Answering its critics, Google loosens reins on AMP project

Accelerated Mobile Pages, or AMP, has been a controversial project since its debut. The need for the framework has been clear: the payloads of mobile pages can be just insane, what with layers and layers of images, JavaScript, ad networks, and more slowing down page rendering time and costing users serious bandwidth on metered plans.

Yet, the framework has been aggressively foisted on the community by Google, which has backed the project not just with technical talent, but also by making algorithmic changes to its search results that have essentially mandated that pages comply with the AMP project’s terms — or else lose their ranking on mobile searches.

Even more controversially, as part of making pages faster, the AMP project uses caches of pages on CDNs — which are hosted by Google (and also Cloudflare now). That meant that Google’s search results would direct a user to an AMP page hosted by Google, effectively cutting out the owner of the content in the process.

The project has been led by Malte Ubl, a senior staff engineer working on Google’s Javascript infrastructure projects, who has until now held effective unilateral control over the project.

In the wake of all of this criticism, the AMP project announced today that it would reform its governance, replacing Ubl as the exclusive tech lead with a technical steering committee comprised of companies invested in the success in the project. Notably, the project’s intention has an “…end goal of not having any company sit on more than a third of the seats.” In addition, the project will create an advisory board and working groups to shepherd the project’s work.

The project is also expected to move to a foundation in the future. These days, there are a number of places such a project could potentially reside, including the Apache Software Foundation and the Mozilla Foundation.

While the project has clearly had its detractors, the performance improvements that AMP has been fighting for are certainly meritorious. With this more open governance model, the project may get deeper support from other browser makers like Apple, Mozilla, and Microsoft, as well as the broader open source community.

And while Google has certainly been the major force behind the project, it has also been popular among open source software developers. Since the project’s launch, there have been 710 contributors to the project according to its statistics, and the project (attempting to empathize its non-Google monopoly) notes that more than three-quarters of those contributors don’t work at Google.

Nonetheless, more transparency and community involvement should help to accelerate Accelerated Mobile Pages. The project will host its contributor summit next week at Google’s headquarters in Mountain View, where these governance changes as well as the technical and design roadmaps for the project will be top of mind for attendees.

Apple Watch and other hardware reportedly spared by new Trump tariffs

The latest round of Trump administration tariffs is set to affect a number of different industries. At least one category previously expected to be impacted, however, is likely to be spared, according to a new report from Bloomberg.

According to anonymous sources, the tariffs impacting a slew of consumer electronics, running the gamut from the Apple Watch to Fitbit trackers to Sonos speakers, has not made it into the final language. That means, for this round at least, those products should be spared the tax that would drive up the cost of such imports.

Trump administration tariffs have been the centerpiece of a looming trade war between the U.S. and China. Earlier today, China was reportedly set to cancel further trade talks, should the U.S. announce additional tariffs. They’ve been a domestic issue as well, as companies like Harley-Davidson have announced plans to move some production overseas to avoid the fee.

Apple has been a vocal critic of the tariffs, noting the resulting price hike. Earlier this month, the company wrote a letter to the Office of the United States Trade Representative, noting, “Tariffs increase the cost of our US operations, divert our resources, and disadvantage Apple compared to foreign competitors. More broadly, tariffs will lead to higher US consumer prices, lower overall US economic growth, and other unintended economic consequences.”

CEO Tim Cook also met with the president and first lady at their New Jersey golf resort earlier this month, in what much have been one of the more awkward meals in recent memory.

The new tariffs are expected to be announced as early as today.

A new CSS-based web attack will crash and restart your iPhone

A security researcher has found a new way to crash and restart any iPhone — with just a few lines of code.

Sabri Haddouche tweeted a proof-of-concept webpage with just 15 lines of code which, if visited, will crash and restart an iPhone or iPad. Those on macOS may also see Safari freeze when opening the link.

The code exploits a weakness in iOS’ web rendering engine WebKit, which Apple mandates all apps and browsers use, Haddouche told TechCrunch. He explained that nesting a ton of elements — such as 

 tags — inside a backdrop filter property in CSS, you can use up all of the device’s resources and cause a kernel panic, which shuts down and restarts the operating system to prevent damage.

“Anything that renders HTML on iOS is affected,” he said. That means anyone sending you a link on Facebook or Twitter, or if any webpage you visit includes the code, or anyone sending you an email, he warned.

TechCrunch tested the exploit running on the most recent mobile software iOS 11.4.1, and confirm it crashes and restarts the phone. Thomas Reed, director of Mac & Mobile at security firm Malwarebytes confirmed that  the most recent iOS 12 beta also froze when tapping the link.

The lucky whose devices won’t crash may just see their device restart (or “respring”) the user interface instead.

For those curious, you can see how it works without it running the crash-inducing code.

The good news is that as annoying as this attack is, it can’t be used to run malicious code, he said, meaning malware can’t run and data can’t be stolen using this attack. But there’s no easy way to prevent the attack from working. One tap on a booby-trapped link sent in a message or opening an HTML email that renders the code can crash the device instantly.

Haddouche contacted Apple on Friday about the attack, which is said to be investigating. A spokesperson did not immediately respond to a request for comment.

The iPhone SE was the best phone Apple ever made, and now it’s dead

I only wanted one thing out of 2018’s iPhone event: a new iPhone SE. In failing to provide it Apple seems to have quietly put the model out to pasture — and for this I curse them eternally. Because it was the best phone the company ever made.

If you were one of the many who passed over the SE back in 2015, when it made its debut, that’s understandable. The iPhone 6S was the latest and greatest, and of course fixed a few of the problems Apple had kindly introduced with the entirely new design of the 6. But for me the SE was a perfect match.

See, I’ve always loved the iPhone design that began with the 4. That storied phone is perhaps best remembered for being left in a bar ahead of release and leaked by Gizmodo — which is too bad, because for once the product was worthy of the lavish unveiling Apple now bestows on every device it puts out.

The 4 established an entirely new industrial design aesthetic that was at once instantly recognizable and highly practical. Gone were the smooth, rounded edges and back of the stainless original iPhone (probably the second-best phone Apple made) and the jellybean-esque 3G and 3GS.

In the place of those soft curves were hard lines and uncompromising geometry: a belt of metal running around the edge, set off from the glass sides by the slightest of steps. It highlighted and set off the black glass of the screen and bezel, producing a of specular outline from any angle.

The camera was flush and the home button (RIP) sub-flush, entirely contained within the body, making the device perfectly flat both front and back. Meanwhile the side buttons boldly stood out. Volume in bold, etched circles; the mute switch easy to find but impossible to accidentally activate; the power button perfectly placed for a reaching index finger. Note that all these features are directly pointed at usability: making things easier, better, more accessible, while also being attractive and cohesive as parts of a single object.

Compared to the iPhone 4, every single other phone, including Samsung’s new “iPhone killer” Galaxy S, was a cheap-looking mess of plastic, incoherently designed or at best workmanlike. And don’t think I’m speaking as an Apple fanboy; I was not an iPhone user at the time. In fact, I was probably still using my beloved G1 — talk about beauty and the beast!

The design was strong enough that it survived the initially awkward transition to a longer screen in the 5, and with that generation it also gained the improved rear side that alleviated the phone’s unfortunate tendency towards… well, shattering.

The two-tone grey iPhone 5S, however, essentially left no room for improvement. And after 4 years, it was admittedly perhaps time to freshen things up a bit. Unfortunately, what Apple ended up doing was subtracting all personality from the device while adding nothing but screen space.

The 6 was, to me, simply ugly. It was reminiscent of the plethora of boring Android phones at the time — merely higher quality than them, not different. The 6S was similarly ugly, and the 7 through 8 somehow further banished any design that set themselves apart, while reversing course on some practical measures in allowing an increasingly large camera bump and losing the headphone jack. The X, at least, looked a bit different.

But to return to the topic at hand, it was after the 6S that Apple had introduced the SE. Although it nominally stood for “Special Edition,” the name was also a nod to the Macintosh SE. Ironically given the original meaning of “System Expansion,” the new SE was the opposite: essentially an iPhone 6S in the body of a 5S, complete with improved camera, Touch ID sensor, and processor. The move was likely intended as a sort of lifeboat for users who still couldn’t bring themselves to switch to the drastically redesigned, and considerably larger, new model.

It would take time, Apple seems to have reasoned, to convert these people, the types who rarely buy first generation Apple products and cherish usability over novelty. So why not coddle them a bit through this difficult transition?

The SE appealed not just to the nostalgic and neophobic, but simply people who prefer a smaller phone. I don’t have particularly large or small hands, but I preferred this highly pocketable, proven design to the new one for a number of reasons.

Flush camera so it doesn’t get scratched up? Check. Normal, pressable home button? Check. Flat, symmetrical design? Check. Actual edges to hold onto? Check. Thousands of cases already available? Check — although I didn’t use one for a long time. The SE is best without one.

At the time, the iPhone SE was more compact and better looking than anything Apple offered, while making almost no compromises at all in terms of functionality. The only possible objection was its size, and that was (and is) a matter of taste.

It was the best object Apple ever designed, filled with the best tech it had ever developed. It was the best phone it ever made.

And the best phone it’s made since then, too, if you ask me. Ever since the 6, it seems to me that Apple has only drifted, casting about for something to captivate its users the way the iPhone 4’s design and new graphical capabilities did, all the way back in 2010. It honed that design to a cutting edge and then, when everyone expected the company to leap forward, it tiptoed instead, perhaps afraid to spook the golden goose.

To me the SE was Apple allowing itself one last victory lap on the back of a design it would never surpass. It’s understandable that it would not want to admit, this many years on, that anyone could possibly prefer something it created nearly a decade ago to its thousand-dollar flagship — a device, I feel I must add, that not only compromises visibly in its design (I’ll never own a notched phone if I can help it) but backpedals on practical features used by millions, like Touch ID and a 3.5mm headphone jack. This is in keeping with similarly user-unfriendly choices made elsewhere in its lineup.

So while I am disappointed in Apple, I’m not surprised. After all, it’s disappointed me for years. But I still have my SE, and I intend to keep it for as long as possible. Because it’s the best thing the company ever made, and it’s still a hell of a phone.

The iPhone XR is the one to get

The iPhone XR arrived like an afterthought. No surprise, really. Apple’s always been one to lead with its best foot forward — the latest, greatest and, quite literally, the largest. Projecting the life on the bleeding edge is a cornerstone of the company’s image, market share and stock price.

The iPhone XR isn’t that. In the context of yesterday’s event, the handset is an also ran. It’s lower-powered, with a single camera and lower-resolution screen that stirred up criticism amongst display enthusiasts online. It’s also precisely the phone the company needed to make — and Apple’s going to sell a crapload of them as a result. In fact, I wouldn’t be too surprised to see this entry-level device outsell both of its premium brethren.

Over the last 24 hours, a number of folks have asked me which phone they should buy. The answer varies from person to person, of course, but for the majority, the XR simply makes the most sense. It is, as I wrote in my hands-on yesterday, the iPhone X for the rest of us.

Last year’s 10th anniversary handset pushed the limits of the iPhone, with regard to underlying technology, design and budget. It represented what was arguably the biggest leap for the line since the introduction of the App Store way back in 2008, while helping to break on the $1,000 smartphone.

We all knew things were heading that way, and companies like Samsung certainly gave Apple a run for its money, but the iPhone X really tested the limits of what consumers are willing to spend on a smartphone. Initial sales reports were less than ideal for the phone, though a much pricier phone meant, naturally, that Apple had to sell fewer to hit the same bottom line.

But Apple isn’t Vertu. Actually getting the product into consumers’ hands is an equally important aspect of selling a new phone. Early reports had the company eye a return to the LCD as a way of offsetting the phone’s cost in order to appeal to a broader audience.

As The Wall Street Journal put it back in June, demand “is likely to be slower than many in the industry believed a year ago, when the iPhone maker was preparing its first OLED smartphone.” For Apple, a return to the LCD likely felt like a step backward after releasing its most forward-looking phone.

But while such things do matter to some, technology refreshes are more often driven by the desire to stay a step ahead of the competition than they are consumer demand. And while having the highest resolution screen possible would certainly be nice, it’s not necessarily $1,000 worth of nice.

The iPhone XR represents a more balanced approach for Apple. But atop the foundation of the iPhone X, the handset manages to be relatively reasonably priced without being the sort of relic the iPhone 8 felt like it was announced alongside the X.

The XR is the populist iPhone. The iPhone for the people. I’ve been calling it the iPod Mini of iPhones and Matt Burns has been saying it’s the iBook, but the point stands. It’s a cheaper, more colorful alternative. At least one of our co-workers has been obsessing slightly over which color to get.

At $749, it’s not cheap, but compared to the XS and XS Max (starting at $999 and $1,099, respectively), it’s a relative bargain, and most of the missing features won’t have an impact on the day to day use of an average user. Heck, even the single lens camera has learned to approximate portrait mode to further cushion the blow.

If I were in the market for a new iPhone, I’d almost certainly go the XR route. Listen, I’m a tech blogger living in New York City. I have a pet rabbit to feed. Do you think rabbit food grows on trees (I mean, technically it does, but you get the point).

If you’re a prospective iPhone buyer, you’re probably in the same boat. The XR’s the way to go, and Apple’s going to sell a ton of the things.

more iPhone Event 2018 coverage

Security flaw in ‘nearly all’ modern PCs and Macs exposes encrypted data

Most modern computers, even devices with disk encryption, are vulnerable to a new attack that can steal sensitive data in a matter of minutes, new research says.

In new findings published Wednesday, F-Secure said that none of the existing firmware security measures in every laptop it tested “does a good enough job” of preventing data theft.

F-Secure principal security consultant Olle Segerdahl told TechCrunch that the vulnerabilities put “nearly all” laptops and desktops — both Windows and Mac users — at risk.

The new exploit is built on the foundations of a traditional cold boot attack, which hackers have long used to steal data from a shut-down computer. Modern computers overwrite their memory when a device is powered down to scramble the data from being read. But Segerdahl and his colleague Pasi Saarinen found a way to disable the overwriting process, making a cold boot attack possible again.

“It takes some extra steps,” said Segerdahl, but the flaw is “easy to exploit.” So much so, he said, that it would “very much surprise” him if this technique isn’t already known by some hacker groups.

“We are convinced that anybody tasked with stealing data off laptops would have already come to the same conclusions as us,” he said.

It’s no secret that if you have physical access to a computer, the chances of someone stealing your data is usually greater. That’s why so many use disk encryption — like BitLocker for Windows and FileVault for Macs — to scramble and protect data when a device is turned off.

But the researchers found that in nearly all cases they can still steal data protected by BitLocker and FileVault regardless.

After the researchers figured out how the memory overwriting process works, they said it took just a few hours to build a proof-of-concept tool that prevented the firmware from clearing secrets from memory. From there, the researchers scanned for disk encryption keys, which, when obtained, could be used to mount the protected volume.

It’s not just disk encryption keys at risk, Segerdahl said. A successful attacker can steal “anything that happens to be in memory,” like passwords and corporate network credentials, which can lead to a deeper compromise.

Their findings were shared with Microsoft, Apple, and Intel prior to release. According to the researchers, only a smattering of devices aren’t affected by the attack. Microsoft said in a recently updated article on BitLocker countermeasures that using a startup PIN can mitigate cold boot attacks, but Windows users with “Home” licenses are out of luck. And, any Apple Mac equipped with a T2 chip are not affected, but a firmware password would still improve protection.

Both Microsoft and Apple downplayed the risk.

Acknowledging that an attacker needs physical access to a device, Microsoft said it encourages customers to “practice good security habits, including preventing unauthorized physical access to their device.” Apple said it was looking into measures to protect Macs that don’t come with the T2 chip.

When reached, Intel would not to comment on the record.

In any case, the researchers say, there’s not much hope that affected computer makers can fix their fleet of existing devices.

“Unfortunately, there is nothing Microsoft can do, since we are using flaws in PC hardware vendors’ firmware,” said Segerdahl. “Intel can only do so much, their position in the ecosystem is providing a reference platform for the vendors to extend and build their new models on.”

Companies, and users, are “on their own,” said Segerdahl.

“Planning for these events is a better practice than assuming devices cannot be physically compromised by hackers because that’s obviously not the case,” he said.

Apple, AT&T, Amazon, Google among tech giants called to Senate Commerce Committee

If you weren’t done watching tech giants get grilled by lawmakers, mark your calendar for September 26 in what’s expected to be another riveting round of questioning.

Policy chiefs from AT&T and Charter, along with senior executives at Apple, Amazon, Google and Twitter will face questions from the Senate Commerce Committee later this month about how each company approaches safeguards to consumer privacy. The tech and telco companies will be asked to “discuss possible approaches to safeguarding privacy more effectively,” among other things.

Noticeably absent is Facebook; though the committee says the witness list is subject to change.

Committee chairman Sen. John Thune said the hearing will allow the companies to “explain their approaches to privacy, how they plan to address new requirements from the European Union and California, and what Congress can do to promote clear privacy expectations without hurting innovation.”

Beyond that, it’s not clear exactly what the point of the hearing is.

A congressional source told TechCrunch to expect each company to explain for one what they could do to protect privacy outside of the law, and what role Congress can play in creating a single set of privacy requirements.

This will be the latest in a string of hearings in recent months following the Cambridge Analytica scandal, which embroiled Facebook in an exposure of millions of users’ data.

This will be the second Senate Commerce Committee hearing this year focused on the issue. Facebook chief executive Mark Zuckerberg was called to testify in April and later the Senate Intelligence Committee has held several hearings to discuss election security and disinformation campaigns around the 2018 midterm elections.

iPhone XS Max up close and hands-on

The most remarkable thing about the iPhone XS Max is that it doesn’t feel huge. It’s all relative, of course. And surely Apple’s old guard would have scoffed at the notion of a 6.5-inch display. But time marches on. Seasons change and so do minds. Temperatures increase, superhero movies pile up and screen sizes increase, unabated.

Much of the perception no doubt comes from the rest of the industry pushing the limits of human hands and pants pockets. I’ve been carrying around the Note 9 of late — and before that, the iPhone 8 Plus. The XS Max feels roughly the size of the latter, which is pretty remarkable given that the Plus sported a 5.5 inch display.

The dimensions break down thusly:

iPhone 8 Plus: 158.4 x 78.1 x 7.5 mm

iPhone Xs Max: 157.5 x 77.4 x 7.7 mm

The Max is ever-so-slightly smaller in two of three dimensions.

This was accomplished in no small part to bezels. Getting rid of all of that extra real estate makes a world of difference, along with dropping the home button and continuing to embrace the way of the notch.

Aside from size, you won’t notice a lot new here. That’s just sort of the plight of the S model —well, that and coming immediately after the largest single design update in the iPhone’s 10 year history. The new finishes are very, very shiny as well, silver especially, which will probably blind you if the sun catches it just right, but you’re going to put that $1,099+ phone in a case anyway, right?

Speaking of pricing, as Tim Cook said on stage, the larger model starts at “just” $100 more than its predecessor. That’s the sort of statement you can get away with when you help set the precedent for a $1,000 phone a year prior. That Band-Aid has already been ripped off, right, so what’s another $100 between friends?

That said, if I were in the market for a new iPhone, I’d strongly consider the size upgrade. The leap from 5.8 to 6.5 inches is pretty sizable. Sticking with the former was an interesting move on Apple’s part, given that the XR splits the difference at 6.1 inches. Maybe it’s a supply chain thing? I don’t know. I’m just sort of spitballing at this point.

As ever, I’m going to have to hold off judgement on things like performance and camera quality until we can take the thing for a spin. Given that the phones are due out in the not-so-distant future, however, I suspect that will be sooner rather than later.

It’s worth noting, of course, that those bits and bobs are relatively iterative, as is custom with the “s” suffix. The specs also look remarkably similar between the XS and XS Max: dual rear-facing 12-megapixel cameras, A12 Bionic chip, HDR display (though the Max naturally, has more pixels, while both work out to 458 PPI). I suspect this decision was made, in part, to help keep the newer, bigger phone at “just” $100 over its predecessor.

more iPhone Event 2018 coverage

Here’s how Apple’s stock fared during today’s big hardware event

Apple announced a whole bunch of new products today at its fancy Cupertino campus in what was its first hardware event since becoming a $1 trillion company. The company proudly unveiled the iPhone XS, the iPhone XS Max, the Apple Watch Series 4 and more.

The stock market behaved as we expected. Apple’s stock spent much of the day hovering down 1 percent, dropping as low as 2 percent at the conclusion of the big presentation. Apple (NASDAQ: AAPL) recovered by the time the markets closed, ending the day, again, down about 1.2 percent. Exciting stuff, I know.

As we’ve said before, the stock price doesn’t typically do all that much during hardware spectacles like this. Despite the amount of fanfare leading up to these big presentations, as was the case preceding the iPhone X announcement, Wall Street doesn’t overreact. Why? Because they’ve seen it all before and like many of our loyal readers, they know what’s coming. Plus, all the press leading up to the event usually takes away any opportunity for a true surprise. Leaks, too, eliminate the shock factor.

A few of Apple’s competitors’ stocks, however, tumbled on the news of its new lineup of iPhones and its latest Apple Watch.

Fitbit tanks

Fitbit’s (NYSE: FIT) stock took the hardest hit on Wednesday as Apple announced its newest smartwatch, the Apple Watch Series 4. Fitbit, the creator of a competing wearable health and fitness device, closed down nearly 7 percent.

Samsung, another one of Apple’s competitors, was down just 1 percent on the news of Apple’s new fancy-schmancy phones.

The iPhone XS, according to Apple CEO Tim Cook, is the best and greatest phone the company has ever made. And they’ll be the industry’s first smartphones to be powered by 7nm chips.

U.S. chipmaker Qualcomm’s (NASDAQ: QCOM) stock dipped 2 percent on that news. Apple and Qualcomm have been going head-to-head in a long-running patent war. Apple, as a result, has been working to remove Qualcomm equipment from its phones.

Samsung and Qualcomm closed down about 1 percent Wednesday.

A strong year for Apple

Apple’s stock is up more than 30 percent so far this year. The company shipped some 41 million phones in Q2 2018, per Canalys (via email), and has continued to disclose positive earnings in its lead-up to the big $1 trillion. Apple beat analyst expectations when it reported $53.3 billion in revenue in its latest earnings report, up 17 percent year-over-year.

The company’s stock took a slight hit earlier this week after President Trump tweeted that Apple’s prices may climb due to China tariffs.

The tweet was a response to a letter Apple wrote to the Trump administration warning them that tariffs may increase the cost of its products, including the Apple Watch, AirPods and HomePods.

“It is difficult to see how tariffs that hurt U.S. companies and U.S. consumers will advance the Government’s objectives with respect to China’s technology policies,” Apple wrote, per CNBC. “We hope, instead, that you will reconsider these measures and work to find other, more effective solutions that leave the U.S. economy and U.S. consumer stronger and healthier than ever before.”

If you missed today’s event or you’re already ready to relive it (no judgment), we live-blogged the whole thing here. Catch up on all the new hardware here.

more iPhone Event 2018 coverage

How to watch the live stream for today’s Apple iPhone keynote

Apple is holding a keynote today on its new and shiny campus in Cupertino, and the company is expected to unveil new iPhones, an updated Apple Watch and maybe some other things. At 10 AM PT (1 PM in New York, 6 PM in London, 7 PM in Paris), you’ll be able to watch the event as the company is streaming it live.

Apple’s September is the company’s most anticipated event. And that’s because Apple releases new iPhone models every September. Rumor has it that the company should unveil three new devices, including an updated iPhone X, a bigger version of this phone and a new model to replace the iPhone 8 with a notch design.

If you have an Apple TV, you can download the Apple Events app in the App Store. It lets you stream today’s event and rewatch old events. The app icon has been updated a few days ago for the event.

And if you don’t have an Apple TV, the company also lets you live-stream the event from the Apple Events section on its website. This video feed has always worked in Safari and Microsoft Edge. And just like this year’s WWDC keynote, the video should also work in Google Chrome and Mozilla Firefox.

So to recap, here’s how you can watch today’s Apple event:

  • Safari on the Mac or iOS.
  • Microsoft Edge on Windows 10.
  • Google Chrome or Mozilla Firefox on the Mac or Windows 10.
  • An Apple TV with the Apple Events app in the App Store.

Of course, you also can read TechCrunch’s live blog if you’re stuck at work and really need our entertaining commentary track to help you get through your day. We have a big team in the room this year.

more iPhone Event 2018 coverage