In ExtraBITS this week, Apple is buying the Shazam audio-identification app, the Ai.Type keyboard for iOS and Android has leaked the data of over 31 million users, Apple’s ban on app templates is hurting small businesses, Apple has patched a HomeKit vulnerability, and the iPhone X’s reliance on new gestures has proved to be a complex topic.
 -- Apple has confirmed that it is purchasing the popular Shazam app, which identifies songs, TV shows, movies, and ads by their audio signatures. Apple reportedly paid about $400 million for the company and said that it has “exciting plans in store” for Shazam. You can already ask Siri “What’s playing?” to identify audio with Shazam, so it’s unclear what additional integration Apple has in mind.
 -- The third-party keyboard company Ai.Type has inadvertently leaked data from over 31 million iOS and Android users, including names, phone numbers, and information associated with social media profiles. Unfortunately, because many third-party keyboards need full access to your data, it’s not particularly surprising that one of them would have been hacked or, as in this case, accidentally revealed user information. If you use Ai.Type, you might want to delete it now, and if you rely instead on other third-party keyboards to which you’ve granted full access, consider the potential problems if they were to leak data as well.
 -- In June 2017, Apple updated its App Store rules to prohibit templated or generated apps, a move that seemed to be aimed at reducing spam apps. Now Apple is warning app template makers who serve small businesses — restaurants, fitness studios, and more — that it will start rejecting their apps on 1 January 2018. App templates and generators are used by small businesses who lack the resources to develop their own apps from scratch. Unfortunately, some of these app makers are already having to shut their doors due to Apple’s change in rule enforcement. Apple’s move has drawn the attention of Representative Ted Lieu (D, CA), who has asked the company to reconsider.
 -- Zac Hall of 9to5Mac discovered a vulnerability in HomeKit, Apple’s home automation framework, that could allow unauthorized control of accessories like smart locks and garage door openers. The good news is that Apple has already closed the security hole on the server side, so your devices are no longer vulnerable. Unfortunately, Apple’s server-side fix also prevents you from giving remote access to shared users. A future update to iOS should eliminate the vulnerability and restore full functionality.
 -- The most radical interface change on the iPhone X is the disappearance of the familiar Home button, which frees up a lot of space for a larger display. But the loss of the Home button means that Apple had to replace its functions with a variety of new gestures. Raluca Budiu of the Nielsen Norman Group explores the interface challenges that gestures face, including discoverability, memorability, and swipe ambiguity. Although Budiu identifies some areas where Apple’s approach with the iPhone X stumbles, she praises the Home line as a reminder of the iPhone X’s new gestural needs. If you have or are getting an iPhone X, it’s worth reading this piece to understand how it changes the iPhone user experience.