By John Gruber

• Archive
• The Talk Show
• Dithering
• Projects
• Contact
• Colophon
• Feeds / Social
• Sponsorship

Linked List: September 21, 2015

Monday, 21 September 2015

Capturing Baseball With an iPhone 6S Plus ★

Photographer Brad Mangin shot a Diamondbacks-Giants series in San Francisco for Sports Illustrated last week with the new iPhone 6S Plus. Some great shots — my favorite is #3.

Update: In a small dose of irony, I had to disable content-blocking (long press the reload button in Mobile Safari’s location field) to get SI’s image gallery dingus to work. Here’s Ghostery’s report card.

The Deck’s Privacy Policy ★

The Deck’s new privacy policy is clear:

As a network we have never issued cookies or tracked readers in any way. The only data we collect is gross impressions: the total number of times an ad has been served during a month. We have never known, or have had any way to know, who was served what ad. Basically, aside from our surveys, all we know is what we can learn from our server logs.

We have never allowed third-party ad serving via iFrames or Javascript. In years past however, we did allow for simple “standard” third-party ad serving. We discontinued that policy in 2014. As that technology became increasingly sophisticated, we felt we could not adequately police those situations. Nor do we have any desire to do so.

On rare occasions, we have allowed specific advertisers to use a simple 1×1 tracking pixel for limited periods of time. Given the current environment, we’re not going to be doing that any more. We have never allowed the injection of scripts, page takeovers, interstitial splash pages or any of the other tomfoolery that so frustrates readers.

It sounds odd to say that a privacy policy makes for a good read, but this one does. I highly encourage you to read it. This is why I’m proud to serve ads from The Deck here on Daring Fireball.

Former GM Vice Chairman: Apple Car a ‘Gigantic Money Pit’ ★

CNBC:

Former GM Vice Chairman Bob Lutz discusses why Apple shareholders shouldn’t be excited about the company’s development of an electric car.

His argument: no one has “made a nickel” to date selling electric cars, and Apple has no experience in the car business. In other words, it’s the auto industry version of “PC guys are not going to just figure this out. They’re not going to just walk in.”

Rene Ritchie’s WatchOS 2 Review ★

Want to know everything new in WatchOS 2? Rene Ritchie has you covered.

(Everything seems like an improvement to me, with one exception: the Activity complication on the Utility clock face (by far my favorite and most-used face) is no longer monochromatic — it shows your activity rings in color. All the other faces still show the Activity complication in monochrome. That small dose of colorfulness feels out of place on what is otherwise, to my eyes, Apple Watch’s most elegant face. Maybe this could be a setting?)

Apple Releases WatchOS 2.0 ★

Romain Dillet, writing for TechCrunch:

Here’s how you can update to watchOS 2. Open the Watch app on your iPhone, go to “General” then “Software Update.” Apple should then prompt you to update.

There’s no reason why you shouldn’t update to watchOS 2. In many ways, it feels like the Apple Watch was in beta, and watchOS 2 is the final version of Apple’s vision. Things load faster, developers are going to take advantage of the new features and everything is more reliable.

WSJ: Apple Car Now a ‘Committed Project’ ★

Daisuke Wakabayashi, reporting for the WSJ:

Apple Inc. is accelerating efforts to build an electric car, designating it internally as a “committed project” and setting a target ship date for 2019, according to people familiar with the matter.

The go-ahead came after the company spent more than a year investigating the feasibility of an Apple-branded car, including meetings with two groups of government officials in California. Leaders of the project, code-named Titan, have been given permission to triple the 600-person team, the people familiar with the matter said.

Apple has hired experts in driverless cars, but the people familiar with Apple’s plans said the Cupertino, Calif., company doesn’t currently plan to make its first electric vehicle fully autonomous. That capability is part of the product’s long-term plans, the people familiar with the matter said.

Apple Car Sport: $25,000.

Apple Car: $40-60,000.

Apple Car Edition: $250,000.

Apple Removes Over 50 Malware-Infected Apps From iOS App Store ★

Reuters:

The company disclosed the effort after several cyber security firms reported finding a malicious program dubbed XcodeGhost that was embedded in hundreds of legitimate apps.

It is the first reported case of large numbers of malicious software programs making their way past Apple’s stringent app review process. Prior to this attack, a total of just five malicious apps had ever been found in the App Store, according to cyber security firm Palo Alto Networks Inc.

The hackers embedded the malicious code in these apps by convincing developers of legitimate software to use a tainted, counterfeit version of Apple’s software for creating iOS and Mac apps, which is known as Xcode, Apple said.

This is a fiendishly clever assault. They didn’t attack the App Store itself, instead, they created a hacked version of Xcode that seems to work as expected but inserts the malware payload into the apps it compiles. Why in the world would developers download Xcode from a source other than Apple? Because China’s internet speeds are so slow (and Xcode is a multi-gigabyte download).

Zerodium Million Dollar iOS 9 Bug Bounty ★

Zerodium:

Apple iOS, like all operating system, is often affected by critical security vulnerabilities, however due to the increasing number of security improvements and the effectiveness of exploit mitigations in place, Apple’s iOS is currently the most secure mobile OS. But don’t be fooled, secure does not mean unbreakable, it just means that iOS has currently the highest cost and complexity of vulnerability exploitation and here’s where the Million Dollar iOS 9 Bug Bounty comes into play.

The Million Dollar iOS 9 Bug Bounty is tailored for experienced security researchers, reverse engineers, and jailbreak developers, and is an offer made by Zerodium to pay out a total of three million U.S. dollars ($3,000,000.00) in rewards for iOS exploits/jailbreaks.

Zerodium will pay out one million U.S. dollars ($1,000,000.00) to each individual or team who creates and submits to Zerodium an exclusive, browser-based, and untethered jailbreak for the latest Apple iOS 9 operating system and devices.

It says a lot about just how secure iOS is that these exploits are worth a million dollars. But I get the feeling that if any of these are cashed in, we’re not going to hear about them.

A Concise Summation of the Ad Block War ★

Kontra nails it.

Pope Francis Visit to New York and Philadelphia Will Delay iPhone 6S Deliveries ★

Joe Rossignol, writing for MacRumors:

UPS, a courier service that frequently delivers Apple pre-orders, has posted a temporary service notice on its website that states no pickups and deliveries will be available in the following ZIP code areas of NYC and Philadelphia between Thursday, September 24 and Saturday, September 26 due to security measures.

My wife figured this out right after we ordered our phones last week. I’m guessing we’ll get them next Monday. I’m not sure what would have happened if we’d ordered them for in-store pickup. So much of the city is getting shut down, I’m not sure the Apple Store will be able to get deliveries.

Seth Godin on Ad Blocking ★

Seth Godin:

And advertisers have had fifteen years to show self restraint. They’ve had the chance to not secretly track people, set cookies for their own benefit, insert popunders and popovers and poparounds, and mostly, deliver us ads we actually want to see.

Alas, it was probably too much to ask. And so, in the face of a relentless race to the bottom, users are taking control, using a sledgehammer to block them all. It’s not easy to develop a white list, not easy to create an ad blocker that is smart enough to merely block the selfish and annoying ads. And so, just as the default for some advertisers is, “if it’s not against the law and it’s cheap, do it,” the new generation of ad blockers is starting from the place of, “delete all.”