Linked List: June 15, 2016

Wednesday, 15 June 2016

Matthew Green:

As an academic researcher and a security professional, I have mixed feelings about Apple’s announcement. On the one hand, as a researcher I understand how exciting it is to see research technology actually deployed in the field. And Apple has a very big field.

On the flip side, as security professionals it’s our job to be skeptical — to at a minimum demand people release their security-critical code (as Google did with RAPPOR), or at least to be straightforward about what it is they’re deploying. If Apple is going to collect significant amounts of new data from the devices that we depend on so much, we should really make sure they’re doing it right — rather than cheering them for Using Such Cool Ideas. (I made this mistake already once, and I still feel dumb about it.)

But maybe this is all too “inside baseball”. At the end of the day, it sure looks like Apple is honestly trying to do something to improve user privacy, and given the alternatives, maybe that’s more important than anything else.

The End of ThinkUp ★

Anil Dash:

We have some tough news: We’re going to be shutting down the ThinkUp service on July 18 and issuing a refund then for the balance of all member subscriptions. There have been significant changes from Instagram, Twitter and Facebook that make it too hard for us to keep the service running, especially since we’ve been struggling as a business. We’re sorry, and we’re going to try to handle this shutdown the right way.

A shame — I really liked ThinkUp. Every week it surfaces something interesting from Twitter that I hadn’t noticed on my own.

Safari 10 Will No Longer Load Legacy Plugins By Default ★

Ricky Mondello, on the WebKit blog:

By default, Safari no longer tells websites that common plug-ins are installed. It does this by not including information about Flash, Java, Silverlight, and QuickTime in navigator.plugins and navigator.mimeTypes. This convinces websites with both plug-in and HTML5-based media implementations to use their HTML5 implementation.

Of these plug-ins, the most widely-used is Flash. Most websites that detect that Flash isn’t available, but don’t have an HTML5 fallback, display a “Flash isn’t installed” message with a link to download Flash from Adobe. If a user clicks on one of those links, Safari will inform them that the plug-in is already installed and offer to activate it just one time or every time the website is visited. The default option is to activate it only once. We have similar handling for the other common plug-ins.

The worst is when a site that could serve you HTML5 media content instead sends you the Flash version, just because you have Flash installed. This should fix that problem for Safari users.

‘The End of Apple Man’ ★

Katie Notopoulos, writing for BuzzFeed:

But the effervescent demo of Apple Music by the charismatic Bozoma Saint John — a black woman who looked and acted nothing like the typical Apple Men onstage before her and who in her opening remarks mentioned being a mother — felt like a breath of fresh air signaling that perhaps the winds are changing. There were other signals too. In the video segment cheering on developers using Apple’s Swift programming language, the video ended with a black woman joyfully expounding how awesome coding was — certainly not the stereotype of a coder, and not totally reflective of the crowd there watching the video. At another Apple event in March, another black female Apple executive, Lisa Jackson, took the stage to talk about Apple’s environmental efforts.

Breaking the Apple Man stereotype in the people who appear on stage as the Apple’s evangelists is symbolic. Having a black woman present on stage might just mean the company is more aware of the optics of its events.

Good points about the new “emergency alert” feature on Apple Watch being designed for women, too.