Start Up: finding Comey, Samsung’s quest, spotting the real Trump, hacking smart TVs, HTC’s Pixel number, and more

Those fireworks are lighting up some of the most expensive property in the US. But where? Photo by Chris Ford on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam; and then it’ll arrive on Monday.

A selection of 10 links for you. Still a Br-x-t-free zone. Even better: April 1 falls on a Saturday, so there should be fewer stupid stories to avoid. I’m @charlesarthur on Twitter. Observations and links welcome.

This is almost certainly James Comey’s Twitter account • Gizmodo

Ashley Feinberg:


As far as finding Comey’s Twitter goes, the only hint he offered was the fact that he has “to be on Twitter now,” meaning that the account would likely be relatively new. Regarding his Instagram identity, though, Comey gave us quite a bit more to work with:


… I care deeply about privacy, treasure it. I have an Instagram account with nine followers. Nobody is getting in. They’re all immediate relatives and one daughter’s serious boyfriend. I let them in because they’re serious enough. I don’t want anybody looking at my photos. I treasure my privacy and security on the internet. My job is public safety.


Both a noble sentiment and an extremely helpful clue for tracking down the FBI director’s social media accounts. Because, presumably, if we can find the Instagram accounts belonging to James Comey’s family, we can also find James Comey.


And she did, in about four hours. Amazing work.
link to this extract

After the smoke clears: inside Samsung’s quest for redemption • The Verge

Dan Seifert went to South Korea to see Samsung:


“Meaningful innovation” is what Samsung hopes will lift it out of the mire of the Note 7 fiasco and out from the shadow of Cupertino. The company has long been a pioneer in hardware innovation and that certainly continues with the S8. But this time around, there’s as much of an emphasis on software and services as there is on the hardware itself, and Samsung knows that if it’s going to succeed at all, it can’t just make devices that run other companies’ software and platforms.

The company has long struggled to balance including compelling software features that people actually want to use and adding value to its own hardware offerings. There’s an entire graveyard of failed Samsung services and software, including the ill-conceived Milk Music and Milk Video and countless gimmicky camera and interface features. For anybody who tried Samsung’s ridiculous “smart scroll” features that tried to automatically pan content around based on tilting your phone or your eye movements, your level of trust in trying the latest Samsung “feature” is very low.

But in recent years, the company has had success with services such as Samsung Pay and Samsung Knox, both of which provide utility and good customer experiences. The S8 comes with those, of course, but it’s adding a number of new services to its stable in order to stand out from the crowd.

The most ambitious of these is Samsung’s spin on a virtual assistant, dubbed Bixby. It’s the company’s entry into the super hot virtual assistant world, which has been dominated by Google, Microsoft, Amazon, Facebook, and yes, Apple. But while many of the virtual assistants we’ve seen thus far have been based on providing different ways to perform web searches, Samsung’s approach is notably different.

“The persona for Bixby that we’re pursuing is a bright sidekick, a much more friendly agent to users,” says Dr. Injong Rhee, Samsung’s head of research and development for software and services. “Bixby is capable of developing a new interface to our devices, or devices that are going to host Bixby. Our perspective is to make the interface of the phone simpler and more natural to use.”


Samsung has had so many years of throwing not-quite-useful software tweaks at the wall – remember “eye scrolling”? – that it’s hard to take this stuff seriously. It’s also handicapped by Google having snagged the home button for Google Assistant, so that Bixby has to second fiddle.

The real question is whether Samsung can dig in for the long run, with consistency, on software and services, as Apple and Google have. Nobody doubts its hardware chops. Well, apart from the battery thing.
link to this extract

When Is @RealDonaldTrump really Donald Trump? • The Atlantic

Andrew McGill:


[in the past] we could infer when Trump himself was tweeting, tapping away at his Samsung Galaxy. Trump tweets were quantifiably different than staffer tweets, angrier and posted later at night (not to mention more poorly spelled).  

But in recent weeks, the Android tweets have slowed to a trickle, an indication that the White House might finally be taking the security risks posed by the president’s Twitter account seriously. Trump now appears to post mostly from an iPhone, if he still tweets at all.

But @TrumpOrNotBot is on the case. It’s a Twitter bot that uses machine learning and natural language processing to estimate the likelihood Trump wrote a tweet himself. By comparing new tweets to the president’s massive Twitter record, the bot is able to tell with reasonable certainty whether Trump is behind the keyboard, even if he’s chucked Android for Apple.

The bot is pretty good at figuring out when Trump is talking. When tested against a mix of 2016 tweets, it correctly flagged the ones sent from an Android 90% of the time. It’s a bit worse at figuring out when a staffer has tweeted, incorrectly attributing iPhone tweets to Trump around 25% of the time, perhaps because staffers sometimes work to imitate his style.


link to this extract

This 3D map shows the price per square foot of US housing markets • Visual Capitalist

Jeff Desjardins:


A county-level analysis may be the easiest to understand, and by using average price per square foot we have a more universal denominator. After all, a house bought in Hawaii might be more expensive than a small loft in New York City – but it might also be 5x the size.

The visualization above focuses in on price per square foot at the county-level – and the results are clear: New York, San Francisco, and Aspen (Pitkin County) stand out.


This is a remarkable piece of work. Is there anything comparable for the UK? You’ll probably be able to recognise San Francisco and New York on the coasts. But there’s a giant spike in the middle of the US that might puzzle you – until you look at its name.

No doubt someone will also overlay voting from the 2016 election onto this too.
link to this extract

About 90% of smart TVs vulnerable to remote hacking via rogue tv signals • Bleeping Computer

Catalin Cimpanu:


[Rafael] Scheel says that “about 90% of the TVs sold in the last years are potential victims of similar attacks,” highlighting a major flaw in the infrastructure surrounding smart TVs all over the globe.

At the center of Scheel’s attack is Hybrid Broadcast Broadband TV (HbbTV), an industry standard supported by most cable providers and smart TV makers that “harmonizes” classic broadcast, IPTV, and broadband delivery systems. TV transmission signal technologies like DVB-T, DVB-C, or IPTV all support HbbTV.

Scheel says that anyone can set up a custom DVB-T transmitter with equipment priced between $50-$150, and start broadcasting a DVB-T signal.

By design, any nearby TV will connect to the stronger signal. Since cable providers send their signals from tens or hundreds of miles away, attacks using rogue DVB-T signals could be mounted on nearby houses, a neighborhood, or small city. Furthermore, an attack could be carried out by mounting the DVB-T transmitter on a drone, targeting a specific room in a building, or flying over an entire city.

According to Scheel, the problem is that the HbbTV standard, carried by DVB-T signals and supported by all smart TVS, allows the sending of commands that tell smart TVs to access and load a website in the background.

Knowing this, Scheel developed two exploits he hosted on his own website, which when loaded in the TV’s built-in browser would execute malicious code, gain root access, and effectively take over the device.


Guess what? His first hack used a Flash exploit from 2015; then a Javascript sorting flaw. Why do we need smart TVs again?
link to this extract

HTC, LG, TCL and Coolpad vying for next-generation Pixel smartphone orders, says paper • Digitimes

Steve Shen:


HTC is competing with LG Electronics, TCL and Coolpad for the orders of the next-generation Pixel smartphones to be released by Google in 2018, according to a Chinese-language Commercial Times report.

HTC won previously a two-year contract to manufacture the Pixel 1 series products in 2016 and to continue to build the Pixel 2 family products in 2017, said the report.

HTC has shipped over 2.1 million units of 5-inch Pixel and 5.5-inch Pixel XL to Google since their launch in September 2016, noted the paper.


Two million? Launched to great fanfare in October, six months ago? No wonder people are having trouble getting hold of it.
link to this extract

FCC boss takes aim at efforts to bring broadband to the poor • Techdirt

Karl Bode:


Last year the Wheeler-lead FCC voted to expand the Lifeline program, first created by the Reagan administration and expanded by the Bush administration. Originally, low-income homes received a $9.25 monthly credit that could be used toward wireless or traditional phone service. The 2015 changes not only gave these homes the option to use this money for broadband in an attempt to modernize the fund, but also placed the lion’s share of ISP eligibility administration in the hands of the FCC in an attempt, in part, to better police fraud.

A number of states sued over the move, in part because large ISPs (which enjoy even greater regulatory capture on the state level) didn’t want the federal government spending money on anything that might improve regional competition. This week, [the new FCC chief Ajit] Pai issued a statement saying (pdf) that he would be killing the FCC’s legal defense of the 2015 changes, and freezing all federal approval of federal provider eligibility. Why? This power belongs in the hands of the states, not the FCC, claims Pai:


“…By letting states take the lead on certification as envisioned by Congress, we will strengthen the Lifeline program and put the implementation of last year’s order on a solid legal footing. This will benefit all Americans, including those participating in the program.”


On a superficial level Pai does a wonderful job making this all sound perfectly reasonable, obfuscating much of the motivation for the shift as a noble quest to restore states rights (which is what most news coverage will focus on). The problem, again, is that companies like AT&T, Comcast and Verizon (a former Pai employer) have an absolutely incredible amount of control over state legislatures and regulators. It’s a primary reason why more than twenty states have passed laws banning your town or city from upgrading its broadband networks – even if nobody else will.


The retrograde approach of the new US administration continues to amaze. The key point is that by blocking this, the FCC and Pai will not be closing the digital divide.
link to this extract

Avast PC Trends Report Q1 2017 • Avast

The security company looks at a range of threats – of which our own failure to update stuff after downloading it is one of the biggest:


The top 10 least updated applications:
1) Java (Runtime 6 & 7): Almost 50% of users (56 million users) are running one version of Java Runtime Environment (6-8). Given this program has in the past been the carrier of some of the most critical security vulnerabilities (see here for a comprehensive list)) on Windows PCs , this opens up the front gates for malware 4 and exploits.. Almost 25% of users are running the outdated JRE 6 or 7. Unfortunately, even users on the newest release (version 8) might not be up to date as our data showed 70% aren’t running the latest version.

2) Flash (ActiveX): Popular web technology Flash is known for its security exploits and other issues such as draining battery life from laptops. Our research 5 showed the Flash ActiveX control for Internet Explorer is outdated in 99% of all instances.

Uninstall Flash if you’re not using Internet Explorer. For users of other browsers like Firefox, Chrome or Opera which use the Flash plugin, note that a still high 38% of all cases were outdated.

3) FoxIt Reader: Popular 3rd party PDF reader “FoxIt” also suffered as one of the top programs that was not updated. 92% of all FoxIt users are working with an older version.

4) GOM Media Player: Touted by its developer as “The only player you’ll ever need”, it appears from our research that users download the media player but subsequently don’t update it. 90% of our user sample aren’t running the latest version, which would gives them enhanced playback performance, more video filters and a range of useful upgrades on an almost monthly basis.

5) Nitro Pro: Another PDF reader, Nitro Pro is also neglected in 89% of all cases. Again, the lack of updates means users can be faced with bugs and vulnerabilities.


The next are WinZip, DivX, Adobe Shockwave, 7-Zip, and Firefox. Well done Adobe for appearing twice 🙄. Flash Player is the fifth-most installed app (after Chrome, Adobe Reader, Flash Player for ActiveX, and Firefox)
link to this extract

Drug firms poured 780m painkillers into West Virginia amid rise of overdoses • Charleston Gazette-Mail

Eric Eyre:


Rural and poor, Mingo County has the fourth-highest prescription opioid death rate of any county in the United States.

The trail also weaves through Wyoming County, where shipments of OxyContin have doubled, and the county’s overdose death rate leads the nation. One mom-and-pop pharmacy in Oceana received 600 times as many oxycodone pills as the Rite Aid drugstore just eight blocks away.

In six years, drug wholesalers showered the state with 780 million hydrocodone and oxycodone pills, while 1,728 West Virginians fatally overdosed on those two painkillers, a Sunday Gazette-Mail investigation found.

The unfettered shipments amount to 433 pain pills for every man, woman and child in West Virginia.

“These numbers will shake even the most cynical observer,” said former Delegate Don Perdue, D-Wayne, a retired pharmacist who finished his term earlier this month. “Distributors have fed their greed on human frailties and to criminal effect. There is no excuse and should be no forgiveness.”

The Gazette-Mail obtained previously confidential drug shipping sales records sent by the U.S. Drug Enforcement Administration to West Virginia Attorney General Patrick Morrisey’s office. The records disclose the number of pills sold to every pharmacy in the state and the drug companies’ shipments to all 55 counties in West Virginia between 2007 and 2012.

The wholesalers and their lawyers fought to keep the sales numbers secret in previous court actions brought by the newspaper.

The state’s southern counties have been ravaged by a disproportionate number of pain pills and fatal drug overdoses, records show.

The region includes the top four counties — Wyoming, McDowell, Boone and Mingo — for fatal overdoses caused by pain pills in the U.S., according to CDC data analyzed by the Gazette-Mail…

…For more than a decade, the same distributors disregarded rules to report suspicious orders for controlled substances in West Virginia to the state Board of Pharmacy, the Gazette-Mail found. And the board failed to enforce the same regulations that were on the books since 2001, while giving spotless inspection reviews to small-town pharmacies in the southern counties that ordered more pills than could possibly be taken by people who really needed medicine for pain.


The narrative among some is that these opioids are coming from Mexican drug dealers. Nothing of the sort: this is drugs companies. They, however, blame unscrupulous doctors and pharmacies; though this clearly shows that they overlooked suspicious situations which benefited them financially.

Though as the followup article explains, the state’s pharmacy board then ignored actionable data.
link to this extract

The DECK ad network is closing • Coudal Partners

Jim Coudal:


We started The Deck in 2006 and for the first couple years it struggled. By 2008, it was an OK business and by 2009, it was a pretty good business. From then through 2013, The Deck was going along just fine.

Things change. In 2014, display advertisers started concentrating on large, walled, social networks. The indie “blogosphere” was disappearing. Mobile impressions, which produce significantly fewer clicks and engagements, began to really dominate the market. Invasive user tracking (which we refused to do) and all that came with that became pervasive, and once again The Deck was back to being a pretty good business. By 2015, it was an OK business and, by the second half of 2016, the network was beginning to struggle again.

After a long, successful run, The Deck’s time has come and we’re shutting it down. We’re sorry to see the network go, but we’re proud to have supported so many independent voices, and the open web, along the way.

Thanks a million to the sites and services that were a part of The Deck over the years. Without exception, every affiliate deal was made with a simple agreement to participate and was based on trust, honor and friendship. What few issues arose were handled with common sense towards a common purpose. We’re proud of that too.


Coudal says The Deck served “somewhere north of 7.5bn impressions” over its life. The end of this ad network – which served many small (and large) indie sites – presents people like John Gruber and Jim Dalrymple and Jim Kottke and Andy Baio with a challenge in monetisation, after a few years when it had all looked like gravy. It has been clear for a while that sites like those have been struggling to fill some ad slots.

The question is what comes next. If Facebook and Snapchat are drying up the pool, what does this do for diversity of voice and in particular platform?
link to this extract

Errata, corrigenda and ai no corrida: none notified

3 thoughts on “Start Up: finding Comey, Samsung’s quest, spotting the real Trump, hacking smart TVs, HTC’s Pixel number, and more

  1. “The real question is whether Samsung can dig in for the long run”. Funnily, that’s THE thing I’m not wondering about: they’ve
    a) been trying for a LONG time w/o giving up. In the mean time, all other OEMs have given up sometimes more than given up, incl RIM, Nokia, HTC, …
    b) have a culture in hardware… if they can manage silicon fabs, take on Intel, overtake Apple in device design+looks… I’m guessing they do have grit.

    What I’m wondering about is if they have
    a) the skills to eventually make good software. Probably, see Tizen, some -not all- of their apps
    b) the nous to market those apps+services to users, devs, maybe other OEMs.

  2. Not only do Adobe have 2 items on the list of vulnerable / least updated software but they’d be largely responsible for many people still installing the worst culprit – Java Runtime. The only reason I have to install it on my Mac is because it’s required to run Adobe Photoshop – think it applies to many versions of Adobe’s Creative Suite applications.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.