iOS 11: high-bitrate audio is finally here

I updated my iPhone to iOS 11 over the weekend, having first replaced or exported data from two old apps that haven’t been updated for 64 bit (I’ll miss you, Cocktails app!). And then I synced music from my Mac and noticed that I didn’t get the customary message about tracks that couldn’t be synced.

I checked and found that a whole bunch of Boston Symphony tracks purchased from their store, which I converted from FLAC to Apple Lossless but were apparently still at a too-high bitrate for iOS to handle, appear finally to be supported and were synced to my phone for the first time ever. This appears to be a feature, and may be related to the ability to play back FLAC through some apps (like iCloud Drive).

Looking forward to finally carrying all my music with me!

CarPlay

I’m traveling in Seattle this week for the first time in a while (like, over ten years). Also for the first time in a while, I have a rental car rather than relying on ridesharing to get around. So when I stepped into the rental Chevy that Avis provided, I was expecting another ho-hum vehicular experience.

The car is, indeed, ho-hum, from the perspective of moving me from one place to another—though pushbutton start is something I didn’t expect to find in an American midsize car. What was seriously surprising was what happened when I found the USB jack and plugged my phone in to charge. My phone prompted me to install an app from the App Store, which is behavior I’ve seen before; I declined. And then it started CarPlay.

Apple’s CarPlay is, as promised, a simplified OS for your car’s entertainment display that rapidly did the following for me as I got ready to drive:

  1. Brought up my Apple Maps destination on the big screen, saving me the problem of driving while consulting a non-mounted phone. Safer and more convenient.
  2. Offered to read me (not show me) my text messages when new ones came in. Safer.
  3. Let the radio (which I had tuned to KEXP) play, but also offered touchscreen access to my iTunes library and to Overcast, the app I use for podcast listening. Cool, especially when the afternoon KEXP DJ threw on a set I didn’t want to listen to.

Because I didn’t install the car’s app, a few things were slightly jarring, like switching audio between FM radio and my phone’s audio. But everything else just worked. And I didn’t even play with in-car Siri yet.

Looks like CarPlay is currently supported on almost every model of car that I’d consider for my next purchase. Looking forward to it. I didn’t realize how poor the in-dash experience of my 2012 VW GTI was until I tried this.

Ten years ago…

…(yesterday), the iPhone was announced. I went looking through my blog archives, and found my reaction.

Particularly funny is reading, after-the-fact, the commentary claiming that Nokia, Blackberry and others had such a big lead in mobile device design. Ten years on, it’s even more apparent than ever that all mobile prior to the iPhone was just a prelude. And every successful device since then has leveraged the same design architecture—big touchscreen, flat device, minimal hard buttons—whether from Apple or from any one of a galaxy of imitators.

I rewatched the launch announcement last night … on my current iPhone.

Follow up: iOS 10.2 fixes my gripes with Music

Yesterday’s iOS 10.2 update appears to address the two most nagging problems I had with the original iOS 10 Music App, including the discoverability of the Repeat and Shuffle controls and the temporary disappearance of star ratings.

Which is a big relief. Because I’m here to tell you that Siri was very capable of misunderstanding instructions like “give this song four stars.”

Thanks, Apple, for paying attention to the feedback.

“Uncontrollable innovation”

New York Times: Why Samsung Abandoned Its Galaxy Note 7 Flagship Phone. Like John Gruber, I am curious about the closing quote, from Park Chul-Wan, the former director of the Center for Advanced Batteries at the Korea Electronics Technology Institute:

“The Note 7 had more features and was more complex than any other phone manufactured. In a race to surpass iPhone, Samsung seems to have packed it with so much innovation it became uncontrollable.”

Uncontrollable innovation? That’s an interesting claim.

I think the thing that’s forgotten here, as in so much of the smartphone feature war, is that features aren’t useful if they can’t be used, or safely manufactured, or if they don’t meet a customer need.

It doesn’t sound to me like the problem was out of control innovation. It sounds to me like the problem was an engineering culture that created a product that was untestable, and a management culture that made it impossible to react rapidly to new developments in the marketplace.

iOS 10 Music App: second take

I’ve been living with iOS 10 for about a week now, or long enough to have gotten up the learning curve imposed by some of the UI changes. (This is starting to be my general rule of thumb. Any UI change, even if it’s for the better, can be jarring and disruptive the first time you encounter it, but the benefits take a while to perceive). The first week I tweeted a series of questions about the new Music app, most of which I’ve managed to resolve. But there’s one very important question left unanswered, about how iOS 10 Music handles smart playlists synced from iTunes.

Relocation of Shuffle/Repeat controls: Now that I’m used to the change, I actually like Apple’s relocation of the Shuffle and Repeat controls to the newly created “swipe up” pane, which also displays the “Up Next” queue. Placing these controls, which are used infrequently during a normal playback session, where they can’t be hit accidentally counts as a UX improvement in my book.

Relocated lyrics: Given the rights issues around song lyrics, I always was a little surprised that Apple provided a way not only to add them to your own tracks but also to view them in iOS. When I first experimented with iOS 10 Music, though, I thought this had been removed. Good news: they’re still there, just with access moved to a new option on the … menu (or on the Swipe Up pane).  This is somewhat less cool than the move of the Shuffle and Repeat controls because the Lyrics option only appears if the file actually has lyrics, meaning I had to search through a bunch of songs before I could actually find one where the button showed up to verify that this actually worked.

Playlists syncing as empty: I have a few smart playlists that appear to sync but don’t appear populated on the iPhone. Fortunately it looks like there’s a workaround: plug in the phone, uncheck the playlists, sync, then check the playlists to select them and sync again.

Disappearance of star ratings: I’m less OK with this change. iOS 9 introduced “love” as a ratings option alongside star ratings. I didn’t use it because I don’t find “love” granular enough when you’re managing a library of 40,000 tracks. There’s a big difference between “desert island disk” level and “yeah, that track’s OK and I might put it on the right mix tape.” But it looks like star ratings are disappearing, even if they are still in iTunes (and accessible via Siri). Not cool.

 

Smart thermostats, dumb market

One of the things I’ve been theoretically excited about for a while in iOS land is the coming of HomeKit, the infrastructure for an Internet of Things platform for the home that includes standard controller UI and orchestration of things like smart thermostats, light bulbs, garage door openers, blinds, and other stuff.

I’ve been personally and professionally skeptical of IoT for a while now. The combination of bad UX, poor software engineering, limited upgradeability, and tight time to market smells like an opportunity for a security armageddon. And in fact, a research paper from my company, Veracode, suggests just that.

So my excitement over HomeKit has less to do with tech enthusiast wackiness and more to do with the introduction of a well thought out, well engineered platform for viewing and controlling HomeKit, that hopefully removes some of the opportunities for security stupidity.

But now the moment of truth arrives. We have a cheap thermostat that’s been slowly failing – currently it doesn’t recognize that it has new batteries in it, for instance. It only controls the heating system, so we have a few more weeks to do something about it. And I thought, the time is ripe. Let’s get a HomeKit-enabled thermostat to replace it.

But the market of HomeKit enabled thermostats isn’t very good yet. A review of top smart thermostat models suggests that Nest (which doesn’t support HomeKit and sends all your data to Google) is the best option by far. The next best option is the ecobee3, which does support HomeKit but which is $249. And the real kicker is that to work effectively, both require a C (powered) wire in the wall, which we don’t have, and an always on HomeKit controller in the house, like a fourth generation Apple TV, to perform time-based adjustments to the system.

So it looks like I’ll be investing in a cheap thermostat replacement this time, but laying the groundwork for a future system once we have a little more cash. I wanted to start working on the next-gen AppleTV soon anyway. Of course, to get that, I have to have an HDMI enabled receiver…

Ripping off the bandaid

Daring Fireball: “Courage.” John Gruber takes a run at the other side of the argument for removing headphone jacks from the iPhone 7 and 7 Plus. Basically, the argument boils down to this: no one is outraged that the future isn’t coming fast enough. As Gruber says:

When we think of controversial decisions, we tend to think of both sides as creating controversy. Choose A and the B proponents will be angry; choose B and the A proponents will be angry. But when it comes to controversial change of the status quo, it’s not like that. Only the people who are opposed to the change get outraged. Leave things as they are and there is no controversy. The people who aren’t outraged by the potential change are generally ambivalent about it, not in a fervor for it. Strong feelings against change on one side, and widespread ambivalence on the other. That’s why the status quo is generally so slow to change, in fields ranging from politics to technology.

Whether you like change or not, it’s important to recognize that there may be benefits that you will forgo by avoiding change. This is any technology product manager’s dilemma: when do the potential benefits justify taking a stand and being an advocate, against the outrage of the proponents of status quo?

I have run into this a lot with big decisions and small. One common version of this is browser support. In enterprise applications it’s historically been a big deal to end support for older browsers. Enterprises like their old technology, because it works just fine, performs its business function, and carries a cost to replace. Unfortunately, that was especially true for web applications that only worked in various versions of Internet Explorer. Thankfully, the industry as a whole got enough courage in the last few years to stand up and advocate for a future in which coddling a poorly behaved, insecure browser with no support for modern standards would no longer be necessary, which makes taking a stand as an individual easier. But when you’re the only one taking the stand it becomes harder.

Me? When I go to iPhone 7, I’ll be using the Lightning to audio jack adapter that comes in the box. I have a nice pair of B&W P3s that I’m not ready to replace yet. But I’ll be looking at wireless headphones the next time I am.

BlackHat 2016: roundup of iOS security

A few interesting presentations last week at BlackHat dealt with iOS security. The most interesting was Ivan Krstić’s presentation taking us “Behind the Scenes with iOS Security.” Krstić, Apple’s head of security engineering and architecture, reviewed the implementation of features like Keychain Backup, file encryption, sharing of credit card information across devices, etc.

I particularly enjoyed the description of how the cloud-based key vaults for iCloud are protected:

apple-keyvault-1apple-keyvault-2 apple-keyvault-3

Don’t lose the keys: Microsoft and Windows Secure Boot

AppleInsider: Oops: Microsoft leaks its Golden Key, unlocking Windows Secure Boot and exposing the danger of backdoors. Interesting happening following the Apple/FBI standoff over iPhone encryption. If a secret key exists, the odds are very good that it will fall into the hands of an unintended recipient. See also: technical explanation and disclosure of the hack.

What’s at stake in the FBI iPhone case? Your privacy and safety.

NPR: Encryption, Privacy Are Larger Issues Than Fighting Terrorism, Clarke Says. With all due respect to Richard Clarke, who sits on the board of my employer and who has been on the right side of arguments about cybersecurity for about 20 years: of course they are. Of course, the correction should probably be aimed at NPR’s Writer of Breathless Headlines.

As I’ve written before, it’s ironic that a federal government that can’t secure its own systems is presuming to dictate terms of secure computer design. What explains it is a continued reliance on magical thinking: a supposition that, if we try hard enough, we can overcome any barrier. In this case, the barrier is the ability to offer a secret backdoor to law enforcement in an encryption technology without endangering all other users of that encryption technology. Sadly, President Obama appears to subscribe to this magical thinking:

If, technologically, it is possible to make an impenetrable device or system where the encryption is so strong that there’s no key – there’s no door at all – then how do we apprehend the child pornographer? How do we solve or disrupt a terrorist plot?

The whole point of cryptography that works is that there’s no door at all for unauthorized users. If you put one in, you have to put the key somewhere, and you open yourself up to having it stolen, or having someone figure out how to get in. And if you ask for a special version of an operating system that can unlock a locked iPhone, you end up with software that can be applied without restriction to every locked phone, by the government, by the next 100 world governments that ask for access to it, and by whoever manages to breach federal computers and steal the software for their own use.

This would be a fun theoretical exercise, as it mostly was back in the days of the Clipper Chip debates, were it not for the vast businesses that are built on secure commerce, protected by cryptography; the lives of dissidents in totalitarian countries who seek to protect their speech and thoughts with cryptography; the national secrets that are protected by cryptography; the electronic assets of device users everywhere that are protected from criminals by cryptography. But because of all those things, to propose to compel a computer manufacturer to embed a back door system—or worse, to turn over their intellectual property to the government so that they can add such a feature.

And Clarke’s analysis says that the last thing is what this is all about: bringing technology companies to heel by setting a precedent that they must do whatever the government asks, no matter how much it endangers users of their products. Read this exchange:

GREENE: So if you were still inside the government right now as a counterterrorism official, could you have seen yourself being more sympathetic with the FBI in doing everything for you that it can to crack this case?

CLARKE: No, David. If I were in the job now, I would have simply told the FBI to call Fort Meade, the headquarters of the National Security Agency, and NSA would have solved this problem for them. They’re not as interested in solving the problem as they are in getting a legal precedent.

If Clarke, who helped to shape the government’s response to the danger of cyberattacks, says that the NSA could have hacked this phone for the FBI, I believe him. This is all about making Apple subordinate to the whims of the FBI. The establishment of the right of the government to read your mail above all rights to privacy is only the latest step in a series of anti-terrorism overreactions that brought us such developments in security theater as the War on Liquids. Beware of anyone telling you otherwise.