Recent Articles

[Nik Fletcher, writing about IAP and developers complaining about lack of sales, concludes with this bit][1]:

> The majority of customers, I’d argue, see the iPhone a bit like this: the iPhone is a device with little-to-no up-front cost, with payment made for the services that provide value. That sounds familiar…

He’s specifically refuting the “people with $800 phones are complaining about a $3 app” arguments. I’d agree with him on this too. Consumers simply don’t see their iPhone as an expensive thing — it’s not (in that sense) a luxury item.

A cellphone is seen as a necessity by a great many of these consumers, and it’s a necessity that must be replaced (for whatever reason) with regularity. So it’s not a matter of the cost of the phone, but the cost of the phone relative to the other phone choices (keep in mind the “free” iPhone is still in play here). For many, there is no other choice than the iPhone, or the choice is close enough in price for it not to matter.

I’ll admit, I don’t “get” these people, but I never will. What I can understand though is the logic of not thinking an iPhone is as “luxury” as it truly is. With that in mind, the lack of willingness to buy $3 apps makes a fraction more sense to me.

[1]: http://nikf.org/blog/offers-in-app-purchases

[Bruce Schneier:][1]

> To trick targets into visiting a FoxAcid server, the NSA relies on its secret partnerships with US telecoms companies. As part of the Turmoil system, the NSA places secret servers, codenamed Quantum, at key places on the Internet backbone. This placement ensures that they can react faster than other websites can. By exploiting that speed difference, these servers can impersonate a visited website to the target before the legitimate website can respond, thereby tricking the target’s browser to visit a Foxacid server.

A very in-depth article on how the NSA is exploiting the Tor network. One part I loved:

> The most valuable exploits are saved for the most important targets. Low-value exploits are run against technically sophisticated targets where the chance of detection is high. TAO maintains a library of exploits, each based on a different vulnerability in a system. Different exploits are authorized against different targets, depending on the value of the target, the target’s technical sophistication, the value of the exploit, and other considerations.

In other words they use their best attacks against the highest value targets, because should those attacks become known, they can no longer use those attacks.

I like to think about it like lock picking. If you get caught breaking into a building, it’s best for you long term (as a person who breaks into buildings, and not legally speaking) to have been found out as picking a lock. If you *have* the key to the door, without permission, you probably don’t want that known — because then they change the key, when the defense against picking a lock is not as clear cut.

Likewise if you have a master key, it’s better to be caught with a non-master key. “Oh, we just change one lock, not all the locks — he doesn’t have a master key.” That’s the same thinking with the NSA exploits — it is riskier to never use the master key, but safer (for the viability of your long-term exploits) if you never get caught with a master key.

[1]: https://www.schneier.com/blog/archives/2013/10/how_the_nsa_att.html

[Rob N on the FastMail blog][1]:

> As noted in our recently updated privacy policy, we are an Australian company subject to Australian law. We are required to disclose information about specific individual accounts to properly authorised Australian law enforcement with the appropriate supporting documentation, which means a warrant signed by an Australian judge. We do not co-operate with any kind of blanket surveillance, monitoring or “fishing expeditions”, and we do not give out user information to anyone outside Australia.

That’s a strong statement, but it gets even better:

> It might be possible for the US government to lean on the Australian government or other international legal body to compel us to hand over data but this likely to be an expensive, time-consuming and highly visible process. In our opinion those barriers make it extremely unlikely to happen.

All in all, FastMail just made a strong statement that they have no knowledge of active spying on their users, and from the sounds of it they are prepared to make a loud complaint about such requests. Good for them, not sure it matters, but good for them.

[1]: http://blog.fastmail.fm/2013/10/07/fastmails-servers-are-in-the-us-what-this-means-for-you/

[Garrett Murray on Instagram getting ads][1]:

> You can pretend all you want that ads won’t be intrusive, annoying or awful, but they will be. They’re ads. You’re putting unwanted crap into a feed of photos from people I hand-selected to follow.

Did I mention that [Favd launched][2], and that it’s great? [I think I did][3].

[1]: http://log.maniacalrage.net/post/63029294919/instagram-blog-hey-you-want-ads-no-too-bad
[2]: http://favd.net
[3]: https://brooksreview.net/2013/09/favd-share-your-pictures/

With real estate being my day job, I regularly get a lot of paper files and these files typically end up crumpled at the bottom of my bag unless I immediately do something with them. Therefore I try to scan things with my iPhone as I get them. I use ABBY Business Card reader for all business cards, and had been using JotNot Pro for all other documents.

JotNot works really well, and quickly. However, as you may know, Smile Software recently launched [PDFpen Scan+][1] — a new iOS app for scanning. The biggest feature it offers is the ability to do OCR conversion on your iOS device. That sounded killer, so I immediately bought the app.

In my testing, Smile’s Scan+ is *mostly* better than JotNot. The biggest point in JotNot’s favor is how cropping is handled. With JotNot the auto-edge-detection is much better. Even more in JotNot’s favor is that manually adjusting the corners brings up a nice magnifying glass making things easy and fast. With Smile’s Scan+ I would recommend not even wasting your time trying to adjust the edges — it’s that difficult. This is the only point not in Scan+’s favor.

As for the final file output? Smile wins hands down. Scan+ leaves you with a better PDF image and accurate OCR of the document. There’s little to no good reason to recommend anything but Scan+ right now for iOS scanning — great app.

For those that want to see a comparison, I took a printed page and scanned the page in each app — adjusting the image as best I could within each app. Here’s the result from [JotNot Pro][2], and here’s the result from [PDFpen Scan+][3]. It’s important to note that Scan+ has a much larger file size, but it also looks better and has OCR (OCR is not required).

Now that you can see the massive difference I suspect you want the link to buy Scan+. [PDFpen Scan+ is $4.99 in the App Store][4].

[1]: http://www.smilesoftware.com/PDFpen/Scan/index.html
[2]: https://f3a98a5aca88d28ed629-2f664c0697d743fb9a738111ab4002bd.ssl.cf1.rackcdn.com/File-03-10-2013-10-38-58.pdf
[3]: https://f3a98a5aca88d28ed629-2f664c0697d743fb9a738111ab4002bd.ssl.cf1.rackcdn.com/scanplus.pdf
[4]: http://www.smilesoftware.com/PDFpen/Scan/index.html

[David Kravets][1]:

> And thus, a digit-collection device attached to a lone purse snatcher’s telephone set the legal precedent used, three decades later, to justify the bulk collection of the same information on every single American.

Nice bit of reporting here by Kravets in looking at how the legal basis for NSA spying was formed off of a case that likely doesn’t have the implications that current courts are purporting it to have.

If you read the article, what you find is that FISC took a Supreme Court decision, which upheld the sentence of man that was specifically being targeted, and turned that into the legal basis for collecting everything on everyone (more or less). ((I see no reason for me to be more accurate than “more or less” if the NSA and FISC are going to play fast and loose with the Constitution.))

[1]: http://www.wired.com/threatlevel/2013/10/nsa-smith-purse-snatching/

[Charles P. Pierce on the shutdown][1]:

> We have elected the people sitting on hold, waiting for their moment on an evening drive-time radio talk show.

Here’s a great [Government status website][2].

[1]: http://www.esquire.com/blogs/politics/Shutdown_Blues
[2]: http://usgovernment.statuspage.io

[David Chartier][1]:

> After more than a year of work, 1Password 4 for Mac in the [Mac App Store][2] and will be available here in [our web store][3] in the next day or two!

I haven’t seen many people touch on this, but that last bit is suspicious to me. Why wait to release the version on *your own* site?

With an app like 1Password, I’d recommend you get it *outside* of the Mac App Store, not *from* the Mac App Store. You never know what features you may not be able to use in the future because of App Store restrictions — I wouldn’t buy it from the Mac App Store at all. I *will* be buying it from Agile Bits directly as soon as I can, but why make me wait?

I don’t get it.

UPDATE: Oddly enough, and without reason, 1Password 4 is now available on the website for purchase and download. Odd stuff. I bought it, installed it, and it is working.

[1]: http://blog.agilebits.com/2013/10/03/1password-4-for-mac-is-here/
[2]: http://j.mp/1PmasBLOG
[3]: https://agilebits.com/store

[CIRONLINE.ORG has a fantastic report on how easy it is to get personal data on people][1]. This is all the reason anyone should need for getting out of Google and other big email providers:

> Even if an investigator faces some hurdles with your inbox, such as Google insisting on a warrant, email is not entirely protected. With a court order that doesn’t reach probable cause, Google will give up your name, IP address, the dates and times you’re signing in and out, and with whom you’re exchanging emails.

Well worth the read of the entire report, but none of the report is good news for privacy advocates.

[1]: http://cironline.org/reports/easily-obtained-subpoenas-turn-your-personal-information-against-you-5104

[Fraser Speirs on LA students “hacking” their iPads][1]:

> Imagine you’re 14 and, one summer, you hear on the news that you’re getting iPads when you go back to school. You go back, are handed an iPad, and then they tell you that you can’t browse the web, can’t use it for personal projects and all you can do with it is look at Pearson apps.
> Total heartbreak.

Speirs makes some fantastic points backed up by his experiences in the deployment at his school. I still wonder how anybody thought a fully locked down iPad was worth, well, buying an iPad for?

[1]: http://speirs.org/blog/2013/10/1/battle-los-angeles.html

[Mike Elgan making a fantastic point about FaceTime][1]:

> From the user’s perspective, FaceTime should work like iMessage. If Apple did it right, you’d be able to simply use it to make all your calls — video and audio. If the person you’re calling has FaceTime, great! If they don’t, that should be when the phone fails over to either the regular carrier’s phone system or another VoIP alternative. Or, it would connect to the other user’s FaceTime-compatible app.

If you haven’t had a chance to make a FaceTime audio call, do it now. It is actually amazingly better than a “normal” phone call. The depth and clarity of the audio is astounding. However FaceTime audio is buggy as shit. There’s been several occasions where one or more of these things have happened:

– Call unable to connect after reading connecting for a minute.
– Call dropped because I got another call.
– Call dropped because I got an iMessage.
– Repeatedly calling and not getting an answer, then cell call works.

It’s about a 49% success rate for me. I have my wife setup on my Favorites to default to FaceTime audio, we both love it, but it is more of a hassle. I wonder why FaceTime wasn’t built like iMessage whereby everything defaults to FaceTime and falls back to cell calls if FaceTime cannot work, I’d love that.

*(I also wonder if the dropped call problem is a Verizon issue, or AT&T suffers this as well.)*

[1]: http://www.cultofmac.com/247673/why-its-time-for-apple-to-open-facetime/

[Bruce Schneier summing up the latest bullshit from the NSA](https://www.schneier.com/blog/archives/2013/10/nsa_storing_int.html):

> This is getting silly. General Alexander just lied about this to Congress last week. The old NSA tactic of hiding behind a shell game of different code names is failing. It used to be they could get away with saying “Project X doesn’t do that,” knowing full well that Projects Y and Z did and that no one would call them on it. Now they’re just looking shiftier and shiftier.

If you haven’t read the key tag lines for the latest news about the NSA, I can sum it up as such:

– They are preparing to take in 20 *billion* records a day and having those records ready for analysis in 60 minutes.
– They collect all travel records.
– There was some scary stuff about their social network mapping also.

The bottom line is that the more we learn, the more it is realized that the collection is almost total. The safest assumption is that the NSA can collect everything, with an also safe assumption being that the NSA will eventually be able to crack just about any encryption you put in place. And yet the bickering in congress is over funding health care when this level of spying hurts everyone and most certainly should be debated vigorously.

Hey, Congress, I know where to find you billions of dollars in extra cash…