Doxie: Scan Anywhere 

My thanks to Doxie for sponsoring this week’s DF RSS feed. Doxie’s mobile scanners produce reliable and high-quality scans of all your paper. Whether you’re trying to go (or stay) paperless, Doxie connects your physical paper to your digital world.

Going paperless is a lot easier than you might think. With Doxie’s included memory and rechargeable battery, Doxie lets you scan anywhere — no computer required — and then save, share, and send your paper to the cloud with Doxie’s intuitive Mac and iOS apps. It’s great hardware and great software, and it doesn’t tie you in to any sort of proprietary platform. You can do whatever you want with your scans.

This week only, Doxie is giving all Daring Fireball readers a super secret 30% discount off any new Doxie on Amazon. Enter promo code “FIREBALL” at checkout.

Jony Ive Returns to Day-to-Day Management of Design Team 

Mark Gurman and Alex Webb, reporting for Bloomberg:

Apple Inc.’s Jony Ive, a key executive credited with the look of many of the company’s most popular products, has re-taken direct management of product design teams.

Ive, 50, was named Apple’s chief design officer in 2015 and subsequently handed off some day-to-day management responsibility while the iPhone maker was building its new Apple Park headquarters in Cupertino, California. “With the completion of Apple Park, Apple’s design leaders and teams are again reporting directly to Jony Ive, who remains focused purely on design,” Amy Bessette, a company spokeswoman, said Friday in a statement.

I can’t decide if this is actually news. It was public knowledge that Ive was spending a lot (most?) of his time on Apple Park and other architectural projects (retail), but that obviously wasn’t going to last forever. I suppose it’s news, though, insofar as there was some speculation that he had one foot out the door. This should put an end to that.

TechCrunch: Apple Is Acquiring Music Recognition App Shazam 

Ingrid Lunden, reporting for TechCrunch:

As Spotify continues to inch towards a public listing, Apple is making a move of its own to step up its game in music services. Sources tell us that the company is close to acquiring Shazam, the popular app that lets people identify any song, TV show, film or advert in seconds, by listening to an audio clip or (in the case of, say, an ad) a visual fragment, and then takes you to content relevant to that search.

We have heard that the deal is being signed this week, and will be announced on Monday, although that could always change.

One source describes the deal as in the nine figures; another puts it at around £300 million ($401 million). We are still asking around. Notably, though, both of the numbers we’ve heard are lower than the $1.02 billion (according to PitchBook) post-money valuation the company had in its last funding round, in 2015.

I wonder if they’ll keep it as a standalone app (and will they keep the Android version?), or if they’ll just roll it into Siri (which, I know, has had pretty good integration with Shazam since iOS 8).

Trump Administration Scraps Obama-Era Proposal Requiring Airlines to Disclose Bag Fees 

Melanie Zanona, reporting for The Hill:

The Trump administration has scrapped an Obama-era proposal requiring airlines and ticket agencies to disclose baggage fees as soon as passengers start the process of buying a ticket.

The Department of Transportation (DOT) posted a notice on the Federal Register this week that it is withdrawing the proposed rule, along with another plan to force air carriers to disclose how much revenue they make from charging other ancillary fees.

What is wrong with these people? Who, other than airline beancounters, thinks scrapping this regulation is a good idea?

Zero-Day iOS HomeKit Vulnerability Allowed Remote Access to Smart Accessories Including Locks 

Zac Hall, reporting for 9to5Mac:

A HomeKit vulnerability in the current version of iOS 11.2 has been demonstrated to 9to5Mac that allows unauthorized control of accessories including smart locks and garage door openers. Our understanding is Apple has rolled out a server-side fix that now prevent unauthorized access from occurring while limiting some functionality, and an update to iOS 11.2 coming next week will restore that full functionality.

The vulnerability, which we won’t describe in detail and was difficult to reproduce, allowed unauthorized control of HomeKit-connected accessories including smart lights, thermostats, and plugs.

The most serious ramification of this vulnerability prior to the fix is unauthorized remote control of smart locks and connected garage door openers, the former of which was demonstrated to 9to5Mac.

Fast response from Apple, but this kind of story spooks me from installing smart locks. I realize that’s not entirely rational — good old fashioned dumb locks are susceptible to lock-picking — but something about hooking up the locks to my house to the internet just doesn’t feel right.

iPhone Models Dominate Flickr’s List of Most Popular Cameras in 2017 

Sarah Perez, writing for TechCrunch:

This year, iPhone has scored the majority (54%) of usage on Flickr’s site, up from 47 percent of the top 100 in 2016, and 42 percent the year prior. The iPhone also passed Nikon to score the spot as the second-most popular camera back in 2014.

Nikon was the third most popular brand with 18 percent in 2017, and Canon was number two, responsible for 23 percent of the top 100 devices.

The iPhone is so popular as a camera that its share on Flickr now exceeds all Canon and Nikon cameras combined.

Amazon Prime Video Arrives on Apple TV 

Apple Newsroom:

Starting today, customers around the world can access the Amazon Prime Video app on Apple TV to stream award-winning and critically acclaimed titles including Prime Original Series and Movies. Also starting this week, the Apple TV app — a unified place for iPhone, iPad and Apple TV users to discover and start watching the best shows and movies — supports live sports, giving fans in the US a simple and seamless way to keep track of their favorite teams and games in real time. Participating sports apps in the Apple TV app include ESPN and the NBA, developed in partnership between the NBA and Turner Sports, with more to be added soon. Starting tomorrow, Prime members in the US can enjoy Thursday Night Football on the Apple TV app for iPhone, iPad and Apple TV.

I’ve heard there is indeed a good story behind this delay. I don’t know the story, or even what the story is about (although my guess would be revenue-sharing politics, not software) — I’ve just heard that there’s a good story.

Update: Now that I’ve had a chance to install and try the app on my Apple TV 4K, I’m seriously wondering if the holdup was technical, not political. (Or technical in addition to political.) Justin Williams:

I’m half convinced that Apple granted Amazon an entitlement to access a tvOS web view to get Prime Video on the Apple TV. It looks and behaves nearly identical to the HTML5 / Smart TV app that is deployed everywhere.

I have zero evidence of this. Just my dumb conspiracy theory.

I don’t know if it’s a webview, but if it is, that would have required a special entitlement from Apple because the tvOS SDK does not have a webview. Netflix, HBO, and Hulu all have Apple TV UIs that seem a bit alien, eschewing tvOS standard UI elements for custom branded UI elements. But this Prime Video app takes it to a new level. The UI doesn’t even play sound as you move the selection around — I’ve never seen that in an Apple TV app. The Prime Video app for Apple TV doesn’t just look alien, it feels and sounds alien too. I think it’s a web app. And if it’s not, Amazon’s engineers went to extraordinary lengths to make UIKit on tvOS look and feel like a web app.

Update 2: Steven Troughton-Smith poked around the IPA:

TL;DR it’s no wonder Amazon took so long in porting their app to tvOS; it’s a giant, [presumably] in-house web-based multi-headed hydra designed for a hundred different devices and consoles that probably needed a new UI glue layer for tvOS (but probably doesn’t use webviews).

I find it hard to believe that getting this custom cross-platform monstrosity running atop tvOS was less work (and would be easier to maintain) than just writing a goddamn native tvOS app. I can see why Amazon doesn’t want to create a new app from scratch for every single “smart TV” platform, but Apple TV is a big market.

Prime Video is, without question, the worst Apple TV app I have on my Apple TV (taking the crown from Hulu).

Google’s AlphaZero Destroys Previously Top-Ranked Chess Computer in 100-Game Match 

Mike Klein, reporting for Chess.com:

A little more than a year after AlphaGo sensationally won against the top Go player, the artificial-intelligence program AlphaZero has obliterated the highest-rated chess engine.

Stockfish, which for most top players is their go-to preparation tool, and which won the 2016 TCEC Championship and the 2017 Chess.com Computer Chess Championship, didn’t stand a chance. AlphaZero won the closed-door, 100-game match with 28 wins, 72 draws, and zero losses.

Oh, and it took AlphaZero only four hours to “learn” chess. Sorry humans, you had a good run.

That’s right — the programmers of AlphaZero, housed within the DeepMind division of Google, had it use a type of “machine learning,” specifically reinforcement learning. Put more plainly, AlphaZero was not “taught” the game in the traditional sense. That means no opening book, no endgame tables, and apparently no complicated algorithms dissecting minute differences between center pawns and side pawns.

Forecast: Podcast MP3 Chapter Encoder 

Marco Arment has released a public beta of Forecast, a Mac app for podcast producers. Among a slew of other great features, Forecast is hands-down the best MP3 chapter editor I’ve seen. If you’ve noticed the chapter support in The Talk Show that started earlier this year, that’s thanks to Forecast. Forecast is free of charge, too.

See also: Jason Snell’s review of Forecast at Six Colors:

There’s also a perceptual trick that Forecast uses to make encoding seem quick: When you add a file to be encoded, encoding begins immediately in the background. By the time you edit your file’s metadata, the encode may have already completed in the background. The first time I used Forecast, I thought something had gone wrong — because when I typed Command-S to save the file, it just saved. There was no wait. The file had already encoded — it was waiting for me, the slow human, to finish typing in episode titles and show descriptions.

Jason Snell on iOS Laptops 

Jason Snell, writing for Macworld:

Which is why, when someone tells me that it’s stupid for there to be an iOS laptop because it wouldn’t run Xcode and couldn’t be used by professional developers or pro video editors or power users who have spent a decade building up productivity-boosting workflows based on macOS, I don’t have much of a response for them. The iBook wouldn’t be for those people. It would be for people who don’t need all of the features and flexibility that macOS brings. It would be one in an array of products Apple makes — iPhones, iPads, desktop Macs, laptop Macs — that appeal to different users with different needs.

There are simply some use cases where a laptop is the best form factor. An iPad with a keyboard cover is laptop-ish, but not a laptop. If you prefer to use iOS in a scenario that calls for a laptop, you’re stuck between making a go of it with an iPad with a keyboard, or using a proper laptop and another OS.

You could throw this right back at me — and my firmly held belief that MacOS should not support touchscreens — and point out that there are other scenarios where a tablet is the best form factor, and if you prefer MacOS, there therefore ought to be a Mac tablet. I don’t think that argument holds, though. The difference is that I think iOS could work in a laptop form factor (especially if Apple added support for a trackpad, in ways like Snell suggests, but even if they don’t), whereas the Mac interface as it stands would not work well with touch, and changing the Mac interface to work well with touch would (I say) ruin it for use with a mouse pointer.

HP and Asus Announce First Windows 10 ARM PCs, Due in Spring 2018 

Peter Bright, writing for Ars Technica:

This ability to upgrade is particularly important because the new Always Connected PCs are different from Microsoft’s previous Windows-on-ARM attempt, Windows RT. Windows RT was a version of Windows 8 for ARM processors, and it too could only run applications from what was then called the Windows Store. But Windows RT had two constraints not found on these new systems: there was no facility to unlock it, and run non-Store apps, and there was no facility to run existing x86 programs. On Windows RT, not only did software have to come from the Store, it also had to be compiled specifically for ARM processors.

That’s not so with Always Connected PCs. They contain an x86 emulator that will enable most 32-bit x86 applications to run unmodified. This includes x86 applications in the Store and, when upgraded to the full Windows 10 Pro, arbitrary desktop applications. Full details of the x86 emulator haven’t been disclosed yet, with the performance in particular currently unknown, but we do know some broad elements of its design.

The emulator runs in a just-in-time basis, converting blocks of x86 code to equivalent blocks of ARM code. This conversion is cached both in memory (so each given part of a program only has to be translated once per run) and on disk (so subsequent uses of the program should be faster, as they can skip the translation). Moreover, system libraries — the various DLLs that applications load to make use of operating system features — are all native ARM code, including the libraries loaded by x86 programs. Calling them “Compiled Hybrid Portable Executables” (or “chippie” for short), these libraries are ARM native code, compiled in such a way as to let them respond to x86 function calls.

A few years ago I would have wagered a small sum on Apple shipping ARM-based Macs before ARM-based Windows PCs arrived. (It could still happen, I suppose, given that these PCs aren’t set to arrive until spring.) What’s interesting to me is that these ARM CPUs are fast enough to emulate x86 software. If that’s true for a Snapdragon CPU, then Apple’s even-faster ARM chips are certainly more than capable of doing the same.

Oath and Mozilla Are in a Legal Battle Over a Yahoo Search Deal 

Kara Swisher:

As I reported at the time, under terms of a contract, whoever acquired Yahoo was required to pay Mozilla annual payments of $375 million through 2019, even if it does not think the buyer was one it wanted to work with and walked away. It was Mayer who struck the deal in late 2014 to become the default search engine on the well-known Firefox browser in the U.S.

Mozilla switched to Yahoo from Google after Mayer offered a much more lucrative deal that included an unprecedented term to protect Mozilla in a change-of-control scenario. It was a scenario that Mayer never thought would happen, which is why she apparently pushed through the problematic deal point.

According to the change-of-control term, 9.1 in the agreement, Mozilla had the right to leave the partnership if — under its sole discretion and in a certain time period — it did not deem the new partner acceptable. And if it did that, even if it struck another search deal, Yahoo was still obligated to pay out annual revenue guarantees of $375 million.

That was… not a good deal for Yahoo.

Painting With Microsoft Excel 

Great find from Tina Roth Eisenberg:

For over 15 years, Japanese artist Tatsuo Horiuchi has rendered the subtle details of mountains, cherry blossoms, and dense forests with the most unlikely tool: Microsoft Excel.

Modern-Day Payola 

Jon Christian, reporting for The Outline:

People involved with the payoffs are extremely reluctant to discuss them, but four contributing writers to prominent publications including Mashable, Inc, Business Insider, and Entrepreneur told me they have personally accepted payments in exchange for weaving promotional references to brands into their work on those sites. Two of the writers acknowledged they have taken part in the scheme for years, on behalf of many brands. Mario Ruiz, a spokesperson for Business Insider, said in an email that “Business Insider has a strict policy that prohibits any of our writers, whether full-time staffers or contributors, from accepting payment of any kind in exchange for coverage.”

One of them, a contributor to Fast Company and other outlets who asked not to be identified by name, described how he had inserted references to a well-known startup that offers email marketing software into multiple online articles, in Fast Company and elsewhere, on behalf of a marketing agency he declined to name. To make the references seem natural, he said, he often links to case studies and how-to guides published by the startup on its own site. Other times, he’ll just praise a certain aspect of the company’s business to support a point in an otherwise unrelated story. […]

The Fast Company writer also defended the practice by arguing that it’s enabled by editors who are hungry for cheap or unpaid blog content. Many high-volume sites, including the Huffington Post, Entrepreneur, and Forbes, maintain networks of unpaid contributors who publish large amounts of material.

That’s a pathetic defense. Everyone is guilty in this racket — the “sponsors” who pay for this bullshit, the writers who accept the payola, and publications that blindly run these stories. There’s a complete and shameless lack of integrity from all three sides.

Google to Pull YouTube From Fire TV Over Spat With Amazon 

Janko Roettgers, reporting for Variety:

In an unusually frank statement, a Google spokesperson squarely blamed Amazon’s unwillingness to strike a business deal with Google for the step:

​“We’ve been trying to reach agreement with Amazon to give consumers access to each other’s products and services. But Amazon doesn’t carry Google products like Chromecast and Google Home, doesn’t make Prime Video available for Google Cast users, and last month stopped selling some of Nest’s latest products. Given this lack of reciprocity, we are no longer supporting YouTube on Echo Show and FireTV. We hope we can reach an agreement to resolve these issues soon.”

Amazon shot back Tuesday afternoon, sending Variety the following statement:

“Echo Show and Fire TV now display a standard web view of YouTube.com and point customers directly to YouTube’s existing website. Google is setting a disappointing precedent by selectively blocking customer access to an open website. We hope to resolve this with Google as soon as possible.”

So Amazon Prime is (supposedly) coming to Apple TV any day now, just as Amazon’s spat with Google is escalating. Google seems to be in a strong position here — it seems hard to me to sell a TV box that doesn’t support YouTube. Is a web view of youtube.com really a good experience on a TV? But this also goes to show how powerful Amazon’s retail store is — Google obviously cares that Amazon isn’t selling these Google hardware products.

iOS 11 Adoption Now at 59 Percent 

Juli Clover, MacRumors:

iOS 11 is now installed on 59 percent of iOS devices, according to new statistics Apple shared this week on its App Store support page for developers. That’s up from 52 percent on November 6, indicating iOS 11 adoption has grown just 7 percentage points over the course of the last month.

iOS 11 adoption has been slower than iOS 10 adoption. Based on Apple’s official App Store numbers, for example, iOS 10 was installed on 54 percent of devices in October, a month after the operating system had been released. Comparatively, iOS 11 was only at 52 percent in November, a month and a half after launch.

I don’t think a difference between 54 and 52 percent is meaningful, especially this year, when many people were waiting for the iPhone X. The iPhone X alone could account for that 2 percent. I think it’s fair to say iOS 11’s adoption rate is about the same as iOS 10’s last year.

iPhone X Charging Speeds Compared 

Comprehensive testing from Juli Clover for MacRumors. Looks like the 7.5-watt contact charging (enabled by iOS 11.2) using the Belkin and Mophie charging pads is a nice improvement over 5-watt charging.

Safari Tab Search on the Mac 

Gabe Weatherhead, writing at Macdrifter:

Here’s a little Safari trick that is just gold. Hit Shift-⌘-\ to enter the Safari “Show all tabs” mode. From there it’s just a simple ⌘-F to search the open tabs.

Notice that the search also covers tabs open on other devices too?

Whoa, this is cool. Had no idea you could search in this mode.

But there’s a huge shortcoming: it only searches the tabs in the current window. It seems crazy to me that you can use this to find tabs open on other devices, but not tabs open in other windows on the Mac you’re currently using.

Update: Turns out you don’t need to type Command-F. Just type Command-Shift-\ and start typing, and whatever you type will go into the search field.

Russia Banned From Winter Olympics by I.O.C. 

Rebecca R. Ruiz and Tariq Panja, reporting for The New York Times:

Russia’s Olympic team has been barred from the 2018 Winter Games in Pyeongchang, South Korea. The country’s government officials are forbidden to attend, its flag will not be displayed at the opening ceremony and its anthem will not sound.

Any athletes from Russia who receive special dispensation to compete will do so as individuals wearing a neutral uniform, and the official record books will forever show that Russia won zero medals.

That was the punishment issued Tuesday to the proud sports juggernaut that has long used the Olympics as a show of global force but was exposed for systematic doping in previously unfathomable ways. The International Olympic Committee, after completing its own prolonged investigations that reiterated what had been known for more than a year, handed Russia penalties for doping so severe they were without precedent in Olympics history.

I’m curious if Old Happy Thumbs will fire up his iPhone to comment on this one.

Wes Meltzer’s Review of MarsEdit 1.0 for ATPM 

Wes Meltzer, in his MarsEdit 1.0 review back in January 2005:

A brief historical diversion, if you will: going all the way back to LiveJournal clients, weblog editing clients have tended to be non-document-based, until quite recently. I used the original Windows LiveJournal client, which was modal way back when, and there weren’t a lot of alternatives. Sure, if you had a Radio blog, you had a document-based application — but the huge proliferation of blogs, as Maciej Ceglowski demonstrated in the NITLE Weblog Census, means that most people use Movable Type (about 44,000) or the big hosted services, BlogSpot and LiveJournal (707,690), all of which now support some form of remote posting. Between Ecto and MarsEdit, though, the future is clearly in document-based weblog editing.

Movable Type, Blogspot, and LiveJournal are all still around, but today they’re dwarfed in usage by WordPress and Tumblr. It’s a testimony to the strength of MarsEdit’s engine-neutral design that it remains relevant today, despite a nearly complete change in the publishing systems people use to blog.

MarsEdit 4 and Try-Before-You-Buy on the Mac App Store 

Daniel Jalkut:

MarsEdit 4 also brings a new sales approach that aims to unify the trial, purchase, and upgrade experience between the Mac App Store and direct-licensed versions of the app. The app is free to download and can be used full-featured for a 14 day trial period.

After the trial expires, all features of the app continue to work except for actions that update published content on the web. This ensures that all of MarsEdit’s powerful offline features, including download/archiving of posts, can be used in perpetuity for free.

MarsEdit 4.0 

Major update to one of my very favorite and most-used apps. I’ve been using MarsEdit ever since it was first spun off from the built-in blog editor in NetNewsWire back in 2004. MarsEdit 4 is a terrific update — it both works and looks better than ever. The basic premise — a native Mac blog editor that follows the basic layout and structure of an email client — remains as sound today as it did 13 years ago. MarsEdit is great for both its integration with various blogging platforms and its integration with MacOS as a native app.

I’ve said for years that almost everything I write for Daring Fireball goes through MarsEdit. The only posts that don’t are the ones I write on my iPhone (or, very rarely, iPad). But now that I think about it, it’s not just that almost everything I post now goes through MarsEdit — given that I’ve been using it since mid-2004, almost everything I have ever posted to Daring Fireball has gone through MarsEdit.

Nick Heer on the Deregulation of ISPs 

Nick Heer wrote a terrific response to Ben Thompson on the FCC’s move to overturn Obama era net neutrality regulations:

Even if you believe that the American broadband market is sufficiently competitive — it isn’t — that ISPs can be trusted to not discriminate against some forms of traffic once given the freedom to — doubtful — and that existing regulatory structures will allow any problems to be fixed on a case-by-case basis, it still seems far more efficient to prevent it in the first place. There’s an opportunity to treat internet service as a fundamental utility; let’s keep it that way, whether that’s through Title II classification or an equivalent replacement.

Where Is Amazon’s Prime Video App for Apple TV? 

Chris Welch, writing for The Verge:

“Amazon is coming to the TV app and all Apple TVs later this year with Amazon Prime Video,” Cook said at Apple’s WWDC keynote, before rattling off a string of original Amazon shows including Mozart in the Jungle, Man in the High Castle, and Transparent.

Tomorrow will mark six months since that news.

There has to be a good story here, but no one seems to know it.

Josh Centers checked with Amazon PR, and they told him it’s still coming this year:

But it’s December, and Amazon Prime Video for the Apple TV remains vaporware. Is it still due in 2017? Surprisingly, yes. Amazon public relations told me, “Thanks for checking in. Yes, you can expect the launch this year.”

Text Replacements Now Sync Reliably Between Macs and iOS Devices Via CloudKit 

Remember back in September, when Brian Stucki dove deep into an investigation of why text replacements didn’t sync reliably between iOS devices and Macs? I was told the next day by an Apple spokesperson that an update that moves text replacement syncing to CloudKit should be rolling out to iOS 11 and MacOS 10.13 High Sierra users in the “next month or so”.

In an update to his original report, Stucki reports that as of last week, this is now the case. So far so good for me personally. I think this deserves a non-sarcastic finally.

How the Minnesota Viking Uniforms Came to Be 

Paul Lukas, writing for ESPN:

Here’s the backstory: The Vikings’ first general manager was former Los Angeles Rams public relations director Bert Rose, and their first coach was former Rams quarterback Norm Van Brocklin. When it came time to create the new team’s look in 1961, they turned to a prominent Los Angeles sports cartoonist named Karl Hubenthal, whom they knew from their days in L.A.

It was Hubenthal — not a Vikings employee, not a Minnesota design firm, not the NFL Properties office — who designed the Norseman logo and the team’s original uniform set, including the distinctive horned helmet. Per Rose’s instruction, Hubenthal executed the designs in purple and gold. Why those colors? Because those are the colors of the University of Washington, where Rose had attended college. So with the L.A. and Washington connections, the look of this quintessentially midwestern team had strong West Coast roots.

The Vikings have stayed true to Hubenthal’s original design to this day. Classic.

‘My Butler Has Two Butlers’ 

Bob Vulfov, writing for McSweeney’s: “Hello, I Am the Mythical Middle-Class Person Who Republicans Say Will Benefit From Their New Tax Bill”.

On Apple Embracing YouTube 

Charlotte Henry:

In terms of getting content in front of as many eyeballs as possible, Apple’s decision then makes perfect sense. However, it is significant in terms of Silicon Valley power politics.

Combine this with Apple’s official channel, which is now home to Apple Music Carpool Karaoke content, and you can see a pattern. Apple has accepted that it has, for the moment at least, completely lost the video platform battle. If it wants to get its video message out, it has to play nicely with Alphabet/Google.

I’d argue that it’s not so much that Apple has lost the video platform battle to YouTube, but that the open web has lost the battle. Apple has never attempted to create a rival service to YouTube. Prior to its embrace of YouTube, what Apple used to do was publish video content on its website, using the HTML5 <video> tag.

There are silos for text content — Facebook, Medium, AMP, Apple News, and more. But none dominate the web. Apple’s own relatively new Newsroom section at apple.com is updated frequently and is just a good old-fashioned blog (although its RSS feed is effectively useless). Still images can still go anywhere on the web. Technically that’s true for video as well, but the discoverability and network effects of YouTube are so strong that practically speaking, it’s the only place anyone puts shareable video content.

Facebook ‘Messenger Kids’ 

Josh Constine, writing for TechCrunch:

For the first time, Facebook is opening up to children under age 13 with a privacy-focused app designed to neutralize child predator threats that plague youth-focused competitors like Snapchat. Rolling out today on iOS in the US, “Messenger Kids” lets parents download the app on their child’s phone or tablet, create a profile for them, and approve friends and family who they can text and video chat with from the main Messenger app.

Tweens don’t sign up for a Facebook account and don’t need a phone number, but can communicate with other Messenger and Messenger Kids users parents sign-off on, so younger siblings don’t get left out of the family group chat. “We’ve been working closely with the FTC so we’re lockstep with them. ‘This works’, they said” Facebook product management director Loren Cheng tells me. “In other apps, they can contact anyone they want or be contacted by anyone” Facebook’s head of Messenger David Marcus notes.

This is like Philip Morris introducing officially licensed candy cigarettes. You’re nuts if you sign your kids up for this.

Safari Technology Preview Now Allows Animated-GIF-Like Videos Using ‘img’ Tag 

Colin Bendell on a new feature in Safari Technology Preview:

  • Now you can <img src=".mp4"> in Safari Technology Preview
  • Early results show mp4s in <img> tags display 20x faster and decode 7x faster than the GIF equivalent — in addition to being 1/14th the file size!
  • Background CSS video & Responsive Video can now be a “thing”.
  • Finally cinemagraphs without the downsides of GIFs!
  • Now we wait for the other browsers to catch-up: This post is 46 MB on Chrome but 2 MB in Safari TP

It’ll take a few years for this to catch on web-wide, but the benefits are massive. It’s really rather ridiculous how popular the GIF format is in 2017.

Jamf Now 

My thanks to Jamf for sponsoring last week’s DF RSS feed. Jamf Now is a simple device management solution designed to help anyone set up, manage, and protect Apple devices at work. Easily configure email and Wi-Fi networks, distribute apps to your team, and protect sensitive data without locking down devices.

Daring Fireball readers can create an account and manage three devices for free. Forever. Each additional device is just $2 per month. Create your free account today.

iOS 11.2 Is Out, But Apple Pay Cash Doesn’t Roll Out Until Sometime Next Week 

The official Apple Support Twitter account confirms that Apple Pay Cash, a feature of iOS 11.2, won’t roll out in the U.S. until “early next week”. After upgrading this morning and not seeing it, I thought Apple had postponed it again.

Voyager 1 Fires Up Thrusters After 37 Years 

NASA Jet Propulsion Laboratory:

Since 2014, engineers have noticed that the thrusters Voyager 1 has been using to orient the spacecraft, called “attitude control thrusters,” have been degrading. Over time, the thrusters require more puffs to give off the same amount of energy. At 13 billion miles from Earth, there’s no mechanic shop nearby to get a tune-up.

The Voyager team assembled a group of propulsion experts at NASA’s Jet Propulsion Laboratory, Pasadena, California, to study the problem. Chris Jones, Robert Shotwell, Carl Guernsey and Todd Barber analyzed options and predicted how the spacecraft would respond in different scenarios. They agreed on an unusual solution: Try giving the job of orientation to a set of thrusters that had been asleep for 37 years. […]

On Tuesday, Nov. 28, 2017, Voyager engineers fired up the four TCM thrusters for the first time in 37 years and tested their ability to orient the spacecraft using 10-millisecond pulses. The team waited eagerly as the test results traveled through space, taking 19 hours and 35 minutes to reach an antenna in Goldstone, California, that is part of NASA’s Deep Space Network.

Lo and behold, on Wednesday, Nov. 29, they learned the TCM thrusters worked perfectly — and just as well as the attitude control thrusters.

This gives me a lump in my throat.

iOS 11 Bug Makes Some iPhones Crash Repeatedly Starting Today 

iOS 11.2, which was released overnight, apparently fixes this. This has been a banner week for the folks on the “Apple software quality is going to hell in a hand basket” side of the debate. Jiminy.

Phantom App Updates in the iOS App Store 

Jeff Johnson:

Starting on November 17, many iOS and tvOS apps that had not been updated for a year or two years suddenly received phantom updates in the App Store, without any action by the developers of those apps. The version numbers of the apps did not change. For some of the updates, the release notes were the same as the previous update. For others, the release notes said, “This update is signed with Apple’s latest signing certificate. No new features are included.” Some people speculated that Bitcode recompilation was performed on the apps. So far, Apple has not published any press release or documentation explaining why it updated all of these apps.

Vesper is one of the apps affected by this. If you’re seeing a Vesper update, it’s not because it’s actually updated. Sorry for any confusion, but we had nothing to do with this.

The Talk Show: ‘Disgusting Inception’ 

John “With an H” Moltz returns to the show. Topics include the ongoing deluge of sexual harassment scandals, our beloved SodaStreams, the Mac OS 10.13 High Sierra root login fiasco, App: The Human Story, and more.

Brought to you by these fine sponsors:

  • Squarespace: Make your next move. Use code talkshow for 10% off your first order.
  • Audible: Get a free audiobook with a 30-day trial.
  • Casper: You can be sure of your purchase with Casper’s 100 night risk-free, sleep-on-it trial. Save $50 with coupon thetalkshow.
Nikkei Asian Review: ‘Apple to Design Power Chips in-House as Early as 2018’ 

Cheng Ting-Fang, reporting from Taipei for for Nikkei Asian Review

Apple is designing its own main power management chips for use in iPhones as early as in 2018, cutting dependence on Dialog Semiconductor, according to industry sources, as shares in the U.K. developer plunged as much as 19% in afternoon trade in Frankfurt.

Anything Apple doesn’t design itself is likely something it would prefer to design itself. The iPhone is getting more customized — using more Apple-designed components — with each year.

Why Didn’t Twitter Delete the Anti-Muslim Tweets Promoted by Trump? 

Ivana Kottasová, reporting for CNN:

The anti-Muslim videos were first posted by Jayda Fransen, deputy leader of the far-right party Britain First. They depict violent assaults and the destruction of a statue of the Virgin Mary.

They also appear to violate the terms of use published by Twitter. It warns users: “You may not promote violence against, threaten, or harass other people on the basis of race, ethnicity, national origin, sexual orientation, gender, gender identity, religious affiliation, age, disability, or serious disease.”

Asked why the original tweets have not been deleted, a Twitter spokesperson said:

“To help ensure people have an opportunity to see every side of an issue, there may be the rare occasion when we allow controversial content or behavior which may otherwise violate our rules to remain on our service because we believe there is a legitimate public interest in its availability.”

Translation from PR Weasel-ese to English: Twitter is afraid of pissing off Trump.

‘App: The Human Story’ 

The final cut of App: The Human Story is out, and it’s terrific. I’m happy to have played a small part in it. My blurb:

There’s a segment of the Apple developer community that approaches their work as craft, not mere work. They make apps that aren’t just used, but that are loved. App: The Human Story perfectly captures the ethos of this community in the explosive early years of the App Store. The film tracks many threads but tells one story: how apps became a fundamental part of our daily lives and culture.

Kickstarter backers already have access to the movie. It’s a $15 purchase from Vimeo’s On Demand service otherwise, and so very worth it.

Meet the Man Who Deactivated Trump’s Twitter Account for 11 Minutes 

Ingrid Lunden and Khaled “Tito” Hamze, writing for TechCrunch:

His last day at Twitter was mostly uneventful, he says. There were many goodbyes, and he worked up until the last hour before his computer access was to be shut off. Near the end of his shift, the fateful alert came in.

This is where Trump’s behavior intersects with Duysak’s work life. Someone reported Trump’s account on Duysak’s last day; as a final, throwaway gesture, he put the wheels in motion to deactivate it. Then he closed his computer and left the building.

Several hours later, the panic began. Duysak tells us that it started when he was approached by a woman whom he didn’t know very well. According to Duysak, the woman said that she had been contacted by someone asking about Duysak in connection with Trump’s Twitter account. After a moment of disbelief, he said he then looked at the news and realized what had happened.

There are an awful lot of people who would like to buy this guy a beer.


High Sierra Root Login Bug Was Mentioned on Apple’s Support Forums Two Weeks Ago

It’s natural to speculate how a bug as egregious as the now-fixed High Sierra root login bug could escape notice for so long. It seems to have been there ever since High Sierra 10.13.0 shipped on September 25, and may have existed in the betas through the summer. One explanation is that logging in with the username “root” and a blank password is so bizarre that it’s the sort of thing no one would think to try. Like the classic “1-2-3-4-5” scene in Spaceballs, but with the ultimate weak password — none at all.

More insidious though, is the notion that it might not have escaped notice prior to its widespread publicization yesterday — but that the people who had heretofore discovered it kept it to themselves.

This exploit was in fact posted to Apple’s own support forums on November 13. It’s a bizarre thread. The thread started back on June 8 when a user ran into a problem after installing the WWDC developer beta of High Sierra:

I am hoping someone might know how to fix this - after updating to High Sierra, the two admin accounts on this machine are all of a sudden standard accounts. There is no admin account at all, which means I can’t seemingly fix this problem because there is no admin I can log into. Any changes to the system or software installs I try to do that require admin approval, I have no way to grant it. And no way to create a new admin user without an existing.

A user posted a solution involving Single-User mode, and the thread mostly died down. But on November 13, a user under the handle “chethan177” posted the following:

Note: This solution might be specific to High Sierra

Try this:

Solution 1:

  • On startup, click on “Other”
  • Enter username: root and leave the password empty. Press enter. (Try twice)
  • If you’re able to log in (hurray, you’re the admin now), then head over to System Preferences → Users & Groups and create a new Admin account.
  • Now restart and login to the new Admin Account (you may need a new Apple Id). Once you’re logged into this new Admin Id, you can again proceed to your System Preferences → Users & Groups. Open the Lock Icon with your new Admin ID/Password. Assign “Allow user to administer this computer” to your original Apple ID. Restart. […]

Solution 2:

  • If you’re unable to login at startup using username: root and empty password, then login with your existing account (standard user).
  • Again, head over to System Preferences → Users & Groups. Click on the Lock Icon. When prompted for username and password, type username: root and leave the password empty. Press enter. This might throw an error, but try again immediately with the same username: root and empty password. This should unlock the Lock Icon. If it does, try Solution 1 next.

P.S. Solution 2 worked for me. No idea how or why. Hope this helps.

That’s yesterday’s bug. And in fact, this forum post is where
Lemi Orhan Ergin — who publicized the vulnerability on Twitter — saw it as well:

A week ago the infrastructure staff at the company I work for stumbled on the issue while trying to help one of my colleagues recover access to his local admin account. The staff noticed the issue and used the flaw to recover my colleague’s account. On Nov 23, the staff members informed Apple about it. They also searched online and saw the issue mentioned in a few places already, even in Apple Developer Forum from Nov 13. It seemed like the issue had been revealed, but Apple had not noticed yet.

Yesterday, after the issue exploded, “chethan177” was asked in the thread how he discovered the exploit. His response:

Hey guys,

Didn’t realise this was a full blown security issue. I’d messed my login credentials trying to change my apple id and voila I was no longer an admin. Then began my extensive search on all Apple related forums for a solution. Tried everything, didn’t work.

As to how I stumbled on this, the answer is simple. Pure frustration. I’d read on one of the forums where in a user suggested we try using “root” for username and leaving the password field empty. I did, it failed. Out of sheer frustration, I tried again, and voila the **** thing unlocked my admin account much to my relief.

Then I posted it here assuming someone stuck just like me might find it useful. It was purely accidental.

Which forum was that, where he found this suggestion? Alas:

Unfortunately, I don’t remember. I looked up several forums trying to look for a solution. Trying the “root” username entry method without a password was definitely mentioned somewhere. I just happened to try it twice.

So the exploit was floating around, under the radar, for weeks at least, but it seems as though no widespread harm came of it. 


Twitter’s 280-Character Own Goal

J.K. Rowling, on Twitter raising the per-tweet character limit to 280:

Twitter’s destroyed its USP. The whole point, for me, was how inventive people could be within that concise framework.

USP is “unique selling proposition”. By doubling the character limit, Twitter has eliminated what made them unique. Yes, there were many trade-offs with the 140-character limit, both pros and cons. But one of the pros is it made Twitter unique. Twitter timelines now look more like Facebook — but Facebook is already there for Facebook-like timelines. Twitter trying to be more like Facebook is like basketball trying to be more like football — a bad idea that won’t work.

Stephen King was more succinct:

280 characters? Fuck that.

Andy Ihnatko:

I like the word-Tetris of making a complete thought fit in a 140-character box.

John Dingell, 91-year-old retired Congressman from Michigan (who is truly excellent at Twitter):

99% of you people don’t even deserve 140 characters.

It’s no surprise that writers, in particular, object to this change. I agree with Ihnatko — the 140-character limit made it a challenge. Fitting certain complex thoughts into a mere 140 characters sometimes felt like solving a small challenge, like one of The New York Times’s tiny little 5 × 5 crossword puzzles.

But perhaps the best commentary comes from William Shakespeare:

Brevity is the soul of wit.

Given 280 characters, people are going to use them, even to express thoughts that could have fit in 140. Given unlimited characters, such as in email, people ramble aimlessly.

That’s why email feels like a dreary chore, and Twitter feels like fun. The fewer tweets that fit in a single screen at a time, the less fun Twitter feels. I’m sure Twitter considered this change carefully, but I’m convinced they’ve made a terrible mistake. 


iPhone X Review Roundup

Because I’ve only had about 24 hours with the iPhone X, I’m in no position to write a review yet. But my quick take:

  • Face ID works great. In practice it’s like not even having a passcode on the phone. You just swipe and you’re in. It’s also very quick to set up — way quicker than setting up even a single fingerprint in Touch ID.
  • I don’t really notice the notch while using it.
  • I do notice the lack of a home button. I think I’ll get used to the new no-home-button UI soon, but 10 years of habits die hard.
  • The device feels great.

I was far from alone in not getting an extended period of time to test the phone before the review embargo lifted.

Here’s what others are saying in their reviews.

Matthew Panzarino used iPhone X for a week, and stress-tested it with a family trip to Disneyland. (He did the same thing with the iPhone 6 and 6 Plus three years ago — it’s a great conceit for a review.) He also got on-the-record interviews with Phil Schiller, Dan Riccio, Craig Federighi, and Alan Dye. Riccio flatly denied reports that Apple was scrambling to get Touch ID working with iPhone X:

“I heard some rumor [that] we couldn’t get Touch ID to work through the glass so we had to remove that,” Riccio says, answering a question about whether there were late design changes. “When we hit early line of sight on getting Face ID to be [as] good as it was, we knew that if we could be successful we could enable the product that we wanted to go off and do and if that’s true it could be something that we could burn the bridges and be all in with. This is assuming it was a better solution. And that’s what we did. So we spent no time looking at fingerprints on the back or through the glass or on the side because if we did those things, which would be a last-minute change, they would be a distraction relative to enabling the more important thing that we were trying to achieve, which was Face ID done in a high-quality way.”

Panzarino, on the iPhone X’s OLED display:

I hate to say it, but it makes the iPhone 8 Plus LCD look kind of like butt. I love it, even though it is flawed in one noticeable way.

The one area where this display falls prey to standard OLED gripes is in off-axis viewing. Apple tells me that it has done work to counter the drop in saturation and shift to blue that affects OLED screens traditionally. I can tell you that, compared to other OLED screens, you have to get further “off of center” to see a real shift in color, holding the phone 30 degrees or more off of dead on. But it is still there. For people who share their phone’s screen or use it at odd angles a lot, it will be noticeable. On some phones, OLEDs go super blue. On the iPhone X it’s more of a slight blue shift with a reduction in saturation and dynamic range. It’s not terrible, but it definitely exists.

I see the same thing with mine.

Nicole Nguyen also used iPhone X for a week and wrote a great review for BuzzFeed:

Whatever. I don’t feel strongly about the notch either way, but it’s really the other end of the screen that feels awkward. It’s when the keyboard, in any app, is on screen (which, for me, is most of the time): There’s all this dead space on the bottom, where Apple could have put common punctuation, frequently used emojis, or literally anything, but instead left it blank. Other full-screen apps on other phones put navigation or other design elements in that area, and it doesn’t look crowded or crammed. It looks fine. It’s puzzling why Apple didn’t put something more useful down at the bottom, or why it didn’t add a row of numbers or emojis up top and push down the keyboard to make it more thumb-accessible.

It does look like a waste of space, but I wonder if testing showed that there needs to be some space under the keyboard to separate it from the virtual home button? If there weren’t a gap under the keyboard, you might hit the home button while trying to hit the space bar, and vice versa. Update: I’ve heard from a little birdie that my speculation is correct; also: it’s about typing comfort.

For a normal human who isn’t aware of the 30,000 invisible dots being projected on their face or the 3D map of their head encrypted somewhere deep inside their phone, there’s nothing “futuristic” about these interactions. Using Face ID is what life without a passcode — life before we all became paranoid technofreaks — felt like.

That’s my take too. It’s like not having a passcode set.

Lance Ulanoff, in his review for Mashable:

During my first 24 hours of using the iPhone X, I helplessly pressed the space where a button should be. It’s a kind of Phantom Home Button Syndrome that I expect all iPhone X owners will experience in the early days.

It fades, though, and rather quickly, thanks to a smartly designed gesture interface and something Apple calls Face ID. […]

One important limitation of Face ID: It only lets you register one face. That may strike many as unnecessarily limiting since Touch ID lets users register up to 10 fingerprints, but Apple says it found the number of people who register more than one person’s fingerprints is miniscule. There’s also the simple and obvious fact that humans have 10 fingers, but just one face.

I’m surprised it’s only a minuscule number. I’ve got a fingerprint registered on my son’s iPhone — I’m sure other parents do the same thing. And last week my wife let me put a fingerprint on her iPhone so I could use Apple Pay while pre-ordering her iPhone X while she slept.