We Need More Science

The Celebrity Photo Hacks Couldn’t Have Come at a Worse Time for Apple

The media crush will soon descend on Cupertino, California, as Apple prepares to announce what will surely be its newest iPhone, quite probably its latest laptops, and possibly its first smartwatch. When the new devices arrive next week, they’ll be tied together with an Apple operating system more dependent on the company’s cloud services than ever before. And as the world saw over the weekend, those cloud services might be about as secure as leaving your front door key under the mat.

The exact methods that led to the apparent breaches and theft of photos from celebrity iCloud accounts hasn’t been confirmed. Apple says the attacks were “very targeted” at specific user accounts, not the iCloud or Find My iPhone systems as a whole. But for the average user, how it was done is really beside the point. The message the world is hearing is that if it’s that easy to hack Jennifer Lawrence’s iCloud account, it’s probably that easy to hack mine too. For a company about to ask its users to entrust an even greater portion of their digital lives to its cloud, that’s the last thought Apple wants on anyone’s mind.

If all of this seems like a side note to the new features Apple nerds really care about, like a bigger iPhone screen, it’s not.

To refresh: Back in July, in a keynote widely hailed as the return of the company’s mojo, Apple announced a major refresh of iOS that would tie together users’ iPhones, iPads, and MacBooks more closely via the cloud. Among the most obvious was iCloud Drive, a Dropbox clone primed to finally make iCloud’s backup and syncing features less esoteric. Even more significantly, Apple released CloudKit, a set of tools for developers to build all kinds of third-party apps on top of iCloud, which let them outsource such tasks as data storage, syncing, and user authentication to Apple.

This last feature is especially unnerving in light of the celebrity photo hacks, since it allows access to other apps based on a user’s Apple ID —the same ID that would seem to have been compromised to gain entry to celebrities’ iCloud accounts. Regardless, once the account is compromised, whatever data it’s storing is likely compromised too.

All About the Cloud

If all of this seems like a side note to the new features Apple nerds really care about, like a bigger iPhone screen, it’s not. As Andreessen Horowitz’s Ben Evans noted after the Worldwide Developer’s Conference in July, “iOS 8 is really iOS 2.0,” and that next generation of Apple’s flagship mobile operating system is all about the cloud.

“For Apple, a lot of iOS 8 is about removing reasons to use the web at all, pulling more and more of the cloud into apps,” Evans writes. As Google stitches the web ever more tightly into Android’s fabric, Apple is embracing a closed system powered by its private cloud. And it’s that cloud that’s just become harder to trust.

In response to the hacks, Apple says it’s investigating. But as we at WIRED know all too well, this hardly the first time an iCloud account has been hacked with disastrous consequences. If Apple were a startup like Dropbox, such a high-profile theft of users’ sensitive, private data could spell the difference between success and failure as a company. If iCloud really is this poorly locked down, Apple starts to look like a company that has so much money it feels it can afford to be complacent.

Someone Finally Made the Glorious Loki Movie You’ve Been Waiting For

There are few villains in the Marvel Cinematic Universe more beloved than Loki. Actually, probably none. (Just ask, like, anyone on Tumblr.) Devotion to the Asgardian mischief-maker—or to Tom Hiddleston, who plays him—has reached such proportions that many fans would probably fight Frost Giants to get Marvel to make a stand-alone Loki flick. Even then, Marvel may not grant that wish. In the interim, fans have Loki: Brother of Thor.

The movie (above) combines footage from Thor, The Avengers, and Thor: The Dark World (and even some deleted scenes and a snippet of Guardians of the Galaxy) to create a Loki-view’s story. “My goal was to chronicle the character development of Loki into a single narrative,” Vimeo user “Loki Odinson” (an alias burdened with glorious purpose) writes in the clip’s description. “You’ll notice I took out a lot of fluff and even some beloved fight scenes, only because I was trying to focus the film on Loki and his relationships.”

That sound you hear is half of the internet calling in sick today. Pop some popcorn, Hiddlestoners—this one is for you.

Google Reboots Its Business Software Operation as ‘Google for Work’

Amit Singh spent 20 years at Oracle. But left for the clouds.

Amit Singh, president of the newly re-christened Google for Work. courtesy Amit Singh/Twitter

Google is best known for the online services and software it offers to everyday consumers—things like Google Search, Gmail, and the Android mobile operating system that runs so many smartphones and tablets—but for more than a decade, the tech giant has also offered services, software, and even hardware to the world’s businesses, including everything from online applications such as Google Docs to sweeping cloud computing services such as Google Compute Engine. Today, the company unveiled a new identity for this growing part of its operation. It will now be known as Google for Work.

This group—which operates across Google’s larger organization, essentially turning existing consumer products into business tools—was previously known as Google Enterprise. Meant to provide a shot in the arm for Google’s efforts in the workplace, the new name reflects a larger change across the world of business software and hardware, where so many tools are finding their way into businesses through individual employees rather than dedicated IT workers. It’s known as the “consumerization of IT.”

“In many ways, work itself has changed in the last five years,” Amit Singh, the president of the re-christened group, said this morning during a briefing with reporters at Google’s San Francisco. “Mobile has come into play, and users are making choices, not just enterprise IT.”

The name may take a while to stick, even inside Google. Rajen Sheth, the “father of Google Apps,” who has worked with the group for a good ten years, mistakenly used the group’s old name during the press briefing in San Francisco. But the ultimate aim is to make it easier for the average person to understand Google’s efforts in this area.

All of the group’s products will be tagged with the “for Work” moniker. Earlier this year, the company introduced Google Drive for Work, a version of its online file storage service that’s intended for businesses, and now, all other Google business tools will follow suit. Google Apps, for instance, will become Google Apps for Work.

According to Singh, 60 percent of the Fortune 500 now paying for what are now called Google for Work services, and more than 1,800 customers are signing up for its latest product, Google drive for Work, each week. But the company believes its business tools provide a much larger opportunity for growth, and that’s one of the reasons it’s rolling out this new moniker. “We are in a very important phase of growth,” Singh said of Google as a whole.

Sheth says that this move isn’t just a change in brand. “What we’re looking at here is more than just a name change,” he said. “It’s a mindset shift.” In short, the company realizes this is quickly becoming a “user-first market,” and it wants to make an even great effort to appeal to those end users. The word “enterprise,” you see, doesn’t mean that much to the average user. But “work” means a great deal.

The Bridge Is Over: Sonos Adds Simpler Wi-Fi Setup to All Its Speakers

You no longer need a Bridge to stream music to your Sonos speakers. Sonos

Can’t decide what song to listen to on your Sonos speakers today? You should start with “The Bridge Is Over” by Boogie Down Productions. That’s because you won’t need the $50 Sonos Bridge to stream music to the company’s speakers anymore—but you may still want to use one in many cases.

Sonos just announced a firmware update that eliminates the need for the Bridge, which had to be physically connected to a router with an Ethernet cable for any Sonos system to work. Now, you can connect to one or more Sonos speakers directly via Wi-Fi, with no hard wired connection. During configuration, a speaker will form an ad-hoc connection with your mobile device. You can set up one of the speakers to act as a wireless bridge for multi-speaker setups, although there are some limitations as compared to a Bridge setup.

The free over-the-air update will go out today, and the new feature is backwards-compatible. All new Sonos speakers will come with the new firmware, and the update is also being pushed out to all older Sonos systems. You’ll be able to choose between a “Standard Setup”—the new way that just uses Wi-Fi—and a “Bridge Setup” that uses the traditional wired-in hub.

According to Nick Millington, vice president of product development at Sonos, the Wi-Fi setup won’t impact performance. Millington says that network reliability and synchronization between speakers won’t be issues, and you’ll get “95 percent-plus” of the performance of a Bridge-equipped system. However, there are still scenarios in which a Bridge will still be the best route.

If you’ve already got a Sonos setup with a Bridge in place, you will likely want to keep it that way. Although the Wi-Fi connectivity is a simpler way to configure a single-room or single-speaker system, Sonos says that the Bridge is still the best way to drive more-elaborate and farther-reaching setups.

For the Wi-Fi-only setup, all speakers will need to be in range of your Wi-Fi router, which means you are limited in terms of speaker placement. And although the Wi-Fi feature will work with the company’s Playbar soundbar by itself, a hardwired Bridge is still required for 5.1- and 3.1-channel Sonos home-theater setups.

We haven’t had any hands-on time with the new “Standard Setup” feature, but it’s a welcome option especially for users of the compact and affordable Play:1. You won’t need a separate piece of hardware to stream music to it, and one less wire and one less gadget are generally good things.

No One Tweets Like the Japanese, and That Was a Huge Problem for Twitter

Twitter engineers Ali Alzabarah (left) and Mazdak Hashemi pose among the mysterious colored deer that decorate the main hall at the company’s offices in San Francisco. Alex Washburn / WIRED

Twitter engineer Mazdak Hashemi says the Japanese tweet like no one else on earth.

When the New Year arrives or even as they watch certain moments in shows and movies broadcast on national television, tens of thousands of Japanese will tweet at practically the same instant. “Everyone tweets at the New Year, but the Japanese are more in-sync,” says Hashemi, who, as Twitter’s director of site reliability engineering, works to make sure its mini-messaging service stays in good working order. “They do it at exactly midnight.”

This provides a small window into the unique culture of the Japanese, known for exhibiting a certain type of conformity, but there was a time when it was also an enormous problem for Twitter. As the year 2012 arrived in Japan, the country’s synchronized tweets crashed the entire site, worldwide. It was 3pm in Britain when the site went belly-up.

‘Everyone tweets at the New Year, but the Japanese are more in-sync. They do it at exactly midnight.’

So, as the next New Year approached, Raffi Krikorian, one of Twitter’s lead engineers, urged Hashemi to find a better way of ensuring the site could handle the next wave of synchronized Japanese tweets. “I think he had some post-traumatic stress,” Hashemi says of Krikorian in the wake of the 2012 New Year. As a result, Hashemi and his team built a new system—known as a software “framework,” in engineering speak—that would let them mimic events like a Japanese New Year tweet storm and actually run these synthetic creations on the thousands of computers that run the live the site.

Internet engineers call it “stress testing,” and though this sort of thing is very common, Twitter’s situation was a bit different, and its methods could serve as a model for other online operations as they reach Twitter-like sizes. Because of the real-time nature of the site—where people expect to send and receive instantly, at all times—Hashemi and his team needed tools that could very carefully shape and reshape these massive tests, and because the service is used in this real-time way across the globe—it spans 240 million users who generate about about 5,700 tweets a second—there weren’t “off hours” when they could run live tests without having to worry about massive amounts of “real” traffic.

“We can’t test outside of business hours,” says Ali Alzabarah, who works alongside Hashemi. “We don’t have business hours.”

The tests Hashemi wanted to run were so large—larger than the real traffic storm that brought down the site during the last New Year—some engineers at Twitter didn’t even want him to try them. “They thought I was smoking something,” says Hashemi, who describes the company’s wider testing efforts in a blog post published today. “You’re pretty much putting your job on the line. It’s like: ‘Am I going to be here or not?’”

But the stress testing framework he and his team built also included new monitoring tools that would let closely track the results of the tests—on a second-by-second basis—and scale them back as need be. In the end, these tests proved very successful—and the site stayed up for the next New Year, and the one after that. Last August, it also held firm when the Japanese helped set a new tweets-per-second record as they all tweeted at the arrival of a particular moment in the television airing of an animated movie called Castle in the Sky .

Much of this is thanks to an sweeping effort to rebuild the site using a software programming technology called Scala. And the company may be expanding into data centers in other parts of the world, so that it serve foreign countries like Japan with dedicated local machines—though Hashemi declines to comment on this. But the company’s new stress testing framework plays its own important role. According to Adrian Cockcroft, a technology fellow with venture capital firm Battery Ventures who previously served as a chief architect at Netflix, another company that deals with rather usual types and amounts of online traffic, this sort of thing isn’t easy.

‘We can’t test outside of business hours. We don’t have business hours.’

“As soon as you get to enormous scale, the off-the-shelf testing products fail,” he says. “You have to synthesize so much traffic with a pattern that actually matters. You have to put a lot of thought into what the traffic pattern is, and it’s quite hard, then, to actually build it. There are certain subtleties to this.”

As other services across the net continue to grow, they too will face similar testing problems, and the good news is that companies like Netflix and Twitter are showing the way. Netflix has opened sourced many of the tools it has built to test its site, and Twitter is a company that works in similar ways, sharing many of its software creations with the world at large in an effort boost the larger community of sites and services.

Twitter has already open sourced a tool called Iago that generates the “fake traffic” for its stress tests, and though it has not released its stressing testing framework for carefully building and monitoring these tests—the thing doesn’t even have a name—the company could do so in the future. That could come in handy. After all, the Japanese aren’t going anywhere. Nor is the rest of the net.

Why Your Library May Soon Have Laser Cutters and 3-D Printers

Ben Wiseman

Visit the downtown branch of the Chattanooga Public Library and you'll find the usual stuff: rows of books, magazines, and computers. But walk up to the fourth floor and there's something unexpected. It's a “makerspace”—complete with a laser cutter, a zine lab for making paper publications, and a 3-D printer. There's even a loom.

When it opened in spring 2013, the maker floor—formerly unused and filled with decrepit equipment—became a massive hit, and up to 1,200 patrons attended events there. “Normally you hold a library event and you get six people,” says Meg Backus, the systems administrator and chief maker for Chattanooga. But this new floor gives patrons access to new forms of literacy, ones they hunger after: design, programming, video editing, book writing, and website building. Consider it a glimpse into the future of libraries. They're becoming places to not just imbibe knowledge but create it—physically. Many people don't have access to classic hacker spaces, are intimidated by them, or can't afford them. “But here all you need is a library card,” says CJ Lynce, who runs a similarly equipped space at the Cleveland Public Library.

Chattanooga and Cleveland aren't the only cities giving this new kind of library a try. A survey by John Burke at Miami University found that 109 libraries in the US had a makerspace or were close to opening one. Others are hosting events like Wikipedia edit-a-thons, where residents plumb the library's resources to create articles about local history. (One library even has its own farm.) This ferment is attracting patrons; a Pew Internet survey found that these new modes bring in folks who normally shun libraries, typically men and people with limited education.

Ezra Reynolds is an example. As a kid he visited Chattanooga's main branch regularly but eventually stopped. Today he works assisting people with physical disabilities, and a year ago he adopted a son (now 2) whose arms end below the elbow. When Reynolds heard about the 3-D printer, he made his son a bunch of customized prostheses, including utensil- and pencil-holders. “This is what got me back in the door to the library after probably a 15-year hiatus,” Reynolds says. When he visits the library now, he often shares his new skills. This is another part of the trend: spaces where people interact. Older folks teach sewing to the younger ones, who in turn teach them laser etching.

But what about books? Public Library Association research shows that people have checked out slightly fewer materials in recent years. And Pew found that about a third of patrons are opposed to makerspaces if they displace books. But while I'm just as sentimental about the primacy of hard copy, the librarians aren't. As they all tell me, their job is helping with access to knowledge—not all of which comes in codex form and much of which is deeply social. Libraries aren't just warehouses for documents; they're places to exchange information. “Getting people in a room, talking and teaching each other, is huge,” Backus says. Nor are the makerspaces necessarily expensive. The Chattanooga project cost only $25,000.

You have to give the librarians credit. Stereotype says they're fusty, but the reality is absolutely the opposite. Over and over they've adapted to new information tools, from microfiche to CD-ROMs to the Internet. Now this—possibly the best example I've seen of how a storied institution embraces change.

Angry Nerd: Are You Ready for Grant Morrison’s Mind-Bending Multiversity?

The Multiversity spans 52 parallel universes and features characters like a Nazi Superman and a vampire Batman. Keeping track of everything requires an infographic. It’s a lot. That said, Grant Morrison’s new, mind-bending mini-series still encompasses everything that’s right in the alternate reality comics world. Angry Nerd is ready to dive in.