My thanks to Atoms for sponsoring this week at DF. Atoms’s excellent Model 000 is a sneaker-style everyday shoe, available not just in half sizes but quarter sizes for a perfect fit. Atoms’ stretchy laces make it easy to slip the shoes on and off. Insoles made with copper thread neutralize odor. And lightweight materials make Atoms exceptionally comfortable and durable. My much-worn pair — size 12.25, quarter sizes for the win — is well over a year old and still look great.

For the holidays, Atoms has launched three new colorways, a limited edition art collaboration, and also brought back the popular Navy Blue and Neons. On top of that, Atoms is offering Daring Fireball readers $20 off one pair or $50 off two. A great deal for great shoes.

Ben Pearson: ‘Here’s Why Movie Dialogue Has Gotten More Difficult to Understand’ 

Ben Pearson, writing for Slashfilm:

I used to be able to understand 99% of the dialogue in Hollywood films. But over the past 10 years or so, I’ve noticed that percentage has dropped significantly — and it’s not due to hearing loss on my end. It’s gotten to the point where I find myself occasionally not being able to parse entire lines of dialogue when I see a movie in a theater, and when I watch things at home, I’ve defaulted to turning the subtitles on to make sure I don’t miss anything crucial to the plot.

Knowing I’m not alone in having these experiences, I reached out to several professional sound editors, designers, and mixers, many of whom have won Oscars for their work on some of Hollywood’s biggest films, to get to the bottom of what’s going on. One person refused to talk to me, saying it would be “professional suicide” to address this topic on the record. Another agreed to talk, but only under the condition that they remain anonymous. But several others spoke openly about the topic, and it quickly became apparent that this is a familiar subject among the folks in the sound community, since they’re the ones who often bear the brunt of complaints about dialogue intelligibility.

I think part of this is a trend that might have been inevitable, as the language of cinema inevitably became the lingua franca of the world. Most people can thoroughly enjoy movies recorded in a foreign language with subtitles. (Have I ever mentioned how fucking much I love Bong Joon Ho’s Parasite? My god, what a masterpiece.) So of course, you can, in theory, enjoy a movie recorded in your own language even if you can’t make out all or even a lot of the dialogue. Trend isn’t even the right word, though — it’s a fad, like grunge typography in the 1990s or the bizarre orange-teal color grading of movies during the 2000s.

But the other factor — which Pearson addresses directly — is the singular influence of Christopher Nolan. Nolan is to mumble-mouthed movie dialogue what David Carson was to illegible typography. Did I buy every issue of Ray Gun? Yes. Do I watch every movie Nolan makes? Yes. But, still, it’s a fad.

The correct answer here is Stanley Kubrick. In the same way the color grading of his films has never seemed dated, no matter the current fad, the audio tracks have not either. You can understand every fucking word every character says. Which makes Nolan’s recent films a bit frustrating, given how amazing a job he did supervising the 50th anniversary re-release of 2001: A Space Odyssey. My gut says Nolan is going to outgrow this.

Reuters: U.S. State Department Employees’ iPhones Were Hacked With NSO Group Spyware 

Christopher Bing and Joseph Menn, reporting for Reuters:

iPhones of at least nine U.S. State Department employees were hacked by an unknown assailant using sophisticated spyware developed by the Israel-based NSO Group, according to four people familiar with the matter. The hacks, which took place in the last several months, hit U.S. officials either based in Uganda or focused on matters concerning the East African country, two of the sources said. […]

Apple’s alert to affected users did not name the creator of the spyware used in this hack. The victims notified by Apple included American citizens and were easily identifiable as U.S. government employees because they associated email addresses ending in with their Apple IDs, two of the people said.

Fascinating to consider that the U.S. State Department is only aware of this hack because Apple notified the affected employees. That’s certainly how this report reads.

In a public response, NSO has said its technology helps stop terrorism and that they’ve installed controls to curb spying against innocent targets. For example, NSO says its intrusion system cannot work on phones with U.S. numbers beginning with the country code +1. But in the Uganda case, the targeted State Department employees were using iPhones registered with foreign telephone numbers, said two of the sources, without the U.S. country code.

Big-time ✊🍆 feel to this. Like hearing about PC malware that bypasses PCs with Russian keyboards attached.

Canadian Police Claim AirTags Are Being Used by Thieves to Track Cars They Intend to Steal 

York Regional Police:

Since September 2021, officers have investigated five incidents where suspects have placed small tracking devices on high-end vehicles so they can later locate and steal them. Brand name ‘air tags’ are placed in out-of-sight areas of the target vehicles when they are parked in public places like malls or parking lots. Thieves then track the targeted vehicles to the victim’s residence, where they are stolen from the driveway.

Thieves typically use tools like screwdrivers to enter the vehicles through the driver or passenger door, while ensuring not to set off alarms. Once inside, an electronic device, typically used by mechanics to reprogram the factory setting, is connected to the onboard diagnostics port below the dashboard and programs the vehicle to accept a key the thieves have brought with them. Once the new key is programmed, the vehicle will start and the thieves drive it away.

Over the past year, more than 2,000 vehicles have been stolen across the region.

Five incidents out of 2,000 is not exactly a trend, but the basic idea here is interesting. I’m interested in knowing how the police figured out that AirTags were used in this way. Let’s say a thief hides an AirTag on your car while it’s in a public parking lot. Then you park the car in your home’s driveway. The thief comes in the middle of the night and steals your car. You call the police and they come to your home to investigate. How would they know an AirTag had ever been involved?

My only guess is that in these five incidents, the victims were iPhone users who got the “AirTag Found Moving With You” alert. They tapped the “Play Sound” button, found the nefariously hidden AirTag, and (perhaps because they know their car is high-end) had the foresight to call the police. Or, maybe they disregarded the alert, thinking their iPhone had picked up on someone else’s AirTag by mistake. But then their car gets stolen a day or two later, and the unexpected “AirTag Found Moving With You” alert they had disregarded suddenly seems relevant, so they share that with the police.

If that’s the basic idea, then the use of AirTags in this way might be more prevalent than the five cases suggest, because if the car owner doesn’t use an iPhone (or uses an older iPhone still running an older version of iOS), neither the owner nor the police would have any way of knowing an AirTag had ever been involved in the theft.

(Via MacRumors.)

From the DF Archive: Taiwan Flag Emoji Disappears From iOS 13.1.2 Keyboard in Hong Kong 

Speaking of kowtowing to China, this one still irks me. And, at this point, likely will for the foreseeable future.

The Other Memory-Holed Episode of ‘The Simpsons’ — the One With Michael Jackson 

Small bit of follow-up regarding yesterday’s item about Disney+ blocking an episode of The Simpsons in Hong Kong because it contained a joke about Tiananmen Square. The article I linked to at The Wrap claimed “Disney+ users in the U.S. may be able to stream every episode of ‘The Simpsons’ ever made,” but that’s not true. Here’s Isaac Butler, writing for Slate two years ago:

One unexpected fallout from our cultural reckoning with the life and work of Michael Jackson is the erasure of a Simpsons episode. “Stark Raving Dad,” the premiere of the show’s third season, tells the story of Homer being committed to an insane asylum, where he meets a patient named Leon Kompowsky, who claims to be Michael Jackson. Homer, not knowing who Michael Jackson is, believes him. Antics ensue. The central joke is that Leon is actually voiced by Michael Jackson, a joke extended further by his use of a pseudonym in the end credits. Following the renewed allegations of child sexual abuse against Jackson, executive producer James L. Brooks announced last week that The Simpsons will no longer include the episode in syndication packages, streaming, or even future DVD releases of the show. It’s gone. But don’t call it a book burning, he cautions. “This is our book,” he told the Wall Street Journal, “and we’re allowed to take out a chapter.” [...]

“Stark Raving Dad” is not the golden age’s best episode, but it is the shot across the bow. In its absurd plotting and metatextual japery, its alchemical mixture of cynicism and heartwarming sentiment — to say nothing of the way it reckons with its guest celebrity’s public image — it establishes the formula that the show was to follow for years. The episode belongs in a museum — preserved forever, not swept into the memory hole.

There was also a years-long stretch after 9/11 where the season premiere of season 9 — “The City of New York vs. Homer Simpson” — was held from syndication because a segment takes place at the World Trade Center. It’s been back in syndication and streaming since 2006, though. They should do the same with “Stark Raving Dad”.

Ex-Google Employees Sue Company, Saying It Betrayed ‘Don’t Be Evil’ Motto 

Bobby Allyn, reporting for NPR:

Three former Google employees have sued the company, alleging that Google’s motto “Don’t be evil” amounts to a contractual obligation that the tech giant has violated. At the time the company hired the three software engineers, Rebecca Rivers, Sophie Waldman and Paul Duke, they signed conduct rules that included a “Don’t be evil” provision, according to the suit.

The trio say they thought they were behaving in accordance with that principle when they organized Google employees against controversial projects, such as work for U.S. Customs and Border Protection during the Trump administration. The workers circulated a petition calling on Google to publicly commit to not working with CBP.

This feels like a publicity stunt, not the grounds for a serious lawsuit.

Also, Steve Jobs in an Apple Town Hall meeting back in January 2010: “Don’t be evil is a load of crap.

‘How This All Happened’ 

Morgan Housel, writing at Collaborative Fund:

This is a short story about what happened to the U.S. economy since the end of World War II.

That’s a lot to unpack in 5,000 words, but the short story of what happened over the last 73 years is simple: Things were very uncertain, then they were very good, then pretty bad, then really good, then really bad, and now here we are. And there is, I think, a narrative that links all those events together. Not a detailed account. But a story of how the details fit together.

I enjoyed this essay tremendously. This line, in particular, has stuck with me for the last week: “Expectations always move slower than facts.”

Could COVID Lead to Progress? 

Steven Johnson, writing for The New York Times Magazine:

What about the more subtle psychological legacy of Covid? How will it change the way we perceive the world — and its risks — when the pandemic finally subsides? I have a memory from May of this year, taking my 17-year-old son to the Javits Center in Manhattan for his first vaccine, followed by a shopping trip to pick out a tie for his (masked, outdoor) senior prom. At some point waiting in line, I made a halfhearted joke about how we were embarking on the classic father-son ritual of heading out to the mass vaccination site to protect him from the plague. I meant it ironically, but the truth is that for my son’s generation, proms and plagues will be part of the rituals of growing up.

There’s no question in my mind that growing up, right now, is going to lead more kids to focus their careers on science and medicine. The worst thing that happened in early 2020 was a sort of worldwide collective denial. A sort of “OK, fine, there’s a bad virus going around Asia, we’ve heard this story before — it’s not going to be a major issue here” mindset. I certainly thought like that. It’s human nature. The fact that we hadn’t had a major worldwide pandemic in a century led us to believe — not so much through reason, but more through gut feeling — that we couldn’t have one. Not like this.

Today’s youth will never grow up feeling like that. For them, the next pandemic will always loom on the horizon.

Disney+ Scrubs ‘The Simpsons’ Episode With Tiananmen Square Joke From Hong Kong Service 

Andi Ortiz, writing for The Wrap:

Disney+ users in the U.S. may be able to stream every episode of “The Simpsons” ever made, but apparently, that’s not the case in China. With the platform’s launch in Hong Kong, users have discovered that one episode in particular has been scrubbed from the streamer — the one that mocks Tiananmen Square.

According to users, season 16 of the show offers episode 11 and then 13, but skips episode 12 altogether. The episode — first broadcast in 2005 and titled “Goo Goo Gai Pan” — follows the Simpson family on a trip to China, where they visit Tiananmen Square. While there, they spot a placard that reads: “On this site, in 1989, nothing happened.”

Profiles in courage.

Update: The other memory-holed episode of The Simpsons.

Square Changes Corporate Name to Block 


Square is renaming itself Block as it focuses on technologies like blockchain and expands beyond its original credit card reader business.

Jack Dorsey’s payments giant said in an announcement the new name, effective Dec. 10, “acknowledges the company’s growth” and “creates room for further growth.” Block will still trade under the ticker SQ on the New York Stock Exchange.

Square was a perfectly fine name, and “Block” feels overly trendy. But, whatever. I do like the logo animation on the new Block website — a dot-xyz domain, not a dot-com.

Sal Piacente, Casino Cheating Expert, Reviews Card Counting and Casino Scams From Movies 

Now I’ve got a list of movies to watch (or re-watch).

W.T.A. Suspends Tournaments in China Over Missing Tennis Star Peng Shuai 

Matthew Futterman, reporting for The New York Times:

“While we now know where Peng is, I have serious doubts that she is free, safe and not subject to censorship, coercion and intimidation,” Simon said in a statement released Wednesday afternoon.

“I very much regret it has come to this point. The tennis communities in China and Hong Kong are full of great people with whom we have worked for many years. They should be proud of their achievements, hospitality and success. However, unless China takes the steps we have asked for, we cannot put our players and staff at risk by holding events in China. China’s leaders have left the WTA with no choice.”

The WTA continues to impress.

Alexis Gay: ‘When You Love the Em-Dash’ 

One solid minute on the em-dash. Perfect.

The Talk Show: ‘Headline Goes Here’ 

Special guest Jim Dalrymple returns to the show to discuss the past and future of Apple-centric reporting.

Sponsored by:

  • Squarespace: Make your next move. Use code talkshow for 10% off your first order.
  • Mack Weldon: Radically-efficient wardrobing.
  • Earnest: Freedom of choice meets student loans.
David Pogue: ‘Stephen Sondheim, the Teacher’ 

David Pogue, writing for CBS News:

Stephen Sondheim may have been best known as one of the greatest composer/lyricists the theater has ever known. But he often said that he would have loved to have been a teacher — and he was an extraordinarily generous one to generations of young composers.

I was one of them. I came to New York right after college, full of ambition to write Broadway musicals. Somehow I met Sondheim, and for many years, he’d give me feedback on my songs, and I gave him computer lessons.

First of all, he always said, content dictates form. In other words, the kind of music you’re writing should depend on the character and the dramatic situation.

Facebook Ordered to Sell Giphy by U.K. Regulator 

Jon Porter, reporting for The Verge:

The UK’s competition regulator has officially ruled that Facebook parent company Meta’s acquisition of Giphy should be unwound, a year and a half after the social media giant first said it was acquiring the popular GIF-making and sharing website. In a press release, the Competition and Markets Authority (CMA) said that it had come to the decision after its investigation found an acquisition could harm competition between social media platforms, and that its concerns “can only be addressed by Facebook selling Giphy in its entirety to an approved buyer.”

The CMA said the acquisition could be used to deny or limit other platforms’ access to Giphy GIFs and drive more traffic to Facebook, WhatsApp, and Instagram. It also raised concerns that it could be used to require other platforms to provide more data to access the GIFs. Finally, the CMA also believes that Giphy’s advertising services could have competed with Meta’s, but that these were shuttered as a result of the merger.

Can you imagine Facebook trying to buy Instagram or WhatsApp now? I mean if even the Giphy acquisition is now considered problematic — Giphy! — imagine something bigger.

Jack Dorsey Steps Down as Twitter CEO; Will Be Replaced by CTO Parag Agrawal 

Jessica Bursztynsky, reporting for CNBC:

Twitter CEO Jack Dorsey is stepping down as chief of the social media company, effective immediately. Parag Agrawal, the company’s chief technology officer, will take over the helm, the company said Monday.


My thanks to Retool for sponsoring last week at DF. Retool is a new approach to programming for the modern web: they’ve unified the ease of visual programming with the power and flexibility of real code. Drag and drop a form together, and have it POST back to your API in minutes. Deploy instantly with access controls and audit logs. It’s akin to a HyperCard or Visual Basic for the modern web.

Allbirds uses Retool to measure billboard efficacy. Amazon uses Retool to handle GDPR requests. You, too, can use it to build business-critical applications fast.

Check out their demo video to see how easy it is to build something serious and useful — quickly and intuitively. It’s easy to explore on your own and they have good docs and guided videos. Start building for free today.

Vinegar — Safari Extension That Replaces YouTube Embeds With Simple HTML 5 Video Tags 

Zhenyi Tan:

YouTube5 was a Safari extension back when Flash was still a thing and hated by everyone. It replaced the YouTube player (written in Flash) with an HTML <video> tag.

And now the YouTube player situation has gotten bad enough that we need another extension to fix it. That’s where Vinegar comes in. Vinegar also replaces the YouTube player (written in who-knows-what) with a minimal HTML <video> tag.

I’ve been using Vinegar for over a week now, across all my devices — iPhone, iPad, Mac — and I’m already at the place where I don’t know what I’d do without it. Crackerjack good work. $2 on the App Store. Just buy it, trust me.

Jason Snell’s 2021 E-Reader Roundup: Kobo Sage, Kobo Libra 2, and Kindle Paperwhite 

I’ve got a Paperwhite that’s now a few years old. I really don’t use it much, because for whatever reason, I prefer paper books. But Jason Snell is a voracious reader of books on e-readers, and, of course, he has impeccable taste in hardware and software. If you’re looking to buy someone an e-reader this holiday season, or to ask someone to get one for you, I’d read Snell’s review of these three.

The Talk Show: The Scotland Board of Tourism 

For your holiday listening enjoyment: Special guest David Smith returns to the show to talk about Apple Watch Series 7 and the state of WatchOS, Apple suing NSO Group, and more.

Brought to you by these fine sponsors:

  • Hover: Find a domain name for your passion. Get 10% off your first purchase.
  • Hullo Pillow: Your favorite pillow, guaranteed.
  • Memberful: Monetize your passion with membership. Start your free trial today.

Tim Sweeney Says the Quiet Part Out Loud

Vlad Savov and Sohee Kim, reporting last week for Bloomberg, “Apple, Google Monopoly Over Apps Must Be Stopped, Epic Games CEO Says”:1

Epic Games Inc. Chief Executive Officer Tim Sweeney renewed his attack on Apple Inc. and Alphabet Inc.’s Google as the world’s dominant mobile duopoly before calling for a universal app store that works across all operating systems as the solution.

“What the world really needs now is a single store that works with all platforms,” Sweeney said in an interview in Seoul on Tuesday.

First, a note to Bloomberg editors: two companies can’t possess a monopoly. The word you’re looking for is duopoly — or, (very) arguably, monopolies, plural. Second: the solution to an ostensibly problematic duopoly is ... a single universal store? And we’re supposed to take this without laughing?

And, gee, I wonder which company Tim Sweeney thinks should own and run this store?

“Right now software ownership is fragmented between the iOS App Store, the Android Google Play marketplace, different stores on Xbox, PlayStation, and Nintendo Switch, and then Microsoft Store and the Mac App Store.” Epic is working with developers and service providers to create a system that would allow users “to buy software in one place, knowing that they’d have it on all devices and all platforms.”

I’ve been arguing all along that, if victorious in their lawsuits against Apple and Google’s mobile app console platforms, Epic would surely turn its sights on Nintendo, Sony, and Microsoft’s game console platforms, using their win over Apple and Google as precedent. When pressed on this — why Epic was going after the iOS and Android app stores, but not the Switch, PlayStation, and Xbox game stores (and in fact, gave those game console stores a 20 percent discount after launching their seemingly ill-fated jihad against Apple and Google) — Sweeney has previously given a hand-wavy justification about game console platforms being acceptable because the hardware itself isn’t profitable.

That reeked of bullshit from the get-go. Now he’s made it clear. Epic got their clocks cleaned in their lawsuit against Apple, and now Sweeney’s having a tantrum and letting it all hang out. If I were on the PlayStation, Xbox, or Nintendo Switch store teams, I wouldn’t trust Epic as far as I could throw them. 

  1. Bloomberg, of course, remains the outfit that shit its journalistic pants with The Big Hack — a blockbuster report that no one, including Bloomberg, has ever produced a single shred of evidence to back up — yet not only never retracted but in fact still “stands behind” it even though it’s rather clear they hope everyone just forgets about it. So take anything they publish with a Big Hack-sized grain of salt. Why even link to Bloomberg at all, you might ask? Because Bloomberg is an essential news organization. They often have scoops and original reporting no one else does. If they report something that is also reported elsewhere, I link elsewhere. But when they break news — as they did here — they deserve the link. I won’t let go of this Big Hack fiasco because Bloomberg is too good an institution to leave such an egregious and high-profile mistake uncorrected. ↩︎

Wirecutter Union Is Striking 

Wirecutter Union:

During two years of bargaining, The New York Times company has slow-walked contract negotiations with unfair labor practices and insignificant wage offers that severely underpay our staff. We, members of the Wirecutter Union, are fed up. To win the fair contract we deserve, we’re prepared to walk out during the Black Friday shopping week.

Wirecutter continues to bring in record revenue for the Times, which is sitting on over $1 billion in cash. Yet our members have seen next to no financial benefit from their vital contributions to this success. Times management has offered paltry guaranteed wage increases of only 0.5%, despite soaring inflation and cash flows.

Choire Sicha, writing at New York Magazine, has the headline of the day, “Here’s the Best Strike for Most People”:

Many Wirecutter staff realized early on that their Times colleagues weren’t as excited about their arrival, even as the then-CEO extolled at sale time that Wirecutter “embodies the same standards and values that are the pillars of our own newsroom.” But Wirecutter was always treated as a second-class citizen, isolated in its own Slack, its own offices, and its own reporting structure under Perpich. It never joined the newsroom, and its work was openly sneered at by some longtime staffers. Many Times staffers don’t believe their work is journalism at all. The pay scale, as well, is substantially different from Times salaries. Even Times fellows, which are yearlong full-time jobs in the newsroom designed to train emerging journalists, receive a significantly higher salary than the starting rate for Wirecutter writers.

The Times will take the money Wirecutter generates — remember, they now charge a subscription fee, on top of their original (and successful) monetization strategy of earning revenue through affiliate links for recommended products — but they do not treat Wirecutter staff as peers.

Fuck ’em, I say. Stay away from Wirecutter this weekend, and tell everyone in your family tomorrow to do the same. There are a zillion other places to find links to Black Friday deals.

MacOS 12 Monterey’s Network Quality Tool 

Dan Petrov:

It seems that Apple has quietly added a new tool in macOS Monterey for measuring your device’s Internet connectivity quality. You can simply call the executable networkQuality, which executes the following tests:

  • Upload/download capacity (your Tx/Rx bandwidth essentially)
  • Upload/download flows, this seems to be the number of test packets used for the responsiveness tests
  • Upload/download responsiveness measured in Roundtrips Per Minute (RPM), which according to Apple, is the number of sequential round-trips, or transactions, a network can do in one minute under normal working conditions

The capacity is roughly the same metric you could expect from tools like from Netflix, or OOkla’s Speedtest.

Neato. Just type networkQuality in Terminal.

E.U. Regulators Are at It Again 

Björn Finke, reporting for Süddeutsche Zeitung (original in German; I’m quoting here from Safari 15’s translation to English):

For example, these powerful companies must no longer prefer their own services in search results, as Google did in the 2.4 billion case. You may also not collect business data from independent merchants on the platform and use it for your own offers, as Amazon is accused of. And they must allow mobile phone users to install other app stores and thus get more choice in mobile phone programs. This will hurt Apple a lot. In the event of violations, the Commission can intervene directly in the future without having to prove market power and harmful consequences in long investigations.

Misguided, to say the least.

Parliament expanded the list of platforms to be viewed and includes, for example, Internet-enabled TVs or voice assistants such as Alexa. On the other hand, MEPs increased the thresholds for sales to eight billion euros and the market value to 80 billion euros. This means that only should be able to fall under the law from Europe for the foreseeable future. MEP Schwab argues that it is better for the Commission to focus on the really large companies in the implementation and control of the legal act. Critics warn, however, that the US government could consider it an unfriendly act if the groundbreaking law hits almost only American companies.

European regulations that are targeted, almost exclusively, at U.S. companies. You think that might be perceived here as “unfriendly”? You don’t say.

Another important addition to the Commission draft is that Parliament wants to force gatekeepers to allow exchanges between rival messenger services and social media. Then, for example, a user could send a message from WhatsApp to the competitor Signal — this opening should also stimulate competition.

This nugget is under a sub-head that was translated to “Send a message from WhatsApp to Signal? No problem”. No problem at all. Probably will only take a few lines of code to get all the world’s messaging systems — including those using end-to-end encryption like Signal and WhatsApp (and iMessage) — talking to each other.

They should do another draft that mandates the invention of personal jet packs and flying cars, too.

600 Google Employees Sign Manifesto Opposing Company’s Vaccine Mandate 

Jeffifer Elias, reporting for CNBC:

The manifesto within Google, which has been signed by at least 600 Google employees, asks company leaders to retract the vaccine mandate and create a new one that is “inclusive of all Googlers,” arguing leadership’s decision will have outsize influence in corporate America. It also calls on employees to “oppose the mandate as a matter of principle” and tells employees to not let the policy alter their decision if they’ve already chosen not to get the Covid vaccine.

Casey Newton:

Wow, they made a list of the dumbest people at Google.

Don’t let the door hit you on the way out. And, to be clear, Google has somewhere north of 140,000 employees.

(I sure would like to read the actual “manifesto”, but I can’t find it.)

The Apple v. NSO Group Complaint (PDF) 

The opening paragraph:

Defendants are notorious hackers — amoral 21st century mercenaries who have created highly sophisticated cyber-surveillance machinery that invites routine and flagrant abuse. They design, develop, sell, deliver, deploy, operate, and maintain offensive and destructive malware and spyware products and services that have been used to target, attack, and harm Apple users, Apple products, and Apple. For their own commercial gain, they enable their customers to abuse those products and services to target individuals including government officials, journalists, businesspeople, activists, academics, and even U.S. citizens.

It gets more strident from there.

I genuinely wonder what Apple’s goals are with this suit. Is it just to bring NSO Group’s activities to light? If this goes to trial, the testimony should really be something to see. How much in damages will Apple seek at trial? Enough to bankrupt NSO Group? (Don’t forget Facebook has an ongoing lawsuit against NSO Group for having exploited a bug in WhatsApp to install malware on targets.)

Apple’s Own Announcement of Their Lawsuit Against NSO Group 

Apple Newsroom:

Apple’s legal complaint provides new information on NSO Group’s FORCEDENTRY, an exploit for a now-patched vulnerability previously used to break into a victim’s Apple device and install the latest version of NSO Group’s spyware product, Pegasus. The exploit was originally identified by the Citizen Lab, a research group at the University of Toronto. [...]

NSO Group and its clients devote the immense resources and capabilities of nation-states to conduct highly targeted cyberattacks, allowing them to access the microphone, camera, and other sensitive data on Apple and Android devices. To deliver FORCEDENTRY to Apple devices, attackers created Apple IDs to send malicious data to a victim’s device — allowing NSO Group or its clients to deliver and install Pegasus spyware without a victim’s knowledge. Though misused to deliver FORCEDENTRY, Apple servers were not hacked or compromised in the attacks.

A couple of things are interesting about this. First, Apple repeatedly refers to the “FORCEDENTRY” exploit by name. This is not PR bullshit — they’re talking about a very specific exploit. Second, they refer to Android as their compatriot, not their competitor. There’s a time and place for Apple to brag about iOS being more secure than Android, but this isn’t it. The message here: “This isn’t just about us, NSO Group is after everyone.”

Lastly, the phrase “the immense resources and capabilities of nation-states”. This is Apple hammering home the fact that deliberate backdoors would be exploited. They’re up against countries with, effectively, infinite money and resources to find and exploit accidental vulnerabilities. If there were deliberate backdoors, the game would be over before it started.

Apple commends groups like the Citizen Lab and Amnesty Tech for their groundbreaking work to identify cybersurveillance abuses and help protect victims. To further strengthen efforts like these, Apple will be contributing $10 million, as well as any damages from the lawsuit, to organizations pursuing cybersurveillance research and advocacy.

The New York Times story on this mentioned that Apple would be donating any damages from the lawsuit, if they win. It’s a nice touch that they’re donating $10 million no matter what happens in court. Citizen Lab and Amnesty Tech did crackerjack work exposing this exploit.

Apple is notifying the small number of users that it discovered may have been targeted by FORCEDENTRY. Any time Apple discovers activity consistent with a state-sponsored spyware attack, Apple will notify the affected users in accordance with industry best practices.


Apple Sues NSO Group 

Nicole Perlroth, reporting for The New York Times:

Apple is also asking for unspecified damages for the time and cost to deal with what the company argues is NSO’s abuse of its products. Apple said it would donate the proceeds from those damages to organizations that expose spyware. [...]

The sample of Pegasus gave Apple a forensic understanding of how Pegasus worked. The company found that NSO’s engineers had created more than 100 fake Apple IDs to carry out their attacks. In the process of creating those accounts, NSO’s engineers would have had to agree to Apple’s iCloud Terms and Conditions, which expressly require that iCloud users’ engagement with Apple “be governed by the laws of the state of California.” The clause helped Apple bring its lawsuit against NSO in the Northern District of California.

Shades of nailing Al Capone for tax evasion.

Apple executives described the lawsuit as a warning shot to NSO and other spyware makers. “This is Apple saying: If you do this, if you weaponize our software against innocent users, researchers, dissidents, activists or journalists, Apple will give you no quarter,” Ivan Krstic, head of Apple security engineering and architecture, said in an interview on Monday.

That is not — at all — how leaders at Apple usually speak in the press. Apple is not a hard or tricky company to read. They are furious about NSO Group.

Fairphone 4: A ‘Sustainable, Repairable, and Ethical’ Android Phone 

Jerry Hildenbrand, writing for Android Central:

The phone comes with a full five-year warranty that covers anything that you didn’t cause. For those things that you did cause, let’s say you dropped it and broke the display, you can likely easily fix it yourself using inexpensive spare parts that Fairphone sells itself.

The same way Fairphone is attempting to shake up the phone industry, it’s also trying to change the way we think about having our phones repaired. What keeps your Samsung phone from being easy to fix is how it is built and the materials used to make it. Things like glued-in displays or sealed cases aren’t an issue with the Fairphone 4. You can pull out most internal assemblies and then replace them with new components using only a small Philips head screwdriver.

Another side effect of this is having a battery that can be swapped at any time by removing the 100% recycled plastic backplate. This used to be normal for Android phones, but I can’t think of a single mainstream device with a user-swappable battery in 2021. Of course, you can still charge the battery quickly using a USB C P.D. charger, but knowing that you can carry a spare “just in case” is great.

Sounds great, right? But, among other caveats (e.g. a somewhat crummy camera given the €579/~$650 price):

One last issue is that the Fairphone 4 is “only” IP54 rated. This means the Fairphone 4 is “protected against dust ingress sufficient to prevent the product from operating normally, but it’s not dust-tight. The product is fully protected against solid objects and splashing of water from any angle”.

You can use the Fairphone 4 in the rain, but you can’t take it into the pool. Once you realize that the back of the phone pops right off and the fact that gaskets and other waterproofing measures would add to the cost considerably, you understand why.

iPhones have been dust- and water-proof since the iPhone 7 in 2016. (The iPhone 7 was rated IP67 — the 6 means dust-tight (the highest IP rating for particles), and the 7 means waterproof for temporary immersion. More recent iPhones are rated IP68, where the 8 stands for “full immersion” (Apple says up to 6 meters depth for 30 minutes). Samsung’s S21 is rated IP68 (but only to a depth of 1.5 meters for 30 minutes), and Google’s Pixel 6 phones are rated IP68 as well, albeit with a disclaimer that reads, in part, “Water resistance isn’t a permanent condition, and diminishes or is lost over time due to normal wear and tear, device repair, disassembly or damage”).

Is it possible that Fairphone — or someone else manufacturing a phone with Fairphone’s ease-of-repairability ideals — will eventually achieve IP68 levels of ingress protection? Of course. It’s also certainly the case that some people, like Hildenbrand, value repairability and battery-swapping more than they value dust and water resistance.

But not most people.

Mux Video 

My thanks to Mux for once again sponsoring DF. Mux is the developer video platform. Use their Video API to build video streaming into your application and make it play beautifully at scale on any device. A Mux stream is just one GET request away from magical-feeling features like automatic thumbnails, animated GIFs, and data-driven encoding decisions. Looking for more insight into your video performance? They’ve got that covered too with data: which viewers are seeing errors or re-buffering, which player or CDN is performing better, and whether or not you should use Mux (trick question, yes).

Steve Wozniak’s Startup Privateer Plans to Launch Hundreds of Satellites to Study Space Debris 

Mike Wall, writing for

Apple co-founder Steve Wozniak’s startup Privateer aims to help humanity get the goods on space junk before it’s too late. The Hawaii-based company, whose existence Wozniak and co-founder Alex Fielding announced in September, wants to characterize the ever-expanding space debris population like never before. Privateer will do this by incorporating a variety of data, including crowdsourced information and observations made by its own sizable satellite fleet.

“I think we’re looking at several hundred satellites,” Privateer Chief Scientific Adviser Moriba Jah told “We won’t launch all several hundred at once; we’ll just slowly build it up.”

Leave it to Woz to fund a startup to do something useful in space, rather than just shoot himself into low orbit for a few minutes. We need to put something like satellite Roombas up there to clean this debris up.

One Last Update on Apple’s New Self Service Repair Program (I Hope) 

From an update I just appended to yesterday’s follow-up:

I’m back to my original opinion, that the Self Service Repair Program is just what it says on the tin — a program for people who really do want to repair their own devices — and thus is irrelevant to all but a small sliver of actual users.

Twitter No Longer Sends Users to AMP Pages 

Henry Powderly, reporting for Search Engine Land:

With social media referrals to AMP pages cut down by the change, the reasons for supporting AMP are getting fewer.

For some of us, the reasons were obvious all along. It never made sense to me why any publishers supported AMP in the first place.

It took four years, but support for AMP is suddenly collapsing. Good riddance.

Dave Mark on the Repairability of Apple’s Devices 

Dave Mark, writing at The Loop:

Not sure how big the audience for right-to-repair is, but I do count myself in its number. And if it was easier to do, I suspect that number would be much larger. Imagine if repairing a cracked display was a simple, five minute operation. Wouldn’t you rather order the new display and make the swap yourself?

It used to be relatively easy to customize and repair your gear. As parts have given way to part assemblies (glued/soldered assemblies that become a single replaceable requirement, even if a single part fails) and the quest for smaller makes devices harder to open, harder to take apart, the ability to repair your own gear has become harder, almost impossible.

So those small numbers John points out are real. But should this be the way it is? Again, wouldn’t you love the ability to swap out a display as easily as you used to be able to swap out RAM on your old Macs?

Ideally, many people would still like to be able to swap out RAM on today’s Macs as easily as we could on old Macs. Same thing for SSD storage. Adding RAM and storage, years after purchase, was a great way to significantly extend the practical lifetime of Macs. A while back (15 years ago?) I replaced the spinning hard drive in a 15-inch PowerBook with an SSD, and it was like buying a brand-new much faster machine.

But: times change. Apple hasn’t moved away from user replaceable memory and storage components out of spite. Integrating memory and storage into the chips themselves is the reason why devices have gotten thinner and lighter and much, much faster. The incredible performance of Apple silicon — for both iOS devices and Macs — is part and parcel with integrating memory and storage directly onto the SoCs.

And in terms of replacing screens on iPhones, consider waterproofing and device aesthetics. To my knowledge, no company makes a mainstream smartphone with an easily-replaced display, because a smartphone with an easily replaced screen wouldn’t sell because of all the design trade-offs that would be involved.

Peng Shuai: U.N. Calls for Proof of Chinese Tennis Star’s Whereabouts; W.T.A. Chairman Willing to Pull Out of China 


Peng, who is one of China’s most recognizable sports stars, has not been seen in public since she accused former Vice Premier Zhang Gaoli of coercing her into sex at his home, according to screenshots of a since-deleted social media post dated November 2.

“What we would say is that it would be important to have proof of her whereabouts and wellbeing, and we would urge that there be an investigation with full transparency into her allegations of sexual assault,” Liz Throssell, the spokesperson of the UN Human Rights office, told reporters in Geneva on Friday. [...]

The head of the Women’s Tennis Association (WTA) Steve Simon has said he is willing to lose hundreds of millions of dollars worth of business in China if Peng is not fully accounted for and her allegations are not properly investigated.

“We’re definitely willing to pull our business and deal with all the complications that come with it,” Simon said in an interview Thursday with CNN. “Because this is certainly, this is bigger than the business,” added Simon.

Chinese state media released an email Wednesday, purportedly written by Peng and addressed to Simon, that reads as preposterously fake.

Bravo to Simon and the WTA for taking this no-bullshit fuck-the-money stance. The NBA cowardly prostrated itself to the CCP two years ago, when Daryl Morey — then GM of the Houston Rockets — tweeted “Fight for freedom, stand with Hong Kong.” (Morey is now president of my hometown 76ers.)

The International Olympics Committee will be tested next: the 2022 Winter Olympics are slated to be hosted in China, starting in February.

Apple Pushes Back Return to Office Plan to February 

Tim Cook, in a company-wide email (published by Zoe Schiffer, who has moved from The Verge to NBC News):

As of today, we are targeting February 1, 2022 to begin our hybrid work pilot in many global locations where teams have not yet returned to our corporate offices. We plan to start the pilot with a phased approach, welcoming people back to the office for one or two days a week for an initial period of four weeks. After this transitional period, we will begin the pilot in full, with eligible teams in the office three days a week, on Monday, Tuesday, and Thursday, and with flexibility to work remotely on Wednesday and Friday. You’ll receive more details about how the first four-week phase will roll out as we get closer to the return date.

As I noted when we announced our hybrid work pilot, we do have a number of teams whose work requires a greater need to work in-person, and they will come into the office four or five days a week based on the plans for these specific teams.

Read: folks who work on hardware.

At the same time, we are committed to giving you more flexibility as we move forward. In addition to the option of working remotely twice a week on Wednesday and Friday, we announced this summer that team members would be able to work remotely for up to two weeks per year with a manager’s approval. I’m pleased to share that we’re increasing the amount of time you can work remotely to a total of four weeks per year. This provides more opportunity to travel, be closer to your loved ones, or simply shake up your routines.

Sensible, measured, and adaptable to changing conditions. Apple’s years-long response to the pandemic regarding its workforce (including retail) has been utterly Cook-ian.

Xbox Chief Phil Spencer, in Leaked Memo, Says Microsoft ‘Evaluating All Aspects of Our Relationship’ With Activision 

Jason Schreier, reporting for Bloomberg:*

Microsoft Corp.’s head of Xbox said he’s “evaluating all aspects of our relationship with Activision Blizzard and making ongoing proactive adjustments,” in light of the recent revelations at the video game publisher.

In an email to staff seen by Bloomberg News, Phil Spencer said he and the gaming leadership team are “disturbed and deeply troubled by the horrific events and actions” at Activision Blizzard Inc. He referred to the Wall Street Journal story earlier this week that said Chief Executive Officer Bobby Kotick knew of sexual harassment at the company for years and that he mistreated women.

This is about as close as Microsoft could come at this point to calling for Kotick to resign. It’s like when a mafia don says something like “I’m not sure about that guy.” He can’t say what he really means but we all know what he means.

(Also, this was a company-wide memo that was meant to leak.)

* You know.

A Few Follow-Up Points on Apple’s Self Service Repair Program

Yours truly, yesterday:

This appears to be a cause for celebration in right-to-repair circles, but I don’t see it as a big deal at all. Almost no one wants to repair their own cracked iPhone display or broken MacBook keyboard; even fewer people are actually competent enough to do so.

I expected some pushback on this, and got it, and I now think I missed one key point. Despite the program’s name, I think it’s not so much about individual users repairing their own personal devices. The biggest ramification, I think, will be that the program will allow unofficial independent repair shops to procure genuine OEM Apple replacement parts and service manuals. There are tons of people around the world (including here in the U.S.) who don’t live near an Apple store or an Apple-authorized repair shop. A lot of those people, though, might live near (or at least nearer) an independent repair shop. If those repair shops can now order genuine Apple parts and manuals, that’s a win, and maybe a bigger deal than I thought yesterday.

There’s also this factor: if the device in need of repair is still usable — say, an iPhone with a cracked but functional screen, or a MacBook with one or more broken but nonessential keys — it might be a lot more appealing for a user who doesn’t live near an Apple-authorized repair shop to go to a local independent shop for same-day service than to ship their device to Apple for official service.

On the flip side, though, I think a lot of the “Apple’s repair policies are screwing people” sentiment is based on the misconception that Apple grossly overcharges for repairs. A lot of companies in a lot of industries do just that. Car dealers, for example, are notorious for overcharging for parts and routine service. I think the logic goes something like this: Big companies always screw you over for service and repairs; Apple is obscenely profitable and reaps high margins; therefore surely Apple price-gouges for repairs, or makes repairs for older devices arduous to encourage people to buy new devices instead.

But Apple isn’t really like that at all. Longtime DF reader Jim Lipsey sent me a note yesterday. His two kids each happily use an iPhone 6S Plus, but each of them needed repairs this past summer — one needed the camera replaced, the other needed a new battery. Through Apple, the camera replacement cost $59, the battery $49. $108 total, to return two six-year-old iPhones to perfect working order. As Lipsey noted, that’s a tremendous cost-of-ownership value.

Update: Friday, 19 November

Wait a minute, wait a minute. On Twitter, Jason Aten reminded me of something I shouldn’t have already forgotten (considering that I posted about it): Apple two years ago announced the Independent Repair Provider Program. From their announcement then:

Apple today announced a new repair program, offering customers additional options for the most common out-of-warranty iPhone repairs. Apple will provide more independent repair businesses — large or small — with the same genuine parts, tools, training, repair manuals and diagnostics as its Apple Authorized Service Providers (AASPs). The program is launching in the US with plans to expand to other countries.

Given this existing program, I don’t see how this week’s new Self Service Repair Program helps independent repair shops — or Apple customers who rely on those shops — at all. And the existing Independent Repair Provider Program allows shops to stock genuine parts from Apple. The new Self Repair Program requires you to submit the damaged device’s serial number to Apple first, then Apple sends the necessary parts on a need-to-use basis. I’m back to my original opinion, that the Self Service Repair Program is just what it says on the tin — a program for people who really do want to repair their own devices — and thus is irrelevant to all but a small sliver of actual users. 

Apple’s New Self Service Repair Program

Apple Newsroom:

Apple today announced Self Service Repair, which will allow customers who are comfortable with completing their own repairs access to Apple genuine parts and tools. Available first for the iPhone 12 and iPhone 13 lineups, and soon to be followed by Mac computers featuring M1 chips, Self Service Repair will be available early next year in the US and expand to additional countries throughout 2022. Customers join more than 5,000 Apple Authorized Service Providers (AASPs) and 2,800 Independent Repair Providers who have access to these parts, tools, and manuals.

The initial phase of the program will focus on the most commonly serviced modules, such as the iPhone display, battery, and camera. The ability for additional repairs will be available later next year.

“Creating greater access to Apple genuine parts gives our customers even more choice if a repair is needed,” said Jeff Williams, Apple’s chief operating officer. “In the past three years, Apple has nearly doubled the number of service locations with access to Apple genuine parts, tools, and training, and now we’re providing an option for those who wish to complete their own repairs.”

This appears to be a cause for celebration in right-to-repair circles, but I don’t see it as a big deal at all. Almost no one wants to repair their own cracked iPhone display or broken MacBook keyboard; even fewer people are actually competent enough to do so. iFixit, in a celebratory post, claims:

But we’re thrilled to see Apple admit what we’ve always known: Everyone’s enough of a genius to fix an iPhone.

Nonsense. I just don’t see how more than a sliver of people would even want to do this rather than go to a professional shop.

Also, nothing announced today changes the fact that Apple still requires Apple genuine parts for all authorized repairs, no matter who does the repairing. There’s good reason for that, and it’s not a money grab. Today’s announcement, to my eyes, is about nothing more than reducing regulatory pressure from legislators who’ve fallen for the false notion that Apple’s repair policies, to date, have been driven by profit motive — that Apple profits greatly from authorized repairs, and/or that their policies are driven by a strategy of planned obsolescence, to get people to buy new products rather than repair broken old ones. I don’t believe either of those things,1 but for those who believe either or both, I don’t see how this Self Repair Program really changes anything other than who’s performing the labor.

Brian X. Chen, hailing the announcement in his column at The New York Times:

Apple delivered an early holiday gift on Wednesday to the eco-conscious and the do-it-yourselfers: It said it would soon begin selling the parts, tools and instructions for people to do their own iPhone repairs.

The appeal to do-it-yourselfers is self-evident. I don’t see how this is eco-conscious at all. It doesn’t enable people to repair older devices that Apple itself and authorized repair shops weren’t themselves able to repair.

The company has not yet published a list of costs for parts, but said the prices for consumers would be what authorized repair shops paid. Currently, a replacement iPhone 12 screen costs an authorized shop about $234 after a broken screen is traded in. At an Apple store, repairing an out-of-warranty iPhone 12 screen costs about $280.

In short, you will have more options to mend an iPhone, which can bring your costs down.

Previously, it was easiest to visit an Apple store to get an iPhone fixed. But just as taking your car to a dealer for servicing isn’t the cheapest option, going to an Apple store also wasn’t the most cost-effective.

The alternative was to take your iPhone to a third party for repair, potentially for a more competitive price. When I took a broken iPhone XS screen to an Apple store this year, I was quoted $280 for the repair, compared with $180 from an independent outlet.

Chen is not exactly comparing like-to-like here, with his prices for a replacement iPhone XS display “from an independent outlet” and the $234 Apple charges for an iPhone 12 display component, but it seems pretty clear that for a customer to pay just $180 for the XS screen replacement, including labor, the “independent outlet” was not using Apple genuine parts. How is that relevant to this new Self Service Repair program that is based on buying genuine parts directly from Apple? What we’re looking at here is saving $46. Good luck replacing that screen yourself, without any specialized tooling.

Don’t get me wrong: this program is nice, and perhaps a bit surprising given Apple’s public stance on the issue in recent years. We’re better off with this Self Service Repair program in place than we were without it. (Making service manuals available might actually help extend the lifetime of older devices for which Apple no longer sells parts.) But to me it clearly seems to be a small deal, not a “big deal”, as Chen claims.

And if it is a big deal, it’s for Apple, politically. (Nothing wrong with that.) 

  1. While running some benchmarks for another article, today I upgraded my iPhone X from 2017 to iOS 15.1. iOS 15 doesn’t just run on that four-year-old iPhone, it runs great. No company comes close to Apple in supporting older devices for longer. ↩︎

The Future of Work in the Metaverse 

This summarizes my take.

WSJ: ‘Activision CEO Bobby Kotick Knew for Years About Sexual-Misconduct Allegations at Videogame Giant’ 

Kirsten Grind, Ben Fritz, and Sarah E. Needleman, reporting yesterday for The Wall Street Journal (emphasis added):

Dan Bunting, co-head of Activision’s Treyarch studio, was accused by a female employee of sexually harassing her in 2017 after a night of drinking, according to people familiar with the incident. Activision’s human-resources department and other supervisors launched an internal investigation in 2019 and recommended that he be fired, but Mr. Kotick intervened to keep him, these people said. Mr. Bunting, who led Treyarch through the production of several successful Call of Duty games, was given counseling and allowed to remain at the company, these people said.

Mr. Bunting didn’t respond to requests for comment. The Activision spokeswoman said an outside investigation was conducted in 2020. “After considering potential actions in light of that investigation, the company elected not to terminate Mr. Bunting, but instead to impose other disciplinary measures,” she said. Mr. Bunting left the company after the Journal asked about the incident.

The article’s lede makes the situation at Activision sound pretty bad, but much of the next page or so is about stuff that was already known by Activision’s board. Then we get to the above quoted passage. HR recommended firing Bunting two years ago; when the Journal inquired about the incident now, Bunting quit the company. That he remained at the company between 2019 and now is all on Kotick. If it’s defensible, why quit now?

Chris Plante, editor-in-chief and co-founder of Polygon, today: “Bobby Kotick Must Resign”.

This is not the sort of thing Polygon normally does.