Linked List: January 2020

How to Disable Multitasking on iPadOS 13 

Apple support document:

To turn Multitasking features on or off, go to Settings > Home Screen & Dock > Multitasking, then you can do the following:

Allow Multiple Apps: Turn off if you don’t want to use Slide Over or Split View.

Picture in Picture: Turn off if you don’t want to use Picture in Picture.

Gestures: Turn off if you don’t want to use Multitasking gestures to see the app switcher, return to the Home screen, and more.

A slew of readers pointed to this after I said I’d prefer iPhone-style one-app-at-a-time multitasking to the convoluted easy-to-make-a-mistake/hard-to-correct-a-mistake split-screen and Slide Over multitasking in iPadOS. iPadOS supports an option that more or less does this — the “Allow Multiple Apps” option mentioned above.

I’m aware of no other graphical user interface that offers a setting like this. The existence of this setting feels like proof that Apple knows iPad multitasking is often invoked by accident and can be confusing.

Macintosh Programmer’s Workshop 

When the Mac shipped in 1984 developers had to use a Lisa to write apps for it. When the iPad shipped in 2010 developers had to use a Mac to write apps for it.

In late 1986 Apple shipped MPW, which allowed Mac software to be written on a Mac. In 2020, developers have to use a Mac to write apps for iPad.

My Review of the Original iPad 

Yours truly, back in April 2010:

After the iPad was announced, I got two types of emails from readers. The first group saying they were disappointed, because they had been hoping I was right that The Tablet would be Apple’s reconception of personal computing.

The second group wrote to tell me how excited they were because I was right that The Tablet would be Apple’s reconception of personal computing.

Count me in with the second group. Apple hasn’t thought of everything with iPad, but what they’ve thought about, they’ve thought about very deeply. I got mine Saturday morning, and I’ve been using it since — or at least as often as I could get it away from my son. Here are my thoughts.

Nothing hammers home for me just how long 10 years is more than looking at that photo.

The whole thing feels fast fast fast. The only thing that feels slow overall, so far, is web page rendering. Not because it’s slower than the iPhone — it’s not, it’s definitely much faster — but because it’s so much slower than my MacBook Pro. It’s easy to forget on modern PC-class hardware just how computationally expensive HTML rendering is.

The funny thing is, the iPad, in raw CPU terms, is a far slower machine than a modern Mac. But the iPad is running a lightweight OS and lightweight apps. It’s like a slower runner with a lighter backpack who can win a race against a faster runner wearing a heavier backpack.

Ten years later, iPadOS is still significantly lighter weight than MacOS, but Apple’s custom-designed ARM CPUs are faster than the Intel chips in MacBooks.

iPadOS Multitasking Without Using the Dock 

Jordan Merrick, two years ago:

As some iOS 11 users have pointed out, one alternative to this is to invoke Spotlight to search for apps, though this requires the use of an external keyboard to show Spotlight while an app is still active. Another option is to create a folder of apps and place it in the Dock, though this still means you’re still limited to a selection of apps you can multitask from.

So I was wrong yesterday when I wrote that the only way to get a second app on screen is to drag it from your Dock. But one of the other two ways to do it requires an external keyboard to be connected. The other way, jiminy:

There is another way of multitasking apps that doesn’t require using the Dock at all, allowing you to one-handedly drag any app from your Home screen and place them in Slide Over or Split View. You can even use this process to replace any app in a pairing.

  1. Press the Home button to go back to the Home screen.
  2. Tap-and-hold an app until you can drag it around.
  3. Either:
    • Tap to select another app and launch it from the Home screen.
    • Invoke the App Switcher (either by swiping up from the bottom of the screen or double-pressing the Home button).
  4. You can then drop the app in Slide Over or Split View, or replace either app in the pairing.

The first of the “either” steps no longer works in iPadOS 13 — once you start dragging an app from the homescreen, tapping another app doesn’t launch it, it adds the tapped app to the app you started dragging in a stack. So the only way now is the second option, sliding up to enter the multitasking spaces view while still holding onto the app icon you’re dragging.

This is so convoluted, so undiscoverable, so easy to make a mistake with, that it proves my point that the multitasking interaction model on iPadOS is a shambles. Just try doing this while holding your iPad in your hand, not resting it on a table. It’s like playing Twister with your hands. This reads like a joke and in practice it’s worse than it sounds. It’s embarrassing.

How Popular Is ‘Sign In With Apple’? 

Ben Packard:

Over the weekend I launched Mezzanine, a new theater diary app for iOS. Mezzanine is the first app I have launched since the introduction of Sign in with Apple, so I was interested to see how popular it would prove with users. The short answer: for Mezzanine users, Sign in with Apple is much more popular than using any other social account, and about as popular as using an email address.

I just used Sign In With Apple for the first time a few weeks ago, and was surprised at how easy it was. I kept waiting for the “confirm your email address” email to arrive but it never did — because there isn’t one. It’s utterly private, where signing in with Google or Facebook is not at all, yet far more convenient than signing up with your email address.

Bill Plaschke on Kobe Bryant 

LA Times columnist Bill Plaschke captures our collective denial and grief:

This can’t be true.

Kobe does not die. Not now. Kobe lives into his golden years, lives long enough to see his statues erected outside Staples Center and his jerseys inducted into the Basketball Hall of Fame. He lives long enough to sit courtside at Staples when he’s stooped and gray, keeping alive the memories of two decades of greatness with a wink, maybe even fooling everyone one last time by retiring in a community next to Shaq.

I spent an hour yesterday, immediately after the news broke, reloading Twitter waiting for someone to post a report saying it wasn’t true.

Dark Patterns in Tesla’s iPhone App: Accidental Purchases of $4,000 in Non-Refundable Upgrades 

Twitter thread from Ted Stein, on a spate of Tesla owners getting stuck with $4,000 software upgrades they didn’t intend to purchase. Just look at the low contrast and small print on the “cannot be refunded” warning.

Financial Times: ‘Apple Hits Out at EU Plans for a Universal Smartphone Charger’ 

Tim Bradshaw, writing for The Financial Times:

Earlier this month, the European Parliament revived a decade-long argument about mandating a so-called “common charger” for mobile devices. Maros Sefcovic, vice-president of the European Commission for inter-institutional relations and foresight, said in a recent speech that such a scheme would be more convenient for consumers and reduce electronic waste. […]

In its first statement in response to the latest proposals, Apple said on Thursday that forcing it to ditch Lightning would inconvenience hundreds of millions of its customers and create an “unprecedented volume” of waste.

“We believe regulation that forces conformity across the type of connector built into all smartphones stifles innovation rather than encouraging it, and would harm consumers in Europe and the economy as a whole,” Apple said. “We hope the Commission will continue to seek a solution that does not restrict the industry’s ability to innovate and bring exciting new technology to customers.”

The idea of a universal charger sounds good. Wherever you go, whatever phone you have, you can charge it. But there’s no reason to regulate it, and good reasons not to. It would stifle innovation. If this regulation had been on the books seven or eight years ago, wouldn’t we have been stuck with shitty micro-USB chargers for years to come? Regulations change slowly, if at all. The market has naturally universalized itself; there are only two chargers for modern phones, Lightning and USB-C. Put Apple aside even — surely there will, within a few years, be something better than USB-C for non-Apple phones. Regulations mandating USB-C will slow adoption.

Here’s the nut paragraph, buried deep within the article:

A study by consultancy Copenhagen Economics, commissioned by Apple last month, found that while 49 per cent of households rely on different connector types, only 0.4 per cent of European consumers said they “regularly experience any significant issue” with charging their devices due to incompatible cabling.

That’s a study commissioned by Apple, so I’ll take it with a grain of salt. But it rings true to my ears. This is not an issue most people have, and nerds be damned, most iPhone users would be angry if their next iPhone had a USB-C port instead of Lightning because they already have Lightning cables.

SQLPro Studio 

My thanks to SQLPro Studio for sponsoring last week at DF. Look, it is no surprise to anyone reading this that I care deeply and feel strongly about using truly native Mac and iOS apps. That’s especially true for professional tools. SQLPro Studio is an exquisite truly native app for developers working with SQL databases — MySQL, PostgreSQL, Microsoft SQL Server, and the one I use the most, SQLite.

But native for what? All Apple platforms: Mac, iPad, and even iPhone. Yes, SQLPro Studio has an excellent SQL database client for iPhone. This isn’t some crummy Java app. It handles everything from schema design to browsing and editing records, with full syntax coloring. The developer, Kyle Hankinson of Hankinsoft Development, has been working on this suite of apps for years now, frequently updates them, and is incredibly responsive to users. Dark Mode support on Mac and iOS? Of course. This is how you do a cross-platform suite of serious pro apps.

Special offer for Daring Fireball readers: Save 20 percent on any SQLPro Studio web store purchase using the promo code GRUBER, or download a free trial on the iOS App Store.

Students may receive one year free by visiting https://www.sqlprostudio.com/edu/.

How Jeff Bezos’s iPhone X Was Hacked 

Good summary from The New York Times. Until this week’s news, I don’t believe we knew what type of phone Bezos was using when he was hacked. Now we know: an iPhone X.

‘An Embarrassment From Start to Finish’ 

Ron Amadeo, reviewing the Samsung Galaxy Fold for Ars Technica:

And that brings us to today — the Ars review. This one is going to be a little different, since I don’t think the Galaxy Fold has any viability as a serious device anyone should consider purchasing. Should you buy a Galaxy Fold? NO! God no. Are you crazy? The sky-high price, durability issues, nascent form factor, and new screen technology should rule the phone out for just about everyone.

Worth reading and looking at the screenshots comparing it to normal top-tier Android phones. The Fold’s front screen is nearly worthless and the interior “big” screen displays significantly less content in most apps.

Jiminy.

You Might Like Front and Center Even If You Don’t Like Classic Switching 

Dr. Drang, regarding my enthusiasm for John Siracusa’s new Front and Center utility for the Mac:

I would argue that just because Gruber misses the old behavior doesn’t make it right. When you switch to an app via the Dock, all its windows come forward because you have clicked on a icon for the app. Similarly, when you switch to an app via ⌘-Tab, all its windows come forward because you have selected the icon for that app. But when you click on a background window, you are not selecting an app, you’re selecting a window. So it’s the window that should come forward, not the app as a whole.

I completely agree with Drang. I’d never endorse changing today’s MacOS to use the classic-style “click a window to bring all that app’s windows to the front” behavior. Both for Drang’s reasons above, and simply because Mac OS X has been around too long for it to change. (The Mac was 17 years old when Mac OS X 10.0 shipped in March 2001; Mac OS X/OS X/MacOS will have been around for 19 years soon. Classic remained essential until at least 2004, though — Steve Jobs’s 2002 “funeral” for Mac OS 9 be damned, Mac OS X was way too slow and too incomplete until 10.4 Tiger or so for most serious Mac users. So let’s just call it 20 years of classic MacOS and 20 years and counting of Mac OS X.)

But I think classic-style window activation is worthwhile as an option. And more important is Front and Center’s Shift-click override. When using Front and Center in “Classic” mode, you can Shift-click a background window to bring just that window forward. And, if you prefer the “Modern” mode, where just-plain-clicking a window brings just that window forward, you can Shift-click a window to bring all of that app’s windows forward. That’s the killer feature, no matter which mode you prefer by default, and why I suggest trying it even if you don’t want Classic behavior by default.

Gorgeous Maps of the Streets of Any City in the World 

Enter the name of any city, and Andrei Kashcha’s City Roads website will use OpenStreetMap data to draw all of its streets. Simple and beautiful monochromatic design. (Via Jason Kottke, travel photographer.)

Fast Company: ‘Apple and Google’s Location Privacy Controls Are Working’ 

Jared Newman, writing for Fast Company:

Some recent data points to consider:

  • Since the launch of iOS 13 last fall, the amount of background location data that marketers collect has dropped by 68% according to Location Sciences, a firm that helps marketers analyze location data.

  • Location Sciences also found that foreground data sharing, which occurs only while an app is open, dropped by 24%.

  • A Google spokesman tells Fast Company that when Android users have the option to only share location data when they’re actively using an app, they choose that option about half the time.

  • As Digiday reported last week, apps are now seeing opt-in rates under 50% for collecting location data when they’re not in use, according to Benoit Grouchko, CEO of the ad tech business Teemo.

Good news for everyone except dirtbags.

‘If Right Doesn’t Matter, We’re Lost. If the Truth Doesn’t Matter, We’re Lost.’ 

Adam Schiff’s summary argument in the Senate trial of Donald Trump’s impeachment. “If truth doesn’t matter, we’re lost” sums up more than the abject corruption of Trump’s presidency — it sums up the state of the world today.

Interesting Stats on the U.S. Streaming Service Market 

This links to a Wall Street Journal story about the fact that two-thirds of Amazon Prime’s content is user-uploaded, and a lot of it is (unsurprisingly) sketchy. Interesting.

But what caught my eye was this graphic halfway down the page, showing “Q4 2019 U.S. customer base by service”, sourced to Ampere Analysis. Their numbers, in millions:

  1. Netflix: 61.3
  2. Amazon Prime: 42.2
  3. Apple TV+: 33.6
  4. Hulu: 31.8
  5. Disney+: 23.2

If that’s even close to accurate I’d say Apple TV+ is a roaring success. Yes, of course, surely most of those customers are using it free of charge for the first year. But that’s the point of this “buy any Apple device, get a free year of TV+” promotion. Apple wants people to take advantage of it — it’s the answer to the question of how you launch a paid streaming service with no content other than 11 original shows. Make Apple TV+ a habit now, get paid later. Apple can afford to be patient.

I’ve been curious how many people who qualify for TV+ know about it, and realize just how easy Apple’s TV app makes it to start your year-long free subscription. Apparently, a lot.

It’s worth noting that Disney+ didn’t launch until November 12, halfway through the quarter; I expect Disney+ to eventually take the number one spot on this list.

(Apple News link for News+ subscribers.)

Update: Neil Cybart thinks the Apple TV+ number is way too high, and thinks Ampere Analysis got the number simply by estimating how many people in the U.S. qualify for the free year, not how many people have signed up.

The Talk Show: ‘Fake Faces’ 

Special guest Glenn Fleishman returns to the show. Topics include iPhone encryption, the privacy implications of widely-available reverse image search for faces, deep-learning-powered algorithmically-generated faces, and Jeopardy’s “Greatest of All Time” tournament. The show notes are an epic reading list.

Brought to you by these fine sponsors:

  • Clear: Get through security even faster. Get your first 2 months free with code talkshow.
  • Squarespace: Make your next move. Use code talkshow for 10% off your first order.
  • Hover: Find a domain name for your passion. Get 10% off your first purchase.
George Soros to Start $1 Billion School to Fight Nationalists, Climate Change 

Katherine Burton, writing for Bloomberg:

Soros also once again criticized Facebook for its failure to police the social media network.

“There’s nothing to stop them, and I think there is a kind of informal mutual assistance operation or agreement developing between Trump and Facebook,” Soros said. “Facebook will work together to re-elect Trump and Trump will work to protect Facebook.”

Bingo.

98.6 Degrees Fahrenheit Isn’t the Average Anymore 

Jo Craven McGinty, reporting for The Wall Street Journal:

Nearly 150 years ago, a German physician analyzed a million temperatures from 25,000 patients and concluded that normal human-body temperature is 98.6 degrees Fahrenheit. That standard has been published in numerous medical texts and helped generations of parents judge the gravity of a child’s illness. But at least two dozen modern studies have concluded the number is too high.

The findings have prompted speculation that the pioneering analysis published in 1869 by Carl Reinhold August Wunderlich was flawed.

Or was it?

In a new study, researchers from Stanford University argue that Wunderlich’s number was correct at the time but is no longer accurate because the human body has changed. Today, they say, the average normal human-body temperature is closer to 97.5 degrees Fahrenheit.

JetBrains Mono 

New free and open source typeface for developers. I’m not sure it’s for me, but I do appreciate it. It has a much higher than usual x-height, and an emphasis on rectangular oval shapes for round characters. One idea I haven’t seen before: it comes with ligatures for punctuation combinations frequent in code; for example, the ligature for -> (hyphen + greater-than) looks like a two-character-wide . Certainly worth a download if, like me, you’re a hoarder of monospaced fonts.

Via Gus Mueller, who correctly notes that the website JetBrains created for the font is perhaps more interesting than the font itself. Absolutely worth checking out even if you have no interest in the font itself.

Google Search Results Zip Up Leather Jacket, Strap On Water Skis 

Danny Sullivan — who for years wrote about search engines independently, but is now Google’s “Search Liaison”:

Last year, our search results on mobile gained a new look. That’s now rolling out to desktop results this week, presenting site domain names and brand icons prominently, along with a bolded “Ad” label for ads. Here’s a mockup.

To say that this design blurs the line between real search results and sponsored items is an understatement. They’ve been inching toward this for a decade, but I’d say this marks the line where they’ve gone too far. Yes, they still have an “Ad” label next to sponsored results, in the spot where legit results now show a small site logo, but to paraphrase a wise man, what’s wrong about this design isn’t the think of it but the feel of it. I haven’t seen anyone react well to it, and most think the problem is that it makes ads look more like search results.

That’s not quite right though. Craig Mod put his finger on it precisely:

There’s something strange about the recent design change to google search results, favicons and extra header text: they all look like ads, which is perhaps the point?

That’s it. It’s not that ads look like legit results but that results look like ads too. It’s genius, but perverse. Google is losing the soul of its crown jewel.

Go Dragons 

News from my alma mater, from Philadelphia Inquirer reporter Jeremy Roebuck:

The former head of Drexel University’s electrical engineering department was charged with theft Tuesday, three months after he stuck the school with a $190,000 tab for research money he allegedly misspent at strip clubs and on personal expenses.

Philadelphia prosecutors accused Chikaodinaka Nwankpa, 57, of spending $96,000 in federal grant funds at adult entertainment venues and sports bars between 2010 and 2017. He allegedly squandered $89,000 — funding he had secured for science, energy, and naval research — on iTunes purchases and meals.

I’ll go out on a limb and guess it was mostly on meals, but perhaps in addition to his other hobbies, Nwankpa is quite the cinephile.

Update: I completely blanked on in-app purchases for games. Something on the order of $1,000/month in IAP over this seven-year stretch would only make Nwankpa a low-level “whale” in mobile gaming. He could have easily blown a bigger chunk of the $89K on iTunes than on expensive meals. It’s Vegas, and Apple owns the biggest casino.

(Kind of hard to believe there’s only one hit for “Nwankpa” at The Triangle. A college newspaper ought to live for a story like this. I’d have gotten a month’s worth of columns out of it in my day.)

Away Co-Founder Steph Korey Is Back as Co-CEO 

Lauren Thomas, reporting for CNBC a week ago:

Just weeks after stepping down as chief executive officer of luggage maker Away following a report about her leadership tactics, Steph Korey is back as co-CEO. […]

But she told Away employees in a companywide Slack message Monday, which was reviewed by CNBC: “The inaccurate reporting that was published in December about our company unleashed a social media mob — not just on me, but also on many of you.” She added that her move to executive chairman had caused “more confusion than clarity. … So, let me clear that up: I am not leaving the company.”

Korey went on to say the company will contemplate its “legal options” after The Verge responds to its “demands for retractions and corrections.” A representative from The Verge wasn’t immediately available to respond to CNBC’s request for comment.

Away said it has hired Libby Locke, the lawyer who won a defamation case against Rolling Stone magazine for a retracted story about an alleged gang rape at the University of Virginia. Locke said in an email Monday that the Verge “published hit pieces filled with lies and distortions designed to damage Away’s reputation.”

Surprise twist, to say the least. This seemingly puts the kibosh on my theory that Korey was stabbed in the back by Away’s board.

(Disclaimer: Away has been a frequent sponsor of my podcast.)

MacOS 10.15 Catalina Bug: LG 5K Display Resets to Maximum Brightness Every Reboot 

Lloyd Chambers:

There are so many bugs in Catalina that I could spend weeks writing them up. Here’s one that is not just eye-popping (literally), but of great annoyance to me as a photographer — I need the display to remain stable and predictable.

After every reboot, the LG 5K display goes to maximum brightness.

Chambers quotes from several others encountering the same issue. A DF reader — also a professional photographer — wrote to me about this bug last week. He (the DF reader) was using a $6,000 new 16-inch MacBook Pro. I say was, past tense, because after a few days he returned it because this brightness issue was no small thing for him, because he sets his display brightness precisely using a display calibrator. Doing this several times per day every day quickly drove him mad.

Is this the worst bug in the world? Not even close. It’s a paper-cut bug. No data loss, no crash, not some sort of thing where something doesn’t even work — just an annoyance. But no one wants to use a tool that gives you half a dozen paper cuts every day. And MacOS 10.15 is chockablock with paper-cut bugs. And it’s not like the LG 5K Display is some obscure unsupported display — it’s the one and only external 5K display sold by Apple itself.

2016 WSJ Story on Apple’s Plans for E2E Encryption for iCloud Data 

Daisuke Wakabayashi, reporting for The Wall Street Journal four years ago:

Apple Inc. has refused federal requests to help unlock the phone of San Bernardino gunman Syed Rizwan Farook. But the company turned over data from his phone that Mr. Farook had backed up on its iCloud service.

Soon, that may not be so simple. Apple is working to bolster its encryption so that it won’t be able to decode user information stored in iCloud, according to people familiar with the matter.

But Apple executives are wrestling with how to strengthen iCloud encryption without inconveniencing users. Apple prides itself on creating intuitive, easy-to-use software, and some in the company worry about adding complexity.

If a user forgets a password, for example, and Apple doesn’t have the keys, the user might lose access to photos and other important data. If Apple keeps a copy of the key, the copy “can be compromised or the service can be compelled to turn it over,” said Window Snyder, a former Apple security and privacy manager who is now chief security officer at Fastly, a content-delivery network.

If Apple were to implement E2E encryption for iCloud backups, there’s no “might” about it — if the customer forgets their password, they would lose access to the data. That’s the entire point of this debate.

Given that this was four years ago, something clearly interrupted this plan. I’ve heard from a few additional sources at Apple (or very recently at Apple), and all believe that Apple’s reluctance to use end-to-end encryption for iCloud backups is about how frequently customers don’t know their password but need to access their backups. My idea is to make it optional, but every additional option makes a feature more complicated. No one expects to forget their password — even if this were only an option, some number of iCloud users would turn it on because it’s more secure, forget their password, and be forever locked out of their backups. If it weren’t optional — if backups were E2E encrypted with the keys solely in the hands of users — thousands of iCloud users would be forever locked out of their data each year.

Also, let me emphasize that with the sole exception of email — which is expected — all iCloud data is encrypted both in transit and in storage on Apple’s servers. (Email is encrypted in transit, of course, just not in storage.) The difference is whether Apple also has a key to the data. End-to-end encryption is when only the user controls the keys. Just plain “encryption” is when Apple also has a key.

Tim Cook to Der Spiegel a Little Over a Year Ago: Apple Will Eventually No Longer Have a Key to iCloud Data 

From a wide-ranging interview from October 2018 (filtered through Google Translate):

Spiegel Online: Is the data as secure on your iCloud online service as on the devices?

Cook: Our users have a key there, and we have one. We do this because some users lose or forget their key and then expect help from us to get their data back. It is difficult to estimate when we will change this practice. But I think that in the future it will be regulated like the devices. We will therefore no longer have a key for this in the future.

I believe “regulated” is an idiomatic glitch in the translation. In English we tend to reserve that word for rules and laws from the government; Cook I think clearly is talking about Apple’s own policies.

[Update: Via my friend Glenn Fleishman, who speaks German: “You are correct about the Spiegel story. The machine translation is quite good, but ‘regulated’ was translated from the verb ‘regeln’ which can be regulated, but also controlled/set/etc. So it would be better to say, ‘I believe that in the future, it will be handled like on devices.’ ”]

Joseph Menn’s blockbuster report for Reuters today claims Apple abandoned its plans for encrypting iCloud backups “about two years ago”. Something in the timeline doesn’t add up there. (It’s also very clear from the Der Spiegel interview that Cook is keenly aware of how encryption works with Apple’s devices and services.)

Android 9 and Later Offers Encrypted Backups to Google Android Users 

From the end of Joseph Menn’s report for Reuters today, claiming Apple dropped plans for encrypted iOS backups after the FBI objected:

In October 2018, Alphabet Inc’s Google announced a similar system to Apple’s dropped plan for secure backups. The maker of Android software, which runs on about three-quarters of the world’s mobile devices, said users could back up their data to its own cloud without trusting the company with the key.

Two people familiar with the project said Google gave no advance notice to governments, and picked a time to announce it when encryption was not in the news.

First, while Android runs on 75 percent of mobile devices worldwide, not all of those devices use Google services like backup. None of the Android phones in China, for example — which is a lot of phones. It’s lazy to conflate Android phones with Google Android phones.

Second, I wasn’t aware of this until today. And it makes iCloud’s lack of backup encryption look bad. From Google’s official announcement of the feature a little over a year ago:

Starting in Android Pie, devices can take advantage of a new capability where backed-up application data can only be decrypted by a key that is randomly generated at the client. This decryption key is encrypted using the user’s lockscreen PIN/pattern/passcode, which isn’t known by Google. Then, this passcode-protected key material is encrypted to a Titan security chip on our datacenter floor. The Titan chip is configured to only release the backup decryption key when presented with a correct claim derived from the user’s passcode. Because the Titan chip must authorize every access to the decryption key, it can permanently block access after too many incorrect attempts at guessing the user’s passcode, thus mitigating brute force attacks. The limited number of incorrect attempts is strictly enforced by a custom Titan firmware that cannot be updated without erasing the contents of the chip. By design, this means that no one (including Google) can access a user’s backed-up application data without specifically knowing their passcode.

I can’t find much additional information about this. For example, how many failed attempts trigger the permanent lockout to the backup? That would be useful to know, but I can’t find it.

It also doesn’t seem to be optional on (some?) devices that support it. My Pixel 4 running Android 10 (Android Pie was version 9) doesn’t say anything about backups being encrypted by my device passcode — I believe they just are.

Not sure why the Department of Justice isn’t publicly complaining about this.

(Keep in mind that anything with a web interface, like Google Photos and Google Docs and Google Drive, cannot be end-to-end encrypted. Same goes for iCloud Photos.)

Derek Jeter, Hall of Famer 

James Wagner, reporting for The New York Times:

It was never a question that Derek Jeter, the longtime captain of the Yankees and one of the most celebrated players in baseball history, was going to be enshrined in the Baseball Hall of Fame. The intrigue instead centered on whether he would become the second unanimously elected player, following his former teammate and fellow five-time World Series champion Mariano Rivera.

On Tuesday, Jeter fell just short of Rivera’s historic mark from last season.

Jeter was named on all but one of the 397 ballots cast by members of the Baseball Writers’ Association of America — more than enough to clear the 75 percent hurdle for election. He eclipsed the previous second-highest voting mark, 99.3 percent, for outfielder Ken Griffey Jr. in 2016. Jeter received 99.7 percent of the vote.

The surprise isn’t that some cowardly little man decided to hide behind the anonymity of his vote and deny Jeter unanimity. The surprise is that there wasn’t a single cowardly dope who did the same last year for Rivera. Every single player among the top 30 on this list should have been unanimous. For chrissake Babe Ruth and Willie Mays only got 95 percent of the vote.

Jeter and Rivera were teammates for 19 seasons — the most, by far, of any Hall of Fame teammates. What a privilege it was to watch them play and win five World Series, all while playing for the greatest team in the history of professional sports.

Instagram for Windows 95 

Delightful work by Petrick Studio. I miss buttons that look like buttons and clear distinctions between app chrome and content.

A horse, a horse, my kingdom for a classic Mac OS version of the same idea.

How Modern iPhone Encryption Works 

Great explanation from Jack Nicas, in his column for The New York Times:

Tools like those from Cellebrite and Grayshift don’t actually break iPhones’ encryption; they guess the password. To do so, they exploit flaws in the software, like Checkm8, to remove the limit of 10 password attempts. (After about 10 failed attempts, an iPhone erases its data.) The tools then use a so-called brute-force attack, which automatically tries thousands of passcodes until one works.

That approach means the wild card in the Pensacola case is the length of the suspect’s passcode. If it’s six numbers — the default on iPhones — authorities almost certainly can break it. If it’s longer, it might be impossible.

A four-number passcode, the previous default length, would take on average about seven minutes to guess. If it’s six digits, it would take on average about 11 hours. Eight digits: 46 days. Ten digits: 12.5 years.

If the passcode uses both numbers and letters, there are far more possible passcodes — and thus cracking it takes much longer. A six-character alphanumeric passcode would take on average 72 years to guess.

It takes 80 milliseconds for an iPhone to compute each guess. While that may seem small, consider that software can theoretically try thousands of passcodes a second. With the delay, it can try only about 12 a second.

The basic thing to understand is that there are effectively two systems on a modern iPhone: (1) the iPhone itself, running iOS; and (2) the Secure Enclave. iOS can be hacked. That’s how these tools remove the 10-passcode-guesses-and-you’re-out limit. But it’s the Secure Enclave that evaluates a passcode and controls encryption, and the 80 millisecond processing time for passcode evaluation isn’t an artificial limit that could be set to 0 by hackers. It’s a hardware limitation, not software.

So, if you’re worried about any of this, the answer is simple: use an alphanumeric passphrase to unlock your iOS device, not a 6-digit numeric passcode.

MyNetDiary 

My thanks to MyNetDiary for sponsoring DF this week. MyNetDiary is a modern diet/food tracking app with a strong focus on design, quality, and usability.

Developed with a team of registered dietitians, MyNetDiary offers a huge and reliable database, lightning-fast food tracking, a totally configurable dashboard, and no ads or user tracking — even in the free version. Their UI design for food tracking is incredibly efficient, with features ranging from a huge database of food, smart parsing of your typed input, and bar code scanning. They even have an AR “grocery check” feature — point your camera at a barcode while shopping and you’ll see a heads-up display with information and recommendations.

A lot of apps like this are just thin wrappers around web apps. MyNetDiary offers excellent native apps — for iPhone, iPad, and Apple Watch. They even have an iMessage app. They are really on top of Apple’s latest stuff, and very privacy-minded. You can use the app fully without signing up for a (free) MyNetDiary account. But if you do sign up for an account, your data will sync between devices and the MyNetDiary website seamlessly. They even support Sign In With Apple when you create an account. I’ve been using MyNetDiary all week, and this is the first service I’ve used with Sign In With Apple — and it was a terrific experience. Probably the best “sign up for a new account with a service” experience I’ve ever seen.

MyNetDiary is now the most comprehensive, accurate, and user-friendly diet app in the App Store, as well as on the web and Google Play, and users and reviewers love it. If you’re looking for an app to help you lose weight or just eat better, you should check out MyNetDiary.

The Talk Show: ‘Sport Mode’ 

Special guest Merlin Mann returns to the show. Topics include the renewal of U.S. law enforcement officials’ disingenuous campaign against iPhone encryption, the Houston Astros cheating scandal, how that cheating scandal relates to the Trump impeachment saga, and Catalyst and the art of Mac software design. But mostly we talk about finding a good pair of slippers.

Brought to you by these fine sponsors:

  • Techmeme Ride Home: 20-minutes of today’s top tech news, every day around 5p ET. A terrific podcast that you should subscribe to.
  • Squarespace: Make your next move. Use code talkshow for 10% off your first order.
  • Linode: Instantly deploy and manage an SSD server in the Linode Cloud. Get a server running in seconds with your choice of Linux distro, resources, and choice of 10 node locations.
Which Emoji Scissors Close 

“Wh0”:

Ah, scissors. They’re important enough that we have an emoji for them. On your device, it appears as ✂️. Unlike the real world tool it represents, the emoji’s job is to convey the idea, especially at small sizes. It doesn’t need to be able to swing or cut things. Nevertheless, let’s judge them on that irrelevant criterion.

Fun work. Turns out most emoji scissors wouldn’t actually close. I’m curious if the ones that would close somehow look worse at small sizes, or if this is something that most scissor emoji artists never bothered to consider. (Via Andy Baio.)

The FBI Used a GrayKey to Obtain Data From a Locked iPhone 11 Pro Max 

Thomas Brewster, reporting for Forbes:

Last year, FBI investigators in Ohio used a hacking device called a GrayKey to draw data from the latest Apple model, the iPhone 11 Pro Max. The phone belonged to Baris Ali Koch, who was accused of helping his convicted brother flee the country by providing him with his own ID documents and lying to the police. He has now entered a plea agreement and is awaiting sentencing.

Forbes confirmed with Koch’s lawyer, Ameer Mabjish, that the device was locked. Mabjish also said he was unaware of any way the investigators could’ve acquired the passcode; Koch had not given it to them nor did they force the defendant to use his face to unlock the phone via Face ID, as far as the lawyer was aware. The search warrant document obtained by Forbes, dated October 16, 2019, also showed the phone in a locked state, giving the strongest indication yet that the FBI has access to a device that can acquire data from the latest iPhone.

Nothing is confirmed by anyone involved — the FBI, Apple, or Grayshift (the company that makes the GrayKey) — but this sure sounds like the FBI accessed data on an iPhone 11 Pro Max using a GrayKey. Two things if this is true. First, this really puts the lie to the FBI’s claim of needing Apple’s help accessing the Pensacola shooter’s iPhones (which were older models, and thus presumably easier to crack). Second, this is the first suggestion I’ve seen that GrayKey can unlock, or somehow otherwise access the data of, Apple’s latest generation of iPhones.

More on how GrayKey works — or at least used to work — from an April 2018 link. At one point later in 2018, it was believed that bug fixes in iOS 12 stopped GrayKey from working. It’s a canonical cat-and-mouse game. Also worth noting: Grayshift co-founder Braden Thomas previously worked as a security engineer at Apple.

WSJ: ‘Barr’s Encryption Push Is Decades in the Making, but Troubles Some at FBI’ 

Sadie Gurman, Dustin Volz, and Tripp Mickle, reporting for The Wall Street Journal:

Some FBI officials were stunned by Mr. Barr’s rebuke of Apple, the people familiar with the matter said, and believe the Pensacola case is the wrong one to press in the encryption fight, in part because they believed Apple had already provided ample assistance to the probe.

Like I’ve been arguing, this has nothing to do with the Pensacola case in particular and everything to do with a push to make encryption illegal.

More on Tile’s Complaints About Apple in Congressional Testimony 

Juli Clover, writing for MacRumors, reports that Tile is complaining about Find My too:

The smaller companies are aiming to provide evidence that the tech giants have become too big and have practices in place that stifle competition and hurt sales. Tile in particular is gunning for Apple, claiming that Apple’s iOS 13 Bluetooth and location tracking devices have hurt its business, and that Find My resembles Tile’s own service.

Find My — originally Find My iPhone — has been around since 2010. And it seems like weak sauce to argue that it’s a feature Apple shouldn’t be able to provide on antitrust grounds. Putting aside Apple’s rumored dedicated location-tracking tile dinguses, if Tile’s business has been hurt by iOS 13 and Find My, their business was in bad shape to start.

It seems one of Tile’s specific complaints is related to the changes in iOS 13 that discourage third-party apps from having “Always Allow” access to location data. Apple has been pushing for apps to use “Only While Using the App”, and, when apps do use “Always Allow”, iOS will periodically remind you which apps are doing so in the background, and how often. And to turn on “Always Allow” access, the user must do so in the Privacy section of Settings — the app itself can’t prompt for it. Apple’s statement seems to suggest they’re reconsidering that.

Remember Apple’s priorities: Apple first, users second, developers third. Developers of location-tracking apps might be peeved by iOS 13’s changes, but users are much better off. A lot of apps that were asking for “Always Allow” location access were not doing so with the users’ interests at heart.

There’s just no way a third-party tile tracking product will be as integrated with iOS as an Apple product would be. It’s like rival smart watch makers complaining that Apple Watch’s integration with iPhone is unfair. Same with AirPods. At some level it is unfair, but what’s the alternative? You’re either asking for Apple (and other big platform vendors) to be severely hamstrung from innovating with integrated new products, or you’re asking for third-parties to be given low-level access to the OS on mobile platforms — a privacy and security nightmare.

There are definitely good antitrust arguments to be made against all of the tech giants, including Apple, but I don’t think Tile is a good example.

Tile to Testify Before Congress About Unreleased, Unannounced Apple Product 

Nandita Bose, writing for Reuters:

In April 2019, Tile.com, which helps users find lost or misplaced items, suddenly found itself competing with Apple Inc, after years of enjoying a mutually beneficial relationship with the iPhone maker.

Apple carried Tile on its app store and sold its products at its stores since 2015. It even showcased Tile’s technology at its biggest annual event in 2018 and the startup sent an engineer to Apple’s headquarters to develop a feature with the company’s voice assistant Siri.

Early the following year, Tile’s executives read news reports of Apple launching a hardware product along with a service that resembled what Tile sold. By June, Apple had stopped selling Tile’s products in stores and has since hired away one of its engineers.

It sucks to get Sherlocked. But is there anything vaguely illegal here? And it seems… premature to testify before Congress about a product Apple hasn’t even announced (and for all we know, never will). What exactly is Tile’s preferred remedy here?

The Case for a Low Power Mode for Mac Laptops – and iPads 

Marco Arment:

In light of today’s rumor that a Pro Mode may be coming that seems to offer benefits in the opposite direction, I wanted to re-make the case for a Low Power Mode on macOS — and explain why now is the time.

Modern hardware constantly pushes thermal and power limits, trying to strike a balance that minimizes noise and heat while maximizing performance and battery life. […] Apple’s customers don’t usually have control over these balances, and they’re usually fixed at design time with little opportunity to adapt to changing circumstances or customer priorities.

The sole exception, Low Power Mode on iOS, seems to be a huge hit: by offering a single toggle that chooses a different balance, people are able to greatly extend their battery life when they know they’ll need it.

Arment has some interesting numbers showing the difference on a new 16-inch MacBook Pro while running a third-party kernel extension that disables Intel’s “Turbo Mode”. You lose about 50 percent of performance but gain maybe an additional 50 percent of battery life — and your MacBook stays very cool. A lot of people in a lot of situations would happily make that trade-off, especially if it were as easy to toggle and as noninvasive as it is on iOS. When I use Low Power Mode on my iPhone, I’m hard-pressed to notice any difference other than the yellow battery icon, even though benchmarks suggest the CPU is throttled to about half speed. Apple’s A-series CPUs are so fast that half-speed is plenty fast.

The elephant in the room is the Mac’s transition to Apple-designed ARM processors — a transition we’ve all expected to come any year now for, well, quite a few years. Apple’s plan for extending MacBook battery life might just be to switch processor architectures and nothing else. Note too that iOS’s Low Power Mode is for iPhones only — iPads don’t have it. That bodes poorly for the odds of a Low Power Mode for MacBooks — it feels like a feature Apple believes is needed only for phones.

Now that I think about it, why doesn’t the iPad have Lower Power Mode? This could be a huge game changer in a “forgot to charge my iPad before a long flight or car trip” scenario. I just spent 15 minutes searching the web to make sure the iPad really doesn’t offer this feature, because it seems so bananas that it doesn’t.

Study Claims YouTube Ads of 100 Top Brands Fund Climate Misinformation 

Alex Hern, reporting for The Guardian:

Some of the biggest companies in the world are funding climate misinformation by advertising on YouTube, according to a study from activist group Avaaz.

The group found that more than 100 brands had adverts running on YouTube videos on the site that were actively promoting climate misinformation. The brands, including Samsung, L’Oreal and Decathlon, were unaware that their adverts were being played before and during the videos.

How do we know they were unaware? I highly doubt any of these brands specifically wanted their ads to run against climate change disinformation videos, but doesn’t the scattershot “just let the algorithm figure out where to run our ads” strategy many (most?) big YouTube advertisers take imply that some of the spots are going to run against unsavory content?

I really feel as a culture we are barely coming to grips with the power of YouTube, Facebook, and to some degree, Twitter, as means of spreading mass-market disinformation. The pre-internet era of TV, print, and radio was far from a panacea. But it just wasn’t feasible in those days for a disinformation campaign — whether from crackpots who believe the nonsense, corporate industry groups, or foreign governments — to get in front of the eyes of millions of people.

It feels like something out of a Kurt Vonnegut novel that this is not only the state we’re in today, but that big name mass market advertisers are running commercials on this stuff.

Fun With Charts: A Decade of Apple Growth 

Jason Snell:

I have been making charts based on Apple’s financials every three months for most of the last decade, and if there’s one thing that I think the charts don’t properly convey is just how explosive Apple’s growth has been. The iPhone’s growth in the middle of the decade changed the game. And while that growth has slowed or stopped, it leaves Apple as a company that is working at a scale that’s nothing like it was when Steve Jobs was in his final years as CEO.

That last chart is a real doozy.

Steve Bannon: ‘If I Were the Guys at Apple I Would Pay Attention to the President’s Tweets. I Would Treat His Tweets as a Papal Bull.’ 

The notion that anyone should treat any president’s tweets as “papal bulls” is one of the most un-American things I’ve heard.

Wireless Networks Pose No Known Health Risk 

Glenn Fleishman, writing at TidBITS:

Can cell phones or Wi-Fi give you cancer? The answer is reasonably definitive: No. That’s equally true for new 5G cellular networks currently being rolled out worldwide, all previous cellular networks, and all versions of Wi-Fi.

‘We Reject the Characterization That Apple Has Not Provided Substantive Assistance in the Pensacola Investigation’ 

Scott Lucas, reporting for BuzzFeed News:

“We reject the characterization that Apple has not provided substantive assistance in the Pensacola investigation. Our responses to their many requests since the attack have been timely, thorough and are ongoing,” the company said in a statement. “We responded to each request promptly, often within hours, sharing information with FBI offices in Jacksonville, Pensacola and New York. The queries resulted in many gigabytes of information that we turned over to investigators. In every instance, we responded with all of the information that we had.”

But Apple said nothing about actually unlocking the gunman’s two iPhones. Instead, it reiterated its stance on privacy.

“We have always maintained there is no such thing as a backdoor just for the good guys,” the company explained. “Backdoors can also be exploited by those who threaten our national security and the data security of our customers. … We feel strongly encryption is vital to protecting our country and our users’ data.”

The big question remains unclear in all this coverage: did Apple refuse the DOJ’s request, or are they unable — technically — to fulfill the request? The DOJ continues to talk as though this is something Apple could do but refuses to. I believe it’s something Apple is mathematically unable to do. News coverage should make this clear.

Barr Asks Apple to Unlock Pensacola Killer’s Phones, Setting Up Clash 

Katie Benner, reporting for The New York Times:

“We’re not trying to weaken encryption, to be clear,” Mr. Bowdich said at a news conference, noting that the issue has come up with thousands of devices that investigators want to see in other cases.

That’s exactly what they are trying to do. There is no magic way to allow law enforcement to access encrypted contents without allowing everyone else the same path. Mathematics doesn’t discern between “good guys” and “bad guys”.

Disney+ Was the Most Downloaded App in the US in Q4 2019 

Sarah Perez, reporting for TechCrunch:

U.S. consumers have shown strong interest in Disney’s new family-friendly streaming service, Disney+, according to new data from Sensor Tower, which focused on app trends in the final quarter of 2019. Following the app’s mid-November launch in the U.S., Disney+ was downloaded more than 30 million times in Q4 2019 — that’s more than double its next nearest competitor, TikTok, the firm said.

These total downloads were counted across both the Apple App Store and Google Play, with the App Store accounting for over 18 million of the Disney+ downloads and Google Play accounting for more than 12 million. This allowed the new streaming app to become the most downloaded app in the App Store and Google Play, individually, in addition to being the most downloaded app overall in the quarter.

Very impressive launch, both technically and marketing-wise.

Astros Manager and G.M. Fired Over Cheating Scandal 

James Wagner, reporting for The New York Times:

It is an enduring part of baseball strategy: As a batter is at the plate, his teammates carefully watch a catcher’s fingers to figure out what pitch is about to be thrown.

And it’s all fair play as long as teams do not enhance the abilities of the naked eye and clever minds with either cameras or electronic devices that allow teammates to signal the batter whether a fastball or a breaking ball is on the way.

But that is exactly what the Houston Astros did during their 2017 championship-winning season, clouding that World Series title and causing one of baseball’s biggest cheating scandals in years, Major League Baseball officials said on Monday in a scathing report detailing the team’s scheme.

By the end of the day, Houston General Manager Jeff Luhnow and Manager A.J. Hinch — the two men who helped propel the Astros to the top of the sport — had been suspended and then fired, while their club was left with severe penalties for deploying a scheme involving cameras and monitors to decode the hand signals of catchers and tip off Houston batters. One of their favorite communication methods was banging on a trash can just outside the dugout.

Commissioner Manfred’s report (PDF) is a scathing read (with a crazy file name). My favorite part of this whole sad saga is the indignant way A.J. Hinch responded to allegations that the Astros were illegally signaling signs against the Yankees this postseason. My guess is it’s not “making him laugh” any more.

Put a big asterisk next to that 2017 World Series. What an embarrassing stain on the sport.

Kolide 

My thanks to Kolide for sponsoring last week at DF. Kolide is a new Slack app that messages employees when their Mac, Windows, or Linux device is not compliant with security best-practices or policy.

With this app, Kolide will notify users or groups when a device is out of compliance along with clear instructions about what is wrong, and step by step instructions to remediate the issue themselves. They can even confirm in real-time that they resolved the problem with an interactive button inside the Slack message.

Unlike most endpoint security solutions, Kolide was designed with user privacy in mind. Your users will know what data is collected about their device, who can see that data, and can even view the full source code of the agent that is run on the device.

Kolide is already used by hundreds of fast growing companies who want to level-up their device security without locking down their devices. Try Kolide’s new product for free for 30 days for your entire fleet.

Apple’s One Remaining Use of the Word ‘Macintosh’ 

Adam Engst, writing at TidBITS:

Some weeks ago, I was struck by the thought that Apple had almost entirely managed to scrub its corporate communications of the word “Macintosh.” It’s not surprising, of course, but I was curious if the company had slipped up anywhere. To find out, I put together a complex Google search that focused on just Apple sites, eliminating those which host third-party content like discussions.apple.com. It also eliminates pages pointing at technical specifications for old products, a page listing obsolete products, and a spurious link to the Wikipedia page on HyperCard that somehow got an apple.com URL.

My search confirmed my initial hunch that there is only one official remaining use of the word “Macintosh” by today’s Apple.

Be sure to read the comments — there’s more than just one instance.

Quibi 

Ashley Carman, writing for The Verge:

Katzenberg and Quibi CEO Meg Whitman, who is best known as the CEO of HP and eBay, are publicly announcing Quibi at CES — but not quite unveiling it — after having raised $1 billion on the promise of a roster of Hollywood stars and supposedly revolutionary video-streaming technology that delivers portrait and landscape video at the same time. Everything on Quibi is designed for viewing on a phone, on the go, in 10 minutes or less. These chunks of video are called “quick bites” — hence, “Quibi.”

When Quibi arrives on April 6th of this year, it’ll cost $5 a month for an ad-supported version or $8 a month for an ad-free experience. Katzenberg and Whitman formulated this idea nearly two years ago and have been relentlessly signing up the biggest names in Hollywood to be a part of it.

For me personally, the rotating thing sounds awful. Which orientation is canonical? It just sounds like a gimmick. And I know that Hulu has separate paid tiers, one with ads, one without, but man, $5/month with ads is a hard sell to me.

Scaring People Into Supporting Backdoors 

Bruce Schneier, observing the shift from “terrorism” to “pedophiles” as the boogeyman of choice with which to try to turn public sentiment against strong encryption:

Let me be clear. None of us who favor strong encryption is saying that child exploitation isn’t a serious crime, or a worldwide problem. We’re not saying that about kidnapping, international drug cartels, money laundering, or terrorism. We are saying three things. One, that strong encryption is necessary for personal and national security. Two, that weakening encryption does more harm than good. And three, law enforcement has other avenues for criminal investigation than eavesdropping on communications and stored devices. This is one example, where people unraveled a dark-web website and arrested hundreds by analyzing Bitcoin transactions. This is another, where police arrested members of a WhatsApp group.

How hard are law enforcement authorities trying to push this line? Testifying before Congress, New York District Attorney Cyrus Vance said:

In fact, we were never able to view the contents of his phone because of this gift to sex traffickers that came, not from God, but from Apple. As a result, our investigation of sex trafficking was blocked by encryption.

Outrageous.

Maddenisms 

Great thread on Twitter from J.A. Adande (and some additional quotes in the replies, too):

During the 2002 NFL season I kept a notes on random stuff John Madden would say during games, to see if I could learn his philosophy on life through the observations he dispensed in the broadcasts. I recently came across the notebook so here’s a thread of Maddenisms. […]

Some of my favorites:

“When you win [as a coach] you get to be a genius. But if you look at it, you’re a guy that was a PE major in college. Your best class was recess, and then you become a coach. When you win some games you’re a genius. You go from being good at recess to genius…”

“There’s 2 rules in life: You can always be late because you were watching Monday Night Football and the World Series. As a kid, you can always watch those 2 things and it’s okay.”

“When you do lose your hat, you don’t want your head in it.”

There may be football fans who didn’t love listening to Madden call a game, but I don’t know any of them. Madden and his longtime play-by-play partner Pat Summerall will always be the voices of Sunday afternoon football in my mind.

Teen Vogue Story About Facebook Caused Bewilderment About Whether It Was Sponsored Content (Spoiler: It Was) Before the Entire Article Vanished 

An utterly uncritical story on Facebook’s anti-disinformation team appears on Teen Vogue with no byline but no “sponsored content” label. Then Sheryl Sandberg links to it approvingly. Folks at Facebook deny it’s sponsored content, including those profiled in the story. Then the article disappears from Teen Vogue. Then it reappears with a “sponsored content” label. Then it disappears again.

What a clusterfuck all around, both for Teen Vogue (which despite what you might assume from its name, has been publishing very good, very serious work for the last few years) and for Facebook, whose entire reason for buying this sponsored article in the first place was to reassure people that they’re trustworthy. I think Felix Salmon’s theory on how this happened is almost certainly spot-on.

App Store Year-Over-Year Growth in the Christmas to New Year’s Eve Holiday Week 

Tim Hardwick, summarizing the highlights of Apple’s services year-in-review post today:

App Store customers spent a record $1.42 billion between Christmas Eve and New Year’s Eve, a 16 percent increase over last year, and $386 million on New Year’s Day 2020 alone, a 20 percent increase over last year and a new single-day record.

I couldn’t resist the joke when I linked to it this morning, but these App Store year-over-year growth numbers are impressive. iPhone unit sales have peaked (and iPad unit sales long ago leveled out) but because these devices remain in use for so long, the number of them in active use continues to grow, and it’s probably the case that engagement per-device is growing too.

No numbers on paid subscribers to Apple Arcade, News+, or TV+ though.

FBI vs. iPhone Encryption, Round Two: Pensacola Shooter 

Devlin Barrett, reporting for The Washington Post:

The FBI is pressing Apple for help opening iPhones that belonged to the Saudi military student who killed three people last month at a naval base in Pensacola, Fla., signaling a potential revival of the fight between the federal government and Silicon Valley over encryption technology.

On Monday, the FBI’s general counsel Dana Boente wrote a letter to Apple’s top lawyer, Katherine Adams, seeking the tech giant’s assistance.

“Even though the shooter is dead, the FBI, out of an abundance of caution, has secured court authorization to search the contents of the phones in order to exhaust all leads in this high priority national security investigation,” Boente wrote. “Unfortunately, FBI has been unable to access the contents of the phones,” the letter said, even after asking private technology experts if they could help agents crack them. “None of those reachouts has shown us a path forward.” […]

In a statement, Apple said it had already helped FBI agents on the Pensacola case by sharing relevant data in its cloud storage. Apple and other companies have said that encryption on phones is an important safeguard protecting millions of consumers against hackers and other criminals.

There are two entirely separate issues here, and the FBI either doesn’t understand them or (more likely, I think, but I’m not sure) is willfully conflating them.

The first issue is Apple offering law enforcement whatever information they can, when appropriate. In this case, they’ve apparently done so: providing the FBI with whatever they can from the suspect’s iCloud account.

The second is Apple being technically incapable of complying with additional law enforcement requests. Apple does not have a way to get at the contents of a locked, encrypted iPhone. Also true of iPads and the boot drives of Macs with a T2 security chip and File Vault enabled. That’s how these encryption systems are designed. If Apple had a way in, anyone could have a way in. That’s a backdoor, and backdoors are inherent security vulnerabilities.

Most people don’t understand anything at all about encryption (which is to be expected), and reasonably assume that surely Apple can “get into” any device that it makes. It used to be that way, in fact, in the early years of iPhones, and it was a disaster for security — a thief who had your iPhone also had access to whatever data was on your iPhone.

It’s fine that most people don’t understand anything about encryption, but experts at the FBI surely do, and my suspicion all along with the San Bernardino case was that the FBI was trying to turn the public’s ignorance of encryption — both how it works and how owning truly encrypted devices benefits them, even if they don’t know it — against Apple.

Honestly, I don’t think this has anything to do with the Pensacola shooter. I think this is part of a campaign to drum up public support for making true encryption illegal. And if it really is about the Pensacola shooter, the FBI’s leadership doesn’t understand how encryption works, which is disgraceful.

The San Bernardino case, you may recall, did not turn out well for the FBI.

Cybart: Not So Fast on AirPods Revenue 

Neil Cybart on Kevin Rooke’s estimates on AirPods revenue (linked here at DF last night):

A few hours ago, this tweet came to my attention. It’s about AirPods revenue and it’s not correct. AirPods revenue does not exceed Spotify, Twitter, Snapchat, and Shopify revenue. It’s not even close either. […]

By the way, the article in question put AirPods revenue at $12 billion in 2019. The actual number will end up being more like half that — closer to $7.5 billion.

I’d put my money on Cybart’s numbers over Rooke’s, but even if Rooke’s numbers are too high, at $7.5 billion his point still stands: AirPods as a standalone startup would be a fantastic business, growing at an extraordinary pace, with a very high ceiling. Note too that AirPods Pro were sold out until late January by the beginning of December. Could have been a much bigger holiday quarter if Apple could have made them fast enough to keep up with demand.

Apple Recaps Its Year in Services 

Apple Newsroom:

The App Store is the world’s safest and most vibrant app marketplace, with over half a billion people visiting each week. It remains the safest place for users to find software and provides developers of all sizes access to customers in 155 countries.

“Did we mention how safe it is?”

More Revenue Than Adobe, Nvidia, or AMD — and as Much as Spotify, Twitter, Snap, and Shopify Combined 

Kevin Rooke:

Imagine a startup with $12 billion of revenue, 125%+ YoY revenue growth (two years in a row), and Apple-esque gross margins (30-50%). Without knowing anything else about the business, what would you value it at? $50 billion? $100 billion? More?

That’s Apple’s AirPods business, the fastest-growing segment of the world’s most valuable company.

Keep in mind, though, that Apple hasn’t had a new hit product since the iPad in 2010.

Update: Important follow-up from Neil Cybart.

Progress Marches On 

Given this week’s links, a timely question from Caity Weaver’s “Work Friend” Q&A column in The New York Times:

Q: I teach at a large university where instructors are expected to upload students’ final grades in a centralized online system at the end of each semester. I have no problem with this simple data entry task and see it as a routine part of my job. What concerns me are the instructions that accompany it: “Please note, instructors should be using IE (Internet Explorer) to avoid any potential issues.” What is “Internet Explorer”? I don’t have this on my computer. In violation of the policy, I’ve been successfully uploading grades using programs that are not “Internet Explorer” without incident. But my success makes me all the more puzzled by the instructions. Should I try to get “Internet Explorer”? Or continue on in violation of policy?  — A.C.

A: Internet Explorer is a discontinued web browser introduced by Microsoft in 1995, and the best course of action would be to never think about it again for the rest of your life.

This one feels like a punch to the gut from the “Make You Feel Old” machine. (Via Glenn Fleishman.)

Samsung Ripped Off Apple’s Face ID Icon 

They didn’t even tweak it. Just outright copy-and-paste.

Especially egregious given that Face ID’s “face” isn’t just some random smiley face — it’s clearly drawn from the Finder icon, which itself draws from Susan Kare’s brilliant original 1984 Mac startup icon.

They might as well use an apple with a bite out of it, too.

More on IE 5 for Mac’s Scrapped Media Playback Toolbar 

Maf Vosburgh:

I devised and coded the Mac IE 5 media toolbar in the second half of 1999. The toolbar could stream music playlists or play video in a floating movie window, while you browsed the web. It had a lovely UI designed by Nikki Barton. It was cool. […]

The weird thing is that the whole feature was basically a love letter to QuickTime Streaming with open standard SHOUTcast as an after-thought. The people up in Redmond wanted us to be implementing Video for Windows support instead and we didn’t want to because we were Mac heads.

Interesting coda to Jimmy Grewal’s story on IE 5 for Mac’s origins yesterday.

‘What Apple Is Aiming For’ 

Mark Gurman, tweeting from CES:

Impressed with Nreal’s new AR glasses. This is what Apple is aiming for, but these plug into an Android phone. The new UI is super polished - and $499 blows away higher prices from Hololens, others. Critical to see if it gains an ecosystem.

Yes, I’m sure Apple is aiming for something that looks like the goggles they give you to wear for 3D movies and requires a wired connection to your phone. And Lobot’s headset was what Apple was shooting for with AirPods.

DF Weekly Sponsorships for Winter 2020 

I took some time off over the holidays but as today suggests, I’m back at the keyboard, with a long list of stuff I want to write about. (Did you know that you can get the DF posts for any given day with URLs like that? Bonus: works for months too.)

DF sponsorships for 2020 are currently wide open, including this current week. One sponsor per week, with a sponsor-written entry in the RSS feed to start the week, a thank-you post right on the homepage from me at the end, and the one and only graphic ad on every page of the site all week long. No tracking or other privacy-invasive bullshit. Just plain honest ads. My best argument that they work: the number of repeat companies in the sponsor archive list.

So if you’ve got a product or service you’d like to promote to DF’s discerning audience, I’d love to have you as a sponsor.

Lenovo’s ThinkBook Plus Laptop Has a Second Screen on the Lid 

Andrew E. Freedman, reporting for Tom’s Hardware from CES:

Lenovo’s latest take on the small business laptop has an interesting surprise: a 10.8-inch E ink display on the lid.

The ThinkBook Plus was announced here at CES 2020, and it comes with a secondary display meant to foster collaboration. While the main, 13.3-inch FHD display is closed, the E Ink screen can show email and calendar notifications from Microsoft Outlook. You can also use it to take notes with Lenovo’s included stylus. The idea is you’ll only do what you’ll need to on the screen during meetings, rather than being engrossed entirely in your laptop. It will start at $1,199 when it goes on sale in March.

This is a dumb idea. It’s a feature, not a bug, that when your laptop is closed it doesn’t reveal anything at all. Who wants their closed laptop to show email notifications? This is what smartphones (and watches) are for. When is the last time you had your laptop with you but not your phone?

Jimmy Grewal on IE 5 for Mac 

Jimmy Grewal, writing on Twitter:

Today marks the twentieth anniversary of the introduction of Microsoft’s Internet Explorer 5 for Mac. This was both the most important release of Internet Explorer for the Mac, and the last release. Here are some anecdotes and thoughts from an insider’s perspective. […]

It’s easy to forget, but IE 5 for Mac was a great app. Here’s a good Steve Jobs anecdote:

This “new look” had an uncanny resemblance to Apple’s later Aqua interface for Mac OS X. However it was developed in complete secrecy within Microsoft. When we previewed MacIE 5 with the “new look” to Apple in the Summer of 1999, Jobs was not pleased.

Since no one outside Apple was supposed to know about Aqua at the time, he couldn’t say anything to us about the resemblance; instead he directed his ire at another new feature in MacIE 5 called Media Toolbar. This feature provided support for playing back MP3s on websites.

Media Toolbar was based on code licensed from the developers of SoundJam MP, a popular MP3 player. Unbeknownst to us, Steve Jobs too had his eye on SoundJam and its lead developer Jeff Robbin. Jobs insisted we cut this feature claiming it undermined QuickTime.

Microsoft cut the feature, and regretted it. As far as I’m aware, this story has never been told before. Actually, I don’t think either story in this anecdote had been told before — neither the SoundJam-based MP3 player they intended to bake into IE nor the fact that IE 5’s “new look” was something the IE team came up with independently. Everyone I know always assumed that Apple had disclosed the IE team on the Aqua look-and-feel.

Grewal includes a link to Steve Jobs unveiling and demoing IE 5 on stage at Macworld Expo SF 2000. The video quality is terrible — somehow it’s very overexposed — but it is captivating nonetheless. What struck me about this demo is Jobs’s attention to minor UI details — like the fact that the Carbon IE 5 app used the same Aqua scrollbars as a Cocoa app. The pace and conversational tone — and the assumption that everyone watching cares as much as Jobs himself does about nitty-gritty UI details — feels very unlike a modern day Apple software demo. It’s easy to get sucked into the whole video, but the unveiling and demo of Apple Mail that follows has that same thing going for it. What Jobs is saying, effectively, is “Look at how we’re sweating every single detail.

Apple’s Surging Stock Price Attributed to Services Push 

Jeran Wittenstein, reporting for Bloomberg*:

For the first time since 2011, shares of the iPhone maker have traded at a higher price-earnings ratio than the S&P 500 for months amid a year that saw the stock’s valuation almost double. It’s a reversal from the previous nine years, when concerns over a lack of product innovation kept the stock at a persistent discount to the market.

Credit the shift in sentiment to Apple’s focus on tapping an ecosystem of nearly 1.5 billion users to generate a steady stream of profit. The increasing contribution from services like iCloud storage and Apple Music is making its business more stable and therefore deserving of a higher multiple, according to Gene Munster, a long-time Apple analyst and founder of Loup Ventures.

I hope this is simply good news for Apple (and for those who own Apple shares). 2019 marked a serious push into subscription content services and the credit card market for Apple. My concern, again, is what happens if the drive to increase services revenue takes precedence over Apple’s “Prime Directive”: to put product design and experience above all else.

* You know.

‘The Coming Supremacy of AR’ 

Allen Pike:

Advertising, gamification, constant distractions and chaos, interruptions — basically a Black Mirror hellscape. And to be clear, in the event that high fidelity AR becomes possible, some company will attempt to make such a hellscape, filled with crapware and covering your gaze with nonsense for the lowest possible price.

I challenge you, though, to imagine not the worst that a future AR experience could be, but the best. Imagine instead an AR experience not designed by advertisers, but by Apple — or even better, Apple’s successors. A team obsessively focused on people, taking a distinctly human approach to designing how your glasses could augment what you see.

The potential is obviously huge. My pessimism is that based on the state of software today — what most people use on their phones and tablets, desktops, and the web — there is arguably only one company with the technical and financial resources to make this possible that might be interested in doing it in a way that isn’t based on selling you shit through in-view advertising (as well as using what you see and hear through AR to profile you).

That company is Apple. Facebook — good god no. Google makes almost all of its money through advertising. Amazon makes most of its money selling us stuff. Samsung or any of the upstart Chinese phone companies? They don’t have the design chops to do something subtle and tasteful.

[Update: Two points. First, I should not have omitted Microsoft. They’re not an advertising company, they have the technical chops, and they’ve been working on AR/VR for years with HoloLens. So I’ll file Microsoft under “maybe”. But historically, Microsoft has never led the way on new computer interface paradigms. Second, I know Apple makes most of its money “selling us stuff” too. But Apple’s “selling us stuff” is a very different business from Amazon’s. When you buy an iPhone, Apple doesn’t start badgering you to buy an iPad and Apple Watch, too, in the way that Amazon never ceases suggesting algorithmically determined products to buy. Apple doesn’t track you across the web in order to algorithmically suggest which iPhone model you should buy. But Apple is now promoting its services within its own UIs in a way that it has never promoted its hardware products.]

But I worry that with its services push, Apple is turning into an advertising company too. It’s just advertising its own services. In iOS 13 they put an ad for AppleCare at the very top of Settings. They use push notifications to ask you to sign up for Apple Pay and Apple Card, and subscribe to Apple Music, TV, and Arcade. The free tier of Apple News is now a non-stop barrage of ads for Apple News+ subscriptions. Are we at the “hellscape” stage with Apple? No, not even close. But it’s a slippery slope. What made Apple Apple is this mindset: “Ship great products and the profits will follow” — not “Ship products that will generate great profits”.

It is essential that product people remain in charge of these decisions at Apple, not services people.