A flaw in Chrome could let it record you without you knowing. Photo by MShades on Flickr.
You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.
A selection of 11 links for you. Use them wisely. I’m @charlesarthur on Twitter. Observations and links welcome.
Uber’s Michael is said to blame board, not behavior, for ouster • Bloomberg
»
Uber Technologies Inc.’s newly ousted senior vice president for business, Emil Michael, has been dogged by public scandals, ever since his off-the-cuff remarks at a dinner party in 2014 about investigating a critical journalist. He was at the center of two more controversies made public this year that were included in an investigation into Uber’s culture. The former girlfriend of his boss, Chief Executive Officer Travis Kalanick, alleged that he tried to prevent her from speaking out about a work trip to a Korean escort-karaoke bar. He was also one of the executives recently alleged to hold conspiracy theories that the rape of an Uber passenger in India was linked to a local competitor.
At the same time, Michael, an Egyptian immigrant, helped Uber raise more than $10 billion, negotiate a truce with Uber’s Chinese rival and strike deals with top automakers like Daimler AG.
Michael believes that a weak board of directors, a lax internal legal team, coupled with his tight friendship with co-founder Kalanick, ultimately led to his downfall—not the scandals, two people close to Michael said.
«
Remember the Doobie Brothers song “What a Fool Believes”?
link to this extract
10.5-Inch iPad Pro review: a better window into the world of apps • Fast Company
»
What I’m trying to say is that the advent of the new iPad Pros isn’t like the introduction of the “new iPad” back in 2012, when the tablet gained a retina-resolution screen for the first time and the previous year’s iPad 2 suddenly looked like a jaggy antique. Instead, a device with a spectacular display has been supplanted by one that looks slightly more spectacular. (The contrast between the new iPad Pro and the original 12.9-inch model from 2015 is more significant than with the 9.7-incher.) Some of the things that are new about the new iPad Pro display will pay off once app makers have caught up: Its ability to display HDR video, for instance, will be a boon once companies such as Netflix and Amazon begin streaming HDR movies to iPads.
Already, among the beneficiaries of ProMotion’s 120Hz refresh rate is Apple’s Pencil stylus–which, it turns out, was being held back by previous iPad Pros. When I squiggled virtual ink onto the page in the Procreate app as fast as I could, the 10.5-inch iPad Pro kept up noticeably better than last year’s 9.7-inch model, creating a drawing experience that felt a little less digital and a little more real.
Like I said, Apple is obsessive about this stuff.
As for the new A10X processor–which Apple says is up to 30% faster and up to 40% faster for graphics–its promise is mostly about letting developers ratchet up the ambition of their creations.
«
The Book of Jeremy Corbyn • The New Yorker
Anthony Lane explains the general election for those who don’t live in the UK. And for those who do, actually:
»
And it came to pass, in the land of Britain, that the High Priestess went unto the people and said, Behold, I bring ye tidings of great joy. For on the eighth day of the sixth month there shall be a general election.
And the people said, Not another one.
And they waxed wroth against the High Priestess and said, Didst thou not sware, even unto seven times, that thou wouldst not call a snap election?
And the High Priestess said, I know, I know. But Brexit is come upon us, and I must go into battle against the tribes of France, Germany, and sundry other holiday destinations. And I must put on the armor of a strong majority in the people’s house. Therefore go ye out and vote.
«
Usually I find these cod-Biblical pieces excruciating, but Lane is a cut far above the fray. Enjoy particularly the bits about the 1970s and the IRA.
link to this extract
Techdirt’s Mike Masnick says lawsuit has already had a chilling effect on his site • TechCrunch
»
This suit is focused on Techdirt articles about Ayyadurai’s controversial claim that he invented email. As Masnick put it, “I gave my opinion, backed up with lots of evidence, that this guy did not invent email, even if he owns the website inventorofemail.com.”
And leaving aside the invention question, Masnick said, “We believe everything we wrote, that I wrote in particular, was protected speech under the First Amendment, especially when talking about a public figure.” (Ayyadurai is running against Elizabeth Warren for one of Massachusetts’ seats in the U.S. Senate.)
Masnick argued that the real aim of the suit is to shut Techdirt down — that this is, in other words, a SLAPP intended to silence someone’s free speech. After all, Ayyadurai has tweeted that “#FakeNewsMedia like TechShit need to be shutdown for their FAKE NEWS.”
And since the suit was filed in January, Masnick said there have been “very real chilling effects” on his business. He estimated that the site has been publishing one-third fewer stories than it was before, and he said its Copia think tank has had to delay events and papers.
“Every time I publish a story, I have to think, ‘Will I get sued over this?’ ” Masnick said. In fact, he claimed that since Techdirt was sued by Ayyadurai, it has received three other lawsuit threats.
At the same time, Masnick said, “As we wait for this process to play out — hopefully soon, we will see — we’re trying as hard as possible to be inspired by being in a bad situation.”
«
Though there doesn’t seem to be anywhere you can donate directly, Techdirt does have a shop (for American readers) if you’d like to support them.
link to this extract
The AI doctor orders more tests • Bloomberg
»
Amazon Web Services, the dominant cloud provider, is processing and storing genomics data for biotech companies and clinical labs. No. 2 Microsoft’s cloud unit plans to store DNA records, and its Healthcare Next system provides automated data entry and certain cancer treatment recommendations to doctors based on visible symptoms. Google seems to be betting most heavily on health-care analysis as a way to differentiate its third-place cloud offerings. Gregory Moore, vice president for health care, says he’s readying Google Cloud for a world of “diagnostics as a service.” In this world, AI could always be on hand to give doctors better information—or replace them altogether.
The cloud division is refining its genomics data analysis and working to make Google Glass, the augmented-reality headgear that consumers didn’t want, a product more useful to doctors. German cancer specialist Alacris Theranostics GmbH leans on Google infrastructure to pair patients with drug therapies, something Google hopes more companies will do. “Health-care systems are ready,” says Moore, an engineer and former radiologist. “People are seeing the potential of being able to manage data at scale.”
In November, Google researchers showed off an AI system that scanned images of eyes to spot signs of diabetic retinopathy, which causes vision loss among people with high sugar levels. Another group of the company’s researchers in March said they had used similar software to scan lymph nodes. They said they’d identified breast cancer from a set of 400 images with 89 percent accuracy, a better record than most pathologists. Last year the University of Colorado at Denver moved its health research lab’s data to Google’s cloud to support studies on genetics, maternal health, and the effect of legalized marijuana on the number and severity of injuries to young men. Michael Ames, the university’s project director, says he expects eventually to halve the cost of processing some 6 million patient records.
But however impressive Google’s AI analysis gets, the health-care industry isn’t exactly a gaggle of early adopters, says James Wang, an analyst at ARK Investment Management LLC.
«
Car thieves everywhere rejoice as unsecured database exposes 10 million car VINs
»
For 137 days now, a yet to be identified company has left a database containing over 10 million Vehicle Identification Numbers (VINs) exposed online with no authentication.
This means that anyone who knows what to look for can mass-scan the Internet and download loads of sensitive information without any restriction.
Discovered by researchers from the Kromtech Security Research Center, the company’s experts believe the database was compiled for marketing purposes.
Based on the data contained within the exposed database, researchers believe the DB belongs to one or more US-based dealerships.
The database’s content is organized into three main sections, each holding information on customers, cars, and sales details.
For example, the database tables pertaining to customer info holds details such as full name, address, mobile/home/work phones, email, date of birth, gender, and the number of children over 12 years old.
«
🙄 Just assume any organisation to which you provide data which isn’t one of the biggest tech companies is going to get hacked at some point. Plan how much detail you provide on that basis.
link to this extract
Apple’s kangaroo cookie robot • ZGP
»
If you missed the email spam debate, don’t worry. [Spam king Sanford] Wallace’s talking points about spam filters [being bad] constantly get recycled by surveillance marketers talking about tracking protection. But now it’s not email spam that users supposedly crave. Today, the Interactive Advertising Bureau tells us that users want ads that “follow them around” from site to site…
…If you need [to know what Apple’s introducing in Safari in iOS 11 to prevent tracking] in bullet points, here it is.
• Nifty machine learning technology is coming in on the user’s side.
• “Legitimate” uses [of cookies and Javascript] do not include cross-site tracking.
• Safari’s protection is automatic and client-side, so no blocklist politics.
Surveillance marketers come up with all kinds of hypothetical reasons why users might prefer targeted ads. But in the real world, Apple invests time and effort to understand user experience. When Apple communicates about a feature, it’s because that feature is likely to keep a user satisfied enough to buy more Apple devices. We can’t read their confidential user research, but we can see what the company learned from it based on how they communicate about products.
(Imagine for a minute that Apple’s user research had found that real live users are more like the Interactive Advertising Bureau’s idea of a user. We might see announcements more like “Safari automatically shares your health and financial information with brands you love!” Anybody got one of those to share?)
«
Might have to wait a while for those. Has anyone ever said “please let more ads follow me around”? The links above are all worth following too. This is a big shift.
link to this extract
Apple’s multi-billion dollar ‘flops’ • Irish Independent
Adrian Weckler points out that the Watch and iPad are bigger respectively than Twitter and half of Facebook, and pretty surely profitable, and yet people discount them because they aren’t the iPhone:
»
it’s not really a surprise that we’re seeing tinges of Apple ennui creep into coverage of its newly-announced HomePod speaker.
In case you missed it last week, Apple unveiled a ‘smart’ music speaker that can be used to control lighting systems, security alarms and home appliances.
It can also be used to get information from the web using Apple’s Siri voice-control system – and it’s a decent speaker that can compete with Sonos and other established hi-fi units.
But already, people are grumbling about Apple being “too late” to the smart speaker market, or that Siri isn’t quite as good as the voice-recognition technology developed by Amazon (Alexa) or Google.In other words, they’re saying that the HomePod may be a nice side business for Apple, but it won’t dominate its segment in the same way the iPhone dominates the phone business.
The reality is that 24 months from now, it’s a solid bet that the HomePod will race into being a €1bn business in its own right.
If nothing else, Apple has shown that it has a greater propensity to hit than to miss, even if it’s ‘merely’ a €1bn business instead of a €50bn one.
One last point: as Apple rolls out these products and services, other companies feel the pressure.
For instance, Apple’s new HomePod speaker outguns the Amazon Echo or the Google Home speakers in music quality, but also beats Sonos for smart, voice-controlled functionality. Because it’s designed to work with the phone or tablet system that almost one billion people already have, it’s a major threat to all of those companies’ established markets.
«
Chrome flaw allows sites to secretly record audio/video without indication • The Hacker News
»
What if your laptop is listening to everything that is being said during your phone calls or other people near your laptop and even recording video of your surrounding without your knowledge?
Sounds really scary! Isn’t it? But this scenario is not only possible but is hell easy to accomplish.
A UX design flaw in the Google’s Chrome browser could allow malicious websites to record audio or video without alerting the user or giving any visual indication that the user is being spied on.AOL developer Ran Bar-Zik reported the vulnerability to Google on April 10, 2017, but the tech giant declined to consider this vulnerability a valid security issue, which means that there is no official patch on the way…
…The researcher discovered that if any authorised website pop-ups a headless window using a JavaScript code, it can start recording audio and video secretly, without the red dot icon, giving no indications in the browser that the streaming is happening.
“Open a headless window and activate the MediaRecorder from that window. In Chrome there will be no visual record indication,” Bar-Zik said.
This happens because Chrome has not been designed to display a red-dot indication on headless windows, allowing site developers to “exploit small UX manipulation to activate the MediaRecorder API without alerting the users.”
«
In its response (on the Chromium list) a Google staffer says “this isn’t really a security vulnerability” – though other Google staffers then disagree.
link to this extract
iMac Pro cost blows away similar Lenovo workstation, DIY builders struggle to meet price with fewer features • Apple Insider
»
Little is still known about the “entry-level” iMac Pro, regarding technical specifications. For $4999, users get an undeclared 8-core Xeon processor, four Thunderbolt 3 ports, four USB 3 ports, a single 10-Gig Ethernet port, 1TB of SSD storage, 32GB of 2666 MHz ECC RAM, and as-yet unreleased Vega graphics.
Imgur member “Squaruss” posted a comparison to a Lenovo workstation. The build included an 8-core E5-2620 v4 processor, a P910 motherboard with two Thunderbolt 3 ports, 32GB of 2400MHz ECC RAM, a Nvidia Quadro M5000 GPU, two 512GB M.2 PCI-E SSD in RAID configuration, a SD card reader, 802.11ac wi-fi, and a 1300W power supply listed as 92% efficient. No 10Gbps Ethernet option was available for the workstation, but the build includes a pair of Gigabit Ethernet ports.
The build price by the Imgur member was confirmed by AppleInsider and totaled $5394, after a $599 “instant savings” discount which appears to be a limited time promotion. Notably, a monitor was absent from the build.
A second “DIY” build was posted by PC Gamer. In the second build, the publication implements the same processor as in the Lenovo build, downgrades storage speed to a single 1TB 960 Samsung EVO SSD, cuts back the Thunderbolt 3 ports to one with a PCI-E card, uses the integrated Gigabit Ethernet board on the motherboard, downgrades the power supply to 1000W which might be too low for reliability, and downgrades the video to the GeForce GTX 1080 Ti.
AppleInsider confirmed the $4687 bill of materials on the PC Gamer build. However, it includes about $100 in rebates which are accounted for in the price, and also incorporates the LG Ultrafine 5K display for some reason. Given that it would not be accelerated by the GTX 1080 Ti and would only be in 4K resolution on Windows, its inclusion isn’t clear.
«
These sort of comparative builds used to be all the rage, especially after Apple moved to Intel chips. The only thing about the iMac Pro is that it’s not due for release until December, which leaves time for all sorts of things to happen.
link to this extract
A pro-Trump conspiracy theorist, a false tweet and a runaway story • The New York Times
»
The architects of the effort to discredit Mr. Comey seem to be working from a playbook straight from a political campaign, said Angelo Carusone, the president of Media Matters, a liberal group that is tracking Comey threads in the conservative media.
“This is why they are being effective,” he said. “They are really engaging in a pure persuasion effort. They are not playing by any established rules. And they are cashing in on the mistrust and uncertainty people feel about traditional news media.”
They are also taking advantage of the proliferation and polarization of avenues to spread their message.
“The ability to mitigate such disinformation campaigns was far easier in the 1990s,” said Chris Lehane, who worked as an aide in the Clinton White House. Back then, he added, “for the most part the existing distribution channels were not as segmented across ideological lines that, in effect, create parallel realities that run along ideological grounds.”
Mr. Posobiec, a 33-year-old Navy veteran, was until recently the bureau chief for a right-wing website based in Canada called The Rebel. Its founder, Ezra Levant, said Mr. Posobiec was no longer employed there.
“We wish him well,” Mr. Levant said, offering only that Mr. Posobiec’s promulgation of the Rich conspiracy had nothing to do with his departure.
«
Just a little more data on how polarised the US is becoming – at least, for those who want to be polarised. To evolve Upton Sinclair’s quote, it is difficult to get someone to understand something when their social media profile depends on their not understanding it.
link to this extract
Errata, corrigenda and ai no corrida: none notified
The Overspill: when there's more that I want to say 