Tech Brew Ride Home - Tues. 03/10 - Hold Me Closer, Tiny iPhone

Episode Date: March 10, 2020

A leaked version of Apple’s iOS 14 reveals a treasure trove of details about an upcoming iPhone and iPad, augmented reality software, and tracking tags; an analytics company has secretly operated VP...N and ad-blocking apps and gathered data from tens of millions of users without proper disclosure, a company offering panopticon service to the state of Utah once developed disguised social-media scraping apps, Google adds quantum computing to its machine-learning open-source TensorFlow development kit, DoNotPay lets users share streaming and news logins, the latest on the coronavirus impact on the tech world, and things fall apart: political strife broke the knitting community at Ravelry. Sponsors Links: iOS 14 reveals iPhone 9 and updated iPad Pro details, new Apple TV remote, AirTags, more (9to5Mac) Apple developing new augmented reality app for iOS 14, testing Apple Store and Starbucks partnership (9to5Mac) Apple Watch Series 6 and watchOS 7 to include ‘Infograph Pro’ with tachymeter (9to5Mac) Apple Invents Foldable iPad and iPhone that could enter a ‘Joint Operating Mode’ Similar to Microsoft’s Surface Neo (Patently Apple) Popular VPN And Ad-Blocking Apps Are Secretly Harvesting User Data (BuzzFeed News) Twitter thread from Will Strafach on Sensor Tower apps (Twitter) Surveillance Firm Banjo Used a Secret Company and Fake Apps to Scrape Social Media (Motherboard) Announcing TensorFlow Quantum: An Open Source Library for Quantum Machine Learning (Google AI Blog) Google launches TensorFlow Quantum, a machine learning framework for training quantum models (VentureBeat) DoNotPay Chrome browser extension (Chrome Web Store) Now you can share your Netflix account just by sending a link (Fast Company) How to clean your Apple products (Apple) All but four of Apple’s stores in mainland China have reopened after coronavirus shutdown (CNBC) Silicon Valley is effectively on lockdown over coronavirus (Cnet) Amazon Tells New York and New Jersey Employees to Stay Home Uber to offer drivers 14 days sick leave if they fall ill with coronavirus (CNN) Engineer Who Attended Cyber Event Contracts Coronavirus (Bloomberg News) How a ban on pro-Trump patterns unraveled the online knitting world (MIT Technology Review) Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcript
Discussion (0)
Starting point is 00:00:00 On April 4th, 2023, around 2 in the morning, a man was found stabbed multiple times on a sidewalk in downtown San Francisco. Hey, who did this to you? What happened next turned the story into a political firestorm. Reports have identified the victim as Bob Lee, the founder of Cash App. From Bloomberg Podcasts, this is Foundering, the Killing of Bob Lee, beginning April 16. Welcome to the TechMeme Ride Home for Tuesday, March 10th, 2020. Today, a leaked version of Apple's iOS 14 reveals a treasure trove of details about an upcoming iPhone and iPad, augmented reality software, and tracking tags.
Starting point is 00:00:49 An analytics company has secretly operated VPN and ad-blocking apps and gathered data from tens of millions of users without proper disclosure, a company offering Panopticon service to the state of Utah, once developed disguised social media scraping apps, Google adds quantum computing to its machine learning open source tensor flow development kit, do not pay lets users share streaming and news logins, the latest on the coronavirus impact on the tech world, and things fall apart. Political strife tears apart the knitting community at Ravelry. I'm Glenn Fleischman, in for Brian McCullough, and here's what you missed in the world of tech today. Details about a new iPhone, iPad Pro, watch, and Apple TV appeared in a leaked version of iOS 14,
Starting point is 00:01:37 obtained by the site 9 to 5 Mac. The early version of the next release of the operating system also painted a clearer picture about putative air tags, small tracking devices that Apple has been rumored to be in the process of making for some time. 9 to 5 Mac has a strong record in its sourcing, making its story quite credible. However, early OS releases often include elements
Starting point is 00:01:57 that don't make it into the final releases if hardware isn't ready or is canceled before release or if software features are pulled or delayed. The site found traces of an app, called Gobee, which would provide more integrated support for augmented reality or AR all in one place. This seemingly included hooks needed for Apple's rumored AR headset. Third parties would be able to tap into the features too, and Apple is apparently trialing the software kit with Starbucks. On the hardware side, there may be a replacement for the iPhone SE.
Starting point is 00:02:27 Apple pushed out the 4.9-inch iPhone SE as a late successor to its small format earlier models in March 2016, after only releasing larger phones, Apple's only updated the SE's storage capacity since. It stopped selling it new in September 2018. 2019 went by without a new version, disappointing many people who have apparently held on to an iPhone SE or an earlier small phone, even as iOS has left them behind. 9 to 5 Mac says an iPhone SE update called either the iPhone 9 or SE2 was scheduled to appear this month,
Starting point is 00:02:59 though the coronavirus spread could delay that. A new minor update to iOS 13 would be required, but the site found code referring to the iPhone 9 in iOS 14. One of the carrots for older iPhone users to update would apparently be Express Transit, a contactless payment option on all iPhones starting with the iPhone 6S and included in the SE, in which you can enable it and then pay on supporting transit systems like Transport for London without performing any unlock operation. This early version of iOS 14 also reveals a new iPad Pro model, that would include a three-camera array like that found on iPhone 11 Pro models,
Starting point is 00:03:36 but also with a time-of-flight sensor, which samples the distance of moving objects by bouncing light off them. It's useful for augmented reality. Many sources have said that Apple has had device tags under development. That includes in testimony in front of Congress about Apple's alleged trust-like behavior from the company Tile, which has made Bluetooth-based tag trackers for some time. Apple quietly built ultra-wideband or UWB wireless technology
Starting point is 00:04:00 into its iPhone 11 models, a technology at one point slated to be used for personal area networking and incorporated into Bluetooth. While it didn't meet that bar years ago, Apple is using the latest generation both for its low power and its ability to identify items in a space. That ability started just with other iPhone 11 models, but air tags are apparently set to rely on UWB as well. This would limit their use to newer phones, of course, but Apple has never shied away from providing reasons to upgrade hardware to work with other new hardware software. These sensors would also tie into the AR features noted earlier. Airtag's work with the companies Find My Technology,
Starting point is 00:04:36 ostensibly including its secure crowdsourcing feature that lets Apple devices that can't reach the internet, broadcast an encrypted code that other Apple users' devices nearby pick up and relay. A similar feature has been part of the tile system for people with the tile app installed for over five years. But with relatively few tile users, the feature isn't as effective as a billion iPhone and iPad owners.
Starting point is 00:04:58 Also revealed as more confirmation of a new Apple TV model, as well as, GASP, a potential replacement for the awful Siri remote that Apple has remained shockingly committed to since its introduction, despite its terrible usability. Listeners, raise your hand if you own one and you rotate and press the bottom instead of the touch surface at least once a day? Let me count. That's everyone. All right. Still, other disclosed features from the leaked OS release are details of two upcoming watchOS releases which will add sleep tracking, parental management of kids' watches,
Starting point is 00:05:32 and blood oxygen level detection with a watch series 4. In related Apple hardware news, Patently Apple noted that the U.S. Patent and Trademark Office published a new patent from Apple today that seems to foretell the company's notion of a foldable computer. The patent describes two devices that, in close proximity, potentially magnetically connected, would shift into a joint operating mode
Starting point is 00:05:53 in which hardware and computational power of each device are pooled and images could span two displays. A widely used analytics platform, Sensor Tower, has been fingered in an investigation by BuzzFeed News's Craig Silverman as secretly collecting massive amounts of data from people who installed virtual private network or VPN apps and ad-blocking apps in Android and in iOS. Silverman wrote that the apps don't disclose their connection to Sensor Tower,
Starting point is 00:06:25 nor that the data is sent to the company's platform. The apps represent over 35 million downloads. These data transfers are seemingly in violation of both Apple and Google policies about disclosure and information gathering. BuzzFeed noted that, quote, sensor tower's app intelligence platform is used by developers, venture capitalists, publishers, and others to track the popularity, usage trends, and revenue of apps, end quote. The company admitted ownership to BuzzFeed and stated that the apps only collect anonymized, non-sensitive data at its head of mobile insights said, quote, the vast majority of these apps listed are now defunct, inactive, and a few are in the private. of sun setting, end quote. However, Silverman noted that many apps aren't available because they were polled from Google Play and the Apple App Store. In reporting the story, Apple removed Adblock
Starting point is 00:07:11 Focus and said it's investigating Luna VPN. Google said it was investigating. As I record this, Luna VPN remains on the Apple App Store. Buzzfeed says the recently active apps include ones called Free and Unlimited VPN, LunaVPN, Mobile Data, and Ad Block Focus. In response to the story, security researcher Will Strafak, known as Atronic on Twitter, posted a thread in which he highlighted his exposure of these issues in the apps in June 2019 on Twitter
Starting point is 00:07:38 and screen captures of a security submission he had made to Apple on June 4th, 2019, about several of these apps, which BuzzFeed and Straffack separately found were related through information embedded in the code, including developer identifiers. Straffack is the head of the company that makes
Starting point is 00:07:54 Guardian Mobile Firewall, a VPN and tracker blocker that is designed to capture no information about users at all. Strafack and colleagues regularly released security research garnered from their dissection of apps. The sensor tower apps are particularly insidious because they prompt users after installation to download and approve a route certificate.
Starting point is 00:08:14 This route certificate allows the company's apps to override and intercept HTTPS sessions originating from the device by acting as an approved man in the middle. HCTPS is now widely used for routine purposes like reading news, but also to send medical, legal, and financial data among many other private uses. Remember, if you don't pay for a product, you are the product. Hey, that's not the only company engaged and unwanted interception of data
Starting point is 00:08:45 via seemingly innocuous apps disclosed in the last day. At Motherboard, reporters reveal that a set of apps targeted at social media actually were designed to scrape information from users and potentially feed it to an artificial intelligence company that works with law enforcement. Banjo is the company, and it released apps that include One Direction fan app, EDM, fan app, and Formula Racing app, Motherboard reported, released by a company secretly ran called Pink Unicorn Labs. Most were on Google Play, but at least one app was available
Starting point is 00:09:14 for iOS. The company was recently in the news for its contract with the state of Utah that lets it acquire massive amounts of government-run video feeds to provide what it says will be real-time alerts to police of crimes. While the apps found aren't currently active, they were removed in 2016 from Google Play, Motherboard spoke to several former employees under the guarantee of anonymity, and reported that the apps asked users to sign into accounts on other social media. Exactly what and how it all worked is unknown. Quote, there are several ways these apps could have scraped social media, perhaps by sending the saved login token to a server for Banjo to use later, or by using the app itself
Starting point is 00:09:52 to scrape information, but it is not totally clear which method Banjo used because the API that the apps connected to is no longer live. End quote. Tellingly, one source who was connected with Banjo said that when the Cambridge Analytica scandal broke about that company's massive exfiltration of user data from Facebook, quote, the mood was apocalyptic, end quote.
Starting point is 00:10:13 Banjo didn't provide comment to motherboard on what it found. Google didn't confirm why the apps were removed in 2016. Twitter said it had found a violation by Banjo in 2017 but didn't offer details. Facebook said it's investigating. With all the stressful news involving tech, you can take some solace about an interesting advance from Google. It's released TensorFlow Quantum, free open source software that enhances its machine learning toolkit,
Starting point is 00:10:40 TensorFlow. First available in 2015, TensorFlow provides developers relatively easy access to sophisticated deep neural network algorithms, allowing them to focus on the specific data set and problems at hand instead of reinventing the wheel. TensorFlow Quantum intends to bring the same ease of testing apps destined for quantum computers, as is now available for conventional ones. where in the very early days of quantum computing in relative terms, these devices allow the superposition of all possible calculations and the collapse of those states to provide an outcome. This allows certain kinds of problems to be solved at rates absurdly faster than current
Starting point is 00:11:17 computational systems allow, and that trends indicate. There's some concern that certain popularly used encryption algorithms would fall instantly to the proper quantum code. However, writing code for quantum computing is still a new and complicated area. Machine learning algorithms tailored towards quantum computers could provide dramatic breakthroughs because of the speed. It might result in vast improvements in biomedical science and other arenas
Starting point is 00:11:40 in which machine learning is made inroads, but computational limits on training and processing are holding back development. TensorFlow quantum isn't a set of finished algorithms, but rather a framework in which AI researchers and developers can test out potential quantum machine learning models. This software allows simulating quantum calculations
Starting point is 00:11:58 on so-called classical computers and will ultimately move towards codes that can execute an actual quantum computing processors. Do Not Pay, made its name in automating the fight against unfair parking tickets, assisting you in canceling subscriptions, and in getting paid when companies illegally place automated calls to you. Now they're into sharing.
Starting point is 00:12:22 A new Chrome browser extension from the company released over the weekend lets you share the credentials of services and publications like Netflix, Hulu, Disney Plus, the New York Times, The Washington Post, and others without giving away your password. Instead, the extension grabs the login, token with your permission, unlike the apps mentioned earlier, and transfers that to up to five other people. Those people then use the extension which places the cookie on their browser without having to pass them the password. Do NotPay's extension lets you kill those sessions on shared
Starting point is 00:12:52 browsers, and most services also offer an option in your account to log out of specific or all active sessions elsewhere, which also makes the cookie-based token go defunct. This solves a problem of sharing accounts with roommates, romantic partners, and other friends, and wanting to revoke access without resetting the account password, the login token gets passed through an encrypted cookie, managed by the extension, and only decrypted by shared users
Starting point is 00:13:14 with the right credentials. They never see login details. The extension only works with browser tabs on desktop operating systems, so shared users have to use Chromecast, AirPlay, or other screen sharing techniques to watch on a TV set. Do not play ToldFast Company
Starting point is 00:13:29 that it had considered offering the option as a paid subscription service at $13 a month, but founder Joshua Browder told the publication that, quote, letting users monetize their subscriptions might have raised legal issues, but more importantly, it would have sullied the idea of account sharing as a communal act, end quote. I think the legal part is actually pretty significant.
Starting point is 00:13:49 There's also the ethical issue of paying for a service and violating the terms under which it's offered, tempered with the difficulty or ease that various services make in legitimately sharing subscriptions under their terms. Spotify, for instance, has a family plan that requires an ongoing, precise address verification step that's a bit triconian for a simple music service. Many services more reasonably limit the number of simultaneous sessions, block or flag logins from geographically far-distant locations, or require logging in with the account name and password if it detects something that doesn't pass a digital smell test.
Starting point is 00:14:21 If Do Not Pay Solution becomes too popular, of course, sites will implement checks, much like the recently stepped-up ad-blocking code that seems to have proliferated among content sites. A now roundup of news related to the coronavirus pandemic, You can get a daily summary of general virus-related news, by the way, by listening to Ride Home's Coronavirus Daily Briefing at Ridehome. Info. Breaking news shortly before I recorded this is that an engineer from Connecticut who attended the RSA Security Conference in San Francisco in February, quote, has tested positive for the coronavirus and is seriously ill with respiratory issues, end quote, according to Bloomberg News.
Starting point is 00:15:01 The 45-year-old man began having symptoms on February 28 and was hospitalized on March 6th. He's now in a medically induced coma. His identity has not been released. His wife told the news agency that her husband was predisposed for pneumonia due to an underlying heart condition. Over 36,000 people attended RSA and attendees were given hygienic advice and hand sanitizer dispensers were widely available. In other news, Apple says it's okay to disinfect your devices, but read its instructions
Starting point is 00:15:29 carefully. The company updated its cleaning fact yesterday, confusing people briefly. When the update was published, unpublished, and then republished, It seems stable for now. Apple notes that you can use a 70% isopropyl alcohol wipe or in a rare move of mentioning another brand name, Chlorox disinfecting wipes. It says wipe hard, non-porous surfaces gently. This includes your monitor, top of keyboard, and other surfaces. Do not use bleach. Do not get moisture inside. Do not submerge your products. Read more at Apple's site. Speaking of Apple, the company has now reopened 38 of its 42 stores in mainland China. It closed all stores in early February
Starting point is 00:16:06 and began reopening them slowly after February 9th. Chinese factories and workplaces are just starting to gear back up after closures, except in the most hard-hit areas. And it's unclear whether the peak of infections is over in China or a new wave will hit as people return to work in school. Over the weekend, Apple CEO told staff around the world, where possible, to work from home through March 13th this Friday, Apple has long resisted allowing telecommuting for most of its employees,
Starting point is 00:16:31 who may have little experience with the prospect of setting up for a solid day, work on their kitchen table or in a living room. Silicon Valley has a number of major shutdowns. Microsoft's CEO, Satchanadella, has encouraged employees both in the Seattle area, which has nearly 50,000 Microsoft employees, and around the San Francisco Bay Area and Silicon Valley to work from home as possible through March 25th. Facebook, HP, Intel, LinkedIn, Lyft, Twitter, and many others large and small have encouraged or pulled most workers to telecommute too. Uber said it would offer its drivers and delivery people up to 14 days of paid sick leave if they are diagnosed with coronavirus or are placed in quarantine, lifted and matched those terms but said
Starting point is 00:17:09 more loosely it would provide funds to drivers if they're diagnosed or put under quarantine by a public health agency. Amazon told its employees in New York and New Jersey to stay home, in addition to already authorizing or requiring that of workers in the greater Seattle area, where it employs over 40,000 people, and around San Francisco. Finally, politics and culture are tightly interwoven. That's true, not just in person, but with online communities. MIT technology reviews. walks us through the broken trust at Ravelry, a site devoted to knitting and crocheting that has 8.5 million registered users, 500,000 active ones, and 40,000 subgroups, and hasn't had a site design update since its 2007 launch. It's the Reddit of Raglan. It's not an apolitical
Starting point is 00:17:56 site, but discussions wind up being filtered into subgroups of like-minded people. 5,000 people were active in a Ravelry subgroup for the Women's March on Washington after the inauguration in 2017, which led to the popularization of the knitted pussy hats. But in January 2019, when one knitter posted a beanie design that spelled out, build the wall with a brick motif, people got angry. In June, after Trump announced his re-election, the same knitter posted a Keep America Great Cowl, which was flagged for hate speech. She was banned on June 21st, and then, quote,
Starting point is 00:18:26 support of Donald Trump and his administration, and, quote, were banned on June 23rd. Read the whole thing for a picture of society, knit small. I mean, writ small. Ritz small. And that's the news. I'm Glenn Fleischman in for Brian McCullough, who will be back tomorrow. You can find me on Twitter at Glenn F. That's GLE, E, double N, F like Frank, and you can find my how-to books on technology from Apple ID to Wi-Fi at take controlbooks.com. Thanks to the editors at TechMeme, who tweet out every headline, they post every hour of the day at TechMeme. It's a great way to keep current. Have a great evening.

There aren't comments yet for this episode. Click on any sentence in the transcript to leave a comment.