Start Up: tech reacts to Trump, the voices in noise, VPN Android risks, the app misers, and more

A view of the Turracher Hoehe Pass: can you hear the hotel guests locked out of their rooms by ransomware? Photo by Christiane Jodl on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 12 links for you. Use them wisely. I’m @charlesarthur on Twitter. Observations and links welcome.

VPN on Android means ‘voyeuristic peeper network’ in many cases • The Register


A worrying number of VPN apps for Android mobile devices are rife with malware, spying, and code injection, say researchers.

A study [PDF] from the University of New South Wales in Australia and the University of California at Berkeley found that Android apps advertising themselves as VPN clients often contain poor security protections, and in some cases engage in outright malicious activities.

“Many apps may legitimately use the VPN permission to offer (some form of) online anonymity or to enable access to censored content,” the researchers write. “However, malicious app developers may abuse it to harvest users’ personal information.”

That sort of malicious activity is shockingly common, the researchers found. They studied the activity of 283 VPN apps on the Google Play store and catalogued the various risky and malicious activities they found:

82% of the VPN apps requested permission to access sensitive data on the device, such as SMS history
• 38% of the apps contained some form of malware
16% routed traffic through other devices, rather than a host server
16% use in-path proxies to modify HTML traffic in transit
Three of the 283 analysed apps specifically intercept bank, messaging, and social network traffic.


That’s not good. (It’s because it can break app sandboxing on Android; not sure whether this applies to iOS.)
link to this extract

Why we hear voices in random noise • Nautilus

Philip Jake:


Neil Bauman is an audiologist who runs a center in Pennsylvania called The Hearing Loss Help Center. He’s created a discussion forum for those experiencing a wide range of anomalous auditory perceptions including auditory pareidolia. Commenters detail their experiences, often believing they are symptomatic of mental illness. For example, one commenter writes: “I thought I was going crazy. When my air conditioner is on, I wake up and hear light conversations. I would go to the window to see if anyone was outside, or I would turn the air conditioner off [and] it would stop. Sometimes it sounds like a radio.”

Another, more at-ease commenter, writes about her similar experience of hearing voices from the sound of central air control: “I would hear faint voices—whispering, conversing, singing, or chanting! It sounded like a crowded room, full of people at a party in a distant room somewhere in the building. After a while I came to enjoy the sound, as they seemed to be enjoying themselves at the ‘party,’ and it helped lull me to sleep at night.”


This is the converse to the one the other day where you hear something like “blargh blargh” and your phone hears “open that malicious URL!”
link to this extract

Hotel ransomed by hackers as guests locked in rooms • The Local

NOTE: elements of this story have been shown to be wrong. (Update tomorrow.) Koen Berghuis:


One of Europe’s top hotels has admitted they had to pay thousands in Bitcoin ransom to cybercriminals who managed to hack their electronic key system, locking hundreds of guests in or out of their rooms until the money was paid.

Furious hotel managers at the Romantik Seehotel Jaegerwirt, a luxurious 4-star hotel with a beautiful lakeside setting on the Alpine Turracher Hoehe Pass in Austria, said they decided to go public with what happened to warn others of the dangers of cybercrime.

And they said they wanted to see more done to tackle cybercriminals as this sort of activity is set to get worse. The hotel has a modern IT system which includes key cards for hotel doors, like many other hotels in the industry.

Hotel management said that they have now been hit three times by cybercriminals who this time managed to take down the entire key system. The guests could no longer get in or out of the hotel rooms and new key cards could not be programmed.

The attack, which coincided with the opening weekend of the winter season, was allegedly so massive that it even shut down all hotel computers, including the reservation system and the cash desk system.


link to this extract

Apple strategy in ‘smart home’ race threatened by Amazon • Reuters

Stephen Nellis:


Developers can ask Apple to certify an unlisted factory they want to use. But the limited selection means that device makers can’t always get the best prices or work with their preferred factories. The founder of one startup that considered pursuing HomeKit approval for a device that helps control home temperatures said the company picked a factory with 40,000 employees that was making well known “Star Wars” toys, but it couldn’t use that factory for HomeKit products.

“They’re a huge company, a legitimate manufacturer that makes tech household brands. And yet they’re not [Apple] certified,” said the founder, who declined to speak on the record because of non-disclosure agreements with Apple.

Manufacturers also have to send product samples to Cupertino, where Apple tests them extensively for compatibility. The whole process can take three to five months. During that time, device makers aren’t allowed to say publicly that they’re pursuing HomeKit certification.

Some developers say it’s worth it. “They found issues with our product before we released it that we didn’t find in our testing,” said Gimmy Chu, CEO of Nanoleaf, a smart lighting system. “We know that after we have the certification that it’s rock solid.”

Alexa, by contrast, only requires smart home companies to write software code and submit it to Amazon for review. There are no special chips. To earn the “Works with Alexa” label -which isn’t required to function with Alexa but does help promote products on Amazon’s website – startups must have their products physically tested. Amazon does allow that to happen in a third-party lab, however.


Which makes one wonder if a real problem with Amazon’s approach will be found rather later.
link to this extract

Automating power: Social bot interference in global politics • First Monday

Samuel Woolley:


Until roughly six years ago, technologically adept marketers used social bots to send blatant spam in the form of automatically proliferated social media advertising content (Chu, et al., 2010). A growing collection of recent research reveals, however, that political actors worldwide are beginning to make use of these automated software programs in subtle attempts to manipulate relationships and opinion online (Boshmaf, et al., 2011; Ratkiewicz, et al., 2011a; 2011b; Metaxas and Mustafuraaj, 2012; Alexander, 2015; Abokhodair, et al., 2015). Politicians now emulate the popular twitter tactic of purchasing massive amounts of bots to significantly boost follower numbers (Chu, et al., 2012). Militaries, state contracted firms, and elected officials use political bots to spread propaganda and flood newsfeeds with political spam (Cook, et al., 2014; Forelle, et al., 2015).

Political bots are among the latest, and most unique, technological advances situated at intersection of politics and digital strategy…

…Many computer scientists and policy makers treat bot-generated traffic as a nuisance to be detected and managed. System administrators at companies like Twitter work to simply shut down accounts that appear to be running via automatic scripts. These approaches are too simplistic and avoid focusing on the larger, and systemic, problems presented by political bot software. Political bots suppress free expression and civic innovation through the demobilization of activist groups and the suffocation of democratic free speech. They subtly work to manipulate public opinion by giving false impressions of candidate popularity, regime strength and international relations. The disruption to public life caused by political bots is enhanced by innovations in parallel computation and innovations to algorithm construction.

Political bots must, therefore, be better understood for the sake of free speech and the future of digitally mediated civic engagement.


To say the least.
link to this extract

Most smartphone users spend nothing on apps • Gartner


Over half of smartphone users spend no money on smartphone apps (paid-for downloads and in-app transactions), according to a new survey by Gartner, Inc. (see Figure 1)*. However, end-user spending on in-app transactions continues to rise.

“Where users are prepared to pay for apps, spending on in-app transactions is on the rise — up 26% from 2015 — while spending on paid-for downloads only increased 4% in 2016,” said Stéphanie Baghdassarian, research director at Gartner. In this year’s survey, mean spending on in-app transactions was $11.59, while mean spending on paid-for downloads reached $7.67.

Paid-for downloads are more likely to be associated with smaller amounts of spending. Respondents who spent $15 or more over a three-month period were more likely to have done so through in-app transactions. “This is largely because the vast majority of paid-for mobile apps have a price tag of $1.99 or less, while the activation of in-app transactions usually means that the user has found value in an app and will be happy to spend more on it,” Ms, Baghdassarian added.


Not surprising; I think the same applies for many things, including searches and app downloads. But it does show how reliant app developers are on the “whales” who spend big: those people on the right-hand side may not be a big percentage, but they’re worth far more (obviously) than those on the left.
link to this extract

Apple, Google, Uber, Tesla, and others react to Trump’s refugee ban • BuzzFeed News

Charlie Warzel and Sheera Frankel:


Apple, Google, Uber, Tesla, and others react to Trump’s refugee ban; Intel, Hewlett-Packard and Oracle did not respond to multiple requests for comment. Oracle CEO Safra Catz serves on a Trump administration advisory committee.


You can guess most of it. They’re against it – though Uber seems to have a problem, because its CEO spoke out in favour of Trump (early in the administration, i.e. more than a week ago) while its CTO came out strongly against.

Oracle’s position is… let’s say compromised.
link to this extract

Google recalls staff to US after Trump immigration order • Bloomberg

Mark Bergen:


Alphabet Inc.’s Google delivered a sharp message to staff traveling overseas who may be impacted by a new executive order on immigration from President Donald Trump: get back to the US now.

Google chief executive officer Sundar Pichai slammed Trump’s move in a note to employees Friday, telling them that more than 100 company staff are affected by the order.

“It’s painful to see the personal cost of this executive order on our colleagues,” Pichai wrote in the memo, a copy of which was obtained by Bloomberg News. “We’ve always made our view on immigration issues known publicly and will continue to do so.”

The comments underscore a growing rift between the Trump administration and several large U.S. technology companies, which include many immigrants in their ranks and have lobbied for fewer immigration restrictions. Pichai’s note echoed similar statements from tech peers voicing concerns about the harm such policies could have on their businesses.


So Larry Page (and all the others) going along to that tech summit had a big impact, eh? Learn the lesson: you can’t reason with this sort of person.
link to this extract

Fake news is about to get even scarier than you ever dreamed • Vanity Fair

Nick Bilton:


At corporations and universities across the country, incipient technologies appear likely to soon obliterate the line between real and fake. Or, in the simplest of terms, advancements in audio and video technology are becoming so sophisticated that they will be able to replicate real news—real TV broadcasts, for instance, or radio interviews—in unprecedented, and truly indecipherable, ways. One research paper published last year by professors at Stanford University and the University of Erlangen-Nuremberg demonstrated how technologists can record video of someone talking and then change their facial expressions in real time. The professors’ technology could take a news clip of, say, Vladimir Putin, and alter his facial expressions in real time in hard-to-detect ways. In fact, in this video demonstrating the technology, the researchers show how they did manipulate Putin’s facial expressions and responses, among those of other people, too.

This is eerie, to say the least. But it’s only one part of the future fake-news menace. Other similar technologies have been in the works in universities and research labs for years, but they have never really pulled off what computers can do today.


This is worrying. An even bigger worry: this would probably be in the hands of governments first.
link to this extract

China turns to blockchain to make markets clearer and cleaner • Reuters

Engen Tham:


Chinese banks are hiring blockchain experts as the government pushes use of the technology behind bitcoin to increase transparency and combat fraud in its financial sector.

Lenders have struggled for years with outdated and disparate technology. While four Chinese banks rank among the world’s five largest by capital, many still use paper, faxes and traditional chop stamps to verify documents.

Now, spurred by regulators, they are looking to use blockchain to leapfrog a generation of technology and clean up the system, bankers and blockchain experts say.

Demand from Chinese banks for experience in blockchain more than doubled last year and will grow further this year, headhunters and blockchain professionals say, as lenders scramble to catch up with Western counterparts that have already invested $1.5 billion in the technology.


link to this extract

Trump sold America a miracle cure. It will fail. He’ll get off for free • Slate

Alan Levinotivz has studied snake oil salesmen and medical confidence tricksters:


The kinship between Trump and peddlers of scientifically questionable medical advice couldn’t be clearer. Our president actively seeks out their company—from Robert F. Kennedy Jr., noted vaccine alarmist, to Dr. Oz, on whose show Trump pretended to be transparent about his health. It was a perfect match: Trump embodies the dubious therapies that Oz has endorsed—“miracle” diet beans, energy healing—and resembles Oz himself, a showman slinging half-truths and magical thinking to a hope-starved audience.

For those who reject such men, the appeal never fails to astonish. A doctor named Oz who wants you to believe in miracles? Come on. That’s like a pastor named Dollar who wants congregants to pay for his jet, or an unhinged narcissist who lives in a gold-plated apartment running as a populist president. Who, after weighing all the evidence, could actually take them seriously? Only credulous fools, right?

I used to think so, until about a decade ago, when my father called to ask if I knew anything about “zapping.” He told me that a close family friend, plagued by chronic health issues, had turned to a therapeutic machine named, incredibly, the Zapper. The contraption was designed by Hulda Clark, a naturopathic doctor who authored books with titles such as The Cure for All Diseases and The Cure for All Cancers, only to die in 2009 of blood and bone cancer.

This family friend was a trained nurse and the widow of a physician. Sharp, articulate, educated, nobody’s fool—and there she was, zapping herself with a machine invented by someone who died of what it supposedly prevented. I remember feeling the same punch-in-the-gut disbelief about her decision that I do today about people who voted for Trump. How could you fall for it?


I hope he’s wrong, but fear he’s right. Who’s going to pay for the wall? If it gets built, American consumers. What’s going to happen to healthcare? It won’t be available to all. The signs aren’t good.
link to this extract

What ad tests on Messenger tell us about Facebook’s plan to monetize messaging • MIDiA Research

Karol Severin:


There are 50 million business pages and approximately 3 million advertisers on Facebook. Its advertising revenue in 2015 was $17bn (across all platforms). Messenger now has a billion active users, which is a comparable audience size to Facebook’s audience. Through opening the advertising floodgates the messaging platform presents a multi-billion dollar opportunity- however, Facebook must be careful not to alienate its users in doing so. Pushing ads into private conversations could be the threshold.

Facebook knows this. It says that ads in Messenger will only be featured on home screens and not within conversations. Indeed, it makes all the sense for Facebook not to let traditional banner ads flood private conversations anytime soon – if ever.


But it will happen. Ad inventory must be filled.
link to this extract

Errata, corrigenda and ai no corrida: none notified

1 thought on “Start Up: tech reacts to Trump, the voices in noise, VPN Android risks, the app misers, and more

  1. Chas
    Worth checking Graham Cluely on the hotel ransomware story. He points out that it’s unlikely guests were locked in their rooms. Other bits unlikely too. All this false news 🙂

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.