Skip to main content...

If I could only teach my non-technical friends two things about technology, I would encourage them to (a) learn the keyboard shortcuts for their most-used apps and (b) use RSS to read the news.

Speaking of RSS, Brent Simmons has finally finished rewriting NetNewsWire—the storied RSS reader for the Mac. You can pick it up for free, and even if you’re not sure what RSS is, check out the link because, again, it’s one of only two things I wish more people knew about.

NetNewsWire only supports syncing via Feedbin at the moment (Feedly support is being considered), but you can also use it as a standalone RSS reader—no account required. That’s what I’m doing, and it works great. An iOS app is forthcoming, which I’m excited about because for as terrible as desktop web news reading is, it’s 10x worse on mobile.

I like to measure products against the yardstick of what they set out to do. For me, NetNewsWire scores high on all marks. It’s fast, stable, and ultimately provides a small counterargument to the notion that we have to put up with website bloat, ad trackers, and algorithmically-powered social nonsense just to read the news.

Katie Notopoulos, Buzzfeed:

Let’s call this “boss email.” It’s defined by nearly immediate — but short and terse — replies. The classic two-word email.

I used to have a “Sent from my iPhone” signature, regardless of whether I was on my phone or laptop. Helped to keep things terse.

Robert McMillan, The Wall Street Journal:

“Over the last two years, we’ve shown Google irrefutable evidence again and again that they are displaying lyrics copied from Genius,” said Ben Gross, Genius’s chief strategy officer, in an email message. The company said it used a watermarking system in its lyrics that embedded patterns in the formatting of apostrophes. Genius said it found more than 100 examples of songs on Google that came from its site.

Starting around 2016, Genius said, the company made a subtle change to some of the songs on its website, alternating the lyrics’ apostrophes between straight and curly single-quote marks in exactly the same sequence for every song.

When the two types of apostrophes were converted to the dots and dashes used in Morse code, they spelled out the words “Red Handed.”

Hiding fake or secret data inside of protected works is relatively common practice. In cartography, map makers will include fake roads known as trap streets, and laser printers have long included tracking dots that let you trace any printed page back to the printer that created it. Wikipedia has a whole list of these fictitious entries.

Genius’ approach takes the cake for me though, because it involves punctuation and typography.

There are better people to explain the nuances and mess of Genius’ attempted enforcement of pseudo copyright over lyrics that don’t belong to them. (As Nick Heer says, Genius’ content is a mix of “best guess original transcription[s]” and artist-verified lyrics.) But ultimately, this points back to Google’s enormous control over the traffic, and often financial wellbeing, of sites whose content it decides to scrape and surface via Knowledge Panels or Featured Snippets.

Maciej Cegłowski:

Practical campaign security is a wood chipper for your hopes and dreams. It sits at the intersection of 19 kinds of status quo, each more odious than the last. You have to accept the fact that computers are broken, software is terrible, campaign finance is evil, the political parties are inept, the DCCC exists, politics is full of parasites, tech companies are run by arrogant man-children, and so on.

Putting aside the urge to fix these broken systems long enough to help people get work done is the great unsolved problem of campaign security. You will start out a descriptivist and end up a zealot, like I did. Trying to secure a modern campaign is like doing surgery with a scalpel made out of anthrax spores. At some point you will throw down the anthrax scalpel and say “this is impossible!”, as it disappears in a puff of lethal dust. But the patient still needs you!

Noble effort. Outstanding writing.

Getting regular people—let alone regular people who are also working for a political campaign—to spend any extra time on securing their digital accounts is a daunting task, but it makes for a deeply interesting story.

I think my main takeaway, security-related at least, was how malicious attachments are still a primary vector of attack. An email containing a spreadsheet titled “donor-list.xls” will almost certainly be opened. And for folks not using a device that makes dubious .xls files benign (like a Chromebook or something running iOS), then it doesn’t matter how strong your email password is—game’s over.

Apple Developer newsroom:

In order to help keep kids’ data private, apps in the kids category and apps intended for kids cannot include third-party advertising or analytics software and may not transmit data to third parties. This guideline is now enforced for new apps. Existing apps must follow this guideline by September 3, 2019.

Apple is not messing around on privacy—and not just in their own apps anymore.

It’s taken a few years of sustained messaging and actions, but Apple’s approach to privacy now sits equal with their dedication to design in terms of why I continue to buy their products.

From Panic’s press release:

Today, after more than four years of work by a small and talented team, Panic is extremely excited to introduce Playdate, a brand new handheld gaming system.

Playdate is both very familiar, and totally new. It’s yellow, and fits perfectly in a pocket. It has a black-and-white screen with high reflectivity, a crystal-clear image, and no backlight. And of course, it has Wi-Fi, Bluetooth, USB-C, and a headphone jack. But it also has a crank. Yes, a crank: a cute, rotating analog controller that flips out from the side. It’s literally revolutionary.

There’s more: Playdate includes games — a full season of them. The games will be delivered over-the-air, once a week for 12 weeks, and they’ll be a surprise: when the new game light flashes, you’ll never know what you’re about to play. Panic recruited some of the world’s best game designers — some well known; others under the radar — to make games exclusively for our system. Playdate isn’t just hardware: it’s a complete experience.

Mike Fahey, Kotaku:

When I received the Playdate announcement under embargo last week, I thought it was a joke. Panic is a company that makes web utility apps for smartphones and published adventure game Firewatch with Campo Santo. Now it’s jumping directly into game hardware with this strange little yellow box. It is a nice-looking box.

John Gruber, Daring Fireball:

Panic is almost cheating in a way because they’re tiny. The Playdate platform isn’t competing with the state of the art. It’s not a retro platform, per se, but while it has an obviously nostalgic charm it is competing only on its own terms. Its only goal is to be fun. And aspects of Playdate are utterly modern: Wi-Fi, Bluetooth, apps and software updates delivered over-the-air.

Devin Coldewey, TechCrunch:

It’s different, all right. Bright yellow with a black and white screen and with no spot for removable media like cartridges, the Playdate is more or less self-contained, except of course for the charger and wireless connection. And it’s over the wireless connection that the games come: 12 of them, exclusives created by well-known developers like Keita Takahashi (Katamari Damacy), Bennett Foddy (Getting Over It) and Zach Gage (Ridiculous Fishing).

John Voorhees, MacStories:

Playdate’s hardware is not like anything currently available on the market, and Panic says the device isn’t meant to compete with other handheld systems either. Instead, the goal is to complement existing systems for those times in between using other devices when you want to play a game.

I was a fan of Panic’s last foray into video games with Firewatch, and I’ve been following along with their near-release Untitled Goose Game, but… actual hardware? Hardware that looks simultaneously cute, innovative, and fun? How interesting. I mean, just look at it:

playdate product image

Playdate is launching in 2020 for $149, and includes a “season” of 12 different games, with each title being released one week at a time. As a device meant to complement existing gaming systems, Playdate is intriguing; as a delivery service for new games from separate developers, it’s innovative.

If I’m skeptical at all, it’s because ultimately the games themselves need to be fun. I love thoughtful, well designed hardware, but if the games aren’t compelling then Playdate is destined to be a memorable niche product sitting on the shelves of enthusiasts that buy them. At $149 a pop, this won’t be something regular people buy on a whim, even if they’re gaming fans.

If you’re at all interested in Playdate itself (or just really good web design), go check out play.date and sign up to be notified when the units go on sale.

Geoffrey A. Fowler, Washington Post:

I listened to four years of my Alexa archive and found thousands of fragments of my life: spaghetti-timer requests, joking houseguests and random snippets of “Downton Abbey.” There were even sensitive conversations that somehow triggered Alexa’s “wake word” to start recording, including my family discussing medication and a friend conducting a business deal. […]

What can you do to stop Alexa from recording? Amazon’s answer is straight out of the Facebook playbook: “Customers have control,” it says — but the product’s design clearly isn’t meeting our needs. You can manually delete past recordings if you know exactly where to look and remember to keep going back. You cannot stop Amazon from making these recordings, aside from muting the Echo’s microphone (defeating its main purpose) or unplugging the darned thing.

We’ve been using an Echo Dot for the past two weeks, and in reviewing my own past recordings I found one snippet that was just of my son crying. (Crying I assume over what we had given him for lunch.) Based on how many times we’ve initiated Alexa so far, our unintentional activation rate is around 2.5%. That’s… bad? I’m not sure.

Part of this is the compromise of even bringing these devices into our homes—we trade manually setting kitchen timers and looking up measurement conversions for the convenience of an always-present assistant that also happens to be a recording device connected to the Internet.

Still, I’d feel better if Amazon had less information about me and I was more aware of when Alexa was listening. Thankfully both of these things are possible. The first is accomplished by deleting your own Alexa recordings, and the second can be done by enabling the Echo’s “Start of Request” sound, found under the Settings. I’m still not sold on the Echo Dot as a permanent fixture of our counter space, and unintentional activations are definitely something I’ll be keeping an eye on for the next few weeks.

Pierre Valade (previously CEO of Sunrise Calendar, which was acquired by Microsoft) has launched Jumbo, a “privacy assistant” for iOS. Curious, I thought, because most other digital assistants are hellbent on collecting as much information about me as possible. In reality, Jumbo is less of an assistant and more of a user-friendly way for you to delete old tweets, Alexa voice recordings, and Google searches. One tap and everything gets erased. If you’ve ever tried to delete this sort of data by hand (data that Twitter, Amazon, and Google would rather you let them keep) you’ll know how wonderfully simple Jumbo’s approach is.

My favorite thing about Jumbo is that everything’s handled locally—none of my data gets stored or manipulated server-side. The compromise is that since Jumbo doesn’t store any of my logins or information on their servers, it’s on me to open the app every week and initiate a cleaning. A small price to pay.

Jumbo is the rare example of a truly user-focused privacy product. None of your information is slipped out the side door to sell ads, and Mr. Valade is upfront with how they plan to make money: premium features, accessible via subscription. I’m not optimistic that Jumbo will be around for the longterm—how many people will pay for something like this?—but for now consider me a fan.

Typographer, writer, and lawyer Matthew Butterick:

For those who think it trivializes our political process to judge candidates by their typography—what would you prefer we scrutinize? Qualifications? Ground into dust during the last election. Issues? Be my guest. Whether a candidate will ever fulfill a certain campaign promise about a certain issue is conjectural.

But typography—that’s a real decision candidates have to make today, with real money and real consequences. And if I can’t trust you to pick some reasonable fonts and colors, then why should I trust you with the nuclear codes?

Website design, color selections, type kerning—Mr. Butterick hits them all. But my favorite bit is his “a slice of bacon using a playground slide in an unsafe way” description of Andrew Yang’s logo. 100% spot on.

Between art historian Andrew Tallon’s laser scanning of the entire cathedral in 2015 and the incredibly detailed models created for Ubisoft’s mega-franchise Assassin’s Creed: Unity, the French people have not only centimeter-level measurements, but also an entire interactive, atmospheric representation of Notre-Dame to reference as they rebuild.


I had the luck to visit Notre-Dame several years ago, and it was simply awe inspiring. To see it in flames last week evoked what can only be described as a deep sense of mourning.

Matthew Butterick, with some additional analysis on Laura Owen’s deep dive into Medium’s history:

What stands out the most? Though Medium’s value to online publishing has remained abstract, the harm it has inflicted—especially upon the authors and publications who have been lured onto the platform (by one pivot) and then stranded (by the next)—is concrete. As writer Jaya Saxena put it, “every writer/cartoonist I know has had their life ruined by Medium at some point”. […]

Which brings us to the $132 million question: who’s going to pay $50 every year for this? People dissatisfied with the unlimited free clickbait available elsewhere? Gulls, rubes, and saps? Dogs with credit cards? Mr. Williams has always preferred to frame Medium in gauzy platitudes—what I called his “Bellagio buffet of delicious nonsense”. Once upon a time, this seemed like the benign puffery of the ultrawealthy. Billionaire-splaining. Today, as the gulf between the promise of Medium and the reality yawns ever larger, it seems like abject denial. Again—has Mr. Williams actually spent time on Medium recently? If so, it hasn’t made a dent. If not, I can hardly blame him. It’s awful.

I’ve secretly been wishing for someone to create a complete compendium of Medium’s trials and tribulations because the task, had I taken it on myself, would have simply driven me into a deep, dark, depressing place from which I may not have emerged. Thankfully Laura Hazard Owen, writing for the Nieman Journalism Lab, was more than up to the task:

Why spend so much time worrying about what Medium is? Maybe because we wanted to know whether it was a friend or an enemy. The answer is that it’s neither. It’s a reflection of what the media industry has worried about, and hoped for, and not received. But Medium was never something that we would get to define. Instead, it’s turned out to be an endless thought experiment into what publishing on the internet could look like. That’s not much fun for people who got burned along the way, but Medium was never exactly ours to begin with.

Ms. Owen’s resulting timeline is filled with bite-sized notable events from Medium’s history, starting with the August 2012 launch, in which Founder and CEO Ev Williams heralded the site as, “a beautiful space for reading and writing — and little else.”

The following ~90 events, covering seven years, contain some fun trivia you might have forgotten. Like how the White House quietly published the entirety of President Obama’s State of the Union remarks to Medium before the speech began. Or just how many notable publications jumped head-first into the platform, only to die later. Regardless, reading through the entire timeline will remind you that Medium’s current identity crisis isn’t so much a recent ailment as it is a chronic one.

Samit Sarkar, Polygon, writing about the newest word game from the Times’ Games Expansion Team (which I didn’t know was a thing):

Letter Boxed takes place around, well, a box. There are three letters on each side, and players must connect them to make words at least three letters long. Letters on the same side cannot be used consecutively, and the final letter of each word becomes the first letter of the next word. The goal is to use all 12 letters in as few words as possible. “It’s a lot faster, it’s a much quicker hit, but you can kind of keep playing that too forever,” said [Times’s Games Expansion Team Lead] Von Ehren.

I really like this game. Whereas crosswords are built from a preset list of words, a round Letter Boxed is almost entirely freeform and relies on the vocabulary you know. My current strategy is to rotate between using long and short words, and it’s been working out OK this week.

The only caveat to Letter Boxed (right now, at least) is that you need a Times subscription to play. It’s not such a great game to justify a subscription if you don’t also read the paper, but it is a nice addition for current subscribers. And as The New York Times continues invest in and reap the benefits of its digital offerings, I’m excited to see what the Games Expansion Team works on next.

Chris Jones, ESPN, attempted to complete the medical and fitness review required of all Everton F.C. players. It did not go well.

Let’s get this out of the way. I’m supposed to say that my greatest source of pride is my children, but they haven’t really done anything that special. They’re regular kids, and there are billions of those. My greatest source of pride is that I still play competitive football at age 44. There are players in my league as young as 18. I’ve privately hoped that one day I’ll play alongside my youngest son, who is 10. Eight more years. That makes 52.

Luckily, I’m a goalkeeper. Unluckily, I’m short and fat. I’m 5-foot-10 and 214 pounds. I worried that Everton wouldn’t have a kit that fit me, and I searched for a comparably sized player. In other words, I looked up Wayne Rooney. He’s a similar height but 30 pounds lighter. I warned Everton in advance that they would be outfitting Wayne Rooney… if Wayne Rooney were pregnant with twins.

(Hat tip PDL.)

Klint Finley, Wired:

Google says the proposal is just, well, a proposal. “These changes are in the design process,” a Google spokesperson said in a statement. The company is “working with extension developers to make sure their extensions continue to work,” the spokesperson said.

Ostensibly, the changes are designed to improve the security and performance of Chrome and Chromium. For example, Chrome extensions now can access your browsing history. That means a bad actor could offer an ad blocker that spies on you.

Google is proposing to cut off extensions’ access to browsing history and instead offer an interface that can generate instructions for the browser to block or modify certain content, including ads. The catch is that each extension would be limited to 30,000 rules it can apply.

Google runs the largest digital ad platform in the United States, the world’s most popular web browser, and the company makes almost all of its money from advertisements. Google wants you to see more ads. Their business depends on it, in fact.

Therefore, any Google-led changes to Chrome that restrict a user’s ability to block ads will inevitably be under intense scrutiny—and for good reason. Taken in the best light, this is Google trying to ensure Chrome continues to be as fast and secure as possible. Taken in the worst, these proposed changes are one more instance of Google using its dominance in search, advertising, and web browsing to benefit Google.

This move isn’t totally without precedence—Apple made a similar change in 2015 when it limited the number of rules a content blocker could employ to 50,000. But a combination of Google’s proposal limiting the number of rules to just 30,000 and Google being, well, Google has escalated this story to a whole other level.

To be fair though, even though Apple allows content blockers to use 50,000 rules, popular ad blockers (read: ones that do the job well) often need hundreds of thousands of rules to be effective. I use 1Blocker on my devices, but even 1Blocker’s developer skirts around the 50,000 rule limit by implementing each rule “set” as a separate content blocker, thereby allow 1Blocker to check against over 350,000 rules.

At the end of the day, this change to Chrome is only a proposal. And if we’re giving Google any kudos, it’s that they’re still conducting sensitive changes to Chromium in the open. I’m also not suggesting that Apple and Google are wholly wrong here. The pursuit of enhanced privacy while still allowing users to have some control over their browsers is a path filled with compromises. And since browser makers aren’t going to not evolve their products, I think it’s important that you understand the motives that may be driving their decisions.


(And now a brief primer on how ad blockers work for the non-tech savvy family members who read my site ♥. Ad blockers prevent certain webpage elements from displaying by (a) preventing your browser from talking to certain ad-related servers and (b) maintaining a custom list of elements that either you or the community at large have flagged as worth blocking. They do this by comparing requests your browser’s resource requests against a list of tens of thousands of text patterns—if a request matches one of these rules, the content is blocked. When using an ad blocker, browsing the web should feel faster, because your browser no longer has to wait on five different ads to download or tracking scripts to execute. Take a site like The Verge, the well-known tech site/advertisement billboard. Without an ad blocker installed, The Verge’s homepage weighs in at 5.8 MB with over 350 network requests to (I assume) ad and tracking servers. However, if you install an ad blocker like uBlock Origin, The Verge’s homepage now only weighs 4.2 MB with fewer than 50 network requests.)

Twitter’s calling it the “new twitter.com”, but this update is clearly the lite variant of their website that mobile users have been using for over a year. Good on them for pushing this out to everyone—I’ve found it to be significantly faster and nicer to use than the normal site. It’s also (sadly) the best official way to use Twitter on your Mac.

If you’re still seeing the old/current version, you can check out what’s coming by going directly to mobile.twitter.com.

Matt Patches, Polygon, reporting on Netflix’s latest quarterly earnings report:

[…] Netflix estimated that it commands 10 percent of television screen time in the U.S., and slightly less than that for total mobile screen time. In other countries, the percentages are lower due to “lower penetration of our service.” The reason, Netflix said, isn’t because of obvious streaming competition, but of online platforms and video games.

“We compete with (and lose to) Fortnite more than HBO,” the report indicated. 

By the end of 2018, Netflix claimed nearly 139 million paying memberships worldwide. Meanwhile, in November 2018, Epic reported that its blockbuster battle royale game commanded upwards of 200 million registered users. In its quarterly report, Netflix made clear that “consumer screen time” is its most valuable metric, and that Fortnite — just one of endless options for plugged-in audiences – offers the stiffest competition.

That Fortnite impacts Netflix more than HBO should be a clear indicator as to why Netflix expects to spend almost $15 billion on content this year. Netflix isn’t competing with HBO because HBO also makes content, Netflix competes with HBO because when you’re watching HBO you’re not watching Netflix. Sure, you could be paying for both, but once the attention scales tip too far in one direction, people begin to wonder if they really need that extra monthly subscription. Where attention goes, money follows.

This is why features like Screen Time on iOS are so interesting to me–they provide cold, hard numbers as to where I’m actually spending my time. Like Mint or YNAB for your minutes. An attention budget.

It’s not just screen things, either. Netflix shows, Facebook status updates, Fortnite matches, wood carving, genoise sponge cake baking are all–in some manner–competing for your attention. The attention economy posits that as content becomes increasingly available, attention (read: time) becomes a scarce commodity. If 200 million people started regularly baking genoise in the evenings instead of watching Netflix, you can bet we’d hear Reed Hastings say “sponge cakes” in the next quarterly report.

(Once you start thinking about the digital services and apps we use as primarily chasing your attention instead of your dollars, it becomes easier to see how addictive and downright manipulating some of these user interfaces have become. But that’s for another post.)

Final nail, meet coffin.

Here with the follow-up to their announcement last September is CTO and co-founder of Basecamp, David Heinemeier Hansson:

These days Medium is focused on their membership offering, though. Trying to aggregate writing from many sources and sell a broad subscription on top of that. And it’s a neat model, and it’s wonderful to see Medium try something different. But it’s not for us, and it’s not for Signal v Noise. […]

Beyond that, though, we’ve grown ever more aware of the problems with centralizing the internet. Traditional blogs might have swung out of favor, as we all discovered the benefits of social media and aggregating platforms, but we think they’re about to swing back in style, as we all discover the real costs and problems brought by such centralization. […]

That doesn’t mean we regret our time at Medium. Being on Medium helped propel some of our best writing to a whole new audience. But these days there’s less of a “what Medium is doing for us”, and a whole lot more of “what we’re doing for Medium”. It was a good time while it lasted, but good times are gone.

Their new site is powered by WordPress and it looks freaking great. The theme was designed by Basecamp’s in-house designer Adam Stoddard, and I’m really digging his choice to set everything in Tiempos. (I mean, go look at those big, bold, beautiful headlines.)

Unfortunately, Basecamp wasn’t able to export any of the comments on their old posts. This is disappointing because SvN comments are those rare type of comments you actually want to read. To have them locked forever in Medium is a not-insignificant loss.

As far as traditional blogs swinging “back into style”, I do hope that’s the case. Most of my favorite, non-news Internet content is the work of around 20 different writers, programmers, designers, and thinkers that I’ve stumbled across and subscribed to over the years. I list a few of my favorites over here.

As a side note: If you’re new to the blogging scene, welcome. There’s never been a better time to start writing your own site, nor have there been more platforms and frameworks that give you control over your content and its presentation. And if you need help? Shoot me an email—I’d love to help you out.

Looks like Doist started with Medium in 2017, and then switched to WP Engine—a WordPress hosting service—earlier this month.

(You might not recognize Doist-the-company, but you’ve probably heard of their most popular product: Todoist, the much loved cross-platform task manager.)

Russell Brandom, The Verge:

Yubico has announced a new version of its popular Security Key for use in Lightning ports, the first such device to enable physical token authentication for iPhones. The device also supports a USB-C connection.

Previously, the only way to connect a security key to an iPhone was over Bluetooth, which suffered Bluetooth’s normal usability issues as well as potential security concerns around mistaken pairings. Android devices can also pair over NFC, but that functionality is impossible under iOS’s current NFC restrictions.

Yubico wasn’t likely to ever make a Lightning-only security key because these keys are most useful when they’re device agnostic. iOS apps will have to add support for these sorts of keys, but it’s still nice that a Bluetooth-free security key option now exists for iPhone users.

(Brief primer on security keys, because I both use and recommend them: While a house key gets you into your home and a car key is required to start your vehicle—a physical Yubico security key can be a required part of your login flow for email, social media, etc. This makes those accounts almost impossible to hack, because an attacker would need your physical key. Additionally, I’ve found most people are (a) more willing to use and (b) faster to understand the concept of a physical key for your email; whereas explaining two-factor authentication codes can often take a few rounds of drawing before the idea takes.)