By John Gruber

• Archive
• The Talk Show
• Dithering
• Projects
• Contact
• Colophon
• Feeds / Social
• Sponsorship

Linked List: November 29, 2017

Wednesday, 29 November 2017

Meet the Man Who Deactivated Trump’s Twitter Account for 11 Minutes ★

Ingrid Lunden and Khaled “Tito” Hamze, writing for TechCrunch:

His last day at Twitter was mostly uneventful, he says. There were many goodbyes, and he worked up until the last hour before his computer access was to be shut off. Near the end of his shift, the fateful alert came in.

This is where Trump’s behavior intersects with Duysak’s work life. Someone reported Trump’s account on Duysak’s last day; as a final, throwaway gesture, he put the wheels in motion to deactivate it. Then he closed his computer and left the building.

Several hours later, the panic began. Duysak tells us that it started when he was approached by a woman whom he didn’t know very well. According to Duysak, the woman said that she had been contacted by someone asking about Duysak in connection with Trump’s Twitter account. After a moment of disbelief, he said he then looked at the news and realized what had happened.

There are an awful lot of people who would like to buy this guy a beer.

Security Update 2017-001 Breaks File Sharing (But a Fix Is Already Out) ★

Better to close this security hole and inadvertently break file sharing than to leave the hole open, but this is why bug fixes aren’t usually released in under a day.

Update: Nice — an official fix for this is already out:

1. Open the Terminal app, which is in the Utilities folder of your Applications folder.
2. Type sudo /usr/libexec/configureLocalKDC and press Return.

The Information: ‘Android’s Andy Rubin Left Google After Inquiry Found Inappropriate Relationship’ ★

Reed Albergotti, reporting for The Information:

Andy Rubin, the creator of Android and a key executive at Google Inc. for nine years, left the company in 2014 shortly after an internal investigation determined that he had carried on an inappropriate relationship with a subordinate, The Information has learned.

Mr. Rubin has taken a leave of absence from his new smartphone startup, Essential, for personal reasons, the firm’s employees were told on Monday. The Information had earlier contacted Mr. Rubin’s spokesman for this story.

That doesn’t sound suspicious at all.

Like many companies, Google has a policy that prohibits supervisors from having a relationship with a subordinate. Any manager entering into such a relationship has to report it to the company, which will move one of the two to a different department. The woman who made the complaint worked in Google’s Android division while Mr. Rubin ran it, The Information has confirmed.

Mike Sitrick, a spokesman for Mr. Rubin, denied that Mr. Rubin had done anything wrong or that his departure from Google was related to the complaint and investigation.

“Any relationship that Mr. Rubin had while at Google was consensual,” Mr. Sitrick said, and did not involve any person who reported directly to him. “Mr. Rubin was never told by Google that he engaged in any misconduct while at Google and he did not, either while at Google or since.”

Here’s a report from The Verge, for those who aren’t Information subscribers.

Matt Lauer Accused of Sexual Harassment by Multiple Women ★

Ramin Setoodeh and Elizabeth Wagmeister, reporting for Variety:

Lauer, who was paranoid about being followed by tabloid reporters, grew more emboldened at 30 Rockefeller Center as his profile rose following Katie Couric’s departure from “Today” in 2006. His office was in a secluded space, and he had a button under his desk that allowed him to lock his door from the inside without getting up. This afforded him the assurance of privacy. It allowed him to welcome female employees and initiate inappropriate contact while knowing nobody could walk in on him, according to two women who were sexually harassed by Lauer.

Sounds like that button was only locking others out of his office, not locking women in, but still, that’s some fucked up shit. As Andy Richter observed, someone at NBC had to approve the installation of that button.

Apple Releases Fix for High Sierra Root Login Bug ★

Statement I received from an Apple spokesperson, just a few minutes ago:

Security is a top priority for every Apple product, and regrettably we stumbled with this release of macOS.

When our security engineers became aware of the issue Tuesday afternoon, we immediately began working on an update that closes the security hole. This morning, as of 8:00 a.m., the update is available for download, and starting later today it will be automatically installed on all systems running the latest version (10.13.1) of macOS High Sierra.

We greatly regret this error and we apologize to all Mac users, both for releasing with this vulnerability and for the concern it has caused. Our customers deserve better. We are auditing our development processes to help prevent this from happening again.

Quick turnaround, and a strong apology. The bug never should have happened, but given that it did, you couldn’t ask for a better, faster response. To my memory, this is only the second time Apple has used MacOS’s automatic — that is to say, non-optional — update mechanism. The other was the NTP Security Update in 2014, that affected Mac OS X 10.8 through 10.10.