⇥ Creepy Apple is creepy

Ah, analysts. Where would the world be without them?

My current favourite is Alex Levinson, a mobile phone forensic expert who comments on the recent discovery that the iPhone tracks everywhere its users go.

Levinson makes a couple of reasonable points, like the fact that there is nothing new about this revelation, and that he has done extensive research on the subject well before yesterday’s sudden explosion of interest in the story.

It’s his analysis, however, that is all over the place. Allow me to illustrate:

Apple is not collecting this data.

Really? Is it materializing out of thin air? Is the CIA planting it on my computer?

Apple wrote iOS, and iOS is gathering the data without the consent of its users. Transitivity applies, which makes Apple responsible for the data being collected.

Perhaps Levinson means to say that Apple is not receiving a copy of the data, which is certainly lower on the creep scale than a database of every location you’ve visited being sent to Cupertino for, er, “service enhancement” reasons.

But that’s no different than what everybody else has been saying, nor does it make this whole affair any less creepy.

And speaking of creepy, here’s his explanation of why the data collection isn’t just not a big deal—it’s actually necessary:

That raises the question – how is this data used? It’s used all the time by software running on the phone. Built-In applications such as Maps and Camera use this geolocational data to operate. Apple provides an API for access to location awareness called Core Location.

My dear Alex, let me tell you—if there’s a way to find out where you’ve been with Core Location, I haven’t figured it out yet. Nor, I suspect, has any other developer who doesn’t work for Apple itself.

That’s because Core Location (which, by the way, is a great API) tells you where your phone is now, not where it’s been. It can advise of changes in your position as they occur, but it is a realtime framework—if you want to build a database of past location, you have to built it yourself. And your users must launch the app. And they must expressly authorize the app to use Core Location.

By contrast, it seems that the information in question is being surreptitiously collected, saved and archived without anyone’s permission.

But it gets worse. If the information were just collected and kept on the device, things would be slightly less frightening—iOS has a fairly strong sandbox model, which makes accessing files outside of an app’s directory nearly impossible. Plus, don’t forget that any app you put on your phone has to be vetted by the Mothership itself. Therefore, the data would be relatively safe from prying eyes.

Once this file makes its way onto your computer, however, all bets are off. Unless you encrypt your backups—which, I’m guessing, most people don’t—anyone who convinces you to run their app on your Mac has full access to every location you’ve been since you’ve owned a 3G device that runs iOS 4.0 or higher.

There is, as I see it, very little mitigation at play here. That’s not to say that there isn’t a good reason why this information is collected. Rather, none of the reasons given so far by analysts fits the problem well, and the only people who know exactly what the right answer is—the fine folks from Cupertino—are keeping mum.

⇥ Why taxes never get fixed

The only truly fair taxation system is one that charges every person the same percentage of their income. That’s it—no exemptions, no tax brackets, no loopholes. If the tax system were like that, the only real way to gain an unfair advantage would be to avoid reporting all your income—which is already illegal in any case.

Better yet, governments would be forced to stop using taxes as a political and social tool—and social programs would become actual expenses reported to the public instead of lost revenue that never materializes and cannot be accounted for.

But this will never happen, because we’ve been taught that a uniform tax system is unfair towards the poor—a ridiculous lie originated by the rich and promptly bought up by everyone else out of convenience.

The much simpler reality is that, deep down, we know that fixing taxes—really fixing them—requires that we (no matter which category we’re in) also give up those privileges that we draw from it. And, of course, nobody, rich or poor, wants to do that.

This is particularly ironic in the case of the middle class, which is really on the receiving end of the shaft, and the geniuses who keep shouting at everyone within earshot that taxes are too high and must be lowered (be which they mean, of course, that they must be lowered for them).

And so, for lack of the simple will to face the actual problem, we live with a situation that is unfair all around—a situation in which someone whose income is well inside the top percentage point of the country can afford to pay an army of clever accountants to find the loopholes to allow him to pay a marginal tax rate that is lower than those in the bottom 20 percent.

Tax rates have nothing to do with it—they’re just a smokescreen thrown up for the masses.

⇥ No apology needed

I always get a chuckle when my kids do something they’re not supposed to, then turn around and exclaim “but I’m sorry!” as if that were the end of a problem. They remind me of Homer’s cries of “It’s my first day!” in Simpson Tide.

While kids who have figured out that apologies, on their own, will get them out of a lot of tight corners are amusing, however, I can’t say the same of adults. Somewhere along their personal development, people are not being advised of the fact that apologizing for a mistake doesn’t fix it.

To tell you the truth, I am not a big fan of apologies in general. I find them completely superfluous—like sugar in your coffee, they’re just empty calories, put there to cover up the inadequateness of your beverage.

In fact, I think it’s fair to say that I don’t really understand apologies, don’t expect them, and don’t care for them.

As far as I’ve been able to tell, there are three types of scenarios that others feel warrant apologies:

1. You failed through an act of fate. Even the best can’t take everything into account.
2. You failed through incompetence within the most literal sense of the world: you omitted to take something in consideration you should have.
3. You gained at my expense, albeit unintentionally. Life turned out the better for you, and you did nothing to stop it.

It’s obvious to me that #1 and #2 don’t need an apology. Of course you’re going to be sorry—the only circumstance in which you won’t is if you screwed up on purpose. So why bother?

As for #3, I’d much rather you were honest with me and gloated. I remember losing an office several years ago to a coworker whose only seniority claim was being better buddies with our mutual boss. Though, in his defence, he didn’t actively try to steal it from me, I took his apology with all the grace of a drunken elephant. He didn’t mean it. I knew he didn’t mean it. He knew that I knew that he didn’t mean it.

Besides, apologies imply the pre-emptive assumption of blame. And if there’s one thing I’ve learned, it’s that blame can rarely, if ever, pinned on any one person. Useless.

What I prefer to see is people who take control of their mistakes and fix them. Not screwing up should be the preferred goal every time, but screwing up and fixing a mistake sounds tons better to me than screwing up and apologizing for it.

⇥ Writing less to write more

How do people who have a seemingly unending ability to write do it? Is there a secret that the all-powerful cabal of professional authors is conspiring to keep from the rest of us?

The answer is surprisingly simple: they put themselves in the situation that is best conducive to writing.

This may seem obvious, but it apparently baffles a great many people. The truth is, it doesn’t take much to write¹, so long as you actually want to write.

The most important, and first, thing to do is to eliminate all distractions. Despite the recent onrush of apps whose authors seem to think otherwise, this doesn’t mean writing on a white screen with zen graphics slowly flowing across your screen and a soothing New Age soundtrack of gurgling brooks and seagulls calling in the background.

Eliminating distractions means getting rid of all those factors that give you an excuse to stop writing—remember, you are the one who is not doing the writing, so there is no point blaming externalities for your lack of discipline.

If you find yourself aimlessly browsing the Web, checking e-mail, or reading your Twitter feed, you should turn all those infernal contraptions off and write. If your phone keeps ringing, turn it off. If there is an army of kids shouting in the next room, close the door, move outside, or do the hip thing and drive to your nearest coffee shop.

Most importantly, use a writing app that keeps you focused on the act of writing. Remember that the Odyssey was composed on sheepskin with a stylus, and that The Old Man and the Sea came to life on the kind of clunky mechanical typewriter that these days can only be found in an antiques shop. The lack of choice in fonts, or the inability to underline, emphasize and bold words have never been a problem for authors until word processors made them one.

Next, try to stick to a formula that works for you. Journalists have been doing that for hundreds of years: notice, for example, how many news reports start with a lede that clearly summarizes the entire article in a single paragraph, followed by whatever additional information that the author feels necessary.

Besides the obvious practicality of helping a rushed reader get the gist of the article without having to read through its entirety, this setup also helps the writer adopt a checklist approach to getting the story written. You’d be surprised how effective it is.

Finally, you should set a word limit, which has two important roles. The first is to act as a deadline of sorts: when you’ve reached it, you’re done. The second is that it forces you to make your writing concise and effective—and that results in a more engaged audience.

For example, I am (apparently) known for the legendary length of my blog posts and e-mails. This stems from the engineer’s mindset of exploring every possible nook and cranny of an argument to make sure one has not overlooked anything, but it doesn’t work well in this context.

Thus, I have decided to try and keep posts down to five hundred or so words. I don’t always succeed, of course, but it’s definitely helped me refocus my writing and get to the point more efficiently. After all, it’s a basic form of respect for whoever decides to invest their time reading what you have to offer.

⇥ Is PHP running out of itches to scratch?

Over on his blog, my partner Cal has been wondering aloud whether Drupal should simply fork PHP, or get rid of it altogether. I hesitate to add anything to the discussion because I don’t want it to look like we’re feeding troll material to each other, but he does raise some interesting points.

I think it’s fair to say that the pace at which PHP core is being developed has slowed down considerably over the past couple of years, while the development of many projects based on it, like programming and application frameworks, has sped up and continues to grow at a fast pace.

But this doesn’t mean that we’re running out of steam. The PHP ecosystem is simply refocusing outside of core, where it has a lot more freedom of action.

This is primarily a consequence of two items. The first is the fact that PHP core has no strong leadership that can take the base language in a specific direction.

This has always been a primary design feature of the project—one, I may add, that has produced some great results. Without anyone to force PHP in a specific direction, the language has evolved haphazardly but comprehensively, which is what makes it so appealing to so many.

However, the decision was made some time ago to close the door on building new libraries into core and instead shift them to PECL. This was probably the right decision (who wants a bloated and increasingly difficult to audit core?), but it was implemented without considering the fact that the average PHP user has neither the knowledge or inclination to understand how to install and run external libraries that they can’t download in PHP form and include in their scripts.

This is crucial, because PECL and PEAR are, despite the valiant efforts of many brilliant developers, a complete mess. Obscure to work with, poorly supported, and unduly complex, they are simply irrelevant to the vast majority of PHPers.

This, in turn, affects downstream application developers, who, faced with a client base who can’t deal with PECL and PEAR, simply opt for building their own plugin architectures—and, to be frank, often do a pretty good job of it.

The risk facing us, as I see it, is not that Drupal, or WordPress, or whoever may decide to fork PHP or abandon it altogether. Rather, the problem is that there is no real way for these projects to provide upstream positive feedback to PHP core.

As I pointed out that the meeting that Cal references (I was the instigator of the discussion), core developers can’t improve PHP if they don’t know what needs improving, and downstream developers are forced to resort to needlessly duplicate functionality that they could instead feed into and pull out of core. This, in turn, would enable the latter to focus on what really makes their projects unique and make the whole PHP ecosystem better in the process.