Daring Fireball

Reuters:

Apple convinced a federal jury on Friday that early versions of health monitoring tech company Masimo’s smartwatches infringe two of its design patents as part of a broader intellectual property dispute between the companies. The jury, in Delaware, agreed with Apple that previous iterations of Masimo’s W1 and Freedom watches and chargers willfully violated Apple’s patent rights in smartwatch designs.

But the jury awarded the tech giant, which is worth about $3.5 trillion, just $250 in damages — the statutory minimum for infringement in the United States. Apple’s attorneys told the court the “ultimate purpose” of its lawsuit was not money, but to win an injunction against sales of Masimo’s smartwatches after an infringement ruling.

On that front, jury also determined that Masimo’s current watches did not infringe Apple patents covering inventions that the tech giant had accused Masimo of copying.

$250 is just enough for Apple to buy one of its own 40mm Apple Watch SE models. (No sales tax in Delaware.) That’s about all Apple got out of this. This victory doesn’t change the ITC import ban that prevents Apple from enabling the blood oxygen sensor on watches sold in the U.S. after December 2023. It might have, if Apple had been able to win a verdict holding that Masimo’s current watches also infringe patents held by Apple. Florian Mueller, writing at IP Fray:

In order to understand the reason why Apple sued over a product practically no one buys, one has to understand the indirect ramifications for Masimo’s U.S. import ban on Apple Watches with a pulse oximetry feature. Only the indirect implications matter in this case. The short version is that if Masimo couldn’t have continued to sell its own smartwatch, they’d have lost a legally required basis for preventing Apple from selling smartwatches.

Andrew R. Chow, reporting for Time:

Twenty-four years ago, the surgeon Santiago Horgan performed the first robotically assisted gastric-bypass surgery in the world, a major medical breakthrough. Now Horgan is working with a new tool that he argues could be even more transformative in operating rooms: the Apple Vision Pro.

Over the last month, Horgan and other surgeons at the University of California, San Diego have performed more than 20 minimally invasive operations while wearing Apple’s mixed-reality headsets.

The details of this particular use case are largely about ergonomics, and the advantage Vision Pro provides seems profound:

In laparoscopic surgery, doctors send a tiny camera through a small incision in a patient’s body, and the camera’s view is projected onto a monitor. Doctors must then operate on a patient while looking up at the screen, a tricky feat of hand-eye coordination, while processing other visual variables in a pressurized environment. “I’m usually turning around and stopping the operation to see a CT scan; looking to see what happened with the endoscopy [another small camera that provides a closer look at organs]; looking at the monitor for the heart rate,” Horgan says.

As a result, most surgeons report experiencing discomfort while performing minimal-access surgery, a 2022 study found. About one-fifth of surgeons polled said they would consider retiring early because their pain was so frequent and uncomfortable. A good mixed-reality headset, then, might allow a surgeon to look at a patient’s surgical area and, without looking up, virtual screens that show them the laparoscopy camera and a patient’s vitals.

20 percent of surgeons saying they’re considering retiring early because of the discomfort from this is a high number! And the $3,500–4,000 price for Vision Pro isn’t merely acceptable in this context, it’s a downright bargain:

Christopher Longhurst, chief clinical and innovation officer at UC San Diego Health, says that while the Vision Pro’s price tag of $3,499 might seem daunting to a regular consumer, it’s inexpensive compared to most medical equipment. “The monitors in the operating room are probably $20,000 to $30,000,” he says. “So $3,500 for a headset is like budget dust in the healthcare setting.”

Makes me wonder if these high-end professional and industrial use cases are to the Vision platform this decade what desktop publishing was to the Mac in the 80s? Years ahead of mass market appeal, but a revolutionary breakthrough for a longstanding industry. Such a clear value to those in the industry that they’re not just merely ambivalently accepting the new platform, but champing at the bit to switch to them. Something for the platform to build from until boom, there’s a tipping point where it expands into the mass market. I got into graphic design and desktop publishing my sophomore year of college, in 1992, and by that time the industries of graphic design and professional printing were entirely Macintosh-based, yet the platform (counting the LaserWriter) was only 6 or 7 years old.

But in the fall of 1984, the Macintosh was considered a flop.

Chance Miller at 9to5Mac has done the yeoman’s work of providing a full illustrated change log for iOS 18.2 beta 1. Here’s one I wasn’t expecting, but which now that I think about it, isn’t surprising:

iOS 18.2 lets users set default apps for Messaging and Calling worldwide. This is managed through a new “Defaults” menu in the Settings app, where you can set defaults for these apps in the US:

• Email
• Messaging
• Calling
• Call Filtering
• Browser App
• Passwords & Codes
• Keyboards

Clearly this wouldn’t be in iOS 18.2 anywhere in the world if the European Commission weren’t demanding it for DMA compliance, but given that Apple had to do it for the EU, why not make it worldwide? This isn’t a “We think this is a bad idea” thing from Apple’s perspective, like, say, alternative app stores. It’s a “We don’t think this is all that important an idea” thing.

DMA compliance features that Apple wouldn’t have otherwise prioritized, but isn’t outright opposed to, are likely to be made available worldwide. Features Apple is opposed to will remain exclusive to the EU. For example, in iOS 18.2 beta 1 in the EU, users can now “delete” apps like Photos and Camera. That’s a spectacularly dumb idea, so it’s only in the EU.

Apple Developer News:

Following feedback from the European Commission and from developers, in these releases developers can develop and test EU-specific features, such as alternative browser engines, contactless apps, marketplace installations from web browsers, and marketplace apps, from anywhere in the world. Developers of apps that use alternative browser engines can now use WebKit in those same apps.

I just spent a few minutes trying to figure out how this works, but haven’t found it. If anyone can point me to the answer, let me know. It’s kind of bananas that EU-specific features couldn’t even be tested outside the EU until now.

Juli Clover, MacRumors:

Apple today seeded the first betas of upcoming iOS 18.2, iPadOS 18.2, and macOS Sequoia 15.2 updates to developers for testing purposes. The betas have been released while Apple is still working on iOS 18.1, iPadOS 18.1, and macOS Sequoia 15.1, updates that are set to be released next week.

Apple is rolling out Apple Intelligence features in waves, and while the first wave coming next week is relatively small, the next one is pretty big. These first developer betas of iOS 18.2 and MacOS 15.2 include: categorization and priority inbox sorting in Mail, Genmoji, Image Playgrounds (including Image Wand, where a rough sketch in Notes can be transformed into a detailed image), and ChatGPT’s integration for more complex “world knowledge” requests. And, for iPhone 16 users, Visual Intelligence.

These developer betas also contain new APIs for third-party apps: the Writing Tools API (which will allow any text app to support the features only Apple’s first-party apps have access to in iOS 18.1 and MacOS 15.1), Genmoji API (so third-party messaging apps can support them like Messages will), and Image Playground API.

With the initial wave in next week’s public releases of iOS 18.1 and MacOS 15.1, most Apple Intelligence features announced at WWDC are still missing. With these new developer betas, only a few features remain absent: priority notifications, and Siri’s more advanced features like in-app actions and personal knowledge context (the “When’s my mom’s flight arriving?” feature).

Andy McCullough, reporting for The Athletic:

Fernando Valenzuela, the Mexican southpaw who became an icon in Los Angeles during his rookie season with the Los Angeles Dodgers and remained a vibrant part of the franchise’s fabric for the next four decades, died Tuesday, the Dodgers confirmed. He was 63. [...]

In 2023, the Dodgers recognized Valenzuela’s indelible place within franchise lore by altering a club policy in his honor: Valenzuela became the first Dodger to see his number retired without reaching the Hall of Fame. Before the ceremony in August 2023, as his No. 34 took its place at Dodger Stadium in between Sandy Koufax’s No. 32 and Roy Campanella’s No. 39, Valenzuela pronounced himself shocked.

“It never crossed my mind that this would ever happen,” Valenzuela said. “Like being in the World Series my rookie year, I never thought that would happen.”

I’m only barely old enough to remember Fernandomania, but it was a genuine nationwide sensation. Everyone knew who “Fernando” was, even people who cared little to nothing about baseball. Every kid I knew, boys and girls alike, wanted a Fernando baseball card (or sticker — baseball stickers were the thing at the time).

In 1978, Valenzuela — the 12th of 12 children in a poor Mexican farming family — was a 17-year-old, pitching in an obscure Mexican pro league. A Dodgers scout who’d gone to evaluate a shortstop on the opposing team instead found himself captivated by Valenzuela’s pitching. Two years later he was an end-of-season call-up in the Dodgers’ big-league bullpen.

Then came 1981. Thanks to a fluke injury to the Dodgers’ intended starter, Valenzuela was their starting pitcher on opening day. He threw a complete game shutout. He started the season 8-0 with an ERA of 0.50. He pitched all 9 innings in each of those 8 games. His best pitch was a screwball (a breaking ball that curves the “wrong” way) — a bygone pitch no one even throws any more. His physique was more beer league than major league. His windup was comically exaggerated — more like Bugs Bunny than a typical major league pitcher. Down 2 games to 0, he led the Dodgers to victory in game 3 of the 1981 World Series against the Dodgers’ most-despised foe, the Yankees, and the Dodgers won the next 3 games to take the championship. He won both the Rookie of the Year and Cy Young awards. He spoke very little English at the time, but had a charisma that broke any language barrier. He was 20 years old.

I was 8 at the time, and already a very sore loser. Valenzuela was the first athlete I can remember from an opposing team whom I had mixed feelings about. You just couldn’t help but like him.

See More: “Remembering Fernandomania” — a splendid 11-minute short film MLB produced a few years ago. The film does a great job emphasizing how much Valenzuela meant to the Mexican-American community in Los Angeles. His playing heyday was 40 years ago, but his influence on the Dodgers’ relationship to their then-still-kinda-new home city remains palpable today.

And One More: Watch this clip from 2017 and not get goosebumps. I dare you.

Nilay Patel, after interviewing Intuit CEO Sasan Goodarzi for his Decoder podcast at The Verge:

It’s also not just lobbying: in 2022, a coalition of attorneys general from all 50 states got Intuit to agree to a $141 million settlement that required Intuit to refund low-income Americans who were eligible for free filing but were redirected to paid products. In 2023, the FTC found that TurboTax’s “free” marketing was willfully deceptive, and after the agency won an appeal early this year, Intuit was ordered to stop doing it.

I asked about that, and Sasan disagreed with me, and we went back and forth for a few minutes on it. It’s Decoder; we have exchanges like this all the time, and I didn’t think anything of it.

But then I got a note from Rick Heineman, the chief communications officer at Intuit, who called the line of questioning and my tone “inappropriate,” “egregious,” and “disappointing” and demanded that we delete that entire section of the recording. I mean, literally — he wrote a long email that ended with “at the very least the end portion of your interview should be deleted.”

We don’t do that here at The Verge.

What’s bananas about this is that the contentious segment of the interview ... wasn’t really all that contentious? If not for this controversy generated entirely by Intuit’s own comms chief, I’d have listened to the episode and might not have even thought twice about the whole segment on Intuit’s lobbying against the IRS and tax code being updated to eliminate the need for complicated tax filing. Of course Patel was going to bring this up. It’d have been shocking if he hadn’t. And I think Sasan presented Intuit’s case about as well it can be presented.

But now the episode has been the number one story at The Verge all day, and surely getting way more listens than the average Decoder episode — with listeners primed to pay attention to the segment on Intuit’s anti-tax-reform lobbying and the penalty they were fined for bilking low-income users into paid service they didn’t need.

And the Streisand effect isn’t counterintuitive. It’s obvious human nature. We want to look at and listen to things we’re told not to look at or listen to.

Joanna Stern, writing for The Wall Street Journal (News+):

If you’re expecting AI fireworks, prepare for AI … sparklers. Back in June, at the company’s annual developers conference, executives showed off do-it-yourself emojis, ChatGPT integration and a Siri that can recall the name of a person you met months ago. Apple has even been running ads for some features. None are in this release.

“This is a big lift,” Craig Federighi, Apple’s senior vice president of software engineering, told me at the company’s headquarters. “You could put something out there and have it be sort of a mess. Apple’s point of view is more like, ‘Let’s try to get each piece right and release it when it’s ready.’”

Yes, while other companies rush out generative-AI tools, sometimes with controversy, Apple is moving cautiously. Federighi denies the company is behind, saying it’s prioritizing privacy and responsibility.

It’s a very good interview, and also available on YouTube.

And yes, the higher-profile, more whiz-bang-y Apple Intelligence features aren’t shipping next week in iOS 18.1 and MacOS 15.1. But as Stern herself points out in the article, the features that are shipping are genuinely useful. Notification summaries are good — the occasional mistakes can be funny, but overall it’s solid, and especially helpful for batches of notifications from the same app or group text. The Clean Up unwanted-object-remover in Photos is great. I still haven’t spent much time trying the writing tools, but Stern has, and finds them useful. These are tools that will be used in everyday situations, in the apps they already use, by normal, non-technical iOS and Mac users. There’s a reason Apple is doing a full-court media press on this.

Jeffrey Goldberg, in a must-read, must-share piece for The Atlantic (this is a gift link, which should get you through The Atlantic’s subscriber paywall, and which link I encourage you to share with every potential voter you know):

In their book, The Divider: Trump in the White House, Peter Baker and Susan Glasser reported that Trump asked John Kelly, his chief of staff at the time, “Why can’t you be like the German generals?” Trump, at various points, had grown frustrated with military officials he deemed disloyal and disobedient. (Throughout the course of his presidency, Trump referred to flag officers as “my generals.”) According to Baker and Glasser, Kelly explained to Trump that German generals “tried to kill Hitler three times and almost pulled it off.” This correction did not move Trump to reconsider his view: “No, no, no, they were totally loyal to him,” the president responded.

This week, I asked Kelly about their exchange. He told me that when Trump raised the subject of “German generals,” Kelly responded by asking, “‘Do you mean Bismarck’s generals?’” He went on: “I mean, I knew he didn’t know who Bismarck was, or about the Franco-Prussian War. I said, ‘Do you mean the kaiser’s generals? Surely you can’t mean Hitler’s generals? And he said, ‘Yeah, yeah, Hitler’s generals.’ I explained to him that Rommel had to commit suicide after taking part in a plot against Hitler.” Kelly told me Trump was not acquainted with Rommel. [...]

As president, Trump evinced extreme sensitivity to criticism from retired flag officers; at one point, he proposed calling back to active duty Admiral William McRaven and General Stanley McChrystal, two highly regarded Special Operations leaders who had become critical of Trump, so that they could be court-martialed. Esper, who was the defense secretary at the time, wrote in his memoir that he and Milley talked Trump out of the plan. [...] Trump has responded incredulously when told that American military personnel swear an oath to the Constitution, not to the president.

There’s no hope for the deep-MAGA derps who actually cheer this on. Trump’s hope for another electoral victory, however, depends upon large swaths of conservative, or even just conservative-ish, voters who don’t take him seriously, who haven’t paid attention to all the red flags and evidence from his first term, and think he doesn’t mean what he says. He says a lot of crazy shit, yes, but when he talks about what he wants to do, he means it. There’s very little he said he wanted to do in his first term that he either didn’t do, or didn’t try to do.

Goldberg:

On separate occasions in 2020, Trump held private conversations in the White House with national-security officials about the George Floyd protests. “The Chinese generals would know what to do,” he said, according to former officials who described the conversations to me, referring to the leaders of the People’s Liberation Army, which carried out the Tiananmen Square massacre in 1989. (Pfeiffer denied that Trump said this.) Trump’s desire to deploy U.S. troops against American citizens is well documented. During the nerve-racking period of social unrest following Floyd’s death, Trump asked Milley and Esper, a West Point graduate and former infantry officer, if the Army could shoot protesters. “Trump seemed unable to think straight and calmly,” Esper wrote in his memoir. “The protests and violence had him so enraged that he was willing to send in active-duty forces to put down the protesters. Worse yet, he suggested we shoot them. I wondered about his sense of history, of propriety, and of his oath to the Constitution.” Esper told National Public Radio in 2022, “We reached that point in the conversation where he looked frankly at General Milley, and said, ‘Can’t you just shoot them, just shoot them in the legs or something?’” When defense officials argued against Trump’s desire, the president screamed, according to witnesses, “You are all fucking losers!”

There’s some hope our military leadership would resist such orders again. But there won’t be any civilian leaders like John Kelly or Mark Esper in a second Trump administration. It’d be sycophants all the way down.

Michael S. Schmidt for The New York Times:

He said that, in his opinion, Mr. Trump met the definition of a fascist, would govern like a dictator if allowed, and had no understanding of the Constitution or the concept of rule of law. [...]

When Mr. Kelly left the White House in 2019, he decided he would speak out on the record only if Mr. Trump said something that he found deeply troubling or involved him and was wildly inaccurate. Mr. Trump’s recent comments about using the military against what he called the “enemy within” were so dangerous, he said, that he felt he had to speak out.

“And I think this issue of using the military on — to go after — American citizens is one of those things I think is a very, very bad thing — even to say it for political purposes to get elected — I think it’s a very, very bad thing, let alone actually doing it,” Mr. Kelly said.

Mr. Kelly said that Mr. Trump was repeatedly told dating back to his first year in office why he should not use the U.S. military against Americans and the limits on his authority to do so. Mr. Trump nevertheless continued while in office to push the issue and claim that he did have the authority to take such actions, Mr. Kelly said.

Regarding Trump’s praise for Adolf Hitler:

“He commented more than once that, ‘You know, Hitler did some good things, too,’” Mr. Kelly said Mr. Trump told him. [...]

“First of all, you should never say that,” Mr. Kelly said that he told Mr. Trump. “But if you knew what Hitler was all about from the beginning to the end, everything he did was in support of his racist, fascist life, you know, the, you know, philosophy, so that nothing he did, you could argue, was good — it was certainly not done for the right reason.”

Mr. Kelly said that would usually end the conversation. But Mr. Trump would occasionally bring it up again.

In his first term Trump had guardrails. He hadn’t expected to actually win in 2016 and while his administration was staffed with hard-right Republicans, they were men who respected the Constitution and rule of law. There is much to criticize about Trump’s attorneys general, Jeff Sessions and Bill Barr. But both were exactly the sort of people you’d expect as attorney general under any Republican president. In fact, Barr had previously served as attorney general, under George H.W. Bush from 1991–1993 — not exactly a time of tumult or growing fascism in the United States. For attorney general in a possible second administration, ABC News is reporting that Trump is considering Aileen Cannon, the apparatchik Florida judge — utterly unqualified for the federal bench but nominated by Trump in 2020 — who threw out Trump’s stolen classified documents case this summer. To call her decision unfounded in law and seemingly based on fealty to Trump personally is putting it mildly.

Katelyn Polantz, reporting for CNN:

A federal judge on Tuesday ordered former Donald Trump attorney and New York mayor Rudy Giuliani to turn over all his valuable possessions and his Manhattan penthouse apartment to the control of Ruby Freeman and Shaye Moss, the Georgia election workers he defamed and to whom he now owes $150 million.

Judge Lewis Liman of the federal court in Manhattan said Giuliani must turn over his interest in the property to the women in seven days, to a receivership they will control. The judge’s turnover order of the luxury items is swift and simple, but the penthouse apartment will have its control transferred so Freeman and Moss can sell it, potentially for millions of dollars.

The women, who counted Georgia ballots after the 2020 election, will also be entitled to about $2 million in legal fees Giuliani has said the Trump campaign still owes him, the judge ruled.

In addition to the Trump campaign fees and the New York apartment, Giuliani must also turn over a collection of several watches, including ones given to him by European presidents after the September 11, 2001, attacks; a signed Joe DiMaggio jersey and other sports memorabilia; and a 1980 Mercedes once owned by the Hollywood star Lauren Bacall. Additionally, the judge ordered that Giuliani turn over his television, items of furniture and jewelry.

Liman hasn’t yet decided if Giuliani will be able to keep a Palm Beach, Florida, condominium he also owns, or the four New York Yankees World Series rings he has, which Giuliani’s son contends his father gave him.

Donald Trump has numerous super powers. One of them is the way that — to date — he’s suffered few consequences for crimes committed in his name. Trump Organization CFO Allen Weisselberg didn’t just do time, he served hard time in Rikers Island. Former White House official Peter Navarro? Prison. Steve Bannon? Prison. Trump’s personal lawyer Michael Cohen? Prison. The list goes on.

Now, as a result of his efforts on behalf of Trump to attempt to overthrow the results of the 2020 election, Rudy Giuliani is seemingly destitute. Rightly so. The whole “America’s Mayor” schtick was unearned, but he had it. He had respect and wealth. Now he doesn’t even own a fucking television. His whole life thrown away in disgrace to do the bidding of Donald Trump, who at this point surely wouldn’t even answer a phone call from Giuliani, let alone actually help him.

Trump, meanwhile, is a nerve-rackingly close election away from escaping unscathed.

Gian Volpicelli and Samuel Stolton, reporting for Bloomberg*:

Under the EU’s Digital Services Act, the bloc can slap online platforms with fines of as much as 6% of their yearly global revenue for failing to tackle illegal content and disinformation or follow transparency rules. Regulators are considering whether sales from SpaceX, Neuralink, xAI and the Boring Company, in addition to revenue generated from the social network, should be included to determine potential fines against X, people familiar with the matter said, asking not to be identified because the information isn’t public. [...]

X is a private company under Musk’s sole control. In considering revenue from his other companies, the commission is essentially weighing whether Musk himself should be regarded as the entity to fine as opposed to X itself, the people said. Tesla Inc.’s sales would be exempt from this calculation because it’s publicly traded and not under Musk’s full control, one of the people said. The commission hasn’t yet decided whether to penalize X, and the size of any potential fine is still under discussion, the people said.

It’d be one thing if X had been split off into a subsidiary of a larger original company, specifically to decrease the size of any potential revenue-based penalty. Like, say, if Apple suddenly decided to break off “iOS” into an independent company that licensed software to Apple to include on iPhones. But we all know that’s not what X is. X was Twitter, which was a publicly-traded company that Musk had no stake in, and which he then bought and made private.

If the EU actually decides to include revenue from SpaceX and Musk’s other companies in calculating a penalty against X, it would effectively be playing a one-sided form of Calvinball, where the rules just get made up out of whole cloth as they go along. (Except in “real” Calvinball, both sides get to change the rules as they see fit.) They’re the ones who chose percentage-of-global revenue as the basis for potential penalties. It’s not Musk’s fault that X Corp generates embarrassingly little (and decreasing) revenue. Wait, actually, that is his fault. He bought a bad business and made it a lot worse. It’s just not his fault that running X Corp into the ground financially means that he can pay any potential revenue-based penalty out of his pocket change.

* You know.

With WorkOS you can start selling to enterprises with just a few lines of code. It provides a complete User Management solution along with SSO, SCIM, and FGA. The APIs are modular and easy-to-use, allowing integrations to be completed in minutes instead of months.

Today, some of the fastest growing startups are already powered by WorkOS, including Perplexity, Vercel, and Webflow.

For SaaS apps that care deeply about design and user experience, WorkOS is the perfect fit. From high-quality documentation to self-serve onboarding for your customers, it removes all the unnecessary complexity for your engineering team.

Brian McCullough:

Did Nintendo try to kill GoldenEye 007 before it was completed? Why did Shigeru Miyamoto keep telling the development team to tone down the violence? And why did the famous multiplayer aspect of the game almost not happen? It’s slappers-only on Rad History, because we’re diving into the history of THE game of the late 1990s, GoldenEye 007 for the Nintendo 64.

Had a blast talking about one of my very favorite video games ever. My main link here is to the YouTube version of the episode, but it’s also available as an audio episode for all podcast players, including Overcast and Apple Podcasts.

The New York Yankees are back in the World Series for the first time since 2009, and for the 41st time in franchise history. Their opponent: the Los Angeles Dodgers, who will appear for the 22nd time. This will be the 12th time the two teams have met in the World Series, but the first since 1981. (The Yankees won 8 of the previous 11.) A star-studded matchup with incredible history, to say the least. May the best team win.

See also: Jomboy’s pitch-by-pitch breakdown of Yankee hero Juan Soto’s series-clinching 3-run homer with 2 outs in the 10th inning against the Cleveland Guardians Saturday night. One of the best at-bats I’ve ever seen, and probably one of the top 5 home runs in the entire history of the Yankees.

My thanks to Weather Up for sponsoring this week at DF. If you’re even a semi-regular reader, you know I’m an aficionado of weather apps. There are a bunch of really good ones — including Apple’s own — but there’s an incredible degree of variety and originality in their information design, style, and priorities. Weather Up is one of my favorites, and ever since version 3 shipped earlier this year, it’s been my primary iPhone weather widget, which, in turn, makes it my most-glanced-at weather app.

Widgets are where Weather Up really shines: informative, glanceable, and intuitively interactive, simultaneously presenting what’s going to happen in the next hour and the forecast for the next few days. Yes, this is my thank-you post for a paid sponsorship, but I absolutely mean this: Weather Up’s widget is the best.

The Weather Up app takes a different approach from the widget, presenting a map-first design. No other weather app (that I’m aware of) goes map-first presentation-wise — which is likely explained by the fact that, as Weather Up developer David Barnard explained on The Talk Show, weather map data is expensive.

In fact, all weather data costs money, and good weather data costs more. Most “free” weather apps are only free at the expense of your privacy. Because you generally grant your weather apps location access — for the obvious purpose of getting local weather info and notifications wherever you go — weather apps are a top category for privacy-invasive advertising.

The developers of Weather Up, on the other hand, are privacy fanatics. Weather Up takes extra steps to protect your data. GPS coordinates are rounded to prevent precise location tracking, data requests go through Weather Up’s servers to hide your IP address, and the app doesn’t collect or share any personal data. A Weather Up subscription normally costs a very reasonable $5/month or $40/year — but with this DF sponsorship link, you can start with a completely free 7-day trial and then pay just $20 for your first year, a 50 percent discount.

If you care about weather apps at all, I implore you to give Weather Up a try. You won’t regret it.

Here’s an interesting bit of follow-up. Last month, when linking to the European Commission’s announcement of “two specification proceedings to assist Apple in complying with its interoperability obligations under the Digital Markets Act”, I wrote a sidenote on the EC’s seemingly willy-nilly use of boldface text:

Honest question: Can someone explain to me the Commission’s use of boldfacing? In the first 265 words of the press release, 66 of them are bold, across 13 different spans. They seemingly use boldfacing the way Trump capitalizes words in his tweets: indiscriminately. I find it highly distracting, like trying to read a ransom letter. It’s not just this press release, they do it all the time.

It turns out, the EU publishes an Interinstitutional Style Guide, and it has an entire entry on emphasis:

Bold type is often used in titles and headings. It can also be used in running text to show changes of subject, to highlight keywords or for emphasis in the same way that some other languages use italics. However, it should be used sparingly.

If the text is already in bold roman, words to be emphasised should be in light roman characters.

Do not overuse typographical variations for emphasis. It can have a detrimental effect on getting the message across quickly and clearly, as shown in the following examples.

Their examples, showing how overuse of boldfacing makes text harder to read, look exactly like the announcement that prompted my sidenote. Whoever writes these announcements from the Commission should read the EU’s own style guide and follow its advice.

See Also: The EU style guide’s entry on italics, which they reserve for purposes other than emphasis.

Tim Hardwick, reporting for MacRumors:

The FIDO Alliance is developing new specifications to enable secure transfer of passkeys between different password managers and platforms. Announced on Monday, the initiative is the result of collaboration among members of the FIDO Alliance’s Credential Provider Special Interest Group, including Apple, Google, Microsoft, 1Password, Bitwarden, Dashlane, and others.

Passkeys are an industry standard developed by the FIDO Alliance and the World Wide Web Consortium, and were integrated into Apple’s ecosystem with iOS 16, iPadOS 16.1, and macOS Ventura. They offer a more secure and convenient alternative to traditional passwords, allowing users to sign in to apps and websites in the same way they unlock their devices: With a fingerprint, a face scan, or a passcode. Passkeys are also resistant to online attacks like phishing, making them more secure than things like SMS one-time codes.

The draft specifications, called Credential Exchange Protocol (CXP) and Credential Exchange Format (CXF), will standardize the secure transfer of credentials across different providers. This addresses a current limitation where passkeys are often tied to specific ecosystems or password managers.

This initiative would address one of David Heinemeier Hansson’s primary complaints about passkeys, in a post I linked to earlier today.

Hardwick mentions un-phishability as an advantage of passkeys, and that’s very true. In fact, I think that was one of the primary selling points Apple emphasized when they introduced passkey support at WWDC two years ago. A scammer who gets a victim on the phone can’t trick them into revealing a passkey like they can with passwords or one-time numeric codes. But that use case is optimized for non-technical users.

A friend texted me with another argument for passkeys: it’s somewhat common for websites to break password autofill. Maybe it’s deliberate, in the name of fighting bots? But whether deliberate or not, with passkeys, they have to work with your browser’s connected password manager. So maybe passkeys are a net win for convenience, even for technically-knowledgeable users who are unlikely to fall for phishing scams.

Speaking of passwords, Ricky Mondello — who has long been a leading member of Apple’s “Authentication Experience” team — has an interesting blog post describing the algorithm Apple uses when it suggests new strong passwords:

To make these passwords easier to type on suboptimal keyboard layouts like my colleague’s game controller, where the mode switching might be difficult, these new passwords are actually dominated by lowercase characters. And to make it easier to short-term have in your head little chunks of it to bring over to the other device, the passwords are based on syllables. That’s consonant, vowel, consonant patterns. With these considerations put together, in our experience, these passwords are actually a lot easier to type on a foreign, weird keyboard, in the rare instances where that might be needed for some of our users.

And we weren’t going to make any changes to our password format unless we can guarantee that it was as strong or stronger than our old format. So if you want to talk in terms of Shannon entropy once again, these new passwords have 71 bits of entropy, up from the 69 from the previous format. And a little tidbit for folks who are trying to match our math — [note that] we actually have a dictionary of offensive terms on device that we filter these generated passwords against and we’ll skip over passwords that we generate that contain those offensive substrings.

I’ve noticed some of these details, like that the passwords are comprised of little “fake words” and are dominated by lowercase letters, but I hadn’t noticed all of them. It’s a bunch of clever little touches, all in the aim of making strong passwords that are convenient in odd situations (like typing them with a game controller).

David Heinemeier Hansson:

Yes, passwords have problems. If you’re using them without a password manager, you’re likely to reuse them across multiple services, and if you do, all it takes is one service with awful password practices (like storing them in plain text rather than hashing them with something like bcrypt), and a breach will mean hackers might get access to all your other services.

But just because we have a real problem doesn’t mean that all proposed solutions are actually going to be better. And at the moment, I don’t see how passkeys are actually better, and, worse still, can become better. Unless you accept the idea that all your passwords should be tied to one computing ecosystem, and thus make it hard to use alternative computers. [...]

Bottom line, I’m disappointed to report that passkeys don’t appear worth the complexity of implementation (which is substantial!) nor the complexity and gotchas of the user experience. So we’re sticking to passwords and emails. Encouraging opt-in 2FA and password managers, but not requiring them.

Passkeys seemed promising, but not all good intentions result in good solutions.

I don’t have strong feelings about passkeys, but I am vaguely unsettled by them. There’s no way to use passkeys without using a proper password manager, like Apple Passwords with iCloud Keychain, or 1Password. But if you’re using a proper password manager, your passwords should all be unique and random, and you should have convenient access to 2FA codes. So what’s the point of passkeys if they can only be used by people who are already using a good password manager? Perhaps the thinking is that too many users just can’t be budged from the risky habit of using passwords they have memorized, and passkeys are a way to break that habit because they can’t be memorized.

Also, I really dislike the practice of replacing passwords with email “magic links”. Autofilling a password from my keychain happens instantly; getting a magic link from email can take minutes sometimes, and even in the fastest case, it’s nowhere near instantaneous. Replacing something very fast — password autofill — with something slower is just a terrible idea. For people who actually prefer email magic links, it’s fine as an option, but it shouldn’t be the default, and it certainly shouldn’t be the only way to sign into an account.