By John Gruber

• Archive
• The Talk Show
• Dithering
• Projects
• Contact
• Colophon
• Feeds / Social
• Sponsorship

Linked List: January 10, 2022

Monday, 10 January 2022

More on T-Mobile Blocking iCloud Private Relay ★

The T-Mo Report (who knew there was a site dedicated to T-Mobile news?):

According to internal documents shared with us here at The T-Mo Report, the blocking of Apple’s privacy-focused service is actually due to a conflict with existing content filtering services on T-Mobile. [...]

This seems to indicate that the blocking isn’t actually intentional by the carrier, but merely a necessary step to ensure their own services work properly. The blocking affects very few customers in practice, and it seems that there are currently no plans to expand the blocking of Apple’s service to standard customers.

Impacted customers will receive one of two error messages, shown below (sourced from the same internal document), stating that their plan isn’t compatible with the iCloud Private Relay service.

As I wrote in an update to my earlier post, if it’s true, this is fair and makes sense. If you actually want your carrier to filter your network traffic, you have to let them see your network traffic. There seem to be a lot of reports from T-Mobile customers running into this problem who claim not to be using T-Mobile’s content filtering features, though.

Another thing to check: in Settings → Cellular → Cellular Data Options, make sure “Limit IP Address Tracking” is turned on.

Update 14 January: iOS 15.3, now in beta, updates the description for iCloud Private Relay in Settings to make things more clear.

Casey Newton on the Danger of Signal Adding Anonymous Payments ★

Speaking of Signal, Casey Newton, writing for Platformer:

There’s nothing sinister about putting payments into a messaging app, and Signal is not alone in adding crypto payments to messaging: the company formerly known as Facebook has undertaken a multiyear effort to create a new currency and integrate it with WhatsApp and Messenger. What sets Signal’s effort apart is the combination of end-to-end encryption in messaging and a cryptocurrency with privacy features designed to make any transactions anonymous.

Last year, current and former Signal employees told me they were worried about what that combination would bring to the app. Anonymous transactions would likely attract criminals, they told me, and that in turn would attract regulatory scrutiny. Given that end-to-end encryption already faces legal challenges around the globe, they said, Signal’s addition of anonymous payments was a needless provocation. And it could give more ammunition to lawmakers who want to end encryption as we know it.

Moxie Marlinspike Steps Aside as Signal C.E.O. ★

Speaking of Moxie Marlinspike, from Signal’s blog:

It’s a new year, and I’ve decided it’s a good time to replace myself as the CEO of Signal.

I have now been working on Signal for almost a decade. It has always been my goal for Signal to grow and sustain beyond my involvement, but four years ago that would still not have been possible. I was writing all the Android code, was writing all of the server code, was the only person on call for the service, was facilitating all product development, and was managing everyone. I couldn’t ever leave cell service, had to take my laptop with me everywhere in case of emergencies, and occasionally found myself sitting alone on the sidewalk in the rain late at night trying to diagnose a service degradation.

I’ve spent the past four years endeavouring to change that, and today the picture is radically different. [...]

I will continue to remain on the Signal board, committed to helping manifest Signal’s mission from that role, and I will be transitioning out as CEO over the next month in order to focus on the candidate search. Brian Acton, who is also on the Signal Foundation board, has volunteered to serve as interim CEO during the search period.

I hope this Acton fellow knows something about cryptographically-secure messaging.

T-Mobile Might Be Blocking iPhone Users From Enabling iCloud Private Relay in the U.S. ★

Chance Miller, 9to5Mac:

In the UK, carriers including T-Mobile, EE, and others have already started blocking Private Relay usage when connected to cellular data. 9to5Mac has also now confirmed that T-Mobile is extending this policy to the United States.

This means that T-Mobile and Sprint users in the United States can no longer use the privacy-preserving iCloud Private Relay feature when connected to cellular data. An error message in the Settings app explains:

Your cellular plan doesn’t support iCloud Private Relay. With Private Relay turned off, this network can monitor your internet activity, and your IP address is not hidden from known trackers or websites.

This is some serious bullshit. It has nothing to do with improving network quality and everything to do with T-Mobile selling your usage data. Curious how Apple will respond. I’d say switch carriers if you’re on T-Mobile, but if they get away with this, I fear Verizon and AT&T will follow.

[Update: T-Mobile in a statement to 9to5Mac: “Customers who chose plans and features with content filtering (e.g. parent controls) do not have access to the iCloud Private Relay to allow these services to work as designed. All other customers have no restrictions.” That makes sense, and is fair. If you actually want your carrier to filter your network traffic you have to let them see your network traffic.

But, responding to T-Mobile’s statement, Miller states: “However, many of the users we’ve heard from, and tested ourselves, do not have any such content filtering enabled. We’ve followed up with T-Mobile for additional clarification, but have not yet heard back.”]

Also at 9to5Mac today, Benjamin Mayo:

It seems carriers in Europe don’t like that idea too much. Via The Telegraph, operators including Vodafone, Telefonica and T-Mobile signed an open letter voicing their opposition to the rollout of the feature. In fact, some carriers are already blocking support as shown in screenshots from readers below.

The letter said that Private Relay cuts off networks and servers from accessing “vital network data and metadata” and will have “significant consequences in terms of undermining European digital sovereignty”. They say it will also impact “operator’s ability to efficiently manage telecommunication networks”.

It’s unclear why the companies are speaking out against Private Relay, when general VPN services have been widely available for years and do much of the same role. Perhaps it is the fact that Private Relay is so easily accessible that they expect a lot of people to use it; the feature is built into iOS 15 and available to any customer with a paid iCloud plan.

Let’s see if the EU’s vaunted regulators know which side of this dispute is actually working in favor of user privacy. There should be no debate which side is right here.

First-Dose Vaccinations Quadruple in Quebec Ahead of Restrictions at Liquor and Cannabis Stores ★

CTV News in Quebec:

The number of appointments for the first dose of a COVID-19 vaccine has risen sharply this week in Quebec, according to Health Minister Christian Dubé.

Thursday, Dubé announced that vaccine passports would be required to enter Société des alcools du Québec (SAQ) and Société québécoise du cannabis (SQDC) locations starting Jan. 18. He explains the decision was made to curb an increase in cases of the highly contagious Omicron variant.

He says he hopes this measure will be an additional incentive for some people to get their first dose of vaccine against COVID-19, as more than 50 per cent of people currently hospitalized are non-vaccinated people, though they represent about 10 per cent of the population.

A stick works better to motivate people when it’s used to dangle a carrot, rather than as a switch. More like this, please.

(Worth noting too that Quebec had a high vaccination rate prior to these new restrictions.)

Moxie Marlinspike: ‘My First Impressions of Web3’ ★

Moxie Marlinspike:

Despite considering myself a cryptographer, I have not found myself particularly drawn to “crypto.” I don’t think I’ve ever actually said the words “get off my lawn,” but I’m much more likely to click on Pepperidge Farm Remembers flavored memes about how “crypto” used to mean “cryptography” than I am the latest NFT drop.

Also — cards on the table here — I don’t share the same generational excitement for moving all aspects of life into an instrumented economy.

Even strictly on the technological level, though, I haven’t yet managed to become a believer. So given all of the recent attention into what is now being called web3, I decided to explore some of what has been happening in that space more thoroughly to see what I may be missing.

What does this guy know about cryptography, though?

Norton 360 Now Comes With a Cryptominer ★

Brian Krebs:

Norton 360, one of the most popular antivirus products on the market today, has installed a cryptocurrency mining program on its customers’ computers. Norton’s parent firm says the cloud-based service that activates the program and allows customers to profit from the scheme — in which the company keeps 15 percent of any currencies mined — is “opt-in,” meaning users have to agree to enable it. But many Norton users complain the mining program is difficult to remove, and reactions from longtime customers have ranged from unease and disbelief to, “Dude, where’s my crypto?”

Krebs also reports that Avira antivirus — which apparently has 500 million users and is owned by the same parent company as Norton — is doing the same thing.

Given how much energy it takes to mine cryptocurrencies, I suspect that few users who opt into this will net any money for themselves. It’s just a scam, like most antivirus software itself and the whole world of cryptocurrencies.