DF Sponsorships for Spring 

The rest of May and June remain largely open on the DF sponsorship schedule. Every week is a good week to sponsor Daring Fireball, if you ask me, but the weeks leading up to and after WWDC are particularly good. Lots of attention because there’s always a lot to write about. If you have a good product or service to promote to DF’s astute audience, I’d love to have you as a sponsor.

This current week remains open, too. If you can move quickly, get in touch today.


Some Good Old-Fashioned Speed Bumps for the MacBook Pro Lineup, and a Tweak to the Butterfly Key Mechanism

Apple Newsroom:

Apple updated MacBook Pro with faster 8th- and 9th-generation Intel Core processors, bringing eight cores to MacBook Pro for the first time. MacBook Pro now delivers two times faster performance than a quad-core MacBook Pro and 40 percent more performance than a 6-core MacBook Pro, making it the fastest Mac notebook ever. […]

MacBook Pro is more powerful than ever for compiling code, processing high-resolution images, rendering 3D graphics, editing multiple streams of 4K video and more. The 15-inch MacBook Pro now features faster 6- and 8-core Intel Core processors, delivering Turbo Boost speeds up to 5.0 GHz, while the 13-inch MacBook Pro with Touch Bar features faster quad-core processors with Turbo Boost speeds up to 4.7 GHz.

Long story short, nice year-over-year CPU speed bumps for the entire MacBook Pro lineup, except for the 13-inch MacBook Pro without Touch Bar, which remains unchanged.1

The updates to the 13-inch models are relatively minor. The base model goes from a 2.3 GHz quad-core Core i5 with Turbo Boost up to 3.8 GHz, to a 2.4 GHz quad-core Core i5 with Turbo Boost up to 4.1 GHz. The fastest build-to-order option goes from a 2.7 GHz quad-core Core i7 with Turbo Boost up to 4.5 GHz, to a 2.8 GHz quad-core Intel Core i7 with Turbo Boost up to 4.7 GHz. Nothing truly major there, but I think it’s great that they speed-bumped them anyway — and the move from 7th-generation Intel CPUs to 8th-generation is apparently a bigger deal, performance-wise, than the clock speeds suggest.

The updates to the 15-inch models are more significant. And if you’re a pro user whose work is genuinely CPU-constrained, the 15-inch is the model you’re buying. The $2,400 base model goes from a 2.2 GHz 6-core Intel Core i7 with Turbo Boost up to 4.1 GHz, to a 2.6 GHz 6-core Intel Core i7 with Turbo Boost up to 4.5 GHz. That’s a nice year-over-year bump right there. The fastest configuration goes from a 2.9 GHz 6-core Intel Core i9 with Turbo Boost up to 4.8 GHz, to a 2.4 GHz 8-core Intel Core i9, Turbo Boost up to 5.0 GHz. This is the first time any Apple portable has reached 8 cores or 5 GHz.

The very best model you can configure — the high-end 8-core CPU, with 32 GB of RAM, 4 TB of SSD storage, and the Radeon Pro Vega 20 video card — costs a very professional $6,549.

One word that doesn’t appear in [today’s announcement] is “keyboard”. Seriously, when the announcement went live at 1pm ET, the first thing I did was search for “keyboard”: “Not found”. But Apple spoke on background to a bunch of folks in the media this morning, including yours truly, and they do have keyboard-related news.

First, these new MacBook Pros still have the third-generation butterfly-switch keyboard that debuted with last July’s updated MacBook Pros. But Apple has changed the mechanism under the hood, using a new material for at least one of the components in these switches. The purpose of this change is specifically to increase the reliability of the keyboards. Apple emphasized to me their usual line that the “vast majority” of users have no problem with these keyboards, but they acknowledge that some users do and say they take it very seriously.

The change to the mechanism is intended to address both problems people are seeing with frequently-used keys: getting stuck, and generating two characters with a single keypress. These updated keyboards look identical — there’s no change to the layout or to the amount of key travel. And according to Apple, the updated keyboards should feel the same when typing — although Apple acknowledged that keyboard feel is highly subjective, and some of us, like the princess and the pea, can detect minor differences and form strong opinions about those differences.

Second, all MacBooks with butterfly keyboards, including the new MacBook Pros released today, are now covered by Apple’s keyboard service program. If a key gets stuck or stops working or starts duplicating characters, you can get it repaired free of charge. No need to guess whether a brand-new model will be added to the program later — if it has a butterfly keyboard, it’s in the program. Also, for existing models with the third-generation keyboard — last year’s new MacBook Pros and the new MacBook Air — if they require a keyboard replacement, they’ll get the new tweaked keyboard with the purportedly more durable mechanism.2

Third, Apple stated that repair times for keyboard service have been greatly improved. How much improved, they wouldn’t say, but they realize it’s a great inconvenience to be without your MacBook for any time at all. Keyboard replacements are now performed in-store, so a process that used to take 4-5 days (or more) might now take just a day or two.


This is all good news. Sure, what many of us would like to see is a truly new keyboard design — something that re-establishes the MacBook lineup as having the best keyboard in the industry. Personally, I’d like to see them add more travel to the keys, go back to the upside-down T arrow key layout, and include a hardware Esc key on Touch Bar models (in that order).3 Apple is always working on new keyboards, of course. It’s just a question of when they’ll ship. Major keyboard redesigns coincide with major redesigns of the entire form factor, and those projects are on years-long time frames.

But of course the biggest issue with these keyboards is reliability. Will this updated mechanism fix or at least greatly reduce the number of reliability problems? Only time will tell, but I’m cautiously optimistic. Apple didn’t have to say anything at all about this mechanical tweak. I mean, if they hadn’t said anything at all about the keyboards, we’d all be asking about it, but Apple often ignores questions it doesn’t want to answer. The folks I spoke to today seem confident these updated keyboards will prove significantly more reliable.

You can also see why Apple decided to announce these updates today, not on stage at WWDC in two weeks. First, they are just speed bumps. Second, there’s simply no way they want to talk about keyboard reliability on stage. As I observed above, they didn’t even mention the word “keyboard” in their Newsroom announcement. Best to get this out of the way ahead of WWDC.

So on the keyboard front, these new models can’t be worse and are likely better. That’s good. The best that we could hope for while waiting for a true next-generation keyboard design — which for all we know might be a year or more out — is a mid-generation tweak. At the very least, talking about this material tweak and including all butterfly keyboard models in the service program is an acknowledgement that last year’s keyboards were not good enough. That was the worst case scenario — that Apple didn’t see a problem.

But what pleases me more is that Apple is updating Mac hardware on an aggressive schedule. I wrote “just speed bumps” a few paragraphs ago, but speed bumps are important in the pro market. Apple shipped new MacBook Pros last July, added new high-end graphics card options to those models in October, and now has updated the whole lineup with new CPUs. They also just updated the non-Pro iMac lineup in March. This seems like an odd thing to praise the company for — updating hardware with speed bumps is something a computer maker should just do, right? The lack of speed bumps in recent years naturally led some to conclude that Apple, institutionally, was losing interest in the Mac.

Last year, a source at Apple admitted to me that they had “taken their eye off the ball on Mac”. Regular speed bumps are a very strong sign that their eye is back on the ball, especially in the pro market, where artists, video pros, developers, and scientists really can use every CPU and GPU cycle they can get.

One More Thing

One Mac Apple hasn’t spoken about in a while — over a year in fact — is the upcoming new Mac Pro. In 2013, Apple previewed the current Mac Pro at WWDC (“Can’t innovate anymore, my ass”), even though it didn’t go on sale until later in the year. I expect Apple to do something similar this year, and I know a lot of other people do too.

In broad strokes, the new Mac Pro is in one of three states:

  1. Ready to ship.
  2. Not ready to ship, but ready to be unveiled.
  3. Not even ready to be unveiled.4

Apple is good at setting expectations in the lead-up to keynotes. Most people waiting for the new Mac Pro think it’s in state #1 or #2, and thus, we’ll get some sort of look at it at WWDC. If it’s #3, though, and it’s still not yet ready even to be previewed, I strongly suspect Apple would get word out in advance so that no one leaves the keynote thinking about something that wasn’t announced instead of all the various things that were announced. That’s Apple’s expectation-setting playbook.

One way to get word out would have been to say something today, on background, along the lines of, “We’re announcing these updated MacBook Pro models today because our WWDC keynote is going to be all about software, not hardware.”

They didn’t say that. Maybe a “no hardware at WWDC” leak is still coming. We still have almost two full weeks until WWDC, and perhaps Apple didn’t want to mix good news on the MacBook Pro front with disappointing news on the Mac Pro front. But they didn’t say anything today. 


  1. What’s the deal with the no-Touch Bar 13-inch MacBook Pro? It hasn’t been updated in well over a year, and occupies a very similar position to the new MacBook Air in the current lineup. For the base 128 GB models, the MacBook Air costs $1,200 and includes Touch ID, while the MacBook Pro costs $1,300, is a little faster, but lacks Touch ID. That’s the most confusing buying decision in the MacBook lineup today. My guess is that Apple has plans to update the 13-inch no-Touch Bar MacBook Pro, and when they do, it’ll be more clearly differentiated from the MacBook Air by performance. Pay a little more, carry a little more weight in your backpack, but get noticeably faster performance. But until it gets updated, this old model holds the spot in the lineup. ↩︎

  2. MacBooks with the first- and second-generation keyboard will not get the new keyboard, because it just doesn’t work that way. Apple can’t replace one generation of keyboard with another — they’re not swappable like that. And that’s why they’re calling today’s tweaked keyboard an update to the third-generation keyboard, not a new generation. ↩︎︎

  3. Reliability is objective — your keyboard either works properly or it doesn’t. That’s the essential problem Apple must fix. But on the subjective front, the things I dislike about these keyboards — low-travel keys, the full-size left and right arrow keys, and the lack of a hardware Esc key — all share one thing in common. These things all make the keyboards look better but work worse. That, of course, is in direct contradiction to the well-known Steve Jobs axiom: “It’s not just what it looks like and feels like. Design is how it works.”

    Again, these factors are all subjective. In particular, I know some people truly prefer the feel of these low-travel keys. But I don’t know of anyone who prefers the full-size left and right arrow keys in place of the old upside-down T, and while most Mac users never even use their Esc keys, among those who do, particularly developers, I honestly don’t know if there’s a single one of them on the planet who doesn’t miss the hardware Esc key on the Touch Bar-equipped keyboards. A small minority of Mac users use their Esc keys all the time, and for them, having it as a soft key on the Touch Bar is downright terrible.

    I admit the full-size left and right arrow keys look better — the gaps in the old upside-down T layout are a little ungainly. And a lone hardware Esc key up in the corner next to the Touch Bar might look a little lonely. But if design is still how it works, Apple should bring these back in its next-generation keyboards. ↩︎︎

  4. If we want to cover all our bases, there’s a fourth possible state for the new Mac Pro: scrapped. Off to a grave next to AirPower in the “Announced but Never Shipped” cemetery. I know some people are worried about that — ”How could it take Apple so long just to make a goddamn modular tower?“ — but if that were the case, I think Apple would have broken the bad news today. ↩︎︎


Facebook’s Creepy Data Sharing With Phone Carriers 

Sam Biddle, reporting for The Intercept:

Offered to select Facebook partners, the data includes not just technical information about Facebook members’ devices and use of Wi-Fi and cellular networks, but also their past locations, interests, and even their social groups. This data is sourced not just from the company’s main iOS and Android apps, but from Instagram and Messenger as well. The data has been used by Facebook partners to assess their standing against competitors, including customers lost to and won from them, but also for more controversial uses like racially targeted ads.

Some experts are particularly alarmed that Facebook has marketed the use of the information — and appears to have helped directly facilitate its use, along with other Facebook data — for the purpose of screening customers on the basis of likely creditworthiness. Such use could potentially run afoul of federal law, which tightly governs credit assessments.

Mark Zuckerberg, last month: “I believe the future is private.”

Pandora for Mac Is an Electron Turd 

Speaking of un-Mac-like apps, Pandora released a Mac client today. I downloaded it just to kick the tires — it’s a bad native Mac app even by the low standards of Electron apps. For example, if you click and drag one of the “buttons” at the top of the window (“Log In”, “Sign Up”, etc.), it both drags the window and gives you a pandora.com URL drag proxy item. I don’t even know how such dysfunction is even possible.

If Marzipan can get more companies to build their Mac apps from their iOS app, that really would be an improvement over these Electron monstrosities. But part of the appeal of Electron is that it gives you an app that works on Windows too. (Pandora’s Windows app isn’t available yet, but is promised soon.) Marzipan won’t solve that problem.

Slack Changed Its Stock Ticker From ‘SK’ to ‘WORK’ Weeks Before IPO 

Becky Peterson, writing for Business Insider:

Slack is not a public company yet, but it’s already gotten tired of its stock ticker.

In an updated version of its IPO paperwork filed on Monday, Slack revealed that it has dumped the proposed “SK” stock ticker it had settled upon a few weeks ago. Instead, in a dramatic pivot, the workplace collaboration company will makes its public market debut with the more descriptive ticker symbol “WORK.”

It’s no big deal, but “SK” was a bad-ass ticker. “WORK” is just corny. I think you ought to be able to look at a ticker and make a good guess what company it belongs to.

(I’ve always wondered why Apple’s ticker is “AAPL”, with two A’s. Searching for an answer, I found this old MacRumors forum thread from 2003. Someone there thought they should change it to “IPOD”.)

Microsoft Edge Preview Builds Now Available for MacOS 

Microsoft:

Last month, we announced the first preview builds of the next version of Microsoft Edge for Windows 10. Today, we are pleased to announce the availability of the Microsoft Edge Canary channel for macOS. You can now install preview builds from the Microsoft Edge Insider site for your macOS or Windows 10 PC, with more Windows version support coming soon.

I’m trying to think how long it’s been since I’ve had a Microsoft web browser running on my Mac. Apple released Safari in 2003, but I was still running classic MacOS on my Power Mac 9600 until 2004 or 2005 I think. So maybe 15 years?

Building a “Mac-like” user experience for Microsoft Edge

Microsoft Edge for macOS will offer the same new browsing experience that we’re previewing on Windows, with user experience optimizations to make it feel at home on a Mac. We are tailoring the overall look and feel to match what macOS users expect from apps on this platform.

I’m glad they put quotes around “Mac-like” because this is not very Mac-like. It looks and feels a lot like Google Chrome, which makes sense, because it’s a fork from Chromium. But even Chrome uses the Mac’s standard contextual menus (what you see when you right-click) — Edge even fakes those.

The whole thing does feel very fast.

Atoms — Ideal Everyday Shoes 

My thanks once again to Atoms for sponsoring this week at Daring Fireball. Atoms are getting ready to launch their new website and they’re using this sponsorship to give DF readers a sneak peak. It’s a great website, with a custom typeface to boot. (They wanted to get the dot on the i just right.) And you get a chance to pick up the world’s first shoes available in quarter sizes.

That sounds like a pain in the ass. How can you choose the right quarter-size increment ordering over the internet? Easy: Atoms sends you three pairs of shoes in quarter-size increments based on your normal shoe size. You pick the left and right shoe that feels best — a size 9 for your left foot and a 9.25 for your right, for example — and return the rest for free.

Atoms didn’t know this when they chose to sponsor DF, but going back to childhood, my left foot has always been ever so slightly bigger than my right. When trying on new shoes I’m often torn between half sizes. It’s like they made this quarter-size system just for me. No kidding. I’ve had a pair of Atoms for a little bit and have been wearing them a lot. (I got the black and white, but they also have all-black and all-white.) They’re very comfortable and still look near-new.

GB Studio 

GB Studio is “A free and easy to use retro adventure game creator for your favourite handheld video game system”, by which they mean, but don’t want to name specifically, Nintendo’s Game Boy:

Simple visual scripting means you don’t need to have made a game already. GB Studio also hides much of the complexity in building GB games so you can concentrate on telling a great story.

What a fun idea from developer Chris Maltby. You can output ROMs for emulators, play them on actual Game Boy hardware with a flash cartridge, or even export them for the web (which will even work on phones). It’s a remarkably polished IDE.

There’s something about 1-bit (and few-bit) displays that makes me so nostalgic — the original Mac, Game Boy, Newton, PalmPilot, iPod. Those devices all inspired such deep affection. In our current world of ever-cheaper, ever-better color displays, I’d love to see 1-bit displays make a comeback somehow. That doesn’t make any sense, but nostalgia isn’t about sense. “A pain in your heart, far more powerful than memory alone”; “it takes us to a place where we ache to go again” and all.

The Pivot 

Excellent piece from Horace Dediu:

Moving as it does between computers, devices, software, services, retail, logistics and manufacturing means that it’s not classifiable as an “x” company where “x” is an industry sector. Rather, the company should be classified by the set of problems it seeks to solve (e.g. communications, community, productivity, creativity, wellbeing).

This disconnect between what people think Apple sells and what Apple builds is as perplexing as the cognitive disconnect between what companies sell and what customers buy.

This is why so many people, particularly investment analysts, have always missed the point about Apple. They saw Apple as a computer company outside the Wintel world in a Wintel-dominated industry. Now they see Apple as a phone maker in a world where the market is saturated and people are holding onto the phones they already own longer and longer.

Where’s the next iPhone?” they ask. That’s such a dumb question. As Dediu argues at the start of his piece, the iPhone is the most successful product of all time. What sense does it make to expect the same company to make two of the most successful products of all time within the span of 15 years? It doesn’t really make much sense to expect any other company to make a product as successful as the iPhone soon. I think there’s a good chance the iPhone is a once in a lifetime product.

How AirPlay 2 and the Apple TV App Work on a Samsung TV 

I’m not surprised, but this looks and works almost exactly like the new TV app on an Apple TV set top box. If you have one of these TVs with the Apple TV app built-in, I can’t see many reasons why you’d want an Apple TV device. The new TV app on an actual Apple TV does integrate with apps like Prime Video and Hulu that are not available as “channels”, and of course Apple TV has that wildly popular library of games and its celebrated remote control, but if you mostly use Apple TV for iTunes movie and TV show content, you’re probably better off using the built-in Apple TV app on these TVs.

Update: A couple of readers point to one obvious advantage of Apple TV: privacy. Smart TVs do all sorts of nasty things like tracking what you watch and phoning home that Apple TV does not and never will do. There’s a very strong case to be made never to hook a “smart TV” up to the internet at all.

Gmail Tracks Your Purchase History (Shocker) 

Todd Haselton and Megan Graham, writing for CNBC:

Google says it doesn’t use your Gmail to show you ads and promises it “does not sell your personal information, which includes your Gmail and Google Account information,” and does “not share your personal information with advertisers, unless you have asked us to.”

But, for reasons that still aren’t clear, it’s pulling that information out of your Gmail and dumping it into a “Purchases” page most people don’t seem to know exists. Even if it’s not being used for ads, there’s no clear reason why Google would need to track years of purchases and make it hard to delete that information. Google says it’s looking into simplifying its settings to make them easier to control, however.

I’m sure they’ll get right on that.

Steam Link Finally Available for iOS and Apple TV 

Remember this saga from a year ago? Long story short, Steam is like an app store for PC games. Steam Link is like a LAN-based remote desktop that lets you stream your Steam games to another device, like an iPhone or Apple TV. Apple initially approved it on May 7 last year, Steam announced it, and then Apple un-approved it, “citing business conflicts with app guidelines that had allegedly not been realized by the original review team”.

It seems bizarre to me that it took a year to resolve this, but I’m glad Apple decided it correctly. And I’m interested to see how well it works — my son is an avid player of games from Steam.


Bloomberg Shits the Bed Again on Cybersecurity

First things first: earlier this week WhatsApp announced that they had closed a remote code execution vulnerability, affecting all platforms, that attackers could exploit simply by calling a user’s WhatsApp account — whether the call was answered or not. (A buffer overflow, no surprise.) They revealed to The Financial Times that this vulnerability had been exploited, targeting an unknown but presumably small number of users, by software from NSO Group, an Israeli company that sells expensive, exclusive, world-class hacking tools to governments (or at least NSO claims only to sell their software to legitimate governments). The FT story is locked behind their paywall (which makes me wonder why WhatsApp went to them with the story), but TechCrunch has a good summary.

Long story short, this was a bad bug that was apparently exploited in the wild. A reasonable point to be taken from this story is that end-to-end encryption is not a panacea. If an attacker manages to install malware on your device, whether via remote exploit or physical access to the device, it’s game over, because they’re now inside one of the ends.

It’s like if you have a secure communication line between two rooms, but an attacker gains entry into one of the rooms. The problem is not with the communication line.

“End-to-end encryption is not a panacea” was not the lesson taken by Bloomberg columnist Leonid Bershidsky. His take currently runs under the headline “End-to-End Encryption Isn’t as Safe as You Think”. When I first saw the story two days ago, though, the headline was “WhatsApp’s End-to-End Encryption Is a Gimmick”.

One of my favorite games to play when trying to see if a headline changed is to look at the URL slug and the <title> tag from the article’s HTML source code. I’ll just repeat myself from a year ago:

I point this out from time to time, but the way most websites’ CMSes work is that an article’s URL slug — like the “juiced_headline_of_the_week” segment in this very post’s URL — are derived from the article’s original headline. But when a headline changes, the URL shouldn’t change unless you have a way to redirect traffic going to the old URL to the new one. Most websites don’t do that. So when they change a headline, you can still tell what the original headline was by looking at the URL slug. For some reason, with a lot of news websites, they don’t bother updating the headline in the HTML <title> element either, so you can read the original headline in your browser tab.

The URL slug from Bershidsky’s column: “whatsapp-hack-shows-end-to-end-encryption-is-pointless”.

The <title> tag: “WhatsApp Hack Shows End-to-End Encryption Has a Vulnerability”.

These various evolutions on the headline range from bad (“End-to-End Encryption Isn’t as Safe as You Think”) to criminally bad (“WhatsApp Hack Shows End-to-End Encryption Has a Vulnerability / Is Pointless / Is a Gimmick”).

Bloomberg, of all publications, should be on its tip-toes to make sure it gets anything related to cybersecurity exactly right — every i dotted, every t crossed. Their reputation is in tatters in the wake of last year’s “The Big Hack” debacle — a story which they still haven’t retracted (or shown to be true with any actual evidence).1

Instead, they’re publishing this nonsense from Bershidsky:

The tug of war between tech firms touting end-to-end encryption as a way to avoid government snooping and state agencies protesting its use is a smokescreen. Government and private hackers are working feverishly on new methods to deploy malware with operating system-wide privileges.

It’s no smokescreen. Bershidsky’s profound mistake is his apparent belief that security is binary — totally secure or totally insecure. And so in his mind, this week’s WhatsApp exploit means WhatsApp is insecure, and since other such exploitable bugs almost surely exist in other apps and in OSes, no messaging system is secure.

Security is not binary, though — which is obvious if you give it even a moment’s thought. A locked door is more secure than an unlocked one. A door with two locks is more secure than one with a single lock. A locked door with a locked gate in front of it is more secure than one without a gate.

Security exists on a continuum. The definition of continuum is instructive: “a continuous sequence in which adjacent elements are not perceptibly different from each other, although the extremes are quite distinct”. It’s not secure or insecure; it’s more secure or less secure. Just like faster vs. slower or heavier vs. lighter. There are first grade primers that cover these concepts.

In the same way a door is more secure locked than unlocked, messaging of any sort is more secure encrypted than unencrypted. End-to-end encrypted messaging is more secure than encryption that is not end-to-end — it truly is an essential distinction.2 Just because the government or a criminal might be able to exploit software on your device even if the communications were E2E encrypted doesn’t make E2E encryption a “smokescreen”. Especially in the case of law enforcement — it is orders of magnitude easier to issue a subpoena to, say, your email provider than it is to attack your devices with malware to obtain the information they seek.

This week’s WhatsApp exploit was the work of some of the most talented hackers in the world. Calling them geniuses is no hyperbole. Finding vulnerabilities that allow remote code execution is (usually) extremely difficult. Actually writing the code to take advantage of them — turning a theoretical vulnerability into a working and deployable exploit — requires some of the best programming talent in the world. And on the other side, the security teams at goliath companies3 like Microsoft, Amazon, Apple, Google, and Facebook employ equally talented programmers trying to close all possible vulnerabilities.4 It’s a cat-and-mouse game at the very highest level of programming and mathematical talent.

Obtaining a subpoena requires nothing of the sort — simply the regular mechanics of law enforcement, judicial oversight, and compliance with the law. Snooping on unencrypted network traffic is similarly trivial. Obtaining email via subpoena requires you to be able to make a free throw; doing what this week’s WhatsApp exploit seemingly accomplished requires you to be Steph Curry and hit 9 three-pointers in a single game against a playoff-caliber NBA defense.

Here’s Bershidsky’s closing:

The hard truth for activists and journalists in need of secure messaging is that the more tech-savvy they are, the safer they can make their digital communications. One can, for example, encrypt messages on a non-networked device before sending them out through one’s phone. But even that wouldn’t guarantee complete security since responses could be screen-captured.

Truly secure communication is really only possible in the analog world — and then all the old-school spycraft applies.

In other words, digital communication can never be completely secure, only analog can, except when that’s compromised by “old-school spycraft”. Complete guaranteed security with well-known exceptions. It boggles the mind that this was written and edited by sentient humans, and that they’ve spent two days slowly decreasing the asininity of the headline instead of just doing what obviously ought to be done and retracting the whole piece. 


  1. Since “The Big Hack” was published in early October last year, Robertson’s byline has appeared at Bloomberg zero times, and Riley’s only once, which might lead one to believe that despite Bloomberg’s public defense of the piece, internally they suspect something is amiss with the duo’s work. But Bloomberg not only still stands by the story, according to Washington Post media critic Erik Wemple, Bloomberg had the chutzpah to submit “The Big Hack” to the 2019 National Magazine Awards↩︎

  2. I think the whole point of Bershidsky’s tirade is not that encryption of any kind is pointless (but some clearly took it that way), but rather that he thinks companies are emphasizing end-to-end encryption in particular as a sort of snake oil, a fool-proof impregnable security solution. It’s hard to make sense from nonsense. Anyway, the distinction between E2E and non-E2E encryption is worth a footnote.

    With E2E encryption, a message is encrypted on the sender’s device and is not decrypted until it reaches the recipient’s device. WhatsApp, Signal, and iMessage work this way. With non-E2E encryption, the message is encrypted on the sender’s device, decrypted by a server in the middle, then re-encrypted on the server and sent to the recipient. So with non-E2E encryption, an attacker still can’t get the unencrypted message by simply snooping on the network traffic, but they can get it by attacking — or in the case of law enforcement, simply issuing a subpoena to — the service provider. Email and Twitter DMs work this way — your email provider stores the plain text of all your email, and Twitter stores the plain text of your DMs — even though your devices communicate to your email provider (almost certainly) and Twitter (definitely) over encrypted connections. Removing that middleman as a target of attack or subpoena is what makes E2E encryption important.

    But it’s also the reason why you can read email and Twitter DMs on the web, and can’t read your WhatsApp/Signal/iMessage messages on the web. E2E necessitates a trade-off in convenience for additional security. And it’s undeniably convenient to be able to access email and Twitter via the web — essential, even, for millions of users. Trade-offs are always difficult. ↩︎︎

  3. Listed here by order of market capitalization today. ↩︎︎

  4. No slight intended to upstart Signal, which also has world-class talent (and serious funding — from the co-founder of WhatsApp) securing it against exploits. ↩︎︎


Lego ‘Stranger Things’ 

Even if you don’t watch Stranger Things and don’t like Lego, my god, if you don’t love the style of this video, you’re not hooked up right. It’s fantastic.

Update: Do not miss this interview video with Lego model designer Justin Ramsden.

FCC Proposes New Rules to Fight Robocalls 

Makena Kelly, reporting for The Verge:

The new rule would make it easier for carriers, like AT&T, Verizon, and T-Mobile, to automatically register their customers for call-blocking technology. As of right now, customers have to opt-in on their own. It would also allow customers to block calls coming from phone numbers that are not on their contacts list. Commissioners are expected to vote on the measure at their June 6th meeting.

“Allowing call blocking by default could be a big benefit for consumers who are sick and tired of robocalls,” FCC Chairman Ajit Pai said. “By making it clear that such call blocking is allowed, the FCC will give voice service providers the legal certainty they need to block unwanted calls from the outset so that consumers never have to get them.”

I’m trying to think of another issue that could garner so much bipartisan support in America today. I got nothing.

Washington Post: ‘Trump’s Prized Doral Resort Is in Steep Decline, According to Company Documents, Showing His Business Problems Are Mounting’ 

David A. Fahrenthold and Jonathan O’Connell, reporting for The Washington Post:

At Doral, which Trump has listed in federal disclosures as his biggest moneymaker hotel, room rates, banquets, golf and overall revenue were all down since 2015. In two years, the resort’s net operating income — a key figure, representing the amount left over after expenses are paid — had fallen by 69 percent.

Even in a vigorous economy, the property was missing the Trump Organization’s internal business targets; for instance, the club expected to take in $85 million in revenue in 2017 but took in just $75 million.

“They are severely underperforming” other resorts in the area, tax consultant Jessica Vachiratevanurak told a Miami-Dade County official in a bid to lower the property’s tax bill. The reason, she said: “There is some negative connotation that is associated with the brand.”

“Some negative connotation” — you don’t say.

Apple Support: ‘How to Enable Full Mitigation for Microarchitectural Data Sampling (MDS) Vulnerabilities’ 

Apple Support:

Intel has disclosed vulnerabilities called Microarchitectural Data Sampling (MDS) that apply to desktop and notebook computers with Intel CPUs, including all modern Mac computers.

Although there are no known exploits affecting customers at the time of this writing, customers who believe their computer is at heightened risk of attack can use the Terminal app to enable an additional CPU instruction and disable hyper-threading processing technology, which provides full protection from these security issues.

This option is available for macOS Mojave, High Sierra and Sierra and may have a significant impact on the performance of your computer. […] Testing conducted by Apple in May 2019 showed as much as a 40 percent reduction in performance with tests that include multithreaded workloads and public benchmarks.

It’s good that there are no known exploits using these techniques, but even if there were, the overwhelming majority of Mac users — almost everyone — would not need to enable this mitigation. These MDS vulnerabilities enable malware on your computer to do bad things. But these vulnerabilities are not ways for malware to get onto your computer.

Once you have malware on your computer, the game is over. I’m not saying these MDS vulnerabilities aren’t a problem — they obviously are, because they make malware potentially more dangerous. But the game is keeping malware off your computers in the first place.

(Also worth noting: these particular vulnerabilities don’t affect iPhones, iPads, Apple Watches, or the vast majority of Android devices because ARM chips don’t have these vulnerabilities. Only Intel chips. We’re running out of reasons for Apple not to switch the entire Mac platform to ARM.)

(Bonus parenthetical: It’s possible that there are similar vulnerabilities in ARM chips too, but if there are, none have been publicly disclosed yet.)

‘Behind Twitter’s Plan to Get People to Stop Yelling at Each Other’ 

Interesting feature by Nicole Nguyen for BuzzFeed with an inside look at “twttr” — a new version of Twitter currently being tested. Lots of screenshots, and I particularly enjoyed (and would have liked to see more of) senior product designer Lisa Ding’s sketchbook.

I do think most of these designs significantly help indicate reply threading. What’s a reply to the original tweet, what’s a reply to another reply, that sort of thing. Twitter is really just awful for that right now, and always has been. And the fundamental reason why is kind of obvious: Twitter started as a product that did not even have the concept of replies. Users invented them, by starting a tweet with “@username” for whomever they were replying to. Twitter eventually embraced replies as a full-fledged feature, but the way it’s worked out over 13 years (poorly) is a perfect example of a fundamental design precept: the origins of a product forever shape its future.

But again, these “twttr” designs do seem to make replies clearer. That’s good. What I don’t see is anything, anything at all, that addresses the ostensible goal of this whole effort: reducing abuse, hostility, and general bad behavior. Trolls and bullies are Twitter’s core problem, not the clarity of reply threads.

Why Paul Ford (Still) Loves Tech 

Paul Ford, writing for Wired, “In Defense of a Difficult Industry”:

The things we loved — the Commodore Amigas and AOL chat rooms, the Pac-Man machines and Tamagotchis, the Lisp machines and RFCs, the Ace paperback copies of Neuromancer in the pockets of our dusty jeans — these very specific things have come together into a postindustrial Voltron that keeps eating the world. We accelerated progress itself, at least the capitalist and dystopian parts. Sometimes I’m proud, although just as often I’m ashamed. I am proudshamed.

Just a lovely piece that I suspect will resonate deeply with many of you. This bit, in particular, put into words something I’ve struggled to capture:

And of course I rarely get to build software anymore.

I would like to. Something about the interior life of a computer remains infinitely interesting to me; it’s not romantic, but it is a romance. You flip a bunch of microscopic switches really fast and culture pours out.

“Not romantic, but it is a romance” — I think that’s what some of us are worried about losing if the Mac grows ever more iOS-like, and it feels a bit like what Brent Simmons wrote recently under the headline “Freedom”.

Google to Show Ads on Homepage of Mobile Site, App 

Paresh Dave, reporting for Reuters:

Alphabet Inc’s Google will begin featuring ads on the homepage of its mobile website and smartphone app later this year, it said on Tuesday, giving the search engine a huge new supply of ad slots to boost revenue.

Google will also start placing ads with a gallery of up to eight images in search results, potentially increasing ad supply further. The ads will appear on Google pages and apps globally.

It’s interesting to me that they’re saying this is mobile-only, and thus doesn’t include the desktop homepage. But mobile is where the most attention is these days. I’ve long considered Google’s homepage the most valuable advertising space on the internet; it still is, and it’s rather remarkable how restrained they’ve been about using it. One obvious reason: they’ve remained laser-focused on keeping their homepage fast, fast, fast.

Update: Interesting take from a DF reader:

Just curious when the last time you were on a search engine’s home page on mobile? Surely everybody searches in the address bar from the most recently opened window? I had to type google.com into my address bar to even see what it looked like and I use google a dozen times a day. Results being more monetized I get… but mobile landing page? Maybe they’ll get Android users, but not iPhone.

That is true — most iPhone users surely almost never see Google’s pre-results landing page.

Postal Address Insanity 

Josh Centers, writing at TidBITS:

If you wish to use Spotify and might ever want to sign up for a family plan, I strongly recommend copying down the exact address you enter somewhere, or you can do what I did and switch to Apple Music because I refuse to play these stupid games.

Over 650 Former Prosecutors Say Trump Would Be Charged With Obstruction if He Weren’t President 

Axios:

More than 650 former federal prosecutors have signed onto a statement asserting that if the Justice Department’s Office of Legal Counsel (OLC) did not prohibit a sitting president from being indicted, President Trump would be charged with obstruction of justice.

Android Q First Look 

They should have called it Android R for “rip-off”. This is the iPhone X interface. The shamelessness of this rip-off is staggering. Does Google have no pride? No sense of shame?

Don’t Hold Your Breath 

Reuters:

Samsung Electronics said on Tuesday it cannot confirm the shipping date for its foldable device Galaxy Fold yet and apologized to its pre-order customers in the United States for the delay. The world’s top smartphone maker delayed global sales of the splashy $1,980 foldable phone after reviewers discovered problems with its display, dealing a setback to Samsung and its efforts to showcase its innovation.

“If we do not hear from you and we have not shipped by May 31st, your order will be canceled automatically,” the South Korean tech giant’s U.S. subsidiary told Galaxy Fold pre-order customers in an email late on Monday, which was confirmed by a Samsung spokeswoman.

Today is May 7. How can anyone take them seriously that they do not know if they’re going to ship by May 31? This thing is never going to ship and everyone knows it.

Google Pixel 3A 

Brian X. Chen, writing for The New York Times:

So this will probably come as good news. As of Tuesday, Google is selling the Pixel 3A, a new version of its popular Pixel smartphone, for about $400 — or roughly half the price of its high-end phones. It is the first time that Google is introducing its Pixel phones for the midrange and low-end market.

“We’re seeing the fatigue with some of the flagship pricing of smartphones going up and up and up, and people thinking, ‘You know, five years ago I could buy the best possible phone for half this price,’” said Brian Rakowski, a vice president of product management for Google.

$400 for a good phone with a great camera sounds compelling. But there’s a hump Google has never gotten over with the Pixel phones. They’re great devices that almost no one actually buys.

This Is Why I Would Never Buy Used AirPods 

The Daily Mail:

But he went to Kaohsiung Municipal United Hospital where medics confirmed he had swallowed the AirPod. They said it was currently passing through his digestive system, saying it would need surgery to remove if it did not appear naturally. Doctors gave him a laxative and told him to inspect his waste for any sign of the device.

Fortunately for Mr Hsu the AirPod resurfaced when he relieved himself at a railway station the next day. He was forced into a foul-smelling search but was able to pick out the £65 device and found that it was still intact. After washing the AirPod and letting it dry Mr Hsu was amazed to find that it still worked.

It is The Daily Mail, so there’s a good likelihood the story is complete bullshit. But if it’s legit… jiminy.

SEC Charges Sapphire Glass Manufacturer and Former CEO With Fraud 

The SEC:

The Securities and Exchange Commission today charged a New Hampshire-based company and its former CEO with misleading investors about the company’s ability to supply “sapphire glass” for Apple’s iPhones. The company, GT Advanced Technologies Inc., also is found to have misclassified more than $300 million in debt to Apple that resulted from its repeated failures to meet performance milestones.

Haven’t thought about these guys in a while.

It’s Not Just Dust 

I’ve gotten a zillion emails and tweets about this Reddit thread from a Mac tech dissecting Apple’s butterfly-switch MacBook keyboards. Like most stuff on Reddit I don’t think it’s very cohesive. It’s like a notebook for an article, not an article. But the author does make one key observation that I don’t think I’ve seen anyone make before, even though it’s obvious to anyone following this saga: If the reliability problem with these keyboards is only about particles getting lodged under the keys, then we should see random keys having problems. But that’s not what we see. What we see are that the most-used keys — vowels (especially “E”) and the space bar — are the keys most likely to get stuck or to start emitting duplicate characters.

I’m sure the dust thing is a real problem, but it’s clearly not the only problem. These keyboards simply aren’t durable.

Peter Mayhew Dies at 74 

Filmmaking is a collaborate effort, and many deserve credit for Chewbacca. George Lucas, of course, for conceiving and writing the character. Ben Burtt for that distinctive and emotive voice. ILM costume designers. But Mayhew was the actor. And goddamn if Chewbacca doesn’t feel real. You know he’s a man in a suit but he feels like a real Wookiee. There were aliens in movies before Star Wars, but Chewbacca was the first I can think of who didn’t just look and feel like a real alien but who also felt like a full-fledged character — a character with an interesting personality and real relationships with the humans around him. More than anything else, it was Chewbacca’s realness as a character — along with C-3PO and R2-D2 — that made Star Wars so immersive. He wasn’t a gimmick or a prop. He was Chewie.

And he should have gotten a goddamn medal.

A Technical and Cultural Assessment of the Mueller Report PDF 

Duff Johnson, writing for the PDF Association:

This article offers two things:

  • a brief, high-level technical assessment of the document, and

  • a question of culture: why everyone assumes it would be delivered as a PDF file — and would have been shocked otherwise.

This has nothing to do with the content of the Mueller Report, but rather the actual PDF file released by the Justice Department. Wonderfully nerdy.

Qualcomm to Record $4.5 Billion Revenue From Apple Settlement 

Scott Rosenberg and Ina Fried, reporting for Axios:

In its quarterly earnings released today, Qualcomm said it would record $4.5-$4.7 billion revenue in the coming quarter as part of its settlement of a long-running intellectual-property quarrel with Apple.

This isn’t catastrophic for Apple, and I think that figure is exactly in line with what just about everyone expected. But don’t tell me Qualcomm wasn’t the winner here.

‘Facebook Is Trying to Make the Word “Private” Meaningless’ 

Good piece by Casey Johnston for The Outline on the hollowness of Facebook’s newfound push for “privacy”:

He emphasized several times that Facebook will not be able to see the content of this material, saying it was private “even from us” several times about several features, and emphasizing the words “safety” and “secure.”

But what his presentation elided was the fact that Facebook does not need to see the content of what people are saying in order to advertise to them. The metadata — who, or what (as in a business), you’re talking to, and even where you are or what time the conversation is taking place as it comes together with other pieces of information — provides more than enough information to make a very educated guess about what you’re interested in, to the point that knowing specifically what you are saying adds almost nothing.

Tim Cook and Luca Maestri on Intel 

Something I missed last night perusing Tim Cook and Luca Maestri’s remarks on Apple’s quarterly analyst call: shots fired at Intel. (Emphasis added.)

Cook:

For our Mac business overall, we faced some processor constraints in the March quarter, leading to a 5 percent revenue decline compared to last year. But we believe that our Mac revenue would have been up compared to last year without those constraints, and don’t believe this challenge will have a significant impact on our Q3 results.

Maestri:

Next I’d like to talk about the Mac. Revenue was 5.5 billion compared to 5.8 billion a year ago, with the decline driven primarily by processor constraints on certain popular models.

I asked an Apple source last fall why it took so long for Apple to release the new MacBook Air. Their one-word answer: “Intel.”

One of the big questions for next month’s WWDC is whether this is the year Apple announces Macs with Apple’s own ARM processors (and graphics?).

The Talk Show: ‘A Couple of Awkward Swipes’ 

Very special guest MG Siegler returns to the show. Topics include Apple’s original content strategy and a general look at the state of the company. Also: advice for parents of young children.

Brought to you by:

  • Things: The award-winning personal task manager that helps you achieve your goals — an outstanding native app for Mac and iOS.
  • Casper: Save $50 off select mattresses with code talkshow. Terms and conditions apply.
  • Linode: Instantly deploy and manage an SSD server in the Linode Cloud. Get a server running in seconds with your choice of Linux distro, resources, and node location.
Typography 2020 

Matthew Butterick reviews the typography and design of the websites for the top Democratic candidates in 2020:

For those who think it triv­i­al­izes our po­lit­i­cal process to judge can­di­dates by their ty­pog­ra­phy — what would you pre­fer we scru­ti­nize? Qual­i­fi­ca­tions? Ground into dust dur­ing the last elec­tion. Is­sues? Be my guest. Whether a can­di­date will ever ful­fill a cer­tain cam­paign promise about a cer­tain is­sue is conjectural.

But ty­pog­ra­phy — that’s a real de­ci­sion can­di­dates have to make to­day, with real money and real con­se­quences. And if I can’t trust you to pick some rea­son­able fonts and col­ors, then why should I trust you with the nu­clear codes?

I largely agree with Butterick’s assessments, and where I don’t agree, I find his arguments persuasive.

Eric Schmidt Is Leaving Google’s Board 

Google (well, technically, Alphabet):

After over 18 years on the Board, Eric Schmidt is not seeking re-election at the expiration of his current term on June 19, 2019. He will continue as a technical advisor to Alphabet. Eric has served as a member of the Board since March 2001. He was Google’s Chief Executive Officer from July 2001 to April 2011, and its Executive Chairman from April 2011 until January 2018.

“Eric has made an extraordinary contribution to Google and Alphabet as CEO, Chairman, and Board member. We are extremely grateful for his guidance and leadership over many years,” Hennessy said.

Is this weird? Schmidt is only 63 years old. But Google was never really his company — it’s always been Larry Page’s and Sergey Brin’s company.

Also years later, this whole “Alphabet” thing still sounds super weird to my ears.

Apple’s Quarter by the Numbers 

Jason Snell’s visualizations of Apple’s quarter are excellent, as usual.

Even though Apple no longer reports unit sales, they do still break down product categories by revenue. At 20% of the company’s revenue, Services now accounts for more revenue than Mac and iPad combined. And Wearables is now a full peer, revenue-wise, to Mac and iPad. Judging by Cook’s comments on the analyst call, I think the growth in Wearables revenue is being driven by AirPods — not that I think Watch isn’t still growing, but it sounds like AirPod sales are through the roof.

Apple Q2 2019 Results 

Apple:

Apple today announced financial results for its fiscal 2019 second quarter ended March 30, 2019. The Company posted quarterly revenue of $58 billion, a decline of 5 percent from the year-ago quarter, and quarterly earnings per diluted share of $2.46, down 10 percent. International sales accounted for 61 percent of the quarter’s revenue.

Apple’s sub-head: “Services Revenue Reaches New All-Time High of $11.5 Billion”. Looks like a good overall quarter, and the stock has shot up 5% in after-hours trading. But without iPhone/iPad/Mac breakouts, these reports are boring.

Google Pixel Sales Maybe Not So Great 

So the conventional wisdom on this front is that $1,000+ phones are a bad idea. I think that’s the wrong take. That’s like saying $50,000+ cars, or $2,000+ laptops are a bad idea. Clearly there’s a market for premium phones, just like there’s a market for premium items in all sorts of markets.

I think Google’s problem with Pixel phone sales is two-fold. First, I just don’t think they feel like premium devices. They feel like $500 devices, not $800-1,000 devices. I’ve got a Pixel 3. It’s my favorite Android device ever, and the camera is great for stills. (Not so great for video — which Pixel aficionados tend to gloss over.) But it is not on par with iPhones quality-wise.

Second, Google has never really put their heart into marketing Pixels. They’ve never really tried to sell them. I think they have a great story to tell — if you love Google and Google services, the Pixel probably is the best phone for you. But they’ve never really made that case.

Morning Brew 

My thanks to Morning Brew for sponsoring this week at Daring Fireball. There’s a reason over 1 million people start their day with Morning Brew — the daily email that delivers the latest news from Wall Street to Silicon Valley. Business news doesn’t have to be dry and dense.

Make your mornings more enjoyable, for free. Check it out.

Facebook Users Morbidly Curious What Site Going to Do With Their Personal Data to Recoup $5 Billion Fine 

The Onion:

Wondering how the social media giant will unethically exploit their personal data next, Facebook users conceded Friday they are morbidly curious to see what the company does to them in order to recoup its losses following a $5 billion Federal Trade Commission fine. “I know I’m probably not gonna like it, but I have this deep, dark desire to know what kind of fucked-up shit they’ll do to violate our privacy this time,” said Cleveland-area Facebook user Lisa Wincheck, explaining that while it’s hard to imagine the social network doing anything worse than it already has, its history suggests it will once again produce a nefarious, probably illegal new way to monetize the intimate details of people’s lives.

Why Everyone Is Watching TV With Closed Captioning on These Days 

Jason Kottke:

As Sebastian Greger notes in his summary of the resulting thread, closed captioning is a great example of how accessibility features can benefit everyone, especially those who may have disabilities or limitations that aren’t typically acknowledged as such.

Such a great point about accessibility. It really is for everyone.

On the closed captions front — I use Apple TV’s “what’d they just say?” feature several times every episode watching Game of Thrones. I don’t know what they do with their audio but damned if the characters don’t all sound like a bunch of mumble-mouths a lot of the time. And last night I finally watched Netflix’s The Highwaymen (it was exactly as good as I expected going in, which is to say about a B-) and I had to leave closed captions on for entire scenes. I didn’t have the volume set particularly low, I just couldn’t understand what they were saying. If it weren’t for closed captions — and the ease with which Apple TV lets one toggle them — I’d have abandoned the movie and gone to bed.


All Podcasts Are Shows; Not All Shows Are Podcasts

Ashley Carman, writing last week for The Verge on the launch of Luminary, a $100 million venture-backed “podcast” startup:

But the industry hasn’t accepted Luminary or its impending launch. When it rolls out to the public on iOS, Android, and the web, Luminary’s podcast app will be missing some of the industry’s biggest shows, including The New York Times’ The Daily and Gimlet Media shows like Reply All and Homecoming. Shows by Anchor’s network of smaller creators won’t be on the app, nor will series from Parcast, both of which are owned by Spotify.

The first thing to understand is that Luminary is two things: (1) an $8/month subscription service for exclusive original audio shows, from some very well-known people; (2) a podcast app for iOS and Android that you use to listen to Luminary’s own shows and any real podcast. You can use Luminary’s podcast player to listen to regular podcasts without subscribing to Luminary’s service.

Luminary’s own shows are ad-free, and they’re pitching the whole service on the idea that ads suck.

A podcast, to me, is a series of audio episodes available over the web. At a technical level, it’s an RSS feed, and the RSS feed has entries for each episode, and each episode has links to the actual audio file (in MP3 or AAC format, but usually MP3) and other metadata. RSS is an open format that can be used to serialize anything. If you read Daring Fireball in a feed reader, that’s RSS. When using RSS for podcasts, effectively all podcasts use extensions to RSS created by Apple for iTunes and the iOS Podcasts app. RSS is extensible to enable just such things. Apple, which embraced podcasts very early on and continues to be the overwhelmingly dominant player in the podcast client market, has never done anything — anything at all — to try to lock podcasts in to the iTunes ecosystem. Quite the opposite — their extensions to RSS are parsed by all podcast players on all platforms, and, most generously, the iTunes podcast directory is open to all podcast players on all platforms. It’s the de facto central database of all podcasts that meet Apple’s standards for content.

No one who listens to podcasts needs to know any of those details. The key is that if you make a podcast player, the only thing your app needs to know about any particular podcast is the URL to the RSS feed for the podcast. If you want to read a particular website, you can enter the URL for that website into any web browser. In the same way, if you want to listen or subscribe to a podcast, you can enter the URL for that podcast’s RSS feed into any podcast client. And all popular podcast players make it easy to search for podcasts by name so that you, the user, don’t have to know the URL or even know what a URL is.

Would a website be a “website” if it only worked in one company’s browser? No one has ever really tried that.1 It’s hard to imagine a world where, say, Apple News+ wasn’t in its own app but instead was something you viewed in Safari and only Safari. Nobody calls the content in Apple News a “website”.

So is a podcast a “podcast” if it only works in one app? I’m going to say no.

I don’t think there’s anything wrong with subscription-only audio content and proprietary apps. Sirius XM has been doing it forever. But nobody calls The Howard Stern Show a “podcast”. Audible has a ton of exclusive original shows and they don’t call them podcasts — they just call them “Audible Originals”.

Being client-agnostic is the spirit of the open internet, and I think it’s implicitly part of being a “podcast”. Openness was certainly part of how podcasting came to be.

This thing with Luminary is a bit rich. On the one side, their own original shows are proprietary and they promote them for being ad-free. On the other, they want to be a podcast player for all regular podcasts, many of which (and most of the ones produced as professional endeavors) are funded by advertising. This spat with The New York Times and Gimlet Media is fascinating because The Times’s The Daily and Gimlet’s shows are indisputably podcasts — their RSS feeds and MP3 files are available for anyone or any client to download over the open web. Luminary isn’t being blocked technically from playing them, they’re being blocked because The Times and Gimlet asked them to, and Luminary agreed to comply. So putting aside (for the moment) whether Luminary’s own original shows qualify as “podcasts”, as a podcast player, Luminary’s app is in the incredibly bizarre position of not playing several very popular podcasts that every other podcast player in the world can subscribe to and play.

Is that even a podcast player? If so, it needs an asterisk: “podcast* player”.

Dave Winer — who, as the creator of RSS itself and a pioneer in what he originally called “audioblogging”, ought to be considered an authority on the term — has thoughts:

We need a new name for podcast-like things that have no feeds, are locked behind a paywall, can’t be archived, cited or shared, and don’t create any kind of record.

Something like “Dead-end-cast.”

Or “Business-model-cast.”

Or “VC-friendly-cast.”

Luminary is not alone in trying to usurp the term “podcast” for proprietary audio shows. Spotify has been at it for a year, trying to pivot from subscription music to subscription audio. Spotify made a splash a few months ago when it acquired the Gimlet and Anchor podcast networks — but Gimlet’s and Anchor’s existing shows remain regular podcasts, available in any app. Yesterday Spotify announced a “podcast” by Mark Zuckerberg which is exclusive to Spotify. You don’t have to pay for it or anything, because no one would, but there is no feed for it. It is audio, it is on the internet, but I don’t think it’s a podcast. Neither does Marco Arment (who admittedly, as the maker of the very popular podcast player Overcast, has some skin in this game):

What would you call a CD-lookalike music disc that was incompatible with over 90% of CD players?

Probably couldn’t call it a CD, right?

Until this shows up as a public RSS feed, this isn’t a podcast. (Also, Zuck’s still a turd.)

Basically, just like how an email is a message you read in your email client of choice, and a web page is an HTML document you load in your web browser of choice, a podcast is a show you listen to in your podcast player of choice.

We already have a word for these things: shows. All podcasts are shows on the internet, but not all shows on the internet are podcasts.

These companies are trying to usurp the word podcast for one simple reason: people love podcasts. What I think and hope they are missing is that part of what people love about podcasts is the openness. It’s one of the last remaining areas of the internet that works exactly as the internet was intended to work.


As a side note, I think the $100 million in venture capital that Luminary raised is going to be $100 million flushed down the toilet.

From a month-ago company profile in The New York Times:

Luminary has 70 employees in New York and Chicago, about 40 of whom are engineers. The company is beginning a marketing campaign on Monday that includes outdoor advertising in New York, Los Angeles and Austin, Tex.

I downloaded and kicked the tires on the Luminary app. It seems like a fine iOS podcast player. It has zero standout features though. 40 engineers seems cuckoo, not just for this podcast app but for any podcast app.

Next paragraph in that Times piece:

To some degree, of course, all media start-ups think they are going to be the next Netflix. The test for Luminary will come in the execution.

The test is not in the execution. The test is whether it makes any sense at all to try to be the “Netflix of audio shows”.

Modeling themselves after Netflix is why Luminary’s app isn’t just a paywall for its own original content. Netflix is Netflix because of its strong original content and its massive, effectively infinite, catalog of non-original content. And — bonus! — Luminary gets their huge catalog of non-original content — real podcasts — “for free”. Neither of these analogies to Netflix works.

On the original content front, the huge difference is that podcast content is really easy and cheap to make compared to video. And the type of original content people really love on Netflix, shows like Stranger Things, is many orders of magnitude more expensive than any podcast.

On the non-original content front, the fact that Luminary is a regular podcast client doesn’t really help them much, because it only gives them access to content any app can offer. You can’t watch old episodes of Friends anywhere but Netflix, or by paying for episodes elsewhere. Netflix’s non-original content is not freely available on the web without resorting to piracy.

It might be a great idea to start a company to produce podcasts with celebrity hosts like Lena Dunham, Russell Brand, Trevor Noah, and whomever else Luminary has signed. Those shows, if done well, could be hugely popular and make tons of money — from ads. But a company bringing that talent together does not need $100 million in funding and will never be worth 1/100th of Netflix.

Postscript

Here’s an interesting update. A friend who doesn’t want to install the Luminary app (you have to give them an email address and create an account just to get past the first screen) asked whether Luminary allows you to add podcasts using their RSS feeds. The answer, as far as I can see, is no. The only way to listen to podcasts in Luminary is by searching for them by name — and pasting a feed URL in the search field doesn’t work.

That means you can’t use Luminary to listen to podcasts that are banned from iTunes for content, or private podcasts like Relay’s members-only shows. And, perhaps most obviously, you can’t use the RSS feed URL as a backdoor to listen to shows from The New York Times or Gimlet.

This is like a web browser not allowing you to just paste in a URL, allowing you only to get to pages through a search engine. Again I say: if Luminary’s app is a podcast player, it needs an asterisk. 


  1. Back in the ’90s Microsoft worked to get web developers to use technologies that only worked in Internet Explorer. The open web standards movement successfully fought against that. But that was an attempt at technical lock-in, not subscription content lock-in. ↩︎