Start up: Apple Music’s likely effects, no Paypal in Greece, how Bitstamp was hacked, and more


Of 58 aboard, only 15 survived. But was the crash due to machine or human error?

A selection of 8 links for you. Use them wisely. I’m charlesarthur on Twitter. Observations and links welcome.

Why the next few months of Apple Music will throw up a few surprises » Music Industry Blog

Mark Mulligan:

As we revealed on our MIDiA Research report on Apple Music back in March 28% of iOS users stated they were likely to pay for the service. Among downloaders the rate is 39% and for existing subscribers that rate rises to 62%. Consumer surveys of course always over-report so we shouldn’t expect those rates of paid adoption but the relative values are interesting nonetheless.

Given that 50% of existing subscribers are iOS users the implications are that a big chunk of Spotify et al’s subscribers will at the very least try out Apple’s 3 month trial, which is plenty enough time to get build a comprehensive library of playlists and to get hooked. But there is also going to be a big wave of downloaders that do not currently subscribe that will try it out.

As the iOS 8.4 update virtually pushes iTunes Music users into starting the trial on updating, expect pretty widespread uptake of the trial. Apple reached 11 million users for iTunes radio within 5 days of launch, 21 million within 3 months. Apple Music has had a far bigger build up and is much more deeply integrated into iOS so a fairly safe bet is that those numbers will at the very least be matched.

It’s getting people to pony up that’s hard. Adding Android users (with Apple Music for Android in autumn) might just be the icing on the cake; iOS is where the numbers and easy money will be.

Mulligan points to other surprises too – read on there.


Reddit’s AMA subreddit down after Victoria Taylor departure » Business Insider

Biz Carson:

The iAMA and Science subreddits both were set to private today after Reddit’s director of Communications, Victoria Taylor was allegedly dismissed. In a Reddit thread about her departure, she replied that she was “dazed” and “hopefully” plans to stay in the PR field.

Reddit and Taylor have not yet responded to request for comment.

One of Taylor’s job duties was coordinating the site’s popular AMAs.  Two of the site’s most popular posts ever are AMAs: the one with Barack Obama and a conversation with a man with two penises. The AMA subreddit became such a popular section of the site that Reddit eventually spun it out into its own app.

Something’s up at Reddit; it’s either going to come through this much stronger, or run into the sand.


40 states line up with Mississippi in Google Adwords pharma scrap » The Register

Andrew Orlowski:

Attorneys General representing 40 US states have filed an amicus brief backing Mississippi attorney general Jim Hood’s investigation into Google.

In December, the giant multinational sued the state of Mississippi after it had opened an investigation into Google’s business practices (claiming Hood’s complaints did not come under state law jurisdiction), and earlier this year a District Court froze this investigation.

The attorneys say if the freeze is upheld, it will have a chilling effect on investigative subpoenas across the US.

Hood’s 79-page subpoena inquires mainly into Google’s advertising practices, focussing on the sale of illegal and controlled substances.

Four pages consist of inquiries into how Google deals with IP enforcement. It follows from a 2011 non-prosecution agreement (NPA) between Google and the FBI, the FDA and Rhode Island into rogue drug traffickers, who used Google Adwords to move their wares. Google agreed to a $500m fine, $230m of which was funnelled to Rhode Island.

The NPA lapsed in 2013, three months early, with no indication from Federal authorities that Google had actually complied. That’s when the states got serious.

This is an odd case. Hood comes across as a little obsessed (but is that bad in a lawman?), but Google comes across as vindictive – and not a little defensive.


Bitstamp Incident Report (PDF) » Bitstamp

The bitcoin exchange had 18,000 BTC, worth (then) about $5m, stolen:

On 9 December 2014, Bitstamp’s Systems Administrator, Luka Kodric, received a phishing email to his Gmail account. Unlike some of the others targets, Kordic did have access to Bitstamp’s hot wallet. The email header had been spoofed to appear as if it had been sent from konidas@acm[.]org, although it was actually received from a Tor exit node [the email chain and header details can be seen in full at Appendix A].

ACM is the Association for Computing Machinery, which describes itself as the world’s largest educational and scientific computing society. The sender was offering Mr. Kodric the opportunity to join Upsilon Pi Epsilon (UPE), the International Honour Society for the Computing and Information Disciplines.

The UPE site is hosted within the acm.org domain. On 11 December, as part of this offer, the attacker sent a number of attachments. One of these, UPE_application_form.doc, contained obfuscated malicious VBA script. When opened, this script ran automatically and pulled down a malicious file from IP address 185.31.209.145, thereby compromising the machine.

As the security researcher The Grugq observed, “Computer security is such an unsolved problem that Bitstamp lost $5m because someone had macros enabled in Microsoft Word.”


The (slight) rise of _nomap » OpenSignal blog

Samuel Johnson, on OpenSignal’s checking of how many Wi-Fi networks added the suffix “_nomap” to stop Google mapping their location:

Wifi networks with nomap

This graph also shows a rise beginning at the end of 2013 and continuing into 2014. Edward Snowden’s revelations about the NSA’s privacy incursions occurred during the summer of 2013 – and so it is possible that the heightened awareness about privacy issues could have led to more people taking care that Google was not recording their Wi-Fi hotspot. However, compared to the number of global Wi-Fi networks detected by OpenSignal, it is clear that the number that adopted Google’s solution is very small.

So why is this? Obviously it was deeply concerning that Google were tracking payload data – but it is not in itself concerning that they are collecting Wi-Fi SSIDs (after all, this is what we at OpenSignal do). Those technologically savvy enough to have followed the story (and continued to do so months after the initial outburst of outrage) will know that Google had publicly pledged to stop tracking Wi-Fi payload data, and so any appending _nomap to their Wi-Fi hotspots would not make any difference to that.


We’ve finally hit the breaking point for the original Internet » The Washington Post

Brian Fung:

It’s finally happened. The North American organization responsible for handing out new IP addresses says its banks have run dry.

That’s right: ARIN, the American Registry for Internet Numbers, has had to turn down a request for the unique numbers that we assign to each and every smartphone, tablet and PC so they can talk to the Internet. For the first time, ARIN didn’t have enough IP addresses left in its stock to satisfy an entire order — and now, it’s activated the end-times protocol that will see the few remaining addresses out into the night.

The end of IPv4 has been forecast for a few years now. Looks like it’s actually going to happen, and we’ll move to IPv6.


PayPal no longer works in Greece—and why that matters » Quartz

Shelly Banjo:

Adding to their list of woes, Greeks can no longer use their PayPal accounts.

Limits on how much money Greeks can take out of banks put in place by their debt-stricken government as it negotiates with lenders have effectively crippled the online payment service, which relies on traditional banks and credit cards to transfer money.

According to a PayPal spokesman:

Due to the recent decisions of the Greek authorities on capital controls, funding of PayPal wallet from Greek bank accounts, as well as cross-border transactions, funded by any cards or bank accounts are currently not available. We aim to continue serving our valued customers in Greece in full, as we have for over a decade.

Except that they can’t serve their valued customers. So, why does it matter?

PayPal’s shutdown in Greece reminds us how difficult it is to disintermediate banks from the flow of money.

Well duh. Did you think it was all going to bitcoin? As the Bitstamp link above shows, good luck with that.


Faulty credit card-sized connector led to crash of 20-tonne plane » Bloomberg Business

Tim Culpan:

A faulty connector about the size of a credit card helped trigger a series of mechanical and human failures that led to the crash of a 20-ton aircraft in February, killing 43 people, investigators in Taiwan found.

Microscopic tests of a soldered connector joint on the TransAsia Airways Corp. plane engine showed potential cracking, and the connector failed post-crash tests, the Aviation Safety Council said in a report today.

That failure is at the heart of why the ATR72 twin-propeller plane incorrectly sounded a cockpit warning and an engine adjustment known as autofeather. That set in motion a series of pilot errors that eventually crashed the aircraft into a downtown Taipei river Feb. 4.

The autofeather made the engine ineffective. Pilot error then played a big part: they shut down the other engine, wrongly thinking it was the affected one.

How do you design faults like those out of a system? First the machines screw up, then the humans.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s