Archive for May 31, 2017

Wednesday, May 31, 2017 [Tweets] [Favorites]

Dangers of Google AMP

Scott Gilbertson:

Google’s AMP is bad — bad in a potentially web-destroying way. Google AMP is bad news for how the web is built, it’s bad news for publishers of credible online content, and it’s bad news for consumers of that content. Google AMP is only good for one party: Google. Google, and possibly, purveyors of fake news.

Via John Gruber:

It implements its own scrolling behavior on iOS, which feels unnatural, and even worse, it breaks the decade-old system-wide iOS behavior of being able to tap the status bar to scroll to the top of any scrollable view. AMP also completely breaks Safari’s ability to search for text on a page (via the “Find on Page” action in the sharing sheet). Google has no respect for the platform. If I had my way, Mobile Safari would refuse to render AMP pages. It’s a deliberate effort by Google to break the open web.

The scrolling behavior seems to be due to a design choice, since changed in WebKit; it‘s actually the rest of Mobile Safari that’s inconsistent with other scrollable views.

Nick Heer:

Forms and interactive elements were previously verboten in AMP land, but they’re now allowed through a proprietary — albeit open source — and nonstandard fork of HTML largely developed and popularized by one of the biggest web companies out there.


Consider this: Google owns the most popular search engine and the biggest video hosting platform in most countries, operates one of the most-used email services on Earth, has the greatest market share of any mobile operating system, makes the most popular web browser in many countries, serves the majority of the targeted advertising on the web, provides the most popular analytics software for websites, and is attempting to become a major internet service provider. And, to cap it all off, they’re subtly replacing HTML with their own version, and it requires a Google-hosted JavaScript file to correctly display.

Lorenzo Franceschi-Bicchierai (via John Gruber):

According to Citizen Lab researchers, the hackers used Google AMP to trick the targets into thinking the email really came from Google.


So if the victim had quickly hovered over the button to inspect the link, they would have seen a URL that starts with, which seems safe, and it’s followed by a URL, which the user might not have noticed. (For example:[.]com/amp/

HTTPS on Stack Overflow

Nick Craver (via Joel Spolsky, Hacker News):

We began thinking about deploying HTTPS on Stack Overflow back in 2013. So the obvious question: It’s 2017. What the hell took 4 years? The same 2 reasons that delay almost any IT project: dependencies and priorities. Let’s be honest, the information on Stack Overflow isn’t as valuable (to secure) as most other data. We’re not a bank, we’re not a hospital, we don’t handle credit card payments, and we even publish most of our database both by HTTP and via torrent once a quarter. That means from a security standpoint, it’s just not as high of a priority as it is in other situations. We also had far more dependencies than most, a rather unique combination of some huge problem areas when deploying HTTPS. As you’ll see later, some of the domain problems are also permanent.

The biggest areas that caused us problems were:

  • User content (users can upload images or specify URLs)
  • Ad networks (contracts and support)
  • Hosting from a single data center (latency)
  • Hundreds of domains, at multiple levels (certificates)

Keyboard Maestro Beats System Preferences

Dr. Drang:

As you have no doubt guessed by now, Yosemite didn’t erase the annoyance. Nor did El Capitan or Sierra. Today, after running into the problem once again, I decided to take matters into my own hands. I turned off that shortcut in System Preferences and built a Keyboard Maestro macro to do the job.

Custom keyboard shortcuts have been buggy for me, too, especially in Sierra.

A Year of Google Maps & Apple Maps

Justin O’Beirne (Hacker News):

According to Google Analytics, that essay has received more than 1,000 hits from computers on Apple’s corporate network, mainly Apple’s Sunnyvale and Cupertino campuses. Yet nearly a year later, Patricia’s Green still isn’t green.


Google has distinct locations for each. But Apple plots them at the same location... […] ...and as the months pass by, Apple cycles through all three – padding our addition/removal counts[…]


Speaking of place labels, did you notice that halfway through the year, Google’s changed in appearance?


And in addition to the color changes, Google also flattened the map – eliminating the coastline dropshadows it had added just a couple years ago and removing most of the road casings[…]


And speaking of places, Google has also been increasing the variety of places it shows.

Nick Heer:

I hope Apple’s on-the-ground data collection indicates that they’re pushing for a big improvement soon. But, while they may be working really hard, Google’s designers and engineers aren’t twiddling their thumbs either, and Google is starting with a much stronger base. This article is so good that Apple could almost use it as a todo list. And they probably should.

O’Beirne was apparently the “Head of Cartography” at Apple, but given this essay and the one last year, it sounds like he no longer works there.