Back in May, Matcha went dark. No announcement, no explanation. The app just disappeared.

Co-founder and CEO Guy Piekarz told TechCrunch they weren't shutting down, just heading in a new direction - a direction that was apparently causing things to break.

The hardest thing, by far, in the new direction we're going was taking down the service, which we've been building for the last couple of years. We apologize for dissappointing our users and plan to provide something better in the future.

That was it. We now know the shutdown and the acquisition were the same event - TechCrunch's sources say Apple had already closed the deal in May. The app going offline was the handover.

Today Apple confirmed it. VentureBeat broke the story. Standard response: they buy small companies, don't discuss plans.

I have a personal connection here. Ilan Ben-Zeev, Matcha's CTO and co-founder, is one of those people I consider extended family. I knew the algorithm was good. Now Apple knows it too.

Google developers have confirmed a cryptographic vulnerability in the Android operating system that researchers say could generate serious security glitches on hundreds of thousands of end user apps, many of them used to make Bitcoin transactions. (via Ars Technica)

The generation of random numbers is too important to be left to chance.

• Robert Coveyou, Studies in Applied Mathematics, III (1970)

Basically, in 2013, it is still exceptionally difficult to send money to a friend and this is leading to a customer revolution.

• Jaron Lukasiewicz, Coinsetter CEO at Inside Bitcoins NYC (via)

Everyone should walk around with 1-2 bitcoins that they can use for small transactions only. If enough people are doing that, then the volatility of currency goes down and the value of the currency increases.

• Vinny Lingham, CEO of gyft (via)

BitPay employees pay each other back when someone makes a food run, by pointing their phones at each other and scanning QR codes.

• Jeff Garzik, Bitcoin Core Developer (recently snatched by BitPay) (via)

I recently noticed that when I log in to two Twitter accounts, one from Google Chrome's main window and one from an Incognito one, the session would sometimes mysteriously "leak" to the main window. I suspected this may be caused by a faulty extension, and it seems I was right. The faulty extension is, ironically, HTTPS Everywhere by the Electronic Frontier Foundation.

It seems that cookies set in normal browsing mode cannot be seen in Incognito, but that (some?) cookies set in Incognito are visible to normal browsing mode. Unfortunately this means that your incognito sessions can leak data into your normal browsing sessions.

According to a 4 months old HTTPS Everywhere bug report, it's a Chrome API bug: "We're getting the onCookieChanged event, and the cookie we get in that event has a storeId of 0 regardless of where it comes from (Incognito or not). We then turn right around and set the secure flag on the cookie and issue a cookies.set(cookie). Since the storeId is still the default store, the cookie leaks to normal mode."

The only other report I could find was a very minor Google+ post by Todd Vierling (with reproduction instructions) from more than half a year ago, and it seems like nothing was done to mitigate the issue since.

Reproduced in Chrome version: 28.0.1500.72 m, HTTPS Everywhere version: 2013.7.10

I really enjoyed reading Paul Graham's essay "Do Things that Don't Scale" - counterintuitive advice for startups in their "larval" stage. Some highlights:

• Recruit users manually. Yes, one by one.
• The Collison brothers didn't send links. "Give me your laptop" - and they'd set you up on the spot
• Founders avoid this because it feels small. It can't be how the big startups got started, they think. It is.
• Send hand-written thank you notes. Your first users should feel like signing up was one of the best choices they ever made.
• Engineers aren't trained for this. We build elegant systems, not hover over users. "You can be ornery when you're Scotty, but not when you're Kirk."
• The feedback from your earliest users will be the best you ever get.
• If you can solve a problem manually, do it manually. Automate the bottlenecks later.
• The Big Launch rarely works. Think of successful startups. How many launches do you remember?