TikTok Shops Are Lousy With Counterfeit Products ★
Ikran Dahir, reporting for BuzzFeed News:
Iman Hamid, a lawyer and author in London, was browsing TikTok in January when she came across a NYX lip gloss being sold on a livestream for just £3.99 (about $5) — almost half of the product’s original price. Thinking this was a good deal, she purchased the lip color — but once it arrived, she said she realized the discount was too good to be true.
In a video she posted on TikTok in June, Hamid swatches the lip gloss she purchased on TikTok and compares it to the same color she bought at Superdrug to compare. The colors are starkly different and she says the texture didn’t match up. […]
Several commenters on Hamid’s TikTok video shared their experiences of purchasing what they believed to be a fake product from TikTok. “Same happened to me with mascara,” one person said. Another warned, “if the price is too good to be true, it’s probably too good to be true.”
“It’s shocking to me to see how many people have actually gone through the same problem,” Hamid told BuzzFeed News.
This shouldn’t be shocking at all. Of course TikTok shops are riddled with scams. Of course name brand products being sold by rando TikTok users at half price are counterfeit.
Saturday, 2 July 2022
My thanks to Tailscale for sponsoring this week at DF. Say hello to Tailscale SSH — and say goodbye to managing SSH keys, setting up bastion jump boxes, and unnecessarily exposing your private production devices to the open internet. Never deploy an infrastructure bastion again.
Joe Turkel Dies at 94 ★
He’ll always be the bartender.
Friday, 1 July 2022
The Talk Show: ‘Here You Go, Cheapskate’ ★
Rene Ritchie returns to the show for more on Apple’s announcements from WWDC 2022, locking devices out of Face ID and Touch ID, passkeys, and more.
Brought to you by these fine sponsors:
- Squarespace: Make your next move. Use code talkshow for 10% off your first order.
- Memberful: Monetize your passion with membership. Start your free trial today.
- Kolide: Endpoint security for teams that Slack. Try Kolide for free today; no credit card required.
Republicans Working the Refs, Gmail Edition ★
Lachlan Markay, reporting for Axios:
The Republican National Committee fired the latest shot on
Wednesday, when chairwoman Ronna McDaniel claimed in a statement
to Axios that Google has “systematically attacked” its digital
program. The RNC claims Google’s Gmail, the nation’s top email
client, has been suppressing fundraising emails during
strategically critical periods this year.
Google told Axios its spam filter is thoroughly apolitical, and
that it’s taking steps to ensure political messages aren’t
inadvertently flagged. [...] Google did not address the RNC’s
specific complaints, but stressed, “we do not filter emails based
on political affiliation.”
“We recently asked the Federal Election Commission to advise us on
a potential pilot for political bulk senders that would provide
more transparency into email deliverability, while still letting
users protect their inboxes by unsubscribing or labeling emails as
spam,” said Google spokesperson José Castañeda in an emailed
That pilot, first reported by Axios this week, would
initially exempt political senders from Gmail’s spam filter, while
giving recipients more visible options to flag those messages as
spam going forward.
For the sake of argument, let’s concede that Gmail flags as spam more political emails from Republicans than Democrats. I’d bet that this is in fact true — and if it’s not true, there’s no basis for this controversy.
One possible explanation is that Google is doing this deliberately to hinder Republican fundraising. This is what the GOP is claiming.
Another possible explanation is that GOP fundraising emails really do tend to be more spammy, both in content and in frequency, and thus should be getting flagged as spam more frequently than those from Democrats by non-partisan filtering algorithms. I.e. that Gmail’s spam filtering algorithms are biased only against junky messages. I get a lot of email from Democrats based on my political donations. I also voluntarily signed up for emails from the Trump campaign in the 2020 election, just to see what they were like. In my experience, the scenario I describe in this paragraph is almost certainly the case: Republican political emails are spammier.
Fundraising emails from Democrats are very frequent, and often melodramatic in their ostensible urgency, but in my experience they are legit. Unsubscribe links are where you expect them at the bottom of the emails, and unsubscribing works.
Fundraising emails from Republicans — especially those from the Trump campaign — look and read like scams. And, apparently, often now are outright scams — the Trump family has apparently raised over $250 million since the 2020 election for an “Official Election Defense Fund” that doesn’t exist. Emails with subject lines claiming that you have “one hour to claim your free gift”, or that Trump himself has recorded a personal message just for you but he needs some dough before he’ll send it to you. All political fundraising solicitations are a bit greasy, but the Trumpy ones are so scammy they’re beyond parody.
The Republican argument is that Gmail (and all other email providers — but Gmail is the biggest in the U.S.) ought to flag Republican and Democratic emails as spam in equal measure, and if Republican emails are flagged more frequently, it’s prima facie evidence that Google is biased against Republicans. It’s like a basketball team that plays rough and commits a lot more fouls than their opponent but yells and screams that the refs are biased against them because more fouls are called against them. The refs aren’t biased if the team they flag for more fouls actually commits more fouls. And a spam filter isn’t biased if one party’s emails are more spammy and thus more likely to be flagged as spam.
But it sounds like Google, eager to avoid being tagged as anti-conservative, is working on something to exempt political emails from their general spam filtering algorithms. I get it that this bullshit is a headache Google doesn’t need, but I’d like to see them stand firm that their spam filters are working as intended — flagging messages based on their junkiness, not their political slant.
President Biden to Award Steve Jobs a Posthumous Presidential Medal of Freedom ★
Among other recipients this year: John McCain, Megan Rapinoe, Simone Biles, and Denzel Washington.
Thursday, 30 June 2022
Ketanji Brown Jackson Sworn in as 116th Supreme Court Justice ★
Theodore Parker: “The arc of the moral universe is long, but it bends toward justice.”
Keep the faith.
Instagram and Facebook Remove Posts Offering Abortion Pills ★
Amanda Seitz, reporting for the AP:
The AP obtained a screenshot on Friday of one Instagram post from
a woman who offered to purchase or forward abortion pills through
the mail, minutes after the court ruled to overturn the
constitutional right to an abortion.
“DM me if you want to order abortion pills, but want them sent to
my address instead of yours,” the post on Instagram read.
Instagram took it down within moments. Vice Media first reported
on Monday that Meta, the parent of both Facebook and Instagram,
was taking down posts about abortion pills.
On Monday, an AP reporter tested how the company would respond to
a similar post on Facebook, writing: “If you send me your address,
I will mail you abortion pills.” The post was removed within one
minute. The Facebook account was immediately put on a “warning”
status for the post, which Facebook said violated its standards on
“guns, animals and other regulated goods.”
Yet, when the AP reporter made the same exact post but swapped out
the words “abortion pills” for “a gun,” the post remained
untouched. A post with the same exact offer to mail “weed” was
also left up and not considered a violation.
Get your shit together, Facebook.
Disney Celebrates 25th Anniversary of Chinese Rule in Hong Kong ★
Just one character, though: roly-poly Winnie the Pooh.
Wednesday, 29 June 2022
F.C.C. Commissioner Brendan Carr Asks Apple and Google to Remove TikTok From App Stores ★
Brendan Carr, one of the FCC’s commissioners (a Republican), in a letter to Tim Cook and Sundar Pichai:
I am writing the two of you because Apple and Google hold
themselves out as operating app stores that are safe and trusted
places to discover and download apps. Nonetheless, Apple and
Google have reviewed and approved the TikTok app for inclusion in
your respective app stores. Indeed, statistics show that TikTok
has been downloaded in the U.S. from the Apple App Store and the
Google Play Store nearly 19 million times in the first quarter of
this year alone. It is clear that TikTok poses an unacceptable
national security risk due to its extensive data harvesting being
combined with Beijing’s apparently unchecked access to that
sensitive data. But it is also clear that TikTok’s pattern of
conduct and misrepresentations regarding the unfettered access
that persons in Beijing have to sensitive U.S. user data- just
some of which is detailed below-puts it out of compliance with the
policies that both of your companies require every app to adhere
to as a condition of remaining available on your app stores.
Therefore, I am requesting that you apply the plain text of your
app store policies to TikTok and remove it from your app stores
for failure to abide by those terms.
TikTok is not what it appears to be on the surface. It is not just
an app for sharing funny videos or memes. That’s the sheep’s
clothing. At its core, TikTok functions as a sophisticated
surveillance tool that harvests extensive amounts of personal and
sensitive data. [...]
Moreover, Apple and Google have long claimed to operate their app
stores in a manner that protects consumer privacy and safeguards
their data. Therefore, I am requesting that you apply your app
store policies to TikTok and remove it from the Apple App Store
and the Google Play Store for failing to comply with those
policies. If you do not remove TikTok from your app stores, please
provide separate responses to me by July 8, 2022, explaining the
basis for your company’s conclusion that the surreptitious access
of private and sensitive U.S. user data by persons located in
Beijing, coupled with TikTok’s pattern of misleading
representations and conduct, does not run afoul of any of your app
This whole charade about moving U.S. TikTok users’ data to servers run by Oracle is a facade — there’s nothing stopping ByteDance employees in China from accessing the data on those servers. The Biden administration shouldn’t merely request that Apple and Google ban TikTok from their App Stores, they should demand it.
Tuesday, 28 June 2022
Atari Turns 50 ★
Commemorating the 50th anniversary of Atari, Benj Edwards interviewed founder Nolan Bushnell for How-To Geek:
Benj Edwards, How-To Geek: Do you think the video game
industry has lost sight of any innovations from the early days
Nolan Bushnell: A little bit. Remember that Atari was
founded as a coin-op company. And coin-op has this requirement
that a newbie has to get into the game almost instantly without
reading instructions. So the simplicity of onboarding is lost
by a lot of people right now. [...]
HTG: What did you do “right” in the early years of Atari
that people could learn from today?
Bushnell: We did really good branding. And I think that, in
terms of our graphic badges and our logo and everything, we
wanted to have a distinct look. I think it’s held together.
Right now, the Atari logo is the only thing that’s still really
HTG: Apple used iconic branding successfully too, and Steve
Jobs was one of your early employees. Do you think that rubbed
off on Apple?
Bushnell: I think so, because Jobs used to ride up to my
house on Sunday mornings on his motorcycle. And we’d drink tea
and talk about things. And I talked about the importance of
branding and color palettes and things like that — how a brand
and look is multi-faceted. You’ve never really thought about a
color palette as being unique to a company, and yet it’s
Atari was the first computer company I ever loved. Still love those old machines and games, and still love that logo.
Bonus link: This terrific TV commercial for the Atari 2600 from the early 1980s, also via Edwards.
Period Tracking App Stardust Seems a Little Sketchy ★
Sarah Perez and Zack Whittaker, reporting for TechCrunch yesterday:
Others are abandoning their current period trackers and turning to
apps like Stardust instead as a result of the company’s strong
statement issued in light of the decision to overturn Roe.
Stardust said it would implement end-to-end encryption so it would
“not be able to hand over any of your period tracking data” to the
government, helping to draw in hundreds of thousands of downloads
over this weekend ahead of the release of the new,
encryption-featured app version slated for release on Wednesday.
First strike: Stardust bills itself as an astrology-based period tracker: “Harness your inner cosmic energy with Stardust, an app that integrates science, astronomy and artificial intelligence to connect your hormonal cycle with the cycles of larger celestial bodies: the stars, planets, sun, and moon.” I wouldn’t take advice at the craps table from someone who believes in astrology, let alone trust them with my medical data.
(Sidenote: “minnow-clarinet-j6yf.squarespace.com” is an odd domain name for an ostensibly serious personal health company.)
Second strike: end-to-end encryption isn’t something you just add in a matter of days.
TechCrunch ran a network traffic analysis of Stardust’s iPhone
app on Monday to understand what data was flowing in and out of
the app. The network traffic showed that if a user logs into the
app using their phone number (rather than through a login service
provided by Apple or Google), Stardust will periodically share
the user’s phone number with a third-party analytics service
called Mixpanel. [...] During the network traffic analysis,
TechCrunch saw no health data shared with Mixpanel. But sharing a
phone number that’s tied to a specific user of a period-tracking
app with a third party like Mixpanel could allow prosecutors to
compel Mixpanel to turn over that data — even if Stardust claims
that it can’t.
That does not sound like an app that takes user privacy seriously.
TechCrunch asked the founders for more information about how the
app is implementing end-to-end encryption. Stardust founder
Moranis told TechCrunch that “all traffic to our servers is
through standard SSL (hosted on AWS) and subsequent data storage
on AWS RDS utilizing their built-in AES-256 encryption
implementation.” Although this describes the use of encryption to
protect data while in transit and while it’s stored on Amazon’s
servers, it’s not clear if this implementation would be considered
true end-to-end encryption.
Given its complexity and the stakes involved, implementing
end-to-end encryption is often a time- and resource-intensive
effort, where a single coding flaw could undermine the protections
of the users’ data. [...] When asked if the company had
conducted a third-party security audit of the app’s code, Moranis
said that the company intends to “fully publish our implementation
along with a third-party audit once it is complete,” but a
timeline was not given. [...]
After we heard from Stardust, the company quietly changed its
This doesn’t really make any sense. My best guess is that Stardust’s leadership saw an opportunity to appeal to privacy-concerned women after Friday’s Supreme Court decision overturning Roe v. Wade, struck gold by claiming to be secure and privacy-focused, but they didn’t actually know what “end-to-end encryption” really means.
Tuesday, 28 June 2022
David Frum, writing for The Atlantic:
The culture war raged most hotly from the ’70s to the next
century’s ’20s. It polarized American society, dividing men from
women, rural from urban, religious from secular, Anglo-Americans
from more recent immigrant groups. At length, but only after a
titanic constitutional struggle, the rural and religious side of
the culture imposed its will on the urban and secular side. A
decisive victory had been won, or so it seemed.
The culture war I’m talking about is the culture war over alcohol
prohibition. From the end of Reconstruction to the First World
War, probably more state and local elections turned on that one
issue than on any other. The long struggle seemingly culminated in
1919, with the ratification of the Eighteenth Amendment and
enactment by Congress of the National Prohibition Act, or the
Volstead Act (as it became known). The amendment and the act
together outlawed the manufacture and sale of alcoholic beverages
in the United States and all its subject territories. Many urban
and secular Americans experienced those events with the same
feeling of doom as pro-choice Americans may feel today after the
Supreme Court’s overturning of Roe v. Wade.
Only, it turns out that the Volstead Act was not the end of the
story. As Prohibition became a nationwide reality, Americans
rapidly changed their mind about the idea. Support for Prohibition
declined, then collapsed. Not only was the Volstead Act repealed,
in 1933, but the Constitution was further amended so that nobody
could ever try such a thing ever again.
The analogy isn’t perfect, but no analogy ever is. I’ll start by noting the obvious: that women’s reproductive rights and bodily autonomy are far more essential than the right to consume alcohol (or any other drug) recreationally. The stakes are immeasurably higher.
That said, I find Frum’s analogy compelling, politically. Optimistically, the repeal of Prohibition was resounding, and seemingly stands as proof that something so deeply unpopular cannot stand in a democracy. Pessimistically, the repeal of Prohibition — despite its deep unpopularity and obvious failure — took 14 years. From our perspective today, Prohibition looks like a bizarre, brief blip in American history; to those who lived through it, it was a long and painful slog.
More pessimistic, of course, is the fact that American democracy itself is in severe crisis. Deeply unpopular laws and the suppression of fundamental human rights are the norm in autocracies. ★
Tuesday, 28 June 2022
Trump Lawyer John Eastman Probably Wishes He Knew How to Hard-Lock His iPhone ★
FBI seized the phone of former President Donald Trump’s election
attorney John Eastman last week, according to a new court filing
from the conservative lawyer. Last Wednesday, about six federal
investigators approached Eastman in New Mexico when he was
exiting a restaurant after dinner with his wife and a friend,
according to the court filings. He was patted down, and “forced
to provide [facial] biometric data to open” the phone, Eastman’s
court filing said.
Agents were able to get access to Eastman’s email accounts on his
iPhone 12 Pro, the filings said.
CNN posted a copy of Eastman’s court filing, which contains the original warrant as an attachment. From the warrant:
During the execution of the search of the authorized places, law
enforcement personnel are also specifically authorized to obtain
from the Subjects (but not any other individuals present at the
time of execution of the warrant) the compelled display of any
physical biometric characteristics (such as
fingerprint/thumbprint, facial characteristics, or iris display)
necessary to unlock any device(s) requiring such biometric access
subject to seizure pursuant to this warrant for which law
enforcement has reasonable suspicion that the aforementioned
person(s)’ physical biometric characteristics will unlock the
device(s), to include pressing fingers or thumbs against and/or
putting a face before the sensor, or any other security feature
requiring biometric recognition of any of the devices, for the
purpose of attempting to unlock the device(s)’s security features
in order to search the contents as authorized by this warrant.
While attempting to unlock the device by use of the compelled
display of biometric characteristics pursuant to this warrant, law
enforcement is not authorized to demand that the aforementioned
person(s) state or otherwise provide the password or identify the
specific biometric characteristics (including the unique finger(s)
or other physical features), that may be used to unlock or access
the device(s). Nor does the warrant authorize law enforcement to
use the fact that the warrant allows law enforcement to obtain the
display of any biometric characteristics to compel the
aforementioned person(s) to state or otherwise provide that
information. However, the voluntary disclosure of such information
by the aforementioned person(s) is permitted. To avoid confusion
on that point, if agents in executing the warrant ask any of the
aforementioned person(s) for the password to any device(s), or to
identify which biometric characteristic (including the unique
finger(s) or other physical features) unlocks any device(s), the
agents will not state or otherwise imply that the warrant requires
the person to provide such information, and will make clear that
providing any such information is voluntary and that the person is
free to refuse the request.
That this story broke the same day I published a piece explaining how to hard-lock an iPhone to disable Face ID and Touch ID authentication until the device passcode has been entered, is rather amazing. I was inspired to post that yesterday in light of privacy concerns stemming from the Supreme Court’s repeal of abortion rights in America, but the situation I described — that law enforcement can force you to use your fingerprints or face to unlock a device, but cannot force you to reveal your passcode — is perfectly exemplified by the warrant against Eastman.
Watching the video of Eastman’s iPhone being confiscated, it’s possible he had no opportunity to hard-lock the device even if he’d known how to. The video Eastman gave to Fox News starts with him with his hands already on his head, and an FBI agent frisking him, finding the phone in a belt holster, and taking it.
Monday, 27 June 2022
The Talk Show: ‘Your Sack of Meat With Teeth’ ★
Jason Snell returns to the show to discuss the biggest threads from WWDC 2022 — in particular, Stage Manager and the M2 MacBook Air and 13-inch MacBook “Pro”. No sports talk (unless you count soccer).
Brought to you by:
- RevenueCat: In-app subscriptions made easy.
- Linode: Instantly deploy and manage an SSD server in the Linode Cloud. New accounts get a $100 credit.
- Squarespace: Make your next move. Use code talkshow for 10% off your first order.
- Kolide: Endpoint Security for teams that Slack. Try Kolide for free today; no credit card required.
Monday, 27 June 2022
I’ve written about this — e.g. here and here — but because I consider it one of the single most important things to know about iOS, I should write about it more often. Even if you’re not the sort of person who typically shares iPhone tips with your friends and relatives, this is one that you should spread the word about.
The problem is this: if you use Face ID or Touch ID on your device (and you almost certainly should), what happens if law enforcement (or anyone else for that matter) takes your device and physically forces you to unlock it biometrically? There is some legal precedent supporting the notion that police can force you to do this, but can’t force you to provide them with a passcode or passphrase.
Here are two essential things everyone should know.
The first is hard-locking. When you hard-lock your iPhone or iPad, it enters a mode that requires the device passcode to unlock. With recent iPhones and iPads, you enter this mode the same way that you turn off the device: by pressing and holding the power button and either of the volume buttons for about two seconds.1 You’ll know when you’ve pressed the buttons long enough because there’s haptic feedback.2 This takes you to the screen where you see a slider to power down the device, and on iPhones, where you can initiate an Emergency SOS call or view the device owner’s Medical ID (if they have one). The important thing to note is that you don’t have to do anything on this screen to hard-lock your device — once you’ve gotten to this screen, the device is already hard-locked and will require the passcode to unlock. You can’t use Face ID or Touch ID again until the passcode has been entered. This is important because it means you can easily hard-lock your iPhone without even looking at it, or removing it from your pocket or purse. That you can do this surreptitiously is very much by design.
Just press and hold the buttons on both sides. Remember that. Try it now. Don’t just memorize it, internalize it, so that you’ll be able to do it without much thought while under duress, like if you’re confronted by a police officer. Remember to do this every time you’re separated from your phone, like when going through the magnetometer at any security checkpoint, especially airports. As soon as you see a metal detector ahead of you, you should think, “Hard-lock my iPhone”.
The second thing is to know your rights. Never ever hand your phone to a cop or anyone vaguely cop-like, like the rent-a-cops working for TSA. If they tell you that you must, refuse. They can and will lie to you about this. If you really need to hand it over, they’ll take it from you. And they won’t get anything from it, because you’ll have already hard-locked it, and you’ll know that you cannot be required to give them your passcode. ★
Monday, 27 June 2022
Claim Chowder: Kathleen ‘Calm Down’ Parker Edition ★
Kathleen Parker, opining for The Washington Post four years ago, on the cusp of Trump’s nomination of Brett Kavanaugh to replace Anthony Kennedy on the Supreme Court:
What new justice would want to be that man or woman, who
forevermore would be credited with upending settled law and
causing massive societal upheaval? As for other conservative
justices, only Clarence Thomas would likely vote to
overturn Roe v. Wade. Sen. Susan Collins (R-Maine), one of the
most important voices in this discussion, echoed the thoughts of
close-to-the-court sources, who told me that neither Chief Justice
John G. Roberts Jr. nor Neil M. Gorsuch would likely want to wade
into that swamp and weigh in on a Roe v. Wade reversal.
The headline: “Calm Down. Roe v. Wade Isn’t Going Anywhere.”
This, from the same columnist who wrote on 4 November 2016, “Calm Down. We’ll Be Fine No Matter Who Wins.”
(Via Jay Rosen, who observes, “That scene from Shawshank comes to mind: ‘You don’t seem to be a very good thief. Maybe you should try something else.’”)
Epic’s 95/5 Split for Fortnite Content Creators ★
Jay Peters, writing for The Verge:
For the Fortnite groups I talked to, the Creator Codes can be an
inefficient way to get revenue, since they have to find ways to
convince people to enter the code. In some maps I’ve played,
though, there’s a prompt right at the beginning that lets you use
the code with just a couple button presses. But creators don’t get
much of the share of what’s purchased. In Fortnite, creators earn
5 percent of the value of in-game purchases made using their
Creator Code, Epic says on its website.
In an FAQ, Epic spells out a couple examples of how the payouts
might work — and explicitly cautions creators to “expect modest
Q: Will This Program Make Creators Rich?
A: Please expect modest results. The amount you earn scales with
the number of players who choose to support you. A Fortnite
example: If your in-game supporters spend 50,000 V-Bucks
in-game, then you would earn $25 USD. An Epic Games Store
example: if your supporters purchase $100 of games, you’ll
earn $5 (at the base Epic-funded rate).
Sounds like we have a solution to Epic’s years-long complaint about Apple and Google taking a 15–30 percent cut of in-app transactions. They should follow Epic’s lead and take a 95 percent cut instead. Support a creator, indeed.
Or, perhaps, different revenue splits are “fair” in different contexts.
Period-Tracking Apps and Data Privacy in Post-Roe America ★
Rina Torchinsky, reporting for NPR on an issue that is now top-of-mind for women across the United States:
For those second-guessing their period-tracking app, Ford says
there’s a risk vs. convenience calculation that’s different for
each user. It depends in large part on where you live and what the
“If I lived in a state where abortion was actively being
criminalized, I would not use a period tracker — that’s for
sure,” she says.
But for those who choose to log their data online, there might be
some options that aren’t as risky. Ford says that apps built with
a nonprofit model could offer more privacy. Hong says paid apps
could be better because they’re less likely to track users, since
they don’t need to collect advertising data. Hong also advised
users to read Apple’s privacy nutrition labels, which are designed
to show users how their data is used in simpler terms.
Apps that store data locally are also preferable, Greer explained,
because when data is stored locally, the user owns it — not the
The article, unfortunately, does not mention the iOS Health app specifically, but should. Apple’s Health data is only accessible on the user’s device(s). From Apple’s support documentation on health records and privacy:
By default, iCloud automatically keeps your Health app data,
including health records, up to date across your devices. To
disable this feature, open iCloud settings and turn off Health.
iCloud protects your health records data by encrypting it both in
storage and during transmission. If you’re using iOS 12 or later
and have turned on two-factor authentication for your Apple
ID, health records are encrypted using end-to-end encryption
through iCloud. This means only you can access this information,
and only on devices where you’re signed in to iCloud. No one else,
not even Apple, can access end-to-end encrypted information.
In other words, it’s not merely a policy that Apple will keep your health data — all of it — private on iCloud. If you’re using two-factor authentication for your iCloud account — and you most definitely should be — it’s mathematically secure via end-to-end encryption. Apple not only won’t hand it over in the face of a demand from law enforcement in a state where abortion has been criminalized, they can’t.
I don’t mean to glibly suggest that Apple Health is a panacea for this dilemma. It’s certainly worth worrying about which third-party apps you grant access to your Health data, for one thing. And for another, data stored on-device is still accessible to law enforcement if they have possession of the device and can unlock it. But it’s a distinction worth noting. HealthKit was designed from the ground up to be cryptographically secure in this way — a fundamental difference from cloud-based period tracking services that are only now working on “anonymous” modes.
You can check which apps have access to what Health data in Settings → Health → Data Access & Devices.
Sunday, 26 June 2022
America Is Growing Apart ★
Ronald Brownstein, writing for The Atlantic:
All of this is fueling what I’ve called “the great divergence” now under way between red and blue states. This divergence itself creates enormous strain on the country’s cohesion, but more and more even that looks like only a way station. What’s becoming clearer over time is that the Trump-era GOP is hoping to use its electoral dominance of the red states, the small-state bias in the Electoral College and the Senate, and the GOP-appointed majority on the Supreme Court to impose its economic and social model on the entire nation — with or without majority public support. As measured on fronts including the January 6 insurrection, the procession of Republican 2020 election deniers running for offices that would provide them with control over the 2024 electoral machinery, and the systematic advance of a Republican agenda by the Supreme Court, the underlying political question of the 2020s remains whether majority rule — and democracy as we’ve known it — can survive this offensive.
Saturday, 25 June 2022
My thanks to Tailscale for sponsoring last week at DF. Tailscale is the easiest way to create a peer-to-peer network with the power of Wireguard. SSH, VNC, RDP? All made simple with Tailscale installed.
No additional hardware to manage. No complicated firewall rules. And completely free for personal use.
Friday, 24 June 2022
The Dissent ★
There’s a lot to read regarding today’s 5-4 decision by the U.S. Supreme Court to overturn Roe v. Wade, making official what we’ve known was about to happen since a near-final draft leaked in early May. I humbly suggest starting with the dissent, written by all three dissenting justices, Breyer, Sotomayor, and Kagan. Their dissent begins on page 148 of the PDF decision.
Some highlights. P. 3 (page 151 of PDF):
Most threatening of all, no language in today’s decision stops the
Federal Government from prohibiting abortions nationwide, once
again from the moment of conception and without exceptions for
rape or incest. If that happens, “the views of [an individual
State’s] citizens” will not matter. Ante, at 1. The challenge for
a woman will be to finance a trip not to “New York [or]
California” but to Toronto.
The lone rationale for what the majority does today is that the
right to elect an abortion is not “deeply rooted in history”: Not
until Roe, the majority argues, did people think abortion fell
within the Constitution’s guarantee of liberty. The same could be
said, though, of most of the rights the majority claims it is not
tampering with. The majority could write just as long an opinion
showing, for example, that until the mid-20th century, “there was
no support in American law for a constitutional right to obtain
[contraceptives].” So one of two things must be true. Either the
majority does not really believe in its own reasoning. Or if it
does, all rights that have no history stretching back to the mid-
19th century are insecure. Either the mass of the majority’s
opinion is hypocrisy, or additional constitutional rights are
under threat. It is one or the other.
As an initial matter, note a mistake in the just preceding
sentence. We referred there to the “people” who ratified the
Fourteenth Amendment: What rights did those “people” have in their
heads at the time? But, of course, “people” did not ratify the
Fourteenth Amendment. Men did. So it is perhaps not so surprising
that the ratifiers were not perfectly attuned to the importance of
reproductive rights for women’s liberty, or for their capacity to
participate as equal members of our Nation. Indeed, the ratifiers — both in 1868 and when the original Constitution was approved in
1788 — did not understand women as full members of the community
embraced by the phrase “We the People.” In 1868, the first wave of
American feminists were explicitly told — of course by men — that it was not their time to seek constitutional protections.
(Women would not get even the vote for another half-century.) To
be sure, most women in 1868 also had a foreshortened view of their
rights: If most men could not then imagine giving women control
over their bodies, most women could not imagine having that kind
of autonomy. But that takes away nothing from the core point.
Those responsible for the original Constitution, including the
Fourteenth Amendment, did not perceive women as equals, and did
not recognize women’s rights. When the majority says that we must
read our foundational charter as viewed at the time of
ratification (except that we may also check it against the Dark
Ages), it consigns women to second-class citizenship.
So how does that approach prevent the “scale of justice” from
“waver[ing] with every new judge’s opinion”? It does not. It makes
radical change too easy and too fast, based on nothing more than
the new views of new judges. The majority has overruled Roe and
Casey for one and only one reason: because it has always
despised them, and now it has the votes to discard them. The
majority thereby substitutes a rule by judges for the rule of law.
And its poignant conclusion (p. 60):
One of us once said that “[i]t is not often in the law that so few
have so quickly changed so much.” For all of us, in our time on
this Court, that has never been more true than today. In
overruling Roe and Casey, this Court betrays its guiding
With sorrow — for this Court, but more, for the many millions of
American women who have today lost a fundamental constitutional
protection — we dissent.
Keep the faith.
Four Democratic Lawmakers Want the F.T.C. to Investigate Apple and Google Over Mobile Surveillance Advertising ★
Patience Haggin, reporting for The Wall Street Journal (News+):
Four Democratic lawmakers called on the Federal Trade Commission
to investigate Apple Inc. and Alphabet Inc.’s Google, alleging the
companies engage in unfair and deceptive practices by enabling the
collection and sale of mobile-phone users’ personal information.
Apple and Google “knowingly facilitated these harmful practices by
building advertising-specific tracking IDs into their mobile
operating systems,” the lawmakers wrote in a letter to FTC chair
Lina Khan sent on Friday.
This strikes me as deeply misguided in several ways. For one thing, it doesn’t seem to acknowledge that the Identity for Advertisers (IDFA) was created to replace immutable unique device IDs, which advertisers were using previously for tracking. Second, with Apple’s recent Ad-Tracking Transparency (ATT) initiative, which clearly has put more control over tracking into users’ hands, I don’t see why it makes any sense to lump Apple and Google together on this, other than performative virtue signaling that one is staunchly against the entire “Big Tech” boogeyman complex.
Both companies have recently taken steps to limit the collection
of user data through these mobile-ad identifiers — a string of
numbers and letters built into iOS and Android, the respective
mobile operating systems of Apple and Google. Users of both
operating systems now have a way to opt out of having their
identifier transmitted to apps. Apple last year introduced a new
version of its software that requires each app to ask the user for
permission to access the device’s identifier, and Google is
planning to adopt new privacy restrictions to curtail tracking
across apps on Android smartphones.
“Until recently, however, Apple enabled this tracking ID by
default and required consumers to dig through confusing phone
settings to turn it off. Google still enables this tracking
identifier by default, and until recently did not even provide
consumers with an opt-out,” said the letter, which was signed by
Sen. Ron Wyden (D., Ore.); Sen. Elizabeth Warren (D., Mass.); Sen.
Cory Booker (D., N.J.); and Rep. Sara Jacobs (D., Calif.). “These
identifiers have fueled the unregulated data broker market by
creating a single piece of information linked to a device that
data brokers and their customers can use to link to other data
So Apple has done the pro-privacy thing and made access to this identifier more clear to users, and Google intends to do similar. This, after creating IDFA in the first place to keep the ad industry from using immutable unique device identifiers for tracking. So the point of this FTC investigation would be what, exactly?
What a fucking day for four Democrats to signal that their attention is out in left field.
Thursday, 23 June 2022
Marques Brownlee Previews Industrial Design of Nothing’s ‘Phone (1)’ ★
Shot: MKBHD has a nice short preview look at Nothing’s first phone, which is debuting in a few weeks. There are some aspects of its design that are clearly iPhone-inspired — the basic shape, flat sides, button shapes even. But there are other aspects that are clearly like nothing else — the clear back and light-up “glyph” interface for custom notifications while the phone is face down. I dig the Nothing aesthetic, so I was thinking maybe this might be my next Android “see how the other side lives” devices.
Chaser: “Nothing Confirms Phone (1) Will Not Be Coming to US”.
So much for that idea.
Twenty Years of Flying Meat ★
On this day twenty years ago I registered the flyingmeat.com
domain. I had no idea what I was doing back then, only that I
loved coding, I loved sharing what I worked on, and indie
companies were undisputedly cool.
Twenty years later I still have no idea what I’m doing, but I
still love coding and sharing what I make, and indie companies are
still the best. [...]
However I’m not going to let this opportunity pass without a
little bit of fun, so I’ve put all my apps on sale for $20. Acorn?
Normally $39.95, now $20. Retrobatch Pro? Normally $49.99, now
$20. Retrobatch Pro Upgrade? Normally $19.99, now $20 (Yes, we
raised the price. No, it makes no sense to purchase it).
Here’s to 20 more years. Both Acorn and Retrobatch are indispensable to my workflows.
Rick Olivieri, ‘Prince of Steaks’, Dies at 57 ★
Sad local note. Michael Klein, writing for The Philadelphia Inquirer:
Rick Olivieri, 57, a grandson of cheesesteak inventor Pat Olivieri
and the former owner of the popular Rick’s Steaks at Reading
Terminal Market, died Sunday, June 12, at his Drexel Hill home
after a 10-year battle with early onset frontotemporal dementia.
“He fought it for every minute,” said his wife, Debi, who met Mr.
Olivieri in summer 1984, shortly after she took a job at the
Bassetts turkey stand a few aisles away from Olivieri Prince of
Steaks, where Mr. Olivieri had worked for his father, Herb, a son
of Pasquale “Pat” Olivieri of Pat’s King of Steaks fame. (Pat’s,
at Ninth and Wharton Streets for 90 years, is operated by Frank
Olivieri, his cousin.)
Rick’s was, hands-down, the best cheesesteak I’ve ever had. First, each sandwich was grilled fresh — your steak only started grilling after you ordered. This meant lines were long at lunchtime, but the sandwiches were impeccable. Second, Rick’s used really good steak — a special cut of ribeye from a local butcher here in Philly. Third — and this is key — they were reasonably portioned. There are a lot of good cheesesteak joints here, but most of them pack way too much meat into each sandwich. Rick’s used exactly six thin slices on each sandwich — just right.
Lastly is the fact that Rick was always there, seemingly always manning the grill himself. I ate at Rick’s dozens of times. There might have been someone else manning the grill once.
Thursday, 23 June 2022
Last week I wrote about a change in MacOS 12.4 that upset many polyglots — as part of a company-wide effort to decouple national flags as icons to denote languages, the Input menu in MacOS now uses two letter codes instead (“US” for U.S. English, “GB” for British, etc.). As I wrote in an update to that post, the new policy does make sense for Apple — national flags carry political connotations that languages alone do not — but it’s unfortunate for users accustomed to scanning the menu for colorful icons at a glance when switching.
Two third-party developers have come to the rescue, with similar apps that restore the “pick a flag to change input sources” functionality:
Both apps serve the same fundamental purpose: they add a system-wide menu item that shows a flag icon to denote the current input language. Open the menu, and you can choose another input source language, as configured in the Keyboard panel in System Preferences.
Keyboard Switcheroo is a bit more polished. It lets you choose between the traditional flat flags, as previously used in the system’s built-in Input menu, the emojis for those flags (which are a bit larger and wavy instead of flat), or a custom image. Colorful Input Menu Flags only uses the emoji icons. Keyboard Switcheroo also lets you edit the languages shown in the menu directly within the app — no need to go to System Preferences. ★
Wednesday, 22 June 2022
Mail Merge Returns to Pages After Nine Years ★
Dan Moren, writing at Six Colors:
After almost a decade, I guess it’s time to pack in my posters,
stickers, and Tim Cook and Craig Federighi phone call scripts for
the “Bring Mail Merge back to Pages!” campaign and declare
victory. Because, yes, Mail Merge has returned to Pages.
The feature was originally included in Apple’s word processing
software, but got the axe in 2013’s version 5.0, when Apple
redesigned its iWork suite to give even footing across the iOS,
iPadOS, and macOS platforms. In the interim, Mail Merge remained
possible only via workarounds like Sal Soghoian’s Pages Data
Version 12.1, released today, brings a brand new implementation,
however, which lets you populate a template document either from
your contacts or a spreadsheet.
Two discrete thoughts on this. First, nine years is a long time, but Apple seemingly remains very committed to the iWork suite. They added some cool new features in all three apps this week.
Second, the fact that workarounds like Soghoian’s Pages Data Merge were even possible in the interim shows the essential nature of good automation/scripting support in serious apps. Automation isn’t so much about letting all users script apps, because we all know most users aren’t scripters. But automation lets the users who are scripters provide solutions for the whole community of users.
Kottke, on Sabbatical ★
Jason Kottke, six weeks ago:
Does what I do here make a difference in other people’s lives? In
my life? Is this still scratching the creative itch that it used
to? And if not, what needs to change? Where does kottke.org end
and Jason begin? Who am I without my work? Is the validation I get
from the site healthy? Is having to be active on social media
healthy? Is having to read the horrible news every day healthy?
What else could I be doing here? What could I be doing somewhere
else? What good is a blog without a thriving community of other
blogs? I’ve tried thinking about these and many other questions
while continuing my work here, but I haven’t made much progress; I
need time away to gain perspective.
So. The plan, as it currently stands, is to take 5-6 months away
from the site. I will not be posting anything new here. I won’t be
publishing the newsletter. There won’t be a guest editor either — if someone else was publishing here, it would still be on my mind
and I’m looking for total awayness here.
Six weeks in and I miss his words dearly, but I’m happy for him. They say you should hydrate before you get thirsty. I suspect the same is true for taking sabbaticals — you should take one before you know you need one. That’s hard to figure out, though.
A friend once asked me what’s been the longest stretch between posts on DF since I started. I told him the truth: I don’t know.
Update: Well, now I know, thanks to a nifty Ruby script from DF reader Henrik Nyh. I took a 12-day break around Christmas in 2003. Since I started the Linked List (shorter link posts) in 2004, the longest gap is 8 days, from 29 December 2019 to 6 January 2020. The longest stretch between feature articles is 50 days, from 22 September to 11 November 2015.
Tuesday, 21 June 2022
iOS 16 Will Let Users Bypass Captchas in Supported Apps and Websites ★
Joe Rossignol, writing for MacRumors:
The handy new feature can be found in the Settings app under Apple ID → Password & Security → Automatic Verification. When enabled, Apple says iCloud will automatically and privately verify your device and Apple ID account in the background, eliminating the need for apps and websites to present you with a CAPTCHA verification prompt.
Apple recently shared a video with technical details about how the feature works, but simply put, Apple’s system verifies that the device and Apple ID account are in good standing and presents what is called a Private Access Token to the app or website. This new system will offer a better user experience for tasks such as signing into or creating an account, with improved user privacy and accessibility compared to CAPTCHAs.
No more unpaid work helping Google train its autonomous vehicle systems? I’ll believe it when I see it.
Update: Color me more optimistic today than yesterday: two of the draft spec’s authors are from Google, so maybe they will go all-in for this.
Monday, 20 June 2022
Apple Will Now Allow Developers to Transfer Ownership of Apps That Use iCloud ★
The most impactful change to come out of W.W.D.C. had nothing to
do with APIs, a new framework or any hardware announcement.
Instead, it was a change I’ve been clamoring for the last several
years - and it’s one that’s incredibly indie friendly. As you’ve
no doubt heard by now, I’m of course talking about iCloud enabled
apps now allowing app transfers. [...]
When my last app, Spend Stack, was acquired — it took nearly
four months to get settled. This was an experienced buyer who
usually had things done and dusted in one week. Why did it take so
long? Because I didn’t just sell Spend Stack, I had to sell my
entire LLC, Dreaming In Binary, which I had owned for many years
to that point. Instead of transferring the app, I had to manage a
slew of logistical hurdles that neither I, or the acquirer, wanted
This one might deserve a non-sarcastic finally.
BuzzFeed News: Leaked Audio Shows U.S. TikTok User Data Has Been Repeatedly Accessed From China ★
Emily Baker-White, reporting for BuzzFeed News:
For years, TikTok has responded to data privacy concerns by
promising that information gathered about users in the United
States is stored in the United States, rather than China, where
ByteDance, the video platform’s parent company, is located. But
according to leaked audio from more than 80 internal TikTok
meetings, China-based employees of ByteDance have repeatedly
accessed nonpublic data about US TikTok users — exactly the type
of behavior that inspired former president Donald Trump to
threaten to ban the app in the United States.
The recordings, which were reviewed by BuzzFeed News, contain 14
statements from nine different TikTok employees indicating that
engineers in China had access to US data between September 2021
and January 2022, at the very least. Despite a TikTok executive’s
sworn testimony in an October 2021 Senate hearing that a
“world-renowned, US-based security team” decides who gets access
to this data, nine statements by eight different employees
describe situations where US employees had to turn to their
colleagues in China to determine how US user data was flowing. US
staff did not have permission or knowledge of how to access the
data on their own, according to the tapes.
Like the proverbial stopped clock being right twice a day, the Trump administration was right on this one. TikTok should have been — and still should be — banned in the U.S. unless and until ByteDance sells the whole thing to a western company. It’s as bonkers today to let China run a popular media service as it would have been to allow the Soviet Union to run a U.S. TV network during the Cold War.
Sunday, 19 June 2022
Apple Store Workers in Maryland Become First in U.S. to Unionize ★
Ian Kullgren, reporting for Bloomberg Law:
Apple store workers near Baltimore voted for a union Saturday,
becoming the first organized store in the US in a landmark
decision that could change the face of the tech giant’s retail
As of 8:30 p.m., 65 workers who voted at the Towson, Md., store
had sided with the union, outnumbering anti-union votes 2 to 1.
The bargaining unit includes about 100 workers and is affiliated
with the International Association of Machinists.
The decision could spark a wider unionization movement among Apple
store workers, similar to the first Starbucks union vote last year
that has since prompted nearly 300 other stores to file for
Techmeme roundup of additional coverage and tweets.
Saturday, 18 June 2022
My thanks to Rows for sponsoring this week at DF. Rows reinvented spreadsheets to let you build data-rich spreadsheets that look beautiful and modern. Rows uses the same logic as traditional spreadsheets like Numbers, Excel, and Google Sheets, but built for the way people work today.
Rows offers more than 40 integrations with platforms like Google Analytics, Twitter, Stripe, Salesforce, and public databases like LinkedIn. Forget about adding and updating your data manually - you can even connect your custom API and build your own tools. All without code.
Rows has also revolutionized how we share and collaborate in spreadsheets. You can turn them into interactive dashboards, automated reports, or financial models that work and look great on any device. Thousands of people have already upgraded their spreadsheets to Rows. Get started for free today.
Triumph the Insult Comic Dog Arrested for Trespassing Inside U.S. Capitol ★
Sometimes it is fun to live in interesting times.
Wednesday, 15 June 2022
‘The World’s Most Satisfying Checkbox’ ★
Speaking of ADA winner Andy Allen and (Not Boring) Habits:
How’d we do it? Rather than hide the screws, I’d like to pull our
app apart and show you how the pieces come together. Let me strip
off the sugarcoating and share a little secret about habit tracker
apps: they’re little more than a glorified checkbox. The
interaction is simple: every day you open the app and hit the
checkbox to record a completed habit. [...]
In trying to get a particularly tricky habit to stick, I tried
dozens of apps and nothing worked for me. Recording an action felt
like yet another chore. None could approach the most basic
satisfaction of simply crossing out an item on a list.
Could you design a simple action that felt as satisfying and
infuse it with as much symbolism? Were we about to redesign the
I think you know where this is headed.
I can’t say enough good things about the Not Boring suite of apps — both what they’re trying to do and how well they accomplish those goals. All fashion is cyclical, and the return of depth of texture to UI design is inevitable. The Not Boring suite is trailblazing one particularly opinionated path forward.
There’s a Privacy Angle on Apple’s Decision to Finance Apple Pay Later on Its Own ★
Buried at the end of The Financial Times’s report on Apple Pay Later last week (syndicated here at Ars Technica):
Apple said its decision to go it alone was in part taken to avoid
sharing personal data with third parties. The company will not
charge fees for late payments, in line with Klarna and Affirm, but
will restrict access to further short-term credit.
Makes me wonder what Klarna and Affirm et al. are doing with customer data for BNPL purchases. From a Fast Company story on BNPL companies last month:
Until now, the dominant narrative explaining BNPL’s success is
that consumers — particularly, younger ones — are hungry for
financing options that are less predatory than credit cards with
their 15% average APR. But there is more to the story. Due to
privacy changes, most notably the tracking restrictions that Apple
made available to iPhone users in April 2021, retailers have not
been able to target customers through platforms like Meta, which
owns Facebook and Instagram, as they had before. Nor can they
definitively attribute an e-commerce sale to a digital ad. BNPL
companies, thanks to their increasingly robust apps and email
lists, can solve both those problems. Moreover, they have an
advantage over social media and digital advertising in
understanding consumers’ credit, and, by extension, their buying
power. Even as they undercut credit cards, BNPL companies are, by
design, amplifying consumer spending. Consumers can still get a
fair deal with BNPL products, provided they stay within their
budgets and pay on time. But they should understand who BNPL
companies are actually working for.
Spoiler: the retailers.
In its early days, in the mid-2010s, BNPL had a relatively simple
job. By offering to break a purchase into monthly payments at the
point of sale, BNPL could reduce cart abandonment, a common
problem for larger-ticket items, especially those being sold by
startup brands such as Casper Sleep and Peloton. Leading BNPL
players claim that they can increase checkout conversion rates by
20% to 30%. “We are in the business of bringing [merchants] new
customers, increasing their cart size, increasing their
conversion at point of sale,” Affirm cofounder and CEO Max
Levchin said last year.
Apple Pay Later appears to simply be in the business of allowing users to split purchases into multiple payments, interest-free, with complete privacy.
On Stage Manager Requiring an M1 iPad ★
Michael Tsai has his usual wide-ranging roundup of links on the controversy surrounding Apple’s decision to limit Stage Manager support to M1 iPads (2021 iPad Pros and this year’s 5th-generation iPad Air):
As a result, Stage Manager requires an M1 iPad. I honestly don’t
understand his argument. I don’t think it’s that pre-M1 iPads
couldn’t support virtual memory, since even the A12Z in the DTK
did. That processor also had great performance running more
simultaneous apps than iPadOS supports. Stage Manager is also
supported on older Macs with Intel processors — and older
graphics — that are less capable than recent-but-not-M1 iPads.
The controversy surrounding this boils down to people thinking Apple is doing this to get people who own older iPads to buy new ones just to get Stage Manager. I can’t prove it, but that doesn’t pass the sniff test to me. That’s just not how Apple rolls. But, clearly, this is the single most controversial news from last week.
Then he talks about needing fast flash storage for the virtual
memory, which only the M1 iPads have, but PowerPC Macs were using
spinning hard drives for virtual memory 20 years ago. Surely those
were much slower.
Virtual memory on Macs back in the spinning hard drive era was ridiculously slow. In today’s world, when you see the spinning beachball cursor, it usually means some app on your Mac is wedged and needs to be force quit. 20 years ago, we’d see the spinning beachball cursor all the time and you just needed to wait for the system to catch up and return control to you. A lot of the time that was because of virtual memory swap with spinning hard disks.
He also says that Stage Manager is a “total experience that
involves external display connectivity.” Why is an external
display a requirement when most M1 iPad users don’t even use one?
Given the uproar surrounding this M1 requirement for Stage Manager, I wonder if Apple will reconsider over the summer, and perhaps do something like support Stage Manager on more iPads, but only on the built-in display, and make external display support the part that requires an M1 iPad.
But I can see what Apple is thinking by drawing a hard line with M1 iPads: they want to deliver Stage Manager for iPad without a slew of asterisks regarding which aspects of it work on which devices. As it stands with developer beta 1, an iPad either supports all of Stage Manager (including support for driving up to 6K external displays, and up to 8 apps), or none of it.
2022 Apple Design Awards ★
Happy to (once again) see a bunch of apps I either use regularly or am very familiar with win this year:
- Halide Mark II, for “Visuals and Graphics”.
- (Not Boring) Habits, from Andy Works, for “Delight and Fun”. They were finalists last year for (Not Boring) Weather.
- Procreate, for “Inclusivity” (Procreate added some terrific features to help users with motor impairments draw smooth lines).
- Slopes, Curtis Herbert’s app for skiing and snowboarding enthusiasts, for “Interaction”. Slopes, to me, epitomizes the philosophy of focusing on a niche and doing it as well as possible.
One sour taste from this year’s winners: not one of them is a Mac app.
The Yankees Figure Out a Pitcher Is Tipping His Pitches — a Breakdown ★
What a great breakdown from Jomboy. These games within the game are why I love baseball.
Tuesday, 14 June 2022
WhatsApp Enables Migration Feature for Android-to-iPhone Switchers ★
Jason Snell, writing at Six Colors:
Here’s how this works: When Move to iOS requests WhatsApp data, it
gets an encrypted bundle that Apple can’t read. That bundle is
sent to the iPhone via peer-to-peer networking, like everything
else in the migration process. When a user taps on the WhatsApp
icon on the home screen on the iPhone, the app is downloaded and
installed from the App Store. When they log in to WhatsApp (with
the same phone number as the old phone), they’ll then be able to
unlock and import the transferred bundle of data.
Interestingly, the infrastructure to enable this change is already
enabled in both iOS 15.5 (the currently shipping version) and in
the current version of the Move to iOS app in the Google
Play Store. What’s changed today is that WhatsApp has flipped the
switch on the server side to allow this feature to begin rolling
out slowly, first to people opted into the WhatsApp beta testing
environment over the next week, and then eventually to everyone on
If this doesn’t sound like a big deal, think again. Until now, when WhatsApp users switched from Android to iPhone, they lost their entire message history, because there was no way to transfer it. WhatsApp is almost incomprehensibly popular worldwide — perhaps with as many as 2 billion users. It’s not a stretch to think that this alone has been keeping untold millions of Android users from switching.
MacOS 12.4’s Redesigned Input Source Menu Removed the Flag Icons ★
Today is Flag Day here in the U.S., so when better to mention this unpopular change in MacOS 12.4 last month, as described in a question on StackExchange’s AskDifferent site:
I just upgraded to macOS Monterey 12.4 and now the flags,
primarily the one for the current input source, is gone from the
menu bar and was replaced with a country code.
I find the colored flags much easier to work with, also when
quickly switching between inputs via a shortcut. How do I get back
The question includes screenshots showing the difference. For many years — decades? — the Input Source menu bar item that lets you switch between keyboard layouts for different languages has used colorful flag icons to denote those languages. Starting in MacOS 12.4, these flag icons were replaced by grayscale icons denoting two-letter codes like “US” (U.S. English), “GB” (British), etc.
This may sound like no big deal, but I heard from a slew of DF readers upset by the change. I’m not sure what Apple was thinking with this change. Is it an attempt to address the fact that some languages/layouts don’t truly map to a nation (e.g. Hebrew != Israel)? Or is this purely an aesthetic decision — a design choice that the icons in this menu should be monochromatic?
If it’s the latter, this is a mistake. Colorful icons are much easier to scan. Update: A little birdie tells me this change is the direct result of a companywide effort not to denote languages using country flags. I do see the sense of that, but it’s unfortunate it makes it harder to scan the menu at a glance.
Clarus Returns ★
Did you know that with macOS Ventura, Clarus the Dogcow has at
long last returned home? Recently, while doing something else, I
accidentally hit Cmd+Shift+P which opened the Page Setup dialog. I
was greeted, surprisingly, with a new high-resolution version of
the classic Clarus icon that I’d never seen before. I looked at it
briefly, and then closed the dialog and went back