Start Up: first-time app millionaires, avoiding another MH-17, who owns England?, pricing broadband, and more


It probably got your heart rate correct, but the calories could be iffy. Photo by unexxx on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 10 links for you. Use them wisely. I’m @charlesarthur on Twitter. Observations and links welcome.

Apple’s App Store is creating twice as many million-dollar publishers as Google Play • Sensortower

Randy Nelson of Sensortower:

»

When it comes to building a successful business, Sensor Tower’s Store Intelligence data reveals that more app publishers are achieving an important milestone on Apple’s App Store than on Google Play. Based on our analysis of in-app revenue—not inclusive of advertising revenue—nearly double the number of publishers made their first $1m in annual revenue last year on the U.S. App Store compared to Google Play. In all, 66 publishers met or surpassed this benchmark figure on Apple’s store in 2016, which was 1.7 times more than the 39 that managed the same degree of success on Google’s platform.

What’s more, as you can see in the chart above, the number of publishers who had their first $1m or greater year on the US App Store in 2016 nearly doubled over 2015, when 34 surpassed that mark in terms of annual US revenue.

While it still trails behind the App Store by this measure, Google Play grew its number of equivalent publishers on its US store considerably more than Apple’s platform in 2016, by nearly 2.8 times from 14 in 2015. This is a promising figure for Google, which, when combined with the impressive year-over-year revenue growth we’ve witnessed from its platform over the past few quarters, signals that developers are enjoying a growing measure of success monetizing on Google Play.

«

That “not inclusive of advertising revenue” could be significant. Note too that these are first-time million-dollar earners (47% on iOS and 75% on Android are games). This goes against the general narrative that you can’t make any money from apps. But this isn’t a lot of organisations – 105, if there’s no overlap.
link to this extract


MH17: a darker truth • Medium

Mark Zee:

»

This will be uncomfortable reading, but [MH-17 being shot down over Ukraine] was a preventable tragedy.

As industry experts, we’ve comforted ourselves knowing that “Nobody considered that civil aircraft, at cruising altitude, were at risk” (Dutch Safety Board report). When fingers were pointed at Malaysia Airlines for overflying a war zone, we were quick to tell the public “Not fair. Everybody else did as well”.

We were all apparently operating under the same misguided reassurance that this was a war going on underneath the airways, and that cruising at 33,000 over the top of it would be just fine. As an airline pilot at the time, I did the same as everyone else using the eastern Ukraine routes, and monitored the conflict beneath us with interest on each flight, but without concern.
But what if we could have known — what if the risk information was actually there, but for some reason we weren’t seeing it?

Well, it was.

International aviation uses a simple system to tell pilots essential flight information: NOTAMS. Notices to Airmen. An average 3 hour flight will have 20 pages of them, and they look like this:

«

It is, as he clearly explains, a case where complexity has run away from comprehensibility – with potentially disastrous results.
link to this extract


China’s Lenovo to reboot after losing PC crown to HP • WSJ

Kathy Chu:

»

Lenovo has axed at least 2,000 U.S. jobs since buying Motorola. The company continues to lose talent because some employees are unsure about the company’s direction, said a handful of insiders, who declined to be named because they aren’t authorized to speak publicly.

A Lenovo spokesman said that the company’s attrition rates are in line with the industry and Lenovo has been adding new talent, signs that “morale has improved and that Motorola continues to be a place where technology-loving employees want to work.”

Kitty Fok, IDC’s managing director for China, cautioned against reading too much into Lenovo losing its No. 1 position in the PC market to HP. The first calendar quarter is traditionally Lenovo’s weakest quarter, so this slide may only be temporary, Ms. Fok said.

Meanwhile, even though Lenovo’s smartphone business is still not profitable, its global shipments are stabilizing, according to Strategy Analytics executive director Neil Mawston. Lenovo holds only a 1% market share in China, but is growing rapidly in India, where its market share has risen to 9% from 7% in the past year, according to the research firm.

“For Lenovo at the moment, China is a dark cloud, the U.S. is a gray cloud, while India is a sunny day,” said Mr. Mawston.

The analyst said that if Lenovo can cut costs further and continue to expand in India, its smartphone business could return to profitability by 2018.

«

Since Lenovo acquired Motorola in October 2014, smartphone profitability has always been just six months away. Meanwhile that division has had eight straight quarters of operating losses.
link to this extract


May 2012: Post-traumatic life expectancy of phone vendors • Asymco

Horace Dediu, back in May 2012:

»

RIM [since renamed to BlackBerry] has just entered what I call the Post-traumatic period of a phone maker’s life. This period is defined as beginning with a loss-making quarter and ending  with the company’s exit from the business. These post-traumatic periods were visualized first here and the pattern was first discussed about a year ago here.

I’ve updated the chart with the current data and added the bar chart below to illustrated the “post-traumatic life expectancy” for the companies shown. Companies still operating are shown with bars without color while companies that have exited are shown with solid color bars.

The pattern may be that companies either have short post-trauma lives of about two to three years or relatively long post-trauma lives lasting 4 to 5 years. What determines this life expectancy and how long do RIM, Nokia and LG have?

There is precious little data, but perhaps one hypothesis I could offer could be that the bigger the commitment to the industry (in terms of having no fall-back options) the longer the post-traumatic period lasts. In other words, as there is no easy way out, the fight lasts longer.

This can also be interpreted using Porter’s “barriers to exit” force analysis where companies which can liquidate a division see it as a low cost of exit whereas companies that need to restructure (usually more than once) and then seek either a buyout or rescue may interpret exit as a very costly endeavor.

«

Nokia and RIM both exited; Motorola was acquired and sold and acquired; Sony bought out Ericsson; the stubborn one, in that respect, is LG, which first fell into loss at Q4 2009, and is still going (with losses).
link to this extract


Land ownership map • Who owns England?

»

Who owns land is one of England’s most closely-guarded secrets. This map is a first attempt to display major landowners in England, combining public data with Freedom of Information requests. To follow the investigation and help us fill in the gaps, visit the Who Owns England? blog.

The map also displays some data for Wales and Scotland, where landowners’ data includes this; our project is focused on England. Investigation by Guy Shrubsole, map by Anna Powell-Smith.

«

But of course Powell-Smith would be involved – she does great mapping/data stuff. “Overseas companies” own nearly a quarter of a million acres, in some very odd places.
link to this extract


China censored Google’s AlphaGo match against world’s best Go player • The Guardian

Alex Hern:

»

DeepMind’s board game-playing AI, AlphaGo, may well have won its first game against the Go world number one, Ke Jie, from China – but but most Chinese viewers could not watch the match live.

The Chinese government had issued a censorship notice to broadcasters and online publishers, warning them against livestreaming Tuesday’s game, according to China Digital Times, a site that regularly posts such notices in the name of transparency.

“Regarding the go match between Ke Jie and AlphaGo, no website, without exception, may carry a livestream,” the notice read. “If one has been announced in advance, please immediately withdraw it.” The ban did not just cover video footage: outlets were banned from covering the match live in any way, including text commentary, social media, or push notifications.

It appears the government was concerned that 19-year-old Ke, who lost the first of three scheduled games by a razor-thin half-point margin, might have suffered a more damaging defeat that would hurt the national pride of a state which holds Go close to its heart.

«

Bet they found out anyway. AlphaGo won the second match as well, even though Ke played the first 50 moves “perfectly” – in AlphaGo’s judgement, at least. I expect playing against it is something like Kasparov found against Deep Blue: you can expect a human to err under pressure, but there’s no emotion on the other side of the board, which pushes that liability of mistiming a move back onto you, the human.
link to this extract


Bitcoin surges 11% to all-time high above $2,700 • CNBC

Evelyn Cheng:

»

At Thursday’s record, Bitcoin has now gained more than 45% since last Thursday and more than 180% for the year so far.

“There is no question that we are in the middle of a price frenzy,” said Brian Kelly of BKCM LLC and a CNBC contributor, in a note to clients Thursday. “There will be a correction and it could be severe, but it’s unclear if that correction will start from current prices of $2700 or from some place much higher.”

Kelly manages a hedge fund focused on digital currencies.

The globally, 24-hour traded asset swept past $2,400 and $2,500 on Wednesday Eastern Time, following a late Tuesday announcement that brought some resolution to a heated debate about the future development of the digital currency. The Digital Currency Group said in an online Medium post that 83% of bitcoin miners supported a “Bitcoin Scaling Agreement” for a specific technological upgrade.

«

This is all quite bonkers; it seems untethered by any rational explanation. So maybe we just treat it as an irrational speculative product.
link to this extract


Fitness trackers accurately measure heart rate but not calories burned • Stanford Medicine

»

Millions of people wear some kind of wristband activity tracker and use the device to monitor their own exercise and health, often sharing the data with their physician. But is the data accurate?

Such people can take heart in knowing that if the device measures heart rate, it’s probably doing a good job, a team of researchers at the Stanford University School of Medicine reports. But if it measures energy expenditure, it’s probably off by a significant amount.

An evaluation of seven devices in a diverse group of 60 volunteers showed that six of the devices measured heart rate with an error rate of less than 5%. The team evaluated the Apple Watch, Basis Peak, Fitbit Surge, Microsoft Band, Mio Alpha 2, PulseOn and the Samsung Gear S2. Some devices were more accurate than others, and factors such as skin color and body mass index affected the measurements.

In contrast, none of the seven devices measured energy expenditure accurately, the study found. Even the most accurate device was off by an average of 27%. And the least accurate was off by 93%.

“People are basing life decisions on the data provided by these devices,” said Euan Ashley, DPhil, FRCP, professor of cardiovascular medicine, of genetics and of biomedical data science at Stanford. But consumer devices aren’t held to the same standards as medical-grade devices, and it’s hard for doctors to know what to make of heart-rate data and other data from a patient’s wearable device, he said.

«

Here’s the graphic on energy expenditure (which was measured using oxygen consumption). Fitbit Surge did best, followed by Microsoft Band, and then Apple Watch – though the researchers say overall “of the devices tested, the Apple Watch had the most favorable error profile while the Samsung Gear S2 had the least favorable error profile”.

Why the variability? The researchers note that “10,000 steps have been observed to represent between 400 kilocalories and 800 kilocalories depending on a person’s height and weight”. That’s a lot of variation in how our bodies burn energy.
link to this extract


Gatwick Airport launches indoor navigation system to help passengers find their way • The Next Web

Matthew Hughes:

»

Serving the London region, Gatwick Airport is the UK’s second busiest airport, after London Heathrow. As you’d expect, it’s a gargantuan place, and getting around its two massive terminals can be a nightmare.

To ameliorate this, Gatwick has taken the unusual step of installing 2,000 bluetooth-powered beacons that tell passengers where they are in the airport’s two terminals.

The beacons are the product of a collaboration with London startup Pointr, and are accurate to three meters — so pretty damn accurate.

The first incarnation of the system shows travelers where they are on a digital map, with their location visualized as a blue dot. Gatwick eventually intends to introduce an augmented reality system that guides users with turn-by-turn directions, using real-world visual data.

At first, Gatwick plans to integrate this network of beacons into its own app, and is in talks with airlines about sharing access to the data.

Conceivably, this could be used to tell passengers that they’re running late, or help the airline to figure out whether to offload luggage if a late passenger is far away.

«

Your basic augmented reality (AR) implementation.
link to this extract


New Penn research assesses financial viability of municipal fiber networks • Penn Law

»

Using industry standard financial analysis tools on five years of official data, the study finds that 11 out of the 20 fiber networks assessed do not generate enough cash to cover their current operating costs and only two out of the 20 are on track to recover their total project costs during their 30-40 years of expected useful life. Key findings include:

• 11 of 20 projects studied are cash-flow negative, many substantially so.
• 5 of the 9 cash-flow positive projects are generating returns that are so small that it would take more than a century to recover project costs.
• 2 of the 9 cash-flow positive projects would have a recovery period of 61-65 years, beyond the expected useful life of a fiber network.
• Only 2 of the 20 projects studied earned enough to expect to cover their project costs during the useful life of the networks, one of which is an outlier that serves an industrial city with few residents.
• The analysis also models the returns for a hypothetical project, finding it would take over 100 years to recover expected project costs. 

«

That’s all reasonable enough within itself (this is only municipally-funded, ie debt-funded, networks, not Google Fiber et al). But I wonder if it’s not too shallow in that the full report ignores positive externalities that might arise. Many of these are in low-density population areas: it could be that having high-speed internet preserves the population base (which is important in other ways to a municipality), or even serves to attract businesses and others to the area, which would create a positive feedback effect. In the short term, high-speed broadband (especially if there’s a delta compared to a neighbouring area) can even shore up property prices. So it’s not just about the obvious bottom line. (The report’s author told me by email that he hoped the findings so far would feed into Ofcom assessments; and that a further study comparing similar areas which did and didn’t go for superfast broadband could be worth doing.)
link to this extract


Errata, corrigenda and ai no corrida: none notified

Start Up: another $1m+ crowdfunding bust, why people join IS, Google’s watching your cards,


There’s a straight line from the ZX Spectrum to Frank Sidebottom (here seen in statue form in Timperley). Come and follow it. Photo by Pimlico Badger on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 9 links for you. Say your prayers. I’m @charlesarthur on Twitter. Observations and links welcome.

Makers of the Panono 108MP 360-degree camera filing for bankruptcy • Digital Photography Review

Lars Rehm:

»

German media reports that the founders of the company behind the Panono 360-degree ball camera have filed for insolvency proceedings at a court in Berlin, Germany. Unfortunately this means it’s very unlikely that the backers of the original crowdfunding campaign on Indiegogo will ever receive their camera. 

The small number of buyers who purchased a Panono through retail channels after the Indiegogo campaign could be affected as well. At this point it is unknown if the the Panono servers, which power the automatic stitching of the Panono’s 360-degree images, will remain functional for the foreseeable future.  

Initially things had gone well for the German start-up. The Indiegogo campaign generated 1.25 million dollars in 2013. However, it soon became obvious that the team had miscalculated the development time for the camera which back then only existed in prototype form.

The final product was due to ship in 2014 but instead there was only a second prototype in February 2015. A few months later first shipments were announced, but not to the project backers.

«

“a throwable panoramic ball camera which captures everything in every direction for amazing 108 megapixel, 360° X 360° full-spherical panoramic images.” Nothing on the page itself, so far.
link to this extract


How the ZX Spectrum helped bring about famed pop parody Frank Sidebottom • The Conversation

Rhys James Jones:

»

Sitting at their keyboards, bedroom coders [in the 1980s in the UK] had unique, almost auteur-like, visions for their code. Like film directors Alfred Hitchcock or Francois Truffaut, many had full control, with only occasional suggestions from a software distributor. They could earn rock star size royalty cheques, but this was not necessarily about the money. Micros were seen as creative tools, much like a musical instrument.

The late Chris Sievey knew this better than most. Frontman of new wave band The Freshies, he restlessly experimented with new ideas, including self-produced videos. In 1983, with the band on hiatus, Sievey went solo. His single Camouflage saw his producer Martin Hannett at his most commercial on an expansive, hook-heavy track which used the Cold War as a metaphor for love’s frustrations.

Camouflage’s B-side was even more significant, as it contained three programs written by Sievey on his newly-gifted Sinclair ZX81. Software on vinyl wasn’t a new concept, but the true innovation was the first of the programs: a computerised promo video for Camouflage itself.

Once loaded, the user was asked to press a button on the ZX81 when the first chord of the record kicked in. Thanks to Sievey’s graft, Camouflage’s lyrics were then perfectly synchronised. With the length of each delay loop decided by his trial-and-error, and the ZX81’s frame rolls made into art, Camouflage – though it was a flop on release – remains an inspiration today.

«

But this is only the prelude to the curtain-raiser for Sidebottom.
link to this extract


Why do people join ISIS? Here’s what they say when you ask them • Defense One

Patrick Tucker:

»

Perhaps one of the most important findings is that the fighters’ motivations tended to vary by their country of origin.

Foreign fighters from places like the United States and Western Europe were far more likely to be facing some sort of identity crisis, a desire for a personal sense of recognition that ISIS provides. They were also more likely to be motivated by a rejection of Western culture. A story in the New York Times over the summer, titled “ISIS and the Lonely Young American” details how ISIS sympathizers who are able to make contact with curious and socially isolated Westerners and then manufacture a sense of community and belonging through constant online interaction (not simply one-way messaging, as some have suggested.)

People who joined ISIS from another Muslim country, however, are far more motivated by the perceived plight of the Syrian sunnis. For this group, the report found that  “fighting the Assad regime are the most common catalysts (45%).”  They are primarily thrill and status seekers.

The fact that joining ISIS could have a benefit in terms of one’s immediate social status underscores how differently ISIS is perceived in the Arab world than in the West.

Internal ISIS fighters — Sunni fighters primarily from Syria and Iraq — were also motivated by money and status. “Internal fighters believe they have a mission to defend their community (duty, Jihad) but they also have personal interests (money, staying alive),” according to the report.

«

link to this extract


A mum didn’t sell anything at a craft fair so Twitter bought everything • Buzzfeed

December 2016:

»

Martyn Hett is a 28-year-old from Manchester, England. What you can’t see in this photo is that he’s actually son of the year after he saved his mum’s knitting career via Twitter.

«

This is only one of many acts of joyful sharing by Hett, who was killed by the bomb detonated at the Manchester Arena. Remember people for their deeds and the happiness they bring.
link to this extract


Comcast vendor sent cease-and-desist to operator of anti-Comcast website • Ars Technica

Jon Brodkin:

»

A Comcast vendor sent a cease-and-desist letter to the operator of “Comcastroturf.com,” a website that helps people find out if their names were used by bots that have flooded the Federal Communications Commission with anti-net neutrality comments.

Fight for the Future, the advocacy group that operates the site, issued a press release accusing Comcast of censorship and posted an image of the letter that accuses the group of trademark infringement. The letter was sent by LookingGlass Cyber Security Center on behalf of its client, Comcast, and demands that Fight for the Future “take all steps necessary to see that the Domain Name [Comcastroturf.com] is assigned to Comcast.”

The Comcastroturf website violates a law against “using domain names that are identical or confusingly similar to someone else’s trademark,” the letter said.

“Our client is… prepared to resolve this matter amicably and without pursuing its claims for damages, but only if you immediately comply with its demands,” the letter said.

Despite the threatening letter, Comcast told Ars that it has decided not to take any further action.

«

Those bots are infuriating: people are discovering their names being used to post fake comments all over. Who’s behind it? Is the aim to make the public comments so poisoned that they’ll be ignored?
link to this extract


US international tourism market share is falling under Trump, Foursquare data shows • Buzzfeed

»

The United States’ slice of the international tourism pie is declining, according to a new report from Foursquare that looks at data from millions of phones worldwide.

The US share of international tourism dropped 16% in March 2017 compared with the previous year. And it declined an average of 11% year over year in months spanning October 2016 to March 2017, according to the report.

The drop coincides with the final month of the US election, the Trump transition, and the early months of the Trump administration, which notably imposed a travel ban on people from several majority-Muslim countries in January 2017 that was eventually halted in court but is currently under appeal. Declines in tourism market share from people originating in the Middle East were more pronounced than the rest of the world, down 25% this January, along with a smaller decrease from South America, Foursquare found.

The data accounts for the percentage of international tourism coming to the US and not the absolute number of tourists, but Foursquare CEO Jeff Glueck told BuzzFeed News that it’s unlikely tourist visits to the US increased while share declined.

«

Foursquare previously got it right for data on Chipotle seing a downturn and McDonalds revenues recovering. So don’t ignore this.
link to this extract


Google now knows when its users go to the store and buy stuff • The Washington Post

Elizabeth Dwoskin and Craig Timberg:

»

To power its multibillion-dollar advertising juggernaut, Google already analyzes users’ web browsing, search history and geographic locations, using data from popular Google-owned apps like YouTube, Gmail, Google Maps and the Google Play store. All that information is tied to the real identities of users when they log into Google’s services.

The new credit-card data enables the tech giant to connect these digital trails to real-world purchase records in a far more extensive way than was possible before. But in doing so, Google is yet again treading in territory that consumers may consider too intimate and potentially sensitive. Privacy advocates said few people understand that their purchases are being analyzed in this way and could feel uneasy, despite assurances from Google that it has taken steps to protect the personal information of its users.

Google also declined to detail how the new system works or what companies are analyzing records of credit and debit cards on Google’s behalf. Google, which saw $79bn in revenue last year, said it would not handle the records directly but that its undisclosed partner companies had access to 70% of transactions for credit and debit cards in the United States.

“What’s really fascinating to me is that as the companies become increasingly intrusive in terms of their data collection, they also become more secretive,” said Marc Rotenberg, executive director of the Electronic Privacy Information Center. He urged government regulators and Congress to demand answers about how Google and other technology companies are collecting and using data from their users…

…Google executives say they are using complex, patent-pending mathematical formulas to protect the privacy of consumers when they match a Google user with a shopper who makes a purchase in a brick-and-mortar store.

The mathematical formulas convert people’s names and other purchase information, including the time stamp, location, and the amount of the purchase, into anonymous strings of numbers. The formulas make it impossible for Google to know the identity of the real-world shoppers, and for the retailers to know the identities of Google’s users, said company executives, who called the process “double-blind” encryption.

The companies know only that a certain number of matches have been made. In addition, Google does not know what products people bought.

«

link to this extract


Inside Snap’s growth struggles • The Information

Tom Dotan:

»

Last summer, members of Snap’s growth team presented CEO Evan Spiegel and other executives with worrying data showing user growth had slowed sharply. In one week, the company had lost 1 million daily active users, out of its total of around 150 million.

The growth team spelled out to Mr. Spiegel a number of likely causes. Among the top factors was Instagram’s recent launch of its copycat feature Stories, the team said. But Mr. Spiegel initially refused to accept there was a growth problem at all, according to two people familiar with the matter. Instead, he asserted the user slowdown was due entirely to a recent move Snap made to deactivate an old version of the Android app, which meant some Android users had been cut off. He told other executives the data itself was flawed, according to the people.

The growth team spent the next several weeks working to prove the data was sound and that the mothballed Android app couldn’t have caused the entire slowdown. Mr. Spiegel eventually was convinced that Snap’s growth was indeed decelerating and the company needed to take action. But his response at that point was, in part, to kill a feature he thought annoyed people—Auto Advance, which automatically transitioned one person’s story to the next. One person close to Snap says there was no data suggesting Auto Advance was hurting user growth. 

Mr. Spiegel also focused on a more widely acknowledged problem: reducing glitches in the Android version of the app. He went so far as to personally pull engineers off other tasks to work on the Android fix. Snap declined to comment…

…People involved with Snap say that the company could have done more in response to the slowdown, including more testing to understand the cause better. Or it could have embraced more aggressive push notifications to users to prompt them to use the app. But Mr. Spiegel has made plain that he dislikes such tactics.

«

You and I probably side with Spiegel, but push notifications and keeping old Android versions supported does actually work in the real world. He doesn’t want the app to become “spammy”; clearly his vision is that it serves a niche which desires it, rather than feels it’s a needy pet.
link to this extract


Google Assistant will make money from ecommerce • Recode

Tess Townsend:

»

Google Assistant, the search giant’s answer to Apple’s Siri and Amazon’s Alexa, will make money from ecommerce, according to Google ads chief Sridhar Ramaswamy.

The revenue model for Google’s AI service, which lives on devices like Home and smartphones like Pixel, had remained unclear until now. Apple’s main revenue source, the iPhone, clearly benefits from its AI platform, while Amazon’s Alexa technology is designed to stoke more buying on Amazon.

Earlier this year, a promotion that played on Google’s Home devices was a clue to how ads might work. Google said the promotion, for the Disney film “Beauty and the Beast,” wasn’t a paid spot, just an experiment.

“Promotion is only one aspect,” said Ramaswamy, Google’s senior vice president of ads and commerce, at the Google Marketing Next conference in San Francisco Tuesday. “More transactional than ads is how I would think about it right now.”

He mentioned the option to purchase items from select partners through Assistant, a feature added in February, as an example of Google’s approach to making money with Assistant. Google would likely take a cut of each sale, essentially the equivalent of an affiliate fee.

«

This could easily go ever so wrong if the pushiness gets too insistent.
link to this extract


Errata, corrigenda and ai no corrida: Rick Fillion wasn’t credited as the author of the Agilebits blogpost about 1Password’s Travel mode. Sorry, Rick.

Start Up: hiding passwords, goodbye Roger Moore, LeEco cuts deep, DeepMind wins, ironic fascism?, and more


What if you got an AI to name paint colours? Photo by Muffet on Flickr

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 11 links for you. Use them wisely. I’m @charlesarthur on Twitter. Observations and links welcome.

An AI invented a bunch of new paint colors that are hilariously wrong • Ars Technica

Annalee Newitz:

»

At some point, we’ve all wondered about the incredibly strange names for paint colours. Research scientist and neural network goofball Janelle Shane took the wondering a step further. Shane decided to train a neural network to generate new paint colors, complete with appropriate names. The results are possibly the greatest work of artificial intelligence I’ve seen to date.

Writes Shane on her Tumblr, “For this experiment, I gave the neural network a list of about 7,700 Sherwin-Williams paint colors along with their RGB values. (RGB = red, green, and blue colour values.) Could the neural network learn to invent new paint colours and give them attractive names?”

Shane told Ars that she chose a neural network algorithm called char-rnn, which predicts the next character in a sequence. So basically the algorithm was working on two tasks: coming up with sequences of letters to form colour names, and coming up with sequences of numbers that map to an RGB value. As she checked in on the algorithm’s progress, she found that it was able to create colours long before it could actually name them reliably.

The longer it processed the dataset, the closer the algorithm got to making legit colour names, though they were still mostly surreal: “Soreer Gray” is a kind of greenish colour, and “Sane Green” is a purplish blue. When Shane cranked up “creativity” on the algorithm’s output, it gave her a violet colour called “Dondarf” and a Kelly green called “Bylfgoam Glosd.” After churning through several more iterations of this process, Shane was able to get the algorithm to recognize some basic colours like red and gray, “though not reliably,” because she also gets a sky blue called “Gray Pubic” and a dark green called “Stoomy Brown.”

«

I wonder if we’ll look back on stories like these in 5-10 years’ time and think “aww, those baby steps” or if it will be more like “why is this stuff still no better than that?”

There’s a whole ton more of AI-generated titles for all sorts of things on her blog.
link to this extract


Introducing Travel Mode: Protect your data when crossing borders • AgileBits Blog

»

Let’s say I had an upcoming trip for a technology conference in San Jose. I hear the apples are especially delicious over there this time of year. 🙂 Before Travel Mode, I would have had to sign out of all my 1Password accounts on all my devices. If I needed certain passwords with me, I had to create a temporary travel account. It was a lot of work and not worth it for most people.

Now all I have to do is make sure any of the items I need for travel are in a single vault. I then sign in to my account on 1Password.com, mark that vault as “safe for travel,” and turn on Travel Mode in my profile. I unlock 1Password on my devices so the vaults are removed, and I’m now ready for my trip. Off I go from sunny Winnipeg to hopefully-sunnier San Jose, ready to cross the border knowing that my iPhone and my Mac no longer contain the vast majority of my sensitive information.

After I arrive at my destination, I can sign in again and turn off Travel Mode. The vaults immediately show up on my devices, and I’m back in business.

Your vaults aren’t just hidden; they’re completely removed from your devices as long as Travel Mode is on. That includes every item and all your encryption keys. There are no traces left for anyone to find. So even if you’re asked to unlock 1Password by someone at the border, there’s no way for them to tell that Travel Mode is even enabled.

«

Available for those with 1Password membership ($3 per month, 12-month membership). It’s a neat idea – enhancing travellers’ security in response to emerging threats. And also profiting from it. Win-win. (Should we wait for it to be accused of being used by a terrorist, rather than an innocent computer geek?)
link to this extract


The Persuaders – Main Title HD ( John Barry ) • YouTube

»

The Persuaders titles and synthesiser theme, music by John Barry, establish the background and current identities of the protagonists via split-screen narrative technique: two folders, one red, one blue, labelled Danny Wilde and Brett Sinclair simultaneously narrate their lives. As the biographies approach their current ages, the screen splits diagonally, connoting their excitingly peripatetic lifestyles. The conclusion shows them together enjoying a life of sport, drink, women, and gambling. The titles were specifically designed so that neither actor would appear to have top billing, something both [Roger] Moore and [Tony] Curtis stipulated when they agreed to co-star.

«

Roger Moore – who died on Tuesday – starred in many series (The Saint, etc) and was of course James Bond; but The Persuaders was the series that allowed him to be seriously ridiculous. The plots were wonderfully overwrought; a low-budget Bond every week. But oh, that theme music. Unbeatable – and it fed into the themes of many bands and TV series (the first Portishead album, among others).
link to this extract


LeEco cuts 70% of US staff in massive retreat • CNET

Roger Cheng:

»

LeEco had unveiled a smart mountain and road bike at the [Consumer Electronics Show] conference [in January], complete with a 4in touchscreen, Wi-Fi, Bluetooth and laser beams (yep, lasers) that shot out of the handlebars. It, of course, ran on Android. Bowman, who regularly biked with his colleagues near LeEco’s office in San Jose, California, was more than game. He rode the mountain bike version, while I jumped on the road bike version.

It wasn’t even close. Bowman smoked me.

Over the next few months, however, the victories would be harder to come by at LeEco. On Tuesday, the company said it was cutting 325 employees, or 70% of the workforce of its US business, due to a lack of funding. Bowman is among the employees leaving, and those smart bikes will never hit the market.

The news, which comes just days after Jia Yueting stepped down as the CEO of the publicly listed sister company Leshi, marks a nail in the coffin of the company’s ambition to be the next major US consumer electronics player on par with an Apple or Samsung. LeEco’s sudden rise and equally quick fall is a testament to the difficulty of appealing to fickle US consumers. It’s also a reminder that grand promises to consumers about changing the way they view entertainment means little if they have no idea who you are.

“They showed a lot of ambition without thinking through how to build a sustainable structure and foundation,” said Chris Dong, an analyst at IDC.

LeEco will continue to operate in the US but will focus on the narrower segment of Chinese-speaking households, according to a company spokeswoman.

«

The other shoe drops. Surprised it’s only 70% – some thought it was going to be a complete wipeout of staff.
link to this extract


About • Lolatravel

»

We’re a new kind of travel company that provides on-demand, personal travel service through a smartphone app. The Lola app instantly connects people to our team of travel agents who find and book flights, hotels, and cars for our customers. We also provide support while they’re on their trips.

The name Lola is shorthand for longitude and latitude, a system created to make seaborne navigation easier, and in that same spirit, we started Lola to give more people access to a premium level of travel care.

«

Human travel agents? Weren’t they supposed to be out of work now? Turns out: no. My daughter has been trying to book travel abroad, and our local travel agent has done far better at finding affordable travel and accommodation. Neat idea; an app for iOS only, for now. (Via Tim O’Reilly’s talk in Cambridge on Tuesday.)
link to this extract


Introducing the H. Moser Swiss Alp watch Zzzz • Hodinkee

Stephen Pulvirent:

»

The Zzzz has a white gold case in that familiar soft-rectangle shape and with those familiar wire lugs that give the Swiss Alp Watch its character. But, below the curved crystal sits a deep glossy black dial with no signatures at all and just a simple pair of white gold leaf hands floating over the top. You could, from even a relatively close distance, mistake this for an Apple Watch if you weren’t paying close attention.

To me, it’s the most successful play on the idea of the Swiss Alp Watch yet, being both a little subversive and a little playful, all while still being a quality mechanical watch.

«

It looks exactly like an Apple Watch. So Jony Ive is the designer not just for Samsung but for the Swiss watch industry too?
link to this extract


DeepMind’s AI beats world’s best Go player in latest face-off • New Scientist

Matt Reynolds:

»

Google DeepMind’s Go-playing AI has defeated Ke Jie, the world’s number one player, in the first of three games played in Wuzhen, China.

The AI won by just half a point – the smallest possible margin of victory – in a match that lasted four hours and fifteen minutes. Though the scoreline looks close, AlphaGo was in the lead from relatively early on in the game. Since the AI favours moves that are more likely to guarantee victory, it doesn’t usually trounce its opponents.

In March last year, AlphaGo beat Lee Sedol, one of the world’s top Go players, winning four out of five matches. The AI challenged more Go masters in January 2017, winning a series of 50 online games including two victories against Ke Jie.

In a press conference after the AI’s latest victory, Ke said that AlphaGo had clearly learned from its recent victories against Go champions. “In the past it had some weaknesses but now I feel that its understanding of the Go game and its judgments are beyond our ability,” he told the audience through a translator.

Ke had closely studied AlphaGo’s strategy and tried to use some of the AI’s unconventional tactics against it during his match, opening the game with a couple of moves that are seldom used by human players. “We were very intrigued to see how AlphaGo would deal with its own strategies,” said Demis Hassabis, the founder of DeepMind.

«

I thought Lee Sedol was the top player, but whatever.
link to this extract


Hackers unlock Samsung Galaxy S8 with fake iris • Motherboard

Joseph Cox:

»

Biometric locks for phones are just getting more and more elaborate. Not content with fingerprints, some devices now offer facial recognition tech for accessing a device, and in the Samsung Galaxy S8’s case, an iris scanner too.

Despite Samsung stating that a user’s irises are pretty much impossible to copy, a team of hackers has done just that. Using a bare-bones selection of equipment, researchers from the Chaos Computer Club (CCC) show in a video how they managed to bypass the scanner’s protections and unlock the device.

“We’ve had iris scanners that could be bypassed using a simple print-out,” Linus Neumann, one of the hackers who appears in the video, told Motherboard in a Twitter direct message.

The process itself was apparently pretty simple. The hackers took a medium range photo of their subject with a digital camera’s night mode, and printed the infrared image. Then, presumably to give the image some depth, the hackers placed a contact lens on top of the printed picture.

And, that’s it. They’re in.

«

This is where Minority Report comes in.
link to this extract


Hiding in plain sight: how the ‘alt-right’ is weaponizing irony to spread fascism • The Guardian

Jason Wilson:

»

Last week, the Data & Society Institute released a report on the online disinformation and manipulation that is increasingly shaping US politics. The report focused on the way in which far-right actors “spread white supremacist thought, Islamophobia, and misogyny through irony and knowledge of internet culture”.

One the report’s authors, Dr Alice Marwick, says that fascist tropes first merged with irony in the murkier corners of the internet before being adopted by the “alt-right” as a tool. For the new far-right movement, “irony has a strategic function. It allows people to disclaim a real commitment to far-right ideas while still espousing them.”

Marwick says that from the early 2000s, on message boards like 4chan, calculatedly offensive language and imagery have been used to “provoke strong reactions in outsiders”. Calling all users “fags”, or creating memes using gross racial stereotypes, “serves a gate-keeping function, in that it keeps people out of these spaces, many of which are very easy to access”.

Violating the standards of political correctness and the rules of polite interactions “also functions as an act of rebellion” in spaces drenched in adolescent masculinity.

This was played up by Milo Yiannopoulos in an infamous Breitbart explainer last year, in which he insisted that the “alt-right” movement’s circulation of antisemitic imagery was really nothing more than transgressive fun.

“Are they actually bigots?”, Yiannopoulos asked rhetorically. “No more than death metal devotees in the 1980s were actually Satanists. For them, it’s simply a means to fluster their grandparents.”

What Yiannopoulos left out, according to Marwick, is that these spaces increasingly became attractive to sincere white supremacists. They offered them venues for recruitment, and new methods for popularising their ideas.

In other words, troll culture became a way for fascism to hide in plain sight.

«

Another reason to really dislike trolling.
link to this extract


Netgear ‘fixes’ router by adding phone-home features that record your IP and MAC address • The Register

Richard Chirgin:

»

Netgear NightHawk R7000 users who ran last week’s firmware upgrade need to check their settings, because the company added a remote data collection feature to the units.

A sharp-eyed user posted the T&Cs change to Slashdot.

Netgear lumps the slurp as routine diagnostic data.

“Such data may include information regarding the router’s running status, number of devices connected to the router, types of connections, LAN/WAN status, WiFi bands and channels, IP address, MAC address, serial number, and similar technical data about the use and functioning of the router, as well as its WiFi network.”

Much of this is probably benign, but posters to the Slashdot thread were concerned about IP address and MAC address being collected by the company.

The good news is that you can turn it off: the instructions are here.

It’s probably unlikely that any significant number of users will do so, given the number of people who never get around to changing their default passwords.

«

It is amazing how many companies just assume we don’t mind them grabbing all the data they possibly can.
link to this extract


Donald Trump’s path-independent theory of mind • Bloomberg

Cathy O’Neil:

»

When Google is trying some new shade of blue in the background of their ads, they will perform what’s called an “A/B test” to see what generates more clicks. If more people go for the ad with a lighter shade of blue, they will stick with it. What they won’t do, critically, is consider the possibility that their audience liked the light shade of blue only because it came after the darker shade. They will assume that the audiences are independent of each other, constantly refreshed and “new.”

The same approach might have worked well for Trump as a businessman. He probably would have encountered a wide range of scenarios: For every deal that went through, dozens might have failed. So trying X one day and Y the next would be like a real science experiment. Over time, he might develop pattern recognition, figuring out which tactic works best in certain kinds of situations. I assume that’s where he learned to put pressure on business partners for unreasonable terms and to demand oaths of loyalty from his employees…

…I’d argue that Trump’s path independence operates on multiple levels. It’s evident at a meta-political level when he takes a stab at sweeping campaign promises that he never intends to fulfill. It’s also visible at the micro level, even within a given sentence: in his very strange recent interview with The Economist, for example, he kept attempting to adjust his message to obtain approval from his interviewers. He keeps things vague, and then pokes his way into a given explanation, but leaves himself room to change direction in case he senses disapproval.

It doesn’t always work for him. That said, he probably can’t act any other way. Consistency has no attraction for him, because he is fundamentally principle-free.

Trump’s problem now is that the audience isn’t refreshing. It’s all of us, nationwide and globally. We remember what he said and did yesterday. We notice when he changes his story, and we’re not amused. Meanwhile, he’s left truly confused as to why things aren’t working out in his favour.

«

link to this extract


Errata, corrigenda and ai no corrida: none notified

Start Up: Apple seeks switchers, Facebook bullies, LeEco’s CEO out, AMP v the web, and more


Which sites from then are still going today? Photo by Leo Reynolds on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 10 links for you. Use them wisely. I’m @charlesarthur on Twitter. Observations and links welcome.

Which websites from 1995 are still online? • The Atlantic

Adrienne LaFrance:

»

Today there are more than 1 billion sites on the web. But in 1995, the year AltaVista and Amazon launched, there were 23,500. (The year before that, there were only 2,738 websites, according to Internet Live Stats, a site that tracks web trends.) “For anyone with a computer, modem and so-called browser software, the place to be in 1995 is the World Wide Web, a section of the Internet overflowing with sights and sounds,” the [New York] Times wrote in its 1995 “site-seeing” guide.

The first site it recommended was “everyone’s favorite plastic oracle, on line,” a place where you could consult a Magic 8-Ball. It’s funny now: The tenor of the early web, with its gimmicks and sense of play, was eventually repeated in the early app environment. Remember when having an iPhone meant demonstrating a smattering of silly apps—things like Magic 8-Balls, virtual lighters, and digital beer that disappeared when you tilted the device?

The Magic 8-Ball website from 1995 is still live, remarkably, but it has changed. “The ‘Magic 8-Ball’ went away because of a letter from Tyco’s lawyers indicating that they didn’t appreciate my abuse of their Copyright,” a message on the site now says. “Thank you Tyco, for giving me the impetus to create a far cooler web site.”

«

Lovely idea; great detective work.
link to this extract


Apple launches website for android switchers • Tech Narratives

Jan Dawson on Apple’s new Switch site area:

»

targeting that audience of Android switchers specifically makes perfect sense.  The site focuses on a few aspects of buying and owning an iPhone: ease of use, ease of switching, camera quality, speed, privacy and security, iMessage extensions, support from Apple people, and environmental responsibility.

Out of all the possible things Apple could emphasize, that’s an interesting list – design, for example, isn’t one of them, though the word appears in other contexts three times on the site, and all the things highlighted here are functional rather than aesthetic.

In fact, other than one oblique shot of an iPhone at the top, there isn’t a single full shot of an iPhone or any shot with the screen on until you get to the “buy” section at the bottom. Given how central the design message and product shots have traditionally been to Apple promotional material, that’s an interesting departure and likely reflects research on why people switch from Android.

«

link to this extract


How Facebook allows users to post footage of children being bullied • The Guardian

Nick Hopkins:

»

Documents also show the site allows the “sharing of footage of physical bullying” of children under seven, as long as there is no caption.

The social media group has ruled that anyone with more than 100,000 followers on a social media platform is a public figure, with “no exceptions for minors”.

The details appear in documents that detail how Facebook attempts to deal with cruel, insensitive and abusive posts on the site.

The training manuals for moderators say Facebook regards bullying as “an attack on private persons with the intent to upset or silence them”. But they add that you are only “a ‘private person’ if you are not a public figure”.

According to the documents, public figures include politicians, journalists, people “with 100,000 fans or followers on one of their social media accounts”, or people “who are mentioned [by name or title] in the title or subtitle of five or more news articles or media pieces within the last two years”.

Under the headline “People excluded from protection”, one document adds: “We want to exclude certain people who are famous or controversial in their own right and don’t deserve our protection.”

The types of groups and individuals excluded from protection include Jesus, the mass murderer Charles Manson, Osama bin Laden, rapists and domestic abusers, any political and religious leaders before 1900 and people who violate hate speech rules.

«

Hopkins is The Guardian’s investigations editor; this is the second day of what is sure to be a multi-day onslaught of revelations about Facebook’s moderation practices. You’d think the company might be trying to get out ahead of them, but seems not.
link to this extract


China’s LeEco founder cedes control of listed unit amid cash crunch • Reuters

Sijia Jiang and Jake Spring:

»

The founder of LeEco, a Chinese Netflix-to-Tesla-like conglomerate, has stepped down as the CEO of the group’s main listed unit, as the company begins to streamline and cut debt after rapid expansion led to a cash crunch.

Jia Yueting, who will remain as chairman and CEO of LeEco, envisions the group maintaining its separate unlisted automotive unit but rolling all other areas of business into Leshi Internet Information & Technology Corp Beijing, according to a transcript of his remarks to journalists on Sunday.

The firm has also trimmed loans by nearly half from a peak of 10 billion yuan ($1.45bn), Jia said.

Shenzhen-listed Leshi said in a stock exchange filing that Liang Jun, a long-time Lenovo Group Ltd executive who joined Leshi in 2012, will replace Jia as chief executive officer. Leshi’s finance chief Yang Linjie, who resigned for personal reasons, will also be replaced by Zhang Wei.

The restructuring comes several months after the group received a much-needed $2.2bn investment from property developer Sunac China Holdings Ltd.

«

It’s been a fun ride, but now it’s back to nothing much.
link to this extract


EU to conclude Google antitrust cases in next few months • Reuters

Foo Yun Chee:

»

EU antitrust regulators will rule in the “next few months” whether Alphabet’s Google abused its dominance of internet searches and other areas, a senior European Commission official said on Monday, an outcome that could lead to a hefty fine.

The world’s most popular internet search engine has been in the Commission’s crosshairs since 2010 over the promotion of its own shopping service in internet searches at the expense of the services of rivals.

The EU competition enforcer opened a second front against Google last year as it charged the company with using its dominant Android mobile operating system to squeeze out rivals.

It has since leveled a third charge, that of blocking rivals in online search advertising. This relates to Google’s “AdSense for Search” platform, in which Google acts as an intermediary for websites such as online retailers, telecoms operators or newspapers. These searches produce results that include search ads.

“In the next few months, we will reach a decision on the Google cases, Google search, AdSense and to me the most interesting is Android,” Tommaso Valletti, the Commission’s chief competition economist, told a conference organized by the University of Oxford Centre for Competition Law and Policy.

«

But it already knows that Google has abused this; that’s why it has sought remedies, which have been rejected by complainants. I’ve no idea now what Margrethe Vestager is waiting for.
link to this extract


AMP: breaking news • Andrew Betts

Betts takes issue with Google’s AMP format, which showed him a page of “news” whose format had been stripped by AMP so it looked like any other:

»

I tapped a link in the Twitter app, which showed as google.co.uk/amp/s/www.rt.c…, got a page in Twitter’s in-app webview, where the visible URL bar displays the reassuring 🔒 google.co.uk. But this is actually content from Russia Today, an organisation 100% funded by the Russian government and classified as propaganda by Columbia Journalism Review and by the former US Secretary of State. Google are allowing RT to get away with zero branding, and are happily distributing the content to a mass audience.

This is not OK. This is catastrophic.

Ambiguous content attribution at scale is a scary thing indeed, but beyond the negative effect that AMP, and other distributed content systems, have on the authenticity of independent journalism, there are other significant issues too. Googlers like to consider AMP-the-format and AMP-the-platform separately, and while I think they are inseparable as concerns let’s look at the problems with each independently…

…There is more, but in summary, AMP forces technical restrictions on publishers that limit their ability to create value for their customers, limit their ability to further engage the user beyond reading the initial article, and prevent them iterating on their business model with the freedom they would normally have. Added to this AMP may not actually be any faster than the publisher’s own webpages…

…So that brings us back to Russia Today.

Truth and evidence and nuance are hard to find, hard to represent accurately and fairly, expensive to distill into a consumable product, and hard to understand quickly. If the world’s biggest content discovery and delivery platforms prioritise security, performance and popularity, over authenticity, evidence and independence, well, the likely result is an exponential rise of simplistic, populistic thinking, inevitably spreading and amplifying until false beliefs become tacitly accepted as facts.

When I imagine a Maslow’s pyramid of needs in relation to news, I think the need for truth is more important than the need for speed.

«

I’m noticing a growing amount of opposition to AMP from web designers, though nothing substantial from publishers. But the latter tend not to respond to problems until well past the time when it would have been a good idea to do so.

link to this extract


Exclusive: Hackers hit Russian bank customers, planned international cyber raids • Reuters

Jack Stubbs:

»

Russian cyber criminals used malware planted on Android mobile devices to steal from domestic bank customers and were planning to target European lenders before their arrest, investigators and sources with knowledge of the case told Reuters.

Their campaign raised a relatively small sum by cyber-crime standards – more than 50 million roubles ($892,000) – but they had also obtained more sophisticated malicious software for a modest monthly fee to go after the clients of banks in France and possibly a range of other western nations.

Russia’s relationship to cyber crime is under intense scrutiny after U.S. intelligence officials alleged that Russian hackers had tried to help Republican Donald Trump win the U.S. presidency by hacking Democratic Party servers.

The Kremlin has repeatedly denied the allegation.

The gang members tricked the Russian banks’ customers into downloading malware via fake mobile banking applications, as well as via pornography and e-commerce programs, according to a report compiled by cyber security firm Group-IB which investigated the attack with the Russian Interior Ministry.

The criminals – 16 suspects were arrested by Russian law enforcement authorities in November last year – infected more than a million smartphones in Russia, on average compromising 3,500 devices a day, Group-IB said.

«

This seems to have been taking advantage of flaws in Android OS, but without more detail it’s hard to be sure. Killer quote from a Sherbank spokeswoman:

»

“It isn’t clear which specific group is being referred to here because the fraudulent scheme involving Android OS (operating system) viruses is widespread in Russia and Sberbank has effectively combated it for an extensive period of time.”

«

link to this extract


Special glasses give people superhuman colour vision • New Scientist

Chris Baraniuk:

»

It’s sometimes practically impossible to tell similar colours apart. Even side by side, they look the same. A special pair of spectacles gives us new power to see more distinct colours, and could one day help to spot counterfeit banknotes or counteract camouflage.

The glasses, devised by a team at the University of Wisconsin-Madison, basically enhance the user’s colour vision, allowing them to see metamers – colours that look the same but give off different wavelengths of light – as recognisably distinct hues.

Human colour vision relies on three types of cone cells that react to short (blue), medium (green) and long (red) wavelengths. While brushing up on his knowledge of the eye before teaching a photonics class, physicist Mikhail Kats had a brainwave. Could the eye be tricked into effectively having another type of cone cell?

In theory, this could take our vision from being trichromatic, which uses three colour channels, to tetrachromatic. Some animals see in four (or more) channels. Goldfish, for example, have cells for red, blue, green and ultraviolet light. Some researchers suggest that a very small number of humans may be tetrachromats too.

«

So neat. I love tetrachromats (there are plenty of them about).
link to this extract


The real radicals are now on the right – and the left can’t stand it • The Spectator

Jamie Bartlett:

»

Every counter-culture – especially youthful ones – tends to share two features, both of which are currently found in the radical right more than anywhere else.

First, they oppose whatever the establishment values happen to be with a reckless, gleeful abandon. Granted, the word ‘establishment’ is often used to lazily denigrate opponents (hardly anyone says they are part of the establishment). But it is possible to identify a set of received wisdoms that are held by the overwhelming majority of people in positions of economic, political or cultural power. These include the value of cultural and religious diversity, the importance of certain limits on free speech, the need to fight certain forms of social and economic inequality, (relatively) open borders especially within the EU, and so on.   

The radical right revel in tearing into all this, and plainly enjoy the offence they cause each time they trample over polite society’s holy screeds. Donald Trump at times appeared to run much of his election campaign on this very basis. Although only a small, and probably over-hyped, wedge of this new radical right, the ‘alt-right’ culture is a good illustration. Its origins are found in 4chan, the notorious image sharing board famous for its subversive memes, anything-goes trolls, hackers and general taboo breaking. Many alt-righters are grown-up 4channers, uncertain of where their genuine beliefs stop and gratuitous offence starts (and preferring to keep the boundary blurred). 

Is it not thrilling to rebel with such a carefree attitude, after all? Is it not more exciting to take on every social taboo? Transgression against any kind of dominant idea is what people, especially young people, always do. Therefore, when those dominant ideas change, so do its recalcitrant challengers.

«

I think Bartlett’s right: consider the 1967 “summer of love”, whose participants appalled (many of) its parents’ generation for its inclusive, anything-goes approach. And now those people are parents, or even grandparents. While it’s stupid to say “conservatism is the new punk” (because that misunderstands what punk essentially was: rebellion against highly structured, highly organised forms of music and the music business), the idea of rebellion is consistent down the ages.
link to this extract


Another large-scale cyberattack underway, experts say • The Japan Times

»

Instead of completely disabling an infected computer by encrypting data and seeking a ransom payment, Adylkuzz uses the machines it infects to “mine” in a background task a virtual currency, Monero, and transfer the money created to the authors of the virus.

Virtual currencies such as Monero and Bitcoin use the computers of volunteers to record transactions. They are said to “mine” for the currency and are occasionally rewarded with a piece of it.

Proofpoint said in a blog post that symptoms of the attack include loss of access to shared Windows resources and degradation of PC and server performance, effects that some users may not notice immediately.

“As it is silent and doesn’t trouble the user, the Adylkuzz attack is much more profitable for the cyber criminals. It transforms the infected users into unwitting financial supporters of their attackers,” said Godier.

Proofpoint said it has detected infected machines that have transferred several thousand dollars worth of Monero to the creators of the virus.

The firm believes Adylkuzz has been on the loose since at least May 2, and perhaps even since April 24, but due to its stealthy nature was not immediately detected.

“We don’t know how big it is” but “it’s much bigger than WannaCry,” said Robert Holmes, Proofpoint’s vice president for email products.

A U.S. official on Tuesday put the number of computers infected by WannaCry at over 300,000.

«

This is from last week but points to something interesting. ProofPoint says that *this* one, which preceded Wannacry, shuts down SMB networking – and so could have limited the spread of Wannacry. Does that imply that they’re separate groups behind the two? Or that Wannacry was an attempt to monetise the same attack more quickly?
link to this extract


Errata, corrigenda and ai no corrida: none notified

Start Up: Google’s promise, DeepMind investigated, facial recognition reunites, 2bn Androids, and more


Open-plan offices: how much of a threat are they to work? Photo by Rum Bucolic Ape on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 12 links for you. Please tell us you’re not “completely exhausted”. I’m @charlesarthur on Twitter. Observations and links welcome.

Google’s perfect future will always be just around the corner • WIRED

David Pierce:

»

For two and a half hours, CEO Sundar Pichai and a handful of execs rattled off a staggering list of futuristic features and products: A camera that understands what it sees! AI tools a high-schooler can use to help detect cancer! An omniscient, omnipresent virtual assistant! Independent, incredible, immersive virtual reality! To watch the address was to feel like the future had just arrived, all at once, right before your eyes.

Then you go down the list of actual new things, the stuff you can try right now. An Assistant app for iPhone, a way of sending simple email replies without typing them, Google for Jobs. And you realize I/O felt less like a Jobsian product reveal and more like a TED talk: good ideas, educated guesses, and impressive research, but precious little practical application. The same could be said for last year’s event, too. Remember that awesome Google Home launch video? You’re still waiting for many of the things it promised. It was a vision for a product, not a product.

Google’s not alone. In many ways, the entire tech world finds itself in limbo. The internet, smartphones, and Facebook conquered the world and are now ubiquitous. Meanwhile, the next wave of technology lingers just around the corner: Self-driving cars ruling the road, a world filtered through augmented-reality glasses, and artificial intelligence in every person, place, and thing. All of that and more is definitely coming. Someday. And every day it doesn’t, it feels late.

«

I certainly feel like tech is in a limbo period. In that way, it’s like the period from 2000 or so to 2007 in phones. That’s how long this not-happening stuff can go on.
link to this extract


Why Google DeepMind’s work with the NHS is being investigated by the regulators • Business Insider

Sam Shead:

»

A letter leaked to Sky News and published on Monday shows that the National Data Guardian (NDG), Dame Fiona Caldicott, wrote to The Royal Free in February 2017 to let them know that the legal basis for the data-sharing deal that they used to test Streams was “inappropriate”.

“Given that Streams was going through testing and therefore could not be relied upon for patient care, any role the application may have played in supporting the provision of direct care would have been limited and secondary to the purpose of the data transfer,” she wrote. “My considered opinion therefore remains that it would not have been within this reasonable expectation of patients that their records would have been shared for this purpose.”

Those words can’t have gone down well with execs at DeepMind or The Royal Free. 

So if “direct care” wasn’t the legal basis for the data-transfer deal then what was? DeepMind and The Royal Free are yet to specify another legal basis for their deal, possibly because it doesn’t satisfy any of them. 

Julia Powles, a technology law professor at Cornell University, told Business Insider: “Any other basis required approval in advance — and DeepMind had no such approvals.” 

«

link to this extract


Global renewables are growing, but are only managing to offset the decline in nuclear production • Our World In Data

Hannah Ritchie:

»

What we see from 2005 onwards is a distinct divergence in renewable and nuclear trends (they are essentially a mirror image of one another). Renewable energy’s share has increased by 4-5%, meanwhile nuclear energy’s share has decreased by approximately the same (4-5%). Our share of ‘low-carbon’ electricity has remained unchanged. We have simply substituted one low-carbon energy source (renewables) for another (nuclear energy).

What we don’t produce from renewables or nuclear is, of course, produced from fossil fuels. In the chart [below in the post] we have plotted the share of electricity production from fossil fuels (coal, oil and gas), and our combined low-carbon (nuclear plus renewables) sources from 1990-2014. We see that despite an increase in renewable energy production, the share of electricity production from fossil fuels has remained almost completely flat (or even increased marginally) over the last decade. It still represents 66-67% of electricity production.

Whilst the world is making progress in the uptake of renewable technologies, it appears our growing aversion to nuclear has been offsetting progress in decarbonising our electricity grids.

«

link to this extract


How The Economist thinks • Current Affairs

Nathan J Robinson on the popular magazine’s worship of free markets:

»

I remembered Current Affairs’ ostensible rivalry with The Economist, and thought it might be a good idea to at least read the damn thing if we’re going to be selling bumper stickers calling for its execution. [They say “Death to The Economist”.] I am nothing if not open-minded and fair.

What, then, did I find upon navigating over to The Economist’s website? The very first article on the page was a piece called “A selective scourge: Inside the opioid epidemic,” subtitled “Deaths from the drugs say more about markets than about white despair.” Its theme is classic Economist: the American opioid epidemic is not occurring because global capitalism is ruining lives, but is the tragic outcome of the operation of people’s individual preferences.

«

I recall that many, many years ago, my brother was studying accountancy and my parents offered to buy him a subscription to The Economist. He turned them down, saying in his letter to them that the Economist was “V V RIGHT WING”. (He wasn’t.) For myself, I was hugely amused by its attempts to explain the 2008 global recession brought on by too-lax regulation on some form of inefficiency in the markets.

As long as you know what you’re getting – and what the biases are – you can extract value. Robinson’s argument is that too few Americans know what they’re getting.
link to this extract


Open-plan offices kill productivity, according to science • Inc.com

Geoffrey James:

»

Earlier today, I got a story pitch on the “office of the future” that featured the following bullet points:

• Remote Work Will be the New Norm: According to recent Fuze research, 83% of workers don’t think they need to be in an office to be productive, and 38% said they would enjoy their job more if they were allowed to work remotely.
• Physical Space Will Shrink: We’ll see more companies shift to a more collaborative office space model with workspaces that bring together teams, spark conversation, and create the best ideas.
• Traditional Desks Will Disappear: The so-called cubicle farm will become a distant memory and people will start embracing an environment that suits their needs — whether it be a table at a coffee shop, a standing desk, or collaboration space.
• “Office Hours” Will Become Obsolete: The workday isn’t 9 to 5 anymore, it’s 24/7. In fact, a recent Fidelity survey found that Millennials will take a pay cut for a more flexible work environment.

The list (which is very much “conventional wisdom”) illustrates the crazy-making way that companies think about open-plan offices. Can you see the disconnect? Bullets 1 and 4 are saying that people don’t want to work in an office, while bullets 2 and 3 are defining the very office environment where people don’t want to work.

And isn’t that the sad truth? Most people would rather work at home and or tolerate angry stares from the other patrons in a coffee shop (should one need to make a call) than try to get something done in an open-plan office.

«

When I think about it, I realise I worked in open-plan – or semi-open – offices all the time. Never had a specific room.
link to this extract


Facial recognition helps parents find son 27 years after abduction • Vocativ

Jennings Brown:

»

In 2009, nearly two decades after Gui was kidnapped after school, he uploaded the earliest photo he had of himself, taken when he was 10, adding it to the database of tens of thousands of images. In January of this year, Gui’s father uploaded a photo of Gui when he was 4.

Baidu’s AI was capable of matching the two images, taken six years apart.

Since Baobeihuiji [Baby Back Home, an NGO dedicated to reconnecting lost children to their parents] began using Baidu’s AI a couple of months ago, they have found a few matches. So far one has been verified by a DNA test — Gui’s. Baidu arranged a meeting between Gui and his biological family, but Gui was suddenly hospitalized. Instead their first reunion took place over video conference on April 8. Gui’s birth mother was overcome with emotion when she saw her son’s adult face on a phone screen. The family later visited him at the hospital.

Baidu has been working on facial recognition AI for six years and will no doubt continue to find ways to use the technology for security and surveillance. But the company says it is committed to using it for other altruistic causes.

«

Got to love the throwaway tone of that “no doubt continue.. security and surveillance”.
link to this extract


Android: celebrating a big milestone together with you • Google blog

Dave Burke, VP of engineering:

»

When I started working at Google in early 2007, it was before Android, before iOS. Mobile was still niche. And while many of us had a sense that mobile was going to be big, I’m not sure we really realized just how big it was going to get. Fast forward to today, and there are now 2 billion monthly active Android devices globally. This is an extraordinarily humbling milestone—and it’s the largest reach of any computing platform of its kind. Today at Google I/O, we celebrated that milestone and showcased a number of ways we’re working to make Android even more useful, including a beta release of Android O and a new initiative to help bring Android to the next billion users.

«

This is interesting because Apple claims a billion active devices, which includes Watches, Macs, iPhones, Apple TVs and iPads. Android’s includes phones, tablets, Chromebooks, smartwatches, and TVs. There might be a lot more iPads in use than Android tablets, though it’s odd how Android tablets keep outselling iPads.

If one ignores the Chromebooks, smartwatches and TVs – and the Macs (about 80-100m) – then it implies that iOS has a bigger share of devices in use than sales stats (80% Android) would suggest. Neat of Google to give us the data.

I also noticed this:

»

TVs: With 1 million new device activations every two months, Android TV has doubled its number of users since last year. And today we announced Android TV is revamping its home screen with a new channel-based, content-first experience so you can discover new shows and watch your favorites even faster.

«

A run rate of 6m per year has doubled the number of users? That’s not a very big user base by these standards.
link to this extract


Real lack of interest in virtual reality • WSJ

Miriam Gottfried:

»

There were $1.48bn in VR hardware sales in 2016, according to SuperData Research. That is far from the $12.65bn the research firm is forecasting for 2020. That estimate has come down, and there is still reason to question whether VR will get there.

In a March, digital marketing research firm Thrive Analytics asked the question to internet users who were not interested in owning a VR headset. The survey, as summarized by eMarketer, showed many of the expected reasons: the headsets were too expensive, lack of virtual reality content and poor quality of what was out there and fear of motion sickness.

The biggest chunk, some 53%, said they were “just not interested.”

«

The problem with VR, at least at present, is that either you spend a ton on a super-high-end PC for a top-end experience (but content is hard to find) or you have the phone version which is much cheaper, and has super-cheap “headsets”.
link to this extract


Trump fatigue? The good times for politics publishers are over • Digiday

Max Willens:

»

Four months after Donald Trump’s inauguration, most politics-focused publishers are tallying monthly traffic totals that are flat, or sometimes even lower, than the totals they fetched during the same period last year, according to comScore data.

In April, Attn:, a policy-focused social publisher that’s quietly turned into a giant of distributed video, saw its monthly traffic totals drop more than 10% year over year. Politico’s declined 3 percent. The Daily Beast, which puts politics front and center on a menu of many topics, saw a steep drop, from over 18 million unique visitors to just 11 million. Even The Hill, which attracted more than twice as many unique visitors — 18 million — this past April than it did a year earlier, has seen its traffic decline for three consecutive months, down from a January high of 25 million unique visitors.

Politics is a seasonal interest for most Americans. But the slide should also give pause to the many publishers that were starting to put politics more front and center to capitalize on interest in the first reality-TV president, and it may also signal that it’s time for even the more laser-focused publications to begin broadening their coverage, particularly on platforms like Facebook.

«

Perhaps it’s flat year-on-year because last year was crazy too? Though it’s also engagement (shares etc) that are falling.
link to this extract


What to know about The Guardian-Rubicon Project lawsuit • Digiday

Jessica Davies on the case where the Guardian news organisation is suing a programmatic ad trader, alleging it held back fees paid by advertisers:

»

Whatever the outcome, big transparency issues exist in ad tech, and publishers across geographies are fighting for more control in the digital media supply chain. The Guardian isn’t the first publisher to have questions for Rubicon Project about hidden fees. Dutch media group De Persgroep was frustrated by certain fees the vendor drew in the last year that the publisher hadn’t initially known about, according to Digiday sources. De Persgroep has not filed a lawsuit.

A spokesperson for the publisher said: “De Persgroep has not filed a lawsuit against Rubicon Project, but [it is] following the discussion closely. We, too, want an ecosystem with transparent cost models and an unbiased exchange for both publisher and buyer. This lawsuit [with the Guardian] is part of the broader debate on transparency in programmatic trading.”

«

Rubicon was meant to be the way the Guardian and others escaped the grip of Google and Facebook for ads. Turns out not to have been nirvana at all.
link to this extract


The strange mix of reasons why bitcoin is setting new price records • Quartz

Joon Ian Wong:

»

All markets have their own complexities and odd wrinkles, but bitcoin has a special array of oddities. I spoke to a range of institutional traders, exchange owners, and informed observers of the bitcoin markets. This is the picture that emerged. It connects the dots between (are you ready?): bitcoin’s civil war; Wells Fargo and a Taiwanese banking freeze; an obscure cryptotoken known as Tether; Japanese payments regulations; an explosion of interest in the usually anemic market for altcoins; and the phenomenon known as the initial coin offering (ICO), which is being touted as a mechanism to upend traditional venture capital raising.

«

Good luck if you can follow the chain of reasoning behind this. Bitcoin, as the author says, is now the reserve cryptocurrency; all cryptocurrencies that are going to fiat, and vice-versa, pass through it, and any crimp on its liquidity pushes up the price.
link to this extract


Clean the keyboard of your MacBook (Retina, 12-inch, Early 2015) and later • Apple Support

»

If your MacBook (Retina, 12-inch, Early 2015) and later has an unresponsive key, or a key that feels different than the other keys when you press it, follow the instructions below to clean the keyboard with compressed air.

«

Hm. Never had this with the old key design, did we?
link to this extract


Errata, corrigenda and ai no corrida: none notified

Start Up: decrypting #wannacry on XP, Apple’s glucose test, undesigning Huawei, and more


Ring, the video system for door monitoring, is being sued by ADT, the alarm company. Guess why? Photo by Steve Garfield on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 11 links for you. Use them wisely. I’m @charlesarthur on Twitter. Observations and links welcome.

The unlikely Google killer • Medium

Jason Bell:

»

The key is that it’s something you and I probably aren’t thinking about right now. Even if it is something you and I are thinking about, we probably haven’t, or won’t, make the connection that it could kill Google until it becomes inevitable.

I think it’s more likely to come from outside Google’s domain of expertise than inside. Since Google is great with automation, Big Data, and machine learning, maybe it will come from a low-tech industry.

Here is a completely nutty narrative, meant for illustration only. Say someone in India realizes that there are large untapped pools of people in her country, and she starts to hire some of them to respond to queries about difficult search problems. Let’s call her startup Insearchant (yes, pun completely intended.) For example, ‘web hosting’ is a really competitive and expensive keyword to advertise on with Google. Suppose that, instead of searching for web hosting providers on Google, a small group starts using Insearchant to find good web hosting. At this point, Google wouldn’t buy Insearchant because it’s totally low-tech. That’s not the future! It’s a step backward. Besides, Google may not even know about this small firm in India. It’s insignificant. But, eventually, Insearchant becomes the default way to search for information whenever the stakes are high. Maybe Insearchant does a better job synthesizing information from all kinds of sources. Over time, more searchers ask Insearchant to find the answer. Google may start to become less profitable, and Insearchant starts to collect more and more data. The trend continues, until, suddenly, Insearchant builds an internal search engine. This engine provides Google-like results, but modifies them according to internal data, data that only Insearchant has. The output of Insearchant’s engine is much better for answering high-value search queries. People start switching away from Google in large numbers. Now, Google makes a mad dash to buy Insearchant, but it’s too late.

«

That’s sort of it, but misses the point. First: such companies aren’t “killers”. If Google was the Microsoft killer, why is Microsoft so healthy? Because Google was in the place where the focus was. Facebook is arguably the Google killer – it even competes for ads, and it’s about people, not impersonal web pages. (See how Google failed there.) But it won’t kill Google. It might disable or shrink its importance. (Ben Thompson has made this argument.)

It’s so hard to see this, but the stage still survives even after radio, cinema, TV and the internet.
link to this extract


Security notice update • Zomato Blog

Gunjan Patidar:

»

Earlier today, our security team discovered that user emails and hashed passwords were stolen from our database. Since then, we have taken multiple steps to mitigate the situation. One of these steps was to open a line of communication with the hacker who had put the user data up for sale.

The hacker has been very cooperative with us. He/she wanted us to acknowledge security vulnerabilities in our system and work with the ethical hacker community to plug the gaps. His/her key request was that we run a healthy bug bounty program for security researchers.

We are introducing a bug bounty program on Hackerone very soon. With that assurance, the hacker has in turn agreed to destroy all copies of the stolen data and take the data off the dark web marketplace. The marketplace link which was being used to sell the data on the dark web is no longer available.

«

Oh no, that’s– oh, yes!
link to this extract


Apple CEO Tim Cook test-drove glucose monitor • CNBC

Christina Farr:

»

A source said that Cook was wearing a prototype glucose-tracker on the Apple Watch, which points to future applications that would make the device a “must have” for millions of people with diabetes — or at risk for the disease.

As CNBC reported last month, Apple has a team in Palo Alto working on the “holy grail” for diabetes: Non-invasive and continuous glucose monitoring. The current glucose trackers on the market rely on tiny sensors penetrating the skin. Sources said the company is already conducting feasibility trials in the Bay Area.

Tim Cook also talked about the device to a roomful of students in February at the University of Glasgow, where he received an honorary degree. He didn’t say if it was a medical device from a company like Medtronic or Dexcom, or an Apple prototype.

“I’ve been wearing a continuous glucose monitor for a few weeks,” he said. “I just took it off before coming on this trip.”

«

link to this extract


aguinet/wannakey: Wannacry in-memory key recovery for WinXP • GitHub

Adrien Guinet:

»

This software allows to recover the prime numbers of the RSA private key that are used by Wanacry.

It does so by searching for them in the wcry.exe process. This is the process that generates the RSA private key. The main issue is that the CryptDestroyKey and CryptReleaseContext does not erase the prime numbers from memory before freeing the associated memory.

This is not really a mistake from the ransomware authors, as they properly use the Windows Crypto API. Indeed, for what I’ve tested, under Windows 10, CryptReleaseContext does cleanup the memory (and so this recovery technique won’t work). It can work under Windows XP because, in this version, CryptReleaseContext does not do the cleanup. Moreover, MSDN states this, for this function : “After this function is called, the released CSP handle is no longer valid. This function does not destroy key containers or key pairs.”. So, it seems that there are no clean and cross-platform ways under Windows to clean this memory.

If you are lucky (that is the associated memory hasn’t been reallocated and erased), these prime numbers might still be in memory.

That’s what this software tries to achieve.

«

The machine must have not been rebooted for this to (hopefully) work. Even so, nice that a Windows flaw gets around an exploit based on a Windows flaw.
link to this extract


The surest sign you’re winning is when Goliath takes a swing at you • Both Sides

Mark Suster:

»

This Goliath-imposed fight by ADT is particularly annoying for me because Ring is literally my family’s single favorite tech innovation of the past several years. It is a security doorbell (and now floodlight!) where for just $3 / month you can watch all video footage of people who come to the outside of your house including delivery people, solicitors or people in the neighborhood who perhaps shouldn’t be there.

For my family Ring has become a way that we joke and communicate with each other when I’m on the road. The boys or my wife will step in front of the camera on the way to school and if I’m in NY or SF or London my phone rings and I see them waving on their way.

Just how threatened is ADT? Ring is now arguably the fastest growing consumer product in the country and is now in a staggering 1 million homes in America and growing at an unbelievable clip. It is a product that you can purchase an entry-level camera for under $200 and pay just $3/month in video fees in a security industry that was previously only accessible to wealthy families who could afford expensive protection.

Ring is to ADT what the classic Innovator’s Dilemma says disrupts the industry behemoth by offering a product that is significantly cheaper and initially lower in feature set but eventually becomes so pervasive and where functionality grows to a point where the entire market dumps the giant company charging high prices in favor of a younger, more nimble provider whose innovation cannot be matched.
And the giant gets disrupted precisely because its cost structure to serve its customers and its cash cow, high-priced offering makes it nearly impossible for it to try compete.

«

ADT, if you didn’t know, is a company that has grown rich on comparatively simple alarm systems, often with subscriptions. Ring threatens to undermine that.
link to this extract


As we may read • Craig Mod

»

It was the summer of 2014 and I was preparing for my keynote lecture at the Yale Publishing Course. A lecture that was supposed to inspire those in attendance (mainly industry professionals, publishing ceos, editors, and even a few authors), to frame the current state of books — digital and physical — in uplifting but truthful terms. It was during this preparation that I realized something strange: I hadn’t read a digital book in almost a year.

Could that have been right? Had I really not read any digital books in 2014? I may have purchased one or two off the cuff, but I couldn’t remember reading any, certainly not all the way through. And yet I had a stack of physical books sitting next to me on my desk that I had read. Voraciously. Recently.

It seemed, then, that I had stopped reading digital books. It didn’t happen suddenly. Nor with great intention. There was no moment I could remember where I yelled into the sky: I’m done! No, it seemed to have been a much more nuanced, slow erosion of trust (that was the best word I could come up with at the time) that, without much fanfare, had gently guided me back to physical.

«

It’s so fascinating how digital hasn’t taken over in books, yet has elsewhere.
link to this extract


A tip for Apple in China: your hunger for revenue may cost you • WSJ

Li Yuan:

»

Last month, Apple told several Chinese social-networking apps, including the wildly popular messaging platform WeChat , to disable their “tip” functions to comply with App Store rules, according to executives at WeChat and other companies. That function allows users to send authors and other content creators tips, from a few yuan to hundreds, via transfers from mobile-wallet accounts.…

…Some social-networking apps likened Apple’s tactics over the tipping function to arm-twisting. Chief executives at two companies say that Apple told them if they refused to make the change, updated versions of their apps wouldn’t be made available and they could be kicked out of the App Store.

“We don’t charge anything as the platform, but Apple gets 30% for doing nothing,” one of the executives fumed.

The Chinese app developers believe that tipping is different from buying a song or making other virtual purchases: tipping is voluntary and happens after users consume the content, so it’s not a sale but a way to show appreciation.

“The biggest value of tipping is ‘fun’ not ‘money,’” writes freelance search programmer Huo Ju on his widely read tech blog.

«

Tencent (owner of WeChat) really isn’t going to like that. If WeChat withdrew from the App Store, Apple would be sunk in China.
link to this extract


Netflix was just the start: Google Play Console lets developers exclude app availability for devices that don’t pass SafetyNet • Android Police

Rita El Khoury:

»

Last weekend, a huge turmoil swept the root-enthusiast Android community as it was discovered then confirmed that the Netflix app was being blocked from showing up in search results on the Play Store for rooted devices. At the time, Netflix said it was using Widevine to block unsupported devices, but that made no sense to us: the app was still functional if it was sideloaded, it was only not showing up as compatible in the Play Store. So what sorcery was Netflix really using?! Turns out it’s a new function of the Google Play Console.

As part of the updates announced for the Play Console at I/O 2017, Google mentions a new Device Catalog section under Release management that lets developers choose with intricate granularity which devices their app supports on the Play Store. Devices can be viewed and excluded by many attributes including RAM and SoC, but the important factor we’re interested in is SafetyNet Attestation…

That means any dev could potentially block their apps from showing and being directly installable in the Play Store on devices that are rooted and/or running a custom ROM, as well as on emulators and uncertified devices (think Meizu and its not-so-legal way of getting Play Services and the Play Store on its phones). This is exactly what many of you were afraid would happen after the Play Store app started surfacing a Device certification status…

…this spells trouble for rooted users and the Android enthusiast community as a whole. Google keeps erecting more and more obstacles each day in the face of root and custom ROMs and even if this won’t stop root users who should be knowledgable enough to know how/where to grab an APK and install it, it will make things more and more difficult and maybe less and less worth the trouble.

«

Rooting is a minority sport (perhaps 10-20 million people in the west, out of around a couple of billion smartphone users), and Netflix is obviously looking to protect its content from devices that could be set up to pirate said content. (The comments, as ever, are hilarious in their obstinate defence of nose-face spiting.)
link to this extract


Huawei loses ex-Apple designer hired to revamp smartphone software • The Information

»

In an interview with The Information in June last year, Ms. [Abigail] Brody [who was hired in October 2015] said she was making some basic fixes to Huawei’s smartphone interface to address “glaring cosmetic issues” and “pain points.” She also said that she had pointed out other “ugly” aspects of the company’s public-facing look, such as its executives’ business cards.

“I’m not here to be a little designer. I’m here to change the world,” Ms. Brody said in that interview.

But Ms. Brody didn’t win enough support within Huawei and her impact at the company was limited, employees said. The new version of Huawei’s smartphone software skin, released last year, came with an iPhone-like app icon screen similar to its predecessors, but allowed users to switch to an alternative screen with an app drawer, a common feature among Android phones. It is unclear how much Ms. Brody had contributed to the design of that version, given that Wang Chenglu, a Shenzhen-based Huawei executive in charge of software for consumer products, has been overseeing the company’s user interface software design and development.

It is difficult to pinpoint one factor behind Ms. Brody’s departure. Some employees said Huawei didn’t give her enough power to make a difference, while others said she may have had the wrong expectations…

…When British designer Jamie Bates joined Huawei in 2014 to head its London design studio, he proposed some big changes to the company’s mobile interface software, Mr. Bates told The Information. But Chinese executives in Shenzhen were often reluctant to move too far away from the tried-and-tested design of Huawei’s existing product, which shared some similarities with Apple’s iOS such as the way the app icons looked. Mr. Bates left Huawei in 2015 and is now a design leader at Unilever.

«

Just me, or is there some sort of pattern emerging here?
link to this extract


Superfast broadband delay will cost users £140m, say BT rivals

Nic Fildes:

»

The delayed introduction of lower superfast broadband prices in the UK will cost consumers £140m according to rivals of BT, which runs the UK’s broadband network.

The telecoms regulator proposed in March that the wholesale cost of a superfast broadband line offering speeds of up to 40Mbps be cut by 40% by 2021. Companies including Sky, Vodafone and TalkTalk are expected to pass on those savings to consumers once the cuts come into effect. 

However, the lowering of wholesale prices was delayed by a year while Ofcom weighed up a wider review of the telecoms market, which concluded in March.

The price cuts had been due at the end of March this year but BT, via its Openreach division, will now lower its prices in April 2018.

BT’s rivals, which offer broadband services using the Openreach network, have calculated that the year’s delay will cost users tens of millions of pounds.

“We estimate that as a result of the 12-month delay in implementing this initial charge control and the subsequent delay in further reductions, UK consumers are being over-charged by around £140m,” said Vodafone.…

…Separately, Ofcom has opened an investigation into whether Openreach has missed targets for the delivery of high-speed fibre lines used by businesses.

In March, it was hit with a record £42m fine and told to pay back £300m to its rivals over the use of a loophole that artificially reduced the amount it compensated them when it failed to connect a line in time.

«

It’s better than the US (though the UK is – Cap’n Obvious – a lot smaller) but it’s still crap. Ofcom isn’t a victim of regulatory capture; it’s just that competition works a lot faster than regulation in such situations. But with BT controlling the infrastructure company, things can’t progress as fast as they otherwise could.

link to this extract


Facebook slapped with EU fine over WhatsApp deal • WSJ

Natalia Drozdiak:

»

Facebook Inc. was fined €110m ($122.7m) by the European Union’s antitrust regulator on Thursday for providing incorrect information or misleading authorities over the acquisition of its messaging unit WhatsApp, a warning shot to other companies registering their deals for review.

The EU said Facebook inaccurately claimed during the merger review in 2014 that it couldn’t routinely match Facebook and WhatsApp user accounts—something the company started doing two years later when it began combining user data across the services.

“Today’s decision sends a clear signal to companies that they must comply with all aspects of EU merger rules, including the obligation to provide correct information,” said EU antitrust chief Margrethe Vestager.

“We’ve acted in good faith since our very first interactions with the commission and we’ve sought to provide accurate information at every turn,” a Facebook spokesman said, adding that the errors made in the 2014 filings weren’t intentional.

The fine is manageable for Facebook, which brought in $27.6bn in revenue last year. But it is the latest of many legal and regulatory setbacks for the social-media company in Europe. On Tuesday, France’s privacy watchdog fined Facebook €150,000, alleging the company isn’t transparent enough with users about how it collects their data.

European privacy regulators have also been scrutinizing Facebook and Whatsapp on concerns the messaging service’s terms breaches privacy rules by allowing WhatsApp to share user information including phone numbers with its parent. Regulators in Germany and elsewhere have ordered the company to halt the data sharing.

«

A long extract, but two points: 1) look at how many places Facebook is in trouble over data collection, and they’re all in Europe 2) look at how quickly Vestager has moved on this, and compare it to the Google antitrust case, where she has in effect dithered for years; all the hard work of determining the case had been done before she started in September 2014.
link to this extract


Errata, corrigenda and ai no corrida: none notified

Start Up: Google I/O, no Panic over code, America’s pill mill, who’ll pay to fix bugs?, and more


Imagine you wanted to hack into the systems at, oh, a golf course, or hotel, where famous people go. It’s not so hard. Photo by ManuelFdo on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 11 links for you. Use them wisely. I’m @charlesarthur on Twitter. Observations and links welcome.

The case of the stolen source code • Panic Blog

Steven Frank had his Mac compromised (yes! It can happen!) by a malware-infected version of video-encoding app Handbrake. They grabbed his credentials and accessed the Panic github and stole the source code – and then demanded a ransom. Company meeting!

»

Someone has a bunch of our source code. But does it really matter? There are essentially three “worst case” scenarios we considered with our source being out there in somebody’s hands:

• They build free, cracked version of our apps
• Guess what — those already exist. You can already pirate our software if you want to pirate our software — but please don’t — so this doesn’t really change anything in that regard. Also, whatever “free” version of our apps that would come from this person are virtually guaranteed to be infected with malware.

• They create malware-infected builds of our apps
This seems likely. Given the person’s entire MO was to infect a well-used Mac app with malware, it seems inevitable. But we will find them, and working directly with Apple, shut them down. To minimize your risk, never download a copy of one our apps from a source that is not us or the Mac App Store. We are going to be hyper-vigilant about the authenticity of downloads on our servers.

• A competitor obtains this source to attempt to use it to their advantage in some way.
The many Mac developers we’ve met over the years are fine, upstanding people. I can’t imagine any of them being this unethical, or even being willing to take the risk of us finding fingerprints of our code in theirs. And let’s not forget that — you guessed it — there’s a good chance any stolen source could have malware slipped into it.

Also, one important thought gave us some comfort: with every day that passes, that stolen source code is more and more out-of-date.

«

Ransoms increasingly don’t work.
link to this extract


Google I/O 2017: Everything important that Google announced today • Recode

Tess Townsend did the roundup; this seems the most relevant to me:

»

• Google is working with partners to launch standalone VR headsets. That means everything for a VR experience will be built into the headset itself — no phone or PC required. The headsets, running Google’s Daydream platform and made by HTC and Lenovo, are slated to ship later this year.

• Google for Jobs. Google is taking on LinkedIn with job listings in its main search product. If you search for “retail jobs,” for example, Google will know where you’re searching from and show jobs in your area.

• Apps and transactions on Assistant. Developers can now build apps or “actions” that run on Google Assistant on Android and iOS. Already, developers have been able to build actions for Assistant on the Home device. Developers will also be able to build transaction features for Assistant, which will soon be available on phones with Assistant.

• Android Go. Google is launching an initiative called Android Go to better tailor Android to low-connectivity devices. Starting with the release of Android O, the latest version Android not yet released publicly, devices with 1 gigabyte or less memory will receive versions of apps like YouTube and Chrome that use less memory. The software is also supposed to have features tailored for users who speak multiple languages.

• Indoor mapping. Google is introducing something called visual positioning service, or VPS, that will allow you to map indoor locations using its Tango AR platform. An example of what VPS can do is tell a user the exact location of a product in a store.

«

“Google for jobs” is an attack on LinkedIn, and pretty much every job site. If you’re a job site, you might want to watch your search ranking and read up on “how to file an antitrust complaint”, though don’t expect the US DoJ to take any notice; you’ll have to file it in Europe.
link to this extract


Remembering Google I/O 2016 • BirchTree

Matt Birchler with a useful reminder, as I/O 2017 rolls around, of all that stuff which got floated last year: how much has come to pass?

»

Google’s I/O conference last year was big on flash, but little in substance that will actually move users away from iOS. Google Assistant has proven to be a big win for the company, as it has asserted itself as the best voice assistant out there for a lot of things. Google Home, which I don’t own yet, is a strong competitor to the Amazon Echo which has been gaining popularity.

But beyond the Assistant-related announcements, everything else was a bit of a letdown. Wear 2.0 was delayed and received a lukewarm reception from users. Nougat is just now hitting 7% of devices, and even then I’ve heard from multiple people that it’s not an update I should be bothered my devices aren’t all getting. And Android Instant Apps are a cool idea that has not taken off at all. I actually forgot Instant Apps were a thing until I read rundowns of last years show today. I use Android everyday and I read multiple Android sites and listen to a few podcasts about it as well. Instant Apps are just not a thing. People complain about the Touch Bar on the new MacBook Pros, but at least they say something about it.

«

As he points out, having Google Assistant available for iOS this week puts it well ahead of availability on Android devices.
link to this extract


Quitting the Silicon Valley swamp • Pando

Paul Carr, who is giving up writing about technology after many years:

»

Today, tech awfulness is everyone’s beat. “It must feel good to be right!”, readers frequently joke via email about Uber or Wikileaks or Facebook or holacracy or Thiel or Kalanick or Whestone or any one of a dozen other organizations and people I’ve covered, as if a hypochondriac would be thrilled to have his worst diagnostic fears confirmed.

But no. The fact that spotting tech toxicity has become my “thing” is exactly the problem. Another lesson I learned a long time ago: When something toxic comes to define you, it’s time to stop.

Moreover, I never really planned to be a tech writer. That happened by accident when I was still at university and a one-off column for the Guardian accidentally became the start of a career.

«

I wasn’t the person who recruited him for that column, though I did recruit him back for a while. Then he headed off to Techcrunch and, well, things developed.
link to this extract


Any half-decent hacker could break into Mar-a-Lago. We tested it • Gizmodo

Jeff Larson, Surya Mattu, and Julia Angwin, in a joint effort with ProPublica:

»

Two weeks ago, on a sparkling spring morning, we went trawling along Florida’s coastal waterway. But not for fish.

We parked a 17-foot motor boat in a lagoon about 800 feet from the back lawn of the Mar-a-Lago Club in Palm Beach, and pointed a two-foot wireless antenna that resembled a potato gun toward the club. Within a minute, we spotted three weakly encrypted Wi-Fi networks. We could have hacked them in less than five minutes, but we refrained.

A few days later, we drove through the grounds of the Trump National Golf Club in Bedminster, N.J., with the same antenna and aimed it at the clubhouse. We identified two open Wi-Fi networks that anyone could join without a password. We resisted the temptation.

We also visited two of President Donald Trump’s other family-run retreats, the Trump International Hotel in Washington, D.C., and a golf club in Sterling, Va. Our inspections found weak and open Wi-Fi networks, wireless printers without passwords, servers with outdated and vulnerable software, and unencrypted login pages to back-end databases containing sensitive information.

The risks posed by the lax security, experts say, go well beyond simple digital snooping. Sophisticated attackers could take advantage of vulnerabilities in the Wi-Fi networks to take over devices like computers or smart phones and use them to record conversations involving anyone on the premises.

«

They were very careful not to break in to any of the systems. But they also make it very clear that anyone with enough experience could – and might already have.
link to this extract


‘The pill mill of America’: where drugs mean there are no good choices, only less awful ones • The Guardian

Chris Arnade:

»

Portsmouth, Ohio, once known for making things (steel, shoes, bricks), is now known for drugs, and labeled by some as the “pill mill of America”. The city peaked at 40,000 people in 1940, and as it emptied of factories and jobs – some made obsolete, some moved away – it also emptied of people and hope.

Now it is a town half the size, filled with despair and filling with drugs.

On my first night in town, a beat-up car parks next to me, positioned in the darkness cast by my van. The passenger, a middle-aged woman, injects the driver in the neck. He stays still, head tilted to expose a vein, as she works the needle in, while two young boys play in the back seat.

Done, they pull away as I try to fool myself into thinking I didn’t see what I saw.

For six days in Portsmouth, over three trips, I keep trying to fool myself. Eventually, I am unable to just watch and listen.

«

Arnade toured middle America while the election was on last year; he reported from the front line of despair and joblessness, and saw the Trump phenomenon on the rise. The problem is, there’s nothing on offer that’s going to make life there change.

It’s a remarkable piece, though. Do read it.
link to this extract


How Google’s band of hardware pirates has re-invented itself after its legendary leader jumped ship • Business Insider

Steve Kovach:

»

When Google holds its 3-day annual developers’ conference in Mountain View, Calif this week, the ATAP [Advanced Technologies and Products] group will not have its own session, according to the official schedule, unlike during the previous two years.

The stark difference in personalities at the top has changed the face of ATAP. Many saw Dugan, who left to create a similar group at arch-rival Facebook, as the heart of ATAP’s culture. And with her gone, there has been a notable change in style.

[Regina] Dugan [the original leader, who left for Facebook] relished in publicly unveiling jaw-dropping new projects, as she did during a keynote for Facebook a few weeks ago when she showcased projects to let people type with their brains or “hear” with their skin.

Osterloh, by contrast, has taken the opposite approach, eschewing flashy public demonstrations of prototypes. The new ATAP leadership has decided to keep projects under wraps until they’re almost fully baked, if they reveal them at all.

«

link to this extract


Who pays? • SMBlog

Steve Bellovin on the question of who should pay for the updates to ageing software:

»

Historically, the software industry has never supported releases indefinitely. That made sense back when mainframes walked the earth; it’s a lot less clear today when software controls everything from cars to light bulbs. In addition, while Microsoft, Google, and Apple are rich and can afford the costs, small developers may not be able to. For that matter, they may not still be in business, or may not be findable.

If software companies can’t pay, perhaps patching should be funded through general tax revenues. The cost is, as noted, society-wide; why shouldn’t society pay for it? As a perhaps more palatable alternative, perhaps costs to patch old software should be covered by something like the EPA Superfund for cleaning up toxic waste sites. But who should fund the software superfund? Is there a good analog to the potential polluters pay principle? A tax on software? On computers or IoT devices? It’s worth noting that it isn’t easy to simply say “so-and-so will pay for fixes”. Coming up to speed on a code base is neither quick nor easy, and companies would have to deposit with an escrow agent not just complete source and documentation trees but also a complete build environment—compiling a complex software product takes a great deal of infrastructure.

We could oursource the problem, of course: make software companies liable for security problems for some number of years after shipment; that term could vary for different classes of software. Today, software is generally licensed with provisions that absolve the vendor of all liability. That would have to change. Some companies would buy insurance; others would self-insure. Either way, we’re letting the market set the cost, including the cost of keeping a build environment around. The subject of software liability is complex and I won’t try to summarize it here; let it suffice to say that it’s not a simple solution nor one without significant side-effects, including on innovation. And we still have to cope with the vanished vendor problem.

«

link to this extract


Amazon upgrades low-cost Fire tablets, expands kids options, aiming for bigger piece of market • GeekWire

Todd Bishop:

»

Amazon is refreshing its budget tablets — upgrading the hardware for its $50 Fire 7 tablet, dropping the price of its Fire HD 8 by $10 to $80, and expanding its lineup of kids tablets with a new $130 Fire HD 8 Kids Edition tablet.

The company is aiming to grab a larger share of what has been a declining tablet market. The industry saw a 10% drop in shipments in the first quarter. Amazon was able to grow its market share slightly to about 6% in the quarter, compared with the same period a year earlier. Apple’s iPad still leads the market, followed by Samsung’s Galaxy Tab devices.

Amazon says the Fire 7 is its best-selling tablet. The new version is thinner and lighter with a higher-contrast screen and up to 8 hours of mixed-use battery life, and improved WiFi connectivity. Both the Fire 7 and the Fire HD 8 come with Amazon’s Alexa voice assistant.

«

Note the presence of Alexa. One can imagine a time not so far off when the only significant players in (slate) tablets are Apple, Samsung and Amazon. That’s pretty much true now apart from Huawei being ahead of Amazon, which is closely followed by Lenovo, which loses money on every Android slate it sells.
link to this extract


60% of Tablet Users Sharing their Device – GlobalWebIndex Blog

Felim McGrath:

»

As we reported last week, tablet ownership rates are falling but as today’s Chart shows, those digital consumers who are using tablets are often sharing them with one or more people.

In fact, it’s 60% of this group who share their tablet with at least one other person. And considering 4 in 10 are sharing with 2 or more other users (rising to half among parents), it’s clear that consumers view these tablets as household devices, more akin to TVs or desktop PCs than smartphones.

The ‘secondary’ nature of these devices is confirmed by our research into device importance, with only 8% of tablet users saying their tablet is their most important device for getting online. In contrast, over half say their most important device is their smartphone.

«

OK, we get it – tablets are for all the family.
link to this extract


I’m just a girl, standing in front of a high-street shop, asking it to dress her • The Pool

Sali Hughes:

»

Dear British high-street retailers,

I am a 42-year-old woman with an upcoming awards ceremony, three weddings (one my own), several important work engagements, a holiday in the unreliable British climate and some pottering about, doing bugger all. I have spent weeks browsing your wares, both online and in your bricks-and-mortar stores. My question for you is this: where, in the past five years, have all the clothes gone?

Let’s begin with sleeves, for these cast a shadow over my entire shopping experience. Despite your apparent belief that my life is one long high-school prom, I would always like to cover my arms, at least to just beyond the elbow. I would not like capped sleeves to highlight the fact that I’ve lifted one kettlebell in my life, nor a bandeau top that precludes me from wearing a bra. I don’t want to pick up any more nice-seeming dresses, only to find the entire back of it missing. I am literally always going to be wearing a sturdy underwire, whatever strip of wide elastic you so optimistically sew in to replace it.

«

Is this technology? Nah, not really. Except it is about product-market fit (quite literally), and shows some of the assumptions that tech people slide past too quickly when talking about stuff such as Amazon Look: will people – particularly women, who vary much more in shape than men – go for it?
link to this extract


Errata, corrigenda and ai no corrida: none notified

Start Up: Biz back at Twitter, new Mac laptops?, it’s InstaSnapGramChat!, MP3 lives, and more


The Galaxy S8 is selling well – but not that well. Photo by Samsung on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 13 links for you. Use them wisely. I’m @charlesarthur on Twitter. Observations and links welcome.

Samsung’s 5 million Galaxy S8 sales far below 2014’s S4 peak • Apple Insider

Daniel Eran Dilger:

»

Samsung announced today that first-month sales of its Galaxy S8 and S8 Plus have reached 5 million units. Sales of the previous year’s Galaxy S7 and S7 Edge sold an estimated 7-9 million units in their initial launch month, while back in 2013 Samsung announced its Galaxy S4 sold 10 million in its first month, a “Peak Galaxy” the company has never actually managed to surpass.

A report by Cho Mu-Hyun for ZDNet noted the 5 million unit announcement, without any comparison to previous year sales. Each year since reaching Peak Galaxy in 2014, Samsung has floated the idea that its new model has outpaced sales, shipments (or sometimes “preorders”) of the previous edition, but in reality Galaxy S sales–and subsequently Samsung Mobile profits–have actually never recovered since the Galaxy S4.

An unnamed Samsung spokesperson stated that “although we cannot provide detailed figures, the sales are going smoothly around the globe. The combined sales already are beyond 5 million units.”

«

I’d noticed a report on that 5m elsewhere, but the lack of context – that it’s so much smaller in its first month – makes a big difference.
link to this extract


Apple plans laptop upgrades to take on Microsoft • Bloomberg

Mark Gurman and Alex Webb:

»

Apple plans to announce an update to its laptop lineup at an annual conference for app developers in early June, a move that could help offset new competition from Microsoft as well as declining iPad sales.

Apple is planning three new laptops, according to people familiar with the matter. The MacBook Pro will get a faster Kaby Lake processor from Intel Corp., said the people, who requested anonymity to discuss internal planning. Apple is also working on a new version of the 12-inch MacBook with a faster Intel chip. The company has also considered updating the aging 13-inch MacBook Air with a new processor as sales of the laptop, Apple’s cheapest, remain surprisingly strong, one of the people said.

«

So. Let me do think about how that first paragraph probably came to be. Let’s just set out the facts first:
1) There’s no chance Apple is in the least bit worried about Microsoft’s products – they just don’t sell well enough to worry it.
2) Declining iPad sales – well, they’re level if you leave out the iPad mini. And they sell wayy more, by unit, than Macs.

What I think happened – from my experience as an editor – is this. Mark Gurman (and Alex Webb) come to their editor with a story about Apple updating its laptops. Editor: “BOOOOORING. Look, can’t we gin this up a bit? What about that Microsoft thing the other day?” Reporters roll eyes, and one says “But–“

Editor: “Look, let someone with experience sort this. We just add this to your lead sentence: ‘a move that could offset new competition from Microsoft..’ Hmm, what about iPad sales?” Reporters roll eyes. “DOWN, AMIRITE? There you go.”
link to this extract


What’s happening with me • Medium

Biz Stone:

»

I worked at Twitter for about six years. In that time, the service grew from zero people to hundreds of millions of people. Jack was the original CEO and when he returned I was very happy.

There’s something about the personality of a company that comes from the folks who start it. There’s a special feeling they bring with them. Jack coming back was a big step forward. And now, it’s my turn—I’m returning to full time work at Twitter starting in a couple of weeks! How this came about is kind of a crazy story but, it’s happening.

«

I’ve now lost count of how many times Stone has been in and out of Twitter. It’s a sort of Groundhog Day. I forget – does Jack Dorsey leave next and then Ev Williams comes back?
link to this extract


“Affordable premium” smartphones grew 49% annually in Q1 2017 • Counterpoint

Shobhit Srivastava:

»

Smartphone shipments reached 375m units in Q1 2017. The smartphone market grew 11.2% annually.

• Premium segment ($400 above) smartphones now contribute to almost 20% of the global smartphone market. However, the segment declined annually due to softness in iPhone volumes and controlled inventory of the Samsung flagship Galaxy S7/S7+ ahead of Galaxy S8 series launch.

• The ‘affordable premium’ segment $300~$399 was the fastest growing smartphone segment during the quarter mainly driven by OPPO, vivo and Samsung A series smartphones.

• The $100~$199 price segment has quickly become the sweet spot across the pre-paid developed and emerging markets. This segment accounts for one in three smartphones shipped globally, registering a healthy 28.8% growth in Q1 2017.

• The $100~$199 price segment is mainly driven by Samsung’s J series, Huawei’s Honor series, OPPO’s A series and Xiaomi’s Redmi series smartphones. Together these brands accounted for almost half of the volumes of the price segment.

«

Plenty of other interesting data – including Samsung getting extra inventory.
link to this extract


Introducing Face Filters and more on Instagram • Instagram Blog

»

Today, we’re introducing face filters in the camera, an easy way to turn an ordinary selfie into something fun and entertaining. Whether you’re sitting on the couch at home or you’re out and about, you can use face filters to express yourself and have playful conversations with friends.

From math equations swirling around your head to furry koala ears that move and twitch, you can transform into a variety of characters that make you smile or laugh. To see our initial set of eight face filters, simply open the camera and tap the new face icon in the bottom right corner.

«

It’s Snapchat for the over-30s. Also: so derivative. OK, not everyone is going to use Snapchat, and the idea of face filters isn’t new, but this starts to look like Microsoft copying MacOS back in the 1990s.
link to this extract


Line just lost even more users. But that’s apparently fine • Tech In Asia

Steven Millward on its two months of losing 3m, now down to 214m:

»

The US$7.6bn company surprisingly did not disclose its total number of active users in its latest earnings report, which came out towards the end of last month – the first time it has not revealed that figure since late 2014. When I asked a Line Corp representative today, the individual explained that the total will only be revealed on a “reactive” basis in the future – i.e., when someone actually asks.

The reason for the change is that Line Corp is focusing on its active user base in its four most popular countries – Japan, Taiwan, Thailand, and Indonesia. That number is going up healthily:

Line – which makes money from ads and content in an array of spin-off apps and services such as Line Pay, Line Music, and Line Moments – focuses its business interests on those four markets, therefore those are where most of the money comes from.

So as long as Line is growing in those four places, the company seems unperturbed by the loss of global users to the increasingly indispensable WhatsApp and Facebook Messenger. At least that’s the picture the company paints in public.

«

Dropping users, though, is never good, which is why Twitter is always so keen to juice the figures.
link to this extract


Facebook promised to tackle fake news. But the evidence shows it’s not working • The Guardian

Sam Levin:

»

When Facebook’s new fact-checking system labeled a Newport Buzz article as possible “fake news”, warning users against sharing it, something unexpected happened. Traffic to the story skyrocketed, according to Christian Winthrop, editor of the local Rhode Island website.

“A bunch of conservative groups grabbed this and said, ‘Hey, they are trying to silence this blog – share, share share,’” said Winthrop, who published the story that falsely claimed hundreds of thousands of Irish people were brought to the US as slaves. “With Facebook trying to throttle it and say, ‘Don’t share it,’ it actually had the opposite effect.”

The spreading of Winthrop’s piece after it was debunked and branded “disputed” is one of many examples of the pitfalls of Facebook’s much-discussed initiatives to thwart misinformation on the social network by partnering with third-party fact-checkers and publicly flagging fake news. A Guardian review of false news articles and interviews with fact-checkers and writers who produce fake content suggests that Facebook’s highly promoted initiatives are regularly ineffective, and in some cases appear to be having minimal impact.

Articles formally debunked by Facebook’s fact-checking partners – including the Associated Press, Snopes, ABC News and PolitiFact – frequently remain on the site without the “disputed” tag warning users about the content. And when fake news stories do get branded as potentially false, the label often comes after the story has already gone viral and the damage has been done.

«

Good that someone is following this up.
link to this extract


US hacker linked to fake Macron documents, says cybersecurity firm • WSJ

David Gauthier-Villars:

»

A group of cybersecurity experts has unearthed ties between an American hacker who maintains a neo-Nazi website and an internet campaign to smear Emmanuel Macron days before he was elected president of France.

Shortly after an anonymous user of the 4chan.org discussion forum posted fake documents purporting to show Mr. Macron had set up an undisclosed shell company in the Caribbean, the user directed people to visit nouveaumartel.com for updates on the French election.

That website, according to research by web-security provider Virtualroad.org, is registered by “Weevlos,” a known online alias of Andrew Auernheimer, an American hacker who gained notoriety three years ago when a US appeals court vacated his conviction for computer fraud. The site also is hosted by a server in Latvia that hosts the Daily Stormer, a neo-Nazi news site that identifies its administrator as “Weev,” another online alias of Mr. Aeurnheimer, Virtualroad.org says.

“We strongly believe that the fake offshore documents were created by someone with control of the Daily Stormer server,” said Tord Lundström, a computer forensics investigator at Virtualroad.org.

«

Otherwise known as Weev, who was sentenced to 41 months (then released and pardoned) for discovering a flaw in AT&T’s implementation of account security on iPads, and possibly compromised some national security folk. He was vaguely sensible back in those days.
link to this extract


Under Trump, inconvenient data is being sidelined • The Washington Post

Juliet Eilperin:

»

The Trump administration has removed or tucked away a wide variety of information that until recently was provided to the public, limiting access, for instance, to disclosures about workplace violations, energy efficiency, and animal welfare abuses.

Some of the information relates to enforcement actions taken by federal agencies against companies and other employers. By lessening access, the administration is sheltering them from the kind of “naming and shaming” that federal officials previously used to influence company behavior, according to digital experts, activists and former Obama administration officials.

The Occupational Safety and Health Administration, for instance, has dramatically scaled back on publicizing its fines against firms. And the Agriculture Department has taken off-line animal welfare enforcement records, including abuses in dog breeding operations and horse farms that alter the gait of racehorses through the controversial practice of “soring” their legs.

In other cases, the administration appears to be dimming the prior spotlight on the background and conduct of top officials. The administration no longer publishes online the ethics waivers granted to appointees who would otherwise be barred from joining the government because of recent lobbying activities. Nor is the White House releasing logs of its visitors, making it difficult for the public to keep track of who is stopping by to see the president’s inner circle.

«

A reader requested on Tuesday to have fewer “inside Trump’s baseball-sized head” and more, where available, about what’s happening at the local level in the US. Point taken. This story is why that might become more difficult over time.
link to this extract


Apple to discontinue iPad mini as device gets squeezed from both ends • BGR

Jonathan Geller:

»

First introduced in 2012, Apple’s iPad mini was a welcome alternative to the much larger, thicker, and heavier 9.7in iPad. There was no 5.5in iPhone Plus, so the iPad mini made a great choice for light reading and effortless web browsing, email, and gaming. The market doesn’t stand still, however, and we’re now looking at a redesigned iPad Pro to be launched this summer that should offer everything the current 9.7in iPad features, but in a smaller footprint with a larger 10.5in display.

On the other side, there’s the 5.5in iPhone 7 Plus, which is large enough to negate the need for a tablet for many users. The device you take everywhere, that’s always with you, that has the best camera, and that has everything else you need. The device that you already own. Therein lies the problem, and that’s why we have heard from a source close to Apple that the iPad mini is being phased out.

Not one to ever be shy about disrupting the company’s own lineup, our source beats the Apple drum and states that there’s “fierce cannibalism of our own products” and that the iPad mini has just been “sized out of its own category.” We’re also told that the numbers are “very clear” as far as sales are concerned…

«

I’ve previously noted that Neil Cybart’s analysis suggests falling sales of the iPad mini are making the tablet market look sicker than it is. This would all fit into that. He called “peak iPad mini” in November 2015. I’d imagine they’ll just let it quietly slip out of sight by letting the existing inventory sell out.
link to this extract


Lenovo announces overhaul and renewed focus on China • FT

Yuan Yang:

»

Lenovo has announced a plan to restructure and focus on its home market of China after two years of disappointing performance at what was the world’s top PC maker.

Yang Yuanqing, chief executive, took to Weibo, the Chinese social media network, to declare that Lenovo would be reorganised into a consumer-facing division focused on personal computers and smart devices and a business-to-business division to house its data services.

He also announced that Liu Jun, the respected executive who led the company’s 2014 acquisition of smartphone company Motorola Mobility from Google but left in 2014, would return to head the consumer division in its home market.

“The PC industry is changing . . . and China has the fastest-changing smart devices market,” he said. “China is our incubator for new products. In order to take advantage of the new opportunities brought by changes in our industry, we are restructuring.”

Lenovo did not respond to requests for comment but an email from Mr Yang to employees that was leaked on Tuesday said improving performance in its home market was crucial after a 67% fall in profits in the final quarter of 2016.

«

Lenovo still hasn’t put up its fiscal fourth-quarter results, nearly seven weeks after the end of the quarter (January-March). It’s amazingly sluggardly on this front.

It’s also trying to turn a profit on Motorola Mobility, which has been a money pit for years, and its tablets, which break even at best. No wonder it’s reorganising.
link to this extract


Apple’s new campus: an exclusive look inside the mothership • WIRED

Steven Levy:

»

We drive through an entrance that takes us under the building and into the courtyard before driving back out again. Since it’s a ring, of course, there is no main lobby but rather nine entrances. [Jony] Ive opts to take me in through the café, a massive atrium-like space ascending the entire four stories of the building. Once it’s complete, it will hold as many as 4,000 people at once, split between the vast ground floor and the balcony dining areas. Along its exterior wall, the café has two massive glass doors that can be opened when it’s nice outside, allowing people to dine al fresco.

“This might be a stupid question,” I say. “But why do you need a four-story glass door?”

Ive raises an eyebrow. “Well,” he says. “It depends how you define need, doesn’t it?”

We go upstairs, and I take in the view. From planes descending to SFO, and even from drones that buzz the building from a hundred feet above it, the Ring looks like an ominous icon, an expression of corporate power, and a what-the-fuck oddity among the malls, highways, and more mundane office parks of suburban Silicon Valley. But peering out the windows and onto the vast hilly expanse of the courtyard, all of that peels away. It feels … peaceful, even amid the clatter and rumble of construction. It turns out that when you turn a skyscraper on its side, all of its bullying power dissipates into a humble serenity.

«

Not just on its side; on its side and curved, ouroboros-style, into itself. The web page’s title is, wonderfully, “One More Thing”, because of course it was Steve Jobs who drove its creation. It’s his last act.

Also:

»

“It’s frustrating to talk about this building in terms of absurd, large numbers,” Ive says. “It makes for an impressive statistic, but you don’t live in an impressive statistic. While it is a technical marvel to make glass at this scale, that’s not the achievement. The achievement is to make a building where so many people can connect and collaborate and walk and talk.” The value, he argues, is not what went into the building. It’s what will come out.”

«

As with pretty much all things Apple, Ive’s point will get missed in favour of LOOK AT THE BIG NUMBER.
link to this extract


“MP3 is dead” missed the real, much better story • Marco.org

Marco Arment:

»

If you read the news, you may think the MP3 file format was recently officially “killed” somehow, and any remaining MP3 holdouts should all move to AAC now. These are all simple rewrites of Fraunhofer IIS’ announcement that they’re terminating the MP3 patent-licensing program.

Very few people got it right. The others missed what happened last month:

If the longest-running patent mentioned in the aforementioned references is taken as a measure, then the MP3 technology became patent-free in the United States on 16 April 2017 when U.S. Patent 6,009,399, held by and administered by Technicolor, expired.

MP3 is no less alive now than it was last month or will be next year — the last known MP3 patents have simply expired.1
So while there’s a debate to be had — in a moment — about whether MP3 should still be used today, Fraunhofer’s announcement has nothing to do with that, and is simply the ending of its patent-licensing program (because the patents have all expired) and a suggestion that we move to a newer, still-patented format…

…MP3 is supported by everything, everywhere, and is now patent-free. There has never been another audio format as widely supported as MP3, it’s good enough for almost anything, and now, over twenty years since it took the world by storm, it’s finally free.

«

While AAC still has patents, and Ogg Vorbis and Opus aren’t supported widely enough.
link to this extract


Errata, corrigenda and ai no corrida: none notified

Start Up: business models and #Wannacry, Google’s bad health deal, smart Apple Watch bands?, and more


Things are different at White House press briefings nowadays. Photo by DonkeyHotey at Flickr

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 11 links for you. Can you keep a secret? I’m @charlesarthur on Twitter. Observations and links welcome.

Is Trump trolling the White House press corps? • The New Yorker

Andrew Marantz with a masterful, in-depth piece about the useless “journalists” who have been added to the accredited group by the incoming administration, essentially in order to dilute the media’s effectiveness. This was on a day when anonymous sources were suggesting Flynn might be fired:

»

In Trump’s first two bilateral press conferences, he gave one question to Reuters and three questions to right-leaning outlets owned by Rupert Murdoch: Fox News, Fox Business, and the New York Post. “Let’s see who he calls on today,” one correspondent said. “National Enquirer, maybe? Whoever it is, they’d better fucking ask about Flynn.”

After Trump and Trudeau made brief remarks, Trump’s first question went to Scott Thuman, of the Sinclair Broadcast Group, which owns dozens of TV news affiliates across the country. According to Politico, Trump’s son-in-law, Jared Kushner, had struck a deal with Sinclair during the campaign: in exchange for increased access to Trump, Sinclair agreed to air footage of the candidate uninterrupted by commentary. (Sinclair denied this.) Thuman asked about the relationship between Trump and Trudeau, given their “philosophical differences.”

Trump’s second question went to Kaitlan Collins, a twenty-four-year-old reporter with the conservative Web site the Daily Caller. This was the press corps’s last chance to ask about Flynn. Several reporters craned their necks to get a look at Collins. “President Trump,” she began, “now that you’ve been in office and received intelligence briefings for nearly one month, what do you see as the most important national-security matters facing us?”

Many of the reporters were unable to mask their displeasure in person; on Twitter, the reactions were even stronger.

«

Also, don’t miss the way that a can of tuna stands in for a loaded revolver in a Chekhov play. It’s a long piece, but enormously rewarding.
link to this extract


How Trump gets his fake news • Politico

Shane Goldmacher:

»

While the information stream to past commanders in chief has been tightly monitored, Trump prefers an open Oval Office with a free flow of ideas and inputs from both official and unofficial channels. And he often does not differentiate between the two. Aides sometimes slip him stories to press their advantage on policy; other times they do so to gain an edge in the seemingly endless Game of Thrones inside the West Wing.

The consequences can be tremendous, according to a half-dozen White House officials and others with direct interactions with the president. A news story tucked into Trump’s hands at the right moment can torpedo an appointment or redirect the president’s entire agenda. Current and former Trump officials say Trump can react volcanically to negative press clips, especially those with damaging leaks, becoming engrossed in finding out where they originated.

That is what happened in late February when someone mischievously gave the president a printed copy of an article from GotNews.com, the website of internet provocateur Charles C. Johnson, which accused deputy chief of staff Katie Walsh of being “the source behind a bunch of leaks” in the White House.

No matter that Johnson had been permanently banned from Twitter for harassment or that he offered no concrete evidence or that he had lobbed false accusations in the past and recanted them. Trump read the article and began asking staff about Walsh. Johnson told POLITICO that he tracks the IP addresses of visitors to his website and added: “I can tell you unequivocally that the story was shared all around the White House.”

«

It gets worse. Honestly. The Washington Post also reports that Trump told the Russian ambassador (who, let’s note, isn’t a security individual) details about the Islamic State laptop threat which could compromise sources. Just amazing.
link to this extract


Uber allowed to continue self-driving car project but must return files to Waymo • The Guardian

Sam Levin:

»

A judge has granted a partial reprieve to Uber in its high-profile intellectual property lawsuit with Google’s self-driving car operation, allowing the ride-hailing company to continue developing its autonomous vehicle technology.

The judge, however, has barred an Uber executive accused of stealing trade secrets from Google spin-off Waymo from continuing to work on self-driving cars’ radar technology, and has ordered Uber to return downloaded documents to Waymo. The judge also said that evidence indicates that Waymo’s intellectual property has “seeped into Uber’s own … development efforts” – suggesting that Uber could face a tough battle as the case moves ahead.

Google’s lawyers were seeking a broader injunction against Uber, which could have significantly impeded the taxi startup’s entire self-driving car program, a move that could have been a fatal setback. The partial victory for Uber follows a judge’s recommendation that federal prosecutors launch a criminal investigation into the accusations that it stole Waymo’s technology.

«

The case has also been referred to criminal prosecutors on the basis that the code might have been stolen; and Waymo gets to review Uber’s code. Uber is really screwed.
link to this extract


Exclusive: upcoming Apple Watch to include game-changing health features • BGR

Jonathan Geller:

»

It has been rumored that Apple is interested in glucose monitoring, and it appears that the time may now be right. Previous rumors have stated that Apple might only be able to achieve this through a separate device that might complement the watch, however BGR has learned that this might not be accurate.

According to our source, Apple’s sights are now set on the epidemic of diabetes, and the company plans to introduce a game-changing glucose monitoring feature in an upcoming Apple Watch. An estimated 30 million people suffer from diabetes in the US alone, according to the American Diabetes Association, so Apple’s efforts could lead to a historic achievement in the world of health and fitness.

Currently, the only way to properly measure blood sugar levels is by using a blood sample, or by using a device that penetrates the skin. It’s uncomfortable, difficult and painful, and there are not presently any widely available noninvasive methods that are accurate. Apple isn’t stopping at just glucose monitoring, however.

Apple also plans to introduce interchangeable “smart watch bands” that add various functionality to the Apple Watch without added complexity, and without increasing the price of the watch itself. This could also mean that the glucose monitoring feature will be implemented as part of a smart band, rather than being built into the watch hardware.

«

I could believe smart bands doing the job, if the job can be done.
link to this extract


Who’s behind the ransomware pandemic? One small clue points to North Korea • Forbes

Thomas Fox-Brewster:

»

The clue lies in the code. Google security researcher Neel Mehta posted a mysterious tweet linking to two samples of malware: one was WannaCry, the other a creation of a gang of hackers called the Lazarus Group, which has been linked to the catastrophic 2014 hack of Sony and attacks on the SWIFT banking system that resulted in a record $81 million cyber theft from a Bangladeshi bank. Lazarus was also said to be North Korean, according to previous analyses by numerous security firms.

After Mehta’s post, Kaspersky Lab probed the code, as did Proofpoint security researcher Darien Huss and founder of Comae Technologies Matthieu Suiche. All have been actively investigating and defending the web against WannaCry and were intrigued at the possible link to North Korea.

All believe that Mehta’s find could provide a clue as to the possible creators of WannaCry, which has resulted in huge downtime for hospitals in the U.K. and caused downtime in Nissan and Renault car factories, amongst other issues. But, they all note, it could be a false flag purposefully lodged in the code to lead everyone down the wrong path.

«

link to this extract


Google received 1.6 million NHS patients’ data on an ‘inappropriate legal basis’ • Sky News

Alexander Martin:

»

Google’s artificial intelligence arm received the personally identifying medical records of 1.6 million patients on an “inappropriate legal basis”, according to the most senior data protection adviser to the NHS.

Sky News has obtained a letter sent to Professor Stephen Powis, the medical director of the Royal Free Hospital in London, which provided the patients’ records to Google DeepMind.

It reveals that the UK’s most respected authority on the protection of NHS patients’ data believes the legal basis for the transfer of information from Royal Free to DeepMind was “inappropriate”.

The development raises fresh concerns about how the NHS handles patients’ data after last week’s cyberattack on hospitals and GP surgeries, which could have been prevented if staff had followed guidance issued a month earlier.

While there are strict legal protections ensuring the confidentiality of patients’ records, under common law patients are “implied” to have consented to their information being shared if it was shared for the purpose of “direct care”.

However, this basis was not valid in the arrangement between Royal Free and DeepMind in the view of Dame Fiona Caldicott, the National Data Guardian at the Department of Health, who has contributed to an investigation into the deal.

«

This is going to get overlooked. But it shouldn’t.
link to this extract


WannaCry about business models • Stratechery

Ben Thompson:

»

This comparison [by Microsoft of the EternalBlue exploit to a Tomahawk missile], frankly, is ridiculous, even if you want to stretch and say that the impact of WannaCry on places like hospitals may actually result in physical harm (albeit much less than a weapon of war!).

First, the U.S. government creates Tomahawk missiles, but it is Microsoft that created the bug (even if inadvertently). What the NSA did was discover the bug (and subsequently exploit it), and that difference is critical. Finding bugs is hard work, requiring a lot of money and effort. It’s worth considering why, then, the NSA was willing to do just that, and the answer is right there in the name: national security. And, as we’ve seen through examples like Stuxnet, these exploits can be a powerful weapon.

Here is the fundamental problem: insisting that the NSA hand over exploits immediately is to effectively demand that the NSA not find the bug in the first place. After all, a patched (and thus effectively published) bug isn’t worth nearly as much, both monetarily as ShadowBrokers found out, or militarily, which means the NSA would have no reason to invest the money and effort to find them. To put it another way, the alternative is not that the NSA would have Microsoft about EternalBlue years ago, but that the underlying bug would have remained un-patched for even longer than it was (perhaps to be discovered by other entities like China or Russia; the NSA is not the only organization searching for bugs).

In fact, the real lesson to be learned with regard to the government is not that the NSA should be Microsoft’s QA team, but rather that leaks happen: that is why, as I argued last year in the context of Apple and the FBI, government efforts to weaken security by fiat or the insertion of golden keys (as opposed to discovering pre-existing exploits) are wrong.

«

(Well, the US government *buys* Tomahawks from Raytheon. But anyway.) Thompson says the real problem is that software licences were single-payment, rather than subscription. Fair point, but the business wasn’t ready for subscription models then.
link to this extract


NHS Trusts ignored patch that would’ve averted malware disaster • Engadget

Jamie Rigg:

»

The ransomware attack that crippled crucial NHS systems across the UK and continues to cause disruption could have easily been contained, according to NHS Digital. The body, which oversees data and IT infrastructure across the NHS, said hospitals and other arms of the service had ample time to upgrade their systems. The ‘WannaCry’ malware variant used a Windows exploit Microsoft patched in mid-March this year. At the end of April, NHS Digital notified staff and “more than 10,000 security and IT professionals,” pointing them to a patch that would “protect their systems.” It seems this advisory fell on some deaf ears, which explains why only certain NHS Trusts were affected.

Over the weekend, NHS Digital also addressed speculation that aging infrastructure was to blame: “While the vast majority [of NHS organisations] are running contemporary systems, we can confirm that the number of devices within the NHS that reportedly use XP has fallen to 4.7%, with this figure continuing to decrease.” Windows XP was put out to pasture in spring 2014, though the UK government did pay for an extra year of support back then. In reaction to the spread of ‘WannaCrypt,’ Microsoft took the “highly unusual step” of issuing a patch for out-of-support systems last Friday.

Reading between the lines, NHS Digital is basically blaming the update apathy of individual Trusts as the reason for the ransomware’s spread.

«

“Apathy” is probably the wrong word. It’s about priorities.
link to this extract


The iPad mystery • Monday Note

Jean-Louis Gassée:

»

If we extrapolate the iPad evolution — a risky exercise in derivative thinking — we’re led to assume that the iPad Pro will usurp more MacBook functionality. One can imagine a version of iOS that offers multiple resizable windows, more file management features…

Follow this line of thinking and you’re led to a quasi-MacBook that has a detachable keyboard, a touch screen, a Pencil 2.0 with a magnet, a somewhat simpler — but not too simple — user interface… To me, this is an uncomfortable contemplation; it could lead to a Swiss Army knife. Gone would be the respective simplicities of the original iPad and the well-honed MacBook.

Nonetheless, it’s not out of the question. We’ve seen before that Apple execs aren’t troubled by intramural cannibalization: Better to do it oneself than to be eaten by the competition.

What is questionable is the cost advantage for such a device. The Apple-designed Ax processor might cost less than the current Intel hardware in a MacBook, but memory (RAM) size will have to increase in order to support the new, more complex Pro UI. And then you have the added cost of a touch screen and of bundling the keyboard and stylus. A beefier iPad Pro won’t enjoy a sizable cost advantage. (For what it’s worth, today’s entry-level MacBook with 8GB RAM and 256GB of disk storage is priced at $1,249. A 12.9” iPad Pro with 256 GB of storage, a Smart Keyboard and a Pencil will cost… $1247. And they weigh just about the same: 2 lbs.)

«

Personally I find the 9.7in iPad Pro the perfect tablet: really light, small, but big enough to work on. Add 4G and it’s perfect – more convenient than a laptop. Use Workflow and Pythonista and you can get pretty much anything done.

Question is, what’s missing from it? It’s got Office. What else do most people want?
link to this extract


FTC cracks down on internet tech support scams • Engadget

Jon Fingas:

»

The Federal Trade Commission isn’t letting up in its quest to rid the world of tech support scammers. Officials have launched a legal campaign, Operation Tech Trap, in a bid to crack down on frauds that rely on a mix of web pop-ups and phone calls to frighten you into paying up. The effort includes four fresh complaints (in Alabama, Colorado, Florida and Ohio), two settlements (in Connecticut and Florida) and charges against seven people — two of which have already pleaded guilty. It’s as much a public show of the FTC’s might as it is a significant bust, but many of the perpetrators were particularly insidious.

In most cases, the scams produce fake alerts that claim your PC is infected or hacked, and urge you to call a toll-free number for help. They sometimes even include a countdown to make it seem like your files will vanish if you don’t act. If you’re spooked enough to call, you promptly talk to telemarketers posing as technicians (usually from Microsoft or Apple) who will insist your system is compromised and offer to either repair or protect your system if you pay hundreds of dollars.

«

Scammers going to scam.
link to this extract


Sophos waters down ‘NHS is totally protected’ by us boast • The Register

John Leyden:

»

Sophos updated its website over the weekend to water down claims that it was protecting the NHS from cyber-attacks following last week’s catastrophic WannaCrypt outbreak.

Proud website boasts that the “NHS is totally protected with Sophos” became “Sophos understands the security needs of the NHS” after the weekend scrub-up.

Security-watchers, including former staffer Graham Cluley, noticed the reverse ferret.

Sophos didn’t publish a definition update until 1825 BST, hours after an outbreak that forced hospitals to postpone scheduled treatments and appointments in scores of NHS Trusts. Sophos Live Protection functionality, if enabled, could detect WannaCrypt earlier than that.

Signature updates aren’t the only layer of security in modern anti-malware but this only raises further questions about why Sophos’s technology didn’t pick up an attack based on a known exploit patched by Microsoft two months prior.

«

(“Reverse ferret” is British newspaper lingo for a complete reverse of direction.)
link to this extract


Errata, corrigenda and ai no corrida: a link (ostensibly to The Daily Telegraph) yesterday had a link via a Russian server. I don’t know how this happened; it was a result via DuckDuckGo. I’ve fixed it on the site, but you might want to be wary of clicking it if you received the email.

Start Up: reporting (and tracking) #Wannacry, interviewing Trump, Apple buys Lattice Data, and more


Microsoft says the theft of the exploit that led to last week’s ransomware is as bad as that of a Tomahawk missile. Photo by Tim Evanson on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 12 links for you. Use them wisely. I’m @charlesarthur on Twitter. Observations and links welcome.

Bad malware, worse reporting • Light Blue Touchpaper

Professor Ross Anderson, in typically forthright form:

»

The first point is that there’s not a really lot of this malware. The NHS has over 200 hospitals, and the typical IT director is a senior clinician supported by technicians. Yet despite having their IT run by well-meaning amateurs, only 16 NHS organisations have been hit, according to the Register and Kaspersky – including several hospitals.

So the second point is that when the Indy says that “The NHS is a perfect combination of sensitive data and insecure storage. And there’s very little they can do about it” the answer is simple: in well over 90% of NHS organisations, the well-meaning amateurs managed perfectly well. What they did was to keep their systems patched up-to-date; simple hygiene, like washing your hands after going to the toilet.

The third takeaway is that it’s worth looking at the actual code. A UK researcher did so and discovered a kill switch.

Now I am just listening on the BBC morning news to a former deputy director of GCHQ who first cautions against alarmist headlines and argues that everyone develops malware; that a patch had been issued by Microsoft halfway through March; that you can deal with ransomware by keeping decent backups; and that paying ransom will embolden the bad guys. However he claims that it’s clearly an organised criminal attack. (when it could be one guy in his bedroom somewhere) and says that the NCSC should look at whether there is some countermeasure that everyone should have taken (for answer see above).

So our fourth takeaway is that although the details matter, so do the economics of security. When something unexpected happens, you should not just get your head down and look at the code, but look up and observe people’s agendas. Politicians duck and weave; NHS managers blame the system rather than step up to the plate; the NHS as a whole turns every incident into a plea for more money; the spooks want to avoid responsibility for the abuse of their stolen cyberweaponz, but still big up the threat and get more influence for a part of their agency that’s presented as solely defensive. And we academics? Hey, we just want the students to pay attention to what we’re teaching them.

«

I made my own contribution to the various pieces on this. Decide for yourself whether Anderson would be satisfied with it.
link to this extract


How to accidentally stop a global cyber attack • MalwareTech

The anonymous @malwaretech, who registered the domain that was hard-coded into the Wannacry ransomware:

»

one thing that’s important to note is the actual registration of the domain was not on a whim. My job is to look for ways we can track and potentially stop botnets (and other kinds of malware), so I’m always on the lookout to pick up unregistered malware control server (C2) domains. In fact I registered several thousand of such domains in the past year.

Our standard model goes something like this.

1) Look for unregistered or expired C2 domains belonging to active botnets and point it to our sinkhole (a sinkhole is a server designed to capture malicious traffic and prevent control of infected computers by the criminals who infected them).

2) Gather data on the geographical distribution and scale of the infections, including IP addresses, which can be used to notify victims that they’re infected and assist law enforcement.

3) Reverse engineer the malware and see if there are any vulnerabilities in the code which would allow us to take-over the malware/botnet and prevent the spread or malicious use, via the domain we registered.
In the case of WannaCrypt, step 1, 2 and 3 were all one and the same, I just didn’t know it yet.

A few seconds after the domain had gone live I received a DM from a Talos analyst asking for the sample I had which was scanning SMB host, which i provided. Humorously at this point we had unknowingly killed the malware so there was much confusion as to why he could not run the exact same sample I just ran and get any results at all. As curious as this was, I was pressed for time and wasn’t able to investigate, because now the sinkhole servers were coming dangerously close to their maximum load.

«

His full post includes his concern that by registering the domain, he’d actually activated the malware. It’s quite a tale. Plus he has praise for the UK’s National Cyber Security Centre and the FBI, among others.
link to this extract


Revealed: The 22-year-old IT expert who saved the world from ransomware virus but lives for surfing

This has all the details about the guy who found the (first) fix. Didn’t go to university, is self-taught. Of this story, he said “I always thought I’d be doxed by skids [script kiddies] but turns out Journalists are 100x better at doxing”.
link to this extract


Lessons from last week’s cyberattack • Microsoft on the Issues

Brad Smith is Microsoft’s chief legal officer:

»

Finally, this attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem. This is an emerging pattern in 2017. We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world. Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage. An equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missiles stolen. And this most recent attack represents a completely unintended but disconcerting link between the two most serious forms of cybersecurity threats in the world today – nation-state action and organized criminal action.

The governments of the world should treat this attack as a wake-up call. They need to take a different approach and adhere in cyberspace to the same rules applied to weapons in the physical world. We need governments to consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits. This is one reason we called in February for a new “Digital Geneva Convention” to govern these issues, including a new requirement for governments to report vulnerabilities to vendors, rather than stockpile, sell, or exploit them. And it’s why we’ve pledged our support for defending every customer everywhere in the face of cyberattacks, regardless of their nationality.

«

Emphasis added. Smith isn’t wrong: the damage this is causing is so hard to estimate, and forecast, that the comparison is apt.
link to this extract


Wcrypt Tracker • Malwaretech

An interactive, live map of where machines being infected by the Wannacrypt (aka #Wannacry – geddit?) are located. At the time of checking, only 74 online, and 203,000 disconnected. It’s going to be updated with newer variants too.
link to this extract


Q&A: Transcript: Interview with Donald Trump • The Economist

More than one editor from The Economist sat down with Trump, who also had Steve Mnuchin, the Treasury secretary. The transcript shows their heroic struggle to get him to answer any question coherently:

»

Q: And are you contemplating things outside of corporate income tax? For example a VAT, which many countries have?
T: Well, you know, a lot of people consider the border tax a form of VAT.

Q: Are you still…
T: Part of the problem with NAFTA is that Mexico’s a VAT. So Mexico is paying almost…we pay 17%. So we are now down 17%, going into Mexico when we trade. So that’s like, you have a football team and every time they play a game, they’re down, you know, 25 points. How can you possibly do good?

Q: But would you consider…
T: You could actually make the case, that the 17 is doubled. You can make that case. You know, it’s 17 and it’s really 17 and it’s a double.
Mr Mnuchin: Right

Q: Would you consider a VAT for the United States?
T: Well the concept of VAT I really like. But let me give you the bad news. I don’t think it can be sold in this country because we’re used to an income tax, we’re used to a…people are used to this tax, whether they like it or don’t like, they’re used to this tax. I fully understand because I have a lot of property in the UK. And it’s, sort of, not a bad tax. And every time I pay it, they end up sending it back to me. In fact, my accountant is always saying…

Q: That’s a good tax.
T: No, it’s really not so bad. Like, I own Turnberry in Scotland. And every time I pay they say, “Yes sir, you pay it now but you get it back next year.” I said, “What kind of tax is this, I like this tax.” But the VAT is…I like it, I like it a lot, in a lot of ways. I don’t mean because of, you know, getting it back, you don’t get all of it back, but you get a lot of it back. But I like a VAT. I don’t think it can be sold in this country, I think it’s too much of a shock to this system. I can tell you if we had a VAT it would make dealing with Mexico very much easier. Because it could neutralise. And I really mean that. Part of the problem with NAFTA, the day they signed it, it was a defective deal. Because Mexico has almost a 17% VAT tax and it’s very much of a hidden tax, people don’t see it. So, but these guys, instead of renegotiating the following week…many years ago, how old is that? 35?

«

As I said, heroic. Read it for what he says about the China deal, and then take in the next link.
link to this extract


Critics pan Trump’s ‘early harvest’ trade deal with China • FT

Shawn Donnan:

»

The “early harvest” deal rolled out on Friday saw China agree to resume imports of US beef that were suspended in 2003, in a move that US cattle ranchers hailed as “historic” but which Chinese leaders had already agreed to last September. 

Beijing also committed to open its market to foreign-owned credit rating agencies and credit card companies — a pledge that addressed long-running US gripes but also resembled previous promises. Ahead of China’s 2001 accession to the World Trade Organisation, it had agreed to open credit cards — or the broader market for electronic payments made in renminbi — to foreign-owned companies such as Visa and MasterCard.

For its part the US has agreed to encourage natural gas sales to Chinese buyers and opened the door to imports of cooked chicken from China. 

More importantly, it offered its tacit endorsement for Beijing’s “Belt and Road” project to revive the ancient trade route to Europe by sending a delegation to a Beijing summit that started on Saturday.

That move upended the arm’s-length approach of the Obama administration and left the Trump administration struggling to explain why it was embracing a project many see as Beijing’s latest effort to replace the US as a trading and military power in the Asia-Pacific region…

…[Dan DiMicco, former chief executive of US steelmaker Nucor and a campaign adviser to Mr Trump who has long advocated a tough approach on Beijing] says that with its promise to sell more natural gas to China, the Trump administration risked undermining what is now an important competitive advantage for US industry — cheap energy costs — and the manufacturing renaissance it has promised. 

“When the gas exports [to China] get large enough, which they will, it will drive up natural gas prices for our domestic manufacturers, and negatively impact our reshoring efforts,” he says. 

«

Another quote:

»

“They got played,” was the blunter assessment of one former US official.

«

link to this extract


Why I don’t believe in blockchain • ongoing

Tim Bray:

»

I could maybe get past the socio-political issues, the misguided notion that in civilized countries, you can route around the legal system with “smart contracts” (in ad-hoc procedural languages) and algorithmic cryptography.

I could even skate around the huge business contra-indicator: something on the order of a billion dollars of venture capital money has flowed into the blockchain startup scene. And what’s come out? I’m not talking about platforms that are “ready for business” or “proven enterprise-grade” or “approved by regulatory authorities”, I’m talking about blockchain in production with jobs depending on it.

But here’s the thing. I’m an old guy: I’ve seen wave after wave of landscape-shifting technology sweep through the IT space: Personal computers, Unix, C, the Internet and Web, Java, REST, mobile, public cloud. And without exception, I observed that they were initially loaded in the back door by geeks, without asking permission, because they got shit done and helped people with their jobs.

That’s not happening with blockchain. Not in the slightest. Which is why I don’t believe in it.

«

link to this extract


Apple acquires AI company Lattice Data, a specialist in unstructured ‘dark data’, for $200m • TechCrunch

Ingrid Lunden:

»

What exactly is dark data? Our connected, digital world is producing data at an accelerated pace: there was 4.4 zettabytes of data in 2013 and that’s projected to grow to 44 zettabytes by 2020, and IBM estimates that 90% of the data in existence today was produced in the last two years.

But between 70% and 80 percent of that data is unstructured — that is, “dark” — and therefore largely unusable when it comes to processing and analytics. Lattice uses machine learning to essentially put that data into order and to make it more usable.

Think of it in terms of a jumble of data without labels, categorization or a sense of context — but with a certain latent value that could be unlocked with proper organization.

The applications of the system are manifold: they can be used in international policing and crime solving, such as this work in trying to uncover human trafficking; in medical research; and to help organise and parse paleontological research. It could also be used to help train AI systems by creating more useful data feeds.

It’s unclear who Lattice has been working with, or how Apple would intend to use the technology. Our guess is that there is an AI play here.

«

As guesses go, it’s not a hard one.
link to this extract


Is the gig economy working? • The New Yorker

Nathan Heller looks at the intersection of politics and the gig economy:

»

the place we find ourselves today is not unique. In “Drift and Mastery,” a young Walter Lippmann, one of the founders of modern progressivism, described the strange circumstances of public discussion in 1914, a similar time. “The little business men cried: We’re the natural men, so let us alone,” he wrote. “And the public cried: We’re the most natural of all, so please do stop interfering with us. Muckraking gave an utterance to the small business men and to the larger public, who dominated reform politics. What did they do? They tried by all the machinery and power they could muster to restore a business world in which each man could again be left to his own will—a world that needed no coöperative intelligence.” Coming off a period of liberalization and free enterprise, Lippmann’s America struggled with growing inequality, a frantic news cycle, a rising awareness of structural injustice, and a cacophonous global society—in other words, with an intensifying sense of fragmentation. His idea, the big idea of progressivism, was that national self-government was a coöperative project of putting the pieces together. “The battle for us, in short, does not lie against crusted prejudice,” he wrote, “but against the chaos of a new freedom.”

Revolution or disruption is easy. Spreading long-term social benefit is hard. If one accepts Lehane’s premise that the safety net is tattered and that gigging platforms are necessary to keep people in cash, the model’s social erosions have to be curbed. How can the gig economy be made sustainable at last?

«

It starts out as your average examination of “the sharing economy” but swerves off into the question of politics.
link to this extract


Predictably profitable, unpredictably valuable • Asymco

Horace Dediu on the relationship between Apple’s capital spending, product shipment numbers, and share price:

»

When looking through the [spending and revenue] data, quarter after quarter, year after year, there is a consistency and reliability to the spending/revenue relationship which implies, to me at least, a high degree of certainty.

This predictability, however, has not detracted from the volatility in Apple’s share price–an instrument designed to embody precisely this prediction.

Apple’s share price continues to see swings of more than 70% in any given 52 week period. In the latest 52 week period the shares traded between $89.47 and $154.88, a 73% swing.100% is not unheard of. Incidentally, S&P 500 volatility ranges around 45%. Apple is by far the largest company in the world and fairly old by large company standards. It should attract a certain premium of stability.

And yet it doesn’t. Skepticism around the company is continuously evident. It’s in the headlines written every day which concoct convoluted reasons to doubt future performance. It’s in the conversations I have with investors who question the tiniest of details in the design of a product (like headphone jack or home button) in order to gauge their impact on the survival of the firm. It’s in the continuous parade of “disruptive entrants” or “established giants” ready to knock the company off its perch by virtue of simply existing.

«

As one commenter points out, competitors to Apple have a strange tendency to focus on those tiny product details as if they were the clue to outselling Apple. (Google, for example, made much of the Pixel having a headphone jack.) That just isn’t how it works.
link to this extract


Apple will announce Amazon Prime Video coming to Apple TV at WWDC • Buzzfeed

John Paczkowski:

»

Sources in position to know tell BuzzFeed News that Amazon’s Prime video app — long absent from Apple TV — is indeed headed to Apple’s diminutive set-top box. Apple plans to announce Amazon Prime video’s impending arrive to the Apple TV App Store during the keynote at its annual Worldwide Developers Conference (WWDC) on June 5 in San Jose, California. A source familiar with the companies’ thinking say the app is expected to go live this summer, but cautioned that the hard launch date might change. Amazon had previously declined to even submit a Prime Video app for inclusion in Apple’s Apple TV App Store, despite Apple’s “all are welcome” proclamations.

Recode earlier reported that Apple and Amazon were nearing an agreement that may finally bring the Prime Video app to Apple TV. It’s now official.

As part of the arrangement between the two companies, Amazon — which stopped selling Apple TV devices two years ago, when it also banned Google’s Chromecast devices from its virtual shelves — will likely resume selling Apple’s set-top box. In October 2015, Amazon forbade third-party electronics sellers from selling Apple TVs and Google Chromecasts through their Amazon storefronts, arguing that the devices inspired “customer confusion.”

«

Some headlines have said “the feud is over”, but feuds involve two sides fighting. There’s no sign of Apple having treated Amazon any differently than any other developer. Amazon just hasn’t wanted to play. Now it does.
link to this extract


Errata, corrigenda and ai no corrida: none notified