Archive for February 21, 2019

Thursday, February 21, 2019

Galaxy Unpacked 2019

John Gruber:

Samsung introduced five new phones today at a big show at the Bill Graham Civic Auditorium in San Francisco (in addition to the gimmicky Galaxy Fold): the S10 (6.1"), S10 Plus (6.4"), S10E (5.8"), and S10 5G (a whopping 6.7") — and the Galaxy Fold.


Samsung is sticking to its guns on a couple of fronts: fingerprints instead of facial recognition, and good old-fashioned headphone jacks on every model. And while they didn’t spend much time showing the system software, it looked to me like their interaction model is still home button-based, rather than gesture-based.


I’m not sure about the S10E, but the bigger S10 models not only support wireless charging for input, but they also can serve as charging pads for other devices, like wireless headphones, a Samsung watch, or even another phone.


Second, Samsung has built Instagram into the system Camera app as its own shooting mode.

Mark Gurman:

In using the new Galaxy phones (briefly), Samsung is beating Apple to triple camera by 7 months, 5G and rear 3D by ~ 1.5 years, and screen design by ~1.5 - 2.5 years. But their software/services feels 1-2 years behind.

Nick Heer:

During the unveiling, Samsung emphasized the Fold’s versatility in being able to transform from an ordinary smartphone into a tablet just by opening it up. But this device — and others like it — are bad phones, and worse tablets. Every shot of the closed phone looks like it’s begging to be unfolded; its display looks narrow, uncomfortable, and cramped. It seems far better in its tablet-like configuration, but it is at best a diet version of a tablet.

Josh Centers:

People aren’t seeing the big picture here: Samsung is proving that a device with a folding screen can be mass produced. Yes, it’s clunky. No, it won’t be a huge product at first. But this is a big step forward.

Nilay Patel:

Are we all just taking it for granted that an actual folding phone exists and will ship next month? It might be a medium-good product, but holy shit this was absolutely the stuff of dreams when I was a kid. There wasn’t even CGI to fake it properly.

Update (2019-02-26): Steve Troughton-Smith:

Apple is the only company with a viable ecosystem of phone apps that can transform into amazing tablet apps at runtime. It’s gonna take a lot of restraint to not ship a foldable iOS device too early, because even a token implementation would have way more compelling sw than these

Matt Birchler:

But all that said, I’m very excited about this tech getting into real products people can actually pay money for and use. These are not concept devices, they’re consumer products that will sell very poorly, but will at least be in the world.

John Gruber:

Way more compelling design [for the Huawei Mate X] than Samsung’s Galaxy Fold. Because it folds outward rather than inward, you don’t need an extra display. It sounds like a better design and it looks like a better design. But at €2,299 (that’s $2,600) it’s clearly not priced to sell in serious quantities, and the crease doesn’t seem to exactly disappear.

Update (2019-03-04): See also: Accidental Tech Podcast and The Talk Show.

Update (2019-04-17): Dieter Bohn:

Look closely at the picture above, and you can see a small bulge right on the crease of my Galaxy Fold review unit. It’s just enough to slightly distort the screen, and I can feel it under my finger. There’s something pressing up against the screen at the hinge, right there in the crease. My best guess is that it’s a piece of debris, something harder than lint for sure. It’s possible that it’s something else, though, like the hinge itself on a defective unit pressing up on the screen.

It’s a distressing thing to discover just two days after receiving my review unit. More distressing is that the bulge eventually pressed sharply enough into the screen to break it. You can see the telltale lines of a broken OLED converging on the spot where the bulge is.

Update (2019-04-18): Walt Mossberg:

This is incredible. Three separate specimens of a $2000 product breaks within days of being sent to three different reviewers - in three different ways. No matter what happens with replacement units, nor what the explanation, why would you have confidence in the product?

Four reviewers! Not three! I love big tech advances, like the idea of a foldable phone. But, ideas and everyday usable products are different things.

See also: Marques Brownlee’s impressions of the Galaxy Fold.

How Apple’s Enterprise App Program Became the New Wild West of Mobile Apps

Nick Statt:

But, as previous reports have found and according to multiple employees of large tech companies who spoke to The Verge, Apple’s enterprise program contains few oversight protections that would prevent developers from abusing their certificates. It’s not just Facebook and Google’s egregious VPN apps or the occasional flagrant TV and movie torrent software, either. A trail of virtual breadcrumbs has since led reporters to unearth thousands of prohibited iOS apps, from gambling and porn software to pirated games and ad-free versions of Spotify. And it now looks as if an entire underground world of secretly sideloaded apps that violate Apple’s terms are available direct to consumers — if you know where to look.

Via Patrick Balestra:

How Apple didn’t yet shut down @TutuApp_vip literally blows my mind. They have 170K followers, a public website that with a single button installs an app signed with an enterprise certificate which includes a marketplace to install other apps? 🤯

Previously: Facebook Pays Teens to Install VPN That Spies on Them.

If Dave Winer Were CEO of the NYT

Dave Winer:

I would start a blog hosting service, with NYT branding, it would be carefully designed so that people knew this was blog space and not editorial space. The Times editorial people do not control what’s said here. These are our sources. Maybe the site would be called

I would offer a blog to every person who was quoted in a NYT story. This would give people an extra reason to work with our reporters. It would also serve as vetting. If their ideas or experiences are valuable enough to be quoted in our news flow, we want to stay in touch, and this is a great way to do that.


News will be made on this system. That's good. After all, that's the business we're in -- news. More news? Make my day. 😄

Inverted XCTestExpectations

Paulo Andrade:

But what about asserting a notification isn’t sent? Waiting for an expectation that’s not fulfilled will always result in an error… So I started browsing the headers of XCTest and I came across isInverted property on XCTestExpectation.

Update (2019-02-26): Heath Borders:

I created an extension with that as an initializer because property-based injection means that you don’t get warnings about unused local variables.

Popular Note-taking Apps Share These Security Flaws


Of course, all apps now use TLS to send network requests to the backend server. However, TLS is not enough if someone wants to read your notes. In my talks, I describe in more details why sometimes and in some countries, we can’t rely on TLS itself.

During my testing, I could easily intercept and change network requests — which allows me to not only read notes content, investigate API, send not-allowed network requests, but also to unlock some app features available after subscription only.


One application, that I tried, encrypted my notes, but at the same time it generated preview image with note content, that was stored as file next to the encrypted note. Totally visible, a picture, in plaintext.


It’s better to separate user password from encryption key: app should generate a long random encryption key, and store it in the Keychain (or iCloud Keychain). Before encryption/decryption app asks user password / Touch ID / Face ID to make sure that user is really a note-owner, unlocks Keychain, reads encryption key and decrypts the note.