Start Up: Google accused on pay discrimination, Syria’s information wars, Samsung looks up, and more

This could be your next IoT device if it gets hit by some new malware. Photo by marc falardeau on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 13 links for you. Use them wisely. I’m @charlesarthur on Twitter. Observations and links welcome.

Forget Mirai – Brickerbot malware will kill your crap IoT devices • The Register

Iain Thomson:


A new form of attack code has come to town and it uses techniques similar to Mirai to permanently scramble Internet of Things devices.

On March 20 researchers at security shop Radware spotted the malware, dubbed Brickerbot, cropping up in honeypots it sets up across the web to lure interesting samples. In the space of four days, one honeypot logged 1,895 infection attempts by Brickbot, with the majority of attacks coming from Argentina, and a second logged 333 attempts – untraceable as they came from a Tor node.

“The Bricker Bot attack used Telnet brute force – the same exploit vector used by Mirai – to breach a victim’s devices,” Radware’s advisory states.

“Bricker does not try to download a binary, so Radware does not have a complete list of credentials that were used for the brute force attempt, but were able to record that the first attempted username/password pair was consistently ‘root’/’vizxv.'”


There’s a suggestion that it’s trying to brick devices before they can become part of a botnet. Seems like burning the village to save it if so.
link to this extract

Federated Learning: Collaborative Machine Learning without Centralized Training Data • Google Research Blog

Brendan McMahan and Daniel Ramage are research scientists at Google:


Federated Learning enables mobile phones to collaboratively learn a shared prediction model while keeping all the training data on device, decoupling the ability to do machine learning from the need to store the data in the cloud. This goes beyond the use of local models that make predictions on mobile devices (like the Mobile Vision API and On-Device Smart Reply) by bringing model training to the device as well.

It works like this: your device downloads the current model, improves it by learning from data on your phone, and then summarizes the changes as a small focused update. Only this update to the model is sent to the cloud, using encrypted communication, where it is immediately averaged with other user updates to improve the shared model. All the training data remains on your device, and no individual updates are stored in the cloud.

Your phone personalizes the model locally, based on your usage (A). Many users’ updates are aggregated (B) to form a consensus change (C) to the shared model, after which the procedure is repeated.

Federated Learning allows for smarter models, lower latency, and less power consumption, all while ensuring privacy. And this approach has another immediate benefit: in addition to providing an update to the shared model, the improved model on your phone can also be used immediately, powering experiences personalized by the way you use your phone.

We’re currently testing Federated Learning in Gboard on Android, the Google Keyboard. When Gboard shows a suggested query, your phone locally stores information about the current context and whether you clicked the suggestion. Federated Learning processes that history on-device to suggest improvements to the next iteration of Gboard’s query suggestion model.


As much as anything, because smartphones are becoming so powerful they can do that sort of work in the background without too much effort.
link to this extract

Twitter case shows breadth of U.S. power to probe anti-Trump statements • Reuters

Alison Frankel and Dustin Volz:


An attempt by U.S. authorities to identify an anonymous critic of President Donald Trump on Twitter has set off alarm bells among Democratic and Republican lawmakers and civil liberties advocates fearful of a crackdown on dissent.

Twitter Inc on Friday succeeded in beating back a demand for records about a Twitter account called ALT Immigration (@ALT_uscis), which pokes fun at Trump’s immigration policies and appears to be run by one or more federal employees.

The U.S. government withdrew an administrative summons that customs agents had sent the company in March demanding the records.

But the government backed away only after Twitter filed a federal lawsuit accusing it of violating the First Amendment’s protection of free speech. Customs agents could still continue the investigation using some other methods, civil liberties attorneys said.

Although authorities retreated, the case has laid bare the broad power of the U.S. government to demand information from technology companies, sometimes with no oversight from the courts and often with built-in secrecy provisions that prevent the public from knowing what the government is seeking.


link to this extract

Walt Mossberg is retiring in June • Recode

Mossberg himself:


I’ll be retiring this coming June, almost exactly 47 years later. I’ll be hanging it up shortly after the 2017 edition of the Code Conference, a wonderful event I co-founded in 2003 and which I could never have imagined back then in Detroit.

I didn’t make this decision lightly, or hastily, or under pressure. It emerged from months of thought and months of talks with my wise wife, my family and close friends. It wasn’t prompted by my employer, or by some dire health diagnosis. It just seems like the right time to step away. I’m ready for something new.

Over my career, I’ve reinvented myself numerous times. I covered the Pentagon, the State Department and the CIA. I wrote about labor wars, trade wars and real wars. I chronicled a nuclear plant meltdown and the defeat of Communism. I co-founded a couple of media businesses.

And, in the best professional decision of my life, I converted myself into a tech columnist in 1991.


He will be 70, or on the verge of it. Wonder what would have happened if he had stuck with the spy stuff. His response to the Snowden revelations seemed, to me, strangely muted, given that he should have had some familiarity with it.
link to this extract

Google is now highlighting fact checks in search • Poynter

Alexios Mantzarlis:


If a search query returns a result that includes a fact check, it will be featured as a snippet on the result page (see right).

The snippet will always include who said the claim and its accuracy rating. If a publication fact-checked more than one claim on the same topic, each fact check will be featured in a carousel.

The decision builds on Google’s decision in October to add a “Fact Check” tag in news results in a selected number of countries.

The initiative has been a joint project between Google and Jigsaw, a technology incubator overseen by Google parent Alphabet. The source tags have, in general, “been a hit” with users, said Justin Kosslyn, a product manager at Jigsaw. This has been true of the “Fact Check” tag too, a spokeswoman for Google said.

The Fact Check tag is an idea with a long history at Google, Kosslyn said. In a previous position at Google News in 2011, he started working on it but found that the necessary “building blocks” to make it work were missing.


One does think: why not deprecate results with fact checks? But that’s all hugely complicated too. This isn’t going to go away.
link to this extract

How the alt-right brought #SyriaHoax to America • Medium

Digital Forensic Research Lab:


The DFRLab has traced the origins of the story, and found that the alt-right coverage was based on report in a propaganda outlet linked to the Assad regime.

The chemical attack came at dawn, local time, on April 4. It was widely reported and provoked outrage and condemnation, triggering immediate calls for an investigation. Photographs and videos from the scene showed hideous images of dead children and footage of rescuers, including the White Helmets group, washing down victims.

The same day, website Al-Masdar News, which supports the government of Syrian President Bashar al-Assad, published an article claiming that the story was a “false flag” operation:


“Merely hours after the alleged chemical weapons attack in Khan Sheikhun, supposedly by the Syrian government, holes are beginning to emerge from opposition sources, discrediting the Al-Qaeda affiliated White Helmets claims.”


The article argued that the attack could not have been carried out with sarin gas, as the emergency responders seen in some of the images (including the one in the tweet) were not wearing gloves to handle the victims.

It also quoted a post from an outlet called Orient TV, tweeted by Twitter account @WithinSyriaBlog, which spoke of covering chemical attacks in the area the day before the strike.

Finally, it highlighted, and underlined in uneven ink, a tweet from a doctor on the scene who was offering to give interviews.


A lot of echoing without checking by people here; the claims are big so you’d hope some would do. At least one reader of The Overspill is familiar with the difficulty of identifying chemical weapons use; but the claim that the responders weren’t using gloves doesn’t go with the pictures taken at the time showing them using water to rinse off victims.

But what do we think if pro-Trumpists find themselves backing pro-Assad propaganda?
link to this extract

Seven questions about Trump’s Syria strike • The Atlantic

David Frum:


Promises of no war in Syria were central to Donald Trump’s anti-Hillary Clinton messaging. Take, for example, to his interview with Reuters on October 26, 2016.


“What we should do is focus on ISIS. We should not be focusing on Syria,” said Trump, as he dined on fried eggs and sausage at his Trump National Doral golf resort. “You’re going to end up in World War Three over Syria if we listen to Hillary Clinton. You’re not fighting Syria any more, you’re fighting Syria, Russia and Iran, all right?”


That message—a vote for Clinton is a vote for World War III beginning in Syria—was pounded home by surrogates and by Trump’s social-media troll army.

Not even 100 days into his presidency, Trump has done exactly what he attacked Hillary Clinton for contemplating.

Some have described this reverse as “hypocritical.” This description is not accurate. A hypocrite says one thing while inwardly believing another. The situation with Donald Trump is much more alarming. On October 26, 2016, he surely meant what he said. It’s just that what he meant and said that day was no guide to what he would mean or say on October 27, 2016—much less April 6, 2017.

Voters and citizens can expect literally zero advance warning of what Donald Trump will do or won’t do. Campaign promises, solemn pledges—none are even slightly binding. If he can reverse himself on Syria, he can reverse himself on anything. If you feel betrayed by any of these reversals, you have no right to complain.


Frum’s headings are more direct. Trump does not give reasons; does not care about legality; disregards government processes; has no allies [among countries]; has no end state in mind; is lucky in his opponents. That latter is what Napoleon wanted from his generals, of course.

In passing: fried eggs and sausage? Health concerns not highest on his agenda.
link to this extract

‘Horrible’ pictures of suffering moved Trump to action on Syria • The Washington Post

Ashley Parker, David Nakamura and Dan Lamothe:


When President Trump began receiving his intelligence briefings in January, his team made a request: The president, they said, was a visual and auditory learner. Would the briefers please cut down on the number of words in the daily briefing book and instead use more graphics and pictures?

Similarly, after Trump entered office, his staff took President Barack Obama’s Syria contingency plans and broke the intelligence down into more-digestible bites, complete with photos, according to current and former U.S. officials with knowledge of the request.

This week, it was the images — gruesome photos of a chemical weapons attack on Syrian civilians — that moved Trump, pushing the president, who ran on an “America first” platform of nonintervention, to authorize the launch of 59 Tomahawk cruise missiles at Syrian targets Thursday night.

Senior administration officials and members of Congress who spoke with Trump said the president was especially struck by two images: young, listless children being splashed with water in a frantic attempt to cleanse them of the nerve agent; and an anguished father holding his twin babies, swathed in soft white fabric, poisoned to death.


That point about Trump’s visual/auditory learning is independently fascinating. He’s so clearly not a reader (watch his discomfort as he tries to stick to a teleprompter speech; one wonders if he might be dyslexic to some degree).

Pictures carry their own arguments; now one wonders if there is a struggle by those who prepare different parts of the briefing to come up with the most arresting pictures and graphics to sway him to act on their agenda rather than others’.
link to this extract

How Spotify grew up before going public • Bloomberg View

Leonid Bershidsky:


It’s unconscionable in 2017 that the only publicly traded music streaming company is still Pandora Media Inc., an Internet radio provider which went public in 2011 and is trading below its initial public offering price. Hopefully, Spotify Ltd. will rectify the situation this year, even if that means it has to use a back door to an exchange listing. It’s an interesting back door for others in the tech industry, too.


Now then: Bershidsky’s article is worth reading. But also, I messed up in my analysis of direct listing (what Spotify is doing). I thought it meant Spotify could sell shares. Not at all.

A reader who asked to remain unnamed explains:


On a direct listing, Spotify doesn’t sell any shares, either existing ones or new ones, (selling new shares is the only way to raise new equity for the company) so Spotify the company doesn’t get any cash from this.

Basically the company rocks up to the exchange, fills in some paperwork, promises to comply with the exchange rules, and then hey presto people can enter buy and sell order for Spotify stock. It is then up to the EXISTING holders of Spotify stock to decide if they feel like filling any of the buy enters being entered (presumably yes, at a certain price, or why bother). Money that changes hands on those sales goes to those existing holders though, not to Spotify bank accounts

So no new money from a fresh equity issue also means no new money to pay off the [$1bn] debt. Of course the debt is convertible, and if the share price looks good enough, presumably the debt will be converted to equity and Spotify gets out from “under” the debt that way. It does stop the interest rate from ratcheting up though – and there seems to be some interesting calculations around what the conversion price is into equity, potentially a badly worded conversion clause that didnt take into account the possibility of a direct listing. Fxxing over the debt holders like that is probably half the attraction [of direct listing].

Plus once listed, you’ve done the price discovery process, and a secondary capital raising could be done somehow.


Would very much like to know who came up with that smart idea of going for direct listing. Lawyer inside the company? Investment banker?
link to this extract

YouTube case study: what% of channels are smaller than yours? Larger than yours? : Reddit letsplay



I used to get a sense of what% of channels are at what size, and I used socialblade’s top 5000 channels to verify the approximate real number of channels at those sizes (i.e. I used channelcrawler to work up from the bottom, and used socialblade to verify from the top). Numbers are not to be taken as absolutely accurate, but a good approximation. By my estimate, there are something like 12,000,000 YouYube channels (where a channel is considered a channel if SB is tracking them; edited to reflect people’s well-founded corrections). Please note that the results are not limited to gaming channels, but all genres (entertainment, beauty, etc) in order to bolster the data set.

The resulting graph gives the% of YouTubers above a certain size. If you prefer to view the data in tabular form, or if you want to do any manipulations of your own, here is the table of data I assembled.

To get the total lifetime views (on average), multiply the subscriber number by 12.5 (lower quartile multiply by 25.5, upper quartile multiply by 5). The data set for that can be found in my previous post with more data to complement that found here, in which I examined the specific /r/LetsPlay population with about 1950 entries.

Here’s some tidbits for those that don’t want to sift through too long:

• 90% of channels are larger than about 42 subscribers
• 40% of channels are smaller than about 285 subscribers
• 50% of channels are smaller than about 500 subscribers
• About 88% of channels are smaller than 10,000 subscribers
• 99% of channels are smaller than 333,000 subscribers
• 99.999%, or about one 100,000th of channels are smaller than about 15,000,000 subscribers.


This is from back in September or so, but probably hasn’t changed significantly. YouTube, you’ll recall, is denying ads for channels with fewer than 10,000 views – which is probably 10,000/25 = 400 subscribers. That suddenly looks like a lot of channels.
link to this extract

Google accused of ‘extreme’ gender pay discrimination by US labor department • The Guardian

Sam Levin went along to this hearing:


Google has discriminated against its female employees, according to the US Department of Labor (DoL), which said it had evidence of “systemic compensation disparities”.

As part of an ongoing DoL investigation, the government has collected information that suggests the internet search giant is violating federal employment laws with its salaries for women, agency officials said.

“We found systemic compensation disparities against women pretty much across the entire workforce,” Janette Wipper, a DoL regional director, testified in court in San Francisco on Friday.

Reached for comment Friday afternoon, Janet Herold, regional solicitor for the DoL, said: “The investigation is not complete, but at this point the department has received compelling evidence of very significant discrimination against women in the most common positions at Google headquarters.”

Herold added: “The government’s analysis at this point indicates that discrimination against women in Google is quite extreme, even in this industry.”


Google strongly denies the accusations. Shouldn’t be hard to sort out by releasing pay data, right? The DoL filed suit in January asking Google to do so; the reason being that Google is a contractor for the government, and so has to abide by equal pay laws.

Google has refused to hand over the data. But surely open always wins?
link to this extract

End of road for trucking startup Palleter • Medium

Märt Kelder was chief executive of the aforementioned Palleter:


European trucking market is broken — fragmented and inefficient. There are 
2 000 000 trucks and 600 000 trucking companies in Europe. The average company size is three trucks while 80% of the companies have less than 10 trucks. All this fragmentation leads to huge inefficiencies — 25% of the trucks on the road are empty while the rest are loaded to only 59%.
We started Palleter in November 2015 believing the fragmented trucking market presents a huge opportunity and that with clever technology Palleter could increase the efficiency of trucking.

The above is a nice narrative. It’s a story investors buy easily. It’s a story we ourselves bought easily. In fact it was so good we managed to convince ourselves to work 1.5 years with no salary in order to make our dream — a truly efficient trucking marketplace — a reality. A platform where cargo is matched in real time with nearby trucks moving the same way as the freight.

Unfortunately, as you’ll soon see, the reality proved to be a little different than the narrative.


Reality: trucks have less available space; they’re not willing to pick up other loads. Wonder if there are lessons to be learnt for those proposing self-driving trucks. Sounds like it might be easier to disrupt humans with robots in this case. (Via Charles Knight via Chris Anderson.)
link to this extract

Samsung tips best quarterly profit in over three years as chips soar • Reuters

Se Young Lee on Samsung’s preliminary forecast of its first-quarter results:


The global memory chip leader said first-quarter operating profit was likely 9.9trn won ($8.8bn), compared with an average forecast of 9.4trn won from a Thomson Reuters survey of 18 analysts. Revenue rose 0.4% to 50trn won, just ahead of analysts’ forecasts.

“The semiconductor business was likely the main driver for earnings,” said Heungkuk Securities analyst Lee Min-hee, adding that sales of mid-to-low tier smartphones also helped the mobile business remain profitable.

Samsung shares touched a record high of 2.134m won in late March on expectations of record annual profit in 2017, as the South Korean tech giant bounced back from the embarrassing withdrawal of its Note 7 devices due to combustible batteries.

Investors and analysts expect Samsung to report its best-ever quarterly profit in April-June, with the Galaxy S8 smartphone hitting the market on April 21 in Samsung’s first premium device launch since the Note 7’s withdrawal in October.

Some researchers forecast the S8, which sports the largest screens for Samsung high-end smartphones to date, to set a new first-year sales record.


LG forecast good results too, but analysts expect its mobile phone side to have lost money for the eighth quarter in a row.
link to this extract

Errata, corrigenda and ai no corrida: see commentary on Spotify above.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.