Start Up: does anyone search with voice?, purple LEDs!, the violence of Facebook Live, and more


The price tag won’t be a useful guide to their frequency response, analysis suggests. Photo by Drakh on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 12 links for you. Use them wisely. I’m @charlesarthur on Twitter. Observations and links welcome.

Facebook hits two billion users • BBC News

»

More than a quarter of the world’s population now uses Facebook every month, the social network says.

“As of this morning, the Facebook community is now officially two billion people,” founder and chief executive Mark Zuckerberg posted. The milestone comes just 13 years after the network was founded by Mr Zuckerberg when he was at Harvard. He famously dropped out of the university after launching the global social-networking website.

The internet giant announced it had one billion monthly users in October 2012, meaning it has doubled the number of its users in just under five years.

The firm’s continuing growth will confound critics who have long predicted that the social network’s growth would slow down as rivals such as Snapchat stole its users.

Earlier this year, Facebook warned that growth in advertising revenues would slow down. Nonetheless, Mr Zuckerberg’s ambitions remain huge. He told USA Today the firm had not made “much fanfare” about hitting the two billion figure because “we still haven’t connected everyone”.

«

“Citizen 2,000,000,001, please report for your Connection Appointment.”
link to this extract


OK, Google: should i focus on voice search in 2017? • Seer Interactive

»

Here’s our research:

PPC query mining

Very little usage: 0.012% of 1,016,000 PPC keywords contained “OK, Google” (128 Seer Clients).

No major keyword behavior change: 66% of “OK, Google” queries are being spoken the same way they would be typed.

Survey results:

Very little marketing applicable search usage: 61% of voice users report using voice to control applications and appliances around them vs. tap info from the Internet (phone calls, texts, playing music, etc.). Only 8% of daily voice tech users reported actively searching the Internet via voice.

The technology is limiting: 90% of users reported frustration with the current voice activated tech or they don’t use it at all:
OK 57%
Bad 27%
Great 10%
Don’t Use 6%

«

That graphic tells you quite a lot. Get it to play music.
link to this extract


Petya ransomware attack – what’s known • MalwareTech

On the big ransomware attack which hit a lot of companies on Tuesday, and which uses the same “EternalBlue” exploit that Wannacry did a few weeks back:

»

current data suggests that Petya was deployed onto possibly millions or even 10s of millions of computers by hacking popular Ukrainian Accounting software “MeDoc”then using the automatic update feature to download the malware onto all computers using the software. All though MeDoc being the initial infection vector is unconfirmed (and even denied by the company itself), current evidence points to them.

The important difference between WannaCry and Petya is WannaCry was likely deployed onto a small number of computers and then spread rapidly, whereas Petya seem to have been deployed onto a large number of computers and spread via local network; therefore, in this instance there is low risk of new infections more than 1h after the attack (the malware shuts down the computer to encrypt it 1h after execution, by which time it will already have completed its local network scan).

«

link to this extract


Google, Facebook are super monopolies: Roger McNamee • CNBC

Chantel McGee:

»

Google shareholders won’t be fazed by the EU’s $2.7bn fine against the company for competition abuses related to its shopping business, Elevation Partners co-founder Roger McNamee told CNBC on Tuesday.

“As a shareholder of Google you’re looking at this and saying: ‘We won again,'” McNamee said.

The venture capitalist spoke hours after EU regulators fined Google a record 2.4 billion euros ($2.7 billion), ruling that the search-engine giant violated antitrust rules for its online shopping practices.

Google said it will consider appealing the decision to the highest court in Europe.

“Google, Facebook, Amazon are increasingly just super-monopolies, especially Google and Facebook. The share of the markets they operate in is literally on the same scale that Standard Oil had … more than 100 years ago — with the big differences that their reach is now global, not just within a single country,” he said on “Squawk Alley.”

The fine is not large enough to change Google’s behavior, he added. “The only thing that will change it is regulations that actually say you can or can’t do something.”

«

link to this extract


The Washington Post leverages artificial intelligence in comment moderation – The Washington Post

»

The Washington Post has launched ModBot, a software application that utilizes artificial intelligence to moderate comments. The proprietary technology uses machine learning to automatically filter comments that require human moderating, flag stories that require real-time monitoring, and approve or delete comments based on The Post’s discussion policy. The technology evaluates comments using an algorithm that has been trained by The Post’s years-long history of human-moderated comments.

ModBot has been assisting Post comment moderators since its launch on May 5 and the technology is currently evaluating all Washington Post comments.

«

That’s all well and good for stopping the openly abusive stuff getting through, but doesn’t – and can’t – deal with the main problem: comments on average don’t contribute to the story. The drift away from allowing or by default showing comments on general news sites will, on the whole, continue.
link to this extract


Violence on Facebook Live is worse than you thought • Buzzfeed

Alex Kantrowitz:

»

Some criminologists worry that broadcasts of violent crimes to Facebook Live might lead perpetrators of violent crime to view the platform as a means of gaining infamy, bypassing the traditional filter of the media. “The most likely impact is that it’s going to be a model of how to distribute and immortalize your act,” Ray Surette, a criminal justice professor at the University of Central Florida, told BuzzFeed News.

Jacqueline Helfgott, chair of the Criminal Justice Department at Seattle University, agreed. “It’s making it easier for people to gain notoriety instantly without gatekeepers,” she told BuzzFeed News. “I definitely think there’s a mimetic effect.”

In addition, the longer these videos stay online, the more of a problem they become, said Surette, as criminals may see them as an effective way to publicize their misdeeds. “It does make a difference how long it’s up there,” he explained. “The fewer people that are exposed to it, the fewer people are going to see it as a model.”

Facebook — prior to announcing plans to hire an additional 3,000 people to identify problems — has at times been shockingly slow to remove violent videos. In late April, for example, a Facebook Live video of a father in Thailand murdering his 11-month-old daughter was available on Facebook for nearly 24 hours.

For every murder aired on Facebook that receives national or international attention — such as the one in Thailand or a murder in Chicago in which the perpetrator uploaded a video of himself killing a man at random — there are several others that don’t make headlines outside local coverage areas. The shooting of Donesha Gantt, for instance, did not make national news. Yet these videos don’t need to be picked up by CNN to have an impact. Millions watch inside Facebook itself.

«

I bet if Charlie Brooker were writing The National Anthem now, rather than in 2010, he’d incorporate Facebook Live somehow.
link to this extract


No correlation between headphone frequency response and retail price • The Journal of the Acoustical Society of America

»

This study quantifies variability of measured headphone response patterns and aims to uncover any correlations between headphone type, retail price, and frequency response. For this purpose, the mean, variance, and covariance of the frequency magnitude responses were analyzed and correlated with headphone type and retail value. The results indicate that neither the measured response nor an attempt to objectively quantify perceived quality is related to price.

On average, in-ear headphones have a slightly higher measured bass response than circumaural and supra-aural headphones. Furthermore, in-ear and circumaural headphones have a slightly lower deviation from an assumed target curve than supra-ear models. 90% of the variance across all headphone measurements can be described by a set of six basis functions…

…Across all groups, the averaged responses demonstrate a resonant peak at around 3.5 kHz, a secondary resonance at 10 kHz, and a general decrease in response toward 19 kHz.

«

They seem to have tested a lot of headphones – as many as 100? – but annoyingly I can’t find anywhere that they specify which. But the prices go up well past the $100 mark.
link to this extract


The EU’s got it all wrong on Google • Adam Smith Institute

Sam Bowman:

»

bundling or integrating price comparison tools might be good for users who are less tech-savvy and would normally go for a ‘trusted’ but more expensive retailer. If you don’t realise that SkyScanner exists and would normally just go with BA every time, it could be very useful to get Google Flights right up top, showing that Ryanair does what you’re looking for much more cheaply.

So it’s not even clear that prioritising Google Shopping results is bad for consumers – it may lead them to be more price-conscious and to shop around between merchants more. Even if it is – because it’s worse than some alternative price comparison site, for example – there is still no case for punishing Google for giving it special prominence. If Google Shopping is worse for consumers then it must be acting as a revenue raiser for Google, and a de facto way of charging for use of Google search (and other free Google products). 

If people can switch between platforms it doesn’t matter that much if, within a platform, there isn’t that much competition. Prioritising a particular shopping search engine is not akin to gouging water users with higher prices because there are alternatives to Google that users can switch to easily. If the overall user experience is made worse by Google Shopping being prioritised, then users will have the option of moving to a search engine like Bing which is perhaps less good as at search but better overall because it does not prioritise a bad shopping tool. Indeed Bing has specifically targeted Google Shopping, which they say is worse than their own tool, to get users to switch. And there is an incentive created for entrepreneurs and large existing rivals of Google like Facebook to create their own, rival platform…

…But the core issue here is whether we need to force competition within software platforms if competition exists between them. Just as Windows users moved to other operating systems (both on mobile with Android and iOS and desktop with Linux and Apple’s OS X), Google users have plenty of alternatives they can switch to if they think that Google’s bundling worsens the platform’s quality enough.

«

I disagree with this analysis. Comparing the desktop with mobile misrepresents the role search plays; what Google did in Shopping is like Microsoft not only pre-installing Internet Explorer but making it increasingly hard to run alternative browsers even after you’d downloaded and installed them.

The ASI view is much closer to the US view on antitrust: if you can’t point right now to a user who has been inconvenienced, then nothing bad has been done. This seems to me a short-term view of competition (which you’d think an organisation using that name would favour).

link to this extract


EU fines Google €2.4bn ($2.7bn) over favoring Google Shopping in search results • Tech Narratives

Jan Dawson (who points out that he started out as an analyst covering EU regulation):

»

In its decision, the EU explicitly says that this case sets a precedent, which certainly suggests it’s likely to find and act similarly in the other two cases [against Google, alleging abuse of dominance over mandated apps in Android, and insistence on Google Play for “approved” apps]. Secondly, the fine is substantial, but ultimately not the biggest punishment for Google here. Rather, the most significant outcome is restrictions on promoting other Google services in search, which applies for today onto to Shopping but by implication would also affect other linked products that get prominent promotion in search results, whether Maps, News, or potentially other categories too. Put that together with the precedent point, and we’re very likely to see similar restrictions on bundling and promoting other services in Android and possibly other areas too.

Thirdly, the decision is notable for a very European approach to defining markets, which I mentioned in one of those earlier pieces on Android: the EU tends to define markets in ways normal people probably wouldn’t, because that allows it to make findings that otherwise couldn’t be made. In this case, it’s defining Google Shopping as a comparison shopping service rather than just a more useful way to present shopping-related search results and/or ads, which is how Google sees them. Once you define Google Shopping in that way, then of course Google is unfairly promoting Google Shopping over other comparison shopping services – can you even name any others?

Google’s own algorithm, which benefits only from being as good as possible, rarely ranks any others above the fourth page of organic search results, suggesting their limited relevance. But as long as the EU is determined to take that approach, I see very little Google can do to fight against this decision, because it’s based on a market definition the EU gets to decide on, and which Google is essentially powerless to change. Overall, this feels like something of a watershed moment in Google’s relationship with the EU – I think any appeal is very unlikely to succeed, and at most will push back the implementation of the decision and the forced unbending of Shopping from search.

«

Also: EC announcement; Google response.
link to this extract


Is the staggeringly profitable business of scientific publishing bad for science? • The Guardian

Stephen Buranyi:

»

[Bernstein Research investment analyst Claudio] Aspesi was not the first person to incorrectly predict the end of the scientific publishing boom, and he is unlikely to be the last. It is hard to believe that what is essentially a for-profit oligopoly functioning within an otherwise heavily regulated, government-funded enterprise can avoid extinction in the long run. But publishing has been deeply enmeshed in the science profession for decades. Today, every scientist knows that their career depends on being published, and professional success is especially determined by getting work into the most prestigious journals. The long, slow, nearly directionless work pursued by some of the most influential scientists of the 20th century is no longer a viable career option. Under today’s system, the father of genetic sequencing, Fred Sanger, who published very little in the two decades between his 1958 and 1980 Nobel prizes, may well have found himself out of a job.

Even scientists who are fighting for reform are often not aware of the roots of the system: how, in the boom years after the second world war, entrepreneurs built fortunes by taking publishing out of the hands of scientists and expanding the business on a previously unimaginable scale. And no one was more transformative and ingenious than Robert Maxwell, who turned scientific journals into a spectacular money-making machine that bankrolled his rise in British society. Maxwell would go on to become an MP, a press baron who challenged Rupert Murdoch, and one of the most notorious figures in British life. But his true importance was far larger than most of us realise. Improbable as it might sound, few people in the last century have done more to shape the way science is conducted today than Maxwell.

«

A great read about this giant, weirdly profitable business.
link to this extract


Purple-emitting LEDs get closer to the sun • EE Times

Sally Ward-Foxton:

»

Seoul Semiconductor Co. Ltd., in partnership with Toshiba Materials Co. Ltd., has created an LED that it says more closely mimics the spectrum of natural daylight.

Called SunLike, the LEDs combine Seoul Semiconductor’s high-brightness purple LEDs with advanced red, green, and blue (RGB) phosphors developed at Toshiba Materials. Up to now, most approaches have mimicked daylight by combining blue-emitting LEDs with yellow and red phosphors to fill out the rest of the spectrum, but that method results in peaks in the blue spectrum.

Blue peaks are undesirable because the amount of blue light the human eye can accept is limited. Over-illumination with blue light results in scatter, which distorts the texture and color of illuminated objects. Research also suggests that exposure to excess blue light can have negative health effects related to interruption of the circadian rhythms.

The secret to SunLike’s performance is the phosphors, said Seoul Semiconductor CEO Chung Hoon Lee.

«

“One word, Benjamin: phosphors.”
link to this extract


The Magical Apple Spin-Off That Almost Invented the iPhone … in 1993 • OZY

Sean Braswell:

»

Almost 17 years before the iPhone, General Magic’s aim was nothing less than a pocket-size communications device that could send messages, perform computing and make calls. The company called a dramatic press conference in February 1993 to announce two key components of that device: Magic Cap (a user-friendly operating system) and Telescript (a telecommunications language to allow devices to communicate across different networks). Industry observers raved that the company was creating “the digital version of English” to go with its hand-held personal assistant of the future. General Magic raised almost $90 million, and another $82 million at its 1995 initial public offering. Silicon Valley’s brightest angled to work at its Mountain View headquarters, equipped with free-roaming rabbits and conference rooms named after famous illusionists like Houdini.

But it soon became clear that General Magic’s vision was more an illusion than a reality. As the company burned through its cash, its products were plagued by delays and glitches.

«

I visited General Magic in 1994, when I was working for New Scientist. Here’s how the article I wrote began:

»

Imagine being lost on a mountain. You know there’s a path to the road,
but all you can see are hills, lakes and woods, and the map you brought along is little more than a sketch. This is the moment that you need the device so beloved of 1950s science fiction – a communicator. A small device that can display detailed maps of the area, send messages to the emergency services and, if you’ve got the advanced model, beam you back home.

Well, there’s a small group of scientists working in a Californian development laboratory who’d like to help you out. The communicator may not beam you home yet, but General Magic, founded four years ago by Mark Porat, Bill Atkinson and Andy Herzfeld, is already making the future of personal communications happen.

«

Yeah, near enough the iPhone, I think.
link to this extract


Errata, corrigenda and ai no corrida: none notified

Fining Google: a slow train coming


“Slow Train Coming”, the artwork from the cover of Bob Dylan’s album. Photo by Logos: the Art of Photography on Flickr.

The cover of Bob Dylan’s album “Slow Train Coming” shows people literally laying a railway just ahead of a train which is, in theory, a-comin’. Just very slowly. The European Commission’s antitrust decision against Google is just such a train. A €2.42bn train. Big, but deathly slow.

(If you need any background about the EC and Google and why this all matters, I wrote about it in 2015. Slow train.)


TL;DR:
• Google has been squashing rival shopping sites since mid-2006;
• the EC was alerted in summer 2009 after many efforts by sites to get responses from Google failed;
• do we seriously think Google’s going to change its behaviour?
• why isn’t Foundem getting a slice of the fine?
• antitrust moves too slowly in the modern era


The European Commission’s fine of €2.42bn on Google has been just like that train: a damn long time coming. The original complainant, the “vertical search” site Foundem, first noticed something funny happening to its position in search results back in 2006: it was being penalised for no apparent reason.

The penalty (search) box

Foundem was the brainchild of Shivaun and Adam Raff (it really is like their child, and they are brainy; I’ve met them on several occasions as this antitrust case has inched its way through the system). By this time the site was only six months old, focussed on what it saw as a gap – or at least growing niche – in the market: “vertical search”, comparing one specific product, rather than “horizontal search” as practised by Google and Bing (and many also-rans). You can probably think of other “vertical search” sites: Kelkoo was very big at one point. There’s also one called Amazon, though at that time it did a lot of the fulfilment as well; Foundem would find results from other shopping sites, so that it was like a meta-search engine. Amazon, at the time, wasn’t, though as it has become more of a marketplace rather than a fulfilment company that description is increasingly accurate.

But for Foundem in June 2006, this was remote. It had been hit by an algorithmic search penalty which hit lots of vertical search companies. It filed “reconsideration requests” to Google, which it says the company ignored.

(See the timeline for yourself at Foundem’s site.)

In August 2006 it was hit by an “AdWords Penalty”: this suggested that “landing pages” people arrived at were such low quality that it would have to pay much more to be able to buy an AdWord (Google advertising position). How much more? It was raised, they say, from about 5p/click to £5/click.

It’s summer 2006, and as the Raffs put it in their timeline, “Foundem was excluded from Google’s natural and paid search results, both of which are essential channels to market for any internet-based business.” That would be near enough a death penalty for any consumer-facing business; fortunately they found other outlets, such as powering shopping searches on magazine websites for IPC, Bauer and others.

The Raffs kept lobbying Google for reconsideration, and kept being brushed off; meanwhile Google launched Universal Search (integrating Google Maps and Google News and YouTube results into a box at the top which favoured Google products and pushed rival services further down the search rankings).

In December 2008 a TV show named Foundem the UK’s best price comparison site. Google meanwhile didn’t relent on its penalty against Foundem’s position in search results.

Finally, in July 2009 Foundem had its first meeting with the EC’s DGComp – the arm of the European Commission which investigates antitrust cases.

Eight years and more of hurt

That’s almost exactly eight years ago. It’s taken absolutely ages for the EC to act on this, giving Google plenty of time to tighten its grip on the business, and even for the whole search landscape to shift – from one where the desktop has primacy to one where many searches begin on mobile, inside apps.

There’s lots of applause today from Europeans about the fact that Margethe Vestager didn’t give up on this case, and that a record fine has been imposed (and that if Google doesn’t alter its behaviour in 90 days, the daily fine will be eye-watering). “Better later than never, but seven years have been still an eternity for some market players, in particular European SMEs [small and medium enterprises],” to quote the MEPs Ramon Tremosa I Balcells and Andreas Schwab.

There’s the usual eye-rolling from a number of American observers, who say “which AMERICAN company will be next?”, and ignore the fact that the Federal Trade Commission’s investigation in 2011/12 discovered that Google’s own user testing found that people preferred seeing other vertical search engine results in the organic search results; and also ignore the fact that DGComp fines all sorts of European companies for antitrust and cartel actions of all flavours. (The decision before Google was fining three car lighting system producers over cartel behaviour.)

Also, for those eye-rolling American (and other) readers: European antitrust doctrine differs in one very significant way from the American flavour. In the US, if you use a monopoly in one space to take over another but consumers benefit overall, there’s no case to answer. This was why the FTC dropped its case (on a 4-0-1, ie one abstention, no opposition) decision. Scroll down in that FTC release to “search bias” where it says the introduction of Universal Search “could be plausibly justified as innovations that improved Google’s product and the experience of its users.” A bit milquetoast, that recommendation.

In the EU, however, the question is whether antitrust stifles competition, not what happens to consumers. This refusal to consider “consumer surplus” infuriates and astonishes a significant number of American observers, but it’s how it’s done here.

But, but, but. I very much expect that Google will appeal this before the 90-day deadline, and that this will mean it doesn’t yet have to change its behaviour, nor pay the fine. Do you think that this might be a long-drawn-out process which will grind interminably through the courts, during which Google won’t change how it displays results? I do.

Meanwhile Foundem and all the other vertical search companies which the EC is ostensibly protecting have been almost crushed. If there were any justice, they’d be getting a slice of the fine. After all, companies which report cartel action either get some payment, or (if they’re part of the cartel) let off some of the fine.

Slow train, now arriving

This is the reality of antitrust: in technology especially, the dominance of these companies and the power of their networks means that the decision comes too late to help those who were originally affected. It was certainly the case with Microsoft and Netscape; it’s clearly the case here. Who knows how big Foundem and Kelkoo and all the others might have been if Google hadn’t been able to use its dominance in straight search to annexe the vertical search space?

Some would really like the fine to have teeth. Tremosa i Ballcells commented: “When it comes down to the fine, I always said: first, you pay the fine and, then, you restore competition and the level playing field like it was the case with Microsoft. I believe that the fine should be retroactive for each year since the beginning of the wrongdoing by Google. This fine is far from the theoretical fine of 10% of Google annual revenues. The fine should be multiplied by the number of years since the start of the damage to competitors. Moreover, the behaviour of Google since the SO [Statement of Objections] and from today should be taken into account as well. Time helps monopolies, not SMEs.”

The argument of course is that antitrust actions serve to make the dominant company change its future behaviour: a fine of that size, and the threat of continuing fines, and particularly the tedious legality of it all, burdens the company’s decision-making process so that its executives all act as though someone suggested they play on the electrified railway when the idea of moving into “adjacent” business comes up. (It certainly worked with Microsoft.)

This will be the real acid test of the EC’s action: will it make Google’s internal culture change? We won’t know the answer to that for some time. Slow train coming.

Start Up: augmented reality gets rolling on iOS, password hacking, stop hyperthreading!, and more


Like the pram in the hall, the smartphone on the desk can ruin concentration. Photo by barnimages.com on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 9 links for you. Use them wisely. I’m @charlesarthur on Twitter. Observations and links welcome.

Apple acquires German eye tracking firm SensoMotoric Instruments • Mac Rumors

Joe Rossignol:

»

Apple and SensoMotoric Instruments did not respond to multiple requests for comments. SensoMotoric’s phone line was out of service.

SensoMotoric Instruments, founded in 1991, has developed a range of eye tracking hardware and software for several fields of use, including virtual and augmented reality, in-car systems, clinical research, cognitive training, linguistics, neuroscience, physical training and biomechanics, and psychology.

The company’s Eye Tracking Glasses, for instance, are capable of recording a person’s natural gaze behavior in real-time and in real world situations with a sampling rate up to 120Hz. One possible use case is for athletes looking to evaluate and improve their visual performance.

SensoMotoric has also developed eye-tracking technology for virtual reality headsets such as the Oculus Rift, which can analyze the wearer’s gaze and help to reduce motion sickness, a common side effect of VR. The solution can also allow for a person’s gaze to control menus or aim in a game with their gaze.

SensoMotoric’s other eye-tracking solutions include standalone devices, such as the RED250mobile, which allows saccade-based studies to be conducted at 250Hz for researchers who require both mobility and high sampling rate.

«

Great scoop. And verrrry interesting.
link to this extract


Measuring distances with ARKit… • Made With ARKit

“Made With ARKit” is a blog picking out stuff made using Apple’s ARKit. Tape measures are going to be the obvious one to begin with.


link to this extract


Apple ARKit: Augmented Reality Minecraft • Made With ARKit

Well, this is impressive: Minecraft as AR, by Matthew Hallberg. This is going to be huge.



link to this extract


Are smartphones making us stupid? • Psychology Today

Christopher Bergland:

»

Cognitive capacity and overall brain power are significantly reduced when your smartphone is within glancing distance—even if it’s turned off and face down—according to a recent study. This new report from the University of Texas at Austin, “Brain Drain: The Mere Presence of One’s Own Smartphone Reduces Available Cognitive Capacity,” was published in the Journal of the Association for Consumer Research.

During this study, the UT Austin researchers found that someone’s ability to hold and process data significantly improved if his or her smartphone was in another room while taking a test to gauge attentional control and cognitive processes. Participants who kept their phones in a pocket or bag also outperformed those who kept their phones on the desk while taking the same test. Again, even if the phone was turned off and face down on the desk, the mere sight of one’s own smartphone seemed to induce “brain drain” by depleting finite cognitive resources.

In June 2016, another study reported that the typical smartphone owner interacts with his or her phone an average of 85 times per day. This includes immediately upon waking up, just before going to sleep, and oftentimes in the middle of the night. (For the record: Although I hate to admit it, I am a heavy smartphone user and these statistics accurately describe my waking and sleeping phone habits.) 

«

Quite scary.
link to this extract


Hacker, hack thyself • Coding Horror

Jeff Atwood wanted to know how secure the hashed passwords in the Discourse database are:

»

My quick hashcat results gave me some confidence that we weren’t doing anything terribly wrong with the Discourse password hashes stored in the database. But I wanted to be completely sure, so I hired someone with a background in security and penetration testing to, under a signed NDA, try cracking the password hashes of two live and very popular Discourse sites we currently host.

[His report:]

»

I was provided two sets of password hashes from two different Discourse communities, containing 5,909 and 6,088 hashes respectively. Both used the PBKDF2-HMAC-SHA256 algorithm with a work factor of 64k. Using hashcat, my Nvidia GTX 1080 Ti GPU generated these hashes at a rate of ~27,000/sec.

Common to all discourse communities are various password requirements:

All users must have a minimum password length of 10 characters.
All administrators must have a minimum password length of 15 characters.
Users cannot use any password matching a blacklist of the 10,000 most commonly used passwords.
Users can choose to create a username and password or use various third party authentication mechanisms (Google, Facebook, Twitter, etc). If this option is selected, a secure random 32 character password is autogenerated. It is not possible to know whether any given password is human entered, or autogenerated.
Using common password lists and masks, I cracked 39 of the 11,997 hashes in about three weeks, 25 from the ████████ community and 14 from the ████████ community.

«

«

The list of passwords he cracked are pretty wonderful – “007007bond”, “123password” and more. TL;DR: use a 12-character password at minimum.
link to this extract


Intel’s Skylake, Kaby Lake chips have a crash bug with hyperthreading enabled • Ars Technica

Peter Bright:

»

a firmware fix—if available—is the best option, though again, availability may be spotty. Microsoft’s Surface Book, for example, does not appear to have a system firmware that includes the fix. I don’t mean to call out Microsoft specifically—I daresay many motherboard firmwares have similarly not been updated in the month and a half since Intel issued its patch—but rather to indicate that even systems that are still supported and do receive regular firmware updates may not have Intel’s latest and greatest microcode yet.

On systems without either a firmware fix or updated driver, disabling hyperthreading is believed to be a robust solution. Most users, however, will probably just want to take their chances; the exact sequence of instructions and runtime conditions that cause problems seem to be rare (certainly rarer than Intel’s description of the bug, “Short Loops Which Use AH/BH/CH/DH Registers May Cause Unpredictable System Behavior,” might otherwise indicate), and, under most circumstances, affected systems appear to be stable anyway. More than 18 months passed before this bug was fixed, after all, and there haven’t been too many reports of Skylake machines crashing left and right because of it.

Eying up AMD systems as an alternative might be tempting, but they’re susceptible to comparable issues, too, in which certain sequences of instructions under certain system conditions can cause crashes or other misbehavior. The workaround in AMD’s case is to disable the micro-op cache. Processors are certainly more reliable than software, but they all have bugs, no matter what chip you choose.

«

For your info: what’s hyperthreading? (This bug also affects Apple machines.)
link to this extract


For UK mothers, it’s all about smartphones and social media • eMarketer

Cliff Annicelli:

»

When it comes to online access and activity, mothers in the UK differ from nonmothers by both device preference and content choice, according to a recent study by UKOM and comScore Inc.

Based on January 2017 usage data, the report found that UK women ages 25 to 54 with children in their households spent most of their time online (59%) via smartphone. By comparison, among women in that age group without children at home, the smartphone figure was a more modest 48%. The nonmothers spent comparatively more time on desktop computers (35%) than did the women with kids at home (26%).

The device usage patterns were similar for men, with male parents of kids at home also overindexing for smartphone time spent online compared with child-free men in the UK ages 25 to 54.

Parenthood also appeared to influence the types of content accessed online. The study found that mothers spent over 2 hours more on social media per month than nonmothers, and nearly that much more time on entertainment sites. But mothers spent more than 2 hours less on news or information sites than did women without children in the home.

«

Also, the mothers and fathers had children to look after. This tends to be a big difference between parents and nonparents.
link to this extract


Journalists, activists: Slack doesn’t strip image metadata • Motherboard

joseph Cox:

»

Slack has become the centre of many journalistic organizations: reporters and editors use it to talk about stories, swap files, and generally run their day-to-day operations.

But using Slack or similar services for delicate work is not always a great idea; lawyers working for Hulk Hogan managed to get hold of Gawker staffs’ Campfire logs, in part, because the messages are not end-to-end encrypted.

There’s another, albeit slightly niche issue that journalists and activists may need to consider when using Slack: the service does not appear to strip uploaded images of metadata. Depending on the situation and the image itself, this could potentially expose where a photo was taken, or give clues as to who took it; not great if you’re working with a source.

Security analyst Jerry Gamblin recently highlighted the issue in a tweet, and Motherboard verified that Slack preserves image metadata when using the service’s web client. (In a second test, Motherboard was unable to replicate Gamblin’s results, and in a third, metadata was retained, including geolocation information).

«

In case you were wondering. Useful to know.
link to this extract


Google begins removing private medical records from search results • The Guardian

Samuel Gibbs:

»

The change was made on Thursday to include the “confidential, personal medical records of private people” in the bracket of information Google may remove unprompted from search results. Other examples of such information include national or government issued identification numbers, bank account numbers, credit card numbers and images of signatures.

The leaking of private medical records can be extremely damaging to the victims, both financially and emotionally, with future prospects affected and private lives of the vulnerable exposed. Given that Google’s indexing system will capture anything that’s publicly accessible on the internet, leaks such as those created by an Indian pathology lab which uploaded more than 43,000 patient records in December, including names and HIV blood test results, can be particularly damaging.

The last change to the removal policy was made in 2015 with the addition of “nude or sexually explicit images that were uploaded or shared without your consent” to cover so-called revenge porn.

The new addition to Google’s scrubbing policy marks a change from the search company’s traditional hands-off, algorithmic approach which resists attempts at censorship. This has come under scrutiny over the last few years due to the spread of fake news and misinformation. Google recently adjusted its search results to down-rank contested information such as fake news.

For many Google has become the gateway to the internet, meaning that removal from the company’s search results effectively scrubs them from the internet.

«

Google implementing a “right to be private”? Interesting development.
link to this extract


Errata, corrigenda and ai no corrida: none notified

Start Up: Russia’s US election hacks, negotiating bots, hacking Windows 10S, GoFundMe fraud, and more


“What’s that? You want me to fund solar startups in the US?” Photo by Ann Althouse on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 13 links for you. Use them wisely. I’m @charlesarthur on Twitter. Observations and links welcome.

Obama’s secret struggle to retaliate against Putin’s election interference • Washington Post

Greg Miller, Ellen Nakashima and Adam Entous:

»

Over that five-month interval [from August 2016], the Obama administration secretly debated dozens of options for deterring or punishing Russia, including cyberattacks on Russian infrastructure, the release of CIA-gathered material that might embarrass Putin and sanctions that officials said could “crater” the Russian economy.

But in the end, in late December, Obama approved a modest package combining measures that had been drawn up to punish Russia for other issues — expulsions of 35 diplomats and the closure of two Russian compounds — with economic sanctions so narrowly targeted that even those who helped design them describe their impact as largely symbolic.

Obama also approved a previously undisclosed covert measure that authorized planting cyber weapons in Russia’s infrastructure, the digital equivalent of bombs that could be detonated if the United States found itself in an escalating exchange with Moscow. The project, which Obama approved in a covert-action finding, was still in its planning stages when Obama left office. It would be up to President Trump to decide whether to use the capability.

In political terms, Russia’s interference was the crime of the century, an unprecedented and largely successful destabilizing attack on American democracy. It was a case that took almost no time to solve, traced to the Kremlin through cyber-forensics and intelligence on Putin’s involvement. And yet, because of the divergent ways Obama and Trump have handled the matter, Moscow appears unlikely to face proportionate consequences.

«

This is one of those stories where they couldn’t get it right whatever. The damage had been done by the time the incursion was discovered. So is the “covert measure” misdirection, or real?
link to this extract


Russian hacking on election more widespread than reported • Time.com

Massimo Calabresi:

»

The hacking of state and local election databases in 2016 was more extensive than previously reported, including at least one successful attempt to alter voter information, and the theft of thousands of voter records that contain private information like partial Social Security numbers, current and former officials tell TIME.

In one case, investigators found there had been a manipulation of voter data in a county database but the alterations were discovered and rectified, two sources familiar with the matter tell TIME. Investigators have not identified whether the hackers in that case were Russian agents.

The fact that private data was stolen from states is separately providing investigators a previously unreported line of inquiry in the probes into Russian attempts to influence the election. In Illinois, more than 90% of the nearly 90,000 records stolen by Russian state actors contained driver’s license numbers, and a quarter contained the last four digits of voters’ Social Security numbers, according to Ken Menzel, the General Counsel of the State Board of Elections.

Congressional investigators are probing whether any of this stolen private information made its way to the Trump campaign, two sources familiar with the investigations tell TIME.

«

link to this extract


Microsoft says ‘no known ransomware’ runs on Windows 10 S — so we tried to hack it • ZDNet

Zack Whittaker:

»

Windows 10 S presents a few hurdles. Not only is it limited to store-only apps, but it doesn’t allow the user to run anything that isn’t necessary. That means there’s no command prompt, no access to scripting tools, and no access to PowerShell, a powerful tool often used (and abused) by hackers. If a user tries to open a forbidden app, Windows promptly tells the user that it’s off-limits. Bottom line: If it’s not in the app store, it won’t run.

Cracking Windows 10 S was a tougher task than we expected.

But one common attack point exists. Hickey was able to exploit how Microsoft Word, available to download from the Windows app store, handles and processes macros. These typically small, script-based programs are designed to automate tasks, but they’re also commonly used by malware writers.

«

Smart idea for an article; clever use of a flaw that has existed since 1995 or so.
link to this extract


Prince was a secret patron of solar power • Bloomberg

Brian Eckhouse and Chris Martin:

»

Before his abrupt death a year ago, the pop musician Prince made an investment in green energy that’s now helping solar start-ups weather an assault from President Donald Trump. 

It started with a conversation in 2011 between Prince and his friend Van Jones, a CNN commentator and California human rights agitator and onetime green-jobs adviser to President Barack Obama.

“He asked, ‘If I have a quarter-million dollars, what can I do with it?’” Jones recalled in an interview. “My wife said he should put solar panels all over Oakland.”

That led to the creation of Powerhouse, a rare for-profit incubator dedicated to putting clean-tech entrepreneurs together with investors. The company has helped 43 start-ups get on their feet in an era when venture capital funding for renewables has plunged and Trump is working to slash funds for early-stage entities from the U.S. Department of Energy.

«

Alphabet Str.. Purple Ra.. umm.. Sign O’ The Times?
link to this extract


Facebook tried teaching bots art of negotiation – so the AI learned to lie • The Register

Katyanna Quach:

»

The bots can only spar with words they were taught. The training data was compiled from 5,808 human dialogues, containing about 1,000 words in total, all generated by real people grafting away for the Amazon Mechanical Turk service. The bots learn to imitate the ways people compromise so that they can try to predict what the other person will say in certain situations.

The team used a mixture of supervised learning for the prediction phase and reinforcement learning to help the bots pick which response they should reply with. If the software agents walk away from the negotiation or do not reach an agreement within 10 rounds of dialogue, both receive zero points, so it is to their benefit to broker a deal.

The most interesting tactic to emerge was the ability to lie. Sometimes bots feigned interest in objects they didn’t really want, and then pretended to give them up during the bargaining process.

“They learned to lie because they discovered a strategy that works, given the game reward. Maybe it occurred a few times in the training dataset. Humans don’t tend to be deceptive in Amazon Mechanical Turk, so it’s a rare strategy,” Bhatra said.

The hope is that the negotiation process learned here can be extended to other settings, such as using bots to book a meeting with someone or buying and selling products – all useful features for personal assistants.

«

link to this extract


The woman who spends her free time hunting down GoFundMe fraud • The Outline

Rollin Bishop:

»

In early 2015, a cat in Florida was hit by a car. His owner, thinking he had died, buried him in the backyard. Five days later, the cat — his name was Bart — rose from the dead and crawled back to the house. The story about the zombie cat spread far and wide, and someone quickly set up a page on the crowdfunding site GoFundMe to pay Bart’s mounting medical bills.

Except there were no bills to pay.

“The minute I heard this story, I was like, ‘Bull. Crap. There’s no way this actually happened,’” said Adrienne Gonzalez, a freelance finance reporter and the publisher behind GoFraudMe, a blog about GoFundMe scams that she started as a Facebook page after the Bart incident. According to Gonzalez’s reporting, Bart’s medical bills were being paid for by the Humane Society, and the cash from GoFundMe was being collected by a neighbor. Despite Gonzalez’s best efforts, GoFundMe did not take down the campaign. It ended up raising more than $6,000.

Since then, Gonzalez has written more than 400 posts about alleged GoFundMe misuse and fraud on her blog. There was the Alabama woman who allegedly faked terminal cancer, raising more than $25,000 through a campaign for medical bills started by a friend as well as raising a separate $10,000 for a campaign called “Mom has Terminal Cancer Disney Trip” in which she asked for money to take her son to Disney World before she died. That woman did not even make Gonzalez’s list of top ten cancer fakers.

«

Given the current direction of US healthcare reform and standard rates of evolution, in 200 years the average American will be able to write a convincing note 100 words long that cons you out of all your money and makes you feel good about it.
link to this extract


Virgin urges Super Hub 2 password change • Which? News

Andrew Laughlin:

»

A Which? investigation has found that Virgin Media’s Super Hub 2 router can be hacked in a matter of days if it’s left with the default password that’s printed on the router. In response to our research, Virgin is advising all Super Hub 2 users to change their password to improve their network security.

In our hacking investigation, we targeted a real home that used the Virgin Media Super Hub 2 router for its cable broadband. The user had remained on the relatively weak default password – only eight characters long, using just lowercase letters from an A-Z alphabet, with two letters removed.

Using publicly available hacking tools that can be found on the web, we were able to crack the router password in just a few days.

«

“Publicly available hacking tools” would be a brute-force algorithm to crack a hash, of course. There are about 864,000 of these still in use; the next version uses 12-character passwords. This story caused Virgin to put out a warning to people to change their router passwords.
link to this extract


‘Why is the Internet so slow?!’ • APNIC Blog

Ilker Nadi Bozkurt:

»

Latency is a critical determinant of the quality of experience for many Internet applications. Google and Bing report that a few hundred milliseconds of additional latency in delivering search results causes significant reduction in search volume, and hence, revenue. In online gaming, tens of milliseconds make a huge difference, thus driving gaming companies to build specialized networks targeted at reducing latency.

Present efforts at reducing latency, nevertheless, fall far short of the lower bound dictated by the speed of light in vacuum[1]. What if the Internet worked at the speed of light? Ignoring the technical challenges and cost of designing for that goal for the moment, let us briefly think about its implications.

«

Hmm, is it “sites would expand their page size dramatically on the basis that it would get to you really fast anyway”? The Google link is from 2009, though pretty notable nonetheless.
link to this extract


Google will stop reading your emails for Gmail ads • Bloomberg

Mark Bergen:

»

Google is stopping one of the most controversial advertising formats: ads inside Gmail that scan users’ email contents. The decision didn’t come from Google’s ad team, but from its cloud unit, which is angling to sign up more corporate customers.

Alphabet Inc.’s Google Cloud sells a package of office software, called G Suite, that competes with market leader Microsoft Corp. Paying Gmail users never received the email-scanning ads like the free version of the program, but some business customers were confused by the distinction and its privacy implications, said Diane Greene, Google’s senior vice president of cloud. “What we’re going to do is make it unambiguous,” she said.

Ads will continue to appear inside the free version of Gmail, as promoted messages. But instead of scanning a user’s email, the ads will now be targeted with other personal information Google already pulls from sources such as search and YouTube. Ads based on scanned email messages drew lawsuits and some of the most strident criticism the company faced in its early years, but offered marketers a much more targeted way to reach consumers. 

Greene’s ability to limit ads, Google’s lifeblood, shows her growing clout at the company.

«

This story was going so well until that sentence there. Greene hasn’t – as the previous paragraph shows – “limited” ads. Google has plenty of other personalised detail, like every website you’ve visited while its cookies were set on your browser, and (if you’re using Android) where you live and work. Hardly “clout”. More like an open goal. There’s no change to privacy here.
link to this extract


Is ISIS conceding defeat? • The New Yorker

Robin Wright:

»

The U.N. special envoy to Iraq, Ján Kubiš, said that the Islamic State’s decision to blow up the mosque [ in eastern Mosul which once marked the claimed capital of Islamic State’s caliphate] was “a clear sign” of the group’s imminent collapse. “This latest barbaric act of blowing up a historic Islamic site adds to the annals of Daesh’s crimes against Islamic, Iraqi and human civilization,” he said, in a statement, and added that it “shows their desperation and signals their end.”

The destruction of a historic mosque may mark the beginning of the end of the Islamic State. But then what? The looming issue is what the loss of its territory means for isis as a stateless movement. Its loyalists still number in the many thousands. And thousands who fought in Iraq and Syria have already returned home; its influence is now global. It is still capable of craven violence, from inspiring terrorist attacks in Britain to waging an insurgency in the Philippines. The scariest scenario is the prospect of someday feeling nostalgia for a period when most of isis was contained in one place.

«

The next few weeks and months will see mopping-up operations of escaping IS fighters leaving Mosul and Raqqa for the Iraq desert. If the progress of the military operations interests you, then follow Moon of Alabama, which has remarkably good intel about it all. (Thanks Jim C for the recommendation.)
link to this extract


Everything I hate about Justin Caldbeck’s statement • Medium

Brenden Mulligan is an entrepreneur and designer; he wrote this after the venture capitalist Justin Caldbeck confessed to “playing a role in perpetrating a gender-hostile environment”:

»

I’m very proud to work in the tech industry. I feel like at most times, we’re collectively moving in the right direction. We’re making people’s lives better. We’re supporting progressive issues.

Could we do more? Of course. But I don’t let that ruin my feelings that we’re doing some really amazing things and setting a good example for other industries to follow.

So when it comes out that rich, powerful, men in my industry are using their position to get away with sexually harassing women, it infuriates me.

An all-too-common scenario played out over the past few days. A group of women exposed a man in power for sexually harassing them. The man said he’s sorry and he’ll get help.

I was mad when I learned what had happened. I got much angrier when I read his statement.

It’s now 2am and I can’t sleep because I’m so angry, so I thought I’d dissect the statement. I apologize in advance for my language.

«

Mulligan tears Caldbeck’s weasel words apart far more effectively than anything else I’ve seen.
link to this extract


Moscow artist ‘arrested for wearing a virtual reality headset’ • Euronews

»

A woman has claimed she was arrested in Moscow for refusing to remove a virtual-reality (VR) headset.

Artist-activist Katrin Nenasheva was detained outside the walls of the Kremlin and taken to a psychiatric clinic.

Nenasheva wrote on Facebook that officers told her: “It’s strictly forbidden to be in virtual reality in a public place. Here it’s the real world.”

Nenasheva was performing part of an art project in which she walks through Moscow wearing a VR headset viewing photographs of Russian psychiatry clinics.

Journalist Mikhail Levin, who reported the arrest on Facebook, said the arrest was the first of its kind in Russia.

She was released after psychiatric doctors concluded she did not need to be hospitalised.

«

Soon to be a common occurrence?
link to this extract


TrumpBlocks.Me

»

President of the United States is a big job, so it’s a credit to Donald Trump that he still finds the time to reach out to ordinary Americans and block them on Twitter. But how many people has the president blocked, and who are they?

«

Devised by Kevin Poulsen, though it doesn’t actually tell you how many people have been blocked (at least, not yet). Perhaps in time. The problem is that it’s difficult to find out if someone has blocked someone else; Twitter’s API doesn’t generally include that information.
link to this extract


Errata, corrigenda and ai no corrida: none notified

Start Up: Russia’s Ukrainian cyberwar; YouTube’s 1.5bn, the art of sound, Trump’s lost jobs, and more


Will the iMac Pro contain TouchID? There might be clues. Picture by Prachatai on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 12 links for you. It’s a year since the Brexit vote. I’m @charlesarthur on Twitter. Observations and links welcome.

Russia’s cyberwar on Ukraine is a blueprint for what’s to come • WIRED

Andy Greenberg:

»

For the past 14 months, [Oleksii] Yasinsky had found himself at the center of an enveloping crisis. A growing roster of Ukrainian companies and government agencies had come to him to analyze a plague of cyberattacks that were hitting them in rapid, remorseless succession. A single group of hackers seemed to be behind all of it. Now he couldn’t suppress the sense that those same phantoms, whose fingerprints he had traced for more than a year, had reached back, out through the internet’s ether, into his home.

The Cyber-Cassandras said this would happen. For decades they warned that hackers would soon make the leap beyond purely digital mayhem and start to cause real, physical damage to the world. In 2009, when the NSA’s Stuxnet malware silently accelerated a few hundred Iranian nuclear centrifuges until they destroyed themselves, it seemed to offer a preview of this new era. “This has a whiff of August 1945,” Michael Hayden, former director of the NSA and the CIA, said in a speech. “Somebody just used a new weapon, and this weapon will not be put back in the box.”

Now, in Ukraine, the quintessential cyberwar scenario has come to life. Twice. On separate occasions, invisible saboteurs have turned off the electricity to hundreds of thousands of people. Each blackout lasted a matter of hours, only as long as it took for scrambling engineers to manually switch the power on again. But as proofs of concept, the attacks set a new precedent: In Russia’s shadow, the decades-old nightmare of hackers stopping the gears of modern society has become a reality.

«

link to this extract


Amazon’s Echo Show gets more practical by adding support for smart home camera feeds • TechCrunch

Sarah Perez:

»

Amazon today announced a notable new trick for its next-generation Echo device, the Echo Show (aka the one with the screen), which could make it a more compelling purchase: it will be able to display the live streams from a number of smart home cameras. Already, companies like Ring, Arlo, Nest, August, EZViz, Vivint, Amcrest, Logitech Circle 2, and IC Realtime have created Alexa Skills that will use the new functionality, Amazon says.

In addition, Amazon is introducing a Smart Home Skill API that will allow developers to integrate live video feeds from their smart home cameras with the device.

The Echo Show, announced in May, is due to begin shipping next week.

The $230 Wi-Fi enabled device offers the same features found in Amazon’s smart speaker Echo – like the ability to talk to Alexa, play music, listen to news and weather, and more. But because it also includes a seven-inch screen, it enables a number of new uses as well, like being able to make video calls, see the lyrics to your songs as they play, watch video flash briefings and YouTube, along with other things that leverage the device’s screen.

One of those promised use cases was the ability to watch your smart home’s cameras, Amazon had said.

«

Amazon is really hurrying to make the Echo useful in as many ways as it can. Though this really just replicates what you’d do with a tablet, which you’d probably have anyway. Or of course a phone, which you’ll probably be carrying.
link to this extract


iMac Pro comes with Security Enclave processor • Pike’s Universum

»

I piled through the firmware/rubble from the new iMac Pro – to be released in December – and it appears to be coming with a Security Enclave Processor. You know. The one that was also added to the MacBook Pro’s with TouchID, but this time to (also) support a new feature called Apple SecureBoot and here are some of the properties that it uses:

AppleSecureBootPolicy
ApECID
ApChipID
ApBoardID
ApSecurityDomain
ApProductionStatus
ApSecurityMode

If the iMac Pro will also support TouchID is still a mystery.

«

But it seems kinda likely. If it’s on an external keyboard, how does that work?
link to this extract


Updates from VidCon: more users, more products, more shows and much more • Official YouTube blog

Susan Wojcicki, CEO, YouTube:

»

A question I get all the time is “How many people actually watch YouTube?” Today, I’m pleased to announce that we crossed a big threshold: 1.5 billion logged in viewers visit YouTube every single month. That’s the equivalent of one in every five people around the world! And how much do those people watch? On average, our viewers spend over an hour a day watching YouTube on mobile devices alone.

«

These are big numbers. But spot the subtle elision: a monthly figure, 1.5bn logged-in visitors per month, and then a per-day measure. How many are using it per day? We don’t know. It could be 1.5bn; it could be as low as 50m. (The latter is very unlikely, but I just wanted to show how wide the potential gap is.)
link to this extract


Rain is sizzling bacon, cars are lions roaring: the art of sound in movies • The Guardian

Jordan Kisner on the amazing work of creating sound for films:

»

[Skip] Lievsay pulled up a cue and played one three-second clip again and again. On screen, Cheadle lit a cigarette: the metal lighter zipped and rung; the skin of his fingers shifted on the cigarette; there was an intake of breath; paper and tobacco crackled as he inhaled, music played in the background. Lievsay rewound. Zip, ring, shift, breath, slightly more crackle, music. Lievsay rewound again. No one spoke. The real Cheadle had not yet arrived.

Sound mixes are notoriously stressful, in part because they come at the very end of a film’s production. “As a mixer you’re the midwife to the director who is at this moment giving final birth to the film,” says Walter Murch, the groundbreaking editor and sound designer, known for his work on Apocalypse Now, The English Patient, and The Godfather: Parts II & III. “[Mixing] is the last inch of the diving board. After this there’s little that’s done to the film. You have to feel where the director is sensitive and what are the unresolved questions and how can I help through sound to moderate it? There’s a great deal of psychoanalytics.”

Directors are not the only stressed-out people who may need attending to: mixing rooms also contain picture editors under pressure to put the finishing touches on their work, producers arguing over logistics such as credit reels, actors floating through for last-minute dubbing and assistants trying hard not to get fired.

In this environment, Skip’s laid-back demeanour, his nearly inaudible jokes, his uniform of T-shirts and jeans, his consummate just-a-nice-dudeness – the Coens joke that Lievsay was part of the inspiration for Lebowski’s The Dude – has a palliative effect. “To do this job,” Lievsay told me, leaning back in his swivel chair, “you need to be the kind of person that people aren’t going to mind being stuck in a room with for four to six weeks.”

«

link to this extract


Trump’s Carrier jobs deal is not living up to the hype • CNBC

Scott Cohn:

»

More than 600 employees at a Carrier plant in Indianapolis are bracing for layoffs beginning next month, despite being told by President Trump that nearly all the jobs at the plant had been saved. The deal, announced with great fanfare before Trump took office, was billed not only as a heroic move to keep jobs from going to Mexico but also as a seismic shift in the economic development landscape.

Nearly seven months later the deal has not worked out quite as originally advertised, and the landscape has barely budged.

“The jobs are still leaving,” said Robert James, president of United Steelworkers Local 1999. “Nothing has stopped.”

In fact, after the layoffs are complete later this year, a few hundred union jobs will remain at the plant. But that is far different from what then-President-elect Trump said just three weeks after the election.

“They’re going to have a great Christmas,” Trump said to cheering steelworkers and local dignitaries on Dec. 1. The plan to close the plant and lay off 1,400 workers had become a frequent topic in the Trump campaign. He said 1,100 jobs would stay in Indianapolis, thanks to the deal.

«

Every single company or deal that Trump claims to have made a difference on is now a hostage to news coverage. And he has no control over what happens. First of many.
link to this extract


Before you hit ‘Submit,’ this company has already logged your personal data • Gizmodo

Kashmir Hill and Surya Mattu:

»

If you’re daydreaming about buying a home or need to lower the payment on the one you already have, you might pay a visit to the Quicken Loans mortgage calculator. You’ll be asked a quick succession of questions that reveal how much cash you have on hand or how much your home is worth and how close you are to paying it off. Then Quicken will tell you how much you’d owe per month if you got a loan from them and asks for your name, email address, and phone number.

You might fill in the contact form, but then have second thoughts. Do you really want to tell this company how much you’re worth or how in debt you are? You change your mind and close the page before clicking the Submit button and agreeing to Quicken’s privacy policy.

But it’s too late. Your email address and phone number have already been sent to a server at “murdoog.com,” which is owned by NaviStone, a company that advertises its ability to unmask anonymous website visitors and figure out their home addresses. NaviStone’s code on Quicken’s site invisibly grabbed each piece of your information as you filled it out, before you could hit the “Submit” button.

«

A standard HTML form doesn’t send the data until you’ve hit Submit; Javascript can grab it all, all the time. At least 100 sites are doing this, Hill (who has been doing some sterline work) says. Question: how does one spot sites doing this? How does one block this?
link to this extract


Imagination Tech up for sale after bruising Apple fight • Reuters

Kate Holton:

»

Imagination Technologies, the British firm that lost 70% of its value after being ditched by its biggest customer Apple, put itself up for sale on Thursday in a disappointing end to a once-great European tech success story.

Founded in 1985 and listed in 1994, Imagination has been rocked by Apple’s announcement in April that it was developing its own graphics chips and would no longer use Imagination’s processing designs in 15 months to two years time.

Apple’s decision, which analysts said posed an existential threat to the company, sent Imagination’s shares plummeting 70% on April 3 and they have barely recovered since.

The stock jumped as much as 21% on Thursday, however, after the sale announcement to 149.5p, giving the company a market capitalization of £425m ($538m).

«

That’s pretty brutal. But suppliers of strategic core technology to Apple ought to wonder about their future all the time.
link to this extract


How the cryptocurrency gold rush could backfire on NVIDIA and AMD • Tech.pinions

Ryan Shrout:

»

With all that is going right for AMD and NVIDIA because of this repurposed used of current graphics card products lines, there is a significant risk at play for all involved. Browse into any gaming forum or subreddit and you’ll find just as many people unhappy with the cryptocurrency craze as you will happy with its potential for profit. The PC gamers of the world that simply want to buy the most cost-effective product for their own machines are no longer able to do so, with inventory snapped up the instant it shows up. And when they can find a card for sale, they are significantly higher prices. A look at Amazon.com today for Radeon RX 580 cards show starting prices at the $499 mark but stretching to as high as $699. This product launched with an expected MSRP of just $199-$239, making the current prices a more than 2x increase.

As AMD was the first target of this most recent coin mining boon, the Radeon brand is seeing a migration of its gaming ecosystem to NVIDIA and the GeForce brand. A gamer that decides a $250 card is in their budget for a new PC would find that the Radeon RX 580 is no longer available to them. The GeForce GTX 1060, with similar performance levels and price points, is on the next (virtual) shelf over, so that becomes the defacto selection. This brings the consumer into NVIDIA’s entire ecosystem, using its software like GeForce Experience, looking at drivers, game optimizations, free game codes, inviting research into GeForce-specific technology like G-Sync. For Radeon, it has not lost a sale this generation (as the original graphics card that consumer would have bought has been purchased for mining) but it may have lost a long-term customer to its competitor.

«

Weird if cryptocurrencies squeeze PC gaming so much that it migrates elsewhere. And meanwhile, what is this rush to GPUs doing to big companies’ machine learning efforts?
link to this extract


Artificial intelligence can predict which congressional bills will pass • Science

Matthew Hutson:

»

The health care bill winding its way through the U.S. Senate is just one of thousands of pieces of legislation Congress will consider this year, most doomed to failure. Indeed, only about 4% of these bills become law. So which ones are worth paying attention to? A new artificial intelligence (AI) algorithm could help. Using just the text of a bill plus about a dozen other variables, it can determine the chance that a bill will become law with great precision.

Other algorithms have predicted whether a bill will survive a congressional committee, or whether the Senate or House of Representatives will vote to approve it—all with varying degrees of success. But John Nay, a computer scientist and co-founder of Skopos Labs, a Nashville-based AI company focused on studying policymaking, wanted to take things one step further. He wanted to predict whether an introduced bill would make it all the way through both chambers—and precisely what its chances were…

…Because bills fail 96% of the time, a simple “always fail” strategy would almost always be right. But rather than simply predict whether each bill would or would not pass, Nay wanted to assign each a specific probability. If a bill is worth $100 billion—or could take months or years to pull together—you don’t want to ignore its possibility of enactment just because its odds are below 50%. So he scored his method according to the percentages it assigned rather than the number of bills it predicted would succeed. By that measure, his program scored about 65% better than simply guessing that a bill wouldn’t pass, Nay reported last month in PLOS ONE.

Nay also looked at which factors were most important in predicting a bill’s success. Sponsors in the majority and sponsors who served many terms were at an advantage (though each boosted the odds by 1% or less). In terms of language, words like “impact” and “effects” increased the chances for climate-related bills in the House, whereas “global” or “warming” spelled trouble. In bills related to health care, “Medicaid” and “reinsurance” reduced the likelihood of success in both chambers. In bills related to patents, “software” lowered the odds for bills introduced in the House, and “computation” had the same effect for Senate bills.

«

The latter parts are what you’d unfortunately expect.

link to this extract


Apple treats the disease, Google treats the symptoms • The Ad Contrarian

Bob Hoffman:

»

The key difference in the way Apple and Google approach the problem [of online ads] can be found in the nature of the companies. Apple makes very little money from online advertising and has a self-interest in protecting their users’ experiences.

Google, on the other hand, makes virtually all of its money from advertising and has a self-interest in protecting tracking and surveillance marketing. The key thing to remember is that most of the major players in online advertising have a big stake in surveillance marketing. They will fight like hell to protect tracking.

Google have proven to be geniuses at subtle misdirection. Their whole search engine business is founded on the idea of misdirection — create a paid search result that seems to a consumer to be close enough to a natural search result to be believable. This is the essence of their business.

It is not surprising that Google’s “Better Ads” solution would look like it’s treating the disease while actually only treating symptoms.

Always keep in mind that Google, Facebook, the IAB, the ANA, and the 4A’s will always fight to retain tracking. Why? They are now in the surveillance business. Their business is collecting, selling, and exploiting the details of our personal lives and our personal behavior.

«

Well, sort of, though – as one commenter points out, what people hate with online ads is the intrusive nature of the ad itself, not the tracking, which is essentially invisible to most people.
link to this extract


Verizon-owned Yahoo is killing off the best app it’s ever made • The Next Web

Abhimanyu Ghoshal:

»

Under former CEO Marissa Mayer, Yahoo failed to build anything truly exciting over the past five years – except for a single truly notable app, Yahoo News Digest. Now, under the reign of its new owner Verizon, the company is killing off one of the best mobile apps I’ve ever used.

It’s really as simple as an app can get: every day at 8am and 6pm, News Digest would prompt you to swipe through a handful of important stories from around the world, summarized for quick reading and accompanied by photos, fast facts and figures, and tweets to help you make sense of it all. It’s been my go-to app for following world news since 2014, and I’m sorry to see it go.

The app didn’t just do a good job of delivering news efficiently, it also offered the most enjoyable user experience I can recall in any recent mobile service.

«

Hey, you could be reading The Overspill. Oh right! But I do wonder what happened to Summly, for which Yahoo paid $300m back in March 2013. Nick D’Aloisio, who minted it, is just taking final-year exams at Oxford University, I think.
link to this extract


Errata, corrigenda and ai no corrida: none notified

Start Up: how Upworthy fell, AirPod satisfaction, read the WSJ free, time to shut Uber?, and more


Veep is discovering that life imitates art all too closely sometimes. Photo by Elvert Barnes on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 11 links for you. Use them wisely. I’m @charlesarthur on Twitter. Observations and links welcome.

Upworthy was one of the hottest sites ever. You won’t believe what happened next • All Tech Considered NPR

Sam Sanders will tell you, though: Facebook downrated its stories.

»

Facebook declined an interview request from NPR, but engineers there have spoken before about why Facebook’s algorithm started to hurt headlines and stories like Upworthy’s. In a recent New York Times Magazine piece, several engineers said they could see that people clicked on clickbaity headlines like Upworthy’s a lot, but didn’t stay on such sites for a long time after they clicked. And lots of stories that got lots of clicks didn’t get lots of shares, another sign to engineers that the content wasn’t valuable to Facebook users. Facebook determined that such stories were clicky, but not sticky.

In a statement to NPR, a Facebook spokesperson said, “It’s no secret there have been several improvements to News Feed in recent years. There has been clear communication about those updates, and why the community of people on Facebook wanted them — particularly in the instance of reducing clickbait and sensationalism.” That spokesperson also said Facebook stands by the reporting in The New York Times about why Upworthy clicks suffered.

([Upworthy founder Eli] Pariser disagreed. He said a big part of why content like Upworthy’s started to decline in News Feed is because Facebook wanted to push its own content instead of someone else’s.)

Whatever the case, how do you bounce back after such a hit? Slowly — and with a little help.

«

Facebook’s “how much time, how quickly are they back?” calculation is just like Google’s when you click on a search result.
link to this extract


Jeff Bezos’ lessons from Washington Post for news industry • CNBC

Matt Rosoff:

»

Bezos delivered some of this advice at the Future of Newspapers conference in Turin, Italy, on Wednesday. Here are the highlights:

Focus on readers first, not advertisers. In response to a question about similarities between running Amazon and the Post, Bezos said: “We run Amazon and The Washington Post in a very similar way in terms of the basic approach. We attempt to be customer-centric, which in the case of the Post means reader-centric. I think you can get confused, you can be advertiser-centric — and what advertisers want, of course, is readers — and so you should be simple-minded about that and you should be focused on readers. If you can focus on readers advertisers will come.”

You can’t shrink your way to relevance. When he took over, Bezos said, the Post already had an “outstanding” tech team and newsroom, and a top-notch editorial leader in Marty Baron. But the newsroom kept eliminating people, which wasn’t working.

“What they needed was a little bit of runway and the encouragement to experiment, and to stop shrinking. You can’t shrink your way into relevance.” Since then, the paper has added about 140 reporters and significantly grown the tech team — and it’s worked.

“We’ve grown our way into profitability instead of shrinking our way into profitability.”

«

Advertisers won’t like that suggestion, but it’s the right one.
link to this extract


Russian hackers targeted 21 states during 2016 election • Axios

Shane Savitsky:

»

During a hearing before the Senate Intelligence Committee this morning, officials from the FBI and Department of Homeland Security discussed the scope of Russian interference in the 2016 presidential election and how the federal government is preparing for potential future cyberattacks.

The big thing: Jeanette Manfra, the Acting Deputy Undersecretary for Cybersecurity and Communications at DHS, confirmed that election-related systems in 21 states were targeted in the lead-up to the 2016 election, but reiterated that no vote tallies were altered.

Related: Manfra refused to name those 21 states, but said that the “system owners” had been made aware of the targeting. She also said that some states had data exfiltrated by Russian hackers but refused to provide details regarding the nature or scope of the exfiltrated election data.

Other things to note:

• It’ll happen again: Bill Priestap, the Assistant Director of the FBI’s Counterintelligence Division, said that he believes the Russians will continue their hacking efforts.

«

And more.
link to this extract


Apple’s AirPods are winning with the critics that matter • The Verge

Vlad Savov:

»

In classic Apple fashion, the AirPod wireless earphones were launched with a generous heaping of hyperbole last year. The universal headphone jack was, according to Apple, out of date, and it was time we all got on the wireless bandwagon — with those pearly-white cigarette stub lookalikes serving as our ticket to the future. I very much doubted the $159 AirPods, and I was certainly put off by Apple’s haughty presentation, but user feedback appears to be proving me wrong. One survey published this week reports 98% of AirPod buyers have been satisfied with their purchase, many even saying they liked the earphones more than they thought they would.

That leads me to the topic of this article, which is about heeding the important feedback and discarding the noise. Just as inevitable as the Apple hype is the corresponding wave of counter-hype. Apple: it’s magical. Vlad: it would take real magic to see me with these in my ears. Both of those things are examples of noise: you’ll never hear a company launch a new product with anything but the most positive articulations of its revolutionary nature, and whatever I or any other critic have to say before they’ve tried the product is based mostly on conjecture and should be treated as such.

«

Surprised it’s only 98%, to be honest. Only wrinkle I notice: sometimes it’s hard to persuade the iPhone to give up its link to them in favour of the Watch. (Solution: turn off Bluetooth on the phone, return pods to charger, take them out.)
link to this extract


The new season of “Veep” was not supposed to be about Donald Trump • The New Yorker

Ian Crouch:

»

Throughout the season, [ex-president] Selina [Meyer] refuses to sit still long enough to begin work on her memoir, while her former speechwriter attempts to claw anecdotes out of her, recalling the experience of the “Art of the Deal” ghostwriter, Tony Schwartz, who told Jane Mayer that, during their collaboration, Trump “seemed to remember almost nothing of his youth, and made it clear that he was bored.” When Selina finally does reflect on her past, it’s revealed that everything she thought she knew about her supposedly idyllic youth was a lie. It’s hard to think of Selina, playing backgammon at night with Gary, without recalling the reports of Trump spending his evenings alone in the White House, watching cable news into the wee hours, complaining about fake news to his longtime bodyguard, Keith Schiller.

Perhaps nowhere have the similarities between Meyer and Trump been clearer than on the global stage. Trump, during his recent trip abroad—touching a glowing orb during a supremely odd photo op with the President of Egypt and the King of Saudi Arabia, appearing to shove the Prime Minister of Montenegro out of his way to get a better position among a gaggle of world leaders at the nato meeting in Brussels, and engaging in a comically extended macho-handshake battle with the newly elected French President, Emmanuel Macron—looked queasily similar to Selina on her various foreign trips.

So far in Season 6, as an ex-President, Selina has travelled to the Republic of Georgia as an election monitor, where she disparages democracy and cozies up to a pair of oligarchs, playing them off each other in exchange for thinly veiled bribes. In Qatar, she again plays world leaders against each other for favors. In “Veep,” diplomacy is simply business with more money on the line. In Saudi Arabia, Trump appeared at ease and slightly in awe of the luxurious pageantry in the Kingdom, muting his former belligerent tone as he struck deals with the Saudis, while failing to muster any mention of human rights. Meanwhile, Selina, speaking at a forum for human rights in the Middle East, proclaimed, in one of the best lines yet in the series, “Human rights are part of a diverse pageant of different priorities.”

«

Veep has been on rare form this time round. And real life has brought it close, such as the time Trump walked out of the Oval Office talking about how great his new executive order was – except he hadn’t signed it. Perfect Veep fare.
link to this extract


You can now read the WSJ for free — but only if you burst your filter bubble • Hackernoon

Beeline Reader:

»

A few months ago, the Wall Street Journal’s “google loophole” disappeared. But despair not: there’s a new way to get free access to the WSJ website — and all you have to do is climb out of your filter bubble to get it.

(TLDR: Get this iOS app or this Chrome extension (both free) and get reading.)

We launched the Read Across The Aisle project as a way to help people assess and escape their filter bubbles. Our tools, which have been called “a fitbit for your filter bubble,” are free to use — thanks in large part to the generosity of our Kickstarter backers. We’ve built an iOS app and a Chrome extension, which have graced the pages of the New York Times, Fast Company, and the BBC.

«

What I find notable here is that it’s an iOS app, or it’s a Chrome extension. Tells you all you need to know about the dominant money-generating platforms on mobile and desktop.
link to this extract


Uber can’t be fixed — it’s time for regulators to shut it down • Harvard Business Review

Ben Edelman (who you’ll recall from his “Uber scandals” page earlier this week), following the resignation of Travis Kalanick as CEO:

»

Uber’s most distinctive capabilities focused on defending its illegality. Uber built up staff, procedures, and software systems whose purpose was to enable and mobilize passengers and drivers to lobby regulators and legislators — creating political disaster for anyone who questioned Uber’s approach. The company’s phalanx of attorneys brought arguments perfected from prior disputes, whereas each jurisdiction approached Uber independently and from a blank slate, usually with a modest litigation team. Uber publicists presented the company as the epitome of innovation, styling critics as incumbent puppets stuck in the past.

Through these tactics, Uber muddied the waters. Despite flouting straightforward, widely applicable law in most jurisdictions, Uber usually managed to slow or stop enforcement, in due course changing the law to allow its approach. As the company’s vision became the new normal, it was easy to forget that the strategy was, at the outset, plainly illegal.

Uber faced an important challenge in implementing this strategy: It isn’t easy to get people to commit crimes. Indeed, employees at every turn faced personal and professional risks in defying the law; two European executives were indicted and arrested for operating without required permits. But Uber succeeded in making lawbreaking normal and routine by celebrating its subversion of the laws relating to taxi services. Look at the company’s stated values — “super-pumped,” “always be hustlin’,” and “bold.” Respect for the law barely merits a footnote.

«

link to this extract


State Supreme Court judge loses $1M in real estate email scam • NY Daily News

Laura Dimon and Grahan Rayman:

»

A state Supreme Court judge was scammed out of more than $1 million after being fooled by an email she thought had been sent by her real estate lawyer, the Daily News has learned.

Acting State Supreme Court Justice Lori Sattler, 51, was duped while trying to sell her apartment and buy another, sources said.

On Friday, Sattler told police she’d gotten an email June 7 from someone she believed was her lawyer, sources said.

The person claiming to be the lawyer told her to send money to an account. She followed the instructions and wired $1,057,500 to that account, sources said. The money was then sent to Commerce Bank of China, sources said.

«

Probably using methods as detailed here a few days ago.
link to this extract


Leaked recording: inside Apple’s global war on leakers • The Outline

William Turton:

»

[ex-NSA staffer David] Rice says that Apple’s focus on secrecy has not translated to a culture of fear. “I think what is unique at Apple is that we don’t have a Big Brother culture,” Rice says. “There’s nobody on my team reading emails, sitting behind you on the bus, we don’t do that.”

But the presentation makes working for Apple sound like working for the CIA. (At one point, Rice even refers to “blowing cover.”) There are repeated references to employees drawing boundaries in their personal lives, for example. “I go through a lot of trouble not to talk about what I work on with my wife, with my teenage kids… with my friends, my family,” an employee in one of the videos says. “I’m not telling you that you give up all relationships,” Rice says, “but that you have a built-in relationship monitor that you’re constantly using.”…

…Other tech companies have begun to follow Apple’s lead on instilling a culture of secrecy. According to a 2016 report from Business Insider, Snapchat CEO Evan Spiegel has a portrait of Steve Jobs hanging in his office, and the company has cultivated an obsession with leaks similar to Apple’s. Facebook is currently hiring a “Global Threat Investigations Manager,” and Google is facing a lawsuit in San Francisco alleging that the company operates an internal “spying program.”

Some of the hypothetical and real leaks discussed in the briefing seem inconsequential: the release of watch bands, or the fact that a new iPad will be “bigger,” for example. But Cook believes leaks directly hurt Apple’s bottom line. During the company’s most recent earnings call, Cook blamed flagging iPhone sales on “earlier and much more frequent reports about future iPhones.” Indeed, there have been a slew of leaks about the iPhone 8, scheduled to be announced in the fall. “Apple has a major iPhone redesign planned for 2017, with a glass body and edge-to-edge OLED display that includes an integrated Touch ID fingerprint sensor and front-facing camera,” according to MacRumors.

Such leaks may be why Apple is now hosting these internal secrecy briefings.

«

As has been observed, it’s a hell of a thing to get a recording of an internal briefing about not revealing internal briefings to outside people. Someone’s so going to get fired.

And just on the Big Brother thing, when took over Apple again in 1997, Steve Jobs certainly introduced a monitoring system on emails. Perhaps it was abandoned at some point?
link to this extract


The 10.5in iPad Pro’s 120Hz refresh rate matters • The Mac Observer

Jeff Butts, explaining that there’s a difference between “frames per second” and “refresh rate”:

»

the ProMotion technology doesn’t lock the refresh rate at 120Hz. Rather, it allows the 10.5-inch iPad Pro to scale the refresh rate from a low of 24Hz to a high of 120Hz. If you’re reading a static page, it drops down to the floor. On the other hand, when you’re looking at fast-moving content, you get the full 120Hz refresh rate. In other words, the frames refresh 120 times per second, even when your content only moves at 60 FPS.

Here’s why that makes a difference. First of all, your graphics processing unit (GPU) projects an image to your display that isn’t always in sync. If the display only refreshed 60 times per second, you might have a delay between the GPU sending the refreshed frames and the display showing them, resulting in stuttering and an overall less smooth experience.

Since the image is actually flashed 120 times per second, the display is able to project the frames to your eyeballs up to twice per cycle. That means a smoother image, overall, especially when viewing fast action or scrolling. There’s less stutter, and the content feels like it’s flying by when you fling it.

The 120Hz refresh rate also makes a huge difference with the Apple Pencil. It’s sampling at 120 times per second, so the Pencil will appear even smoother than it did before. The delay, or latency, of the Pencil is down to 20ms, according to Apple, which is quite good. With a 120Hz refresh rate, combined with behind-the-scenes predictive technology, the perceived latency can actually drop as low as 8ms. You won’t find an experience any closer to that of paper and pencil than that.

Whether you’re a gamer, engineer, digital artist, or just a “normal” user, the 120Hz refresh rate alone makes the new 10.5-inch iPad Pro nothing short of amazing. Movies and other media, even with lower FPS rates, look absolutely stunning in their detail and smoothness.

«

link to this extract


Tesla’s autopilot software head quits in less than six months • Reuters

Subbrat Patnaik:

»

Tesla Inc said the head of its autopilot software, Chris Lattner, left the company in less than six months since joining the electric carmaker.

“Chris just wasn’t the right fit for Tesla, and we’ve decided to make a change,” a Tesla spokeswoman told Reuters in an email on Tuesday.

“Turns out that Tesla isn’t a good fit for me after all,” Lattner, who worked at Apple Inc (AAPL.O) for more than a decade before joining Tesla in January, tweeted. “I’m interested to hear about interesting roles for a seasoned engineering leader!”

Tesla said it hired Andrej Karpathy as director of artificial intelligence and Tesla Vision team, the spokeswoman said.

Karpathy, who most recently worked as a research scientist at OpenAI, will directly report to Chief Executive Elon Musk.

«

Lattner led the creation of the Swift computer language at Apple. (Afterwards he tweeted: “Yes, I do have seven years’ experience of Swift.”) He did feel like an odd choice to lead its autonomous driving unit. And so it proved.
link to this extract


Errata, corrigenda and ai no corrida: none notified

Start Up: how IS beats YouTube, OnePlus’s benchmark fix, HomePod v world, the meat allergy tick, and more


Put it in the functional MRI, you might get a flicker. Photo by George Ornbo on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 10 links for you. Happy solstice! I’m @charlesarthur on Twitter. Observations and links welcome.

YouTube regularly leaves Islamic State videos up for days or weeks • Motherboard

Joseph Cox:

»

Over a two week period, Motherboard monitored channels on Telegram—a social network and messaging app popular with Islamic State supporters—used to spread extremist propaganda. These included channels that shared material from Amaq; outlets such as Nashir, which republish Islamic State announcements; and a sea of other supportive accounts which regularly post similar extremist videos. The sample included clips of Islamic State fighters in street combat in the Philippines; members destroying Christian religious sites; and instructions on how to commit attacks with knives and vehicles. Several long, half hour propaganda videos with ideological speeches were also shared.

To be clear, YouTube did remove the vast majority of the analyzed videos. But many videos stayed accessible for hours, days, or longer. Out of the clips that YouTube did remove, the company deleted around 50% of them within 24 hours. The remaining half stayed online between two and 15 days.

In [terrorism analyst firm] SITE Intelligence Group’s own experience of tracking clips, “We did notice that official ISIS videos are often removed from YouTube faster—at times even instantly. Videos by ISIS’ Amaq News Agency, however, remain for much longer,” Katz said. “The same goes for pro-ISIS media groups.”

«

No suggestion that YouTube is doing this intentionally; but it’s up against people whose entire aim in life is to evade its censors. Ironic given that YouTube got its big break evading attempts by big entertainment companies to control what was on it.
link to this extract


A psychologist’s guide to reading a neuroimaging paper • Journal of European Psychology Students’ Bulletin

Niall Bourke:

»

The pre-processing involved and statistical analysis of neuroimaging data can be complex. A lack of understanding of the image processing pipeline and the limitations of the statistical approach used is obviously dangerous. Pressing buttons on a computer isn’t sufficient; a conceptual knowledge of what is being done is really required. Here, a few of the common pitfalls to look out for while reading neuroimaging papers are presented.

Bennett, Baird, Miller, and George (2009) conducted an fMRI in which a post-mortem salmon was used to determine emotions from images. So what would be the expected result of this study—surely not activity in the brain cavity? You can see for yourself from the image below that indeed, even a dead salmon shows some activation.

«

Please form an orderly queue with your Norwegian Blues.
link to this extract


Do NOT Trust OnePlus 5 Benchmarks in Reviews • XDA Developers

Mario Tomas Serrafero found that the new OnePlus has hardcoded checks to see if a benchmarking app is running; if so, it whacks up the CPU frequency.

»

We set up GeekBench 4 tests with a two second break in between the results screen and the initiation of another benchmark run; external device temperature (not battery temperature as reported by Android) was measured using a FLIR thermal camera after a second of calibration, averaging the three immediate measurements in the two-seconds between runs. I was rather surprised to see that, overall, these two devices heated up at around the same rate and neither of them saw a drop in score. All results in each data set are within the expected variance, suggesting there is no thermal throttling at play. Upon closer inspection, this really should not come as a surprise given sustained performance is one of the inherent strengths of the Cortex-A73 cores that the Snapdragon 835’s Kryo cores are based on. The affected cores are the power-efficient cores, and the fact that GeekBench 4 specifically comes with measures to prevent throttling that alters the scores of the sub-tests near the end of a run, is something we learned from our interview with John Poole.

Interestingly enough, not all popular benchmarks are targeted by OnePlus’ cheating mechanism. 3DMark, for example, did not actually see any of these problems when running tests or even opening the application. However, other benchmarks like GFXBench are targeted and we see the same CPU behavior when opening and running them. In fact, during a sustained performance run using GFXBench’s Manhattan Battery Test, the OnePlus 5 reached temperatures of over 50°C | 122°F (outer temperature), a very rare occurrence among devices I have tested in the past, all of which experience some degree of thermal throttling that prevents them from getting quite that hot.

«

OnePlus, entertainingly, didn’t deny it, in a statement sent to XDA:

»

People use benchmark apps in order to ascertain the performance of their device, and we want users to see the true performance of the OnePlus 5. Therefore, we have allowed benchmark apps to run in a state similar to daily usage, including the running of resource intensive apps and games. Additionally, when launching apps the OnePlus 5 runs at a similar state in order to increase the speed in which apps open. We are not overclocking the device, rather we are displaying the performance potential of the OnePlus 5.

«

Except, as Serrafero points out, that isn’t how the device will actually run from day to day. Though you’d hope you’ll never be running an app that demands that much of your phone anyway. Another example of how benchmarks distract from the important stuff – what the phone is like to use.
link to this extract


What Apple’s HomePod is up against • The Information

Eugene Kim and Mike Sullivan:

»

The data make clear that purchases were skewed towards the cheaper Amazon devices. It averages all the transactions and estimates that consumers spent $79 on average to buy one of Amazon’s home speakers. In contrast, consumers spent an average of $118 on Google Home and $223 on Sonos products, according to Slice. 

Despite its premium price, Sonos has performed strongly. Its market share nearly doubled in the first five months of this year, even briefly surpassing the Echo’s share in April. Part of Sonos’ success might have to do with the fact that its users are able to pair it with the Echo Dot to get better sound quality. Google Home, meanwhile, continued its slide, dropping to just 3.2% in May from a peak of 17.5% when it first launched in October 2016.
Speaker US shares of sales

«

As one commenter pointed out, plotting the revenue against share gives you a different picture – I’ve done it below. That shows that Sonos is close on Amazon for revenue, which suggests that Amazon is selling more units. Amazon has the benefit of a shopping service at the back; Google needs to offer more.

Wi-Fi speaker revenue shares

Equally, it’s clear that Apple is after Sonos’s segment. No shopping service and a voice assistant whose quality is a topic of argument means the “great sound” pitch is a necessity.
link to this extract


The New York Times CEO on state of digital advertising: ‘Nightmarish joke’ – Digiday

Brian Morrissey:

»

“The world of digital advertising is a nightmarish joke,” [Mark Thompson] said during a panel discussion at the Cannes Lions. “Mark Zuckerberg’s first post about fake news, Facebook managed to serve an ad for fake news next to it. It’s a joke. It’s out of control. There are all sorts of creepy, borderline fraudulent middlemen, this thicket of strange companies, tracking pixels on everything. You couldn’t think of a more dangerous environment for a brand.”

In case there was any mistaking his position, Thompson added a further assessment: “a complete mess.”

“In terms of brand safety, you couldn’t think of a more dangerous environment,” he added. “A monster has been created.”

I asked Thompson whether he blames ad tech for the current situation. He said the entire digital media world is too premised on audience buying.

“The ecosystem that’s grown up is a strangely shaped thing,” he said. “It’s based on the idea that content doesn’t matter.”

Thompson is somewhat free to rip into digital advertising because of the success the Times has had in pivoting to focus on subscriptions. Thompson said the Times now has 2 million digital subscribers and believes it can get to 10 million globally in not too long.

Both Thompson and Jesse Angelo, CEO and publisher of the New York Post, took the opportunity to beat up on Facebook. Angelo noted that Facebook was telling advertisers less than 1% of their ads are next to jihadi videos. “Less than 1 percent? How about, one is too many.”

«

link to this extract


Spotify tests new sponsored songs ad unit to place songs in user playlists • Tech Narratives

Jan Dawson:

»

the news that Spotify is testing a “Sponsored Song” ad unit in which songs are literally placed into users’ playlists should be concerning. Almost every ad-based business model eventually engages in such violations, either temporarily or permanently, because the drive is always to push the boundaries of ad load and the places where ads can show – the most valuable real estate is also often the most invasive, and each ad platform has to draw its own line between what is and isn’t acceptable in the pursuit of ad dollars.

Spotify’s recently leaked full results for 2016 show that its ad-based business is loss-making even on a gross margin basis, while its subscription business is profitable on that same basis, so there’s always going to be a push to squeeze more ad revenue out of each user. I’ve recently finished a piece for Variety which will publish in the next couple of weeks in which I argue that Spotify should in fact ditch its free tier and go subscription-only, because of all the tradeoffs the ad-based business forces, especially in its relationships with labels.

«

If Spotify did kill its free tier, its growth would pretty much stop dead, so I don’t see it doing that until it has IPO’d (or listed) and unburdened itself of the $1bn debt which is bleeding its cash flow. Tech Narratives, by the way, is Dawson’s mostly-paid-for tech analysis site. He’s insightful.
link to this extract


The Lone Star tick that gives people meat allergies may be spreading • WIRED

Megan Molteni:

»

In the last decade and a half, thousands of previously protein-loving Americans have developed a dangerous allergy to meat. And they all have one thing in common: the lone star tick.

Red meat, you might be surprised to know, isn’t totally sugar-free. It contains a few protein-linked saccharides, including one called galactose-alpha-1,3-galactose, or alpha-gal, for short. More and more people are learning this the hard way, when they suddenly develop a life-threatening allergy to that pesky sugar molecule after a tick bite.

Yep, one bite from the lone star tick—which gets its name from the Texas-shaped splash of white on its back—is enough to reprogram your immune system to forever reject even the smallest nibble of perfectly crisped bacon. For years, physicians and researchers only reported the allergy in places the lone star tick calls home, namely the southeastern United States. But recently it’s started to spread. The newest hot spots? Duluth, Minnesota, Hanover, New Hampshire, and the eastern tip of Long Island, where at least 100 cases have been reported in the last year. Scientists are racing to trace its spread, to understand if the lone star tick is expanding into new territories, or if other species of ticks are now causing the allergy.

The University of Virginia is deep in the heart of lone star tick country. It’s also home to a world-class allergy research division, headed up by immunologist Thomas Platts-Mills. He’d been hearing tales of the meat allergy since the ’90s—people waking up in the middle of the night after a big meal, sweating and breaking out in hives. But he didn’t give it much thought until 2004, when he heard about another group of patients all suffering from the same symptoms.

This time, it wasn’t a plate of pork chops they shared; it was a new cancer drug called cetuximab.

«

This would make a great premise for a vegan bioplot.
link to this extract


WWDC 2017 Wish List: tvOS • Joe Steel

A year ago before WWDC 2016 he had this wishlist for Apple TV. A year and a week later he still has this wishlist:

»

I still would like to see Apple tackle:

• Picture in Picture – This is just a silly omission of a television technology when they have it for other platforms.
• Interactive Programming Guide – With an increasing emphasis on live TV provided by multiple sources there needs to be a mechanism to expose what’s available to the user from the disparate silos.
• A New Multitasking View – The rolodex card thing has got to go.
• Streamlined Apple ID and Apple ID Switching – A lot of people live with other people. Who knew?
• Backup and Restore – If there’s ever a 5th generation Apple TV, I would really like to not set it up from scratch.
• Siri – Google demonstrated Google Home and a Chromecast working together over a year ago now.

«

Yes on all those. And, dear lord, a remote that you don’t have to look at.
link to this extract


Facebook’s Oculus fights sales ban for VR Rift headset • Bloomberg

Tom Korosec:

»

Facebook wants a federal judge to let it continue sales of its virtual-reality headsets even though a jury said the social-media giant’s Oculus unit stole another company’s computer code.

ZeniMax Media Inc.’s request for a court order blocking sales of unspecified models of the Oculus Rift, which is priced at $600 with controllers, follows a $500m verdict in February over claims that Oculus and some of its executives purloined proprietary information when they designed the headset prototype.

Facebook bought Oculus in 2014 for $2bn. Chief Executive Officer Mark Zuckerberg has said that the company’s bet on virtual reality as the next big computing platform will take years to pay off. Currently, the headsets are mostly popular among video game players — not the mainstream. But projections by Bloomberg Intelligence show the market for virtual and augmented-reality hardware may exceed $40bn in sales in 2020.

A sales ban would place an unfair hardship on Oculus and its business partners and customers, the company argued in a filing in Dallas federal court, where a hearing was held Tuesday on ZeniMax’s request for an injunction and Oculus’s bid to reduce the damages awarded at trial.

«

Not that clear whether it would really be a huge disadvantage to suffer a sales ban while it waits for the retrial. How many of those things is it selling now?
link to this extract


Varjo emerges from stealth with awesome new VR/AR display • ReadWrite

Ryan Matthew Pierson:

»

Products such as the Oculus Rift and HTC Vive are offering users a 1.2 megapixel (per eye) VR experience with an up to 110-degree field of view. For over a year, this has been the cutting edge of VR/AR headset displays. Even the PlayStation VR, a headset designed specifically for gaming, is limited to a 1080p resolution.

Meta II, a headset currently available for preorders at $949 USD, has an exceptional 2.5k resolution of 2550×1440.

In the augmented reality space, we have options like Microsoft’s Hololens, which has a significantly lower field of view (around 32 degrees). The effective resolution for the Hololens is around 1 megapixel.

“Varjo’s patented display innovation pushes VR technology 10 years ahead of the current state-of-the-art, where people can experience unprecedented resolution of VR and AR content limited only by the perception of the human eye itself,” said Urho Konttori, CEO and founder of Varjo Technologies. “This technology, along with Varjo VST, jump-starts the immersive computing age overnight – VR is no longer a curiosity, but now can be a professional tool for all industries.”

«

Note the “industry” phrase there.
link to this extract


Errata, corrigenda and ai no corrida: none notified

Start Up: US medical data abuse, $1m ransomware!, Mexico’s text spyware, iPhone app bloat, and more


A neural network can detect asymptomatic atrial fibrillation via Apple Watch heart monitoring. Photo from Nottingham Vet School on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 10 links for you. Happy almost-solstice. I’m @charlesarthur on Twitter. Observations and links welcome.

How a company you’ve never heard of sends you letters about your medical condition • Gizmodo

Kashmir Hill and Surya Mattu:

»

In the summer of 2015, Alexandra Franco got a letter in the mail from a company she had never heard of called AcurianHealth. The letter, addressed to Franco personally, invited her to participate in a study of people with psoriasis, a condition that causes dry, itchy patches on the skin.

Franco did not have psoriasis. But the year before, she remembered, she had searched for information about it online, when a friend was dealing with the condition. And a few months prior to getting the letter, she had also turned to the internet with a question about a skin fungus. It was the sort of browsing anyone might do, on the assumption it was private and anonymous.

Now there was a letter, with her name and home address on it, targeting her as a potential skin-disease patient. Acurian is in the business of recruiting people to take part in clinical trials for drug companies. How had it identified her? She had done nothing that would publicly associate her with having a skin condition.

«

You won’t like how they did this – though it points to the US’s terrible lack of protections for data, and its larcenous healthcare system (on which more below).
link to this extract


Web hosting provider pays $1 million to ransomware attackers • SecurityWeek.Com

Ionut Arghire:

»

South Korean web hosting company Nayana agreed to pay $1 million in Bitcoin after a ransomware attack hit 153 Linux servers.

The attack took place June 10 and resulted in over 3,400 business websites the company hosts being encrypted. According to the Nayana’s initial announcement, the attacker demanded 550 Bitcoins (over $1.6 million) to decrypt the infected files. Following negotiations, they lowered the ransom demand to 397.6 Bitcoins (around $1.01 million).  

The payments, the company announced, will be made in three batches, and the attackers will decrypt the affected servers accordingly. Two payments were already made, and the company is currently in the process of recovering the data from the first two server batches.

The ransomware used in this attack, Trend Micro reveals, was Erebus, a piece of malware that was initially spotted in September 2016 and which was already seen in attacks earlier this year, when it packed Windows User Account Control bypass capabilities.

Apparently, someone ported the ransomware to Linux and is using it to target vulnerable servers. Running on Linux kernel 2.6.24.2, which was compiled back in 2008, Nayana’s website is vulnerable to a great deal of exploits that could provide attackers with root access to the server, such as DIRTY COW, Trend Micro notes.

«

“Dear customer, a review of our ongoing costs means that regrettably we are having to raise hosting prices…”
link to this extract


Using texts as lures, government spyware targets Mexican activists and their families • The New York Times

Azam Ahmed and Nicole Perlroth:

»

Mexico’s most prominent human rights lawyers, journalists and anti-corruption activists have been targeted by advanced spyware sold to the Mexican government on the condition that it be used only to investigate criminals and terrorists.

The targets include lawyers looking into the mass disappearance of 43 students, a highly respected academic who helped write anti-corruption legislation, two of Mexico’s most influential journalists and an American representing victims of sexual abuse by the police. The spying even swept up family members, including a teenage boy.

Since 2011, at least three Mexican federal agencies have purchased about $80 million worth of spyware created by an Israeli cyberarms manufacturer. The software, known as Pegasus, infiltrates smartphones to monitor every detail of a person’s cellular life — calls, texts, email, contacts and calendars. It can even use the microphone and camera on phones for surveillance, turning a target’s smartphone into a personal bug.

«

You can’t control how it’s used once it’s sold.
link to this extract


The founder of Pinboard on why understanding fandom is good for business • The Verge

Kaitlyn Tiffany with the interview:

»

Q: Pinboard for a while had this competition with Delicious as a main part of its brand — on Twitter, you wrote a lot of jokes about Delicious, lots of taunts aimed at Yahoo or AVOS — now that that’s over, who’s next?

Maciej Ceglowski: Yeah, it’s really weird for me, because especially at the outset I felt like I was a flea on the elephant. I was trying to suck a few dozen customers away from this enormous Yahoo-funded giant and the idea that I could not just compete with this site, but actually buy it, never entered my mind. So I’m in a bit of a Twilight Zone feeling.

I feel like I won the war so thoroughly that I don’t really know what to do next. I would love to take down Pocket and I would love to take down Diigo. Pocket is losing a lot of money, and Diigo is kind of a strange, weird longterm competitor. Actually, I think there’s room for a lot of different bookmarking sites and I like that there’s competitors, I hope that they stick around.

There’s all these little niche areas in bookmarking that I want to see be occupied by people like me, who are just kind of living from it. There are a lot of ways you can earn a living but there’s not a lot of ways you can make millions. Unfortunately what ends up happening is that people start with a niche, but then they decide they want to grow the business to be like Pinterest and that never seems to work, maybe once in a decade.

«

And the thing that gave him leverage? AVOS, which bought Delicious from Yahoo, didn’t realise how important the “/” symbol was in bookmarking fan fiction.

Pocket ought to be worried, though.
link to this extract


How we spend $3,400,000,000,000 • The Atlantic

T.R. Reid:

»

Last year, America’s total medical costs hit a new record of $3.4 trillion, according to the federal government. That’s about 18% of the country’s total GDP, meaning that one out of every six dollars we spent in 2016 went to health care. The national doctor bill dwarfs anything else we spend money on, including food, clothing, housing, or even our mighty military.

If that $3.4 trillion were spread equally throughout the population, the bill would come to some $10,350 for every man, woman and child in the country. But fortunately –for most of us, anyway—the cost of health care is not equally distributed. Rather, a small number of Americans run up most of the expense. The biggest medical costs are concentrated on a fairly small segment of the population—people with one or more chronic illnesses, plus victims of accidents or violent crime. The cost is so concentrated, in fact, that an estimated 5% of the population accounts for 50% of total medical costs…

…For most people, the vast majority of all the health care they’ll ever get comes near the hour of death. Hundreds of billions of dollars each year are spent treating Americans who are in the last weeks, or days, of life.

«

This is slightly – though only slightly – misrepresented. Lots of costs go on people who die soon after. But what about the people who have lots spent on them and live for many more years?

The article then looks at how the UK does it, through NICE, which recommends whether particular (costed) treatments are worth it. One gets the impression that there’s a certain amount of reflection going on over America’s health care right now.
link to this extract


The size of iPhone’s top apps has increased by 1,000% in four years • Sensor Tower

Randy Nelson:

»

As you can see in the chart below, while none of the top 10 apps—which include Facebook, Uber, Gmail, Snapchat, Spotify, Messenger, Google Maps, YouTube, Instagram, and Netflix—are larger than a few hundred megabytes individually, they all began to increase in size after Apple raised the maximum app size to 4 GB in February 2015.

Before this point, apps were limited to a maximum of 2 GB, with the core executable capped at 100 MB of that (the latter is still the case). Of course, apps can take up additional storage on a user’s device; Apple’s limit applies to what can be initially downloaded from the App Store. For the purposes of our analysis, we only looked at the core app size, not the total storage footprint of an app plus additional content.

Also noticeable above is a further acceleration in app size increase following the September 2016 rollout of iOS 10, but as we’ll get to in the next section, there’s a more specific reason for a lot of this growth among the top 10 apps in particular.

«

Ah, but can you guess which one has increased more than 50 times in size since May 2013? And meanwhile, minimum storage size for the iPhone has only doubled.
link to this extract


Silicon Valley could be next target for Trump-style nationalism • Axios

Mike Allen:

»

The Bannon wing of the White House would like to take on the lords of the Valley now over outsourcing, the concentration of wealth and their control over our data and lives. But this fight is on hold for a later date, officials tell us.

The bigger problem for tech is that many Americans are rethinking their romantic views of the hottest and biggest companies of the new economy. As people look for villains to blame, tech might get its turn:

• Some shine has come off Facebook (though not in user data, Dan Primack points out: People still love the service), as executives fend off grievances about fake news, live violence and the filter bubble.

• Silicon Valley makes itself a juicy target with its male dominance, concentration of wealth (in both people and places), and reliance on foreign workers.

• Robots will soon be eating lots of jobs, with working-class, blue collar workers — an engine of the Trump coalition — at the most immediate risk. Many think this will be the story of the next 10 years.

• Anyone familiar with military intelligence will tell you cyber-risk is much greater than most people realize. Russians used cyber tools to try to throw the 2016 election, and electronic attack is perhaps the greatest US vulnerability to an international power.

«

Quite how the Bannon wing would do anything is an interesting question.
link to this extract


Intel discontinues Joule, Galileo, and Edison product lines • Hackaday

Jenny List:

»

Sometimes the end of a product’s production run is surrounded by publicity, a mix of a party atmosphere celebrating its impact either good or bad, and perhaps a tinge of regret at its passing. Think of the last rear-engined Volkswagens rolling off their South American production lines for an example.

Then again, there are the products that die with a whimper, their passing marked only by a barely visible press release in an obscure corner of the Internet. Such as this week’s discontinuances from Intel, in a series of PDFs lodged on a document management server announcing the end of their Galileo (PDF), Joule (PDF), and Edison (PDF) lines. The documents in turn set out a timetable for each of the boards, for now they are still available but the last will have shipped by the end of 2017.

It’s important to remember that this does not mark the end of the semiconductor giant’s forray into the world of IoT development boards, there is no announcement of the demise of their Curie chip, as found in the Arduino 101. But it does mark an ignominious end to their efforts over the past few years in bringing the full power of their x86 platforms to this particular market, the Curie is an extremely limited device in comparison to those being discontinued.

«

So Intel is retreating from a number of Internet of Things spaces. ARM stuff is likely to dominate. Strange how it turns out that ARM’s RISC (reduced instruction set computing) has won, bit by bit, over Intels’ CISC (complex instruction set). ARM, of course, being a British company before Softbank bought it. Just wanted to mention that.
link to this extract


Artificial intelligence automatically detects atrial fibrillation • Heart Rhythm Society

»

A new study shows that the Apple Watch’s heart rate sensor, when paired with an artificial intelligence-based algorithm, can detect a serious and often symptomless heart arrhythmia, atrial fibrillation (AF). The new research uses a deep neural network based on photoplethysmographic (PPG) sensors commonly found in smart watches. The results of this study were presented today at Heart Rhythm 2017, the Heart Rhythm Society’s 38th Annual Scientific Sessions.

AF, the most common heart arrhythmia, affects more than 2.7 million American adults. While AF may present symptoms such as palpitations and fatigue, it is often asymptomatic, causing no alarm to doctors or patients and making diagnosis difficult. According to a national survey of 1,000 Americans, one in five Americans owns a wearable fitness tracker such as a smart watch or Fitbit1. With the growing number of people using this mobile technology, there is an opportunity to address public health issues such as undiagnosed AF in a way that is convenient for many.

The study enrolled 6,158 users of Cardiogram for Apple Watch into the UCSF Health eHeart Study. Data from those participants—including 139 million heart rate measurements and 6,338 mobile ECGs—was used to train a deep neural network to automatically distinguish atrial fibrillation from normal heart rhythm.

«

Can this algorithm – and others like it – be incorporated into Watch OS 4? Seems like a pretty useful addition.
link to this extract


Uber scandals • Ben Edelman

Professor Ben Edelman:

»

Uber’s rapid rise has brought an even sharper increase in disputed activities — from violating city rules on licensing and safety to invading critics’ privacy to tolerating sexual harassment.  This site indexes and organizes selected examples, providing summaries and citations for each.

«

Edelman has done good, clever work looking at implicit discrimination by AirBnB and others. By my count he has 114 listed here, but some are probably duplicates.

At least, I hope so.
link to this extract


Errata, corrigenda and ai no corrida: none notified

Start Up: where the spammers have gone, awful volume!, 2FA at 50%, fight like a Canadian, and more


Google’s Shopping service (not this one) is in line for a big fine. Photo by g3rswin on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 10 links for you. Use them wisely. I’m @charlesarthur on Twitter. Observations and links welcome.

Google faces big fine in first EU case against search practices • FT

Rochelle Toplensky:

»

Google is braced for a fine of potentially more than €1bn from Brussels for abusing its market dominance in search, a sanction that would have far-reaching implications for how the company operates online.

The EU move, expected in the coming weeks, will accuse the company of using its near-monopoly in online search to unfairly steer customers to its own Google Shopping service.

The bill could top the record abuse penalty of €1bn handed out to chipmaker Intel in 2009, according to two people familiar with the case. The European Commission and Google declined to comment.

The decision in the Google Shopping case would be just the first of three competition claims against the company being investigated by EU authorities.

It would mark the first sanction by a leading competition regulator on the way Google operates.

«

The investigation was announced in November 2010; but the problem had been written about since at least August 2009, as Richard Wray explained:

»

A British husband and wife team have been waging a three-year battle to get their price comparison website recognised by Google in a saga that sheds new light on the power of the world’s largest search engine

Foundem.co.uk directs shoppers to online deals for goods such as TVs or flights, but has struggled since one day it suddenly disappeared from Google search results for these categories.

There is no evidence that Google is in any way being dishonest or unfair in the way that it ranks such websites, but Foundem’s fight to discover what happened has highlighted the ever-growing influence of its mysterious search algorithms.

Many consumers believe Google’s search engine works on a formula that was created by founders Sergey Brin and Larry Page and that was that: they set it running and the rest is history. In fact, as those in the internet industry know, Google carries out regular “tweaks” of its algorithm. About 450 a year in fact. When they are made, the sheer scale of Google – it has an estimated 90% market share in Britain – means these can have huge and often unintended consequences.

«

Despite everything Google will say, it’s not as if the EC has hurried into this. Some of the fine ought to go to Foundem, really; it was the first complainant which triggered the whole investigation.
link to this extract


The Nigerian spammers from the 90s have moved on to keyloggers and RATs • Bleeping Computer

Catalin Cimpanu:

»

According to MalwareHunter, who spoke with Bleeping Computer in a Twitter conversation, most of these attacks are carried out by groups of hackers based in Nigeria. MalwareHunter puts the number at “about 65-70%” of all the campaigns they find.

Those that know how the cyber-security landscape has evolved in recent years will not be surprised. Nigerian cyber-crooks have evolved from the silly email scams they were pulling in the 90s and early 2000s to using more complex tools and tactics.

Nowadays, these groups of Nigerian hackers, called “yahoo boiz,” “waya waya” or “G-work” in their local communities, are using clever spear-phishing emails to trick victims into installing keyloggers and RATs.

This trend of evolution in the Nigerian cybercrime landscape was noticed by the SecureWorks team last August, and detailed in more depth in a report called “Wire Wire: A West African Cyber Threat“.

Similarly, this week, Kaspersky also discovered a group of Nigerian hackers targeting industrial companies from the metallurgy, electric power, construction, engineering and other sectors.

«

link to this extract


Redditors design worst volume sliders possible • Designer News

Lots of wonderful(ly bad) ones, though I think this may be my favourite:


link to this extract


Americans, password management and mobile security • Pew Research Center

This will mostly reinforce what you thought about how people use passwords:

»

There are relatively few demographic differences when it comes to how internet users keep track of their passwords. Within every major demographic group, a majority says that memorization is the password management technique they rely on the most – and the differences that do exist on this subject tend to be relatively modest. For instance, those under the age of 50 are more likely than those ages 50 and older to primarily memorize their online passwords (72% vs. 55%), while older users are more likely to say they primarily write their passwords down on a piece of paper (27% vs. 13%). But otherwise, users of all ages manage their online passwords using largely similar approaches.

Those under the age of 50 are especially likely to indicate that their online passwords are very similar to one another: 45% of internet users ages 18 to 49 say this, compared with 32% of those ages 50 and older. And younger adults are especially likely to share their passwords with others: 56% of 18- to 29-year-old internet users have done so.

«

But then there’s this:

»

Many sites rely on individuals to choose strong passwords as the first line of defense for their online accounts, but there are other technologies that aim to improve – or in some cases replace –the password itself. The first of these techniques is known as “multifactor” or “two-factor” authentication. The “factors” are typically something the user knows (such as a password) plus something the user possesses (like a code sent to their smartphone). Nearly half of internet users (52%) say that they use this type of multifactor authentication on at least one of their online accounts.

«

I’m amazed that half of users use 2FA at all. I’d have thought the figure would be far smaller.
link to this extract


Prices for fake news campaigns revealed • BBC News

»

In its report, Trend Micro looked at Russian, Chinese, Middle Eastern and English language sites offering all kinds of services based around manipulating social media, search engines and news organisations.

The services on offer included:
• Creating celebrities
• Sparking social unrest including demonstrations
• Discrediting journalists
• Putting sustained pressure on elections or political parties

Some of the services profiled gave very detailed breakdowns of what could be done to influence political debate or manipulate the media.

The $50,000 (£39,000) cost of discrediting a journalist involved fake news stories contradicting the target’s articles promoted via paid upvotes, likes, retweets and comments. It also involved tens of thousands of bots swamping a target’s Twitter feed with malicious comments or posting strongly critical comments on stories.

“It’s never been easier to manipulate social media and other online platforms to affect and amplify public opinion,” said Trend Micro spokesman Bharat Mistry.

Key to making the campaigns work, said the report, was creating stories, posts and discussions that “pander to its audience’s ideologies”.

«

Cue jokes about “that much to discredit a journalist? I’ll do it myself” etc.
link to this extract


Advanced CIA firmware has been infecting Wi-Fi routers for years • Ars Technica

Dan Goodin:

»

Home routers from 10 manufacturers, including Linksys, DLink, and Belkin, can be turned into covert listening posts that allow the Central Intelligence Agency to monitor and manipulate incoming and outgoing traffic and infect connected devices. That’s according to secret documents posted Thursday by WikiLeaks.

CherryBlossom, as the implant is code-named, can be especially effective against targets using some D-Link-made DIR-130 and Linksys-manufactured WRT300N models because they can be remotely infected even when they use a strong administrative password. An exploit code-named Tomato can extract their passwords as long as a default feature known as universal plug and play remains on. Routers that are protected by a default or easily-guessed administrative password are, of course, trivial to infect. In all, documents say CherryBlossom runs on 25 router models, although it’s likely modifications would allow the implant to run on at least 100 more.

«

Not surprising in some ways: most routers run a stripped-down version of Linux and don’t get updated (especially against security hacks), so find a vulnerability and you’re pretty much guaranteed it will work for ages.
link to this extract


Apple’s Tim Cook on Donald Trump, the HomePod, and the Legacy of Steve Jobs • Bloomberg

»

Megan Murphy: You’ve talked a lot about augmented reality at the heart of the company’s future. How do you see AR moving forward?

Tim Cook: I think it is profound. I am so excited about it, I just want to yell out and scream. The first step in making it a mainstream kind of experience is to put it in the operating system. We’re building it into iOS 11, opening it to developers—and unleashing the creativity of millions of people. Even we can’t predict what’s going to come out.

There’s some things that you can already get a vision of. We’ve talked to IKEA, and they have 3D images of their furniture line. You’re talking about changing the whole experience of how you shop for, in this case, furniture and other objects that you can place around the home. You can take that idea and begin to think this is something that stretches from enterprise to consumer. There’s not a lot of things that do that.

«

He doesn’t see eye-to-eye – at all – with Trump; clearly he’s just going to work around him.
link to this extract


Global coal production sees biggest decline in history • TreeHugger

Sami Grover:

»

Global coal production fell by 6.2% last year. That’s the largest annual decline on record. Consumption was down, too, for the second year in a row, falling 1.7%.

Those are two big takeaways from this year’s just-released BP Statistical Review of Energy—a report whose launch press release is appropriately titled “Energy markets in transition.”

In many ways, we shouldn’t be surprised. From the UK’s first coal-free day since the Industrial Revolution to India halting coal plant production in the very near future, the bad news has been coming thick and fast for coal over the last few years. Indeed, the report shows that the shift away from coal is as decisive as it is widespread, with the UK consuming 52.5% less in 2016, the US dipping 8.8%, and China’s consumption dropping 1.6%, too.

«

These are big changes, and they’re likely to accelerate. Five years ago, people were expecting a boom in coal use.
link to this extract


Privacy watchdog launches investigation into data use during Brexit campaign • FT

Nicholas Megaw:

»

The UK’s data protection watchdog is launching a formal investigation into the use of personal data for political purposes, amid growing concerns about big data’s impact on recent elections including last year’s Brexit vote.

Elizabeth Denham, the information commissioner, said in a blog post published today that “it is important that there is greater and genuine transparency about the use of such techniques to ensure that people have control over their own data and the law is upheld”.

The Information Commissioner’s Office began “assessing” the risks data analytics pose under data protection laws in March, amid concerns including the reported role played by data analytics company Cambridge Analytica during the Brexit campaign.

The ICO has previously confirmed that it had “concerns” about the company’s reported use of personal data.

Cambridge Analytica, which counts Donald Trump’s chief strategist Steve Bannon as a former boardmember, has denied any wrongdoing. In March it said it is “completely compliant with UK and EU data law”.

«

Be interesting to see how long this takes, and how public its decision is.
link to this extract


The art of Defendo, or how to fight like a Canadian: ‘Destroy them. Don’t feel sorry for them’ • National Post

Joe O’Connor with the story of Bill Underwood, who created two western martial arts: “Combato” and “Defendo”. A story worth your time:

»

John Ferris was 15-years-old, athletic and apprehensive, upon meeting Bill Underwood for the first time, at the old man’s self-defence academy in Toronto’s east end. Underwood was in a white undershirt, dress pants and stocking feet. He wore owlish glasses with black frames and looked like an 84-year-old Grandpa, with a stick-out belly, long arms and a kindly way. When he spoke, his accent betrayed his British roots, while his preference for tea — two bags to a cup — did not hint at any internal menace or capacity to cause grave bodily harm. 

“Bill was a short old man,” Ferris recalls. “The first time I was introduced to him he came right over, and it was as if he wanted me to know that it didn’t matter that I was young — I still didn’t stand a chance against him. And then he put me down, hard and fast, and I remember saying, ‘Bill, that really hurts,” and Bill said to me: “Don’t worry. Nothing is going to break.”” 

So began Ferris’ stint as a human rag doll, with suitably flexible limbs and forgiving bones that an octogenarian, in glasses and an undershirt, would wrench and twist and throw about gymnasiums and church basements, demonstrating his craft.

“Bill was a showman,” Ferris says.

He was that, and more.

«

link to this extract


Errata, corrigenda and ai no corrida: none notified

Start Up: Oxford’s self-driving cars, pause on iOS 11, Pac-Man madness, hacking Georgia’s voters, and more


Bali’s rice terraces are an example of fractal design which generates optimum harvests without central control. Photo by J.E.Skodak on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 11 links for you. It is, after all, Friday. I’m @charlesarthur on Twitter. Observations and links welcome.

A fleet of self-driving cars will test-drive from Oxford to London • Inverse

Mike Brown:

»

The United Kingdom is about to play host to one of the most ambitious autonomous car tests ever. Its goal? To find out what happens when you let a fleet of self-driving cars loose into the real world.

The DRIVEN consortium is a government-funded group of companies involved in several aspects of autonomous car development, starting a 30-month test project that will culminate in six to 12 self-driving cars driving between London and Oxford in the second half of 2019. The project aims to go beyond the question of whether we can make a car drive itself, exploring bigger issues like how a computer can judge risk and what happens when an autonomous car loses cellular service.

The open-road testing will put to use the technology developed by Oxford-based artificial intelligence firm Oxbotica. The cars will operate with SAE Level 4 autonomy.

“This is the first exercise where there’s a connected fleet talking to each other about risk and routes and all those sorts of things,” Dr. Graeme Smith, CEO of Oxbotica, tells Inverse.

“Typically, vehicles today work as single vehicles, so this is the first trial where we’re looking at doing some joined-up thinking between the different vehicles.”

«

link to this extract


Reasons not to install the iOS 11 beta just yet • BirchTree

Matt Birchler:

»

You shouldn’t install the iOS 11 beta for many reasons, most notably the fact that tons of things are just plain broken. Here’s a selection of things that are broken or annoying in the current beta state…

«

All Birchler’s points are fair. I’ve been trying iOS 11 out on an iPad Pro, and it’s good fun – the new Control Center (once you figure out how to get it, and highlight the relevant bits) is great. The new Dock and multitasking UI takes a little getting used to.

One thing I notice? The lock screen is really black. As if it were preparing for OLED blacks.
link to this extract


Sorry to burst your bubble, but Microsoft’s ‘Ms Pac-Man beating AI’ is more Automatic Idiot • The Register

Katyanna Quach and Andrew Silver on something you might have heard of – AI that can beat Pac-Man!

»

So what’s the problem?

It’s all a bit of clever trickery. It’s a bit of a hack. The crucial thing is that the reward weights are hardcoded into the software. Ghosts are set to -1,000. Pills and fruits are set a weight based on their in-game points. This is programmed in by the researchers. It means the AI hasn’t learned very much at all: it hasn’t learned that ghosts are bad and to be avoided because they cause Ms Pac-Man to lose her lives and ultimately the whole game, that pills need to be collected, that fruits are good and not stationary ghosts, and so on.

Other reinforcement learning systems found out through hours of trial and error that, for example in Space Invaders, they could press the fire button and sometimes earn points; that firing away made things disappear, also earning points; that moving and firing made more things disappear, earning more points; that moving to avoid being hit by enemy bullets let the player live longer, thus allowing it to gain more points; and so on. These systems learned from scratch the value of their decisions. Hit the ball, shoot the thing, get a reward, figure it out, get better.

Maluuba’s HRA is, in all honesty, a proof of concept. It didn’t have to learn the hard way. It was born knowing everything it ever needed to know. Until it can learn for itself from scratch, building up intelligence on its own from its environment, it’s a preprogrammed maze-searching algorithm. Romain Laroche, one of the paper’s coauthors, admitted the weights are defined “manually for the moment,” adding they’ll become dynamic at some point, hopefully. The fixed design is documented in the paper.

«

link to this extract


Fractal planting patterns yield optimal harvests, without central control • Phys.org

»

Bali’s famous rice terraces, when seen from above, look like colorful mosaics because some farmers plant synchronously, while others plant at different times. The resulting fractal patterns are rare for man-made systems and lead to optimal harvests without global planning.

To understand how Balinese rice farmers make their decisions for planting, a team of scientists led by Stephen Lansing (Nanyang Technological University) and Stefan Thurner (Medical University of Vienna, Complexity Science Hub Vienna, IIASA, SFI), both external faculty at the Santa Fe Institute, modeled two variables: water availability and pest damage. Farmers that live upstream have the advantage of always having water; while those downstream have to adapt their planning on the schedules of the upstream farmers.

Here, pests enter the scene.

«

yes, really: fractal planting, without central control, produce pretty much optimal outcomes.
link to this extract


It’s no surprise that the Kansas tax cut experiment failed to create jobs • Equitable Growth

Greg Leiserson on Kansas’s decision to revoke a series of tax cuts from 2012 and 2013 amid budget crises and cutbacks:

»

Proponents of the tax cuts argued that they would unleash economic growth and job creation. Yet as numerous subsequent analyses demonstrate, the promised economic growth did not materialize. Tax revenues fell sharply. Job growth and output growth disappointed. Population growth, whether as a cause or consequence of the economic growth, failed to materialize. Finally, last week, state legislators recognized the experiment’s failure and reversed course.

Understanding the reasons that the Kansas tax cut experiment failed to create jobs is particularly important given that the outline for tax reform rolled out by the Trump administration in April shares many features with the Kansas model. U.S. Treasury Secretary Steven Mnuchin says the administration’s plan “is all about jobs, jobs, jobs,” much as Gov. Brownback did in Kansas five years ago. In fact, subsequent reporting suggests that the Trump administration’s tax plan was rolled out in an incomplete state because the president read an op-ed in The New York Times co-authored by some of the same advocates who provided advice to Brownback on his tax plan.

The failure of the Kansas tax cut experiment to create jobs has little to do with Kansas, however, and everything to do with the fact that the underlying economics of tax reform—as envisioned by Gov. Brownback and President Donald Trump—isn’t a good path to jobs. To understand this point, it’s worth considering in turn the two primary types of taxes that were cut under the Kansas plan and in the Trump administration’s outline: taxes on labor income and taxes on business profits.

Claims of supply-side growth from labor income tax cuts rely on the idea that people will be more willing to work when their after-tax wages are higher. This theory posits that labor income tax cuts result in growth because people who could increase their earnings choose not to because tax rates are too high, but it does not take much to see why cutting tax rates for middle- and higher-income families does not create jobs through this mechanism. Middle- and higher-income families already have jobs, even if they are not the jobs they necessarily want.

«

If I’m reading this correctly, it suggests that the Laffer curve is nice in theory, bunk in practice. Otherwise revenues from the tax cuts would have spiked and things would have been great.

Or – alternative hypothesis – the tax ratio was already on the wrong side of the Laffer curve, and cutting just made it worse.
link to this extract


Spotify has guaranteed to pay big music labels billions over the next two years • Recode

Peter Kafka:

»

Spotify’s revenue grew more than 50% to $3.3bn last year. And in order to grow more, the music streaming company will pay music labels billions of dollars over the next two years.

In financial filings released this morning, Spotify says it has agreed to pay more than $2bn in minimum payments to record labels over the next two years.

Spotify doesn’t spell out who that money is going to. But people familiar with the company confirm it is talking about two deals it has recently signed with Universal Music Group, the world’s biggest music label, which has about a third of the market, and Merlin, which represents a large group of independent labels.

That means Spotify will ultimately be on the hook for even more guaranteed payments once it re-signs Sony and Warner Music Group, the two other major music labels.

«

Total users grew to 140m, but no word on how many are paying (the last figure was 50m in March.)
link to this extract


What’s behind the recent media bloodbath? The dominance of Google and Facebook • Poynter

Daniel Funke:

»

Today, a new analysis from the Pivotal Research Group showed that Google and Facebook accounted for approximately 71% of all digital advertising sales in the United States during the first quarter of 2017 and 82% of all growth in digital advertising. That’s a steady year-over-year increase from 2016 and 2015, when the two technology giants had a combined share of 69% and 64% of digital advertising, respectively, according to the analysis.

And as media analyst Ken Doctor notes, that growth isn’t exactly loose change.

“Even a 2% share movement, which may seem like a small number, it’s still a big number,” said Doctor, author of “Newsonomics.”

What’s left for media organizations? Not much, according to Alan Mutter, a newspaper industry analyst and professor at the University of California at Berkeley.

“The vast preponderance of digital advertising dollars go to Google and Facebook, and very little is left over for other people,” Mutter said. “There’s just more content running around in search of advertising than there is advertising dollars that can support that content.”

«

And so hundreds of people go out of work.
link to this extract


The global state of ad blocking – Digiday

Max Willens:

»

• 615 million, or how many devices have ad-blocking software on them, worldwide. That’s up 30% year over year, according to PageFair.

• 90 percent: The overwhelming majority of the mobile devices equipped with an ad blocker – all 380 million of them – are located in Asia, where limited, expensive bandwidth plays just as big a role in the adblocking wars as user experience.

• 1%: For a time, publishers could take solace in the fact that very few any mobile devices in the U.S. had adblocking apps installed, according to eMarketer research. With Safari and Chrome both poised to begin blocking ads on mobile, this number is going to change a lot in the coming year.

• 17%, 22%, 27%: Adblocking might be surging in Asia, but in many advanced digital media markets, it’s either stabilized or declining. These three numbers represent the adblocking rates in Canada, the UK and Germany.

«

With Google Chrome and Apple’s Safari about to add adblocking in the near future, things are hotting up on this front. Adtech companies may only have a limited time to get their act in order.
link to this extract


What would “data literature” look like? • Jeni Tennison

»

Children are already taught Data Language as part of the Maths curriculum. They are taught how to collect data, record it, create basic statistics, make charts and graphs from it, even in primary school. But what about Data Literature?

What if children were taught about Florence Nightingale’s use of data? They could unpick the method of collection, the birth of new forms of visualisation and the use of data for argument and persuasion and change. They could examine the context of Nightingale’s work at the time and the repercussions through to the present day. They could create new works from her data, put together new visualisations and invent modern-day newspaper stories.

They could examine the works of great modern day data visualisers and compare and contrast their works around particular key events, such as the Iraq war or the 2016 presidential election, or on thematic topics such as climate change. They could examine commonalities in form – citation of sources, provision of values – as well as differences in style and expression. They could produce their own visualisations in the style of one of the greats, or simply copy a work to see how it’s done.

They could look at the use of data in reports, from official statistical releases, through academic papers, to sports commentary. They could look at how these have evolved over time, and the varying ways in which numbers and statistics can be used to inform and substantiate a story that is being told. They could look at the choices made about what numbers get quoted in such stories, and have exercises where they select different numbers or use different rhetorical devices (eg “almost 20%” vs “less than 20%”) to reach a different conclusion…

…I am sure there must be people thinking of and doing this already. I know of the Calling Bullshit course, for example. What else is there? Does this idea have legs? How could we advance it? Let me know at jeni@theodi.org.

«

link to this extract


Surface Pro review: Incremental improvement isn’t enough • Ars Technica

Peter Bright is particularly unhappy about the ports:

»

The 2017 Pro retains the same selection of ports as the Pro 4. There’s a full-size USB 3.1 generation 1 (5Gbps) port, a mini DisplayPort, a headset jack, a microSDXC card reader, and Microsoft’s proprietary Surface Connect magnetic port (used for charging and the Surface Dock). That’s it.

The sheer number of ports has always felt a little stingy; the technology being used feels even worse. There’s no 10Gbps USB 3.1 generation 2 port; there’s no Thunderbolt 3; there’s no USB Type-C. The port selection is as backwards-looking as they come.

Microsoft has argued that this is because USB Type-C is in its infancy and remains complicated to deploy, given some marketplace confusion about which ports can be used for what (features such as charging, video output, and Thunderbolt all can use Type-C, but there’s no guarantee that a Type-C port offers any of those capabilities). In addition, many companies produce out-of-spec cables and chargers, adding further complexity. As such, it’s better to stick with what’s safe and well-known.

This is a disappointing attitude. If the goal of the Surface brand is, at least in part, to drive forward PC technology, what better place to do it than with this tricky piece of tech? After all, when the Surface line first came to market, one could easily argue that PC tablets and pen computers were complex, niche products that weren’t a good fit for most users. Microsoft didn’t give up on that idea, however; it refined it and has successfully demonstrated that, when done well, these machines can have wide appeal.

Type-C could surely have presented a similar opportunity to show the industry a best-in-class Type-C implementation. Give the machine, say, four ports and ensure that every port supports charging, supports displays, and supports Thunderbolt 3. Make sure external GPUs work reliably. Ensure that the system firmware is configured correctly to protect against malicious Thunderbolt 3 devices. Make Windows clearer about when an underpowered charger is being used.

«

link to this extract


Researcher finds Georgia voter records exposed on internet • Associated Press

Frank Bajak:

»

The true dimensions of the failure were first reported Wednesday by Politico Magazine. The affected Center for Election Systems referred all questions to its host, Kennesaw State University, which declined comment. In March, the university had mischaracterized the flaw’s discovery as a security breach.

Logan Lamb, a 29-year-old Atlanta-based private security researcher formerly with Oak Ridge National Laboratory, made the discovery last August. He told The Associated Press he decided to go public after the publication last week of a classified National Security Agency report describing a sophisticated scheme, allegedly by Russian military intelligence, to infiltrate local U.S. elections systems using phishing emails.

The NSA report offered the most detailed account yet of an attempt by foreign agents to probe the rickety and poorly funded U.S. elections system. The Department of Homeland Security had previously reported attempts last year to gain unauthorized access to voter registration databases in 20 states — one of which, in Illinois, succeeded, though the state says no harm resulted.

It also emboldened Lamb to come forward with his findings. Lamb discovered the security hole — a misconfigured server — one day as he did a search of the Kennesaw State election-systems website. There, he found a directory open to the internet that contained not just the state voter database, but PDF files with instructions and passwords used by poll workers to sign into a central server used on Election Day, said Lamb.

“It was an open invitation to anybody pretending to even know a little bit about computers to get into the system,” said Marilyn Marks, an election-transparency activist whose Colorado-based foundation participated in a failed lawsuit that sought to bar the use of paperless voting machines in next week’s election.

«

Linked to this rather than Politico because of Lamb’s action: the NSA story that the Intercept ran (leaked, remember, by someone who heard an Intercept podcast wondering about extent of Russian hacking) prompted Lamb to come forward. Dominoes fall.

More to the point, the US’s election system is beginning to look unfit for purpose in the modern world. Sure, I take the point (American readers) that US elections can involve multiple topics on big ballot papers. That doesn’t mean the answer is insecure, unauditable systems for convenience, though.
link to this extract


Errata, corrigenda and ai no corrida: none notified