 This 10th year of Daily Tech News show is made possible by its listeners. That's you because you can hear me by definition. You're listening. Thanks to you. Maybe you're A.B. Puppy or Dale Mulcahy or Matt Zaglin or brand new patrons, a non-junior and Tim S on this episode of DTNS, how Beeper brought Apple messages securely to Android, Gmail's new weapons against spam, and how to unlock the most professional video you can get from an iPhone pro. This is the Daily Tech News for Tuesday, December 5th, Cinco de Deciembre 2023 in Los Angeles. I'm Tom Merritt. And from studio, hey, does anyone have any extra boxes? I'm Sarah Lane. And I'm the show's producer, Roger Cheng. You packing up? You getting ready to move town to town? Up and down the dial? Yeah, yeah. I mean, not physically packing yet, but getting to that point where it's the Seinfeld episode. Anybody have boxes? I need boxes. Yeah. For those, and I know there's a few of you out there that are unsettled that Sarah doesn't have a stable name for her studio. Just hang in there. Yeah, hang in there. I'm with you, y'all. We're going to get there. We're going to get there before the end of the year. Trust you, me. Just trust, trust. GTA 6 released its trailer showing it'll be set in the Miami-like Vice City, Star Lucia, who we haven't seen since the 90s, and come out in 2025. It's all anybody on the internet could talk about yesterday. Let's see what else is making the news in the quick hits. OnePlus officially launched the OnePlus 12 flagship phone in China. Worn a lot of surprises here since OnePlus has been sort of trickling out details for the last month or so, but you can get the OnePlus 12 with up to 24 gigs of RAM and one terabyte of storage, a 64 megapixel periscope telephoto lens with 3x optical zoom and 32 megapixel selfie cam are among the four Hasselbad cameras. It's also IP65 dust and water resistant, available in China for the equivalent of between about 600 and 800 US dollars. An international option is set to launch in early 2024. And now we can stop seeing all the clickbaity headlines about OnePlus features being slowly leaked out. Or maybe they'll just start with the next model. Microsoft Copilot getting a number of updates. It will support GPT-4 Turbo for text generation and an updated Dole E3 model for image generation. It gets a new code interpreter and improved Bing search functions as well. GPT-4 Turbo has a larger context window, so that means it can understand your prompts better and offer better responses. The Microsoft Edge browser is getting the ability to use Copilot to compose text in a website's input fields as well as summarize YouTube videos. And that new code interpreter I mentioned can run its suggested code in a sandbox for you. And an overall has more accurate and higher quality responses. The updates should come to Copilot sometime in the coming weeks. Meta is disconnecting Messenger and Instagram chat later this month. If you didn't use it, well, it probably won't apply to you, but some people did. Meta didn't give a reason as to why it's scrapping cross-platform communication between Facebook and Instagram. But speculation points to the avoidance of regulatory consequences in the EU due to the Digital Markets Act. The DMA imposes restrictions on 22 gatekeeper services in the EU, and both Messenger and Instagram have received that classification. All right, this next one's a little bit confusing, but this is why you listen to DTNS. So when someone goes, wait, I thought that didn't happen. You can explain, well, here's what's actually going on. On Wednesday, December 6th, the U.S. Ninth Circuit Court of Appeals is going to hear the Federal Trade Commission, the FTC's, appeal of the July District Court decision not to stop the merger of Microsoft and Activision Blizzard. Now you may say, well, hold on, didn't that merger close in October and the two companies are already now one company? Correct. That did happen. And no, most legal experts don't think the FTC has much of a chance of winning its case, but that's not stopping it. It will also continue its internal administrative procedure against the merger, and it's not likely to convince a third-party arbitrator in that one either. But we're saying there's a chance, right? If the FTC were to prevail in one of these efforts, it could cause quite a bit of havoc. Let's say they actually go all the way and get the courts to say, no, this merger should not have happened. They would have to unwind the merger in the United States. Who knows what that would look like? As a result, 37 VC firms and investors have filed a friend of the court briefs, objecting to the appeal. Foxconn, well known as one of the biggest makers of Apple's products and manufactures a lot of the tech world stuff overall. And because of that, how Foxconn is doing is often seen as a bellwether of sorts for the tech sector. So it's notable that Foxconn said it had its second highest November revenue ever and also expects a significant growth in the holiday period. Good for Foxconn, and good for Apple. The upshot of that is Apple has said, we're not selling fewer iPhones because they're not selling. We're selling them because you couldn't make enough. That's the spin. Yeah, it's Foxconn's fault, and now they're fine. And Foxconn's actually kind of like, yeah, no, it was, and now we're making more. So yeah, maybe things will turn around. All right, let's talk about this Gmail thing. Google posted details on what it's calling one of the largest defense upgrades to Gmail in years. They dubbed it resilient and efficient text vectorizer or RETVEC for short. Basically, it's really good at understanding all those tricks that spam uses to get around spam filters. If you've ever wondered why spam is filled with typos, well, that gets it around spam filters, emojis, same thing, special characters, et cetera. All those are tricks to try to evade the spam filter. RETVEC was trained on an efficient character encoder so it can recognize all the alternate uses of special characters and emojis and such. Previous methods had to be taught the alternatives. You had to give them a list of things to look for. And the alternatives are somewhat endless. So you wouldn't catch them all. This is more efficient because it's just trained to kind of recognize stuff like, oh, that C is meant to be this kind of C. Google's been using it for the last year or so. So you've had it in your Gmail account. They say that spam detection has improved 38% since it was deployed and false positives have declined 19.4%. Okay. Let's talk a little bit about what kind of special character stuff gets around spam filters because I have got a few different email accounts. Daily Tech News Show is one of them and gets by far the most amount of spam. A lot of it is sort of like, work with us on SEO and stuff that isn't even technically spam, just not people you're necessarily going to work with. But what are some tricks besides a typo in an email that gets through that filter? If you look in your spam folder, wear protective eye covering because it can be rather shocking. But if you look in there, even if you just look at the subject lines, you'll notice a lot of misspellings, a lot of weird characters, a lot of capitalizations in strange places, emojis in strange places. Those are all trying to get around those filters. I was talking about a classic example is in the Cyrillic alphabet, which is the alphabet used in a lot of Eastern European cultures, including Russia. The C is actually an S you pronounce it as S, which is why side note the old USSR hockey jerseys say CCCP because it's so yes, that's what they see is for. So if the filter is saying filter, the word cat, everybody's talking about cat spam. If you use the Cyrillic seed, the filter would go, well, that's not the same character because it's just looking at the Unicode. So it's like when someone uses one instead of L exactly, it's that kind of thing, but even harder for our eyes to notice. And then if you have updated the filter like, okay, now look for cat but spelled with the Cyrillic C, well, then they could use the mathematical C, because there's a whole separate C used for math Unicode. And it goes on and on and on because there's all kinds of glyphs and special characters for all these different alphabets out there. There's Honggu, there's Hiragana, there's Arabic. So you can find tons of characters to use that will look legible to us, right? We're able to read it, but try to confuse the machine. And what they did here was they just trained the generative model to say, look for something that looks like a C when you're trying to filter on cat. And so it didn't have to learn all the different variations that might look like that. It just said, hmm, that looks like a C. It's doing optical character recognition. Yeah, it's doing image recognition. Instead of the, you know, the specific like, here's the specific cat thing that, you know, right. Yeah, so it's learning the concept of a C instead of like looking at the Unicode. And in fact, the algorithm that was used to recognize cats, do you remember that story from a couple of years ago? Same, same underpinnings here. So cats do play a part as they always do in this piece of the internet. Cats are big on the internet. And I know we all like a good, let's kill spam story. I mean, I guess my pessimistic view of this is like, they're just going to figure something else out. But, you know, humans, we kind of know what's going wrong, but have had a hard time stopping what's going wrong. Models like this, being able to stop what's going wrong ahead of time and kind of know ahead of time, like, ah, this is another little trick that might happen. And we're not going to allow that either. I, you know, I welcome our new normal. Yeah, this is a more adaptable defense method, right? Because it can be trained. And it can, if the spammers find another thing that looks like a C, it's likely to catch it, right? You don't have to teach it that. So yeah, it won't eliminate spam. It hasn't eliminated spam, but it does make it harder. And so that's to me a good thing. And dude, well, a company that you may have heard of, if you do a lot of photography and video is called Lux. Lux makes a iPhone app called Halid. That's H-A-L-I-D-E that can capture raw photos and then do fun stuff with them. It's been around since 2017 when Apple first started supporting raw photo formats. Today, the co-founder of Lux, Ben Sandowski published a video. It was kind of weird, to be honest, saying Halid will never support video, but it was sort of a sort of tongue-in-cheek way for the company to announce an upcoming app called Kino, which does support what's known as log video, log as an L-O-G, like the log lady. Video encoding. This is something that Apple now supports on both the iPhone 15 Pro and Pro Max, which Apple announced encoding of this kind back in September. Now, Tom, I might ask you, log video, how familiar are you with us? Was not at all familiar with log video. I imagine your log has something to say about log video. I know from reading this Verge article that log is short for logarithm, but that's kind of the extent of my knowledge. Explain what this is. Yeah, it's technically short for logarithmic, but same idea. It's not the same as raw photos or video for that matter. What log is good for is maximizing what your camera's sensor already has, preserving detail within the captured footage to be manipulated later. I mean, you don't have to manipulate it later, but that's kind of what a pro wants, right? They want something that they can do a lot of stuff with. Sometimes referred to as recording flat footage to the point where you might see the footage and go, uh, you know, it's so there's no contrast, there's no true blacks, you know, where's where the color pops. It's supposed to be designed for somebody who knows what they're doing to make that perfect afterwards, because, you know, everyone knows if you got a blown out photo, you can't make it not blown out. You know, you can't. I mean, sure, there's, there's some tricks you can do, but you can't create data where there is no data. This is designed to be the flattest version of data that then you can work with afterwards. In fact, nine to five Mac explained this in a way that helped me get my head around it saying, applying a logarithm that curve to color information in order to compress that data into a smaller portion of the 10 bits of data, opening up more room for darker shadows, brighter highlights to be recorded. This difference between the darkest and brightest data can then be recorded in is referred to as the camera's dynamic range. Okay. So that makes sense to me in that you're saying the, the flat, the flat explanation is saying we're giving you something that doesn't look the best, but gives you the opportunity to work on it and make it look the best. You can go in either direction or, you know, up, down, right, left, you know, all that stuff. And I mean, anybody who's ever tried to clean up, I don't know, you know, you take an old photo of something, you know, from your childhood and you're like, man, these colors are bad. And there's filters, you know, that, that are part of a variety of apps to help you with that. I mean, Instagram's been doing that for a long time, but so have a lot of photo apps and video apps as well. This is probably the best way to take the most advantage of everything in a, the most pro version possible, not even prosome or like fully professional version, if you've got a 15 pro or a 15 max. Now, iPhone 14 and 13 pro and max lines record pro res videos. So, you know, and that's, you know, on its own already big deal, but being able to capture log video kind of takes that a step further. What's the difference between pro res and log video then? Well, are they both just compression styles? There are encoders. So yeah. So well, actually pro res is a compression method and log is an encoding method of a pro res compressed video. Ah, okay, okay, okay. So they're different things. You can, you can have them both. They are older iPhones. Don't do the log. They just do the pro res. No, and, and you know, I listen, I like to think of myself as sort of a, you know, a hobbyist photographer. I really haven't played around with this. I have a 13 pro max iPhone. So this is not, you know, this particular thing that we're talking about is not something that I can take advantage of. However, it did remind me that I can go into settings, go into my camera settings, go into capture settings, and, and have some more control over how I am capturing video. Now, if you choose pro res, just know, you better have a lot of storage, you know, or you got to be dumping that out somewhere, you know, to be working with it. You don't want to do it just for fun, because it's they're, they're huge. But if you, if you want that, and you know you want that, then that is a good thing to know about even just to play around with. I mean, I took a video of Ralphie the cat this morning and I was like, my gosh, I'm a cinematographer. Even though already, like the HD video is great, you know, on my iPhone, I just was like, gosh, I never really played around with this. Yeah. So this is the opposite of what cameras are promising with AI of like, you won't have to do a thing. Just take a photo and we'll make it look perfect. This is you are in charge. You want to make your photo look perfect. So we will give you the appropriate data, the appropriate exposure levels, so that you can then adjust it whatever way you want. And yeah, that's not gonna be for everybody, but that's cool. If any casual user was sort of like, sir, give me like a situation where I would want this, I'd be like, I mean, if you don't really want to like geek out on this, I can't think of that many. But for those of you out there who care, you either say, yeah, this is this is dope. I can't wait for, for Kino, the new app from Lux or, you know, I, you know, doing this natively with my iPhone 15 pro or pro max, which by the way, because of the USBC connectivity, lets you dump it out to an external hard drive, which, you know, is a game changer for a lot of people who do work a certain way. Now, if you say, great, where do I sign up? How much is it going to cost? We don't really know. Kino is expected to launch in February. That's what the co-founder said. In fact, he specifically said my wife is going to have a baby in February. And so if you don't ship before then, we're not shipping for a while. So they're really focused on, on that time. We don't know what it would cost or other details. However, for anybody who's like, I like a third party option, something that does things a little bit differently. I think this is one to watch. All right. That's enough iPhone talk. If you can't get enough Android in your life, if you're like, ah, please, can you just mention Android? Not only will we mention Android right now, but we'll give you an entire show of Android called Android Faithful. Ron Richards and Huentui Dao and Michelle Raman sometimes offer you the latest Android news and information in a whole show. You can catch live Tuesdays at 8pm, Eastern 5pm Pacific, right here on our channel, youtube.com slash daily tech news show, twitch.tv slash good day internet. Or you can get it at your leisure by subscribing in the podcast app of your choice and you can go find more information at androidfaithful.com. Well, Sunbird crashed and burned because of its implementation of iMessage on Android was pretty insecure. Turns out Beeper has been providing iMessage for Android users in a more secure way and has gotten a lot of space in the news as of late just as an option. Yeah, but it's still in the cloud and you still have to trust them with your Apple login. A lot of people don't want to do that. So Beeper said, hmm, what's our solution? That would be Beeper Mini. Beeper says, this new app has reversed engineered how iMessage works. Beeper doesn't need to access your Apple ID or your contacts list, but it can do group chats, high res images, high res video, voice messages, stickers, gifts, reply threads, typing status, kind of everything. Can't do location sharing, can't do FaceTime game, certain stuff that's just like Apple proprietary stuff. But how does this actually work Tom? Because it sounds pretty promising. Yeah, so I signed up for Beeper and I was a little hesitant to keep it because as good as Beeper has been way better than Sunbird on this, I was still putting my Apple ID in their hands. And I didn't love that, especially because messages were going through their machine, which is, you know, a second factor authentication thing for a lot of people. So I pulled out of it. But I will absolutely try this because you don't have to give them an Apple ID. Beeper figured out how to craft an SMS message to register your phone with Apple Sergers. They're just sending a text to Apple and the server then registers your phone number as iMessage capable. So it just bypasses the whole login business altogether. That's the reverse engineering part. They figured out how to craft that SMS message. Beeper Mini sends this message. So you never need to use an Apple ID to log into anything. Now, there's a lot of questions you may have like, is that secure? Well, it's tight. It's from your phone number. So it can only work with your phone number. You can't sign up other people's phone numbers with it. And Beeper has limited what it does in the cloud. So they want to be able to tell you when they have a message without having to have your messages running through their servers. So they have two things in the cloud. One is their own API server. That's every app has that, right? That's the way when you log into Beeper Mini, it goes, oh yeah, this person has an actual account. So that one's pretty non-controversial. The other is a notification server that uses the Apple push notification service with a separate credential. And this is taking advantage of the way Apple designed it. You don't log in on that cloud server. You log in on the app on your phone with the Beeper login, not an Apple ID. And then you get a credential from Apple that says, oh, you're the person I'm going to send these messages to. Here's the credential to get the notifications. You send only that APN credential to Beeper server. All it can do with that credential is ask the Apple server to send it a notification that a message has come in. It cannot use that credential to get your actual message. That credential to get your actual message stays on your phone. So what it does is it listens while the app is closed so that it can say, oh, hey, you know what, you've got a message and it'll push a notification through the cloud to your app to let it know the message is there. Then the app has to be opened up in order to present the proper credential to Apple to get the actual message. All the actual messages travel between Apple servers and your phone on that separate credential that stays on your phone. Now, if you would like to mirror those iMessages to a Mac or an iPad, which is one of the fun things you can do with iMessage, you would need to log into Apple to do that. Beeper allows you to do that through the Beeper mini app. So you're logging into Apple on your phone. You're not logging in through Beeper's cloud services. So they don't see your Apple ID in that case, but you would have to use it at that point. And Beeper says the request to log in is sent directly to Apple over an HTTPS encrypted request as it should be. So this still needs a third-party audit. They've got a first-party audit. They looked at it and they're publishing the results of their own first-party audit. A third-party should look at this and see if they missed anything. Not through any maliciousness, but just to check and make sure it's secure. But if it passes a third-party audit, which they're letting happen, I think this would be a great way to get iMessage on an Android phone. But Sarah, how long do you think it is before Apple decides to do something to stop this from working? That's a good question. We've talked at length, really, about why the blue versus green bubble matters. It matters to a lot of people and specifically younger people. In fact, Michelle Raman, who noted who's an often co-host on Android Faithful, tweeted this morning, or I guess you can't say tweeted anymore, posted on X this morning, I have finally become a blue bubble because he's using it. BeeperMini, there is something kind of cool about this working as advertised. I wonder how much Apple cares. They seem to care a lot if you believe all of those filings in the Epic Apple case where they talked about the big advantage they had by keeping, you know, they talked about should we make iMessage for Android? And then they were like, no, the blue bubbles keep people in the universe. So it does seem like something they care about. On the other hand, they are fighting in the EU to be exempted from the requirement of the Digital Services Act to be interoperable. Now, if you're fighting that and then you stop someone from interoperating with you like this, maybe that doesn't help your case. Maybe a way to make your case is to say, hey, we should be exempted because we already interoperate. Look at Beeper, they already work with us. It's an open system anyway. So I feel like this is a good thing for Apple in the EU. In the United States, reverse engineering is considered a fair use exemption to the DMCA. So there shouldn't be any legal problems there. The only thing that Apple could do is change the way it authenticates phone numbers, which would mean it would have to change it for all the iPhones too, which would be a lot of work. So Beeper is kind of counting on the fact that that's too much trouble. I feel like this has got a good chance of sticking. If I were a betting man, I'd say Apple's sort of sitting on the sideline saying, let's see how many people really care. Sure, a few vocal people really care. But how many people really care? Is this something that we're going to find out that the majority of Android users have signed up for Beeper and this is, I don't know, some sort of a subscription model that we could have launched ourselves, that kind of thing. I don't really know. But that would be my guess. I feel like Android folks who are in group chats with a bunch of iOS people are going to be the market for this. And if there's enough of a market, does that cause Apple to surelock it? Does Apple just go, you know what, let's just make iMessage for every other platform. Although that puts it back in front of the EU where they're trying to keep people in their platform and the EU might try to force them to interoperate. So I do feel like it's a good bet that Apple might make the decision this is more trouble than it's worth. Like you're saying, let's just let it happen and not worry about it. As long as there's not a security vulnerability. If we do find out there's some security problem with this, all bets are off, then everything changes. Yeah. Yeah. And those of you in the chat who are like, that sounds so complicated. Just remember, as a user, you don't have to know any of that is happening. I just explained all of that so that you understand that it's a secure way of doing the message. You don't have to build the app guys. Yeah, exactly. You don't have to understand what's going on behind the hood. I just thought you might be curious. All right, let's check out the mail bag. We got a couple of good ones. First one from Marty who wrote in a butter conversation on outlook and syncing emails. Marty says, maybe a dumb question, but why is this new information in the news cycle? Am I missing something? The new outlook has been around for over a year, mostly in beta. And this was described as to how it worked since the announcement of the client. This is why Microsoft only offered support for Microsoft Outlook accounts to start because they needed to build the syncing and API connections for other cloud providers like Apple and Google. Marty says, I'm just curious to your thoughts on why you think the new cycle is treating this as new, I guess. Yeah. So, so great question Marty. And I've actually been conversing with Marty over email about this. And if there's someone out there who knows how this works better and would like to illuminate it better, let us know. What I understand based on what Heise wrote, who's the person who uncovered this, is that everyone knew this was a cloud service, but everyone thought because it was a local electron instance that the credential for logging you in was stored locally. It's very similar to what we were talking about with Beeper actually, where only the credential that is used to get the notification is sent to the cloud, the authentication credential is stored locally. Everybody thought, oh, when you log in with Outlook, the credential to log you in is local, and it's just used to tell the server, hey, send me the emails, right? And what Heise discovered is, no, that is not what's happening. The credential itself never exists on your machine. It only exists in the cloud. So, I think that is why this made news. It's not that people didn't think this was a cloud service. It's that where that logging credential was stored was different. And that a lot of people were concerned to say like, well, wait a minute, if it's up there in the cloud and not on my machine, it's not under my control, and I'm nervous about that. Same reason I was nervous about having a Mac mini in a cloud logged in in my name. There's lots of examples of logging in with credentials and clouds that are perfectly secure. That alone doesn't make it insecure, but that's why it was news. Everybody thought it worked a different way. At least that was my impression of it. Well, patrons, the show is not over for you. Everybody who supports us directly at patreon.com slash dts gets good day internet. And on today's GDI, Sarah is going to talk about her move into a new place and how shopping for the internet has changed since the last time she did it. And especially if you're somebody who's in the same boat looking for internet options or you're just curious what's been out there since the last time you looked around, she'll tell us what she's found and how she's going about making her decision. Stick around for that. Indeed, but just a reminder, you can catch our show live Monday through Friday at 4 p.m. Eastern 2100 UTC. And you can find out more at daily tech news show dot com slash live. We're back doing it all again tomorrow talking about why GTA six isn't coming to PC until 2026. Scott Johnson, because he knows this show is part of the frog pants network. Get more at frog pants dot com.