Tonight I learned that a great mentor, brilliant poet, and staunch feminist, Marilouise Kroker, died earlier this year. She remains deeply influential in how I approach the world as an academic and a person. Words cannot express how much she will be missed.
Aggregate IQ executives came to answer questions before a Canadian parliamentary committee. Then they had the misfortune of dealing with a well-connected British Information Commissioner, Elizabeth Denham:
At Tuesday’s committee meeting, MPs pressed Silvester and Massingham on their company’s work during the Brexit referendum, for which they are currently under investigation in the UK over possible violations of campaign spending limits. Under questioning from Liberal MP Nathaniel Erskine-Smith, Silvester and Massingham insisted they had fully cooperated with the UK information commissioner Elizabeth Denham. But as another committee member, Liberal MP Frank Baylis, took over the questioning, Erskine-Smith received a text message on his phone from Denham which contradicted the pair’s testimony.
Erskine-Smith handed his phone to Baylis, who read the text aloud. “AIQ refused to answer her specific questions relating to data usage during the referendum campaign, to the point that the UK is considering taking further legal action to secure the information she needs,” Denham’s message said.
Silvester replied that he had been truthful in all his answers and said he would be keen to follow up with Denham if she had more questions.
It’s definitely a bold move to inform parliamentarians, operating in a friendly but foreign jurisdiction, that they’re being misled by one of their witnesses. So long as such communications don’t overstep boundaries — such as enabling a government official to engage in a public witchhunt of a given person or group — these sorts of communications seem essential when dealing with groups which have spread themselves across multiple jurisdictions and are demonstrably behaving untruthfully.
I’ve been slowly listening through The Heart, which is a podcast of personal documentaries and essays. The episode ‘No: Inheritance‘ is a hard listen: it’s the sound of saying, and ignoring, the word “no”‘. The episode is a re-telling of two cases where the host’s utterances were ignored; one is dramatized, the other a recording of the event.
Throughout the episode the host ruminates on what consent is, and was, and how it was understood, and why her consent was ignored. It digs into the anger, shame, and strategies that she and other women adopt in response to men ignoring the word “no”. It sketches out why some women just let things continue and the mental traumas that follow.
These are the kinds of stories that men need to hear. They need to sit and listen, carefully, so that they can appreciate the concerns and traumas that many women have either experienced themselves or worry about experiencing in the future. It’s episodes like this that make it very clear how important it is to regularly obtain consent and to respect the decisions that are made by one’s partner regardless if they’re a partner for a night or for the rest of your life.
GQ has a good interview with Yvon Chouinard, the founder of Patagonia. It’s far-ranging, covering the company’s attitude to making clothing, to climate change, to politics. But what really struck me was this:
Gradually, the conversation went even darker. About Trump, Chouinard added, “It’s like a kid who’s so frustrated he wants to break everything. That’s what we’ve got.” I asked sarcastically if any part of him was an optimist. Marcario, sitting next to him, laughed loudly. “Did you just ask Yvon if he’s an optimist?” Chouinard smiled and cocked his head. “I’m totally a pessimist. But you know, I’m a happy person. Because the cure for depression is action.”
I would note that I think action is the cure for pessimism, as opposed to depression; one is a state of mindset whereas the other is often a serious mental condition that can require professional assistance. But that nitpick aside, I think he’s correct that you press through pessimism by acting to make the world a little bit better every day than how you started it.
John Gruber is ripping into the Wall Street Journal for their reporting on Apple Pay. Specifically, he complains that the Journal didn’t explain how to remove an alert that is meant to encourage people to set up Apple Pay, agrees that Apple has done a bad job explaining how Apple Pay is more secure than using an actual credit card, and mocks an analyst’s comparison to Apple Pay to Microsoft’s antitrust cases in the 1990s and early 2000s.
I agree with a lot of what John wrote but, at the same time, think that it’s all too easy to dismiss complaints about Apple Pay. I work amongst an incredibly technical group of colleagues. Many of us have iPhones. But I’m the only person who uses Apple Pay with any regularity…and I’ve run into issues time after time. Let me list some of the problems I’ve experienced:
- I tried to return an item I bought using Apple Pay (linked to my credit card). But when I returned it the credit card number displayed on the receipt was different from that on my credit card…so the retailer refused to take the return.1 It was only after I undertook some independent research that I figured out how to pull up the temporarily assigned number in Apple Pay and, then, additional time to educate the frontline staff, the manager, and then wait for the manager to call central office to confirm they could process the return. Time to return a product to a store that was down the street from me? About 3-4 hours split over 2 days. I wouldn’t have the same issue if I’d just bought the item with my physical credit card.2
- Apple Pay doesn’t work as reliably with tap-enabled Point of Sale machines. I’d say that I have about an 85-90% ’hit’ rate with Apple Pay versus using the tap feature of my credit card. That makes Apple Pay less convenient than a tap-enabled credit card or debit card.
- Various Point of Sale machines have disabled tap and force me to use one of my chip/PIN cards. This is typically done in restaurants or retail locations where either they can’t afford to fix their Point of Sale machine or refuse to pay to enable the feature (or simply haven’t upgraded their machines to accept tap payments). So I have to carry my regular credit card and debit card with me, wherever I go, on the basis that I can’t trust that I can use Apple Pay at any given location.
- Sometimes Apple Pay just doesn’t work. I have no idea what the problem is but there are times where I just have to remove the cards and re-add them to Apple Pay. I don’t know why this takes place but it happens at least once a year. And I find out about it when I’m trying to pay for something. I don’t have this problem with my credit card.3
Do I like Apple Pay? I do, actually, and I use it a lot. But I’m willing to deal with the above teething issues as an early adopter. Security is fine and good, but for the majority of people usability is the most important component of using a product. And Apple Pay remains, in my eyes, only mostly-usable. It needs to be a lot more reliable before it is adopted by the mainstream.
- I know: this is a security feature (one I love!) but it’s a feature that’s been introduced without an equally clear explanation of how to find the temporarily used number. This education needs to happen at both the end-user and retailer level. ↩
- And I have no clue what you’d do if you lost your phone or it was stolen between the time of purchasing an item with Apple Pay and wanting to return it. ↩
- To be fair, I have to replace my debit card (rarely used either as the card or in Apple Pay) approximately every six months because it just stops working. But this hasn’t ever happened with my credit card, which is my primary way of paying for everything. ↩
I really love the social media billboards that Mike Campau has created. Just stunning pieces to look at while providing always-needed critical introspection of social media services themselves.
An update by Ars Technica on Cellebrite’s ability to access the content on otherwise secured iOS devices:
Cellebrite is not revealing the nature of the Advanced Unlocking Services’ approach. However, it is likely software based, according to Dan Guido, CEO of the security firm Trail of Bits. Guido told Ars that he had heard Cellebrite’s attack method may be blocked by an upcoming iOS update, 11.3.
“That leads me to believe [Cellebrite] have a power/timing attack that lets them bypass arbitrary delays and avoid device lockouts,” Guido wrote in a message to Ars. “That method would rely on specific characteristics of the software, which explains how Apple could patch what appears to be a hardware issue.”
Regardless of the approach, Cellebrite’s method almost certainly is dependent on a brute-force attack to discover the PIN. And the easiest way to protect against that is to use a longer, alphanumeric password—something Apple has been attempting to encourage with TouchID and FaceID, since the biometric security methods reduce the number of times an iPhone owner has to enter a password.
This once again confirms the importance of establishing strong, long, passwords for iOS devices. Sure they’re less convenient but they provide measurably better security.