Linked List: January 2, 2018

Tuesday, 2 January 2018

Rick Tetzeli has a good feature for Fortune on the state of Apple’s design, with a wide range of sources (including yours truly):

For many Apple critics, the story ends right here. Siri’s not great, the Touch Bar’s kind of a mess, the operating systems are pretty but somewhat confusing, and the reassuring Home button has been killed … the list goes on. Apple’s far from perfect. Point made.

But here’s the thing: Pick just about any time in Apple’s history, and you’ll find a similar set of worrying choices and seeming failures — even during those halcyon days of Steve Jobs’ triumphant second tenure at the company. 1998: that beautiful, bulbous, Bondi Blue iMac is actually an underpowered computer with an unreliable mouse and a CD slot that few consumers could use productively. 2000: The Power Mac G4 Cube, so gorgeous it becomes part of the collection of the Museum of Modern Art, doesn’t deliver the power and features heavy users demand. 2001: The first iPod is released, but it’s not really ready for primetime, since the scroll wheel is clunky and the device works only with Macs, which account for just 2.6% of worldwide PC sales. 2005: Apple’s in the phone business! With something called the Rokr, a kludgy music player/cell phone that the company developed with Motorola. 2007: The iPhone is introduced, with few applications and poor connectivity. 2011: The iPad is introduced, and, as my brother-in-law Mark told me at the time, “I can’t imagine anyone ever using this for anything interesting.” (He’s bought four since then.)

The problem with the Touch Bar, to my mind, is not that it’s a bad idea that Apple should abandon. It’s that the first version isn’t good enough. The Apple approach to dealing with the mixed (at best) reaction to the Touch Bar should be to go back to the drawing board and make it better. Keep what’s good and interesting about what it is now, and fix the issues people are complaining about.

(Also, a personal niggle: I don’t think there was anything “clunky” about the original iPod scroll wheel. In fact, I liked the original iPod’s mechanical scroll wheel, which physically spun, better than the capacitive touch scroll wheel that replaced it. From a Mac user’s perspective, the original iPod was an amazing device. If you want something from iPod history to cite as an example of questionable Apple design, I suggest either the 2007 “Fat” Nano or the 2009 iPod Shuffle that literally had no playback buttons at all.)

Games Using Phone Microphones to Track What You’re Watching on TV ★

Sapna Maheshwari, reporting for The New York Times:

The apps use software from Alphonso, a start-up that collects TV-viewing data for advertisers. Using a smartphone’s microphone, Alphonso’s software can detail what people watch by identifying audio signals in TV ads and shows, sometimes even matching that information with the places people visit and the movies they see. The information can then be used to target ads more precisely and to try to analyze things like which ads prompted a person to go to a car dealership.

More than 250 games that use Alphonso software are available in the Google Play store; some are also available in Apple’s app store.

Some of the tracking is taking place through gaming apps that do not otherwise involve a smartphone’s microphone, including some apps that are geared toward children. The software can also detect sounds even when a phone is in a pocket if the apps are running in the background.

The Times provides the above link to the games in the Google Play store with this code, but no such link for affected games in the iOS App Store. Would be nice to see a list of the games on iOS. The good news is you have to approve microphone access for these games, on both platforms, but who knows how many people approve it without thinking about it? I don’t care what these apps disclose in the privacy policies — everyone knows nobody reads privacy policies. This is malware.

Web Trackers Are Exploiting Browser Login Managers ★

Gunes Acar, Steven Englehardt, and Arvind Narayanan:

First, a user fills out a login form on the page and asks the browser to save the login. The tracking script is not present on the login page [1]. Then, the user visits another page on the same website which includes the third-party tracking script. The tracking script inserts an invisible login form, which is automatically filled in by the browser’s login manager. The third-party script retrieves the user’s email address by reading the populated form and sends the email hashes to third-party servers.

You can test the attack yourself on our live demo page.

Once again I say: the web would be better off if browsers had never added support for scripting. Many of the ads you see on legitimate websites today are effectively malware.