdoor Mask Mandates 

Dr. Paul E. Sax, writing for the New England Journal of Medicine’s Journal Watch:

But what about the community solidarity engendered by wearing a mask outside in public? Isn’t this worth something? A way of showing that I’m 100% part of Team Mask? Maybe — certainly there’s a strong component of this messaging among the highly adherent mask wearers here in Boston. But this performative aspect of outdoor mask-wearing has a downside, too.

You might think you need to wear a mask while walking me in the morning to set a good example for others, said Louie the other day. But really you might be misleading people about how the virus is transmitted. […]

Here’s a bold proposal — let’s make public policy based on our best understanding of the science of SARS-CoV-2 transmission:

  • Dangerous — crowded indoor spaces with poor ventilation, in particular with unmasked individuals talking, shouting, singing. Wear a well-fitted mask until case numbers are down and more people are vaccinated.

  • Safe — outdoors, especially while distanced. Masks only needed for lengthy interactions with others at close distance.

Apple TV+ Original Content Quality 

José Adorno, writing for 9to5Mac:

A new study reveals that Apple TV+ has the highest-quality content when compared to Netflix, HBO Max, Prime Video, Disney+, and Hulu. The analysis from Self Financial uses IMDb scores with US customer data.

The study found that although Apple TV+ had the highest average IMDb score for its titles (7.24), it has fewer than 70 titles to choose from. In terms of their libraries of content, Apple TV+ has the highest percentage of “good” and “excellent” at almost 86%. But, again, it has the smallest offering at just 65 titles.

This fits with my theory (which I stole from M.G. Siegler) that Apple TV+ is the new HBO: the streaming service with an emphasis on quality not quantity.

Speaking of which — I very much liked season 1 of For All Mankind, but season 2 is even better. Last week’s episode — my god, that ending. Just a terrific show.

Irrational COVID Fears 

Good column by David Leonhardt for The New York Times today:

“We’re not going to get to a place of zero risk,” Jennifer Nuzzo, a Johns Hopkins epidemiologist, told me during a virtual Times event last week. “I don’t think that’s the right metric for feeling like things are normal.”

After Nuzzo made that point, Dr. Ashish Jha of Brown University told us about his own struggle to return to normal. He has been fully vaccinated for almost two months, he said, and only recently decided to meet a vaccinated friend for a drink, unmasked. “It was hard — psychologically hard — for me,” Jha said.

“There are going to be some challenges to re-acclimating and re-entering,” he added. “But we’ve got to do it.”

And how did it feel in the end, I asked, to get together with his friend?

“It was awesome,” Jha said.

Get vaccinated and get back to normal life. It’s that simple.

Apple Is Allowing Parler Back on the App Store 

Brian Fung, reporting for CNN:

The letter — addressed to Sen. Mike Lee and Rep. Ken Buck and obtained by CNN — explained that since the app was removed from Apple’s platform in January for violations of its policies, Parler “has proposed updates to its app and the app’s content moderation practices.”

On April 14, Apple’s app review team told Parler that its proposed changes were sufficient, the letter continued. Now, all Parler needs to do is to flip the switch. “Apple anticipates that the updated Parler app will become available immediately upon Parler releasing it,” Apple’s letter said.

Derek Thompson on Wearing Face Masks Outdoors 

Derek Thompson, writing for The Atlantic:

But as more and more of the population is vaccinated, governments need to give Americans an off-ramp to the post-pandemic world. Ending outdoor mask mandates — or at the very least telling people when they can expect outdoor mask mandates to lift — is a good place to start, for a few reasons.

Requiring that people always wear masks when they leave home, and especially in places with low levels of viral transmission, is overkill. As mentioned, the coronavirus disperses outside, posing little risk to people who are walking alone or even swiftly passing by strangers. In fact, almost all of the documented cases of outdoor transmission have involved long conversations, or face-to-face yelling. The risk calculation changes if you’re standing in a crowd: Some uneven evidence suggests that the Black Lives Matter protests last summer increased local infections. But that’s an easy carve-out. States can end blanket mandates and still recommend outdoor masking by anyone experiencing symptoms, or in crowds. (Extended conversations pose their own risk, but when people are vaccinated, the odds of viral transmission are probably somewhere between microscopic and nonexistent.)

His closing:

We can reduce unnecessary private anxiety and unhelpful public shame by thinking for a few seconds about how the coronavirus actually works and how to finally end the pandemic. Let’s tell people the truth and trust that they can take it. Let’s plan for the end of outdoor mask mandates.

Fauci: GOP’s Refusal to Get Vaccinated Hurts Efforts to Lift Restrictions 

Jackie Salo, reporting for The New York Post:

Dr. Anthony Fauci on Sunday said Republicans who want to lift COVID-19 restrictions but don’t want to get vaccinated don’t “make any sense.”

“It’s almost paradoxical that on the one hand, they want to be relieved of the restrictions, but on the other hand, they don’t want to get vaccinated. It just almost doesn’t make any sense,” Fauci said on CNN’s “State of the Union.”

It’s almost as though the Republican Party is chockablock with ignoramuses.

Adults in All U.S. States Are Now Eligible for Vaccination; Half Have Had at Least One Dose 

The New York Times:

All adults in every U.S. state, Washington, D.C., and Puerto Rico are now eligible for a Covid-19 vaccine, meeting the April 19 deadline that President Biden set two weeks ago.

“For months I’ve been telling Americans to get vaccinated when it’s your turn. Well, it’s your turn, now,” Mr. Biden said Sunday on a program called “Roll Up Your Sleeves” on NBC. “It’s free. It’s convenient and it’s the most important thing you can do to protect yourself from Covid-19.”

Just over 50 percent of U.S. adults have at least one dose: a great milestone.

Protecting Reputations 

Nick Heer, quoting from and commenting upon a line from the aforelinked Washington Post story on how the FBI cracked the San Bernardino iPhone in 2016:

Apple has a tense relationship with security research firms. Wilder said the company believes researchers should disclose all vulnerabilities to Apple so that the company can more quickly fix them. Doing so would help preserve its reputation as having secure devices.

What a bizarre turn of phrase. It would help it “preserve its reputation as having secure devices” because it really would help improve the security of its devices for all users, in much the same way that telling a fire department that there is a fire nearby would help a building’s reputation as a fire-free zone.

It’s a little thing, but this hyper-cynical slant is pervasive in a lot of recent mainstream coverage of the big tech companies. It’s hard to find a Reed Albergotti-bylined story in the Post without it.

How the FBI Cracked the San Bernardino Shooter’s iPhone 5C in 2016 

Ellen Nakashima and Reed Albergotti, reporting last week for The Washington Post:

Azimuth specialized in finding significant vulnerabilities. Dowd, a former IBM X-Force researcher whom one peer called “the Mozart of exploit design,” had found one in open-source code from Mozilla that Apple used to permit accessories to be plugged into an iPhone’s lightning port, according to the person. […]

Using the flaw Dowd found, Wang, based in Portland, Ore., created an exploit that enabled initial access to the phone — a foot in the door. Then he hitched it to another exploit that permitted greater maneuverability, according to the people. And then he linked that to a final exploit that another Azimuth researcher had already created for iPhones, giving him full control over the phone’s core processor the brains of the device. From there, he wrote software that rapidly tried all combinations of the passcode, bypassing other features, such as the one that erased data after 10 incorrect tries. […]

From the “Where Are They Now?” department:

Apple sought to recruit Wang to work on security research, according to the people. Instead, in 2017 he co-founded Corellium, a company based in South Florida whose tools help security researchers. The tools allow researchers to run tests on Apple’s mobile operating system using “virtual” iPhones. The virtual phones run on a server and display on a desktop computer.

In 2019, Apple sued Corellium for copyright violation. As part of the lawsuit, Apple pressed Corellium and Wang to divulge information about hacking techniques that may have aided governments and agencies such as the FBI.


My thanks to Raycast for sponsoring last week at DF. Raycast is a new “Spotlight on steroids” utility for the Mac. I’ve been using it all week and it’s great — very fast, looks cool, and richly extensible through custom script commands.

Raycast can fully replace Spotlight, and it really stands apart with its integrations of third party services. Without leaving the application, you can create an issue in Jira, review pull requests in GitHub, or join a Zoom call. You can personalize your workflows further with the aforementioned scripting interface and an upcoming API. Raycast is a beautiful true Mac app that brings clarity back to your daily work. Download it for free to get started.

Adobe Co-Founder Chuck Geschke Dies at 81 

Kim Lyons, reporting for The Verge:

Charles “Chuck” Geschke, a co-founder of Adobe who helped develop the PDF, has died at age 81, the company said in a statement. […]

Geschke earned a doctorate from Carnegie Mellon University in Pittsburgh, and then took a job at Xerox Palo Alto Research Center where he met Warnock. The pair left Xerox in 1982 and founded Adobe. Their first product was Adobe PostScript, the programming language that helped boost the desktop publishing industry.

Geschke was chief operating officer of Adobe from December 1986 to July 1994 and president from April 1989 until his retirement in April 2000. He served as chairman of the board with Warnock from September 1997 to January 2017 and was a member of the board until April 2020, when he became emeritus board member.

“I could never have imagined having a better, more likable, or more capable business partner,” Warnock said in a statement. “Not having Chuck in our lives will leave a huge hole and those who knew him will all agree.”

Impossible to overstate how important PostScript was (and remains). What made PostScript so good, so useful, so lasting, is that it’s a full-fledged programming language.

I forgot about this story:

In addition to his contributions to the technology industry, Geschke was also known for surviving a 1992 kidnapping attempt. Two men snatched him as he arrived at work one morning and held him for four days, demanding ransom. He was eventually rescued by the FBI.

‘Do We Really Still Need to Wear Masks Outside?’ 

Shannon Palus, writing for Slate:

In other words, as the pandemic has progressed, so has our understanding of what safety measures are truly most useful, and which aren’t worth the alcohol wipes. And I would like to calmly suggest that now is the time we should consider no longer wearing masks when we walk around outside.

I am not suggesting this simply because I am very sick of wearing a mask at all times outside my home. When it comes to coronavirus spread, evidence shows that being outdoors is very, very safe. […]

While it’s important to mask in outdoor crowds or if you’re hanging out close to someone in a park, Chagla explains, the main message should be that the outdoors is a safe place to be. He gave me a rough sense of how unlikely outdoor transmission is in the scenario where you’re walking unmasked on the sidewalk and briefly pass someone. First, you or the person you’re passing would have to happen to have an asymptomatic infection, he explained, and then everyone would have to be exhaling and inhaling at just the right moment, and also, exchanging enough particles to actually seed another infection: “You’re talking about a probability of getting hit by a car, and being struck by lightning.”

Is this too soon? I think scientifically, eschewing masks outdoors except for close conversations is perfectly safe. The evidence is overwhelming that COVID spreads almost entirely indoors, through the air. But socially, I’m not sure. Until overall infection rates start dropping as more people are vaccinated, there are social benefits to the “mask up” mantra.

Behind the Scenes in Private Facebook Groups for America Special Forces Vets 

Carol E. Lee, reporting for NBC News:

They’re the most elite, lethally trained members of the U.S. military, widely considered the best of the best. And yet in secret Facebook groups exclusively for special operations forces that were accessed by NBC News, they share misinformation about a “stolen” 2020 election, disparaging and racist comments about America’s political leadership and even QAnon conspiracy theories.

Among the hundreds of Facebook posts NBC News reviewed from forums for current and former Rangers, Green Berets and other elite warriors: a member of a special forces group lamenting that several aides to former Vice President Mike Pence were part of a “Concerted effort by the thieves and pedophiles walking the hallowed halls of the peoples government” to undermine former President Donald Trump.

“In a just world, they would have already been taken out behind the court house and shot,” another member commented.

Without Facebook these views would still exist, but Facebook is the accelerant that gives these groups critical mass.

Update: Tess Owen, reporting for Vice last June: “The U.S. Military Has a Boogaloo Problem” — all about private Facebook groups. Facebook knows about these groups, and have for years.

‘Extending the Johnson & Johnson Vaccine Pause for a Week Was a Deadly Mistake’ 

Govind Persad and William F. Parker, in an op-ed for The Washington Post:

Looking at ACIP’s roster helps diagnose its mistake. Its voting members are almost all doctors far more familiar with rare vaccine side effects than with marshaling scarce public health capacity to respond to a surge of infections. The committee lacks comparative effectiveness experts or health economists familiar with weighing inevitable tradeoffs at a population-wide scale. […]

What ACIP must provide, but likely never will, is an estimate of how many of the hundreds of thousands of Americans infected with covid-19 in the coming days could have been protected if J&J vaccines were available. The resulting hospitalizations and deaths, likely concentrated in disadvantaged communities, will happen weeks from now and will probably be ignored by the media. News stories will highlight blood clots following vaccination but not consider whether a one-dose vaccine could have protected a homeless person who arrived at the emergency room deathly ill from covid-19 or prevented an outbreak at her encampment. Without a comparison of the pause’s harms to the vaccine’s side effects, we have every reason to fear that ACIP loudly fiddled while Rome quietly burned.

The authors both have expertise in bioethics, which is the issue at hand.

‘That’s What Makes Bill Very, Very Dangerous’ 

From Softwar, Matthew Symonds’s 2004 biography of Larry Ellison:

One telephone conversation with Gates in 1993 sticks in Ellison’s mind. “It was the most interesting conversation I’ve ever had with Bill, and the most revealing. It was around eleven o’clock in the morning, and we were on the phone discussing some technical issue, I don’t remember what it was. Anyway, I didn’t agree with him on some point, and I explained my reasoning. Bill says, ‘I’ll have to think about that, I’ll call you back.’ Then I get this call at four in the afternoon and it’s Bill continuing the conversation with ‘Yeah, I think you’re right about that, but what about A and B and C?’ I said, ‘Bill, have you been thinking about this for the last five hours?’ He said, yes, he had, it was an important issue and he wanted to get it right. Now Bill wanted to continue the discussion and analyze the implications of it all. I was just stunned. He had taken the time and effort to think it all through and had decided I was right and he was wrong. Now, most people hate to admit they’re wrong, but it didn’t bother Bill one bit. All he cared about was what was right, not who was right. That’s what makes Bill very, very dangerous.”

I miss Bill Gates at Microsoft.

(Via Zack Kanter.)

Jeff Bezos’s Final Letter to Shareholders as Amazon CEO 

Jeff Bezos:

If you want to be successful in business (in life, actually), you have to create more than you consume. Your goal should be to create value for everyone you interact with. Any business that doesn’t create value for those it touches, even if it appears successful on the surface, isn’t long for this world. It’s on the way out.

Least Vaccinated U.S. Counties Have Something in Common: Trump Voters 

The New York Times:

About 31 percent of adults in the United States have now been fully vaccinated. Scientists have estimated that 70 to 90 percent of the total population must acquire resistance to the virus to reach herd immunity. But in hundreds of counties around the country, vaccination rates are low, with some even languishing in the teens.

The disparity in vaccination rates has so far mainly broken down along political lines. The New York Times examined survey and vaccine administration data for nearly every U.S. county and found that both willingness to receive a vaccine and actual vaccination rates to date were lower, on average, in counties where a majority of residents voted to re-elect former President Donald J. Trump in 2020. The phenomenon has left some places with a shortage of supply and others with a glut.

I don’t find this surprising as a basic trend, but when I look at the graphs, I am a little surprised at how strong the correlation is. Blue states are more vaccinated, red states less, and the bluer or redder a state is, the more profound the correlation. Purple states (where the election results were very close, like my own state of Pennsylvania) are mostly right in the middle.

Think about how many lives Donald Trump could save if he barnstormed the states where he’s most popular to encourage everyone to get vaccinated. He could do it Trump style, taking personal credit for the existence of the vaccines, and I’d gladly thank him for it. He could save tens of thousands of lives and keep millions, perhaps, from getting sick.

Delivery Man Gets COVID-19 Vaccine While Dropping Off Hoagies 

You’ll never guess what city this happened in.

EFF’s ‘Am I FLoCed?’ Page for Chrome Users 

Helpful page for Chrome users from the EFF:

Google is running a Chrome “origin trial” to test out an experimental new tracking feature called Federated Learning of Cohorts (aka “FLoC”). According to Google, the trial currently affects 0.5% of users in selected regions, including Australia, Brazil, Canada, India, Indonesia, Japan, Mexico, New Zealand, the Philippines, and the United States. This page will try to detect whether you’ve been made a guinea pig in Google’s ad-tech experiment.

If you don’t have the choice to just stop using Chrome, this is a good way to see if Google is using FLoC against you. Also, DuckDuckGo has a new Chrome extension to block FLoC.

Every Other Browser Maker to Google: Go FLoC Yourself 

Dieter Bohn, also doing some real work at The Verge today:

Google is going it alone with its proposed advertising technology to replace third-party cookies. Every major browser that uses the open source Chromium project has declined to use it, and it’s unclear what that will mean for the future of advertising on the web. […]

One note I’ll drop here is that I am relieved that nobody else is implementing FLoC right away, because the way FLoC is constructed puts a very big responsibility on a browser maker. If implemented badly, FLoC could leak out sensitive information. It’s a complicated technology that does appear to keep you semi-anonymous, but there are enough details to hide dozens of devils.

Anyway, here’s Brave: “The worst aspect of FLoC is that it materially harms user privacy, under the guise of being privacy-friendly.” And here’s Vivaldi: “We will not support the FLoC API and plan to disable it, no matter how it is implemented. It does not protect privacy and it certainly is not beneficial to users, to unwittingly give away their privacy for the financial gain of Google.”

FLoC is a terrible idea. Google’s goal with FLoC, clearly, is to maintain its surveillance advertising hegemony while further obfuscating the privacy ramifications from today’s status quo. The rest of the industry, led by Apple, is moving toward giving users control over surveillance advertising; FLoC is an attempt to circumvent such control.

Six Months Later, There Still Isn’t a MagSafe Car Charger 

Nilay Patel, doing some actual work at The Verge for once:

Unfortunately it has been six months since the iPhone 12 was announced, and there is a pitiful shortage of MagSafe car chargers. In fact, there are no officially-sanctioned MagSafe car chargers. Instead, there is this Belkin Car Vent Mount PRO with MagSafe, which, as the name suggests, allows you to mount a phone to your vents with MagSafe, in, um, a professional way. However, it does not charge your phone.

Add car chargers to the list with portable battery packs.

Crazed Gun Owner Kills 8 at FedEx Warehouse in Indianapolis 

The New York Times:

The authorities were searching for a motive on Friday after a gunman stormed a FedEx facility in Indianapolis late Thursday, fatally shooting eight people and injuring at least seven others in a fast-moving, chaotic scene that emerged as the latest mass shooting to rock the nation in a matter of weeks.

Officials said at a news conference Friday morning that they had not yet identified the victims, in part because the coroner’s office had not been able to go onto the scene. By early afternoon, bodies began to be removed from the facility.

So seven people get blood clots after getting the J&J vaccine and we pull it, but eight people get killed by a crazed gun owner and it’s just another Friday in America. Makes sense.

Mac Chimes of Death 

Stephen Hackett:

We’re all familiar with the Mac’s startup chime. While it has changed over the years, it has greeted users with its friendly tone for decades. What you may not know is that for years, the Mac also came with a death sound, that would play when the machine was unable to properly boot.

And they are glorious.

I knew about these, but I don’t think I ever heard one in the wild. I used the hell out of my own Mac LC from 1991 through 1997 and it never once “died”.

Hands-On With Anker’s Portable Magnetic Inductive Charging Battery Pack 

I don’t see the appeal of this dingus at all. It’s magnetic, and it works with MagSafe iPhones, but the charger itself doesn’t support MagSafe. It’s just a lousy 5W Qi charger that has a circle of magnets to help it stay in place — charging is going to be very slow compared to actual MagSafe, and even slower compared to using a Lightning cable charger. When I use a portable charger to top off my phone, I want it to work fast. It also seems very inefficient — why would a 5,000 mAh charger only be able to charge an iPhone 12 Mini once? (I also don’t know why MacRumors is promoting this as “MagSafe”. Yes, in the review, they do mention that it’s not MagSafe, but the headline says “MagSafe” and the promotional graphic for the review just say “$40 MagSafe”.)

Let’s hope Apple is nearing completion on the portable MagSafe charger that Gurman said they were working on.

Jackie Robinson on Where to Buy Gasoline 

Today is Jackie Robinson Day in MLB. To celebrate, here’s the great Buck O’Neil sharing a Jackie Robinson story with David Letterman. Quite a few lessons here that are as apt today as they were then.

Ming-Chi Kuo Says No iPhone Mini in 2022 

GSMArena on a new report from Ming-Chi Kuo:

Starting with next year’s iPhone 14 lineup — it will consist of two 6.1-inch iPhones and two 6.7-inch iPhones. That means that Apple will stop making the 5.4-inch iPhone mini starting from next year — there will still be an iPhone 13 mini in 2021, but it’s expected to be made in lower quantities.

Say it ain’t so — I love the Mini.

Update: Here are some not-so-good usage numbers from David Smith. But I’ll offer one reason to hold out hope. I think you need to see and feel the iPhone 12 Mini to truly grok just how much smaller and lighter it is, while still having the same A14 chip and same camera system as the regular iPhone 12. Yet almost no one has been able or willing to go to stores to play with phones since it’s been out because of the pandemic. You tell people it’s 5.4 inches diagonal instead of 6.1 and sure, that sounds smaller. But you pick it up and hold it and use it and it’s like, Holy shit, this is so nice and small.

University of Oxford: Risk of Rare Blood Clotting Higher for COVID-19 Than for Vaccines 

The University of Oxford:

COVID-19 leads to a several-times higher risk of cerebral venous thrombosis (CVT) blood clots than current COVID-19 vaccines.

Researchers at the University of Oxford have today reported that the risk of the rare blood clotting known as cerebral venous thrombosis (CVT) following COVID-19 infection is around 100 times greater than normal, several times higher than it is post-vaccination or following influenza.

The FDA and CDC better put an emergency pause on people getting infected with COVID.

You’ll Never Guess the Source of the Top Facebook Post About the J&J Vaccine (Narrator: You’ll Guess It) 

Miles Parks, reporting for NPR:

CNN. ABC News. The New York Times. Fox News.

Those are the publishers of four of the five most popular Facebook posts of articles about the Johnson & Johnson COVID-19 vaccine this week. They’re ranked 2 to 5 in total interactions, according to data from the tracking tool CrowdTangle. The No. 1 posting, however, isn’t from a news organization. Or a government official. Or a public health expert.

The most popular link on Facebook about the Johnson & Johnson news was shared by a conspiracy theorist and self-described “news analyst & hip-hop artist” named An0maly who thinks the pandemic is a cover for government control.

It’s a stark example of what experts warn could be a coming deluge of false or misleading information related to the one-shot vaccine.

The problem isn’t that the FDA and CDC want to look into this possible blood clotting issue. The problem is the way they announced it. What these ass-covering bureaucrats don’t get is that the messaging — marketing, really — around these vaccines is just as important as the science. And the way they messaged this “pause” — that a one-in-a-million side effect is worth immediately hitting the panic button over — is right out of the Anti-Vax 101 textbook.

Also: fuck Facebook.

Decision to ‘Pause’ Johnson & Johnson Vaccine Causes Public Confidence in Vaccine to Sink 


Fieldwork for the latest Economist/YouGov poll on vaccine safety perceptions was in the midst of being conducted when the Centers for Disease Control made the decision to suspend the use of the Johnson & Johnson vaccine. The CDC has recommended a pause on administering doses of the vaccine while it completes an investigation of the six cases of blood clots discovered in women who had been vaccinated with it.

Comparing the results from those who took the survey before the announcement with those who took the survey afterward shows the huge impact the CDC’s decision has had on the perceived safety of the Johnson & Johnson vaccine.

Among those who started the survey before the announcement about the Johnson & Johnson vaccine pause, about half (52%) considered the shot “very safe” or “somewhat safe” - twice the number who believed it “very unsafe” or “somewhat unsafe.” After the announcement was made, these figures had converged — just 37% called the vaccine safe, and 39% feeling it unsafe.

Good job maligning an excellent vaccine — the only one approved in the U.S. that requires only one dose and does not require extreme refrigeration.

Kosta Eleftheriou’s App Store Scam of the Day: ‘Jungle Runner 2k21’ 

Kosta Eleftheriou on Twitter:

This @AppStore app pretends to be a silly platformer game for children 4+, but if I set my VPN to Turkey and relaunch it becomes an online casino that doesn’t even use Apple’s IAP.

In other countries, the same app shows different local casinos — Kazakhstan and Italy, for example. The developer isn’t running the online casinos. He’s just showing the casino websites in a web view, and collecting new user bonuses when people sign up through his embedded affiliate code.

Countdown until this app is removed from the App Store in 3… 2… 1… [Update: One day later and poof, it’s gone.]

(Pedantic note, but no real-money casino could ever use Apple’s in-app purchases. App Store developers get paid by Apple monthly (a whole nother issue — Stripe can pay out weekly or even daily). Real-money online casinos only accept instant irrevocable transfers.)

‘Apple vs. Facebook: Why iOS 14.5 Started a Big Tech Fight’ 

Fun, fair, and informative video from Joanna Stern at the Wall Street Journal on the showdown between Apple and Facebook (and war of words between Tim Cook and Mark Zuckerberg) over iOS 14.5’s imminent crackdown on surveillance advertising. Or as Nicole Nguyen summarizes the video: “featuring abs and ads”. (I’d buy one of those Tim Cook dolls action figures. The Zuck figure isn’t as good a likeness, but it’s hard to make a doll from a person who already looks like a mannequin.)

MKBHD on the OnePlus 9 Pro 

Great review from Marques Brownlee — as ever — of one of the most interesting Android phones on the market.

But what struck me was OnePlus’s custom interface for zooming the camera. You can see it in action starting around the 14:27 mark of the video. Instead of pinching-to-zoom in the viewfinder, like every other touchscreen phone, you can instead tap-and-hold on the zoom factor button and you get a flywheel interface you can rotate to choose a precise level of zoom. OnePlus’s clever UI designers were even thoughtful enough to make sure the flywheel’s diameter is exactly the right size so that the circle intersects precisely at the corners of the UI. Chef’s kiss.

They must be very proud over there at OnePlus for their ingenuity in designing this interface.

Reuters Is Putting Its Website Behind a Paywall and Its Head Up Its Ass 

Katie Robertson, reporting for The New York Times:

The company, one of the largest news organizations in the world, announced the new paywall on Thursday, as well as a redesigned website aimed at a “professional” audience wanting business, financial and general news.

After registration and a free preview period, a subscription to Reuters.com will cost $34.99 a month, the same as Bloomberg’s digital subscription. The Wall Street Journal’s digital subscription costs $38.99 a month, while The New York Times costs $18.42 monthly.

Reuters is to news as a few slices of Velveeta on Wonder Bread is to sandwiches: the blandest of the bland. This seems nutty to me, bang-for-the-buck-wise.

Republicans, Dark Money, and Corporate America’s Role in Politics 

Congratulations to everyone who ran Al Franken — clearly the best and most engaging communicator the Democrats have had since Bill Clinton — out of the Senate over a bunch of bullshit that everyone now regrets. But, on the other hand, if he were still in the Senate, we probably wouldn’t get to hear his hilarious Mitch McConnell impression.

Deep Dive on Twin Pines/Lone Pine Mall 

Todd Vaziri:

Twin Pines Mall became Lone Pine Mall after Marty changed the future in “Back to the Future” (1985). Is that an Easter Egg or a Thing in the Movie? Let’s find out!

Great Scott is this well-done.

Verizon, AT&T, T-Mobile Kill RCS Plans 

Remember RCS — the cross-platform successor to SMS that (supposedly) had the support of all the U.S. carriers and Google? A supposedly modern messaging protocol that wasn’t going to support end-to-end encryption — and something that Apple never said a word about supporting.

Ron Amadeo, writing for Ars Technica:

The Rich Communication Services (RCS) rollout continues to be a hopeless disaster. A year and a half ago, the cellular carriers created the “Cross-Carrier Messaging Initiative (CCMI),” a joint venture between AT&T, Sprint, T-Mobile, and Verizon that would roll out enhanced messaging to the masses in 2020. Now, Light Reading is reporting that initiative is dead, meaning that the carriers have accomplished basically nothing on the RCS front in the past 18 months.

Get me to the fainting couch.

Android’s New ‘Fast Pair’ User Interface for Wireless Headphones 

Looks familiar, can’t quite put my finger on where I’ve seen something like this before…

Yamauchi No. 10 Family Office 

Welp, there goes my idea for a modern DF redesign. Back to the drawing board.

(Via Craig Mod.)

Et tu, Procter & Gamble?

Sharon Terlep, Tim Higgins, and Patience Haggin, reporting for The Wall Street Journal, “P&G Worked With China Trade Group on Tech to Sidestep Apple Privacy Rules” (News+ link):

Procter & Gamble Co. helped develop a technique being tested in China to gather iPhone data for targeted ads, a step intended to give companies a way around Apple Inc.’s new privacy tools, according to people familiar with the matter. […]

The company has joined forces with dozens of Chinese trade groups and tech firms working with the state-backed China Advertising Association to develop the new technique, which would use technology called device fingerprinting, the people said. Dubbed CAID, the advertising method is being tested through apps and gathers iPhone user data. Through the use of an algorithm, it can track users for purposes of targeting ads in a way that Apple is seeking to prevent. […]

Through apps, CAID collects user device data, such as the device start-up time, model, time zone, country, language and IP address. Based on China’s personal information security standards, most of those data aren’t counted as “personal information.” But a so-called device ID can be generated by algorithm based on these data. That device ID can achieve a similar tracking effect as the identifier that Apple is allowing users to block.

Not a good look for a major American company like Procter & Gamble to be in cahoots with a Chinese trade group to circumvent Apple’s new privacy rules.

The whack-a-mole1 aspect of Apple’s new privacy rules is that while Apple can restrict access to the API that provides access to the IDFA identifier, clever developers can find (perhaps infinite) other ways to combine things they do have access to into a unique, or even just “close enough to unique to be useful for tracking”, identifier. IP addresses, to name just one example, are a big factor that Apple can’t block would-be-trackers from using. That’s what CAID is, but CAID isn’t some rogue effort on the part of surveillance advertisers alone — it has the backing of the Chinese government.

Doing this is clearly against Apple’s rules. The questions are: Can Apple detect these techniques? And what is Apple going to do if they do identify apps in China using CAID in flagrant violation of the App Store rules, if those apps have the backing (implicit or explicit) of the Chinese government?

Consider just Tencent. What is Apple going to do if WeChat is flagged for circumventing the App Store privacy rules, and Tencent says “No thank you” to Apple’s rules, that they’re going to do it anyway because they have the backing of the PRC? Reading between the lines, I think Apple is diplomatically telling the companies involved with CAID that they will pull the apps from the App Store over this. Here’s Apple’s statement to The Journal:

Device fingerprinting runs afoul of Apple’s rules, and the tech company has said it would ban any app that violates its policies.

“The App Store terms and guidelines apply equally to all developers around the world, including Apple,” an Apple spokesman said. “We believe strongly that users should be asked for their permission before being tracked. Apps that are found to disregard the user’s choice will be rejected.”

I don’t read diplomat-ese fluently, but that statement seems adamant: “all developers around the world, even Apple”. I wonder, though, if Tencent believes they can track users with impunity because Apple wouldn’t dare pull WeChat (etc.) from the Chinese App Store.

Basically, IDFA was Apple’s attempt to work with companies to provide a way to offer a sanctioned identifier for advertising tracking that respected user privacy and user control over tracking. It didn’t work — these companies have no respect for user privacy or user control, even with IDFA. So Apple is taking it to the next level. That’ll only work if Apple backs up its rules with enforcement — even in China. 

  1. Random spelling factoid I recently learned: the actual arcade game is spelled “Whac-A-Mole”, with no “k”. Which, to me, looks wac-y. ↩︎

Actually, Two of the Third-Party ‘Find My’ Products Announced Yesterday Are Months Away From Availability

In my post yesterday linking to Apple’s announcement of three new products that work with their Find My network accessory program, I pointed out that Belkin’s Soundform Freedom True Wireless Earbuds aren’t shipping until June. I should have dug deeper into the other two products:

  • Chipolo’s One Spot tracker isn’t shipping until June either, and might be in limited supply after it does ship. (“Join the waitlist for the very limited first batch and get exclusive access to pre-orders before it sells out.”) Chipolo’s existing One trackers that are already on sale won’t work as Find My accessories.

  • VanMoof’s $2,000 S3 and X3 bikes are available to order today, but new S3 orders will be delivered “within 9 to 11 weeks”, and X3 deliveries are “within 18 to 20 weeks”. [Update: Turns out VanMoof’s new Find My-enabled bikes will start shipping in a week, on April 15, but the current delivery dates for new online orders are months out because they’re already backordered. There should be some availability in VanMoof retail stores next week as well. So there is a simple reason to announce them this week.]

So it just makes yesterday’s announcement all the more curious: neither Belkin’s earbuds nor Chipolo’s tracker will be available until June, so why announce any of it now? Putting Find My integration in VanMoof’s bikes is cool, but they’re not exactly mainstream products. It only makes sense to me if Apple is on the cusp of announcing AirTags very soon, and wanted to get their “Find My supports third-party products too” story out the door beforehand, even if the products aren’t shipping for months. Apple also has significant updates to iOS, MacOS, WatchOS, and tvOS that all feel ready to ship, and iOS 14.5 is the version that introduces the much-publicized “opt-in to allow apps to track you” changes — a feature I suspect Apple wants to explain on their own terms during an event. Then, at the end of the show, Tim Cook can conclude by telling everyone these OS updates are all available now.

But yet here we are on Thursday, a week into April, and still no word from Apple about an online event next week. Their COVID-era online events, after WWDC last year:

Apple has always liked holding product events on Tuesdays, and, for last year’s online-only events, they sent the event announcements out 7–8 days in advance. Who knows, maybe they’ll send out an announcement for a special event to be broadcast next week as soon as I hit “Publish” on this post. But it’s starting to feel like something has gone awry. 

In Russia, iPhone Apps Install You

In 2019, Russia passed a law mandating that phones and other “smart” devices come preloaded with a host of applications approved by the Russian government. In Russia, the law was known as the “Law Against Apple”. Apple, of course, resisted — they’ve never shipped iOS anywhere in the world with third-party applications pre-installed.1

The law went into effect yesterday. Apple’s apparently-compliant solution is not to pre-install any of the apps, but to offer them for download in the final step of the setup process for a new device. Via MacRumors, Twitter user Khaos Tian posted a screen capture of the new setup process.

First, at the very end of setup, Russian users now see a screen with the title “App Store”, with this description:

In compliance with Russian legal requirements, continue to view available apps to download.

There is only one option: “Continue”.

The next screen looks like a promotional page from the App Store app, with the heading “From the App Store: Russian Apps”, and a list of the dozen-or-so mandated apps, with “Get” buttons next to each of them. Nothing is installed automatically — you need to “Get” each one. There is no “Install All” option. At the bottom of the list is the following text:

In compliance with Russian legal requirements, here are some apps from Russian developers that you may download.

Notably, this second screen has an “X” button in the top right corner that stays in place even as you scroll down the list. Tap that button and you proceed with completing the setup process, with no requirement that you installed any of the suggested apps. Effectively, if you don’t want any of these apps, the new setup process simply requires two additional taps: “Continue” on the first screen and “X” on the second.

From Apple’s perspective, as well as that of Russian iPhone users, this seems like a good solution. Nothing is actually preinstalled. It’s still unclear what Apple would have done if the Russian government had mandated that these apps actually be preinstalled on every new iPhone.

In App Store, Transparency Is for Me, Not Thee

Arek Holko, on Twitter:

Apple leverages transparency when it suits them but doesn’t let the developers do the same.

He links to The Verge’s story today on Apple’s solution to this Russian law, and an August story from The Verge about Apple rejecting an app update from Facebook because it put the following description below an in-app purchase button: “Apple takes 30% of this purchase.” Touché.

It’s impossible to square Apple’s (reasonable) desire to explain that the prompt to suggest installation of these Russian apps is mandated by Russian law with Apple’s refusal to allow developers to explain the App Store rules they are required to comply with. As I’ve written before, it is prima facie wrong that one of the App Store rules is that apps are not allowed to explain the App Store rules to users.

It’s quite a thing that Russia’s “law against Apple” allows for more transparency to users than Apple’s own App Store rules. 

  1. Don’t tell me about the YouTube app on the first five versions of iOS — that was an app written and designed by Apple (including the not-branded-like-YouTube-at-all icon), with Google as a data-providing partner, much in the way that Yahoo was the original partner for Weather, and Google was the original data provider for Maps. The difference is that Apple and Google were such cozy corporate friends back then that both companies agreed to have the app be named “YouTube”. ↩︎