The new York Times:

We’ve chosen some of our best works or collections of works that have appeared since we began offering digital subscriptions in 2011.

While certainly not exhaustive, the list demonstrates the breadth, creativity and impact of The Times.

One of the things the NYT does really well is these long-form, investigative articles. “Punched Out: The Life and Death of a Hockey Enforcer” was a heartbreaking look into the life of a hockey player I was a big fan of during his playing days.

Kirk McElhearn addresses the ethical issue of ad blocking. Good, solid read.

Ads are a necessary part of the modern publishing equation. But as Kirk, and John Gruber before him, point out, ads don’t have to be evil. There is a threshold, a threshold of proper behavior. Hidden ads/video? Ads that mysteriously gobble your data plan? Ads that force you to interact with them before you can get to the content? All of these are on the wrong side of that threshold.

The key is to find a way to allow proper behavior, to block the evil ads, but allow the basic ads that keep sites like Daring Fireball, MacStories.net, Kirkville, SixColors, The Loop, and many others who don’t cross that threshold in business.

I have spent far too much time staring at this new nav bar on sixcolors.com. Subtle and hypnotic. Take a look.

Jeremy Burge, founder of emojipedia:

A mysterious new emoji has shown up in the developer previews of iOS 9.1 & OS X 10.11.1, and nobody knows what it is, or why it exists.

To a casual observer, this appears to be just another emoji – one of many planned for the iOS 9.1 emoji update. But the strange thing about this character (which Apple calls “eye in speech bubble”) is that it’s not a standard Unicode addition. It can’t be found in Unicode 1.1, or any other version right through to the Unicode 9.0 candidates.

It’s a mystery. Another Monday morning curiosity.

One of the many new features introduced with iOS 9 is facedown detection. Gautam Prabhu, writing for iPhoneHacks:

In case you went through iOS 9’s release notes, you may have noticed it includes a new feature called Facedown detection. The feature along with other refinements helps in improving battery life by an additional hour as it turns off the display when not in use.

So one of the top iOS 9 tips and tricks is to put your iPhone facedown to ensure that the display doesn’t light up when you receive a Notification, which in turn helps in improving battery life.

Great idea. As it turns out, facedown detection does not work on all iOS devices. If you are interested in the details, check out Gautam’s follow-up post. It’s all about the motion co-processor.

From Apple’s press release:

Apple® today announced iPhone® 6s and iPhone 6s Plus, the most advanced iPhones ever, will be available at 8:00 a.m. local time on Friday, September 25 at Apple’s retail stores. Stores will have the new iPhones available for walk-in customers who are encouraged to arrive early. Both models will also be available on Friday from AT&T, Sprint, T-Mobile, Verizon Wireless, additional carriers and select Apple Authorized Resellers. Apple also announced the fastest iOS adoption ever, with more than 50 percent of devices already using iOS 9.

Amazing to me that iOS 9 adoption is already at more than 50%. And that was as of Friday. Remember, the launch was Wednesday.

In a nutshell, hackers infected a legitimate copy of Xcode, then made that tainted copy available for download on Baidu in China. Developers sometimes turn to Baidu when Apple’s servers in China are slow.

The developers used their tainted copy of Xcode to build unknowingly infected apps, then uploaded those infected apps to the Chinese App Store. Some of those apps made their way to app stores in other countries.

From this report from Palo Alto Networks:

We checked these apps and list them below in this report. As of this writing, we see 39 iOS apps being infected, some of which are extremely popular in China and in other countries around the world, comprising hundreds of millions users.

The infected iOS apps include IMs, banking apps, mobile carrier’s app, maps, stock trading apps, SNS apps, and games. Among the more well-known apps are WeChat (developed by Tencent); Didi Chuxing (developed by Didi Kuaidi) the most popular Uber-like app in China; Railway 12306, the only official app used for purchasing train tickets in China; China Unicom Mobile Office, which is in use by the biggest mobile carrier in China; and Tonghuashun, one of most popular stock trading apps.

Some apps are also available from the App Store in other countries. For example, CamCard, developed by a Chinese company, is the most popular business card reader and scanner in many countries (including the US) around the world. WeChat is the most popular IM app not only in China but also in many countries or regions in Asia Pacific. Version 6.2.5 of WeChat is what we have verified to be infected. Tencent has updated to 6.2.6, which removed the malicious code.

The report links known infected apps.

Reuters added:

The hackers embedded the malicious code in these apps by convincing developers of legitimate software to use a tainted, counterfeit version of Apple’s software for creating iOS and Mac apps, which is known as Xcode, Apple said.

“We’ve removed the apps from the App Store that we know have been created with this counterfeit software,” Apple spokeswoman Christine Monaghan said in an email. “We are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps.”

She did not say what steps iPhone and iPad users could take to determine whether their devices were infected.

Apple Inc is stepping up aid to the thousands of migrants that are streaming into Europe from war-torn countries, Chief Executive Officer Tim Cook told employees in an internal message on Friday.

Thanks to Low for sponsoring The Loop this week. Low is live video texting you can do from anywhere without being overheard. More fun than plain texting. Less awkward than video chat.

If you bought Peace, it’ll keep working, but will never see an update.

If you want your money back, here’s a writeup by Rene Ritchie on how to do that.

Here’s the link to Marco’s explanation.

I’m no physicist but, if I read this correctly, it is possible under certain circumstances to FREEZE TIME.

Holy crikey. The mind reels.

John Gruber lays out a nice chain of logic that explains why Safari (and through it, Apple) does not control the web. Instead, it has the same veto power as the other web standard bearers:

The web today is nothing like that. No single browser (or rendering engine) has an overwhelmingly dominant position. Four browsers/rendering engines share the world: Microsoft’s IE/Trident (and now the modernized Windows 10 browser, Edge), Mozilla’s Gecko, Apple’s Safari/WebKit, and Google’s Chrome/Blink. In a world where one rendering engine does not rule the entire web, conflicts between the various popular engines are inevitable.

Apple can stand in the way of a web standard that acts against its interests (that’s a veto). But Apple cannot force a standard on the other players. And that’s a critical difference.

Head over to Daring Fireball and read this for yourself.

Mark Harris, writing for The Guardian:

According to documents obtained by the Guardian, Mike Maletic, a senior legal counsel at Apple, had an hour-long meeting on 17 August with the department’s self-driving car experts Bernard Soriano, DMV deputy director, and Stephanie Dougherty, chief of strategic planning, who are co-sponsors of California’s autonomous vehicle regulation project, and Brian Soublet, the department’s deputy director and chief counsel.

And:

The department would not comment on what was discussed at the August meeting, beyond saying that “the Apple meeting was to review [the] DMV’s autonomous vehicle regulations.”

Really looking forward to watching this (still alleged) project unfold.

Here’s the bet: Autonomous cars making up the majority of traffic in at least one major city within twenty years? Any takers?

If you’ve never dug into the details of sharing your location, this writeup by Chris Hoffman for How-To Geek is worth reading, bookmarking, and passing along. Two different approaches to location sharing. Good stuff.

This first appeared back (I believe) in early 2012, but seems so much more appropriate now.

Here’s a link to the image (this one is via Reddit). Take a look at it first.

Here’s the words embedded in the Coke bottle:

People are taking the piss out of you everyday. They butt into your life, take a cheap shot at you and then disappear. They leer at you from tall buildings and make you feel small. They make flippant comments from buses that imply you’re not sexy enough and that all the fun is happening somewhere else. They are on TV making your girlfriend feel inadequate. They have access to the most sophisticated technology the world has ever seen and they bully you with it. They are The Advertisers and they are laughing at you.

You, however, are forbidden to touch them. Trademarks, intellectual property rights and copyright law mean advertisers can say what they like wherever they like with total impunity.

Fuck that. Any advert in a public space that gives you no choice whether you see it or not is yours. It’s yours to take, re-arrange and re-use. You can do whatever you like with it. Asking for permission is like asking to keep a rock someone just threw at your head.

You owe the companies nothing. Less than nothing, you especially don’t owe them any courtesy. They owe you. They have re-arranged the world to put themselves in front of you. They never asked for your permission, don’t even start asking for theirs.

– Banksy

And here’s Banksy’s Wikipedia page.

Members of Google’s Project Zero vulnerability research team have challenged a key talking point surrounding the security of Google’s Android mobile operating system. To wit, a key exploit mitigation known as address space layout randomization does much less than the company’s overworked public relations people say in blocking attacks targeting critical weaknesses in Android’s stagefright media library.

Jesus, this company is so fucked up. Good luck Android people. If you ever doubted that Google is lying to you, this should put it to rest.

Some real history here. Fascinating.

Joe Caiati, writing for The Sweet Setup, takes you through a detailed walkthrough of his favorite flight tracking app. If you fly a reasonable bit, this is absolutely worth reading.

Nice review, Joe.

This is a flaw with Lollipop, the latest version of Android.

From the locked screen, open the phone’s “Emergency Call” feature. Type a few characters, then copy-and-paste the text repeatedly. The character “string” grows exponentially, so it quickly becomes close to 40,960 characters long.

Then open the phone’s camera app and prompt the phone to request a password. Paste the super long character string a few times until the system crashes. (Based on Gordon’s video, it looks like 163,840 total characters.)

Wait maybe five minutes, and the phone goes straight to the unlocked home screen.

And:

Google has acknowledged the flaw, saying that the hack lets someone who grabs your phone “view contact data, phone logs, SMS messages, and other data that is normally protected.”

Most importantly:

The patch is already available for Google’s own line of phones — the various Nexus models. But there’s no telling when it’ll reach Android devices made by Samsung, LG and others. Blame the Android’s fractured updating system, which is slowed down by phone manufacturers and cellphone network carriers.

That last is the fly in the ointment.

For a startup, the search for a domain name can be grueling. If you are extremely lucky (or clever), you’ll find that the natural domain name for your company is unclaimed. But more often than not, you’ll find that natural name in the hands of a cybersquatter or a domainer.

Read this post to learn the difference between those two and for some sage advice on the best way to bring a coveted domain name home.

The whole thing is a solid read, but two things worth quoting:

You may find sites that don’t load correctly with a content blocker in action. If so, you can reload any site without it. In Safari, all you need to do is tap and hold the reload button in the toolbar. When you do so, a menu displays asking if you want to request the desktop site, instead of the mobile site, or if you want to reload that site worth content blockers.

Good to know. And:

It’s a shame we had to get to this point. I make my living from writing, much of which is published on ad-supported websites. And I have ads on this site. So I would rather that the sleazy ad networks hadn’t killed the web, but they have.

Not sure they’ve killed the web, but they’ve certainly created the market for content blockers. And, I suspect, that will definitely change the web, at least the web’s advertising model.

Washington Post:

Amazon today announced that Prime members can now enjoy six months of free unlimited access to The Washington Post National Digital Edition, a subscription usually retailing for $9.99 per month. After the first six months of access to world-class national and international news, Prime members can continue to enjoy unlimited digital access with a discounted monthly subscription rate of only $3.99, a savings of 60% per month.

What I find most interesting about this is the parallel with Apple. Just as Apple continues to add elements to its ecosystem to add value to all the other ecosystem elements, so goes Amazon, using the Washington Post to add value to Amazon Prime. If you value the free (and then discounted) digital access to the Washington Post, you’ll be more likely to re-up your Amazon Prime membership.

The addition of Transit to Apple Maps is fantastic, even better when you live in a city with a complex mass transit system.

To see this for yourself, fire up the Apple Maps app in iOS 9. Clear the search bar, then tap in it. A series of 8 circles should appear in it. Tap the one labeled Transport.

Next, tap one of the Transport circles that appear. For example, if you live near a bus line, tap Bus Stops. Your map should be populated by local bus stops, with a scrolling list of stops at the bottom.

If your local stops don’t appear, tap the info (i in a circle) button in the lower right corner and make sure the Transit tab is tapped. Mine was on Map by default. With the Transit tab tapped, you’ll have a transit-oriented map. Zoom way in to see your local stops.

Tap on a stop and you’ll see how far you are from it. You’ll also see a list of buses that stop at that stop and, most importantly, you’ll see how long until the next bus gets there. If you tap on the time (all the way on the right), the time of the next 3 buses will appear (Thanks Benjamin Mayo!)

Update: Updated the post to show how to get to the Transit view on Apple Maps. Hat tip to Gordon Meyer for walking me through that.

As usual, Federico does a bang up job in this review.