Uber to End Post-Trip Tracking of Riders as Part of Privacy Push →

August 30, 2017 · 10:30

Dustin Volz, writing for Reuters:

“We’ve been building through the turmoil and challenges because we already had our mandate,” said Sullivan, who is a member of the executive leadership team that has been co-running Uber since Kalanick left in June.

An update to the app made last November eliminated the option for users to limit data gathering to only when the app is in use, instead forcing them to choose between letting Uber always collect location data or never collect it.

Uber said it needed permission to always gather data in order to track riders for five minutes after a trip was completed, which the company believed could help in ensuring customers’ physical safety. The option to never track required riders to manually enter pickup and drop-off addresses.

I’m pretty sure their backtracking on the issue is the result of #DeleteUber and other protests — they miscalculated.


APFS on SSDs Mandatory in macOS High Sierra →

August 30, 2017 · 09:58

Apple Support:

Apple File System (APFS), is the default file system in macOS High Sierra for Mac computers with all flash storage. APFS features strong encryption, space sharing, snapshots, fast directory sizing, and improved file system fundamentals.

When you upgrade to macOS High Sierra, systems with all flash storage configurations are converted automatically. Systems with hard disk drives (HDD) and Fusion drives won’t be converted to APFS. You can’t opt-out of the transition to APFS.

Please make sure to create a good backup (or three!) before upgrading to High Sierra, because Shit Happens™ when you don’t have one (or three!).


One Giant Screen Keyboard →

August 29, 2017 · 14:39

Benjamin Mayo:

In fact, the Touch Bar has a clear path of iteration ahead of it. Make it cheaper, roll out to lower-end Macs, add haptic response, and ultimately take over the whole keyboard with one giant screen.

I sure as hell hope that won’t happen, but perhaps it really is inevitable? Looking at the computer keyboards used in The Fate of the Furious, this could be sooner than we imagine.


Google Removes 300 Apps Used to Launch DDoS Attacks From Play Store →

August 29, 2017 · 14:32

Kate Conger, writing for Gizmodo:

Google has removed roughly 300 apps from its Play Store after security researchers from several internet infrastructure companies discovered that the seemingly harmless apps—offering video players and ringtones, among other features—were secretly hijacking Android devices to provide traffic for large-scale distributed denial of service (DDoS) attacks.

How many more have yet to be discovered?


The Future of the Touch Bar and Touch ID →

August 29, 2017 · 08:54

Chuq Von Rospach, writing down his thoughts about facial recognition replacing Touch ID:

With the iPhone 8, it looks like that new technology is here. And if this is true, that explains at least in part why the Touch ID sensor was downplayed in last fall’s announcements (don’t want to oversell something they know is going away) and why we don’t have a Touch Bar keyboard. It made no sense to build that product since a year later it would be replaced.

If I’m right, future Macs will use the infrared facial recognition, and they can embed those sensors in the bezel of the monitor on both the iMac and the laptops. This simplifies the problem of needing to secure the communication between the sensor and the Secure Enclave; by moving those sensors into the device and off the keyboard, everything gets a lot cleaner. And they can build a much less expensive keyboard with a Touch Bar on it that doesn’t require the level of communication security that would be required if it also had the Touch ID sensor.

There were also rumours about Apple being surprised about the number of older MacBook Pro (2015) orders when the late 2016 models came out. When added to the fact that the Touch Bar wasn’t universally well received, perhaps they re-evaluated their stance on the future of keyboards and will either scrap the Touch Bar entirely1 or make it optional. Either way, the Touch Bar is neither the future of keyboards, nor is it a sensible stop-gap to on-screen keyboards. In my use case, where I can’t even see it without moving my hands off the keyboard, it’s just an annoyance and I consider it to be bad design.

In retrospect, I believe had Apple just added Touch ID to every MacBook and keyboard2, skipping the Touch Bar entirely, they would have garnered much more praise, instead of the mixed reviews, which mostly focused on the Touch Bar itself, often mentioning Touch ID only in passing.

  1. Which is my hope.
  2. Perhaps making it optional, so as not to freak people out with higher prices.

DJI Removes JPush Plugin From Their App for Collecting User Data Without Approval →

August 29, 2017 · 08:04

This is yet another example of third-party libraries, plugins, or add-ons, which do things they aren’t supposed to:

DJI has removed a third-party plugin called JPush, which was introduced in March 2016 for iOS and May 2017 for Android. We implemented the plugin as a way to push notifications when video files are successfully uploaded to DJI’s SkyPixel video sharing platform. JPush assigns a unique JPush ID to each user and informs SkyPixel of this ID when the user chooses to upload a video. After uploading is complete, SkyPixel sends the user’s unique JPush ID back to the JPush server, triggering an “Upload Complete” notification on the user’s DJI GO or DJI GO 4 apps. By using JPush’s third-party plugin, DJI has allowed users to multitask while uploading large video files to SkyPixel occurs in the background of their app.

As a third-party company, JPush only needs to send and receive a minimal, narrowly-defined amount of data in order for this function to work properly. Recent work by DJI’s software security team and external researchers has discovered that JPush also collects extraneous packets of data, which include a list of apps installed on the user’s Android device, and sends them to JPush’s server. DJI did not authorize or condone either the collection or transmission of this data, and DJI never accessed this data. JPush has been removed from our apps, and DJI will develop new methods for providing app status updates that better protect our customers’ data.

I still don’t quite understand how and why developers and companies would choose to go down this route without a detailed check of what the used third-party code does precisely. Laziness, I guess.


Touch Bar: Optional →

August 28, 2017 · 18:51

Chuq Von Rospach:

The current laptop line forces users to pay for the Touch Bar on the higher end devices whether they want it or not, and that’s a cost users shouldn’t need to pay for a niche technology without a future. So Apple needs to either roll the Touch Bar out to the entire line and convince us we want it, or roll it back and offer more laptop options without it. I’m going to be curious what they do if/when they announce updated Laptops this fall.

I still believe the Touch Bar should be optional and customers should be able to specify every model with or without it, depending on their needs and preferences. At the same time, Touch ID should be integrated into the models with ‘real’ keyboards, although having it as another option would be preferable.

I wrote my ‘quick review’ of the 13“ Escape in January and I still stand by my words:

Not having the Touch Bar is such as relief. I was actually surprised, when I realised it, about 5 minutes into configuring this Mac. I felt complete, having the function row back. The Touch Bar is most definitely not for me. Don’t get me wrong, I get why some people like it, but I try to keep my hands on the keyboard at all times, using shortcuts to get what I need done. This allows me not to take my eyes off of the screen. Unfortunately, I could not get used to shifting my eyesight down at the Touch Bar from the display, which was made worse by the fact that when using the MacBook Pro on my lap, my hands would block it.

I truly hope that the Touch Bar will become an option in the future — I’m a diehard keyboard fan and I do not want to change my habits for what I consider a gimmick. I want to be able to buy any MacBook Pro and specify whether I want a Touch Bar or not, like RAM or the CPU.


Apple ‘Aiming To Use’ Steve Jobs Theatre for iPhone 8 Launch →

August 28, 2017 · 16:36

Benjamin Mayo:

The Wall Street Journal is reporting that Apple has indeed scheduled an event on September 12. On that date, Apple is set to announce the new iPhone models, as well as cellular Apple Watch and a 4K Apple TV set-top box. We are still waiting for Apple to send out invites to press to make the event official, although it is all but confirmed at this point.

In terms of event location, the report says that the company is ‘aiming to use’ the Steve Jobs Theater in Apple Park for the first time …

I’m pretty sure Apple Park is amazing to behold for the first time, from an architectural point of view especially, but I would love to be able to see the inside of the Steve Jobs Theatre at least once in my lifetime.


DarkSky Comments on AccuWeather, Location Tracking, and Privacy →

August 28, 2017 · 13:12

Adam Grossman:

(…) we also believe that Apple and Google should do more to prevent this sort of behavior. They should set — and aggressively enforce — clear App Store rules forbidding the sharing of location data for any purposes not directly relevant to the app’s core functionality. If an app is caught breaking this rule, it should be removed from the store. This won’t stop all abuse, but it would, at the very least, put many of these data monetization companies out of the business of tracking where you go.

I completely agree and have much respect for the DarkSky team for their declarations. Especially since Adam also posted many examples of companies, such as Reveal Mobile, contacting them and offering to pay for their data. In the meantime, AccuWeather’s response on the matter was a non-answer.


$999 iPhone? →

August 28, 2017 · 10:23

Brian X. Chen, writing for The New York Times:

Chief among the changes for the new iPhones: refreshed versions, including a premium model priced at around $999, according to people briefed on the product, who asked to remain anonymous because they were not authorized to speak publicly.

This wouldn’t at all surprise me. Unfortunately, this is not a phone that I would consider buying and it has nothing to do with whether I can afford it or not — I just refuse to pay that much for a smartphone, which is close to or more than my MacBook Pro1. What’s even more frustrating is that if the pricing speculations are accurate, the new ‘iPhone Pro’ will be at least 50% dearer than a Galaxy S8 in Poland.

  1. EU prices additionally are much higher than those in the US.

Luna Display →

August 23, 2017 · 14:42

Craig Hockenberry:

What if I told you that you could add a Retina Display to your MacBook Pro for under $100? And what would you think when I showed how it plugs into your computer?

The only use that I can see, for me personally, is for Lightroom. But only because Lightroom for iOS isn’t an exact equivalent of its desktop counterpart.

This also raises a few questions in regard to touch screens and Macs. Should Apple introduce touch to the Mac? Is this a niche product/need? Will the iPad with iOS 11 kill that need? Or with future releases, making iOS on iPads fully featured? Will there be a laptop with iOS in the near future? Will “the next big thing” arrive, replacing our need for smartphones and tablets, before iOS matures?

These are truly interesting times in tech, ones which I could not have imagined 30 years ago, sitting in front our IBM PC XT.


AccuWeather Caught Sending User Location Data, Even When Location Sharing Is Off →

August 23, 2017 · 14:33

Zack Whittaker:

Popular weather app AccuWeather has been caught sending geolocation data to a third-party data monetization firm, even when the user has switched off location sharing.

AccuWeather is one of the most popular weather apps in Apple’s app store, with a near perfect four-star rating and millions of downloads to its name. But what the app doesn’t say is that it sends sensitive data to a firm designed to monetize user locations without users’ explicit permission.

Delete this crap and never install it again.


The VW Bus Is Back, and It’s Electric →

August 21, 2017 · 18:00

VW Newsroom:

Driven by popular demand, Volkswagen announced today it is planning on selling a production version of the award-winning I.D. Buzz concept electric vehicle in 2022 for the United States, Europe and China.

While VW still has to prove it can bring back its retro icons — they failed with the Beetle — this is the first VW I am genuinely interested in.


Cops Can Make You Unlock Your Phone With Your Fingerprint, but Not Your Passcode →

August 21, 2017 · 08:58

John Gruber:

This is why it’s so great that iOS 11’s new easily-invoked Emergency SOS mode requires you to enter your passcode after invoking it. When you’re entering customs or in a situation where you’re worried you’re about to be arrested, you can quickly disable Touch ID without even taking your phone out of your pocket.

Until iOS 11 ships, it’s worth remembering that you’ve always been able to require your iPhone’s passcode to unlock it by powering it off. A freshly powered-on iPhone always requires the passcode to unlock.

This unfortunately does not help at borders, which you should take into account while traveling to countries such as Russia, China, USA, and Australia, amongst others:

In fact, US Customs and Border Protection has long considered US borders and airports a kind of loophole in the Constitution’s Fourth Amendment protections, one that allows them wide latitude to detain travelers and search their devices. For years, they’ve used that opportunity to hold border-crossers on the slightest suspicion, and demand access to their computers and phones with little formal cause or oversight.

Even citizens are far from immune. CBP detainees from journalists to filmmakers to security researchers have all had their devices taken out of their hands by agents.


iPhone Secure Enclave Firmware Key Found →

August 21, 2017 · 08:49

David Schuetz:

Earlier today, it was reported that a hacker/researcher called “xerub” had released the encryption key, and tools to use it, for the firmware that runs the Secure Enclave Processor (SEP) on iPhone 5S. Reporting was…breathless. Stories suggested that this move was “destroying key piece of iOS mobile security,” and that we should “be on the lookout for Touch ID hacks” and “password harvesting scams.”

Is it really that bad? No, not really (…)

What was released today was the key to decrypt that firmware, but not a key to decrypt the region of disk used by the SE to store data. So now we can actually reverse-engineer the SE system, and hopefully gain a much better understanding of how it works. But we can’t decrypt the data it processes.


Sue the Manufacturer of Your Smartphone for Allowing You to Text While Driving →

August 21, 2017 · 08:41

Joe Rossignol, writing for MacRumors:

California resident Julio Ceja filed a class action complaint against Apple in January, accusing the company of placing profit before consumer safety by choosing not to implement a lock-out mechanism that would disable an iPhone’s functionality when being used behind the wheel by an engaged driver.

Ceja said his vehicle was involved in a collision with another vehicle in which the driver was texting on an iPhone.

Apple, however, told the court that it’s a driver’s fault if they choose to misuse an inherently safe iPhone while operating a vehicle. Apple essentially said it cannot be blamed simply because it manufactures the device, according to court documents filed electronically and obtained by MacRumors.

I’m going to sue the manufacturer of my TV, because I tripped over the coffee table, because I was distracted while watching Netflix. Hmm… I could try to sue Netflix too, I guess.

The absurdity of the legal system at its finest.


No More DISQUS Comments (And Typography Changes)

August 20, 2017 · 13:20

DISQUS have informed me that they will be introducing ads to their commenting system on my site in the following week or so, hence I have chosen to remove their service from Infinite Diaries. They do offer an ad-free experience, but I would have to pay for their pro tier, which makes no sense whatsoever in this case.

In the meantime, I have also modified the typography used on Infinite Diaries, settling on Lato and Noto Serif.

Update

You can additionally login via WordPress, Twitter, and Facebook to leave a comment.

Update 2

I turned Noto Serif off. It didn’t fit.


Google Will Pay $3 Billion to Remain Top Search Provider on iOS →

August 16, 2017 · 15:11

Luke Dormehl, writing for Cult of Mac:

Google could pay Apple as much as $3 billion this year in order to remain the default search engine on iOS devices, a new report claims.

The claim comes from Bernstein analyst A.M. Sacconaghi Jr. If true, it would represent a sizable increase from the $1 billion that Apple was paid by Google for the same reason back in 2014.

While this is (or would be) a good business decision on Apple’s part, they really should just set DuckDuckGo as the default search engine. The good of the users should come first and DDG is easily good enough for most.


Removing “Send to Watch” from Overcast →

August 12, 2017 · 14:48

Marco Arment:

I’ve spent many months of development on Overcast’s Apple Watch app, especially implementing standalone “Send to Watch” playback. Unfortunately, I now need to remove the “Send to Watch” feature.

I tried it once, soon after it debuted in Overcast. The transfer of a single podcast episode was so slow, that I never bothered again. Apple needs to fix the Watch’s biggest bottleneck.


Celebrating 30 Years of HyperCard →

August 12, 2017 · 14:44

Jason Scott:

On August 11, 1987, Bill Atkinson announced a new product from Apple for the Macintosh; a multimedia, easily programmed system called HyperCard. HyperCard brought into one sharp package the ability for a Macintosh to do interactive documents with calculation, sound, music and graphics. It was a popular package, and thousands of HyperCard “stacks” were created using the software.

In an alternative universe, my other self’s dad bought a Mac instead of an IBM PC XT. Instead of being quite adept at navigating folders in Norton Commander by the age of six or seven, I would have taught myself HyperCard.


One Other Thought on Ulysses’ Subscription Model →

August 12, 2017 · 08:59

From Ulysses’ FAQ:

What happens after my subscription or trial ends? Can I still access my texts?

Definitely. Ulysses is in read-only mode, meaning you can still access all your sheets and export them using any export format.

I strongly believe that to alleviate concerns over “renting software” instead of owning a copy, Ulysses (in this example) should still be fully functional when a user ceases paying their subscription, but it would stop receiving updates and new features. If a developer was feeling extra generous, they could support new OS versions and security updates.


August 10, 2017 · 09:34

The 2017 Amazon Echo Show looks like what people thought the future would look like in 1980. In 2007, the iPhone was the future.


August 9, 2017 · 23:35

I listen to so many podcasts, that I’d prefer some of them to be daily shows. @ATPfm and @TheTalkShow come to mind first. At the same time, I probably should publish our podcast more often…


So, About this Googler’s Manifesto →

August 7, 2017 · 10:07

Yonatan Zunger:

I’m writing this here, in this message, because I’m no longer at the company and can say this sort of thing openly. But I want to make it very clear: if you were in my reporting chain, all of part (3) would have been replaced with a short “this is not acceptable” and maybe that last paragraph above. You would have heard part (3) in a much smaller meeting, including you, me, your manager, your HRBP, and someone from legal. And it would have ended with you being escorted from the building by security and told that your personal items will be mailed to you. And the fact that you think this was “all in the name of open discussion,” and don’t realize any of these deeper consequences, makes this worse, not better.