![[Valid Atom 1.0]](images/valid-atom.png "Valid Atom 1.0")
This is a valid Atom 1.0 feed.
This feed is valid, but interoperability with the widest range of feed readers could be improved by implementing the following recommendations.
line 13, column 66: (48 occurrences) [help]
<link rel="shorturl" type="text/html" href="http://df4.us/vo7" />
^
line 1714, column 0: (2 occurrences) [help]
<p><audio
line 1714, column 0: (2 occurrences) [help]
<p><audio
<?xml version="1.0" encoding="utf-8"?><feed xmlns="http://www.w3.org/2005/Atom"><title>Daring Fireball</title><subtitle>By John Gruber</subtitle><link rel="alternate" type="text/html" href="https://daringfireball.net/" /><link rel="self" type="application/atom+xml" href="https://daringfireball.net/feeds/main" /><id>https://daringfireball.net/feeds/main</id> <updated>2024-07-27T01:04:37Z</updated><rights>Copyright © 2024, John Gruber</rights><entry> <title>Zuckerberg: ‘Open Source AI Is the Path Forward’</title> <link rel="alternate" type="text/html" href="https://about.fb.com/news/2024/07/open-source-ai-is-the-path-forward/" /> <link rel="shorturl" type="text/html" href="http://df4.us/vo7" /> <link rel="related" type="text/html" href="https://daringfireball.net/linked/2024/07/26/zuck-open-source-ai" /> <id>tag:daringfireball.net,2024:/linked//6.41047</id> <published>2024-07-27T00:47:15Z</published> <updated>2024-07-27T01:04:37Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <content type="html" xml:base="https://daringfireball.net/linked/" xml:lang="en"><![CDATA[<p>Mark Zuckerberg, in an essay extolling the virtues of Meta’s open source approach to AI development:</p> <blockquote> <p>People often ask if I’m worried about giving up a technicaladvantage by open sourcing Llama, but I think this misses the bigpicture for a few reasons:</p> <p>First, to ensure that we have access to the best technology andaren’t locked into a closed ecosystem over the long term, Llamaneeds to develop into a full ecosystem of tools, efficiencyimprovements, silicon optimizations, and other integrations. If wewere the only company using Llama, this ecosystem wouldn’t developand we’d fare no better than the closed variants of Unix.</p> <p>Second, I expect AI development will continue to be verycompetitive, which means that open sourcing any given model isn’tgiving away a massive advantage over the next best models at thatpoint in time. The path for Llama to become the industry standardis by being consistently competitive, efficient, and opengeneration after generation.</p> <p>Third, a key difference between Meta and closed model providers isthat selling access to AI models isn’t our business model. Thatmeans openly releasing Llama doesn’t undercut our revenue,sustainability, or ability to invest in research like it does forclosed providers. (This is one reason several closed providersconsistently lobby governments against open source.)</p></blockquote> <p>Zuckerberg’s argument makes numerous references to Linux winning the war against proprietary Unix variants. I’m not sure how good an analogy that is. Perhaps a better analogy is to programming languages, where instead of one winner (like Linux in the field of operating systems) there are dozens, but they’re all open source, even the ones spearheaded by commercial companies. I’ve been on board with the argument that <a href="https://daringfireball.net/linked/2023/06/20/regulation-altman">there is no moat</a> with LLMs, and if there’s no moat, there’s little reason to bank on proprietary solutions. Proprietary solutions require a moat.</p> <blockquote> <p>One of my formative experiences has been building our servicesconstrained by what Apple will let us build on their platforms.Between the way they tax developers, the arbitrary rules theyapply, and all the product innovations they block from shipping,it’s clear that Meta and many other companies would be freed up tobuild much better services for people if we could build the bestversions of our products and competitors were not able toconstrain what we could build. On a philosophical level, this is amajor reason why I believe so strongly in building open ecosystemsin AI and AR/VR for the next generation of computing.</p></blockquote> <p>Apple’s App Store payments commission — which most definitely is not a “tax” — is what it is. But it’s just about money. As for the “product innovations they block from shipping”, one man’s product innovation <a href="https://9to5mac.com/2024/07/26/microsoft-starts-campaign-to-make-windows-security-more-like-mac-post-crowdstrike/">is another man’s CrowdStrike</a>.</p> <p>I realize this is an aside in an essay that otherwise has nothing to do with Apple or iOS, but to me it speaks to how obsessed Zuckerberg is with the subordinate role Meta has been relegated to on mobile platforms — which of course are the platforms where Meta’s platforms are primarily used. But what exactly are the innovations Apple has blocked Meta from shipping? Why haven’t they shipped those same innovations on Android, which is significantly more open? Why doesn’t Meta just ship its own phone? <a href="https://www.theverge.com/2013/4/9/4206176/htc-first-review-facebook-phone">Oh wait</a>. </p> <p>As frustrating as Apple’s control over iOS can be at times — for users, for developers, and for <a href="https://www.forbes.com/real-time-billionaires/#5b0592223d78">the fifth-wealthiest man on the planet</a> — there are <em>really</em> compelling arguments that iOS has succeeded, and remained so popular for so long, not <em>despite</em> Apple’s opinionated control over the platform but <em>because</em> of it.</p> <div><a title="Permanent link to ‘Zuckerberg: ‘Open Source AI Is the Path Forward’’" href="https://daringfireball.net/linked/2024/07/26/zuck-open-source-ai"> ★ </a></div> ]]></content> </entry><entry> <title>Google Is Now the Only Search Engine Reddit Allows to Index It</title> <link rel="alternate" type="text/html" href="https://www.404media.co/google-is-the-only-search-engine-that-works-on-reddit-now-thanks-to-ai-deal/" /> <link rel="shorturl" type="text/html" href="http://df4.us/vo6" /> <link rel="related" type="text/html" href="https://daringfireball.net/linked/2024/07/26/google-reddit" /> <id>tag:daringfireball.net,2024:/linked//6.41046</id> <published>2024-07-26T22:07:54Z</published> <updated>2024-07-26T22:07:55Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <content type="html" xml:base="https://daringfireball.net/linked/" xml:lang="en"><![CDATA[<p>Emanuel Maiberg, reporting for 404 Media:</p> <blockquote> <p>If you use Bing, DuckDuckGo, Mojeek, Qwant or any otheralternative search engine that doesn’t rely on Google’s indexingand search Reddit by using “site:reddit.com,” you will not see anyresults from the last week. DuckDuckGo is currently turning upseven links when searching Reddit, but provides no data on wherethe links go or why, instead only saying that “We would like toshow you a description here but the site won’t allow us.” Olderresults will still show up, but these search engines are no longerable to “crawl” Reddit, meaning that Google is the only searchengine that will turn up results from Reddit going forward.Searching for Reddit still works on Kagi, an independent, paidsearch engine that buys part of its search index from Google.</p> <p>The news shows how Google’s near monopoly on search is nowactively hindering other companies’ ability to compete at a timewhen Google is facing increasing criticism over the quality of itssearch results. This exclusion of other search engines also comesafter Reddit locked down access to its site to stop companies fromscraping it for AI training data, which at the moment only Googlecan do as a result of a multi-million dollar deal that givesGoogle the right to scrape Reddit for data to train its AIproducts.</p> <p>“They’re [Reddit] killing everything for search but Google,”Colin Hayhurst, CEO of the search engine Mojeek told me on a call.</p></blockquote> <p>I have to blame Reddit for this, not Google. But it’s not a good look for Google, either.</p> <div><a title="Permanent link to ‘Google Is Now the Only Search Engine Reddit Allows to Index It’" href="https://daringfireball.net/linked/2024/07/26/google-reddit"> ★ </a></div> ]]></content> </entry><entry> <link rel="alternate" type="text/html" href="https://1password.com/daringfireball" /> <link rel="shorturl" href="http://df4.us/vo5" /> <link rel="related" type="text/html" href="https://daringfireball.net/feeds/sponsors/2024/07/1password_you_cant_ignore_gdpr" /> <id>tag:daringfireball.net,2024:/feeds/sponsors//11.41045</id> <author><name>Daring Fireball Department of Commerce</name></author> <published>2024-07-24T01:48:42Z</published> <updated>2024-07-24T01:48:43Z</updated> <content type="html" xml:base="https://daringfireball.net/feeds/sponsors/" xml:lang="en"><![CDATA[<p>When the EU enacted GDPR in 2018, executives and security professionals waited anxiously to see how the law would be enforced. And then they kept waiting ... and waiting ... but the Great European Privacy Crackdown never came. For a while it seemed like the only way you’d get slapped with a GDPR fine was to do something truly egregious or be named Mark Zuckerberg. (Or preferably both.)</p> <p>But the days of betting that you’re too big or too small to be noticed by GDPR are over. Recently, EU member nations (plus the UK) have started taking action against data controllers of all sizes–from the big (Amazon), to the medium (a trucking company), to the truly minuscule (a Spanish citizen whose home security cameras bothered their neighbors).</p> <p>So what changed between 2018 and 2024? Perhaps the biggest factor was the EU cracking down on companies putting bogus “headquarters” in countries with friendly regulators, particularly <a href="https://www.irishtimes.com/opinion/2023/01/23/irelands-data-commissioner-out-of-step-with-european-peers/">Ireland</a>. But it certainly didn’t help that the last few years have seen an unending tide of data breach stories, and the public’s relationship with tech has increasingly soured. There’s an <em>appetite</em> for enforcement these days, and it’ll probably get worse before it gets better.</p> <p>If you’re an IT or security professional, you may be wondering what to do with this information. Unfortunately, GDPR compliance isn’t the kind of thing you can solve by buying a tool or scheduling a training session. The best place to start is to adopt a policy of data minimization: collect only the data you truly need to function, on both customers and employees.</p> <p>After that, your second priority must be securing the data you have. Of course, that’s easier said than done, but you can start with doing more to protect against common breach culprits like compromised passwords. (Call us biased, but getting a password manager for every employee really is table stakes for good security.) You also need to monitor where all your data is going, so PII doesn’t disappear onto Shadow IT apps and unmanaged devices.</p> <p>We’ll close with a <a href="https://ico.org.uk/about-the-ico/media-centre/news-and-blogs/2022/10/biggest-cyber-risk-is-complacency-not-hackers/">2022 quote from John Edwards</a>, the UK Information Commissioner:</p> <blockquote> <p>“The biggest cyber risk businesses face is not from hackers outside of their company, but from complacency within their company. If your business doesn’t regularly monitor for suspicious activity in its systems and fails to act on warnings, or doesn’t update software and fails to provide training to staff, you can expect a similar fine from my office.”</p></blockquote> <p>In other words: it’s time to get serious about GDPR.</p> <p><a href="https://blog.1password.com/get-serious-gdpr-compliance/">To learn more about GDPR compliance, read the full blog</a>.</p> <div><a title="Permanent link to ‘1Password: You Can’t Ignore GDPR Anymore’" href="https://daringfireball.net/feeds/sponsors/2024/07/1password_you_cant_ignore_gdpr"> ★ </a></div> ]]></content> <title>[Sponsor] 1Password: You Can’t Ignore GDPR Anymore</title></entry><entry> <title>The New Overcast</title> <link rel="alternate" type="text/html" href="https://marco.org/2024/07/16/overcast-rewrite" /> <link rel="shorturl" type="text/html" href="http://df4.us/vo4" /> <link rel="related" type="text/html" href="https://daringfireball.net/linked/2024/07/22/overcast-new" /> <id>tag:daringfireball.net,2024:/linked//6.41044</id> <published>2024-07-23T00:32:28Z</published> <updated>2024-07-23T00:34:16Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <content type="html" xml:base="https://daringfireball.net/linked/" xml:lang="en"><![CDATA[<p>Marco Arment, introducing the 10th-anniversary re-write of Overcast:</p> <blockquote> <p>Most of Overcast’s core code was 10 years old, which made itcumbersome or impossible to easily move with the times, adopt newiOS functionality, or add new features, especially as one person.</p> <p>That’s why there haven’t been many new features or changesin years.</p> <p>You saw it, and I saw it. I wasn’t able to serve my customers aswell as I wanted.</p> <p>For Overcast to have a future, it needed a modern foundation forits second decade. I’ve spent the past 18 months rebuilding mostof the app with Swift, SwiftUI, <a href="https://github.com/marcoarment/Blackbird">Blackbird</a>, and modernSwift concurrency.</p> <p>Now, development is rapidly accelerating. I’m moreresponsive, iterating more quickly, and ultimately making theapp <em>much</em> better.</p></blockquote> <p>Promotions for podcasts will often end with a call to action along the lines of “Available wherever you get your podcasts.” As Anil Dash noted a few months ago, <a href="https://www.anildash.com/2024/02/06/wherever-you-get-podcasts/">that’s a radical statement</a>. Using whatever client software you want to access content published using open standards on the internet is the way the internet was designed to be. But it’s not the way it’s worked out, by and large. Streaming video is largely available only via proprietary apps from each individual service. Same with streaming music.</p> <p>But not so with podcasts. Podcasts, more than any other medium, exemplify the original spirit of the open internet. “Wherever you get your podcasts”, for me, has meant Overcast for the last decade. And I feel confident that will be true for the next decade. I’ve got a few small gripes with this major update, but overall it’s clear that Overcast is better than ever.</p> <div><a title="Permanent link to ‘The New Overcast’" href="https://daringfireball.net/linked/2024/07/22/overcast-new"> ★ </a></div> ]]></content> </entry><entry> <title>FBI Used New Cellebrite Software to Access Trump Shooter’s Samsung Phone</title> <link rel="alternate" type="text/html" href="https://www.bloomberg.com/news/articles/2024-07-18/fbi-used-new-cellebrite-software-to-access-trump-shooter-s-phone" /> <link rel="shorturl" type="text/html" href="http://df4.us/vo3" /> <link rel="related" type="text/html" href="https://daringfireball.net/linked/2024/07/22/cellebrite-fbi-android-trump-shooter" /> <id>tag:daringfireball.net,2024:/linked//6.41043</id> <published>2024-07-23T00:16:34Z</published> <updated>2024-07-23T00:16:34Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <content type="html" xml:base="https://daringfireball.net/linked/" xml:lang="en"><![CDATA[<p>Margi Murphy and Katrina Manson, reporting for Bloomberg:</p> <blockquote> <p>The local FBI bureau in Pittsburgh held a license for Cellebritesoftware, which lets law enforcement identify or bypass a phone’spasscode. But it didn’t work with Crooks’ device, according to thepeople, who said the deceased shooter owned a newer Samsung modelthat runs Android’s operating system.</p> <p>The agents called Cellebrite’s federal team, which liaises withlaw enforcement and government agencies, according to the people.</p> <p>Within hours, Cellebrite transferred to the FBI in Quantico,Virginia, additional technical support and new software that wasstill being developed. The details about the unsuccessful initialattempt to access the phone, and the unreleased software, haven’tbeen previously reported.</p> <p>Once the FBI had the Cellebrite software update, unlocking thephone took 40 minutes, according to reporting in the WashingtonPost, which first detailed the FBI’s use of Cellebrite.</p></blockquote> <p>Reporting it like this is like running a commercial advertisement for Cellebrite. What kind of passcode was Crooks using on his phone? Digits only or alphanumeric? How many characters? Did they crack the passcode or get in some other way?</p> <p>Without that information all that should have been reported here is that the FBI was able to get access to his phone’s contents, and that the phone was from Samsung. That’s it. I totally understand why the FBI — and Cellebrite — might not want to say <em>how</em> they got in, but without that context, there’s no reason to sing their praises for having gotten in.</p> <div><a title="Permanent link to ‘FBI Used New Cellebrite Software to Access Trump Shooter’s Samsung Phone’" href="https://daringfireball.net/linked/2024/07/22/cellebrite-fbi-android-trump-shooter"> ★ </a></div> ]]></content> </entry><entry> <title>WorkOS</title> <link rel="alternate" type="text/html" href="https://workos.com/?utm_source=daringfireball&utm_medium=display&utm_campaign=q12024" /> <link rel="shorturl" type="text/html" href="http://df4.us/vo2" /> <link rel="related" type="text/html" href="https://daringfireball.net/linked/2024/07/21/workos" /> <id>tag:daringfireball.net,2024:/linked//6.41042</id> <published>2024-07-21T23:44:16Z</published> <updated>2024-07-21T23:44:16Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <content type="html" xml:base="https://daringfireball.net/linked/" xml:lang="en"><![CDATA[<p>My thanks to WorkOS for sponsoring last week at Daring Fireball. WorkOS is a modern identity platform for B2B SaaS. Start selling to enterprise customers with just a few lines of code. Ship complex features like SSO and SCIM (pronounced <em>skim</em>) provisioning in minutes instead of months.</p> <p>Today, some of the fastest growing startups are already powered by WorkOS, including Perplexity, Vercel, and Webflow.</p> <p>For SaaS apps that care deeply about design and user experience, WorkOS is the perfect fit. From high-quality documentation to self-serve onboarding for your customers, it removes all the unnecessary complexity for your engineering team.</p> <div><a title="Permanent link to ‘WorkOS’" href="https://daringfireball.net/linked/2024/07/21/workos"> ★ </a></div> ]]></content> </entry><entry> <title>Biden Drops Out of Reelection Bid, Fully Endorses Kamala Harris</title> <link rel="alternate" type="text/html" href="https://x.com/JoeBiden/status/1815080881981190320" /> <link rel="shorturl" type="text/html" href="http://df4.us/vo1" /> <link rel="related" type="text/html" href="https://daringfireball.net/linked/2024/07/21/biden-out" /> <id>tag:daringfireball.net,2024:/linked//6.41041</id> <published>2024-07-21T19:30:43Z</published> <updated>2024-07-21T20:13:40Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <content type="html" xml:base="https://daringfireball.net/linked/" xml:lang="en"><![CDATA[<p>Joe Biden, in a letter to the nation (<a href="https://www.instagram.com/p/C9sZSaZJa_K/">same post, on Instagram</a>):</p> <blockquote> <p>It has been the greatest honor of my life to serve as yourPresident. And while it has been my intention to seek reelection,I believe it is in the best interest of my party and the countryfor me to stand down and to focus solely on fulfilling my dutiesas President for the remainder of my term.</p></blockquote> <p>And in <a href="https://x.com/JoeBiden/status/1815087772216303933">a follow-up post on X</a>:</p> <blockquote> <p>My fellow Democrats, I have decided not to accept the nominationand to focus all my energies on my duties as President for theremainder of my term. My very first decision as the party nomineein 2020 was to pick Kamala Harris as my Vice President. And it’sbeen the best decision I’ve made. Today I want to offer my fullsupport and endorsement for Kamala to be the nominee of our partythis year. Democrats — it’s time to come together and beat Trump.Let’s do this.</p></blockquote> <p>I’ve been ambivalent about Biden dropping out since The Debate. I see clearly that he’s diminished. He’s lost his fastball. <a href="https://youtu.be/kSAo_1mJg0g?si=3RPu3qwBxjyDtjcY&t=42">Watch Biden on <em>60 Minutes</em> from just four years ago</a>, on the cusp of the 2020 election. <em>That’s</em> Joe Biden. Biden today, even at his best, doesn’t have that zip. He’s no longer able to serve as a compelling communicator but a communicator is first and foremost what a candidate needs to be. I admire Biden more than ever for coming to grips with and accepting this inconvenient truth, and putting both his country and party above his own ambition. More than any other fissure in our fractious, highly-polarized politics today, the difference between Democrats and Republicans is that Democrats tend to face and address inconvenient truths, and Republicans are nothing more than a weird, gross, terrifying <a href="https://www.reuters.com/world/us/trump-style-ear-bandages-are-new-trend-republican-national-convention-2024-07-18/">personality cult worshipping one old corrupt man</a>.</p> <p>Here’s how I think it will play out. This might be wishful thinking, but it’s what I’d bet on. The entire Democratic establishment will get behind Kamala Harris as the nominee. Ambitious and popular Democratic leaders like Gavin Newsom, Gretchen Whitmer, Josh Shapiro, Andy Beshear, and Pete Buttigieg won’t challenge her for the nomination. They’ll compete only to be her pick for VP. (Except Newsom, who, coming from the same state as Harris, <a href="https://www.history.com/news/can-the-president-and-vice-president-be-from-the-same-state">wouldn’t work</a>). My top two picks for VP would be Buttigieg and Whitmer. <a href="https://x.com/krassenstein/status/1814615918145585526">Watch Buttigieg on Bill Maher’s show this weekend</a>, talking about J.D. Vance and why Peter Thiel backs him. He’s so smart, and so good at explaining things.</p> <p>The knee-jerk reaction to my suggestion of picking Buttigieg or Whitmer is obvious: isn’t a black woman at the top of the ticket already asking a lot? Why go with two women, or a black woman and a gay man? Because they’re smart and they’re sharp and they’re good on TV. If you don’t like their message or platform, don’t vote for them. But if you don’t want to vote for a ticket with two women, or a ticket with gay man as VP, just because, then <em>fuck you</em>. Go vote for Trump, because you’re a bigot, and he’s the candidate for you. There are too many racists and sexists in America, but they’re not a majority.</p> <p><a href="https://daringfireball.net/2024/07/its_the_guns">Like I wrote last weekend</a> after the assassination attempt against Trump: this will be old news by November. The reason why U.S. presidential candidates tend to announce their campaigns two years before elections is because unlike parliamentary systems, our election dates and presidential terms are set in stone. Candidates announce early in the U.S. simply because they can. It’s a good thing, in an election where the overwhelming majority of independent voters <a href="https://www.forbes.com/sites/brianbushard/2024/06/04/post-trump-conviction-polls-show-warning-signs-most-independents-think-trump-should-drop-out/">wanted both Biden <em>and</em> Trump to drop out of the race</a>, for the Democrats to start fresh, with almost four full months to run a campaign emphasizing youth, intelligence, competence, honesty, and change. <em>New</em> is a positive adjective in America.</p> <p>November is a long way out. Buckle up.</p> <div><a title="Permanent link to ‘Biden Drops Out of Reelection Bid, Fully Endorses Kamala Harris’" href="https://daringfireball.net/linked/2024/07/21/biden-out"> ★ </a></div> ]]></content> </entry><entry> <link rel="alternate" type="text/html" href="https://daringfireball.net/2024/07/apple_taboola_sitting_in_a_tree" /> <link rel="shorturl" href="http://df4.us/vo0" /> <id>tag:daringfireball.net,2024://1.41040</id> <published>2024-07-20T00:45:30Z</published> <updated>2024-07-20T00:45:30Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <summary type="text">So while I don’t think it’s good news that Apple is partnering with Taboola, I don’t expect it to make any discernible difference in the ad quality or frequency.</summary> <content type="html" xml:base="https://daringfireball.net/" xml:lang="en"><![CDATA[<p><a href="https://www.axios.com/2024/07/16/taboola-apple-news-deal">Sara Fischer, reporting this week for Axios</a>:</p> <blockquote> <p>Ad tech giant Taboola has struck a deal with Apple to power nativeadvertising within the Apple News and Apple Stocks apps,<a href="https://www.axios.com/2023/10/04/taboola-yahoo-30-year-deal-revenue">Taboola</a> founder and CEO Adam Singolda told Axios. The dealprovides new validation for Taboola’s business, which hasballooned to over $1.4 billion in <a href="https://investors.taboola.com/static-files/30dec42c-c130-4c0e-b0a6-edaac8ef982d">annual revenue as of2023</a>. [...]</p> <p>As an authorized advertising reseller for Apple News and AppleStocks, Taboola will power native advertising placements withinthose two apps in every market available. [...]</p> <p>Most people know Taboola as the company responsible for placing<a href="https://www.fastcompany.com/90843502/the-chumbox-is-still-the-dirty-design-secret-of-the-internet">chumbox</a> ads at the bottom of many news stories online.</p></blockquote> <p><a href="https://www.threads.net/@eric_seufert/post/C9gjkA_OXYw">Eric Seufert, on Threads</a>:</p> <blockquote> <p>Regarding Taboola’s partnership with Apple: I’ve seen people claimthat this is somehow hypocritical from a privacy perspective,assuming that Taboola’s somewhat obnoxious, clickbait-style adsmust invasively target user profiles and browsing histories.</p> <p>They don’t. They are targeted entirely contextually. That’sthe point.</p> <p>Want brash, garish advertising plastered all over the web? Rejectads personalization. Want relevant, informed advertising? Embraceads personalization.</p></blockquote> <p>If you told me that the ads in Apple News have been sold by Taboola for the last few years, I’d have said, “Oh, that makes sense.” Because the ads in Apple News — at least the ones I see<sup id="fnr1-2024-07-19"><a href="#fn1-2024-07-19">1</a></sup> — already look like chumbox Taboola ads. Even worse, they’re incredibly repetitious.</p> <p>Here’s an example. Today a friend sent me a link to an article at Rolling Stone. The article was behind a paywall on their website, so I used the Share sheet to open the article in Apple News. (Rolling Stone is one of many publications included with a News+ subscription, which I get through the Apple One bundle. This is pretty much the only reason I use Apple News — for reading stories that are paywalled on the web.) I made screen recordings showing me <a href="https://www.threads.net/@gruber/post/C9n9qP4Ryex/">scrolling through the entire article, twice</a>. I got different ads each time, but on both page loads there was at least one ad shown four times, and at least one other ad shown twice. That’s a lot of ads, and a lot of repetition.</p> <p>And, by sheer coincidence, on the web Rolling Stone is a Taboola partner. <a href="https://daringfireball.net/misc/2024/07/taboola-box-rolling-stone-web.jpeg">Here’s a screenshot of the box of “suggested stories” chum</a> that Taboola offered. It’s pretty much exactly the sort of stuff I see in the ads on Apple News.</p> <p>So while I don’t think it’s good news that Apple is partnering with Taboola, I don’t expect it to make any discernible difference in the ad quality or frequency. Maybe it will improve the variety?</p> <div class="footnotes"><hr /><ol><li id="fn1-2024-07-19"><p>And, for what it’s worth (which might not be much), I do have “Personalized Ads” enabled in Settings → Privacy & Security → Apple Advertising. So I should be seeing the best ads Apple has to offer in Apple News. The half-dozen ads for Bellagio and MGM Resorts that you see in the second screen recording I made of that Rolling Stone article do seem personalized — I’ve read a couple of articles this week <a href="https://www.threads.net/@gruber/post/C9n9qP4Ryex/">commemorating the closing of The Mirage</a>. Bellagio is effectively Mirage 2.0 (and Wynn and Encore are 3.0). <a href="#fnr1-2024-07-19" class="footnoteBackLink" title="Jump back to footnote 1 in the text.">↩︎</a></p></li></ol></div> ]]></content> <title>★ Apple Strikes Deal With Taboola to Sell Ads for Apple News</title></entry><entry> <title>Google Is Shutting Down Its URL Shortener, Breaking All Links</title> <link rel="alternate" type="text/html" href="https://developers.googleblog.com/en/google-url-shortener-links-will-no-longer-be-available/" /> <link rel="shorturl" type="text/html" href="http://df4.us/vnz" /> <link rel="related" type="text/html" href="https://daringfireball.net/linked/2024/07/19/google-url-shortener" /> <id>tag:daringfireball.net,2024:/linked//6.41039</id> <published>2024-07-19T20:14:25Z</published> <updated>2024-07-19T20:14:26Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <content type="html" xml:base="https://daringfireball.net/linked/" xml:lang="en"><![CDATA[<p>Sumit Chandel and Eldhose Mathokkil Babu, writing for the Google Developers blog:</p> <blockquote> <p>In 2018, we announced the <a href="https://developers.googleblog.com/en/transitioning-google-url-shortener-to-firebase-dynamic-links/">deprecation and transition of GoogleURL Shortener to Firebase Dynamic Links</a> because of the changeswe’ve seen in how people find content on the internet, and thenumber of new popular URL shortening services that emerged in thattime. This meant that we no longer accepted new URLs to shortenbut that we would continue serving existing URLs.</p> <p>Today, the time has come to turn off the serving portion of GoogleURL Shortener. Please read on below to understand more about howthis will impact you if you’re using Google URL Shortener.</p> <p>Any developers using links built with the Google URL Shortener inthe form <code>https://goo.gl/*</code> will be impacted, and these URLs willno longer return a response after August 25th, 2025.</p></blockquote> <p>How much money could it possible cost to just keep this service running in perpetuity? Tim Berners-Lee wrote his seminal essay, “<a href="https://www.w3.org/Provider/Style/URI">Cool URIs Don’t Change</a>” back in 1998. It’s bad enough when companies go out of business, taking their web servers down with them. But Google isn’t struggling financially. In fact, <a href="https://abc.xyz/assets/91/b3/3f9213d14ce3ae27e1038e01a0e0/2024q1-alphabet-earnings-release-pdf.pdf">they’re thriving</a>.</p> <div><a title="Permanent link to ‘Google Is Shutting Down Its URL Shortener, Breaking All Links’" href="https://daringfireball.net/linked/2024/07/19/google-url-shortener"> ★ </a></div> ]]></content> </entry><entry> <title>Meta Won’t Bring Future Multimodal AI Models to EU</title> <link rel="alternate" type="text/html" href="https://www.axios.com/2024/07/17/meta-future-multimodal-ai-models-eu" /> <link rel="shorturl" type="text/html" href="http://df4.us/vny" /> <link rel="related" type="text/html" href="https://daringfireball.net/linked/2024/07/19/meta-eu-multimodal-ai-models" /> <id>tag:daringfireball.net,2024:/linked//6.41038</id> <published>2024-07-19T19:43:27Z</published> <updated>2024-07-19T20:05:37Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <content type="html" xml:base="https://daringfireball.net/linked/" xml:lang="en"><![CDATA[<p>Ina Fried, reporting for Axios:</p> <blockquote> <p>“We will release a multimodal Llama model over the coming months,but not in the EU due to the unpredictable nature of the Europeanregulatory environment,” Meta said in a statement to Axios.</p> <p>Apple similarly said last month that it won’t release itsApple Intelligence features in Europe because of regulatoryconcerns. [...]</p> <p>Meta plans to incorporate the new multimodal models, which areable to reason across video, audio, images and text, in a widerange of products, including smartphones and its Meta Ray-Bansmart glasses. Meta says its decision also means that Europeancompanies will not be able to use the multimodal models eventhough they are being released under an open license. It couldalso prevent companies outside of the EU from offering productsand services in Europe that make use of the new multimodal models.</p> <p>The company is also planning to release a larger, text-onlyversion of its Llama 3 model soon. That will be made available forcustomers and companies in the EU, Meta said.</p></blockquote> <p>Another big win for Thierry Breton and Margrethe Vestager. I’m sure EU tech companies will do just fine sitting out the AI boom, and EU customers will be happy to wait for years before getting features available to the rest of the world.</p> <div><a title="Permanent link to ‘Meta Won’t Bring Future Multimodal AI Models to EU’" href="https://daringfireball.net/linked/2024/07/19/meta-eu-multimodal-ai-models"> ★ </a></div> ]]></content> </entry><entry> <title>Bug With Widely-Deployed Security Tool CrowdStrike Is Crashing Windows, Causing Widespred Outages Across Many Industries</title> <link rel="alternate" type="text/html" href="https://www.theverge.com/2024/7/19/24201717/windows-bsod-crowdstrike-outage-issue" /> <link rel="shorturl" type="text/html" href="http://df4.us/vnx" /> <link rel="related" type="text/html" href="https://daringfireball.net/linked/2024/07/19/crowdstrike-bsod-windows" /> <id>tag:daringfireball.net,2024:/linked//6.41037</id> <published>2024-07-19T19:30:42Z</published> <updated>2024-07-19T19:38:35Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <content type="html" xml:base="https://daringfireball.net/linked/" xml:lang="en"><![CDATA[<p>Tom Warren, The Verge:</p> <blockquote> <p>Thousands of Windows machines are experiencing a Blue Screen ofDeath (BSOD) issue at boot today, impacting banks, airlines, TVbroadcasters, supermarkets, and many more businesses worldwide. Afaulty update from cybersecurity provider CrowdStrike is knockingaffected PCs and servers offline, forcing them into a recoveryboot loop so machines can’t start properly. The issue is not beingcaused by Microsoft but by third-party CrowdStrike software that’swidely used by many businesses worldwide for managing the securityof Windows PCs and servers.</p></blockquote> <p>Airlines are down, and hospitals are cancelling elective procedures. Unbelievable, to me, that this is not caused by a bug in Windows but from a third-party tool that I’d never really heard of until today.</p> <p><a href="https://www.nytimes.com/2024/07/19/business/microsoft-outage-cause-azure-crowdstrike.html">The New York Times reports</a> that while the overnight software update from CrowdStrike was automatic and “inescapable” (their word), fixing this might be painstaking and require each affected PC to be fixed manually: rebooting into safe mode, deleting the problematic data file, and then rebooting again to get a clean software update from CrowdStrike. The Times also waited until the 10th paragraph to make this important note:</p> <blockquote> <p>Apple and Linux machines were not affected by the CrowdStrikesoftware update.</p></blockquote> <p><strong>See also:</strong> <a href="https://www.techmeme.com/240719/p2#a240719p2">Techmeme’s roundup</a> of coverage, <a href="https://www.threads.net/t/C9mjSKeR9EO">commentary</a>, and <a href="https://www.threads.net/t/C9myustJioy">jokes</a>.</p> <div><a title="Permanent link to ‘Bug With Widely-Deployed Security Tool CrowdStrike Is Crashing Windows, Causing Widespred Outages Across Many Industries’" href="https://daringfireball.net/linked/2024/07/19/crowdstrike-bsod-windows"> ★ </a></div> ]]></content> </entry><entry> <title>AirPods Pro at Amazon: $169</title> <link rel="alternate" type="text/html" href="https://amzn.to/3Y8cRVv" /> <link rel="shorturl" type="text/html" href="http://df4.us/vnw" /> <link rel="related" type="text/html" href="https://daringfireball.net/linked/2024/07/17/airpods-pro-prime-day" /> <id>tag:daringfireball.net,2024:/linked//6.41036</id> <published>2024-07-17T20:40:52Z</published> <updated>2024-07-17T20:40:53Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <content type="html" xml:base="https://daringfireball.net/linked/" xml:lang="en"><![CDATA[<p>I don’t post many affiliate links but here’s a great one: Amazon has second-gen AirPods Pro for just $169 for Prime Day, discounted a full third from the usual price of $249. AirPods Pro are not just my favorite earbuds ever, they’re one of my favorite products ever, full stop. Buy through this link and I’ll get rich.</p> <div><a title="Permanent link to ‘AirPods Pro at Amazon: $169’" href="https://daringfireball.net/linked/2024/07/17/airpods-pro-prime-day"> ★ </a></div> ]]></content> </entry><entry> <link rel="alternate" type="text/html" href="https://daringfireball.net/2024/07/att_data_breach_rcs_ios" /> <link rel="shorturl" href="http://df4.us/vnv" /> <id>tag:daringfireball.net,2024://1.41035</id> <published>2024-07-17T20:01:43Z</published> <updated>2024-07-19T19:53:03Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <summary type="text">SMS wasn’t dying, but it was slowly fading away, and should have been left for things like automated “your table is ready” notifications from restaurants. RCS is just going to give carrier-based messaging new legs that it shouldn’t have gotten.</summary> <content type="html" xml:base="https://daringfireball.net/" xml:lang="en"><![CDATA[<p>Here’s a hot take: <a href="https://daringfireball.net/linked/2024/07/12/att-massive-data-breach">last week’s news of a massive AT&T breach</a> revealing the phone call and text messaging records of all AT&T customers for six months in 2022 exemplifies why RCS is a terrible protocol that ought not exist, and why it’s a mistake that Apple is adding support for it to iOS 18 this year.</p> <p>The pro-RCS argument is that it improves upon SMS by adding support for much larger image and video attachments, as well as niceties like typing indicators. It really is just like SMS but better, which makes it seem, on the surface, like a no-brainer that all cell phone platforms should support it. In this view, the only reason for Apple’s yearslong refusal to support RCS was to maintain a maximum feature gap between iMessage (which, famously, is exclusive to Apple’s devices) and carrier-based messaging. In day-to-day use people can’t <em>see</em> that iMessage is fully end-to-end encrypted, but everyone can plainly see that images and videos sent over SMS/MMS look like shit. So it looks like nothing but pure spite that Apple refused, for years, to support RCS.</p> <p>But the argument against RCS is strong and simple: it doesn’t support end-to-end encryption. The only new messaging platforms that should gain any traction are those that not only support E2EE, but that <em>require it</em>. Messaging and audio/video calls should <em>only</em> work through E2EE. That’s true for iMessage and FaceTime.</p> <p>SMS and traditional telephone voice calls lack any encryption at all, but they’re firmly established. Just like email. But anything new should only be supported if it’s fundamentally based on E2EE. <a href="https://en.wikipedia.org/wiki/Rich_Communication_Services#Specifications">The RCS spec</a> offers no message encryption at all. Google has implemented its own encryption for RCS, but, that’s a proprietary implementation that only works for messages sent between users who are all using Google’s own Messages app. <a href="https://www.gstatic.com/messages/papers/messages_e2ee.pdf">From Google’s “Messages End-to-End Encryption Overview”</a>:</p> <blockquote> <p>In order to store and exchange user public keys like identitykeys and prekeys, we need to have a central key server. Unlikethe RCS messaging servers, the key server is currently onlyhosted by Google.</p></blockquote> <p>Perhaps, someday, the RCS spec will support an open standard for E2EE. I’m not holding my breath for that. For one thing, industry consortiums tend not to produce good solutions to hard problems, and an open standard for E2EE messaging is a very hard problem. Maybe impossible. Someone has to handle key exchange and management, but who would that be in an open standard? Then there’s the politics: law enforcement agencies the world over will pressure carriers against that. <a href="https://daringfireball.net/2024/02/eu_rcs_imessage">As I reported back in February</a>, the primary reason Apple changed course on supporting RCS is that it’s mandated in China. The Chinese government surely loves RCS <em>because</em> it isn’t encrypted.</p> <p>That’s not unique to China or other authoritarian dictatorships. Even in the West, law enforcement and spy agencies <em>love</em> the fact that telephone voice calls and cellular text messages are unencrypted. We don’t know how much they record and keep, but it’s a known fact that the NSA has black boxes installed at the carriers’ call centers, and the safest bet is that they record and store all of it. But even if you trust law enforcement agencies to handle this sensitive data securely, it’s clear, from this latest data breach alone, that the carriers themselves cannot be trusted. They’re inept. They <a href="https://www.youtube.com/watch?v=UdULhkh6yeA" title="iJustine gets her first phone bill after switching to AT&T for the original iPhone.">always have been inept</a>. And my money says they always will be.</p> <p>But even if, somehow, a future version of the RCS spec supports E2EE, what about older devices that only support today’s non-encrypted version of RCS? Even if RCS eventually supports E2EE — which, again, I doubt — such support will surely be optional, not mandatory, because RCS has already shipped and is in widespread use on Android without encryption. That’s why messaging platforms should be built around E2EE from the start. It’s difficult to mandate E2EE on a platform that already supports unencrypted messaging. RCS should have been <em>exclusively</em> E2EE; instead, the standard offers no encryption at all.</p> <p>Carrier-based messaging was best left as a legacy protocol. SMS wasn’t dying, but it was slowly fading away, and should have been left for things like automated “your table is ready” notifications from restaurants. RCS is just going to give carrier-based messaging new legs that it shouldn’t have gotten.</p> <p>Another thing that sucks about carrier-based messaging is that it requires a device with an active SIM card from a carrier. Yes, you can send and receive SMS from a Mac or iPad <a href="https://support.apple.com/en-mide/guide/messages/icht8a28bb9a/mac">with Text Message Forwarding</a>, but you need the iPhone to do the forwarding. If you power down (or worse, lose) your iPhone, your Mac and iPad will no longer be able to send or receive SMS messages — and I presume <a href="https://support.google.com/messages/answer/9487020">that will be true for RCS as well</a>. Whereas with modern messaging platforms like iMessage, Signal, and WhatsApp, devices like PCs and tablets can serve as clients without a phone.<sup id="fnr1-2024-07-17"><a href="#fn1-2024-07-17">1</a></sup></p> <p>There is, admittedly, a good argument in favor of RCS. Basically, that phone carrier messaging is now and always will be a universally accessible form of communication. <a href="https://www.pewresearch.org/global/2022/12/06/internet-smartphone-and-social-media-use-in-advanced-economies-2022/">Effectively</a>, everyone who is online has a cell phone, and those phones can all send and receive SMS. Because carrier-based messaging isn’t going away, this argument goes, it ought to be made as good as possible, and RCS — despite its deficiencies — is clearly better than SMS. Therefore RCS ought to be supported by all mobile devices, including iOS. Here’s Andy Ihnatko, <a href="https://www.threads.net/@gruber/post/CzxGU_cxzWk">in a discussion with me on Threads back in November</a>:</p> <blockquote> <p>Carrier-based messaging on a pre-installed messaging app mightseem irrelevant to many of us. But it serves and suffices. And theprocess of discovery, selection, and installation of a differentservice — and getting your entire social circle on board with it — is <em>deathly</em> for so many people.</p> <p>“If I know their phone number, I can send them a message or aphoto” is a world-beater of a feature for the average user. Thisis why such apps should be as muscular as feasibly possible.</p></blockquote> <p>Ihnatko is right, but only if you believe that carrier-based messaging should remain the baseline. I do not. And it’s also a U.S.-centric viewpoint. In most countries around the world, platforms like WhatsApp, Line, and Facebook Messenger serve that role, as the baseline “everyone has it” messaging platform — and those countries are better for it. I prefer iMessage, personally, for multiple reasons, but iMessage is fundamentally limited from serving that “everyone has it” baseline role by Apple’s decision not to ship an Android client. Eddy Cue doesn’t lose many arguments <a href="https://daringfireball.net/linked/2022/01/19/cue-imessage-android">but he lost that one</a>. All of the effort spent pushing Apple to support RCS would have been better spent pushing Apple to ship iMessage for Android. And without a supported iMessage client for Android, that role ought to go to WhatsApp, not RCS. WhatsApp is free, secure, and works equally well on all phones.</p> <p><a href="https://www.hollywoodreporter.com/tv/tv-news/modern-family-reboot-whatsapp-ad-original-cast-1235925415/">Meta knows this</a>, and <a href="https://www.youtube.com/watch?v=Uyu--_gLt7s">clearly smells the opportunity</a>. Does Apple?</p> <div class="footnotes"><hr /><ol><li id="fn1-2024-07-17"><p>Two notes on this. First: security researcher Tommy Mysk <a href="https://mjtsai.com/blog/2024/07/08/signal-for-macs-encrypted-database/">recently publicized</a> some serious issues with how Signal’s Mac client stores data locally, especially the fact that it stores its encryption key in a plain text file readable by any app on your Mac. This is not a defect in the Signal protocol, which is fully end-to-end encrypted, and arguably the gold standard for privacy. The problem with Signal’s desktop apps is that they’re storing information locally, without protection, outside the endpoints of “E2EE”. As Mysk proved, you can just copy Signal’s data folder from one Mac (that is properly signed into Signal) to another Mac (say, an attacker’s machine) and that second machine will be able to send and receive messages without the user being able to detect that an unauthorized machine has access to their account. <a href="https://www.bleepingcomputer.com/news/security/signal-downplays-encryption-key-flaw-fixes-it-after-x-drama/">Signal claims to be addressing this flaw</a> in a future version now in beta testing.</p> <p>Second: Meta’s companywide aversion to developing native iPad apps includes WhatsApp. At least with Threads and Instagram, they allow the iPhone apps to run on iPadOS in letterboxed compatibility mode. But <a href="https://daringfireball.net/misc/2024/07/whatsapp-ipad-no-dice.png">as you can see in this screenshot</a> (which also shows how the lack of a proper native iPad client for WhatsApp has created a cottage industry of sketchy third-party apps in the App Store that are presenting themselves as WhatsApp clients), the iPhone WhatsApp client can’t even be installed on an iPad. This is so irritating. Meta does have proper native iPad versions of the blue Facebook app and Messenger, so I suppose there’s hope they’ll ship a proper WhatsApp client for iPad eventually. <a href="#fnr1-2024-07-17" class="footnoteBackLink" title="Jump back to footnote 1 in the text.">↩︎</a></p></li></ol></div> ]]></content> <title>★ The AT&T Data Breach Shows Why RCS Can’t Be Trusted and the Downside of Apple Adding Support for It in iOS 18</title></entry><entry> <title>Pete Wells Is Stepping Down as NYT Food Critic</title> <link rel="alternate" type="text/html" href="https://www.nytimes.com/2024/07/16/dining/pete-wells-steps-down-food-critic.html?unlocked_article_code=1.7k0.R2zu.sGv5x7hNrfba" /> <link rel="shorturl" type="text/html" href="http://df4.us/vnu" /> <link rel="related" type="text/html" href="https://daringfireball.net/linked/2024/07/17/pete-wells-nyt" /> <id>tag:daringfireball.net,2024:/linked//6.41034</id> <published>2024-07-17T15:04:18Z</published> <updated>2024-07-17T15:04:18Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <content type="html" xml:base="https://daringfireball.net/linked/" xml:lang="en"><![CDATA[<p>Pete Wells:</p> <blockquote> <p>The first thing you learn as a restaurant critic is that nobodywants to hear you complain. The work of going out to eat everynight with hand-chosen groups of friends and family soundssuspiciously like what other people do on vacation. If you happento work in New York or another major city, your beat is almostunimaginably rich and endlessly novel. [...]</p> <p>So we tend to save our gripes until two or three of us aregathered around the tar pits. Then we’ll talk about the thingsnobody will pity us for, like the unflattering mug shots of usthat restaurants hang on kitchen walls and the unlikable food inunreviewable restaurants.</p> <p>One thing we almost never bring up, though, is our health. Weavoid mentioning weight the way actors avoid saying “Macbeth.”Partly, we do this out of politeness. Mostly, though, we all knowthat we’re standing on the rim of an endlessly deep hole and thatif we look down we might fall in.</p></blockquote> <p>It’s a funny thing about getting older. You put on weight yet you can’t eat nearly as much as you used to. Somehow, though, here in Philly, Craig Laban has been The Inquirer’s restaurant critic since 1998, <a href="https://www.inquirer.com/author/laban_craig/">and he’s still going strong</a>.</p> <p>Good critics — whether their beat is food, movies, books, whatever — review every genre, with an open mind. Some of <a href="https://www.nytimes.com/2024/07/16/dining/favorite-reads-by-pete-wells.html">Wells’s best writing</a> was about the most approachable restaurants. <a href="https://www.nytimes.com/2024/04/16/dining/hamburger-america.html">This recent review of Hamburger America</a> makes me hungry just glancing at it. His <a href="https://www.nytimes.com/2012/11/14/dining/reviews/restaurant-review-guys-american-kitchen-bar-in-times-square.html">scathing review of Guy Fieri’s American Kitchen & Bar</a> is famous, but don’t miss <a href="https://www.nytimes.com/2015/12/30/dining/senor-frogs-review.html">his review of the unsurprisingly-now-closed Señor Frog’s in Times Square</a>:</p> <blockquote> <p>Señor Frog’s is not a good restaurant by most conventionalmeasures, including the fairly basic one of serving food. Onenight I got just two of the half-dozen appetizers I had asked for.Another time, the starters showed up on schedule, but after nearlytwo hours the main courses still had not appeared.</p> <p>“What happened to our food?” we finally asked.</p> <p>“That’s what I’m wondering!” our server said brightly. “Like,where is it?”</p> <p>Getting just half of what you order at Señor Frog’s can be ablessing if it’s the right half.</p></blockquote> <div><a title="Permanent link to ‘Pete Wells Is Stepping Down as NYT Food Critic’" href="https://daringfireball.net/linked/2024/07/17/pete-wells-nyt"> ★ </a></div> ]]></content> </entry><entry> <link rel="alternate" type="text/html" href="https://workos.com/?utm_source=daringfireball&utm_medium=display&utm_campaign=q12024" /> <link rel="shorturl" href="http://df4.us/vnt" /> <link rel="related" type="text/html" href="https://daringfireball.net/feeds/sponsors/2024/07/workos_11" /> <id>tag:daringfireball.net,2024:/feeds/sponsors//11.41033</id> <author><name>Daring Fireball Department of Commerce</name></author> <published>2024-07-16T02:21:36Z</published> <updated>2024-07-16T02:21:37Z</updated> <content type="html" xml:base="https://daringfireball.net/feeds/sponsors/" xml:lang="en"><![CDATA[<p>With WorkOS you can start selling to enterprises with just a few lines of code. It provides a complete User Management solution along with SSO, SCIM, and FGA. The APIs are modular and easy-to-use, allowing integrations to be completed in minutes instead of months.</p> <p>Today, some of the fastest growing startups are already powered by WorkOS, including Perplexity, Vercel, and Webflow.</p> <p>For SaaS apps that care deeply about design and user experience, WorkOS is the perfect fit. From high-quality documentation to self-serve onboarding for your customers, it removes all the unnecessary complexity for your engineering team.</p> <div><a title="Permanent link to ‘WorkOS’" href="https://daringfireball.net/feeds/sponsors/2024/07/workos_11"> ★ </a></div> ]]></content> <title>[Sponsor] WorkOS</title></entry><entry> <title>An Afternoon in New Jersey With Richard Simmons</title> <link rel="alternate" type="text/html" href="https://www.youtube.com/watch?v=I4AflonZ6S4" /> <link rel="shorturl" type="text/html" href="http://df4.us/vns" /> <link rel="related" type="text/html" href="https://daringfireball.net/linked/2024/07/15/richard-simmons-letterman" /> <id>tag:daringfireball.net,2024:/linked//6.41032</id> <published>2024-07-16T00:37:10Z</published> <updated>2024-07-16T00:37:10Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <content type="html" xml:base="https://daringfireball.net/linked/" xml:lang="en"><![CDATA[<p>One of the all-time great talk show guests.</p> <div><a title="Permanent link to ‘An Afternoon in New Jersey With Richard Simmons’" href="https://daringfireball.net/linked/2024/07/15/richard-simmons-letterman"> ★ </a></div> ]]></content> </entry><entry> <title>Goodbye HomePod Mini in Space Gray; Hello HomePod Mini in Midnight</title> <link rel="alternate" type="text/html" href="https://www.apple.com/newsroom/2024/07/apple-introduces-homepod-mini-in-midnight/" /> <link rel="shorturl" type="text/html" href="http://df4.us/vnq" /> <link rel="related" type="text/html" href="https://daringfireball.net/linked/2024/07/15/homepod-mini-midnight" /> <id>tag:daringfireball.net,2024:/linked//6.41030</id> <published>2024-07-15T19:00:00Z</published> <updated>2024-07-15T19:28:21Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <content type="html" xml:base="https://daringfireball.net/linked/" xml:lang="en"><![CDATA[<p>Apple Newsroom:</p> <blockquote> <p>Today, Apple introduced HomePod mini in midnight, made with 100percent recycled mesh fabric. At just 3.3 inches tall, HomePodmini offers big sound in an impressively compact design. With aseamless, acoustically transparent mesh exterior and a backlittouch surface that illuminates from edge to edge, HomePod mini isa stunning smart speaker that complements any space. HomePod miniin midnight is available starting Wednesday, July 17, and joinsother bold colors, including yellow, orange, blue, and white.</p></blockquote> <p>This confused me for a moment, because they make it sound like they’re simply adding this new color to the lineup. But midnight is actually <a href="https://en.wikipedia.org/wiki/HomePod_Mini">replacing the subtly different space gray</a>. The bigger question: is this a sign that a second-gen HomePod Mini is not coming soon? The current models debuted in November 2020, and are powered by the S5 chip from Apple Watch Series 5.</p> <p><strong>Update:</strong> Thinking about this some more, it’s kind of odd that it took Apple this long to swap space gray for midnight with the HomePod Mini. For consumer-y products they shifted from space gray to dark-with-a-slight-hint-of-blue “midnight” starting, I think, <a href="https://www.apple.com/newsroom/2021/09/apple-reveals-apple-watch-series-7-featuring-the-largest-most-advanced-display/">with the Series 7 Apple Watch models in 2021</a>. (The <a href="https://www.apple.com/newsroom/2020/09/apple-watch-series-6-delivers-breakthrough-wellness-and-fitness-capabilities/">Series 6 lineup</a> introduced a dark blue, but it was called “blue”, and there was still a color called space gray.) The entry model MacBook Pros still offer space gray for their dark option, but the higher-end models are either silver or space <em>black</em>. Dark iPad Pros are space black. Dark iPhones are “black”, not gray — <a href="https://www.apple.com/newsroom/2023/09/apple-unveils-iphone-15-pro-and-iphone-15-pro-max/">both Pro</a> and <a href="https://www.apple.com/newsroom/2023/09/apple-debuts-iphone-15-and-iphone-15-plus/">non-pro</a>. And the second-gen full-size HomePods, <a href="https://www.apple.com/newsroom/2023/01/apple-introduces-the-new-homepod-with-breakthrough-sound-and-intelligence/">introduced in January 2023</a>, have only ever been offered in white and midnight. Makes me wonder if Apple produced a bunch of space gray HomePod Minis all at once, when the product debuted, and has been waiting for them to sell out before switching to midnight.</p> <p>Space gray remains a color in Apple’s palette, though. The darkest MacBook Airs have been offered in midnight ever since <a href="https://www.apple.com/newsroom/2022/06/apple-unveils-all-new-macbook-air-supercharged-by-the-new-m2-chip/">the new form factor debuted with the M2 models in 2022</a>, but they do still offer models in space gray (along with silver and starlight). iPad Air and the due-for-an-update iPad Mini are still offered in space gray too. The pattern I detect is that if it’s black-ish and consumer, Apple uses midnight; if it’s black-ish and pro, it’s space black or just black. The exception is the regular iPhone 15, which is offered in just plain “black”, but the superseding pattern there is that Apple has always offered (<a href="https://www.tomsguide.com/us/iphone7-jet-black-vs-black,news-23393.html">at least one</a>!) “black” iPhone with each generation.</p> <div><a title="Permanent link to ‘Goodbye HomePod Mini in Space Gray; Hello HomePod Mini in Midnight’" href="https://daringfireball.net/linked/2024/07/15/homepod-mini-midnight"> ★ </a></div> ]]></content> </entry><entry> <title>Apple Changes Policy, Allowing PC Emulator UTM SE in App Store for iOS and VisionOS</title> <link rel="alternate" type="text/html" href="https://www.macrumors.com/2024/07/15/apple-approves-first-retro-pc-emulator-ios/" /> <link rel="shorturl" type="text/html" href="http://df4.us/vnr" /> <link rel="related" type="text/html" href="https://daringfireball.net/linked/2024/07/15/app-store-utm-se" /> <id>tag:daringfireball.net,2024:/linked//6.41031</id> <published>2024-07-15T18:03:27Z</published> <updated>2024-07-15T18:03:28Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <content type="html" xml:base="https://daringfireball.net/linked/" xml:lang="en"><![CDATA[<p>Tim Hardwick, reporting for MacRumors:</p> <blockquote> <p>Apple this weekend approved free PC emulator “UTM SE” for the AppStore on iPhone, iPad, and Vision Pro. The app allows users toemulate old versions of Windows OS, macOS, Linux, and more to fireup classic software and games on Apple devices. [...]</p> <p>After Apple’s rejection, UTM’s developer said they would not keepgoing back and forth because the app would become “a subparexperience.” However, after help from the AltStore team and<a href="https://x.com/UTMapp/status/1812241740172263663">another developer</a> to work on some changes, UTM SE wasfinally approved by Apple on Saturday.</p> <p>As with other emulators, UTM SE requires that users supply theoperating systems they want to emulate, but the <a href="https://mac.getutm.app/gallery/">UTM site includesguides</a> for Windows XP through Windows 11 emulation, as wellas downloads of pre-built virtual Linux machines.</p></blockquote> <p>Not sure what changed <a href="https://daringfireball.net/linked/2024/06/18/utm-notarization">since last month</a>, when Apple not only rejected UTM SE from the App Store but also from notarization for distribution on third-party marketplaces in the EU (and, perhaps soon, <a href="https://daringfireball.net/linked/2024/06/15/japan-app-stores">Japan</a>).</p> <p>In other emulation-on-iOS news, <a href="https://www.theverge.com/2024/7/10/24195591/delta-ios-update-retro-gaming-emulator-ipad-support-logo">Delta 1.6 now fully supports iPadOS</a>.</p> <div><a title="Permanent link to ‘Apple Changes Policy, Allowing PC Emulator UTM SE in App Store for iOS and VisionOS’" href="https://daringfireball.net/linked/2024/07/15/app-store-utm-se"> ★ </a></div> ]]></content> </entry><entry> <title>Dabba</title> <link rel="alternate" type="text/html" href="https://dabba.com/daringfireball" /> <link rel="shorturl" type="text/html" href="http://df4.us/vnp" /> <link rel="related" type="text/html" href="https://daringfireball.net/linked/2024/07/14/dabba" /> <id>tag:daringfireball.net,2024:/linked//6.41029</id> <published>2024-07-15T01:18:21Z</published> <updated>2024-07-15T01:18:21Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <content type="html" xml:base="https://daringfireball.net/linked/" xml:lang="en"><![CDATA[<p>My thanks to Dabba for sponsoring last week at DF. (You may recall them <a href="https://daringfireball.net/linked/2021/12/13/wifi-dabba">sponsoring previously</a>.) Dabba is a low-cost broadband internet service provider in India owned and powered by engineers and startup founders from around the world. Relative to its population, India lags behind most other countries in broadband penetration:</p> <ul><li>The US has 112M connections for 350M people</li><li>China has 612M connections for 1.4B people</li><li>India has only 30M connections for 1.4B people</li></ul> <p>Anyone, anywhere in the world can help the Dabba network by buying a hotspot. It’s the bootstrapping and installation costs for new hotspots that are holding India back. Through Dabba, you help subsidize those costs. As a hotspot owner you can monitor the performance of your hotspot on their <a href="https://dabba.network/">publicly available explorer</a>. It puts you in on the ground floor of a telecom with broad aspirations in an absolutely enormous market.</p> <div><a title="Permanent link to ‘Dabba’" href="https://daringfireball.net/linked/2024/07/14/dabba"> ★ </a></div> ]]></content> </entry><entry> <link rel="alternate" type="text/html" href="https://daringfireball.net/2024/07/its_the_guns" /> <link rel="shorturl" href="http://df4.us/vno" /> <id>tag:daringfireball.net,2024://1.41028</id> <published>2024-07-15T00:39:09Z</published> <updated>2024-07-16T18:16:24Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <summary type="text">Make them all say, as Trump himself did after a school shooting massacre in Iowa this year, that we “have to get over it, we have to move forward.”</summary> <content type="html" xml:base="https://daringfireball.net/" xml:lang="en"><![CDATA[<p><a href="https://talkingpointsmemo.com/edblog/grounded-responses-to-yesterdays-attempted-assassination">Josh Marshall, writing at Talking Points Memo</a>:</p> <blockquote> <p>Political violence and especially electoral violence strike at theheart of the open, free and democratic choice-making upon whichour civic democratic system and the legitimacy of its choices arebased. We must condemn it in every instance as well as expressingour personal sympathy for its victims. We do so not to box checksome vague concept of civility or comity but because it strikes atthe taproot of civil peace. It is equally not a license to squelchpolitical speech or in this case threaten or intimidate thosecalling attention to the real and profound dangers of Donald Trumpreturning to the White House. We are already seeing this attemptin the making.</p></blockquote> <p>Political violence is abhorrent, and as Marshall aptly notes, strikes at the heart of the very concept of democracy. Words cannot express strongly enough the feelings that an event like yesterday’s evokes, no matter which side of the political spectrum we’re on. We call many things “unacceptable” but an assassination attempt is more than that. It’s sick, and, correctly, makes us feel sick. It’s like how our bodies revolt when we consume poison. An assassination attempt is poison to the body politic.</p> <p>But only one of the candidates in this election has ever incited political violence. <a href="https://www.govinfo.gov/collection/january-6th-committee-final-report?path=/GPO/January%206th%20Committee%20Final%20Report%20and%20Supporting%20Materials%20Collection">That candidate is Donald Trump, particularly and especially on January 6, 2021</a>. Only one candidate has ever mocked and cracked jokes about a near-miss assassination attempt against one of his political adversaries. That candidate is Donald Trump, who (<a href="https://thehill.com/blogs/blog-briefing-room/3712538-donald-trump-jr-mocks-paul-pelosi-attack/">along with his son</a>) has <a href="https://www.youtube.com/watch?v=QeBoOJ5Cxeg">repeatedly mocked Nancy Pelosi’s husband Paul</a> after an unhinged lunatic, <a href="https://www.sfchronicle.com/bayarea/article/Where-s-Nancy-Here-s-what-happened-17554042.php">asking “Where is Nancy?”</a>, broke into their home and bashed Paul Pelosi’s head with a hammer, fracturing his skull to an extent that required surgery.</p> <p>Donald Trump wasn’t an inch away from assassination because of Democratic rhetoric against his threat to democracy. <em>He is a threat to democracy.</em> He threatened democracy on national television. He has repeated, literally hundreds of times over the last three and a half years, that <a href="https://www.cbsnews.com/news/election-results-security-chris-krebs-60-minutes-2020-11-29/">the fairest election this nation has ever held</a> was “rigged” because he lost. Ask him today and he’ll say the same. Give Trump credit: he fully admits that the only election results he will accept are results that declare him the winner. But that, quite literally, is a threat to our democracy. He tried to remain in office after losing, by almost the exact same Electoral College margin he declared “<a href="https://apnews.com/article/15698f808c344964afcc6ddd6e960240">a massive landslide victory</a>” when he won in 2016, by overthrowing the duly elected government of the United States. Ask him today if he should still be in the White House.</p> <p>Do not accept, not even at this fraught moment, the claims of anyone blaming yesterday on Democrats describing Trump as a threat to democracy. Saying so is not even on the spectrum of hyperbole. We saw what we saw after the 2020 election, and especially on January 6.</p> <p>Do not fret, either, that yesterday’s event somehow cedes the election to Trump, on the grounds that he survived and projected strength. The side that wants a strongman was already voting for him. They’re the same people who claimed, <a href="https://www.politico.com/news/magazine/2024/06/17/trouble-for-trump-in-a-new-poll-on-his-conviction-00163498">wrongly</a>, that being convicted of 34 felonies somehow helped him electorally. <a href="https://www.aol.com/news/bloodied-defiant-trump-raised-fist-163645326.html?guccounter=1">This is</a>, no question, an indelible image and a photo for the ages. But Teddy Roosevelt was shot campaigning in 1912 — and unlike Trump <a href="https://en.wikipedia.org/wiki/Attempted_assassination_of_Theodore_Roosevelt">took the stage to deliver his speech <em>after</em> taking the bullet</a> — and <a href="https://www.aol.com/news/bloodied-defiant-trump-raised-fist-163645326.html?guccounter=1">lost the election by 347 Electoral College votes</a> (an actual landslide) to Woodrow Wilson. Running for president for the third time in 1972, virulently racist Alabama governor <a href="https://www.washingtonpost.com/wp-srv/politics/daily/sept98/wallace051672.htm">George Wallace was shot</a>, leaving him paralyzed. Wallace lost the primary. Gerald Ford survived not just <a href="https://wayback.archive-it.org/all/20090502134729/http://www.history.com/this-day-in-history.do?id=5322&action=tdihArticleCategory">one</a> but <a href="https://web.archive.org/web/20180106064815/https://www.history.com/this-day-in-history/president-ford-survives-second-assassination-attempt">two</a> shooting attempts within 17 days in 1975. Ford wore <a href="https://en.wikipedia.org/wiki/File:Trenchcoat_worn_by_President_Gerald_R._Ford.jpg">a bulletproof trench coat</a> in public for the remainder of his term. He lost the 1976 election to Jimmy Carter. (<a href="https://en.wikipedia.org/wiki/1976_United_States_presidential_election">It was quite close</a>.)</p> <p>The truth is that our nation, great though it is in so many ways, has a horrific history of political violence and a seemingly innate obsession with firearms. Four presidents have been assassinated in office — Lincoln in 1865, Garfield in 1881, McKinley in 1901, and Kennedy in 1963 — all by gunshots. Three more — Roosevelt, Reagan (who nearly died), and now Trump — have been wounded by gunshots. And there have been <a href="https://en.wikipedia.org/wiki/List_of_United_States_presidential_assassination_attempts_and_plots">numerous other failed attempts</a>, including a nut who <a href="https://en.wikipedia.org/wiki/2011_White_House_shooting">fired shots into the White House during Barack Obama’s first term in 2011</a>.</p> <p>Also, yesterday’s events will be old news by election day. There are 113 days until November 5. It’s been 129 days since Joe Biden’s strong State of the Union speech. Does that State of the Union feel recent to you today? That’s how old yesterday’s shooting will feel when we vote.</p> <p>So here is what the Democrats should do. Tomorrow morning Chuck Schumer should put on the floor of the Senate a law mandating strict background checks for all gun purchases. Perhaps tie it to a reinstitution of the 1994 assault weapons ban that Republicans allowed to expire in 2004. Give it a name like the “Anti Political and School Violence Act”. Make Republicans shoot it down. Make them say, as Trump himself did after a school shooting massacre in Iowa this year, that we “<a href="https://www.nbcnews.com/politics/donald-trump/trump-tells-supporters-get-iowa-school-shooting-move-forward-rcna132610">have to get over it, we have to move forward</a>.” It’s not just an outrage when your right-wing authoritarian hero gets his ear nicked by an assassin’s bullet. It’s an outrage when anyone is shot by a nut with a gun.</p> <p>Make them say it. See how that flies.</p> ]]></content> <title>★ It’s the Guns, It’s the Guns, It’s the Guns</title></entry><entry> <title><![CDATA[AT&T Only Learned of Massive 2022 Data Breach This April; Delayed Revealing It at the Request of U.S. Law Enforcement]]></title> <link rel="alternate" type="text/html" href="https://krebsonsecurity.com/2024/07/hackers-steal-phone-sms-records-for-nearly-all-att-customers/" /> <link rel="shorturl" type="text/html" href="http://df4.us/vnn" /> <link rel="related" type="text/html" href="https://daringfireball.net/linked/2024/07/12/att-data-breach-rcs" /> <id>tag:daringfireball.net,2024:/linked//6.41027</id> <published>2024-07-13T00:18:33Z</published> <updated>2024-07-13T00:18:33Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <content type="html" xml:base="https://daringfireball.net/linked/" xml:lang="en"><![CDATA[<p>Brian Krebs:</p> <blockquote> <p>In a written statement shared with KrebsOnSecurity, the FBIconfirmed that it asked AT&T to delay notifying affectedcustomers.</p> <p>“Shortly after identifying a potential breach to customer data andbefore making its materiality decision, AT&T contacted the FBI toreport the incident,” the FBI statement reads. “In assessing thenature of the breach, all parties discussed a potential delay topublic reporting under Item 1.05(c) of the SEC Rule, due topotential risks to national security and/or public safety. AT&T,FBI, and DOJ worked collaboratively through the first and seconddelay process, all while sharing key threat intelligence tobolster FBI investigative equities and to assist AT&T’s incidentresponse work.”</p> <p><a href="https://techcrunch.com/2024/07/12/att-phone-records-stolen-data-breach/">Techcrunch quoted</a> an AT&T spokesperson saying the customer datawas stolen as a result of a still-unfolding data breach involvingmore than 160 customers of the cloud data provider Snowflake.</p> <p>Mark Burnett is an application security architect, consultant andauthor. Burnett said the only real use for the data stolen in themost recent AT&T breach is to know who is contacting whom and howmany times.</p> <p>“The most concerning thing to me about this AT&T breach of ALLcustomer call and text records is that this isn’t one of theirmain databases; it is metadata on who is contacting who,” Burnettwrote on Mastodon. “Which makes me wonder what would call logswithout timestamps or names have been used for.”</p> <p>It remains unclear why so many major corporations persist in thebelief that it is somehow acceptable to store so much sensitivecustomer data with so few security protections. For example,Advance Auto Parts said the data exposed included full names,Social Security numbers, drivers licenses and government issued IDnumbers on <a href="https://www.bleepingcomputer.com/news/security/advance-auto-parts-data-breach-impacts-23-million-people/">2.3 million</a> people who were former employees or jobapplicants.</p></blockquote> <div><a title="Permanent link to ‘AT&T Only Learned of Massive 2022 Data Breach This April; Delayed Revealing It at the Request of U.S. Law Enforcement’" href="https://daringfireball.net/linked/2024/07/12/att-data-breach-rcs"> ★ </a></div> ]]></content> </entry><entry> <title>Google Chrome, Along With Other Popular Chromium Browsers, Grants System Monitoring Privileges to *.google.com Domains</title> <link rel="alternate" type="text/html" href="https://x.com/lcasdev/status/1810696257137959018" /> <link rel="shorturl" type="text/html" href="http://df4.us/vnm" /> <link rel="related" type="text/html" href="https://daringfireball.net/linked/2024/07/12/google-chrome-system-monitoring" /> <id>tag:daringfireball.net,2024:/linked//6.41026</id> <published>2024-07-12T22:53:33Z</published> <updated>2024-07-13T04:24:06Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <content type="html" xml:base="https://daringfireball.net/linked/" xml:lang="en"><![CDATA[<p>Luca Casonato:</p> <blockquote> <p>So, Google Chrome gives all *.google.com sites full access tosystem / tab CPU usage, GPU usage, and memory usage. It also givesaccess to detailed processor information, and provides a loggingbackchannel.</p> <p>This API is not exposed to other sites - only to *.google.com.</p> <p>This is interesting because it is a clear violation of the ideathat browser vendors should not give preference to their websitesover anyone else’s.</p> <p>The DMA codifies this idea into law: browser vendors, asgatekeepers of the internet, must give the same capabilities toeveryone. Depending on how you interpret the DMA, this additionalexposure of information only to Google properties may beconsidered a violation of the DMA. Take for example Zoom - theyare now at a disadvantage because they can not provide the sameCPU debugging feature as Google Meet.</p></blockquote> <p>I frequently bemoan the DMA’s ambiguity but here I’d say it’s crystal clear. <a href="https://digital-markets-act.ec.europa.eu/gatekeepers_en">Chrome is a designated gatekeeping platform</a>, and granting system-monitoring privileges <em>only to Google’s own websites</em> is clearly in violation. <a href="https://news.ycombinator.com/item?id=40918742">Here’s a Hacker News comment from a purported Google employee</a> who calls the feature “mundane” while admitting that Google Meet uses it as a tool to debug bad connections, even though no other web-based meeting app has access to it. I can think of no better example proving that Google views the open web as a platform that it owns.</p> <p>But put the DMA aside. This is just creepy. It’s clearly a privacy violation. I don’t want Google to know what kind of CPU I have, how many cores, and how busy they are. And the makers of other Chromium-based browsers are so lazy that their browsers — Microsoft Edge and Brave at least — include this same “feature”. I don’t mean that Edge grants system-monitoring privileges to Microsoft’s websites. Edge grants these privileges to Google’s websites, and Google’s alone.</p> <p>But speaking of the DMA, Chromium is, <a href="https://gs.statcounter.com/browser-market-share">far and away</a>, the most popular browser engine that the DMA compels Apple to allow on iOS. There are legitimate reasons to wish that Apple allowed third-party browser engines on iOS. But there are also legitimate reasons why Apple <em>doesn’t</em> allow them. <a href="https://chromeisbad.com/">Chrome really is bad</a>. Better to let the market decide than let clueless regulators decide.</p> <p>(<a href="https://simonwillison.net/2024/Jul/9/hangout_servicesthunkjs/">Via Simon Willison</a>.)</p> <div><a title="Permanent link to ‘Google Chrome, Along With Other Popular Chromium Browsers, Grants System Monitoring Privileges to *.google.com Domains’" href="https://daringfireball.net/linked/2024/07/12/google-chrome-system-monitoring"> ★ </a></div> ]]></content> </entry><entry> <title>Massive Data Breach at AT&T Exposed Six Months of Call and SMS Records of Nearly All Customers</title> <link rel="alternate" type="text/html" href="https://www.cnn.com/2024/07/12/business/att-customers-massive-breach/index.html" /> <link rel="shorturl" type="text/html" href="http://df4.us/vnl" /> <link rel="related" type="text/html" href="https://daringfireball.net/linked/2024/07/12/att-massive-data-breach" /> <id>tag:daringfireball.net,2024:/linked//6.41025</id> <published>2024-07-12T18:34:33Z</published> <updated>2024-07-13T01:50:30Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <content type="html" xml:base="https://daringfireball.net/linked/" xml:lang="en"><![CDATA[<p>Matt Egan and Sean Lyngaas, reporting for CNN:</p> <blockquote> <p>The call and text message records from mid-to-late 2022 of tens ofmillions of AT&T cellphone customers and many non-AT&T customerswere exposed in a massive data breach, the telecom companyrevealed Friday. AT&T said the compromised data includes thetelephone numbers of “nearly all” of its cellular customers andthe customers of wireless providers that use its network betweenMay 1, 2022 and October 31, 2022.</p> <p>The stolen logs also contain a record of every number AT&Tcustomers called or texted — including customers of otherwireless networks — the number of times they interacted, and thecall duration.</p> <p>Importantly, AT&T said the stolen data did not include thecontents of calls and text messages nor the time of thosecommunications.</p></blockquote> <p>Of course the breach didn’t contain the content of (most) phone calls and (most) text messages, because carriers don’t record phone calls and, thankfully, don’t log the contents of text messages. This isn’t an important distinction at all. This is a devastating breach.</p> <p>(I added those “mosts” because the carriers facilitate the recording/logging of <em>some</em> calls and text messages at the behest of law enforcement agencies. Which is exactly why we should all be moving as much of our communications as possible to E2EE platforms.)</p> <div><a title="Permanent link to ‘Massive Data Breach at AT&T Exposed Six Months of Call and SMS Records of Nearly All Customers’" href="https://daringfireball.net/linked/2024/07/12/att-massive-data-breach"> ★ </a></div> ]]></content> </entry><entry> <title>Hermès’s H08 Watch, the Other Source for Samsung’s Ultra Rip-Off</title> <link rel="alternate" type="text/html" href="https://www.hermes.com/us/en/product/hermes-h08-watch-42mm-W402992WW00/" /> <link rel="shorturl" type="text/html" href="http://df4.us/vnk" /> <link rel="related" type="text/html" href="https://daringfireball.net/linked/2024/07/12/hermes-h08-watch" /> <id>tag:daringfireball.net,2024:/linked//6.41024</id> <published>2024-07-12T18:23:19Z</published> <updated>2024-07-12T18:35:36Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <content type="html" xml:base="https://daringfireball.net/linked/" xml:lang="en"><![CDATA[<p>I’ve seen a few people arguing that Samsung’s Galaxy Watch Ultra, though clearly inspired by Apple Watch Ultra, isn’t a rip-off, per se, because it’s not an exact clone. Ben Thompson even tried to argue such with me on <a href="https://dithering.fm/">Dithering</a> this week.</p> <p>Here, for example, is <a href="https://img.kwcdn.com/product-file-public/1e23311a16/e974ab1d41c5ff802c1d1549d81116d5.pdf?_x_sessn_id=gx2tw6ftru&refer_page_name=bgt_order_detail&refer_page_id=10045_1720805341295_6v7tsnd192&refer_page_sn=10045">a literal clone of Apple Watch Ultra that I bought on Temu</a> last year for $16. (I’m linking to the user manual because <a href="https://www.temu.com/goods.html?_bg_fs=1&goods_id=601099518497896&sku_id=17592224509139&_x_sessn_id=gx2tw6ftru&refer_page_name=bgt_order_detail&refer_page_id=10045_1720805341295_6v7tsnd192&refer_page_sn=10045">the watch itself is no longer available</a>, but <a href="https://daringfireball.net/misc/2024/07/temu-ultra-ripoff.jpeg">here’s a thumbnail photo from Temu</a>.) But of course Samsung wasn’t going to go that far and literally clone Apple Watch Ultra. That’s absurd. What they did was rip off as much as they thought they could get away with.</p> <p>What I neglected to point out, <a href="https://daringfireball.net/linked/2024/07/10/samsung-galaxy-watch-ultra-ripoff">but have since updated the post to mention</a>, is that whatever elements of the Galaxy Watch Ultra weren’t copied from Apple Watch Ultra <a href="https://www.samsung.com/us/watches/galaxy-watch-ultra/">were clearly ripped off</a> from Hermès’s H08 watch:</p> <p><img src = "https://daringfireball.net/misc/2024/07/hermes-h08-watch-42mm.jpeg" alt = "Photo of Hermès H08 Watch" width = 500/></a></p> <p>That’s a handsome watch in and of itself, but it should be noted that Hermès is a <a href="https://www.apple.com/newsroom/2015/09/09Apple-and-Herm-s-Unveil-the-Apple-Watch-Herm-s-Collection/">longstanding partner</a> of a smartwatch maker named — <em>checks notes...</em> — Apple.</p> <div><a title="Permanent link to ‘Hermès’s H08 Watch, the Other Source for Samsung’s Ultra Rip-Off’" href="https://daringfireball.net/linked/2024/07/12/hermes-h08-watch"> ★ </a></div> ]]></content> </entry><entry> <title>European Commission Charges X With Breach of DSA</title> <link rel="alternate" type="text/html" href="https://ec.europa.eu/commission/presscorner/detail/en/IP_24_3761" /> <link rel="shorturl" type="text/html" href="http://df4.us/vnj" /> <link rel="related" type="text/html" href="https://daringfireball.net/linked/2024/07/12/ec-x-dsa" /> <id>tag:daringfireball.net,2024:/linked//6.41023</id> <published>2024-07-12T17:23:48Z</published> <updated>2024-07-12T17:35:15Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <content type="html" xml:base="https://daringfireball.net/linked/" xml:lang="en"><![CDATA[<p>I guess the European Commission hasn’t taken off for their months-long summer vacation quite yet:</p> <blockquote> <p>[T]he Commission has issued preliminary findings of non-compliance on three grievances:</p> <ul><li><p>First, X designs and operates its interface for the “verifiedaccounts” with the “Blue checkmark” in a way that does notcorrespond to industry practice and <em>deceives users. Sinceanyone can subscribe to obtain such a “verified” status</em>, itnegatively affects users’ ability to make free and informeddecisions about the authenticity of the accounts and the contentthey interact with. There is evidence of motivated maliciousactors abusing the “verified account” to deceive users.</p></li><li><p>Second, X does not comply with the <em>required transparency onadvertising</em>, as it does not provide a searchable and reliableadvertisement repository, but instead put in place designfeatures and access barriers that make the repository unfit forits transparency purpose towards users. In particular, thedesign does not allow for the required supervision and researchinto emerging risks brought about by the distribution ofadvertising online.</p></li><li><p>Third, X fails to <em>provide access to its public data toresearchers</em> in line with the conditions set out in the DSA. Inparticular, X prohibits eligible researchers from <em>independentlyaccessing</em> its public data, such as by scraping, as stated inits terms of service. In addition, X’s process to <em>granteligible researchers access to its application programminginterface (API)</em> appears to dissuade researchers from carryingout their research projects or leave them with no other choicethan to pay disproportionally high fees.</p></li></ul></blockquote> <p>I don’t really have an opinion on the second and third points, but the first one seems daft to me. Here’s how commissioner Thierry Breton is quoted in the EC’s press release:</p> <blockquote> <p>“Back in the day, BlueChecks used to mean trustworthy sources ofinformation. Now with X, our preliminary view is that they deceiveusers and infringe the DSA. We also consider that X’s adsrepository and conditions for data access by researchers are notin line with the DSA transparency requirements. X has now theright of defence — but if our view is confirmed we will imposefines and require significant changes.”</p></blockquote> <p>Blue checkmarks were indeed used, “back in the day”, to indicate “verified” accounts. But upon purchasing Twitter, <a href="https://www.theverge.com/2023/4/20/23690079/twitter-legacy-verification-ending-on-420">Elon Musk eliminated that program</a>. They don’t advertise it as “Verified” any more; <a href="https://help.x.com/en/using-x/x-premium">they just call it “Twitter Premium”</a> and make it very clear that blue checkmarks indicate premium account status. That’s illegal under the DSA?</p> <p>Anyway, <a href="https://x.com/elonmusk/status/1811766597620474350">here’s Elon Musk</a>, replying to Breton’s announcement of this investigation:</p> <blockquote> <p>How we know you’re real? 🧐</p></blockquote> <p>And:</p> <blockquote> <p>We look forward to a very public battle in court, so that thepeople of Europe can know the truth.</p></blockquote> <p>And, more intriguingly, <a href="https://x.com/elonmusk/status/1811783320839008381">replying to Margrethe Vestager</a>:</p> <blockquote> <p>The European Commission offered X an illegal secret deal: if wequietly censored speech without telling anyone, they would notfine us.</p> <p>The other platforms accepted that deal.</p> <p>X did not.</p></blockquote> <p>The weapon the EC wields is their ability to fine companies 10–20 percent of global revenue. Musk is in a unique position to tell them to fuck off. Twitter’s revenue peaked at $5 billion in 2021 — when the company was still publicly-held — and has surely declined since then. A $500 million fine is figuratively nothing to Musk. He’d gladly pay that just for the attention a public fight over this will bring to him personally and X as a platform.</p> <div><a title="Permanent link to ‘European Commission Charges X With Breach of DSA’" href="https://daringfireball.net/linked/2024/07/12/ec-x-dsa"> ★ </a></div> ]]></content> </entry><entry> <title>Amid Antitrust Scrutiny, Microsoft Drops OpenAI Board Observer Seat, and Apple, Reversing Course, Will Not Take One</title> <link rel="alternate" type="text/html" href="https://www.ft.com/content/ecfa69df-5d1c-4177-9b14-a3a73072db12" /> <link rel="shorturl" type="text/html" href="http://df4.us/vni" /> <link rel="related" type="text/html" href="https://daringfireball.net/linked/2024/07/10/apple-microsoft-openai-never-mind" /> <id>tag:daringfireball.net,2024:/linked//6.41022</id> <published>2024-07-10T20:35:28Z</published> <updated>2024-07-10T20:48:30Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <content type="html" xml:base="https://daringfireball.net/linked/" xml:lang="en"><![CDATA[<p>Camilla Hodgson and George Hammond, reporting for The Financial Times:</p> <blockquote> <p>Microsoft has given up its seat as an observer on the board ofOpenAI while Apple will not take up a similar position, amidgrowing scrutiny by global regulators of Big Tech’s investments inAI start-ups.</p> <p>Microsoft, which has invested $13bn in the maker of the generativeAI chatbot ChatGPT, said in a letter to OpenAI that its withdrawalfrom its board role would be “effective immediately”.</p> <p>Apple had also been <a href="https://www.ft.com/content/3414cd0d-09e0-4246-a7db-4ef3032af8b8">expected to take an observer role </a> onOpenAI’s board as part of a deal to integrate ChatGPT into theiPhone maker’s devices, but would not do so, according to a personwith direct knowledge of the matter. Apple declined to comment.</p> <p>OpenAI would instead host regular meetings with partners such asMicrosoft and Apple and investors Thrive Capital and KhoslaVentures.</p></blockquote> <p>Apple’s board observer seat, set to be taken by Phil Schiller, was never officially announced. But after <a href="https://daringfireball.net/linked/2024/07/07/schiller-openai-board-observer">Mark Gurman broke the story</a> at Bloomberg, <a href="https://www.ft.com/content/3414cd0d-09e0-4246-a7db-4ef3032af8b8">it was confirmed by the Financial Times</a>. So it really does seem like a fast reversal. Or as Emily Litella would say, “<a href="https://www.youtube.com/watch?v=fZLeaSWY37I">Never mind</a>”. But I suspect these “regular meetings” will serve the same purpose, and I bet Schiller will be in those meetings representing Apple.</p> <p><strong>See also</strong> Reporting for Axios, <a href="https://www.axios.com/2024/07/10/microsoft-openai-board-seat-observer">Ina Fried has excerpts from Microsoft’s letter to OpenAI</a>.</p> <div><a title="Permanent link to ‘Amid Antitrust Scrutiny, Microsoft Drops OpenAI Board Observer Seat, and Apple, Reversing Course, Will Not Take One’" href="https://daringfireball.net/linked/2024/07/10/apple-microsoft-openai-never-mind"> ★ </a></div> ]]></content> </entry><entry> <title>M1 MacBook Air Drops from $700 to $650 at Walmart</title> <link rel="alternate" type="text/html" href="https://www.macrumors.com/2024/07/08/walmart-m1-macbook-air-for-649/" /> <link rel="shorturl" type="text/html" href="http://df4.us/vnh" /> <link rel="related" type="text/html" href="https://daringfireball.net/linked/2024/07/10/m1-macbook-air-walmart-650" /> <id>tag:daringfireball.net,2024:/linked//6.41021</id> <published>2024-07-10T19:54:54Z</published> <updated>2024-07-10T20:04:00Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <content type="html" xml:base="https://daringfireball.net/linked/" xml:lang="en"><![CDATA[<p>Joe Rossignol, MacRumors:</p> <blockquote> <p>Walmart+ members have early access <a href="https://goto.walmart.com/c/153062/565706/9383?veh=aff&sourceid=imp_000011112222333344&u=https%3A%2F%2Fwww.walmart.com%2Fip%2FApple-MacBook-Air-13-3-inch-Laptop-Space-Gray-M1-Chip-8GB-RAM-256GB-storage%2F609040889">to the deal</a> as of 12 p.m.Eastern Time today, and it will be available to all Walmartcustomers starting at 6 p.m. Eastern Time today.</p> <p>Walmart first began selling the MacBook Air with the M1 chip for$699 in March, marking the first time the retailer ever sold Macsdirectly. Now, it is available for an even lower $649 heading intothe back-to-school shopping season. It is unclear how long thedeal will last.</p></blockquote> <p>The M1 MacBook Air will turn 4 years old in November, but it remains an excellent laptop, including support for the upcoming Apple Intelligence features in MacOS 15 Sequoia. <a href="https://daringfireball.net/linked/2024/03/15/macbook-air-walmart">As I wrote in March, when this partnership started</a>:</p> <blockquote> <p>And while, yes, these machines are now over three years old,for $700 this is a great deal. That’s 30 percent less than thecheapest MacBook in an Apple Store. I’d bet serious money thata base M1 MacBook Air outperforms any other $700 laptop on themarket. Show me another $700 laptop with a retina display.I’ll wait.</p> <p>Fascinating example of pricing-as-branding that Apple won’t sellthis machine in its own stores, but will through Walmart — whichdoesn’t sell any other Macs.</p></blockquote> <div><a title="Permanent link to ‘M1 MacBook Air Drops from $700 to $650 at Walmart’" href="https://daringfireball.net/linked/2024/07/10/m1-macbook-air-walmart-650"> ★ </a></div> ]]></content> </entry><entry> <title>Pennsylvania Is, Finally, Getting Beautiful License Plates</title> <link rel="alternate" type="text/html" href="https://x.com/governorshapiro/status/1810662109073588268" /> <link rel="shorturl" type="text/html" href="http://df4.us/vng" /> <link rel="related" type="text/html" href="https://daringfireball.net/linked/2024/07/10/pa-license-plates-shapiro" /> <id>tag:daringfireball.net,2024:/linked//6.41020</id> <published>2024-07-10T17:57:47Z</published> <updated>2024-07-15T18:21:31Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <content type="html" xml:base="https://daringfireball.net/linked/" xml:lang="en"><![CDATA[<p>I’ve been a big fan of Pennsylvania governor Josh Shapiro since his term as our attorney general. He was <a href="https://www.buzzfeed.com/natashajokic1/teen-1sr2xbdtli">absolutely fantastic</a> in the aftermath of the 2020 election, when Trump attempted to steal Pennsylvania.</p> <p>But as of this week he might be my favorite politician in the entire country. He accomplished what I had long ago given up hope of ever seeing: replacing <a href="http://www.15q.net/pa.html">PA’s fugly-as-sin license plates</a> with <a href="https://daringfireball.net/misc/2024/07/pa-license-plate-new.png">a new design</a> that’s among the best I’ve ever seen. Good typography, great colors, and a new slogan and icon that exemplify Pennsylvania’s role as the birthplace of the longest-standing democracy the world has ever seen: the Liberty Bell.</p> <p>Bravo.</p> <p>(Next job: Apply this same design language to <a href="https://www.phillyvoice.com/pennsylvania-drivers-license-new-design-real-id-security/">our god-awful driver’s licenses</a>.)</p> <p><strong>Update:</strong> Design credit for both <a href="https://posts.cv/robynkanner/eGLZaWHY7autqPaOwiUQ">the new plates</a> and <a href="https://posts.cv/robynkanner/y1CcUwCt8wOdjkw8nFwL">welcome signage</a> goes to Robyn Kanner.</p> <div><a title="Permanent link to ‘Pennsylvania Is, Finally, Getting Beautiful License Plates’" href="https://daringfireball.net/linked/2024/07/10/pa-license-plates-shapiro"> ★ </a></div> ]]></content> </entry><entry> <title>Samsung Rips Off Apple Watch Ultra, Right Down to the Name</title> <link rel="alternate" type="text/html" href="https://x.com/snazzylabs/status/1811061102072967177?s=42" /> <link rel="shorturl" type="text/html" href="http://df4.us/vnf" /> <link rel="related" type="text/html" href="https://daringfireball.net/linked/2024/07/10/samsung-galaxy-watch-ultra-ripoff" /> <id>tag:daringfireball.net,2024:/linked//6.41019</id> <published>2024-07-10T17:18:52Z</published> <updated>2024-07-13T04:36:50Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <content type="html" xml:base="https://daringfireball.net/linked/" xml:lang="en"><![CDATA[<p>Quinn Nelson on X:</p> <blockquote> <ul><li>Watch Ultra is the most shameless copy of an Apple product inages — and it’s hideous</li><li>Wait, it gets more shameless — Buds3 and Buds3 Pro are clonesof AirPods</li></ul> <p>It’s sad to see Samsung — who once was a leader in design andinnovation — start knocking off popular products like somethird-rate OEM. Do better.</p></blockquote> <p>I agree that <a href="https://daringfireball.net/misc/2024/07/galaxy-buds3-ripoff.jpeg">the new Buds</a> are AirPod rip-offs, and the new Galaxy Watch Ultra <a href="https://daringfireball.net/misc/2024/07/galaxy-watch-ultra-ripoff.jpeg">is such a blatant rip-off</a> — the name, the orange accents, the comically slavish copy of Apple’s Ocean Band — that it defies parody. It’s an outright disgrace. Theft, pure and simple. Whatever elements of this watch weren’t ripped off from Apple Watch Ultra were ripped off from <a href="https://www.hermes.com/us/en/product/hermes-h08-watch-42mm-W402992WW00/">Hermès’s H08 watch</a> — and Hermès, of course, has a longstanding partnership with Apple. (<a href="https://www.theverge.com/24195083/samsung-galaxy-watch-ultra-7-hands-on-features-price">Victoria Song at The Verge calls it</a> “not exactly hiding where it got its inspiration from” and “That’s not necessarily a bad thing!”; I doubt she’d consider it “inspiration” and “not necessarily a bad thing” if someone were to rip off her articles to the degree Samsung rips off Apple’s designs. There is no reason to defend this. Call it what it is: theft.)</p> <p>I disagree that Samsung was ever “a leader in design”. I don’t recall a time when their strategy was anything other than just outright stealing the designs of whoever the current market leader is and undercutting them on price just enough to take the Pepsi position (happy to be in second place, happy to have no shame). Before they started ripping off the iPhone, they ripped off BlackBerry, and called their rip-off lineup of phones “BlackJack”. <a href="https://en.wikipedia.org/wiki/Samsung_BlackJack">Really</a>. These new blatant, shameful rip-offs aren’t an aberration; they define the company that Samsung is.</p> <div><a title="Permanent link to ‘Samsung Rips Off Apple Watch Ultra, Right Down to the Name’" href="https://daringfireball.net/linked/2024/07/10/samsung-galaxy-watch-ultra-ripoff"> ★ </a></div> ]]></content> </entry><entry> <title>Flight Tracking in Messages (and Anywhere Data Detectors Work)</title> <link rel="alternate" type="text/html" href="https://www.cnet.com/tech/mobile/you-can-track-any-flight-directly-from-your-iphones-text-messages/" /> <link rel="shorturl" type="text/html" href="http://df4.us/vne" /> <link rel="related" type="text/html" href="https://daringfireball.net/linked/2024/07/09/flight-tracking-imessage" /> <id>tag:daringfireball.net,2024:/linked//6.41018</id> <published>2024-07-09T17:40:40Z</published> <updated>2024-07-13T02:50:15Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <content type="html" xml:base="https://daringfireball.net/linked/" xml:lang="en"><![CDATA[<p>Nelson Aguilar and Blake Stimac, writing for CNet:</p> <blockquote> <p>That’s right. There’s a hidden flight tracker built right intoiMessage that you probably would have never noticed unless youthrew in the right combination of details within a message. [...]</p> <p>Although the airline name/flight number format highlighted aboveis the best way to go, there are other texting options that willlead you to the same result. So let’s say we stick with AmericanAirlines 9707, other options that may bring up the flight trackerinclude:</p> <ul><li><code>AmericanAirlines9707</code> (no spaces)</li><li><code>AmericanAirlines 9707</code> (only one space)</li><li><code>AA9707</code> (airline name is abbreviated and no space)</li><li><code>AA 9707</code> (abbreviated and space)</li></ul></blockquote> <p>This is a cool feature — <a href="https://www.youtube.com/watch?v=jVrpwy0XLIo">that dates back to iOS 9</a> in 2015 — but don’t cancel your <a href="https://apps.apple.com/app/id1358823008">Flighty</a> subscription. It’s maddeningly inconsistent. Even some of CNet’s own suggestions don’t work — neither <code>AmericanAirlines1776</code> nor <code>AmericanAirlines 1776</code> works, but <code>American Airlines 9707</code> does.</p> <p>The abbreviated names work for the major U.S. airlines — <code>AA123</code> (American), <code>DL123</code> (Delta), and <code>UA123</code> (United) are all recognized. But neither <code>B6123</code> nor <code>JBU123</code> (JetBlue) works, nor <code>F9123</code> or <code>FFT123</code> (Frontier). <code>JetBlue 123</code>, <code>JetBlue Airways 123</code>, and <code>JetBlue Airlines 123</code> work (and even <code>Jet Blue 123</code> works, with the erroneous space), but you need to include “Airlines” for most carriers. None of these work: <code>American 123</code>, <code>Delta 123</code>, <code>United 123</code>, <code>Frontier 123</code>. All of those do work if you include “Airlines” in the name.</p> <p>(<strong>Update:</strong> Turns out it’s not about major vs. regional airlines, because <a href="https://www.thrustflight.com/regional-airlines/">JetBlue is classified as a major by the DOT</a>. Instead it seems that only flight codes from airlines whose <a href="https://www.iata.org/en/publications/directories/code-search?airline.search=jetblue">IATA abbreviation</a> consists of two alphabetic letters work. JetBlue’s B6 and Frontier’s F9 don’t work because they contain numbers. But even with British Airways, whose code is BA, <code>BA123</code> isn’t recognized. But if you put words like “airline” or “flight” after the flight code — <code>BA123 airline</code>, <code>BA1588 flight</code> — it does, because the data detector picks up the additional context.)</p> <p>CNet attributes this feature to iMessage, going so far as to claim that it doesn’t work for messages sent using SMS, but that’s wrong. It works just fine for SMS messages. In fact, it’s not even a feature specific to the Messages app. It’s a feature from Apple’s <a href="https://developer.apple.com/documentation/datadetection">DataDetection framework</a> — the same system-wide feature that recognizes calendar events, postal addresses, URLs, shipment tracking numbers, and more. So you can use this same flight-code trick with, say, Apple Mail. Or if you’re just sending it to yourself, put it in Apple Notes. <a href="https://daringfireball.net/misc/2024/07/jetblue-data-detector.png">It even works with text recognized in screenshots</a>.</p> <p><strong>Update 2:</strong> You can also <a href="https://daringfireball.net/misc/2024/07/spotlight-flight-search.png">type flight codes into Spotlight search</a> on the iOS Home screen to search for and track flight status.</p> <div><a title="Permanent link to ‘Flight Tracking in Messages (and Anywhere Data Detectors Work)’" href="https://daringfireball.net/linked/2024/07/09/flight-tracking-imessage"> ★ </a></div> ]]></content> </entry><entry> <title>Windows Notepad Finally Gets Spellcheck and Autocorrect</title> <link rel="alternate" type="text/html" href="https://blogs.windows.com/windows-insider/2024/03/21/spellcheck-in-notepad-begins-rolling-out-to-windows-insiders/" /> <link rel="shorturl" type="text/html" href="http://df4.us/vnd" /> <link rel="related" type="text/html" href="https://daringfireball.net/linked/2024/07/09/notepad-spellcheck" /> <id>tag:daringfireball.net,2024:/linked//6.41017</id> <published>2024-07-09T16:32:45Z</published> <updated>2024-07-09T16:32:46Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <content type="html" xml:base="https://daringfireball.net/linked/" xml:lang="en"><![CDATA[<p>Dave Grochocki, writing for Microsoft’s Windows Insider Blog:</p> <blockquote> <p>With this update, Notepad will now highlight misspelled words andprovide suggestions so that you can easily identify and correctmistakes. We are also introducing autocorrect which seamlesslyfixes common typing mistakes as you type.</p> <p>Getting started with spellcheck in Notepad is easy as misspelledwords are automatically underlined in red. To fix a spellingmistake, click, tap, or use the keyboard shortcut Shift + F10 onthe misspelled word to see suggested spellings. Selecting asuggestion immediately updates the word. You can also choose toignore words in a single document or add them to the dictionary,so they are not flagged as a mistake again. Spellcheck in Notepadsupports multiple languages.</p></blockquote> <p>Better late than never, but it’s kind of wild that <a href="https://en.wikipedia.org/wiki/Windows_Notepad">Notepad is 41 years old</a> and only getting these features now. I haven’t used a single Mac app that doesn’t offer the system’s built-in spellchecking for over 20 years.</p> <div><a title="Permanent link to ‘Windows Notepad Finally Gets Spellcheck and Autocorrect’" href="https://daringfireball.net/linked/2024/07/09/notepad-spellcheck"> ★ </a></div> ]]></content> </entry><entry> <title>New Cars in the EU Now Equipped With Nagging Speed Limiters</title> <link rel="alternate" type="text/html" href="https://www.lbc.co.uk/news/new-cars-fitted-automatic-speed-limiters-this-week/" /> <link rel="shorturl" type="text/html" href="http://df4.us/vnc" /> <link rel="related" type="text/html" href="https://daringfireball.net/linked/2024/07/09/intelligent-speed-nagging" /> <id>tag:daringfireball.net,2024:/linked//6.41016</id> <published>2024-07-09T15:51:22Z</published> <updated>2024-07-09T15:54:31Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <content type="html" xml:base="https://daringfireball.net/linked/" xml:lang="en"><![CDATA[<p>Kieran Kelly, reporting for LBC:</p> <blockquote> <p>New cars that are sold in Europe from this week will hostautomatically-installed speed limiters, following the introductionof a new EU law.</p> <p>Even though the rule to install the technology does not apply inthe UK, many of the cars will have been made in Europe and so willfeature the Intelligent Speed Assistance (ISA) anyway.</p> <p>The technology allows the car to automatically restrict its speedbased on GPS location, speed-sign recognition and cameras withinthe vehicle. This is not done simply by applying the brakes, whichcould be dangerous, but by gradually reducing the engine’s power.However, drivers will first get a warning that they are drivingtoo fast and be told to slow down before the measure takes affect.</p></blockquote> <p>When a friend sent me this link, I thought at first that LBC was some sort of Onion/Babylon Bee-style parody site. But no, <a href="https://road-safety-charter.ec.europa.eu/resources-knowledge/media-and-press/intelligent-speed-assistance-isa-set-become-mandatory-across">this is real</a>. Any politician in the U.S. seeking to end their career should propose similar legislation here.</p> <blockquote> <p>In the EU, drivers will be able to turn off the system every timethey start their car. It cannot be permanently shut off.</p></blockquote> <p>I take back my complaint that the EU no longer innovates in technology. They brought the EU cookie-consent web experience to cars. Nonstop pointless nagging and annoyance.</p> <div><a title="Permanent link to ‘New Cars in the EU Now Equipped With Nagging Speed Limiters’" href="https://daringfireball.net/linked/2024/07/09/intelligent-speed-nagging"> ★ </a></div> ]]></content> </entry><entry> <title>Gurman: Apple Intelligence Powered Siri Won’t Arrive Until iOS 18.4</title> <link rel="alternate" type="text/html" href="https://www.bloomberg.com/news/newsletters/2024-07-07/apple-watch-series-10-ultra-3-details-bigger-screens-blood-pressure-challenge-lybjqp0q" /> <link rel="shorturl" type="text/html" href="http://df4.us/vna" /> <link rel="related" type="text/html" href="https://daringfireball.net/linked/2024/07/08/gurman-new-siri-next-year" /> <id>tag:daringfireball.net,2024:/linked//6.41014</id> <published>2024-07-08T20:45:11Z</published> <updated>2024-07-09T00:10:55Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <content type="html" xml:base="https://daringfireball.net/linked/" xml:lang="en"><![CDATA[<p>Mark Gurman, in his Power On column for Bloomberg:</p> <blockquote> <p>For the first time, the digital assistant will have precisecontrol over actions inside of Apple’s apps. That means you canask Siri to, say, edit a photo and then ship it off to a friend.It also will have the ability to understand what you’re looking aton your display, helping Siri determine what you want to do basedon the context. But neither of those upgrades will be ready whenApple Intelligence launches this fall, as I’ve previouslyreported.</p> <p>Instead, I’m told, Siri features are likely to go into betatesting for developers in January and then debut publicly aroundthe springtime — part of an iOS 18.4 upgrade that’s already inthe works. Other Siri features, such as a new design and ChatGPTintegration, will be coming later this year.</p></blockquote> <p><a href="https://support.apple.com/en-us/HT201222">Recent dates for iOS x.4 updates</a>:</p> <ul><li>iOS 17.4: 7 March 2024</li><li>iOS 16.4: 27 March 2023</li><li>iOS 15.4: 14 March 2022</li><li>iOS 14.4: 26 January 2021</li><li>iOS 13.4: 24 March 2020</li></ul> <p>If the usual pattern holds, it’s a safe guess that iOS 18.4 will arrive in mid-to-late March. (iOS 14.4 came in January, but 2020 was, needless to say, an unusual year.) This jibes with <a href="https://daringfireball.net/2024/06/wwdc24_apple_intelligence">my take post-WWDC, when I wrote</a>:</p> <blockquote> <p>If generative AI weren’t seen as essential — both in terms ofconsumer marketing <em>and</em> investor confidence — I think much, ifnot most, of what Apple unveiled in “Apple Intelligence” wouldn’teven have been announced until <em>next year’s</em> WWDC, not last week’sWWDC. Again, none of the features in “Apple Intelligence” are evenavailable in beta yet, and I think all or most of them will beavailable only under a “beta” label until next year.</p></blockquote> <div><a title="Permanent link to ‘Gurman: Apple Intelligence Powered Siri Won’t Arrive Until iOS 18.4’" href="https://daringfireball.net/linked/2024/07/08/gurman-new-siri-next-year"> ★ </a></div> ]]></content> </entry><entry> <title>BriefLook</title> <link rel="alternate" type="text/html" href="https://brieflook.app/?dfrss" /> <link rel="shorturl" type="text/html" href="http://df4.us/vn9" /> <link rel="related" type="text/html" href="https://daringfireball.net/linked/2024/07/07/brieflook" /> <id>tag:daringfireball.net,2024:/linked//6.41013</id> <published>2024-07-08T02:42:53Z</published> <updated>2024-07-08T02:42:54Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <content type="html" xml:base="https://daringfireball.net/linked/" xml:lang="en"><![CDATA[<p>My thanks to BriefLook for sponsoring last week at DF. BriefLook is a clever iPhone app that does one thing and does it well: it summarizes your postal (paper) mail. Just point your iPhone camera at a letter, and boom, a few moments later you get an AI-generated summary. Who it’s from, what it’s about, and what you’re expected to do about it. That’s useful for summarizing long letters in your own native language, but BriefLook can read and translate between <em>dozens</em> of languages. Truly an amazing use case for AI. Not too long ago a “universal mail translator / summarizer” was the stuff of science fiction. Now you can carry one in your pocket.</p> <p>Download BriefLook and try it free of charge. Super useful, yet so utterly simple.</p> <div><a title="Permanent link to ‘BriefLook’" href="https://daringfireball.net/linked/2024/07/07/brieflook"> ★ </a></div> ]]></content> </entry><entry> <title>Shockingly, Apple and Epic Games Still Aren’t Getting Along</title> <link rel="alternate" type="text/html" href="https://x.com/EpicNewsroom/status/1809179985682325649" /> <link rel="shorturl" type="text/html" href="http://df4.us/vn8" /> <link rel="related" type="text/html" href="https://daringfireball.net/linked/2024/07/07/epic-games-buttons" /> <id>tag:daringfireball.net,2024:/linked//6.41012</id> <published>2024-07-08T00:28:49Z</published> <updated>2024-07-09T01:45:29Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <content type="html" xml:base="https://daringfireball.net/linked/" xml:lang="en"><![CDATA[<p>Epic Games, on X two days ago:</p> <blockquote> <p>Apple has rejected our Epic Games Store notarization submissiontwice now, claiming the design and position of Epic’s “Install”button is too similar to Apple’s “Get” button and that our “In-apppurchases” label is too similar to the App Store’s “In-AppPurchases” label.</p> <p>We are using the same “Install” and “In-app purchases” namingconventions that are used across popular app stores on multipleplatforms, and are following standard conventions for buttons iniOS apps. We’re just trying to build a store that mobile users caneasily understand, and the disclosure of in-app purchases is aregulatory best practice followed by all stores nowadays.</p> <p>Apple’s rejection is arbitrary, obstructive, and in violation ofthe DMA, and we’ve shared our concerns with the EuropeanCommission. Barring further roadblocks from Apple, we remain readyto launch in the Epic Games Store and Fortnite on iOS in the EU inthe next couple of months.</p></blockquote> <p><a href="https://x.com/EpicNewsroom/status/1809321159906980133">Later that same day</a>:</p> <blockquote> <p>Update: Apple has informed us that our previously rejected EpicGames Store notarization submission has now been accepted.</p></blockquote> <p><a href="https://x.com/TimSweeneyEpic/status/1809229616084615654">Tim Sweeney</a>:</p> <blockquote> <p>Epic had supported notarization during Epic v Apple on the basisthat Mac’s mandatory malware scanning could add value to iOS. Nowit’s disheartening to see Apple twist its once-honest notarizationprocess into another vector to manipulate and thwart competition.</p></blockquote> <p><a href="https://x.com/rjonesy/status/1809286185757356254">Asked</a> if he would provide screenshots of the rejected screens, <a href="https://x.com/TimSweeneyEpic/status/1809294901894406149">Sweeney responded</a>:</p> <blockquote> <p>We shared screenshots with EC regulators. We want to compete withother stores by having a big exciting product rollout, which meansnot trickling out media publicly before launch with the Apple fanpress doing a teardown using Phil Schiller crafted talking points.</p></blockquote> <p>Epic is certainly under no obligation to reveal screenshots of its in-progress iOS games marketplace, but without screenshots, there’s also no reason for anyone to take their own description of the notarization dispute with Apple at face value. <a href="https://daringfireball.net/linked/2020/09/29/epic-games-unreliable-narrator">Epic Games is an unreliable narrator</a>. <a href="https://www.ftc.gov/news-events/news/press-releases/2023/03/ftc-finalizes-order-requiring-fortnite-maker-epic-games-pay-245-million-tricking-users-making">Last year the FTC fined Epic $245 million</a> “to settle charges that the company used dark patterns to trick players into making unwanted purchases and let children rack up unauthorized charges without any parental involvement.”</p> <p>Was Apple’s rejection of Epic’s notarization submission as petty and silly as Epic makes it sound? Maybe! Or perhaps Epic’s Game Store is designed to trick users into thinking it’s Apple’s own official App Store, and there’s nothing silly about the rejection at all. But in that case, it still might be illegal under the DMA for Apple to reject the submission for notarization — the DMA may well require Apple to notarize a third-party marketplace app that is a pixel-for-pixel rip-off of the App Store app, so long as it’s not outright malware.</p> <p>The point is, we don’t know. And one party, Apple, is <a href="https://appleinsider.com/articles/24/07/05/apple-green-lights-epic-games-store-in-rapid-reversal">barely commenting on the fracas</a>, and the other, Epic, was just fined a quarter of a billion dollars for tricking users, including children, into making unwanted purchases.</p> <div><a title="Permanent link to ‘Shockingly, Apple and Epic Games Still Aren’t Getting Along’" href="https://daringfireball.net/linked/2024/07/07/epic-games-buttons"> ★ </a></div> ]]></content> </entry><entry> <title>Phil Schiller to Represent Apple as Board ‘Observer’ at OpenAI</title> <link rel="alternate" type="text/html" href="https://www.bloomberg.com/news/articles/2024-07-02/apple-to-get-openai-board-observer-role-as-part-of-ai-agreement" /> <link rel="shorturl" type="text/html" href="http://df4.us/vn7" /> <link rel="related" type="text/html" href="https://daringfireball.net/linked/2024/07/07/schiller-openai-board-observer" /> <id>tag:daringfireball.net,2024:/linked//6.41011</id> <published>2024-07-07T22:30:10Z</published> <updated>2024-07-07T22:30:11Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <content type="html" xml:base="https://daringfireball.net/linked/" xml:lang="en"><![CDATA[<p>Mark Gurman, reporting for Bloomberg last week:</p> <blockquote> <p>Apple Inc. will get an observer role on OpenAI’s board as part ofa landmark agreement announced last month, further tightening tiesbetween the once-unlikely partners. Phil Schiller, the head ofApple’s App Store and its former marketing chief, was chosen forthe position, according to people familiar with the situation. Asa board observer, he won’t be serving as a full-fledged director,said the people, who asked not to be identified because the matterisn’t public. [...]</p> <p>The board observer role will put Apple on par with MicrosoftCorp., OpenAI’s biggest backer and its main AI technologyprovider. The job allows someone to attend board meetings withoutbeing able to vote or exercise other director powers. Observers,however, do gain insights into how decisions are made at thecompany.</p></blockquote> <p>“<em>Trust, but verify</em>” the adage goes. This board observer role gives Apple a position to verify that OpenAI remains the trustworthy partner Apple thinks they are. I can think of no one better than Schiller for this position. Perhaps you’re no fan of Schiller’s stewardship of the App Store, but he’s long been a staunch proponent of user privacy at Apple. He’s significantly responsible for Apple’s shift toward making “privacy” a major selling point of their products and services.</p> <div><a title="Permanent link to ‘Phil Schiller to Represent Apple as Board ‘Observer’ at OpenAI’" href="https://daringfireball.net/linked/2024/07/07/schiller-openai-board-observer"> ★ </a></div> ]]></content> </entry><entry> <title>Figma Disables ‘Make Design’ AI-Powered Rip-Off Tool</title> <link rel="alternate" type="text/html" href="https://techcrunch.com/2024/07/02/figma-disables-its-ai-design-feature-that-appeared-to-be-ripping-off-apples-weather-app/" /> <link rel="shorturl" type="text/html" href="http://df4.us/vn6" /> <link rel="related" type="text/html" href="https://daringfireball.net/linked/2024/07/02/figma-disables-make-design" /> <id>tag:daringfireball.net,2024:/linked//6.41010</id> <published>2024-07-03T00:37:34Z</published> <updated>2024-07-03T03:32:05Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <content type="html" xml:base="https://daringfireball.net/linked/" xml:lang="en"><![CDATA[<p>Sarah Perez, TechCrunch:</p> <blockquote> <p>Figma CEO Dylan Field says the company will <a href="https://x.com/zoink/status/1808045655082033483">temporarily disableits “Make Design” AI feature</a> that was said to be rippingoff the designs of Apple’s own Weather app. The problem was first<a href="https://x.com/asallen/status/1807675146020454808">spotted</a> by Andy Allen, the founder of <a href="https://www.notboring.software/">NotBoringSoftware</a>, which makes a suite of <a href="https://www.notboring.software/works">apps</a> that includesa popular, <a href="https://www.notboring.software/product/weather">skinnable Weather app </a> and other utilities. Hefound by testing Figma’s tool that it would repeatedly reproduceApple’s Weather app when used as a design aid.</p></blockquote> <p>Field is right to pull the feature but <a href="https://x.com/zoink/status/1808045655082033483">this explanation</a> is sophistry. The feature is clearly fundamentally flawed. It’s not in need of a tweak. It’s in need of being completely scrapped.</p> <p>Generative AI is really good and truly useful when you say “Here’s a thing, help me tweak it or change it”. But when you say “Make a new thing for me” you’re effectively just getting a rip-off a lot — or perhaps most — of the time.</p> <div><a title="Permanent link to ‘Figma Disables ‘Make Design’ AI-Powered Rip-Off Tool’" href="https://daringfireball.net/linked/2024/07/02/figma-disables-make-design"> ★ </a></div> ]]></content> </entry><entry> <title>Figma AI Is a Rip-Off Engine</title> <link rel="alternate" type="text/html" href="https://x.com/asallen/status/1807675146020454808" /> <link rel="shorturl" type="text/html" href="http://df4.us/vn4" /> <link rel="related" type="text/html" href="https://daringfireball.net/linked/2024/07/01/figma-ai-ripoff-engine" /> <id>tag:daringfireball.net,2024:/linked//6.41008</id> <published>2024-07-02T01:51:12Z</published> <updated>2024-07-02T03:34:05Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <content type="html" xml:base="https://daringfireball.net/linked/" xml:lang="en"><![CDATA[<p>Andy Allen:</p> <blockquote> <p>Figma AI looks rather heavily trained on existing apps.</p> <p>This is a “weather app” using the new Make Designs feature and theresults are basically Apple’s Weather app (left). Tried threetimes, same results.</p></blockquote> <p>This is even more disgraceful than a human rip-off. Figma knows what they trained this thing on, and they know what it outputs. In the case of this utter, shameless, abject rip-off of Apple Weather, they’re even copying Weather’s <a href="https://leancrew.com/all-this/2024/06/the-unbearable-sorrow-of-apple-weather/">semi-inscrutable (<em>semi-scrutable</em>?) daily temperature range bars</a>.</p> <p>“AI” didn’t do this. Figma did this. And they’re handing this feature to designers who trust Figma and are the ones who are going to be on the hook when they present a design that, unbeknownst to them, is a blatant rip-off of some existing app.</p> <p>Maybe now that the Adobe deal <a href="https://daringfireball.net/linked/2023/12/18/figma-adobe-ixnay-on-the-acquisitionyay">fell through</a>, Figma is looking to sell itself to Samsung?</p> <div><a title="Permanent link to ‘Figma AI Is a Rip-Off Engine’" href="https://daringfireball.net/linked/2024/07/01/figma-ai-ripoff-engine"> ★ </a></div> ]]></content> </entry><entry> <title>The Talk Show: ‘Curiously Short Episodes’</title> <link rel="alternate" type="text/html" href="https://daringfireball.net/thetalkshow/2024/06/30/ep-404" /> <link rel="shorturl" type="text/html" href="http://df4.us/vn3" /> <link rel="related" type="text/html" href="https://daringfireball.net/linked/2024/06/30/the-talk-show-404" /> <id>tag:daringfireball.net,2024:/linked//6.41007</id> <published>2024-07-01T01:43:31Z</published> <updated>2024-07-01T01:46:27Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <content type="html" xml:base="https://daringfireball.net/linked/" xml:lang="en"><![CDATA[<p>John Moltz returns to the show for a holiday-week look at the best of recent prestige streaming content, particularly Apple TV+. And, yes, a bit on the latest Apple/EU/DMA drama.</p> <p><audio src = "https://traffic.libsyn.com/secure/daringfireball/thetalkshow-404-john-moltz.mp3" controls preload = "none"/></p> <p>Sponsored by:</p> <ul><li><a href="https://squarespace.com/talkshow">Squarespace</a>: Make your next move. Use code <strong>talkshow</strong> for 10% off your first order.</li></ul> <div><a title="Permanent link to ‘The Talk Show: ‘Curiously Short Episodes’’" href="https://daringfireball.net/linked/2024/06/30/the-talk-show-404"> ★ </a></div> ]]></content> </entry><entry> <title>WorkOS</title> <link rel="alternate" type="text/html" href="https://workos.com/?utm_source=daringfireball&utm_medium=display&utm_campaign=q12024" /> <link rel="shorturl" type="text/html" href="http://df4.us/vn2" /> <link rel="related" type="text/html" href="https://daringfireball.net/linked/2024/06/30/workos" /> <id>tag:daringfireball.net,2024:/linked//6.41006</id> <published>2024-07-01T00:56:23Z</published> <updated>2024-07-01T00:56:23Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <content type="html" xml:base="https://daringfireball.net/linked/" xml:lang="en"><![CDATA[<p>My thanks to WorkOS for sponsoring last week at Daring Fireball. WorkOS is a modern identity platform for B2B SaaS. Start selling to enterprise customers with just a few lines of code. Ship complex features like SSO and SCIM (pronounced <em>skim</em>) provisioning in minutes instead of months.</p> <p>Today, some of the fastest growing startups are already powered by WorkOS, including Perplexity, Vercel, and Webflow.</p> <p>For SaaS apps that care deeply about design and user experience, WorkOS is the perfect fit. From high-quality documentation to self-serve onboarding for your customers, it removes all the unnecessary complexity for your engineering team.</p> <div><a title="Permanent link to ‘WorkOS’" href="https://daringfireball.net/linked/2024/06/30/workos"> ★ </a></div> ]]></content> </entry><entry> <title>European Commission Launches Investigation Against Microsoft for Integrating Teams With Office</title> <link rel="alternate" type="text/html" href="https://ec.europa.eu/commission/presscorner/detail/en/ip_24_3446" /> <link rel="shorturl" type="text/html" href="http://df4.us/vn1" /> <link rel="related" type="text/html" href="https://daringfireball.net/linked/2024/06/27/ec-microsoft-teams" /> <id>tag:daringfireball.net,2024:/linked//6.41005</id> <published>2024-06-27T16:22:05Z</published> <updated>2024-07-01T00:57:38Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <content type="html" xml:base="https://daringfireball.net/linked/" xml:lang="en"><![CDATA[<p>The European Commission:</p> <blockquote> <p>In particular, the Commission is concerned that Microsoft mayhave granted Teams a <em>distribution advantage</em> by not givingcustomers the choice whether or not to acquire access to Teamswhen they subscribe to their SaaS productivity applications. Thisadvantage may have been further exacerbated by interoperabilitylimitations between Teams’ competitors and Microsoft’s offerings.The conduct may have prevented Teams’ rivals from competing, andin turn innovating, to the detriment of customers in the EuropeanEconomic Area.</p> <p>If confirmed, these practices would infringe Article 102 of theTreaty on the Functioning of the European Union (‘TFEU’), whichprohibits the abuse of a dominant market position.</p> <p>After the Commission opened proceedings in July 2023, Microsoftintroduced changes in the way it distributes Teams. In particular,Microsoft started offering some suites without Teams. TheCommission preliminarily finds that these changes are insufficientto address its concerns and that more changes to Microsoft’sconduct are necessary to restore competition.</p></blockquote> <p>I can see the argument from regulatory proponents, that unbundling Teams from Office in some packages, after the fact, is too little too late. That the damage from abusing their dominant position was already done. But still, what more does the EC want?</p> <blockquote> <p>The sending of a Statement of Objections does not prejudge theoutcome of an investigation.</p></blockquote> <p>Translation: They’re guilty and we’re just going through the motions of giving them a chance to state their case.</p> <blockquote> <p>If the Commission concludes, after the company has exercised itsrights of defence, that there is sufficient evidence of aninfringement, it can adopt a decision prohibiting the conduct andimposing a fine of up to 10% of the company’s annual worldwideturnover. The Commission may also impose on the company anyremedies which are proportionate to bring the infringementeffectively to an end.</p></blockquote> <p>My read on this is that the EC’s stance is that its designated gatekeeping companies — all of which happen, by sheer coincidence I’m repeatedly told, to be from the US or Asia — should be forbidden from evolving their platforms to stay on top. That churn should be mandated by law.</p> <p>I mean of course Microsoft had an advantage by being able to bundle Teams with Office. But Office needs something like Teams to remain relevant today. If Office had never evolved after achieving a dominant position in the market, it would still be sold in boxes full of floppy disks. Moving from licensed installations to SaaS was inevitable if Office was to remain relevant, and adding a collaborative communication layer like Teams was essential in today’s world.</p> <p>The EC, to my eyes, is saying that it’s illegal for a successful platform to adapt and evolve. Or at the very least they’re saying they <em>might</em> deem it illegal. And once again it’s the EC itself that is proclaiming its threat to fine Microsoft up to 10 percent of its annual <em>global</em> revenue, and I’ll wager, once again, that the EU itself comprises less than 10 percent of Microsoft’s revenue. They’re threatening fines incommensurate with their market size.</p> <p>I think the EC expects these companies to capitulate. To bend their entire global strategy to the whims of EC bureaucrats, and just accept being handcuffed. But what’s clearly happening is that the these gatekeepers are reading the writing on the wall, and are going to postpone all new features and products in the EU until after they have assurances that they’re compliant under EU law. The EC thinks they’re going to handcuff these companies, but instead all they’re doing is setting the entire EU market months, or even years, behind the rest of the world for new products and services. In some cases those products and services will just never come to the EU at all.</p> <p>Surely the lesson Microsoft is taking from this is not that they were wrong to bundle Teams with Office, but that they were wrong to offer their integrated service in the EU.</p> <div><a title="Permanent link to ‘European Commission Launches Investigation Against Microsoft for Integrating Teams With Office’" href="https://daringfireball.net/linked/2024/06/27/ec-microsoft-teams"> ★ </a></div> ]]></content> </entry><entry> <title>Sponsorship Openings at Daring Fireball and the Talk Show, Summer 2024 Edition</title> <link rel="alternate" type="text/html" href="https://daringfireball.net/2024/03/sponsorship_openings_early_2024" /> <link rel="shorturl" type="text/html" href="http://df4.us/vn0" /> <link rel="related" type="text/html" href="https://daringfireball.net/linked/2024/06/27/sponsors-summer" /> <id>tag:daringfireball.net,2024:/linked//6.41004</id> <published>2024-06-27T16:00:29Z</published> <updated>2024-06-27T16:00:29Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <content type="html" xml:base="https://daringfireball.net/linked/" xml:lang="en"><![CDATA[<p>Yours truly back in March:</p> <blockquote> <p>After being sold out for months, the <a href="https://daringfireball.net/feeds/sponsors/">upcoming sponsorshipschedule</a> at DF is unusually open at the moment — includingthis upcoming week.</p> <p>Weekly sponsorships have been the top source of revenue for DaringFireball ever since I started selling them <a href="https://daringfireball.net/feeds/sponsors/archive">back in 2007</a>.They’ve succeeded, I think, because they make everyone happy. Theygenerate good money. There’s only one sponsor per week and thesponsors are always relevant to at least some sizable portion ofthe DF audience, so you, the reader, are never annoyed andhopefully often intrigued by them. And, from the sponsors’perspective, they work. My favorite thing about them is how manysponsors <a href="https://daringfireball.net/feeds/sponsors/archive">return for subsequent weeks</a> after seeing theresults.</p> <p>If you’ve got a product or service you think would be ofinterest to DF’s audience of people obsessed with high qualityand good design, <a href="mailto:sponsors@daringfireball.net?subject=Feed%20Sponsorship">get in touch</a>.</p></blockquote> <p>This is now true, once again for next week. And just like in March, <a href="http://neat.fm/">sponsorship spots for The Talk Show</a> are open for the summer months as well.</p> <div><a title="Permanent link to ‘Sponsorship Openings at Daring Fireball and the Talk Show, Summer 2024 Edition’" href="https://daringfireball.net/linked/2024/06/27/sponsors-summer"> ★ </a></div> ]]></content> </entry><entry> <title>The Talk Show: ‘150 Million Calculator Apps’</title> <link rel="alternate" type="text/html" href="https://daringfireball.net/thetalkshow/2024/06/26/ep-403" /> <link rel="shorturl" type="text/html" href="http://df4.us/vmz" /> <link rel="related" type="text/html" href="https://daringfireball.net/linked/2024/06/26/the-talk-show-403" /> <id>tag:daringfireball.net,2024:/linked//6.41003</id> <published>2024-06-27T02:07:20Z</published> <updated>2024-06-27T02:07:21Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <content type="html" xml:base="https://daringfireball.net/linked/" xml:lang="en"><![CDATA[<p>Quinn Nelson, esteemed host of Snazzy Labs, returns to the show to recap the highlights of WWDC: Apple Intelligence, platform updates, and the latest salvos from the EC regarding Apple’s compliance with the DMA.</p> <p><audio src = "https://traffic.libsyn.com/secure/daringfireball/thetalkshow-403-quinn-nelson.mp3" controls preload = "none"/></p> <p>Sponsored by:</p> <ul><li><a href="https://www.drinktrade.com/thetalkshow">Trade Coffee</a>: Enjoy 30% off your first month of coffee.</li><li><a href="https://squarespace.com/talkshow">Squarespace</a>: Make your next move. Use code <strong>talkshow</strong> for 10% off your first order.</li></ul> <div><a title="Permanent link to ‘The Talk Show: ‘150 Million Calculator Apps’’" href="https://daringfireball.net/linked/2024/06/26/the-talk-show-403"> ★ </a></div> ]]></content> </entry><entry> <title>Wavelength Is Shutting Down at the End of July</title> <link rel="alternate" type="text/html" href="https://www.wavelength.app/" /> <link rel="shorturl" type="text/html" href="http://df4.us/vmy" /> <link rel="related" type="text/html" href="https://daringfireball.net/linked/2024/06/26/wavelength-is-shutting-down" /> <id>tag:daringfireball.net,2024:/linked//6.41002</id> <published>2024-06-26T17:56:20Z</published> <updated>2024-06-26T17:56:21Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <content type="html" xml:base="https://daringfireball.net/linked/" xml:lang="en"><![CDATA[<p>Wavelength:</p> <blockquote> <p>We’re sad to announce that we’re shutting down Wavelength. We’reso grateful to our users and community — you’ve been amazing.</p> <p>On July 31st we’ll turn off our servers, which means that you’llno longer be able to sign in, create a group, or send messages.You will continue to have access to your message history as longas you keep the app installed on your device, but we recommendsaving or copying anything important out of the app as soon asyou can.</p> <p>Your Wavelength account data will be deleted from our servers atthe time of the shutdown. Rest assured that we will not retain,sell, or transfer any user information, and that your messagesremain end-to-end encrypted and secure.</p></blockquote> <p>You may recall <a href="https://daringfireball.net/2023/03/wavelength">I’ve been an advisor</a> to the team at Wavelength for a little over a year, so I knew this announcement was coming. It’s a bummer, personally, at two levels. First, just knowing the team, particularly cofounders Richard Henry and Marc Bodnick, both of whom I now consider friends. They tried to crack the “privacy-minded social network” nut before with <a href="https://techcrunch.com/2020/10/11/hands-on-with-telepath-the-social-network-taking-aim-at-abuse-fake-news-and-to-some-extent-free-speech/">Telepath</a>, and with Wavelength got even closer to pulling it off. So much work went into it, and so much of it was so good.</p> <p>Second, though, is a more selfish reason: I’m an active participant in a bunch of active, vibrant groups on Wavelength. I’m going to miss them. The groups I’m most active in on Wavelength have a higher signal-to-noise ratio than any social networking platform I’ve seen in ages. I’d have to go back to the heyday of Usenet and email group mailing lists, literally decades ago, or the very early years of Twitter, to find anything with such a high level of discourse.</p> <p>But the simple truth is that while Wavelength has been far from a failure, it’s also far from a breakout hit. It’d be an easy decision to shut it down if it were a flop. It was a hard decision to shut it down because it wasn’t. But a social platform really needs to be a breakout hit to succeed, and Wavelength just wasn’t on a path to become one.</p> <p>So: time to move on. Until the plug gets pulled at the end of next month though, I’ll still be there.</p> <div><a title="Permanent link to ‘Wavelength Is Shutting Down at the End of July’" href="https://daringfireball.net/linked/2024/06/26/wavelength-is-shutting-down"> ★ </a></div> ]]></content> </entry><entry> <title>Microsoft Edge Has an ‘Enhanced Security’ Mode That Disables the JIT</title> <link rel="alternate" type="text/html" href="https://www.bleepingcomputer.com/news/microsoft/microsoft-edge-just-got-a-super-duper-secure-mode-upgrade/" /> <link rel="shorturl" type="text/html" href="http://df4.us/vmx" /> <link rel="related" type="text/html" href="https://daringfireball.net/linked/2024/06/25/microsoft-edge-jit-security" /> <id>tag:daringfireball.net,2024:/linked//6.41001</id> <published>2024-06-25T15:57:31Z</published> <updated>2024-07-21T03:57:31Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <content type="html" xml:base="https://daringfireball.net/linked/" xml:lang="en"><![CDATA[<p>Sergiu Gatlan, writing for Bleeping Computer in 2021 (<a href="https://elephant.crime.group/@kevin/112674919102576960">thanks to Kevin van Haaren</a>):</p> <blockquote> <p>Microsoft has announced that the Edge Vulnerability Research teamis experimenting with a new feature dubbed “Super Duper SecureMode” and designed to bring security improvements withoutsignificant performance losses. When enabled, the new MicrosoftEdge Super Duper Secure Mode will remove Just-In-Time Compilation(JIT) from the V8 processing pipeline, reducing the attack surfacethreat actors can use to hack into Edge users’ systems.</p> <p>Based on CVE (Common Vulnerabilities and Exposures) datacollected since 2019, around 45% of vulnerabilities found in theV8 JavaScript and WebAssembly engine were related to the JITengine, more than half of all “in the wild” Chrome exploitsabusing JIT bugs.</p></blockquote> <p>“Super Duper Secure Mode” was a funner name, but <a href="https://learn.microsoft.com/en-us/deployedge/microsoft-edge-security-browse-safer">they settled on “Enhanced Security Mode”</a>.</p> <p>This is why Apple considers BrowserEngineKit — which is complex and requires a special entitlement with stringent requirements to use — necessary for complying with the DMA’s mandate to allow third-party browser engines. <a href="https://daringfireball.net/2024/06/apple_disables_webkits_jit_in_lockdown_mode">JITs are inherently vulnerable</a>. It’s not about known bugs — it’s the unknown bugs.</p> <p>The anti-WebKit peanut gallery responded to <a href="https://daringfireball.net/2024/06/apple_disables_webkits_jit_in_lockdown_mode">my piece on JITs yesterday</a> with a collective response along the lines of “<em>Who’s to say WebKit’s JIT is any more secure than Chrome’s or Gecko’s?</em>” That’s not really the point, but that answer is, Apple is to say. iOS is their platform and they’ve decided that it’s better for the platform to reduce the attack surface to a single browser engine, WebKit, the one they themselves control. And Apple isn’t saying WebKit as a whole, or its JavaScript JIT compiler in particular, is more secure than Chrome or Gecko. They’re saying, implicitly, that it’s safer to have just one that they themselves are fully responsible for. And that the safest way to comply with the DMA’s mandate to allow third-party rendering engines is via a stringent framework like BrowserEngineKit.</p> <p><em>You</em> might think it would be just fine for iOS to work just like MacOS, where you can install whatever software you want. But Apple, <a href="https://www.youtube.com/watch?v=J7al_Gpolb8">expressly</a>, does not. iOS is designed to be significantly more secure than MacOS.</p> <div><a title="Permanent link to ‘Microsoft Edge Has an ‘Enhanced Security’ Mode That Disables the JIT’" href="https://daringfireball.net/linked/2024/06/25/microsoft-edge-jit-security"> ★ </a></div> ]]></content> </entry><entry> <link rel="alternate" type="text/html" href="https://daringfireball.net/2024/06/apple_disables_webkits_jit_in_lockdown_mode" /> <link rel="shorturl" href="http://df4.us/vms" /> <id>tag:daringfireball.net,2024://1.40996</id> <published>2024-06-24T21:28:49Z</published> <updated>2024-06-25T00:13:36Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <summary type="text">To put it in Steven Sinofsky’s terms, gatekeeping is a fundamental aspect of Apple’s brand promise with iOS.</summary> <content type="html" xml:base="https://daringfireball.net/" xml:lang="en"><![CDATA[<p>Last week I mentioned Apple’s prohibition on JITs — <a href="https://en.wikipedia.org/wiki/Just-in-time_compilation">just-in-time compilers</a> — <a href="https://daringfireball.net/linked/2024/06/18/utm-notarization">in the context of their rejection of UTM SE</a>, an open source PC emulator. Apple’s prohibition on JITs, on security grounds, is a side issue regarding UTM SE, because UTM SE is the version of UTM that doesn’t use a JIT. But because it doesn’t use a JIT, it’s so slow that <a href="https://x.com/UTMapp/status/1799647652134654045">the UTM team doesn’t consider it worth fighting</a> with Apple regarding its rejection.</p> <p>On that no-JITs prohibition, though, it’s worth noting that Apple even disables its own trusted JIT in WebKit when you enable Lockdown Mode, which Apple <a href="https://support.apple.com/en-us/105120">now describes</a> as “an optional, extreme protection that’s designed for the very few individuals who, because of who they are or what they do, might be personally targeted by some of the most sophisticated digital threats. Most people are never targeted by attacks of this nature.” Apple <a href="https://daringfireball.net/linked/2022/07/11/lockdown-mode">previously described</a> Lockdown Mode as protection for those targeted by “private companies developing state-sponsored mercenary spyware”, but has <a href="https://www.reuters.com/technology/cybersecurity/apple-warns-users-mercenary-spyware-attack-91-countries-including-india-et-2024-04-11/">recently dropped</a> the “state-sponsored” language.</p> <p><a href="https://support.apple.com/en-us/105120">Here’s how Apple describes Lockdown Mode’s effect on web browsing</a>:</p> <blockquote> <p>Web browsing — Certain complex web technologies are blocked, whichmight cause some websites to load more slowly or not operatecorrectly. In addition, web fonts might not be displayed, andimages might be replaced with a missing image icon.</p></blockquote> <p>JavaScriptCore’s JIT interpreter is one of those “complex web technologies”. <a href="https://alexi.sh/blog/2022/07/lockdown-jsc/">Alexis Lours did some benchmarking two years ago</a>, when iOS 16 was in beta, to gauge the effect of disabling the JIT on JavaScript performance (and he also determined a long list of other WebKit features that get disabled in Lockdown Mode, a list I wish Apple would publish and keep up to date). Lours ran several benchmarks, but I suspect <a href="https://browserbench.org/Speedometer3.0/">Speedometer</a> is most relevant to real-world usage. Lours’s benchmarking indicated roughly a two-third reduction in JavaScript performance with Lockdown Mode enabled in Speedometer.</p> <p>This brings me to <a href="https://developer.apple.com/documentation/browserenginekit">BrowserEngineKit</a>, a new framework Apple created specifically for compliance with the EU’s DMA, which requires gatekeeping platforms to allow for third-party browser engines. Apple has permitted third-party <em>browsers</em> on iOS <a href="https://www.theverge.com/2012/6/28/3123689/google-announces-chrome-for-iphone-and-ipad">for over a decade</a>, but requires all browsers to use the system’s WebKit rendering engine. One take on Apple’s longstanding prohibition against third-party rendering engines is that they’re protecting their own interests with Safari. More or less that they’re just being dicks about it. But there really is a security angle to it. JavaScript engines run much faster with JIT compilation, but JITs inherently pose security challenges. There’s a whole section in the BrowserEngineKit docs <a href="https://developer.apple.com/documentation/browserenginekit/protecting-code-compiled-just-in-time">specifically about JIT compilation</a>.</p> <p>As I see it Apple had three choices, broadly speaking, for complying with the third-party browser engine mandate in the DMA:</p> <ol><li><p>Disallow third-party browser engines from using JITs. This would clearly be deemed malicious by anyone who actually wants to see Chromium or Gecko-based browsers on iOS. JavaScript execution would be somewhere between 65 to 90 percent slower compared to WebKit.</p></li><li><p>Allow third-party browser engines in the EU to just use JIT compilation freely without restrictions. This would open iOS devices running such browsers to security vulnerabilities. The message to users would be, effectively, “If you use one of these browsers you’re on your own.”</p></li><li><p>Create something like BrowserEngineKit, which adds complexity in the name of allowing for JIT compilation (and other potentially insecure technologies) in a safer way, and limit the use of BrowserEngineKit only to trusted web browser developers.</p></li></ol> <p>Apple went with choice 3, and I doubt they gave serious consideration to anything else. Disallowing third-party rendering engines from using JITs wasn’t going to fly, and allowing them to run willy-nilly would be insecure. The use of BrowserEngineKit <a href="https://developer.apple.com/support/alternative-browser-engines">also requires a special entitlement</a>:</p> <blockquote> <p>Apple will provide authorized developers access to technologieswithin the system that enable critical functionality and helpdevelopers offer high-performance modern browser engines. Thesetechnologies include just-in-time compilation, multiprocesssupport, and more.</p> <p>However, as browser engines are constantly exposed to untrustedand potentially malicious content and have visibility of sensitiveuser data, they are one of the most common attack vectors for badactors. To help keep users safe online, Apple will only authorizedevelopers to implement alternative browser engines after meetingspecific criteria and who commit to a number of ongoing privacyand security requirements, including timely security updates toaddress emerging threats and vulnerabilities.</p></blockquote> <p>BrowserEngineKit isn’t easy, but I genuinely don’t think any good solution would be. Browsers don’t need a special entitlement or complex framework to run on MacOS, true, but iOS is not MacOS. <a href="https://hardcoresoftware.learningbyshipping.com/p/215-building-under-regulation">To put it in Steven Sinofsky’s terms</a>, gatekeeping is a fundamental aspect of Apple’s brand promise with iOS.</p> ]]></content> <title>★ Apple Disables WebKit’s JIT in Lockdown Mode, Offering a Hint Why BrowserEngineKit Is Complex and Restricted</title></entry><entry> <link rel="alternate" type="text/html" href="https://daringfireball.net/2024/06/wwdc24_apple_intelligence" /> <link rel="shorturl" href="http://df4.us/vmr" /> <id>tag:daringfireball.net,2024://1.40995</id> <published>2024-06-23T23:31:50Z</published> <updated>2024-07-01T02:17:09Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <summary type="text">Apple is focusing on what it can do that no one else can on Apple devices, and not really even trying to compete against ChatGPT *et al.* for world-knowledge context. They’re focusing on unique differentiation, and eschewing commoditization.</summary> <content type="html" xml:base="https://daringfireball.net/" xml:lang="en"><![CDATA[<p>An <a href="https://www.tiktok.com/@decoderpod/video/7358481398384168235?_r=1&_t=8nT6tvhWdgJ">oft-told story</a> is that back in 2009 — two years after Dropbox debuted, two years before Apple unveiled iCloud — Steve Jobs invited Dropbox cofounders Drew Houston and Arash Ferdowsi to Cupertino to pitch them on selling the company to Apple. Dropbox, <a href="https://web.archive.org/web/20130920002127/http://www.wired.com/business/2013/09/dropbox-2/">Jobs told them</a>, was “a feature, not a product”.</p> <p>It’s easy today to forget just how revolutionary a product Dropbox was. A simple installation on your Mac and boom, you had a folder that synced between every Mac you used — automatically, reliably, and quickly. At the time Dropbox had a big sign in its headquarters that read, simply, “It Just Works”, and they delivered on that ideal — at a time when no other sync service did. Jobs, of course, was trying to convince Houston and Ferdowsi to sell, but that doesn’t mean he was wrong that, ultimately, it was a feature, not a product. A tremendously useful feature, but a feature nonetheless.</p> <p>Leading up to WWDC last week, I’d been thinking that this same description applies, in spades, to LLM generative AI. Fantastically useful, downright amazing at times, but features. Not products. Or at least not broadly universal products. Chatbots are products, of course. People pay for access to the best of them, or for extended use of them. But people <a href="https://www.dropbox.com/products?source=plans">pay for Dropbox too</a>.</p> <p>Chatbots can be useful. There are people doing amazing work through them. But they’re akin to the terminal and command-line tools. Most people just don’t think like that.</p> <p><a href="https://www.apple.com/newsroom/2024/06/introducing-apple-intelligence-for-iphone-ipad-and-mac/" title="Apple News: “Introducing Apple Intelligence, the Personal Intelligence System That Puts Powerful Generative Models at the Core of iPhone, iPad, and Mac”">What Apple unveiled</a> last week with <a href="https://www.apple.com/apple-intelligence/">Apple Intelligence</a> wasn’t so much new products, but new features — a slew of them — for existing products, powered by generative AI.</p> <p>Safari? Better now, with generative AI page summaries. Messages? More fun, with Genmoji. Notes and Mail and Pages (and any other app that uses the system text frameworks)? Better now, with proofreading and rewriting tools built-in. Photos? Even better recommendations for memories, and automatic categorization of photos into smart collections. Siri? That frustrating, <a href="https://daringfireball.net/2020/05/what_time_is_it_in_london" title="Daring Fireball: “What Time Is It in London?”">dumb-as-a-rock</a> son of a bitch, Siri? Maybe, actually, pretty useful and kind of smart now. These aren’t new apps or new products. They’re the most used, most important apps Apple makes, the core apps that define the Apple platforms ecosystem, and Apple is using generative AI to make them better and more useful — without, in any way, rendering them unfamiliar.<sup id="fnr1-2024-06-23"><a href="#fn1-2024-06-23">1</a></sup></p> <p>We had a lot of questions about Apple’s generative AI strategy heading into WWDC. Now that we have the answers, it all looks very obvious, and mostly straightforward. First, their models are almost entirely based on <em>personal</em> context, by way of an on-device semantic index. In broad strokes, this on-device semantic index can be thought of as a next-generation Spotlight. Apple is focusing on what it can do that no one else can on Apple devices, and not really even trying to compete against ChatGPT <em>et al.</em> for world-knowledge context. They’re focusing on unique differentiation, and eschewing commoditization.</p> <p>Second, they’re doing both on-device processing, for smaller/simpler tasks, <em>and</em> cloud processing (under the name <a href="https://security.apple.com/blog/private-cloud-compute/">Private Cloud Compute</a>) for more complex tasks. All of this is entirely Apple’s own work: the models, the servers (based on Apple silicon), the entire software stack running on the servers, and the data centers where the servers reside. This is an enormous amount of work, and seemingly puts the lie to reports that Apple executives only even became interested in generative AI 18 months ago. And if they <em>did</em> accomplish all this in just 18 months that’s a remarkable achievement.</p> <p>Anyone can make a chatbot. (And, seemingly, everyone is — searching for “chatbot” in the App Store is about as useful as searching for “game”.) Apple, conspicuously, has <em>not</em> made one. <a href="https://www.ben-evans.com/benedictevans/2024/06/20/apple-intelligence">Benedict Evans keenly observes</a>:</p> <blockquote> <p>To begin, then: Apple has built an LLM with no chatbot. Apple hasbuilt its own <a href="https://machinelearning.apple.com/research/introducing-apple-foundation-models">foundation models</a>, which (on the benchmarksit published) are comparable to anything else on the market, butthere’s nowhere that you can plug a raw prompt directly into themodel and get a raw output back — there are always sets of buttonsand options shaping what you ask, and that’s presented to the userin different ways for different features. In most of thesefeatures, there’s no visible bot at all. You don’t ask a questionand get a response: instead, your emails are prioritised, or youpress “summarise” and a summary appears. You <em>can</em> type a requestinto Siri (and Siri itself is only one of the many features usingApple’s models), but even then you don’t get raw model outputback: you get GUI. The LLM is abstracted away as an API call.</p></blockquote> <p>Instead Apple is doing what no one else can do: integrating generative AI into the frameworks in iOS and MacOS used by developers to create native apps. Apps built on the system APIs and frameworks will gain generative AI features for free, both in the sense that the features come automatically when the app is running on a device that meets the minimum specs to qualify for Apple Intelligence, <em>and</em> in the sense that Apple isn’t charging developers or users to utilize these features. </p> <p>Apple’s keynote presentation was exceedingly well-structured and paced. But nevertheless it was widely misunderstood, I suspect because expectations were so wrong. Those who believed going in that Apple was far behind the state of the art in generative AI technology wrongly saw the keynote’s coda — the announcement of a partnership with OpenAI to integrate their latest model, ChatGPT-4o, as an optional “world knowledge” layer sitting atop Apple’s own homegrown Apple Intelligence — as an indication that most or even all of the cool features Apple revealed were in fact powered by OpenAI. Quite the opposite. Almost <em>nothing</em> Apple showed in the keynote was from OpenAI.</p> <p>What I see as the main takeaways:</p> <ul><li><p>Apple continues to build machine learning and generative AI features across its core platforms, iOS and MacOS. They’ve been adding such features for years, and announced many new ones this year. Nothing Apple announced in the entire first hour of the keynote was part of “Apple Intelligence”. <a href="https://www.apple.com/newsroom/2024/06/ipados-18-introduces-powerful-intelligence-features-and-apps-for-apple-pencil/">Math Notes</a> (freeform handwritten or typed mathematics, in Apple Notes and the Calculator app, which is finally coming to iPadOS) is coming to all devices running iOS 18 and MacOS 15 Sequoia. Smart Script — the new personalized handwriting feature when using Apple Pencil, which aims to improve the legibility of your handwriting as you write, and simulates your handwriting when pasting text or generating answers in Math Notes — is coming to all iPads with an A14 or better chip. Inbox categorization and smart message summaries are coming to Apple Mail on all devices. Safari web page summaries are coming to all devices. Better background clipping (“greenscreening”) for videoconferencing. None of these features are under the “Apple Intelligence” umbrella. They’re for everyone with devices eligible for this year’s OS releases.</p></li><li><p>The minimum device specs for Apple Intelligence are understandable, but regrettable, particularly the fact that the only current iPhones that are eligible are the iPhone 15 Pro and Pro Max. Even the only-nine-month-old iPhone 15 models don’t make the cut. When I asked John Giannandrea (along with Craig Federighi and Greg Joswiak) about this on stage at <a href="https://daringfireball.net/2024/06/the_talk_show_live_from_wwdc_2024">The Talk Show Live last week</a>, his answer was simple: lesser devices aren’t fast enough to provide a good experience. That’s the Apple way: better not to offer the feature at all than offer it with a bad (slow) experience. A-series chips before last year’s A17 Pro don’t have enough RAM <em>and</em> don’t have powerful enough Neural Engines. But by the time iOS 18 is released and Apple Intelligence features actually become available — even in beta form (they are not enabled in the current developer OS betas) — the iPhone 15 Pro will surely be joined by all iPhone 16 models, both Pro and non-pro. Apple Intelligence is skating to where the puck is going to be in a few years, not where it is now.</p></li><li><p>Surely Apple is also being persnickety with the device requirements to lessen the load on its cloud compute servers. And if this pushes more people to upgrade to a new iPhone this year, I doubt Tim Cook is going to see that as a problem.</p></li><li><p>One question I’ve been asked repeatedly is why devices that don’t qualify for Apple Intelligence can’t just do everything via Private Cloud Compute. Everyone understands that if a device isn’t fast or powerful enough for on-device processing, that’s that. But why can’t older iPhones (or in the case of the non-pro iPhones 15, new iPhones with two-year-old chips) simply use Private Cloud Compute for everything? From what I gather, that just isn’t how Apple Intelligence is designed to work. The models that run on-device are entirely different models than the ones that run in the cloud, and one of those on-device models is the heuristic that determines which tasks can execute with on-device processing and which require Private Cloud Compute or ChatGPT. But, see also the previous item in this list — surely Apple has scaling concerns as well. As things stand, with only devices using M-series chips or the A17 or later eligible, Apple is going to be on the hook for an enormous amount of server-side computation with Private Cloud Compute. They’d be on the hook for <em>multiples</em> of that scale if they enabled Apple Intelligence for older iPhones, with those older iPhones doing none of the processing on-device. The on-device processing component of Apple Intelligence isn’t just nice-to-have, it’s a keystone to the entire thing.</p></li><li><p>Apple could have skipped, or simply delayed announcing until the fall, the entire OpenAI partnership, and they still would have had an impressive array of generative AI features with broad, practical appeal. And clearly they would have gotten <a href="https://www.bbc.com/news/articles/c4nn5mejl89o">a lot more credit</a> for their achievements in the aftermath of the keynote. I remain skeptical that integrating ChatGPT (and any future world-knowledge LLM chatbot partners) at the OS level will bring any significant practical advantage to users versus just using the chatbot apps from the makers of those LLMs. But perhaps removing a few steps, and eliminating the need to choose, download, and sign up for a third-party chatbot, will expose such features to many more users than are using them currently. But I can’t help but feel that integrating these third-party chatbots in the OSes is at least as much <a href="https://daringfireball.net/linked/2024/06/13/gurman-openai-apple">a services-revenue play</a> as a user-experience play.</p></li><li><p>The most unheralded aspect of Apple Intelligence is that the data centers Apple is building for Private Cloud Compute are not only carbon neutral, but are operating <em>entirely</em> on renewable energy sources. That’s extraordinary, and I believe unique in the entire industry. But it’s gone largely un-remarked-upon — because Apple itself did not mention this during the WWDC keynote. Craig Federighi first mentioned it <a href="https://www.theverge.com/2024/6/10/24175625/wwdc-live-ai-apple-intelligence-federighi">in a post-keynote interview with Justine Ezarik</a>, and he reiterated it on stage with me at <a href="https://daringfireball.net/2024/06/the_talk_show_live_from_wwdc_2024">The Talk Show Live From WWDC</a>. In hindsight, I wish I’d asked, on stage, why Apple did not even mention this during the keynote, let alone trumpet it. I suspect the real answer is that Apple felt like they couldn’t brag about their own data centers running entirely on renewable energy during the same event in which they announced a partnership with OpenAI, whose data centers <a href="https://www.nature.com/articles/d41586-024-00478-x">can make no such claims</a>. OpenAI’s carbon footprint is a secret, and experts <a href="https://semiengineering.com/ai-power-consumption-exploding/">suspect it’s bad</a>. It’s unseemly to throw your own partner under the bus, but that takes Apple Intelligence’s proclaimed carbon neutrality off the table as a marketing point. Yet another reason why I feel Apple might have been better off <em>not</em> announcing this partnership last week.</p></li><li><p>If you don’t want or don’t trust Apple Intelligence (or just not <em>yet</em>), you’ll be able to turn it off. And you’ll have to opt-in to using the integrated ChatGPT feature, and, each time Apple Intelligence decides to send you to ChatGPT to handle a task, you’ll have to explicitly allow it. As currently designed, no one is going to accidentally interact with, let alone expose personal information to, ChatGPT. If anything I suspect the more common complaint will come from people who wish to use ChatGPT without confirmation each time. Some people are going to want an “Always allow” option for handing requests to ChatGPT, but according to Apple reps I’ve spoken with, such an option does not yet exist.</p></li><li><p>At a technical level Apple is using indirection to anonymize devices from ChatGPT. OpenAI will never see your IP address or precise location. At a policy level, OpenAI has agreed not to store user data, nor use data for training purposes, unless users have signed into a ChatGPT account. If you want to use Apple Intelligence but not ChatGPT, you can. If you want to use ChatGPT anonymously, you can. And if you do want ChatGPT to keep a history of your interactions, you can do that too, by signing in to your account. Users are entirely in control, as they should be.</p></li><li><p>VisionOS 2 is not getting any Apple Intelligence features, despite the fact that the Vision Pro has an M2 chip. One reason is that VisionOS remains a dripping-wet new platform — Apple is still busy building the fundamentals, like rearranging and organizing apps in the Home view. VisionOS 2 isn’t even getting features like Math Notes, which, as I mentioned above, isn’t even under the Apple Intelligence umbrella. But another reason is that, according to well-informed little birdies, Vision Pro is already making significant use of the M2’s Neural Engine to supplement the R1 chip for real-time processing purposes — occlusion and object detection, things like that. With M-series-equipped Macs and iPads, the Neural Engine is basically sitting there, fully available for Apple Intelligence features. With the Vision Pro, it’s already being used.</p></li><li><p>“Apple Intelligence” is not one thing or one model. Or even two models — local and cloud. It’s an umbrella for dozens of models, some of them very specific. One of the best, potentially, is a new model that will allow Siri to answer technical support questions about Apple products and services. This model has been trained on Apple’s own copious <a href="https://support.apple.com/">Knowledge Base of support documentation</a>. The age-old gripe is that “no one reads the documentation”, but maybe now that’s no longer a problem because Siri is reading it. Apple’s platforms are so rich and deep, but most users’ knowledge of them is shallow; getting correct answers from Siri to specific how-to questions could be a game-changer. AI-generated slop is polluting web search results for technical help; Apple is using targeted AI trained on its own documentation to avoid the need to search the web in the first place. Technical documentation isn’t sexy, but exposing it all through natural language queries could be one of the sleeper hits of this year’s announcements.</p></li><li><p>Xcode is the one product where Apple was clearly behind on generative AI features. It was behind on LLM-backed code completion/suggestion/help <a href="https://daringfireball.net/2023/07/apple_gpt_bloomberg"><em>last</em> year</a>. Apple introduced <a href="https://devimages-cdn.apple.com/wwdc-services/images/C03E6E6D-A32A-41D0-9E50-C3C6059820AA/guides-76105412-ED4C-4D9D-AAA5-E039F7FE142B/WWDC24-Developer-Tools.pdf?dl=1">two generative AI features in Xcode 16</a>, and they exemplify the local/cloud distinction in Apple Intelligence in general. Predictive code completion runs locally, on your Mac. Swift Assist is more profound, answering natural language questions and providing entire solutions in working Swift code, and runs entirely in Private Cloud Compute.</p></li></ul> <h2>Take It All With a Grain of Salt</h2> <p>Lastly, it is essential to note that we haven’t been able to try any of these Apple Intelligence features yet. None of them are yet available in the developer OS betas, and none are slated to be available, even in beta, until “later this summer”. I witnessed multiple live demos of some of these features last week, during press briefings at Apple Park after the keynote. Demos I witnessed included the writing tools (“make this email sound more professional”) and Xcode code completion and Swift Assist. But those demos were conducted by Apple employees; we in the media were not able to try them ourselves.</p> <p>It all looks very impressive, and almost all these features seem very practical. But it’s all very, very early. None of it counts as real until we’re able to use it ourselves. We don’t know how well it works. We don’t know how well it scales.</p> <p>If generative AI weren’t seen as essential — both in terms of consumer marketing <em>and</em> investor confidence — I think much, if not most, of what Apple unveiled in “Apple Intelligence” wouldn’t even have been announced until <em>next year’s</em> WWDC, not last week’s WWDC. Again, none of the features in “Apple Intelligence” are even available in beta yet, and I think all or most of them will be available only under a “beta” label until next year.</p> <p>It’s good to see Apple hustling, though. I <a href="https://daringfireball.net/linked/2024/05/24/publishing-ai-slop-is-a-choice">continue to believe</a> it’s incorrect to see Apple as “behind”, overall, on generative AI. But clearly they are feeling tremendous competitive pressure on this front, which is good for them, and great for us.</p> <div class="footnotes"><hr /><ol><li id="fn1-2024-06-23"><p>Image Playground is a new app, and thus definitely counts as a product, but at the moment I’m seeing it as the least interesting part of Apple Intelligence, if only because it’s offering something a dozen other products offer, and <a href="https://gizmodo.com.au/2024/06/apple-ai-images-are-so-ugly/">it doesn’t seem to do</a> a particularly interesting job of it. <a href="#fnr1-2024-06-23" class="footnoteBackLink" title="Jump back to footnote 1 in the text.">↩︎</a></p></li></ol></div> ]]></content> <title>★ WWDC 2024: Apple Intelligence</title></entry><entry> <link rel="alternate" type="text/html" href="https://daringfireball.net/2024/06/training_large_language_models_on_the_public_web" /> <link rel="shorturl" href="http://df4.us/vmp" /> <id>tag:daringfireball.net,2024://1.40993</id> <published>2024-06-22T00:41:04Z</published> <updated>2024-06-22T18:32:18Z</updated> <author> <name>John Gruber</name> <uri>http://daringfireball.net/</uri> </author> <summary type="text">The whole point of the public web is that it’s there to learn from — even if the learner isn’t human. Is there a single LLM that was *not* trained on the public web? To my knowledge there is not, and a model that is ignorant of all information available on the public web would be, well, pretty ignorant of the world.</summary> <content type="html" xml:base="https://daringfireball.net/" xml:lang="en"><![CDATA[<p>Yesterday, quoting Anthropic’s announcement of their impressive new model, Claude 3.5 Sonnet, <a href="https://daringfireball.net/linked/2024/06/20/claude-3-5-sonnet">I wrote</a>:</p> <blockquote> <p>Also, from the bottom of the post, this interesting nugget:</p> <blockquote> <p>One of the core constitutional principles that guides our AI modeldevelopment is privacy. We do not train our generative models onuser-submitted data unless a user gives us explicit permission todo so. To date we have not used any customer or user-submitteddata to train our generative models.</p></blockquote> <p><a href="https://www.macstories.net/linked/apple-details-its-ai-foundation-models-and-applebot-web-scraping/">Even Apple can’t say that</a>.</p></blockquote> <p>It now seems clear that I misread Anthropic’s statement. I wrongly interpreted this as implying that Claude was not trained on public web data. <a href="https://support.anthropic.com/en/articles/7996885-how-do-you-use-personal-data-in-model-training">Here is Anthropic’s FAQ on training data</a>:</p> <blockquote> <p>Large language models such as Claude need to be “trained” on textso that they can learn the patterns and connections between words.This training is important so that the model performs effectivelyand safely.</p> <p>While it is not our intention to “train” our models on personaldata specifically, training data for our large language models,like others, can include web-based data that may contain publiclyavailable personal data. We train our models using data from threesources:</p> <ol><li>Publicly available information via the Internet</li><li>Datasets that we license from third party businesses</li><li>Data that our users or crowd workers provide</li></ol> <p>We take steps to minimize the privacy impact on individualsthrough the training process. We operate under strict policies andguidelines for instance that we do not access password protectedpages or bypass CAPTCHA controls. We undertake due diligence onthe data that we license. And we encourage our users not to useour products and services to process personal data. Additionally,our <a href="https://www.anthropic.com/index/claudes-constitution">models are trained to respect privacy</a>: one of ourconstitutional “principles” at the heart of Claude, based on theUniversal Declaration of Human Rights, is to choose the responsethat is most respectful of everyone’s privacy, independence,reputation, family, property rights, and rights of association.</p></blockquote> <p><a href="https://machinelearning.apple.com/research/introducing-apple-foundation-models">Here is Apple, from its announcement last week of their on-device and server foundation models</a>:</p> <blockquote> <p>We train our foundation models on licensed data, including dataselected to enhance specific features, as well as publiclyavailable data collected by our web-crawler, AppleBot. Webpublishers have <a href="https://support.apple.com/en-us/119829">the option to opt out</a> of the use of theirweb content for Apple Intelligence training with a data usagecontrol.</p> <p>We never use our users’ private personal data or user interactionswhen training our foundation models, and we apply filters toremove personally identifiable information like social securityand credit card numbers that are publicly available on theInternet. We also filter profanity and other low-quality contentto prevent its inclusion in the training corpus. In addition tofiltering, we perform data extraction, deduplication, and theapplication of a model-based classifier to identify high qualitydocuments.</p></blockquote> <p>This puts Apple in the same boat as Anthropic in terms of using public pages on the web as training sources. Some writers and creators object to this — <a href="https://machinelearning.apple.com/research/introducing-apple-foundation-models">including Federico Viticci</a>, whose piece on MacStories I linked to with my “Even Apple can’t say that” comment yesterday. <a href="https://sixcolors.com/post/2024/06/excluding-your-website-from-apples-ai-crawler/">Dan Moren wrote a good introduction to blocking these crawling bots</a> with robots.txt directives.</p> <p>The best argument against Apple’s use of public web pages for model training is that they trained first, but only after announcing Apple Intelligence last week issued the instructions for blocking Applebot for AI training purposes. Apple should clarify whether they plan to re-index the public data they used for training before Apple Intelligence ships in beta this summer. Clearly, a website that bans Applebot-Extended shouldn’t have its data in Apple’s training corpus simply because Applebot crawled it before Apple Intelligence was even announced. It’s fair for public data to be excluded on an opt-out basis, rather than included on an opt-in one, but Apple trained its models on the public web before they allowed for opting out.</p> <p>But other than that chicken/egg opt-out issue, I don’t object to this. The whole point of the public web is that it’s there to learn from — even if the learner isn’t human. Is there a single LLM that was <em>not</em> trained on the public web? To my knowledge there is not, and a model that is ignorant of all information available on the public web would be, well, pretty ignorant of the world. To me the standards for LLMs should be similar to those we hold people to. You’re free to learn from anything I publish, but not free <a href="https://daringfireball.net/linked/2024/06/19/robb-knight-perplexity">to plagiarize it</a>. If you quote it, attribute and link to the source. That’s my standard for AI bots as well. So at the moment, <a href="https://daringfireball.net/robots.txt">my robots.txt file</a> bans just one: Perplexity.</p> <p>(I’d block a second, <a href="https://www.threads.net/@gruber/post/C8Zoz4jR-EB">the hypocrites at Arc</a>, if I could figure out how.)</p> ]]></content> <title>★ Training Large Language Models on the Public Web</title></entry></feed><!-- THE END --> If you would like to create a banner that links to this page (i.e. this validation result), do the following:
Download the "valid Atom 1.0" banner.
Upload the image to your own server. (This step is important. Please do not link directly to the image on this server.)
Add this HTML to your page (change the image src attribute if necessary):
If you would like to create a text link instead, here is the URL you can use:
http://www.feedvalidator.org/check.cgi?url=http%3A//daringfireball.net/index.xml
