Developer.
192 stories
·
56 followers

Apple’s Achilles Heel

1 Comment

Neil Cybart, in his weekly Above Avalon column last week, “The Mac Is Turning into Apple’s Achilles Heel”:

Apple’s decision to change course and develop a new Mac Pro has received near-universal praise from the company’s pro community. While developing a new Mac Pro is the right decision for Apple to make given the current situation, it has become clear that the Mac is a major vulnerability in Apple’s broader product strategy. The product that helped save Apple from bankruptcy 20 years ago is now turning into a barrier that is preventing Apple from focusing on what comes next.

I read this last week and it didn’t sit right with me at all. But I couldn’t put my finger on why until this weekend. It’s actually very simple: I think Cybart’s entire premise is completely backwards. The Mac is not Apple’s Achilles heel. The iPhone is. That’s why the rest of his column doesn’t make much sense.

The iPhone hasn’t suffered because Apple is focused on the Mac. New iPhones come out like clockwork every year. Apple has really gotten it down to a science in recent years. The Mac lineup, however — and the Mac Pro in particular — has clearly suffered from a lack of attention. Where did that institutional attention go? Surely much of it went to iPhone.

I’m not arguing that it’s a mistake for Apple to devote more attention to the iPhone than any other product. Smartphones are the greatest opportunity in the history of mass market consumer goods, and also the greatest opportunity in the history of personal computing. The iPhone epitomizes everything Apple stands for. But it’s a mistake to focus so much attention on the iPhone that other important products suffer.

Read the whole story
rafeco
95 days ago
reply
Apple has over $200 billion in the bank. I wonder which form of attention is scarce inside Apple.
koffie
88 days ago
You can't solve every problem with money. The one Apple is facing is managing engineering resources and talent. This is very though, especially for a large company like Apple which has a very narrow/limited set of products which are from a technical POV very similar to develop. Skills useful to develop both the Mac and iOS-based devices (iPhone/iPad/Apple Watch) overlap a lot. We're talking about both hardware/industrial/physical design and software development here. The main exceptions to this are their cloud services and their chip/soc development.
Share this story
Delete

About the PPK talk and tweet

1 Comment and 5 Shares

Yesterday I attended a talk at a tech meetup here in Amsterdam by Peter-Paul Koch — during which I tweeted a photo of one of his slides:

This tweet has gotten quite a lot of attention — mostly negative — and I’d like to give some much-needed context.

PPK’s talk was about the problems he sees in with modern front-end web development. Problems for developers, problems for users, and problems for the web in general. It was more than an hour long and covered many topics, weaving in his rich knowledge of web-development history. Some opinions he articulated:

  • Web developers have become overly focused on emulating native mobile apps, when in fact they should focus on the strengths of the web. Sort of by definition, a website will never be as performant as a native app, given native apps speak directly to an OS while websites always have the browser as middleman — barring some significant technical shifts. So it’s an unattainable goal.
  • Modern front-end libraries and frameworks have become overly complicated, with so many abstractions and so much tooling that it’s very difficult for developers, especially beginners, to hold it all in their heads. He cited the brilliant How it feels to learn JavaScript in 2016 by Jose Aguinaga.
  • Relatedly, browser vendors should have a year-long moratorium on adding new features. (See also his blog post on this.)
  • Modern front-end libraries and frameworks encourage a style of development that punishes people on underpowered/mobile devices and slow connections. In many cases, he argued, there’s no reason to pull in hundreds of kilobytes of JavaScript, or naively traverse the entire DOM for the sake of developer convenience (he gave the example of Angular here), when doing it at a lower level of abstraction would perform better and might also result in less code that’s easier to reason about.
  • Developers who come to front-end work from back-end work often underestimate how difficult it is to be a front-end developer. Web browsers — with competing standards, implementation differences and browser bugs — are the “most hostile development environment in the world.” The key to being a front-end developer is to embrace that. In fact, certain Computer Science Best Practices, such as the DRY principle, don’t necessarily apply in front-end work (e.g., when practicing progressive enhancement, you develop the same thing twice).
  • A key distinction of front-end web programming is that users download your code when visiting a web page, which means users get “punished” if your code is bloated. This is different from back-end web programming, where it doesn’t matter nearly as much which tools you use as long as the network request is served quickly enough.

I’m working from memory, so I hope I did PPK’s opinions justice here. It was a fantastic, thought-provoking talk. I assume video, or at least the slides, will be posted online soon — and I’ll update this post with links when that happens.

Which brings me to my tweet. One of PPK’s slides said: “If you can’t do without tools you’re not a web developer.” In context of the presentation, this was already a controversial statement. Out of context, it’s absolutely incindiary (and, frankly, a bit nonsensical).

I regret tweeting this photo. It was clearly out of context, and I should have either used a different slide or waited until the video was posted. I hope the context here helps explain it.

Many people saw that slide, interpreted it at face value, and tweeted sarcastic responses such as “If you can’t put in a nail without a hammer, you’re not a carpenter.” They took it way too literally, suggesting PPK was telling us to cease using all tools, code in assembly, or otherwise be luddites. Obviously this is nonsense.

Other people took issue with drawing lines in the sand, saying it’s counterproductive (and can scare away beginners) to make exclusionary statements like this. I agree. Saying “You’re not a real X unless Y” is the wrong way to make the point. The arbitrary distinction of “Real Programmers” (versus, uh, not-Real Programmers?) is a disease of our profession.

In fact, regarding beginners, one of PPK’s most salient points was that the modern front-end development landscape is so complex that it’s impenetrable to newcomers. If I were starting web development today, I’d be terrified by the complexity — and probably give up. The aforementioned Jose Aguinaga post illustrates this brilliantly.

My interpretation of PPK’s slide, having seen the entire presentation, was simply this: web developers should have knowledge of what’s happening behind the scenes, so that they can use their tools more effectively. This, I agree with. If you blindly use a 20K library that traverses the entire DOM on every page load, in a situation where five lines of vanilla JavaScript would have done the same thing, you’re adding unnecessary strain on your users and possibly unnecessary strain on your development team. (That assumes “unnecessary strain” is a bad thing for your particular project/work.)

I’ve always thought the same about Django, by the way. Take, for example, the Django ORM. I think developers ought to have an understanding of SQL — the advantages, the limitations, the dos and don’ts — before they jump into using an ORM. That doesn’t mean everybody needs to write their own ORM, or always use raw SQL (two strawman arguments people have been making repeatedly in response to this tweet) — it just means they should have a basic understanding of what’s happening. Not enough to be a DBA, just enough to not make poor decisions.

Read the whole story
rafeco
160 days ago
reply
acdha
161 days ago
reply
Washington, DC
Share this story
Delete
1 public comment
wmorrell
160 days ago
reply
It's not just web. Same as with Django ORM or Hibernate mentioned, you should have some idea of the SQL being generated. And for general programming, you should have some idea about big-O, malloc, threads, processes, filesystems, etc even if your code never directly uses any of them. Because your code will *always* be impacted by those indirectly. Not knowing about those and leaning on tooling to handle it makes you a dabbler, throwing random code at a problem until something sticks.

Open Whisper Systems >> Blog >> There is no WhatsApp 'backdoor'

1 Share

Today, the Guardian published a story falsely claiming that WhatsApp's end to end encryption contains a "backdoor."

Background

WhatsApp's encryption uses Signal Protocol, as detailed in their technical whitepaper. In systems that deploy Signal Protocol, each client is cryptographically identified by a key pair composed of a public key and a private key. The public key is advertised publicly, through the server, while the private key remains private on the user's device.

This identity key pair is bound into the encrypted channel that's established between two parties when they exchange messages, and is exposed through the "safety number" (aka "security code" in WhatsApp) that participants can check to verify the privacy of their communication.

Most end-to-end encrypted communication systems have something that resembles this type of verification, because otherwise an attacker who compromised the server could lie about a user's public key, and instead advertise a key which the attacker knows the corresponding private key for. This is called a "man in the middle" attack, or MITM, and is endemic to public key cryptography, not just WhatsApp.

The issue

One fact of life in real world cryptography is that these keys will change under normal circumstances. Every time someone gets a new device, or even just reinstalls the app, their identity key pair will change. This is something any public key cryptography system has to deal with. WhatsApp gives users the option to be notified when those changes occur.

While it is likely that not every WhatsApp user verifies safety numbers or safety number changes, the WhatsApp clients have been carefully designed so that the WhatsApp server has no knowledge of whether users have enabled the change notifications, or whether users have verified safety numbers. WhatsApp could try to "man in the middle" a conversation, just like with any encrypted communication system, but they would risk getting caught by users who verify keys.

Under normal circumstances, when communicating with a contact who has recently changed devices or reinstalled WhatsApp, it might be possible to send a message before the sending client discovers that the receiving client has new keys. The recipient's device immediately responds, and asks the sender to reencrypt the message with the recipient's new identity key pair. The sender displays the "safety number has changed" notification, reencrypts the message, and delivers it.

The WhatsApp clients have been carefully designed so that they will not re-encrypt messages that have already been delivered. Once the sending client displays a "double check mark," it can no longer be asked to re-send that message. This prevents anyone who compromises the server from being able to selectively target previously delivered messages for re-encryption.

The fact that WhatsApp handles key changes is not a "backdoor," it is how cryptography works. Any attempt to intercept messages in transmit by the server is detectable by the sender, just like with Signal, PGP, or any other end-to-end encrypted communication system.

The only question it might be reasonable to ask is whether these safety number change notifications should be "blocking" or "non-blocking." In other words, when a contact's key changes, should WhatsApp require the user to manually verify the new key before continuing, or should WhatsApp display an advisory notification and continue without blocking the user.

Given the size and scope of WhatsApp's user base, we feel that their choice to display a non-blocking notification is appropriate. It provides transparent and cryptographically guaranteed confidence in the privacy of a user's communication, along with a simple user experience. The choice to make these notifications "blocking" would in some ways make things worse. That would leak information to the server about who has enabled safety number change notifications and who hasn't, effectively telling the server who it could MITM transparently and who it couldn't; something that WhatsApp considered very carefully.

Even if others disagree about the details of the UX, under no circumstances is it reasonable to call this a "backdoor," as key changes are immediately detected by the sender and can be verified.

The reporting

The way this story has been reported has been disappointing. There are many quotes in the article, but it seems that the Guardian put very little effort into verifying the original technical claims they've made. Even though we are the creators of the encryption protocol supposedly "backdoored" by WhatsApp, we were not asked for comment.

Instead, most of the quotes in the story are from policy and advocacy organizations who seem to have been asked "WhatsApp put a backdoor in their encryption, do you think that's bad?"

We believe that it is important to honestly and accurately evaluate the choices that organizations like WhatsApp or Facebook make. There are many things to criticize Facebook for; running a product that deployed end-to-end encryption by default for over a billion people is not one of them.

It is great that the Guardian thinks privacy is something their readers should be concerned about. However, running a story like this without taking the time to carefully evaluate claims of a "backdoor" will ultimately only hurt their readers. It has the potential to drive them away from a well engineered and carefully considered system to much more dangerous products that make truly false claims. Since the story has been published, we have repeatedly reached out to the author and the editors at the Guardian, but have received no response.

We believe that WhatsApp remains a great choice for users concerned with the privacy of their message content.

Read the whole story
rafeco
188 days ago
reply
jdelic
186 days ago
Just like Apple's central iMessage key directory, this effectively introduces a clear path for law enforcement to tap WhatsApp conversations with minimal user warning. In case of iMessage there is no warning and in case of WhatsApp there is no warning by default. In both cases past conversations can likely not be retrieved by the attacker. In both cases a national security letter and gag order in the US or equivalent mechanisms in other countries would make it illegal for WhatsApp/Facebook or Apple to admit such requests exist. It's not exactly a backdoor, but it is a design weakness that potentially tapped conversations are not clearly marked as such and potentially incriminating content is transmitted regardless. However, it must be mentioned that in most cases, the pure metadata of who communicates with whom and when, is already sufficient and this data can be siphoned off in bulk.
Share this story
Delete

About Those Folders

1 Comment and 13 Shares

As you surely know, the stars of Donald Trump’s recent press conference were what looked like hundreds of file folders full of papers, which both Trump and his lawyer, Sherri Dillon of Morgan Lewis, said were “just some” of the paperwork involved in turning over Trump’s stuff to his sons to solve conflict-of-interest problems.

I don’t want to address here whether the legal plan they have described actually would solve conflict-of-interest problems, except that to the extent I understand what that plan is, I find the claim that it might solve those problems hilarious. But what I want to address is the equally burning question, to me, of whether there was actually anything in those folders other than blank paper.

There was not.

Again, both Trump and Dillon said there was. According to the transcript:

  • Trump: “these papers are just some of the many documents that I’ve signed turning over complete and total control to my sons” (that’s the hilarious part).
  • Dillon: “Here is just some of the paperwork that’s taking care of those actions.”
  • Trump again, at the end: “So this is all—just so you understand, these papers—because I’m not sure that was explained properly. But these papers are all just a piece of the many, many companies that are being put into trust to be run by my two sons….”

Again, hilarious! But on to the mysterious papers.

Other than the statements above, to my knowledge there is no direct evidence as to what those folders contained. That is, we can see they contained sheets of paper, but the question is whether anything was printed on the paper. That we do not know, because despite the folders having center stage at the press conference—literally; the podium was off to the side a bit—no one outside the Trump team was allowed even a glance inside them. In the absence of direct evidence, or an admission, the claim that the papers were blank remains “unproven,” as Snopes.com says in its report on this. So there’s that.

But while “circumstantial” is sometimes used as a synonym for “weak,” the fact is that people are convicted all the time based on circumstantial evidence. Sometimes those people are even guilty. And here, as far as I’m concerned the circumstantial evidence only allows one conclusion.

First: they didn’t let anybody see inside the folders. You would not expect them to display anything privileged, of course, but the implication was that these were documents Trump signed for business purposes, and presumably at least some would be for public filing and so not privileged. Even if every document were privileged, it wouldn’t breach the privilege to hold up a document and riffle through it just to show skeptical reporters it had some writing on it. (You couldn’t hold it still or some jackass like me would take a screenshot.) The complete refusal to allow even a glance at any document is therefore very suspicious.

Second, as many have pointed out, none of the visible folders have a label or any sort of mark on them, not even a Post-It or other sticky note, and in fact they look quite pristine. As a practicing lawyer, I can tell you that we do not keep documents in unmarked manila folders, at least if dealing with more than a few. It seems highly unlikely that Morgan Lewis has large stacks of manila folders sitting around in its offices, and if somebody needs a particular document the only way to find it is for somebody to go through the whole stack until they get lucky.

Third, no writing or any other sort of mark can be seen on any of the papers themselves. I did not think this was conclusive, though, because as far as I know no more than a fraction of any page was visible. Maybe they just use really big margins. Also, one report speculated that these were unlikely to be legal documents because they clearly aren’t on legal-sized paper. But there’s no rule saying you have to use legal-sized paper for anything. I haven’t used it willingly ever, and I hate it, because it’s stupid. Why is it longer? If long paper is somehow better, why aren’t we still using scrolls? But anyway, this is not conclusive either.

Fourth, here’s what is conclusive, to me: none of the pages, so far as I can tell, have been stapled together. Many individual pages are individually aligned. This makes it impossible that a lawyer or anyone else at a law firm has been using these documents. They are unstapled.

Even if you did use the stacks-of-unlabeled-file-folders system of organization, and you don’t, there is no way in hell any lawyer would fail to bind together the pages of even a written draft, let alone a final document your client is supposedly going to sign in order to make major business changes. You don’t just print out all the pages of multiple documents and stick them in a binder, or leave them in a stack. Nor would you use a mere binder clip (a few of those are visible) for final documents. Never. These things are not done.

[Update: someone has just reminded me that a stack of any significant number of legal documents will virtually always exhibit “stack tilt” because of the cumulative effect of page fasteners. That is, the upper-left corner of such a stack is always higher. This is further evidence that Trump’s “legal documents” were unstapled, which, again, is compelling evidence they were all blank. I should also say that Sherri Dillon so far has not responded to my email asking for comment on the alleged blankness of the pages, although that is not at all surprising.]

In short, the circumstantial evidence is overwhelming that somebody on the Trump team created fake stacks of documents to which the president-elect could point when talking about his conflict-of-interest plan. (And it was an amateur—an expert would do a much, much better job.) This doesn’t mean there are no such documents, of course. Probably are, somewhere. But they weren’t in those folders.

So now you know.

Read the whole story
popular
188 days ago
reply
rafeco
188 days ago
reply
acdha
189 days ago
reply
Washington, DC
Share this story
Delete
1 public comment
wreichard
188 days ago
reply
This is what we have to do now.
Earth
WorldMaker
188 days ago
No, this is what they want us to do now. Complaints about the circus of fake documents distract from the original question: what does Trump plan to do about questions of conflict of interest? All the jokes and detailed analyses about blank pages simply distracts from that. It's not even good sleight of hand.
wreichard
188 days ago
To a large extent I agree and tend to look at a story like this as a break from the unrelenting sadness I feel that a guy with decades of known ties to Russian mobsters--among many other flaws--is apparently going to sail right into the Oval Office. Sadly, I think fighting is required at many levels. He does produce quite the blizzard of chaff.
WorldMaker
188 days ago
I certainly don't have any good answers for how to deal with all of this. I do think that we need to find better ways to take the circus out of all of this, but I don't know how to do that without a very hard reboot of our media (news, social, entertainment, all of it) and I have little hope that that is even possible. I'm trying to do what I can to distance myself from the circuses (and yeah, that means missing out on "breaks" from the darker questions), but I don't yet know how to help other people to do that, other than be the cynical, grizzled figure in the background of a terrible film constantly repeating dumb variations on "Don't focus on that! The real bad guy is getting away."

‘No One Ever Went Broke Taking a Profit’

1 Comment and 2 Shares

Andy Orin interview with Jason Fried, for Lifehacker’s “This Is How I Work” series:

What’s your favorite to-do list manager?

I don’t track to-dos. I have a small handful of things I know I need to do every day. If I can’t keep them in my head, I have too many things to do. Every day is a blank slate for what I need to do. If something I was supposed to get done yesterday didn’t get done yesterday, it’s not automatically on my mind for today. Today’s mind is a clear mind, not yesterday’s remnants.

That wouldn’t work for me — I literally need to write down the stuff I want to do every day, or I’ll forget something — but I love the mindset.

This is good advice too:

I’m a one-computer guy — a 12-inch MacBook, so I can work from anywhere. Years ago I used multiple monitors and had multiple computers. Then I jettisoned multiple computers but kept the multiple monitor setup. And a few years ago I tossed out the second monitor and have been a single computer, single screen person since then. I go full screen on nearly every app. I also hide my dock. I don’t want anything pulling my attention away. When I’m curious I’ll look. Otherwise, I’m looking at what I want, not what someone else might want me to see.

I can’t stress this enough — protect your attention like you protect your friends, family, money, etc. It’s among the most valuable things you have.

Read the whole story
rafeco
205 days ago
reply
This time management strategy works incredibly well when you're the boss and everybody has to work around you.
jpohhh
205 days ago
As I've gotten older I've realized how true that is for most everything the 37 Signals folks put out there. I'm glad it works for them, but it feels unseemly now that it's clearer their cultural caché is based on people with less experience working in tech.
axlekb
205 days ago
Wow. Couldn't disagree with you guys more. Focusing on too many things is focusing on nothing at all. Too much noise dilutes the product.
jkevmoses
205 days ago
I agree with rafeco. Especially in an office environment. If you become the subject expert on something drive by's are inevitable. The "I hate to bother you" start to a conversation is an ominous sign that what you were working on just got pushed out of priority for a time ;)
digdoug
205 days ago
@axlekb: That's true, but when you cannot control what needs your focus, you're an employee.
davelevy
204 days ago
@axlekb Agree that too much noise dilutes the product - but unless you are single individual with no outside forces on your life, you don't always get to choose what you focus on. The only time that you get to choose everything you are a responsible is when you live on an island by yourself. And at that point survival is at the top of your list - you don't really need a to do manager. That said being able to focus on a minimal number of items to get them fully to completion is a good way to make sure they are done and most likely not come back.
Share this story
Delete

★ Regarding Uber’s New ‘Always’ Location Tracking

1 Comment and 2 Shares

Uber’s iOS app recently changed its location-tracking from “When using the app” to “Always”. The company says they’re only doing it for five minutes after a ride ends, to see where passengers go. They’re trying to improve the accuracy of where passengers get dropped off.

Michael S. Fischer is alarmed by this:

As you know, iOS allows users to control how apps can access the user’s location. There are three choices: “Always,” “When using the app,” or “Never.” These are reasonable options. Some users might never want an app to have access to their location. Others might have a strong trust relationship with the app and its authors and allow the app always to track them.

Most of us, though, fall into the middle camp: We want to allow apps to use our location for the purpose of providing a service, but want to control our privacy when the app or its authors cease doing business with us. So what we’re asking is simple:

Don’t allow app developers to disable the “when using the app” Location privacy option.

It’s simply unnecessary for Uber or others to track us when the app isn’t in use. How do we know this? Because these apps worked adequately before they disabled this option. We were able to meet our drivers by opening the app, finding our location, and hailing a driver. We gave them enough information to get the job done, and we were satisfied with the results.

Few people are more skeptical about Uber than I am. Just last week I linked to a scathing report on Uber’s internal privacy problems.

iOS does not give users the fine-grained control over apps’ location-tracking privileges that Fischer is asking for, but it does give us a way to verify that Uber is only using its “Always” privilege the way it claims to be — for five minutes after a ride ends.

Go to Settings → Privacy → Location Services and take a look at the list of apps. If Uber has checked your location recently, an indicator will appear in the list — purple if it checked “recently”, gray if in the last 24 hours. I’ve been checking this every few days ever since Uber changed its location-checking privilege, and it has never once shown any sign of misuse.

I don’t trust Uber. But we can collectively verify that in this case, they’re doing exactly what they say they’re doing.

Read the whole story
rafeco
214 days ago
reply
Share this story
Delete
Next Page of Stories