Start up: Google v Korea, AI for faces, why swimmers tie, how secure is iMessage?, Wonder remembers, and more

Can you think of someone who you’d really like to get infected by the Locky ransomware? We can. Picture by Christolph Scholz on Flickr.

Hello! We’re back. Is this thing on?

A selection of 12 links for you. Enough is enough. I’m charlesarthur on Twitter. Observations and links welcome.

South Korea confirms Google antitrust probe •

Song Jung-a:

»South Korea’s antitrust watchdog says it is looking at whether Google has violated the country’s anti-competition laws, officially confirming its scrutiny of the global internet search group for the first time.

The Korea Fair Trade Commission did not elaborate on the scope of the investigation.

Local media have reported that the regulator is probing the company’s advertising policy, after Korean advertising agents filed a complaint with the KFTC in 2014 that Google had not paid them commissions for online advertising since 2012.

Friday’s statement from the KFTC came on the same day the Seoul Economic Daily newspaper reported that the regulator was poised to clear Google of charges that it abused its dominant market position with its advertising policy.

Separate media reports have suggested Google is under scrutiny over alleged abuse of its Android smartphone operating system’s dominance.


This is quite strange when compared with the report from Business Korea, which says:

»The Fair Trade Commission (FTC) of South Korea came to a conclusion that Google Korea’s preloaded apps and subsidies for search ads do not constitute any abuse of market dominance. This is because Naver enjoyed a market share of more than 70%, Daum Kakao enjoyed a market share of 15% to 19% and that of Google was merely 2% to 8% during the period of 2008 to March this year, when Google was involved in preloading of apps in the South Korean market.


They’re slightly different, but Business Korea seems to be saying things are fine, where the FT is saying things aren’t.
link to this extract

Machine learning is fun! Part 4: modern face recognition with deep learning • Medium

Adam Geitgey:

»Ok, so which measurements should we collect from each face to build our known face database? Ear size? Nose length? Eye color? Something else?

It turns out that the measurements that seem obvious to us humans (like eye color) don’t really make sense to a computer looking at individual pixels in an image. Researchers have discovered that the most accurate approach is to let the computer figure out the measurements to collect itself. Deep learning does a better job than humans at figuring out which parts of a face are important to measure.
The solution is to train a Deep Convolutional Neural Network (just like we did in Part 3). But instead of training the network to recognize pictures objects like we did last time, we are going to train it to generate 128 measurements for each face.


Geitgey’s writeup is lengthy but all fascinating. (And there are three previous parts.)
link to this extract

Craig Federighi comes clean on how Night Shift avoids ghosting artifacts when scrolling • iDownload

Christian Zibreg:

»A customer from Germany emailed Craig Federighi, who is Apple’s Senior Vice President in charge of Software Engineering, to complain about Night Shift mode potentially emitting more blue light than F.l.ux, an iPhone app that serves the same purposes like Night Shift but was banned from the App Store following the release of iOS 9.3.

He received the following reply:


Given the display technology we push it as far as we can without introducing major red ghosting artifacts when scrolling / animating. (Unfortunately, the red phosphors in the LCD hold their color longer and when we shift the display too far into the red then scrolling results in irritating ghosting artifacts).



My expectation is that the next iPhones will have the Tru-Tone display which adjusts to the light around them. Which requires even better displays.
link to this extract

What if intelligent machines could learn from each other? • The Conversation

Raja Jurdak:

»As an example, we have demonstrated how smartphones that are in proximity to each other can both run their own AI machines and share logic blocks from their programs to accelerate learning how to maintain battery life.

There are two reasons behind these benefits. First, each phone learns independently, developing its own genetic material of program logic – an evolution of sorts.

This is known as the “island model” in evolutionary computing. In the IoT, each device becomes its own “island”. Occasionally, the devices share what they’ve learned.

This adds to the diversity of their genetic pool, which can be beneficial in a system that learns or evolves. It also means that both devices know how to react better to new contexts that may have originally been observed by other collaborating devices.


link to this extract

Russia tells Google to cough up some loose change in Android monopoly probe • The Register

Iain THomson:

»Russia’s Federal Antimonopoly Service (FAS) has fined Google 468 million rubles ($6.8m) on charges that its Android operating system has been illegally disadvantaging other software vendors.

Last February, the FAS announced an investigation into Android after complaints from local search engine Yandex that Android phones came bundled with some Google apps. Yandex whined that this was anticompetitive and was sucking away its business customers.

In a statement, the FAS said it was imposing the fine (equal to around three hours’ worth of profit last quarter for the search giant) because Google was forcing Russian mobile phone companies to install its search app, its Maps, and its App store.

The FAS also objected to these services occupying prime real estate on the screens of Android phones, and to the Chocolate Factory banning some Russian apps from its storefront.


link to this extract

How I got tech support scammers infected with Locky • Borderline

Ivan Kwiatkowski:

»I agree to purchase his package and find test credit card numbers as fast as I can. For obvious reasons, the payment processor rejects the transaction and we try again four or five times. In the end, I suggest using my second credit card and give him another random yet valid (as far as the Luhn algorithm is concerned) number. Dileep makes me repeat both payment details at least ten times and I play dumb. He calls his superior in the hopes of figuring out why the payment isn’t going through. In the meantime, I hear other operators in the background repeating credit card numbers and CVVs aloud. I’m assuming they’re not PCI-DSS compliant. That’s when I’m hit by a stroke of genius. I open my “junk” e-mail folder where I find many samples of the latest Locky campaign – those .zip files containing a JS script which downloads ransomware. I grab one at random, drag it into the VM. The remote-assistance client I installed has a feature allowing me to send files to the operator. I upload him the archive and say:

— I took a photo of my credit card, why don’t you input the numbers yourself? Maybe that’ll work.
At first, Dileep ignores me. He makes me type in my information a few more times (he’s persistent, I’ll give him that), until I put my foot down:

— Look, Dileep, I’m old and my sight is not so good. It’s starting to hurt, having to squint to read those tiny numbers. Also, we’ve established I’m no good with computers, how about you give me a hand here?

He says nothing for a short while, and then:
— I tried opening your photo, nothing happens.

(I do my best not to burst out laughing.)

— Are you sure? Sometimes my pictures have a problem opening on MacOS, are you on Windows?
— Yes, he replies. Your pictures are corrupted because your computer is infected. This is why we need to take care of this.

And while a background process quietly encrypts his files, we try paying a couple more times with those random CC numbers and he finally gives up, suggesting that I contact my bank and promising to call me back next Monday.

In conclusion, whenever one stumbles on an obvious scam, the civic thing to do is to act like you buy it. Rationale: scammers don’t have the time to separate legitimate mugus from the ones who just pretend.


That is so wonderfully wicked. I hope as many people as possible manage to do this.
link to this extract

This is why there are so many ties in swimming • Deadspin

Timothy Burke:

»why doesn’t FINA, the world swimming governing body, increase its timing precision by adding thousandths-of-seconds?

As it turns out, FINA used to. In 1972, Sweden’s Gunnar Larsson beat American Tim McKee in the 400m individual medley by 0.002 seconds. That finish led the governing body to eliminate timing by a significant digit. But why?

In a 50 meter Olympic pool, at the current men’s world record 50m pace, a thousandth-of-a-second constitutes 2.39 millimeters of travel. FINA pool dimension regulations allow a tolerance of 3 centimeters in each lane, more than ten times that amount. Could you time swimmers to a thousandth-of-a-second? Sure, but you couldn’t guarantee the winning swimmer didn’t have a thousandth-of-a-second-shorter course to swim. (Attempting to construct a concrete pool to any tighter a tolerance is nearly impossible; the effective length of a pool can change depending on the ambient temperature, the water temperature, and even whether or not there are people in the pool itself.)


In Lane 1, competing for Germany, Werner Heisenberg.
link to this extract

iMessage’s ‘end-to-end’ encryption hardly any better than TLS, say cryptography researchers • Tom’s Hardware

Lucian Armasu:

»Ever since Edward Snowden released the NSA documents, an encryption mechanism called “forward secrecy” has significantly increased in popularity with service providers. The mechanism essentially automatically rotates the encryption keys at regular intervals, and once it switches to a new key, past data can’t be decrypted anymore.

This has been a main feature of end-to-end encryption protocols such as Off-The-Record (OTR) and Signal, but Green said iMessage lacks it completely. The lack of forward secrecy means that if someone steals an iOS or macOS device and unlocks it, they can then decrypt past conversations from those devices.

The researchers also criticized Apple for using non-standard encryption that seems implemented in a rather ad hoc manner. Moreover, Apple doesn’t use a properly authenticated symmetric encryption algorithm and instead relies on a digital signature to prevent tampering. This is what makes the chosen ciphertext attacks that can recover full contents of some messages possible.

Green once again recommended that Apple entirely replace iMessage with a new messaging system that’s been properly designed and verified. However, he realizes that Apple has to maintain some sort of backwards compatibility for the hundreds of millions of users that would continue to use iMessage even if Apple did create a new messaging app.

Because of that, he and his team also proposed some “short-term patches” for iMessage that can make the older iMessage clients a little more secure, as well as some long-term ones that will break iMessage’s compatibility with the old clients…

…The researchers said that they have reported all of these vulnerabilities to Apple, and the company has already implemented most of the proposed short-term patches such as the duplicate RSA ciphertext detection and certificate pinning (only for iOS 9+ clients), and it removed gzip compression. However, Green and his team stressed that Apple should eventually do a major overhaul of the iMessage protocol while following their proposed long-term changes.


link to this extract

Twitter now censors verified journalist accounts in Turkey’s post-coup purge • The Daily Dot

Efe Kerem Sozeri:

»Based on two recent court orders issued after the July 15 coup attempt, on July 23 and on July 25, Twitter withheld at least 12 journalists’ and three media outlets’ accounts; three of the censored accounts are verified. A quick tally of recently censored journalists lists as many as 26 accounts, half of which are verified.

The majority of the censored accounts are the former reporters and editors of the Zaman Amerika daily, an outlet close to Gülen movement, which Erdoğan blames for the coup attempt. However, the list also includes a Kurdish journalist, @AmedDicleeT, who has 186,000 followers, Kurdish daily @ozgurgundemweb1, and even the official account of the Kurdish news agency @DicleHaberAjans.

However, Twitter’s censorship criteria is still unclear, as these accounts do not complete the full list of journalist accounts that Turkey wants censored in these two court orders. Two other journalists who worked at Gülen-affiliated outlets, @tuncayopcin and @EmreUslu, are listed in the order but are not censored, nor is reporter @RifatDogann who works for the independent outlet @Dikencomtr.

Beyond the journalist accounts, Twitter seem to protect its international credibility by not censoring Amnesty’s Turkey researcher @andrewegardner, whose account was listed in the first court order.


Twitter Turkey supports (lots of) censorship, and is toying with reintroducing the death penalty – the latter of which would disqualify it from joining the European Union. It’s a mess.
link to this extract

Wonder is a bot that will remember anything for you • TechCrunch

Sarah Perez:

»Quick! What’s your gym locker combination? Your girlfriend’s favorite Starbucks order? The type of ink your printer uses? Can’t remember? Gotta look it up? There’s a lot of information that we can’t access via a Google search, but instead tend to make a mental note of in order to recall. Sometimes, we might jot these things down in Notepad, but often we forget to do that, too. A new bot called Wonder wants to help by remembering anything you want, then return the information you need via a text message.

It’s a pretty simple but clever idea. After you go to the Wonder website and provide your phone number, the bot sends you a text that explains how it works.

Basically, you just text Wonder the information you’ll need to recall at a later date, and it stores that for you in its system. When you’re trying to later remember something, you just text Wonder a question, like “Who’s our company’s dental insurance provider?,” “When’s the next company meeting?,” or whatever other information you’ve previously fed into it by way of text message. The bot will promptly respond with the answer.


OK, given stuff like that which you don’t want to commit to a note (even a passworded note?), can see the point.
link to this extract

Why everything might not be ‘great’ at Google’s $2.4bn venture capital business • Business Insider

Sam Shead:

»Google Ventures is likely to say that there’s no overlap between itself and the other Alphabet investment divisions but it’s perfectly possible that they end up treading on one another’s toes from time to time.

One startup cofounder even went as far as to say: “GV had no role after the Alphabet split.”

Looking at the data
CB Insights looked at GV deal data over the last five years. The researchers found that GV made 46% less deals in 2015 — the year that Alphabet was formed — than it did in 2014.

The biggest drop-off in GV deal activity was at the seed stage, where GV went from a high of over 40 new deals in 2014 to 0 in the first half of 2016.

The CB Insights researchers wrote: “Growth investments done through Google Capital and direct minority investments by Google into the likes of SpaceX and Magic Leap have increased in the past two years.”

Although GV is yet to make any seed stage deals in 2016, it has made several larger deals. In the first half of the year, GV made 31% more investments than the same period in 2015, but 30% fewer than in H1 2014, according to CB Insights.

Ultimately, the success of a VC firm comes down to the number of big exits from startups in its portfolio. CB Insights notes that GV has had six exits over $1bn (£773m) since its inception, with the latest one coming after was acquired by Walmart for $3bn (£2.3bn).

A Google Ventures spokeswoman said: “Bill Maris has decided to step down to take a break with his family and tackle something new.”


link to this extract

Checking the time, and other killer smartwatch uses • NPD Research Group

Eddie Hold:

»Smartwatch adoption skews younger and lower income in many cases and while the natural inclination is to simply label this group as “early tech adopters,” the reality is a little different.

It appears that a successful target sector for the watch is the service industry, ranging from valets to bar staff and waiters. These are users that cannot stay glued to their phones while they are working, but still want access to “glanceable” information such as messaging notifications, alarms and (of course) how long they have left on any given shift. The ability to remain in contact without reaching for the phone is still the killer app.

This all bodes well for the newer generation of smartwatches, which can connect via cellular rather than just Bluetooth. The freedom to completely un-tether from the smartphone could become the next logical “killer use” as it means you can go for a run without carrying that ever-larger smartphone with you, for example, or range further in the restaurant without worrying about Bluetooth.


Would not have guessed that for the adopter market, but it does make sense when you consider it.
link to this extract

Errata, corrigenda and ai no corrida: it’s Turkey, not Twitter, that is considering the reintroduction of the death penalty.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.