Skip to main content...

Geoffrey A. Fowler, Washington Post:

I listened to four years of my Alexa archive and found thousands of fragments of my life: spaghetti-timer requests, joking houseguests and random snippets of “Downton Abbey.” There were even sensitive conversations that somehow triggered Alexa’s “wake word” to start recording, including my family discussing medication and a friend conducting a business deal. […]

What can you do to stop Alexa from recording? Amazon’s answer is straight out of the Facebook playbook: “Customers have control,” it says — but the product’s design clearly isn’t meeting our needs. You can manually delete past recordings if you know exactly where to look and remember to keep going back. You cannot stop Amazon from making these recordings, aside from muting the Echo’s microphone (defeating its main purpose) or unplugging the darned thing.

We’ve been using an Echo Dot for the past two weeks, and in reviewing my own past recordings I found one snippet that was just of my son crying. (Crying I assume over what we had given him for lunch.) Based on how many times we’ve initiated Alexa so far, our unintentional activation rate is around 2.5%. That’s… bad? I’m not sure.

Part of this is the compromise of even bringing these devices into our homes—we trade manually setting kitchen timers and looking up measurement conversions for the convenience of an always-present assistant that also happens to be a recording device connected to the Internet.

Still, I’d feel better if Amazon had less information about me and I was more aware of when Alexa was listening. Thankfully both of these things are possible. The first is accomplished by deleting your own Alexa recordings, and the second can be done by enabling the Echo’s “Start of Request” sound, found under the Settings. I’m still not sold on the Echo Dot as a permanent fixture of our counter space, and unintentional activations are definitely something I’ll be keeping an eye on for the next few weeks.

Pierre Valade (previously CEO of Sunrise Calendar, which was acquired by Microsoft) has launched Jumbo, a “privacy assistant” for iOS. Curious, I thought, because most other digital assistants are hellbent on collecting as much information about me as possible. In reality, Jumbo is less of an assistant and more of a user-friendly way for you to delete old tweets, Alexa voice recordings, and Google searches. One tap and everything gets erased. If you’ve ever tried to delete this sort of data by hand (data that Twitter, Amazon, and Google would rather you let them keep) you’ll know how wonderfully simple Jumbo’s approach is.

My favorite thing about Jumbo is that everything’s handled locally—none of my data gets stored or manipulated server-side. The compromise is that since Jumbo doesn’t store any of my logins or information on their servers, it’s on me to open the app every week and initiate a cleaning. A small price to pay.

Jumbo is the rare example of a truly user-focused privacy product. None of your information is slipped out the side door to sell ads, and Mr. Valade is upfront with how they plan to make money: premium features, accessible via subscription. I’m not optimistic that Jumbo will be around for the longterm—how many people will pay for something like this?—but for now consider me a fan.

Typographer, writer, and lawyer Matthew Butterick:

For those who think it trivializes our political process to judge candidates by their typography—what would you prefer we scrutinize? Qualifications? Ground into dust during the last election. Issues? Be my guest. Whether a candidate will ever fulfill a certain campaign promise about a certain issue is conjectural.

But typography—that’s a real decision candidates have to make today, with real money and real consequences. And if I can’t trust you to pick some reasonable fonts and colors, then why should I trust you with the nuclear codes?

Website design, color selections, type kerning—Mr. Butterick hits them all. But my favorite bit is his “a slice of bacon using a playground slide in an unsafe way” description of Andrew Yang’s logo. 100% spot on.

Between art historian Andrew Tallon’s laser scanning of the entire cathedral in 2015 and the incredibly detailed models created for Ubisoft’s mega-franchise Assassin’s Creed: Unity, the French people have not only centimeter-level measurements, but also an entire interactive, atmospheric representation of Notre-Dame to reference as they rebuild.

I had the luck to visit Notre-Dame several years ago, and it was simply awe inspiring. To see it in flames last week evoked what can only be described as a deep sense of mourning.

Matthew Butterick, with some additional analysis on Laura Owen’s deep dive into Medium’s history:

What stands out the most? Though Medium’s value to online publishing has remained abstract, the harm it has inflicted—especially upon the authors and publications who have been lured onto the platform (by one pivot) and then stranded (by the next)—is concrete. As writer Jaya Saxena put it, “every writer/cartoonist I know has had their life ruined by Medium at some point”. […]

Which brings us to the $132 million question: who’s going to pay $50 every year for this? People dissatisfied with the unlimited free clickbait available elsewhere? Gulls, rubes, and saps? Dogs with credit cards? Mr. Williams has always preferred to frame Medium in gauzy platitudes—what I called his “Bellagio buffet of delicious nonsense”. Once upon a time, this seemed like the benign puffery of the ultrawealthy. Billionaire-splaining. Today, as the gulf between the promise of Medium and the reality yawns ever larger, it seems like abject denial. Again—has Mr. Williams actually spent time on Medium recently? If so, it hasn’t made a dent. If not, I can hardly blame him. It’s awful.

I’ve secretly been wishing for someone to create a complete compendium of Medium’s trials and tribulations because the task, had I taken it on myself, would have simply driven me into a deep, dark, depressing place from which I may not have emerged. Thankfully Laura Hazard Owen, writing for the Nieman Journalism Lab, was more than up to the task:

Why spend so much time worrying about what Medium is? Maybe because we wanted to know whether it was a friend or an enemy. The answer is that it’s neither. It’s a reflection of what the media industry has worried about, and hoped for, and not received. But Medium was never something that we would get to define. Instead, it’s turned out to be an endless thought experiment into what publishing on the internet could look like. That’s not much fun for people who got burned along the way, but Medium was never exactly ours to begin with.

Ms. Owen’s resulting timeline is filled with bite-sized notable events from Medium’s history, starting with the August 2012 launch, in which Founder and CEO Ev Williams heralded the site as, “a beautiful space for reading and writing — and little else.”

The following ~90 events, covering seven years, contain some fun trivia you might have forgotten. Like how the White House quietly published the entirety of President Obama’s State of the Union remarks to Medium before the speech began. Or just how many notable publications jumped head-first into the platform, only to die later. Regardless, reading through the entire timeline will remind you that Medium’s current identity crisis isn’t so much a recent ailment as it is a chronic one.

Samit Sarkar, Polygon, writing about the newest word game from the Times’ Games Expansion Team (which I didn’t know was a thing):

Letter Boxed takes place around, well, a box. There are three letters on each side, and players must connect them to make words at least three letters long. Letters on the same side cannot be used consecutively, and the final letter of each word becomes the first letter of the next word. The goal is to use all 12 letters in as few words as possible. “It’s a lot faster, it’s a much quicker hit, but you can kind of keep playing that too forever,” said [Times’s Games Expansion Team Lead] Von Ehren.

I really like this game. Whereas crosswords are built from a preset list of words, a round Letter Boxed is almost entirely freeform and relies on the vocabulary you know. My current strategy is to rotate between using long and short words, and it’s been working out OK this week.

The only caveat to Letter Boxed (right now, at least) is that you need a Times subscription to play. It’s not such a great game to justify a subscription if you don’t also read the paper, but it is a nice addition for current subscribers. And as The New York Times continues invest in and reap the benefits of its digital offerings, I’m excited to see what the Games Expansion Team works on next.

Chris Jones, ESPN, attempted to complete the medical and fitness review required of all Everton F.C. players. It did not go well.

Let’s get this out of the way. I’m supposed to say that my greatest source of pride is my children, but they haven’t really done anything that special. They’re regular kids, and there are billions of those. My greatest source of pride is that I still play competitive football at age 44. There are players in my league as young as 18. I’ve privately hoped that one day I’ll play alongside my youngest son, who is 10. Eight more years. That makes 52.

Luckily, I’m a goalkeeper. Unluckily, I’m short and fat. I’m 5-foot-10 and 214 pounds. I worried that Everton wouldn’t have a kit that fit me, and I searched for a comparably sized player. In other words, I looked up Wayne Rooney. He’s a similar height but 30 pounds lighter. I warned Everton in advance that they would be outfitting Wayne Rooney… if Wayne Rooney were pregnant with twins.

(Hat tip PDL.)

Klint Finley, Wired:

Google says the proposal is just, well, a proposal. “These changes are in the design process,” a Google spokesperson said in a statement. The company is “working with extension developers to make sure their extensions continue to work,” the spokesperson said.

Ostensibly, the changes are designed to improve the security and performance of Chrome and Chromium. For example, Chrome extensions now can access your browsing history. That means a bad actor could offer an ad blocker that spies on you.

Google is proposing to cut off extensions’ access to browsing history and instead offer an interface that can generate instructions for the browser to block or modify certain content, including ads. The catch is that each extension would be limited to 30,000 rules it can apply.

Google runs the largest digital ad platform in the United States, the world’s most popular web browser, and the company makes almost all of its money from advertisements. Google wants you to see more ads. Their business depends on it, in fact.

Therefore, any Google-led changes to Chrome that restrict a user’s ability to block ads will inevitably be under intense scrutiny—and for good reason. Taken in the best light, this is Google trying to ensure Chrome continues to be as fast and secure as possible. Taken in the worst, these proposed changes are one more instance of Google using its dominance in search, advertising, and web browsing to benefit Google.

This move isn’t totally without precedence—Apple made a similar change in 2015 when it limited the number of rules a content blocker could employ to 50,000. But a combination of Google’s proposal limiting the number of rules to just 30,000 and Google being, well, Google has escalated this story to a whole other level.

To be fair though, even though Apple allows content blockers to use 50,000 rules, popular ad blockers (read: ones that do the job well) often need hundreds of thousands of rules to be effective. I use 1Blocker on my devices, but even 1Blocker’s developer skirts around the 50,000 rule limit by implementing each rule “set” as a separate content blocker, thereby allow 1Blocker to check against over 350,000 rules.

At the end of the day, this change to Chrome is only a proposal. And if we’re giving Google any kudos, it’s that they’re still conducting sensitive changes to Chromium in the open. I’m also not suggesting that Apple and Google are wholly wrong here. The pursuit of enhanced privacy while still allowing users to have some control over their browsers is a path filled with compromises. And since browser makers aren’t going to not evolve their products, I think it’s important that you understand the motives that may be driving their decisions.

(And now a brief primer on how ad blockers work for the non-tech savvy family members who read my site ♥. Ad blockers prevent certain webpage elements from displaying by (a) preventing your browser from talking to certain ad-related servers and (b) maintaining a custom list of elements that either you or the community at large have flagged as worth blocking. They do this by comparing requests your browser’s resource requests against a list of tens of thousands of text patterns—if a request matches one of these rules, the content is blocked. When using an ad blocker, browsing the web should feel faster, because your browser no longer has to wait on five different ads to download or tracking scripts to execute. Take a site like The Verge, the well-known tech site/advertisement billboard. Without an ad blocker installed, The Verge’s homepage weighs in at 5.8 MB with over 350 network requests to (I assume) ad and tracking servers. However, if you install an ad blocker like uBlock Origin, The Verge’s homepage now only weighs 4.2 MB with fewer than 50 network requests.)

Twitter’s calling it the “new”, but this update is clearly the lite variant of their website that mobile users have been using for over a year. Good on them for pushing this out to everyone—I’ve found it to be significantly faster and nicer to use than the normal site. It’s also (sadly) the best official way to use Twitter on your Mac.

If you’re still seeing the old/current version, you can check out what’s coming by going directly to

Matt Patches, Polygon, reporting on Netflix’s latest quarterly earnings report:

[…] Netflix estimated that it commands 10 percent of television screen time in the U.S., and slightly less than that for total mobile screen time. In other countries, the percentages are lower due to “lower penetration of our service.” The reason, Netflix said, isn’t because of obvious streaming competition, but of online platforms and video games.

“We compete with (and lose to) Fortnite more than HBO,” the report indicated. 

By the end of 2018, Netflix claimed nearly 139 million paying memberships worldwide. Meanwhile, in November 2018, Epic reported that its blockbuster battle royale game commanded upwards of 200 million registered users. In its quarterly report, Netflix made clear that “consumer screen time” is its most valuable metric, and that Fortnite — just one of endless options for plugged-in audiences – offers the stiffest competition.

That Fortnite impacts Netflix more than HBO should be a clear indicator as to why Netflix expects to spend almost $15 billion on content this year. Netflix isn’t competing with HBO because HBO also makes content, Netflix competes with HBO because when you’re watching HBO you’re not watching Netflix. Sure, you could be paying for both, but once the attention scales tip too far in one direction, people begin to wonder if they really need that extra monthly subscription. Where attention goes, money follows.

This is why features like Screen Time on iOS are so interesting to me–they provide cold, hard numbers as to where I’m actually spending my time. Like Mint or YNAB for your minutes. An attention budget.

It’s not just screen things, either. Netflix shows, Facebook status updates, Fortnite matches, wood carving, genoise sponge cake baking are all–in some manner–competing for your attention. The attention economy posits that as content becomes increasingly available, attention (read: time) becomes a scarce commodity. If 200 million people started regularly baking genoise in the evenings instead of watching Netflix, you can bet we’d hear Reed Hastings say “sponge cakes” in the next quarterly report.

(Once you start thinking about the digital services and apps we use as primarily chasing your attention instead of your dollars, it becomes easier to see how addictive and downright manipulating some of these user interfaces have become. But that’s for another post.)

Final nail, meet coffin.

Here with the follow-up to their announcement last September is CTO and co-founder of Basecamp, David Heinemeier Hansson:

These days Medium is focused on their membership offering, though. Trying to aggregate writing from many sources and sell a broad subscription on top of that. And it’s a neat model, and it’s wonderful to see Medium try something different. But it’s not for us, and it’s not for Signal v Noise. […]

Beyond that, though, we’ve grown ever more aware of the problems with centralizing the internet. Traditional blogs might have swung out of favor, as we all discovered the benefits of social media and aggregating platforms, but we think they’re about to swing back in style, as we all discover the real costs and problems brought by such centralization. […]

That doesn’t mean we regret our time at Medium. Being on Medium helped propel some of our best writing to a whole new audience. But these days there’s less of a “what Medium is doing for us”, and a whole lot more of “what we’re doing for Medium”. It was a good time while it lasted, but good times are gone.

Their new site is powered by WordPress and it looks freaking great. The theme was designed by Basecamp’s in-house designer Adam Stoddard, and I’m really digging his choice to set everything in Tiempos. (I mean, go look at those big, bold, beautiful headlines.)

Unfortunately, Basecamp wasn’t able to export any of the comments on their old posts. This is disappointing because SvN comments are those rare type of comments you actually want to read. To have them locked forever in Medium is a not-insignificant loss.

As far as traditional blogs swinging “back into style”, I do hope that’s the case. Most of my favorite, non-news Internet content is the work of around 20 different writers, programmers, designers, and thinkers that I’ve stumbled across and subscribed to over the years. I list a few of my favorites over here.

As a side note: If you’re new to the blogging scene, welcome. There’s never been a better time to start writing your own site, nor have there been more platforms and frameworks that give you control over your content and its presentation. And if you need help? Shoot me an email—I’d love to help you out.

Looks like Doist started with Medium in 2017, and then switched to WP Engine—a WordPress hosting service—earlier this month.

(You might not recognize Doist-the-company, but you’ve probably heard of their most popular product: Todoist, the much loved cross-platform task manager.)

Russell Brandom, The Verge:

Yubico has announced a new version of its popular Security Key for use in Lightning ports, the first such device to enable physical token authentication for iPhones. The device also supports a USB-C connection.

Previously, the only way to connect a security key to an iPhone was over Bluetooth, which suffered Bluetooth’s normal usability issues as well as potential security concerns around mistaken pairings. Android devices can also pair over NFC, but that functionality is impossible under iOS’s current NFC restrictions.

Yubico wasn’t likely to ever make a Lightning-only security key because these keys are most useful when they’re device agnostic. iOS apps will have to add support for these sorts of keys, but it’s still nice that a Bluetooth-free security key option now exists for iPhone users.

(Brief primer on security keys, because I both use and recommend them: While a house key gets you into your home and a car key is required to start your vehicle—a physical Yubico security key can be a required part of your login flow for email, social media, etc. This makes those accounts almost impossible to hack, because an attacker would need your physical key. Additionally, I’ve found most people are (a) more willing to use and (b) faster to understand the concept of a physical key for your email; whereas explaining two-factor authentication codes can often take a few rounds of drawing before the idea takes.)

I’ve recommended the code sharing/developer social network GitHub to many people (students and writers primarily), but the recommendation always came with the giant asterisk that everything you published would be public. It’s nice that’s no longer the case. GitHub becomes a far more attractive service—and stronger social network—when you can host all your work there.

This also makes a lot of sense for where Microsoft might want to take GitHub. The majority of GitHub’s future revenue is likely to come in the form of lucrative Enterprise accounts at large companies—something Microsoft is well positioned to push—rather than free (née personal) accounts that upgrade to paid tiers.

(This came at a good time for me too as I wanted to—finally—get my project files for Edit into their own GitHub repository. Hours after the announcement, I created a new private repository and got everything uploaded. This is going to make my development life so much better. Previously, the whole project was stuffed into a random Dropbox folder. The cobbler’s kids have no shoes, right?)

‘Nobody Reads’

This is the excuse I hear when product people are disappointed that customers missed some important piece of information conveyed through UI copy. The more important the information missed, the stronger the sentiment that Nobody Reads.

But this is like when someone truncates Winston Churchill’s quote on democracy. It’s more likely you’ve heard this bit:

democracy is the worst form of Government

Than how it finishes:

except all those other forms that have been tried from time to time.

Similarly, Nobody Reads… Bad Copy. If nobody is reading your copy, it means you need to work on the text more so the reader can work less.

Generally, the following attributes contribute to bad copy: too long, filled with jargon, without actionable steps, visually unfriendly.

(It’s worth noting that, sometimes, UI copy might not be the best way to convey a concept. Complex instructions might be better explained visually. Consider the context of what you’re trying to explain. Dates, durations, or similar concepts can benefit from a graphical aid.)

In most cases of bad copy, the solution is simple. Imagine a customer is in front of you, and then rewrite the copy as though you were delivering the instructions audibly. Next, take what you’ve written and try to say it in half the words—remove anything that isn’t necessary. Finally, read what you have aloud to someone else. Cut and rewrite based on their feedback.

This process can take longer than you think. Make sure to budget time for copy revisions just as you would mockups. Going through three, five, or 10 drafts of important language isn’t a bad thing if 10,000 people are going to read the result.

Tom Warren, The Verge, on the news that not only is Microsoft rebuilding Edge on Chromium, but they’re also bringing it to the Mac:

A lot of web developers use a Mac to develop and test sites, but Edge doesn’t exist there, and it’s currently difficult to test Microsoft’s web rendering engine on a Mac without dual booting Windows. Microsoft is now bringing Edge to the Mac. We understand it’s not a move designed to grab more market share specifically; it’s more about making it easier for developers to test Edge. Microsoft hasn’t committed to a specific date for Edge on the Mac, but we expect to see it later next year.

I sort of get the argument here, and I’m not against more browsers on MacOS, but (at least for the foreseeable future) any websites that work in Chrome should also work in the built-on-Chromium Edge. You likely won’t need to test a site in both browsers because they’re—largely—using the same engine.

(Fun fact: it’s been 15 years since Microsoft stopped developing Internet Explorer for Mac.)

Microsoft is exiting the browser engine market, and the next version of their Edge browser will be powered by Chromium; the Google-led open source web engine that powers Chrome. Ferdy Christant:

The web now runs on a single engine. There is not a single browser with a non-Chromium engine on mobile of any significance other than Safari. Which runs webkit, kind of the same engine as Chromium, which is based on webkit.

On desktop, Edge’s departure from running their own engine, means there’s only one last man standing to counter the Chromium dominance: Firefox. Which is falling from a cliff, on its way to join the “everybody else” gang of insignificant browsers. With no serious way to truly counter it due to their near-absence on mobile, and their lack of control in pushing browser installs.

So Chromium it is. If you’re now waiting for a message of hope or a happy ending, I have none.

Go read the whole piece, because it’s a terrific overview of the current browser wars (if you can even still call it that) and the future of the open web.

I personally don’t like using Chrome, but I’m also on MacOS where Chrome isn’t what I would call the best example of a Mac app. Still, with around 70% market share and the nearest competitor only holding about 10%, Chrome doesn’t have to woo me to win.

And this is the crux of the issue. With Microsoft’s exit, Apple is the only company left with both the money and browser engine to push back against Google’s dominance. But as Mr. Christant points out, Safari’s market share is largely due to the popularity of iOS, and the browser often lags behind the others when it comes to updates. Apple seems content with where Safari’s at, because they don’t face any browser engine competition on iOS where all browsers (Chrome, Firefox, etc.) have to use the WebKit (Safari) rendering engine.

Finally, as I wrote last year, “Google controls the searches, the ads, and the window through which a majority of us see the internet.” With Microsoft’s adoption of Chromium, Google’s influence over how a majority of the world sees the Internet will only grow.

To put it another way, consider this. Last quarter, Google’s parent company Alphabet made just under $29 billion from ad revenue. Alphabet’s advertising business is far and away where the company gets a majority its money. Now think of how this ad-driven, privacy lax company controls the world’s most popular web browser with a near monopolistic amount of market share. Given that information, I find it hard to believe that Google will forever be an objective and faithful steward of what’s best for the web, instead of what’s best for Google—especially if their advertising chips are ever threatened. Thankfully, for us and for now, it seems like Google doesn’t have too much to worry about in that regard.

Oh, wait.

Brian Krebs:

Recent data from anti-phishing company PhishLabs shows that 49 percent of all phishing sites in the third quarter of 2018 bore the padlock security icon next to the phishing site domain name as displayed in a browser address bar. […]

This alarming shift is notable because a majority of Internet users have taken the age-old “look for the lock” advice to heart, and still associate the lock icon with legitimate sites. A PhishLabs survey conducted last year found more than 80% of respondents believed the green lock indicated a website was either legitimate and/or safe.

Years ago, I remember personally telling friends and family to “look for the lock” as an easy way of verifying that the site they were on was legitimate. Back then, paying for and setting up an SSL certificate was time consuming (or expensive) enough that most phishing websites didn’t bother. Those days are long gone.

I still believe that wide (and cheap) availability of SSL is a good and necessary thing. But all HTTPs and the accompanying lock symbol guarantees is that your connection with a sever is encrypted—not that you’re safe.

Quite the completionist.
Thanks for reading.
More? Go to the archive.