Archive for July 6, 2021

Tuesday, July 6, 2021

Apple to Decentralize From Silicon Valley

Mark Gurman:

Just a few years after completing the multibillion-dollar Apple Park headquarters in Cupertino, California, Apple Inc. is ramping up efforts to decentralize out of Silicon Valley. I’m told that executives at the highest levels of the company recognize that hiring and retaining talent will be one of the biggest challenges to its future success, and reducing its reliance on the Valley is a key step in mitigating that issue.

Apple has traditionally operated on the principle that ambitious technologists yearn for a place in Silicon Valley where they can put their mark on the next iProduct. The company’s top brass for years fought against decentralization. But that thinking has changed for several reasons based on what I’ve heard from Apple employees.


Some members of Apple’s executive team had been pushing to decentralize out of Cupertino for years before a fuller realization came into place more recently. Johny Srouji, Apple’s head of custom silicon, was one of the strongest proponents of such a shift, I’m told. His group opened up offices in Florida, Massachusetts, Texas, Israel and parts of Asia years ago. It has since expanded in Germany, Oregon and San Diego.

Eddy Cue, Apple’s online services chief, has also pushed for decentralization, investing in multiple Los Angeles offices and a location in Nashville. The chief operating officer, Jeff Williams, has internally discussed the cost benefits of a more global workforce, and Deirdre O’Brien, the retail and HR chief, has evangelized for the diversity benefits.

Tim Hardwick:

The company is said to be “losing talent” because employees are struggling to afford the high cost of living in the San Francisco Bay Area, despite being high earners by most standards.


Audacity’s New Privacy Policy

Tim Hardwick:

Two months ago, Audacity was acquired by Muse Group, which owns other audio-related projects including the Ultimate Guitar website and the MuseScore app. According to Fosspost, changes to the privacy policy section on the Audacity website indicate that several personal data collection mechanisms have since been added by the parent company.


Personal Data we collect

  • OS version [I presume they mean App version.]
  • User country based on IP address
  • OS name and version
  • CPU
  • Non-fatal error codes and messages (i.e. project failed to open)
  • Crash reports in Breakpad MiniDump format
  • Data necessary for law enforcement, litigation and authorities’ requests (if any)

The first four are pretty common for Mac apps to collect without opt-in, as part of a software update check. I don’t think IP addresses really count as personal data if they are not linked with other identifying information. Otherwise, anyone with a Web site who didn’t disable logging would be considered to be collecting personal information.

I don’t think error codes or crash reports should be collected without the user opting in.

The last item has people worried, but I’m not really sure what it means. You could imagine that Audacity is collecting information about which audio files you’re editing and making that available to companies who want to sue for copyright infringement. Or it could just be boilerplate saying that Audacity will comply with lawful requests for the not very personal information that it is collecting anyway. Whether or not it’s spelled out in a privacy policy, most companies probably don’t have a choice about that.


We believe concerns are due largely to unclear phrasing in the Privacy Policy, which we are now in the process of rectifying.

See also: Reddit, Hacker News, 2, 3.

Update (2021-07-07): Syenta:

I have already uninstalled it and cleared out the %AppData% folder where I found the LastLog which listed:

Kalk = A calculator

None of which are in @getaudacity folder Why would you list things not used by Audacity like Kalk

Shoshana Wodinsky (via Nick Heer):

First came plans to add telemetry capture. Then came a new contributor license agreement. Then last week came a privacy policy update that some Audacity die-hards say turns the software into “spyware.” But Audacity isn’t “spyware”—if only because virtually every app we use is some form of spyware these days.


Ray adds that its data collection is “very limited” and only includes “pseudonymized” IP addresses that are “irretrievable after 24 hours,” system information that includes “OS version and CPU type,” and optional error report data—not users’ microphone recordings or personal details.


Also worth mentioning here is that some of the other products under the Muse Group umbrella—like the music notation software MuseScore—feature nearly identical privacy policies, which suggests the parent company just updated Audacity’s policies for some consistency across its catalog. But that doesn’t excuse the piss-poor wording on its original draft, which Ray swears will be “revised” soon enough.

cookiengineer (via Hacker News):

Stepdown as Maintainer of this Fork

Disclaimer: I really thought long about this, and I haven’t slept in two days due to ongoing harassments of 4chan.

As the first people were literally arriving at my place of living, where they knocked on my doors and windows to scare us, I am hereby officially stepping down as a maintainer of this project.

I don’t understand how this escalated.

Update (2021-07-14): Tom Nardi (via Hacker News):

While there was still a segment of the Audacity userbase that was skeptical about remote analytics being added into a program that never needed it before, representatives from the Muse Group seemed to be listening to the feedback they were receiving. Keary assured users that plans to implement telemetry had been dropped, and that should they be reintroduced in the future, it would be done with the appropriate transparency.

Unfortunately, things have only gotten worse in the intervening months. Not only is telemetry back on the menu for a program that’s never needed an Internet connection since its initial release in 2000, but this time it has brought with it a troubling Privacy Policy that details who can access the collected data. Worse, Muse Group has made it clear they intend to move Audacity away from its current GPLv2 license, even if it means muscling out long-time contributors who won’t agree to the switch. The company argues this will give them more flexibility to list the software with a wider array of package repositories, a claim that’s been met with great skepticism by those well versed in open source licensing.

Boop 1.3.1

Ivan Mathy (via Matt Birchler):

Sometimes you need to do something, and it’s just way easier to Google something like “json formatter online” and paste your data into whatever the first result is. It’s not your fault Xcode prints out escaped strings. And who knows how to get the character count in Terminal? I mean why would that access token be URL encoded? Speaking of, does that JWT look base 64 encoded to you? Also that JSON response is one big line it’s really hard to read. Oh boy, that XML document is just a complete mess. I wonder what the MD5 for the password I use everywhere is? Oh, here we go, md5generator dot com, you’re my savior!


I tend to do these sorts of things in BBEdit by writing a text filter script and invoking it using the LaunchBar-style Commands window. But Boop seems like a nice, single-purpose app with a convenient interface and lots of transformations built in. It’s open source and extensible via JavaScript.

Didi Chuxing Removed From Chinese App Store

Tim Hardwick:

Apple has been informed by China’s cyberspace regulator that it must remove the Didi Chuxing ride hailing app from the Chinese App Store following concerns about the Uber rival’s possible misuse of personal data.

The app in question is owned by Didi Global, which Apple has $1 billion invested in. Bloomberg reports that the ban was announced on Sunday by the Cyberspace Administration of China, citing serious violations on the company’s collection and usage of personal information, without going into detail.