Ben Lovejoy, writing for 9to5Mac:

An increasing number of people are finding a wide range of websites — including ours — are asking permission to allow downloads to your Mac from googlesyndication.com …

The problem is a rogue ad that has made it through to the Google ad network, which is used by a great many websites. If you do allow the download, it’s just a harmless text file, but it’s annoying to have to keep hitting Cancel to block it.

This should not just never happen, it should not be possible to happen. If your ad network can foist a “harmless text file” download, it can foist any sort of file download.

Juli Clover, reporting for MacRumors:

A new feature in iOS 14 alerts users when apps read the clipboard, and it turns out some apps have been reading clipboard data excessively. TikTok users who upgraded to iOS 14 , for example, quickly noticed constant alerts warning them that TikTok was accessing the clipboard every few seconds. After being caught, TikTok now says that it’s removing the feature.

In a statement to The Telegraph, TikTok said that it accessed the clipboard to identify spammy behavior.

“Following the beta release of iOS 14 on June 22, users saw notifications while using a number of popular apps.

“For TikTok, this was triggered by a feature designed to identify repetitive, spammy behavior. We have already submitted an updated version of the app to the App Store removing the anti-spam feature to eliminate any potential confusion.

[…] TikTok did not say whether the feature would be removed from Android devices, nor whether clipboard data was ever stored or moved from user devices.

TikTok, I probably don’t need to remind you, is a Chinese company whose popularity algorithm is a black box. If you use TikTok you should assume they’ve stored a copy of anything and everything you’ve had on your clipboard while using the app. Their slogan might as well be “Chinese state-sanctioned social media” — which to me says don’t use them, but maybe that’s just me.

I mean, their explanation makes no sense at all. How is it an anti-spam feature to look at the clipboard contents of every single person using their app every three seconds? That’s like finding out that when you visit a certain store, they’ve been X-raying your pockets and bags every few seconds, without consent or warning, and when confronted, they say “Oh yeah, we were just looking for shoplifters.” Like that’s even vaguely acceptable.

Joseph Cox, reporting for Motherboard:

On Saturday, hackers and developers released the first public jailbreak for Apple’s iOS operating system that they say works at launch on all iOS devices. A hacker who worked on the jailbreak says it works by taking advantage of a vulnerability in iOS that Apple is not aware of, or a so-called zero day.

The news signals the first time a jailbreak has been released that works on all devices on launch day since iOS 10, according to iOS security researcher Pwn20wnd, who discovered the underlying vulnerability powering the new jailbreak.

“iPhones are getting more secure every year because Apple is learning their mistakes from public jailbreaks or attacks they find in the wild,” Pwn20wnd told Motherboard in an online chat.

Compare and contrast with Lily Hay Newman’s lede on the same story for Wired:

Over the years, Apple has made it prohibitively difficult to install unapproved software on its locked-down devices. But on Saturday, a hacker group called Unc0ver released a tool that will “jailbreak” all versions of iOS from 11 to 13.5. It’s been years since a jailbreak has been available for a current version of iOS for more than a few days — making this yet another knock on Apple’s faltering security image.

Neither of those linked articles supports the idea that Apple’s “security image” is faltering, and the second one dates to December 2017.

Marco Arment, on Twitter:

Major new bugs introduced in iOS 13.2:

• background downloads often hang forever and never run

• apps get killed in the background so aggressively that iOS effectively doesn’t offer multitasking anymore

… continuing the iOS 13 pattern of breaking long-held basic functionality. I’m sure Apple has good excuses about why their software quality is so shitty again. I hear the same thing over and over from people inside: they aren’t given enough time to fix bugs.

Your software quality is broken, Apple. Deeply, systemically broken. Get your shit together.

This bug where apps are getting killed soon after they’re backgrounded is driving me nuts. Start a YouTube video in Safari, switch to another app, go back to Safari — and the video loads from scratch and starts from the beginning.

Gina Kolata, reporting for The New York Times:

Public health officials for years have urged Americans to limit consumption of red meat and processed meats because of concerns that these foods are linked to heart disease, cancer and other ills.

But on Monday, in a remarkable turnabout, an international collaboration of researchers produced a series of analyses concluding that the advice, a bedrock of almost all dietary guidelines, is not backed by good scientific evidence.

If there are health benefits from eating less beef and pork, they are small, the researchers concluded. Indeed, the advantages are so faint that they can be discerned only when looking at large populations, the scientists said, and are not sufficient to tell individuals to change their meat-eating habits.

From my favorite scene in the deeply flawed but underrated Never Say Never Again:

M: Too many free radicals, that’s your problem.

Bond: Free radicals, sir?

M: Yes. They’re toxins that destroy the body and the brain. Caused by eating too much red meat and white bread, and too many dry martinis!

Bond: Then I shall cut out the white bread, sir.

Speaking of un-Mac-like apps, Pandora released a Mac client today. I downloaded it just to kick the tires — it’s a bad native Mac app even by the low standards of Electron apps.

If Marzipan can get more companies to build their Mac apps from their iOS app, that really would be an improvement over these Electron monstrosities. But part of the appeal of Electron is that it gives you an app that works on Windows too. (Pandora’s Windows app isn’t available yet, but is promised soon.) Marzipan won’t solve that problem.