Archive for January 4, 2022

Tuesday, January 4, 2022

Search Engines and SEO Spam

Michael Seibel (Hacker News):

A recent small medical issue has highlighted how much someone needs to disrupt Google Search. Google is no longer producing high quality search results in a significant number of important categories.

Health, product reviews, recipes are three categories I searched today where top results featured clickbait sites riddled with crappy ads. I’m sure there are many more.

I’ve long been in the camp saying that Google’s search was way ahead. I’m not sure what’s happened, but in the last few months I’ve noticed a huge decline in the quality of its results. I now regularly repeat my searches with DuckDuckGo to make sure I’m not missing something. Sometimes the problem is SEO spam, where the page I want isn’t on the first page or two of results, but perhaps if I clicked Next enough times I would eventually see it. Other times, I’m searching for something rare, Google only finds a handful of matches, and it appears that the page in question is not even indexed.


I think one of the fundamental things that make search work well about 1-2 decades ago was that web sites would link to each other, and that those links could vaguely correlate with reputation. There were link spammers, but there was actually a some decent organic content as well.

What’s happened since then is that almost all the normal “people linking to things they like” has gone behind walled gardens (chiefly Facebook), and vast majority of what remains on the open web are SEO spammers.


Because, years ago, linking to lower reputation sites would drain your page rank. So everyone worried about SEO became afraid to link to anything except: 1) Their own website 2) High reputation sites like NYTimes, etc.


Exposure Notification Update, January 2022

Gerrit De Vynck and Cat Zakrzewski:

The tech giants managed to build and launch the “exposure notification” framework in months, a previously unheard-of level of collaboration for the rivals.


But nearly two years later, as the omicron variant sweeps across the United States, adoption of the system is still far behind what its creators and proponents envisioned. More than 20 states don’t use it at all, including large states like Florida and Texas that have reported millions of cases and tens of thousands of deaths. Even in states where millions have activated the notifications, only a fraction of people who test positive for the virus report it to the Apple and Google system. California’s system, for example, has been activated on more than 15 million devices, but only about 3 percent of the nearly 3.9 million cases reported since launch were logged in the system.


The apps are “not really talked about as part of the mitigation strategy,” said Kameka Dempsey, a co-chair of the Covid-19 Technology Task Force, a group of prominent technologists and venture capitalists working on efforts to combat the virus.

Anecdotally, there still seems to be little awareness of these apps outside of tech circles. And without lots of people using them they’re not very helpful.

Via Nick Heer:

Similarly, this Post report paints a bleak picture of the framework’s poor adoption in the U.S., which Karen L. Howard of the GAO blamed partly on a lack of privacy protections in U.S. law. But I have had a hard time finding similar information about other countries’ responses.

The Apple–Google exposure notification framework is the system adopted by national COVID apps in Germany, Ireland, and Switzerland, where there are much stricter data privacy laws than in the U.S., which has perhaps played a role in driving higher adoption rates. Even still, finding evidence that this framework has played a meaningful difference in this pandemic is hard to come by. Irish authorities were understandably proud of their country’s rapid adoption rate, but a report earlier this year found that only a quarter of cases in Ireland were registered in the app.


Update (2022-02-11): Anthea Katelaris:

Now, almost two years after its launch in April 2020, we publish in The Lancet Public Health our evaluation of the app’s effectiveness and usefulness in New South Wales.


A total of 22% of cases were using the app. Most (61%) contacts the app registered as “close contacts” turned out not to be epidemiologically linked to a case. The app detected only 15% of true close contacts identified by conventional contact tracing.

In total, COVIDSafe detected only 17 additional true close contacts in NSW during the six-month evaluation period.

It caused substantial additional work for contact tracers and overall, did not make a meaningful contribution to the COVID response in NSW.

iCloud Private Relay White Paper

Apple (via John Wilander):

When Private Relay is in use, the user’s device opens up a connection to the first internet relay (also known as the “ingress proxy”). The software for the first internet relay is operated by Apple in locations around the world.

As the user browses, their original IP address is visible to the first internet relay and to the network they are connected to (e.g., their home ISP or cellular service). However, the website names requested by the user are encrypted and cannot be seen by either party.

The second internet relay (also known as the “egress proxy”) has the role of assigning the Relay IP address they’ll use for the session, decrypting the website name the user has requested and completing the connection. The second internet relay has no knowledge of the user’s original IP address and receives only enough location information to assign them a Relay IP address that maps to the region they are connecting from, conforming to the IP Address Location preference they selected in Private Relay settings. The second internet relay is operated by third-party partners who are some of the largest content delivery networks (CDNs) in the world.


To ensure only Apple devices and valid iCloud+ accounts can use Private Relay, the server performs device and account attestation using the Basic Attestation Authority (BAA) server prior to vending out tokens. To mitigate abuse, rate limiting restricts how many tokens a user’s device can retrieve per day.


Update (2022-01-07): Nick Heer:

Compared to some of Apple’s more detailed technical documentation, this white paper has noticeable omissions.

Update (2022-01-13): Howard Oakley:

Despite its careful design, Private Relay still does have problems with certain sites and services. Where possible, Apple is preferring to advise the user when a connection can’t be made, rather than expecting the user to build and maintain an exception list. Otherwise the service now appears quite robust and performs well.


From what I see, iCloud+ Private Relay almost invariably wins when it comes down to trust. And the fact that I currently pay less than $/€/£ 1 per month for my iCloud+ service.

John Gruber:

iCloud Private Relay is still officially in beta, but it’s been so reliable for me that I had to check just now that I’ve got it enabled on all my eligible devices.

Thomas Karpiniec:

It is therefore uncomfortable to admit that one platform, in one key aspect, has become the best. I’m talking about Safari. Yes, that dinky browser that only works on one brand of computer and never seems to keep up with web standards. I now feel like I’m compromising severely if I have to use anything else. Why on earth is that? Aren’t all browsers basically the same? Well no, it’s all to do with iCloud+ Private Relay.

Siri Suggestions and Privacy

Jeff Johnson (tweet):

I have no interest in Siri, and I don’t want my devices to phone home to Apple with so-called “anonymous” data that always turns out to be less anonymous than claimed. I expected that the OS would respect my setup screen choice, and indeed if I look at the Siri pane in System Preferences, everything looks disabled.


At the very end you see Siri Suggestions, but you don’t want to click “Learn More…” because that’s the wrong thing. In typical Apple fashion nowadays, this spectacularly bad UI has a disclosure widget that you want to click to learn about Siri Suggestions.


I believe that I understand what this is saying, but the most confusing and maddening thing about it is that not only are the Siri Suggestions preferences themselves somewhat hidden, but the procedures — multiple procedures! — required to stop Siri Suggestions from phoning home to Apple are hidden in entirely different places. It’s like an obstacle course of apps, preference panes, and buttons.

It’s clearly not designed with the idea that you would want to turn off Siri Suggestions for privacy reasons, because there’s a separate checkbox for each app and you would have to remember to go back to the list each time you install a new app. The “Enable Ask Siri” checkbox looks like it might be a global killswitch for all Siri functionality, but it isn’t.