Start Up: fixing Facebook’s ad machine, the gender idiots, Apple Watch v Fitbit Ionic, and more

Is Amazon really helping people build bombs – or something less dangerous? Photo by ollyj on Flickr

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 13 links for you. Don’t say I didn’t warn you. I’m @charlesarthur on Twitter. Observations and links welcome.

Anatomy of a moral panic • Idle Words

Maciej Cieglowski on the “Amazon helps you build bombs story”:


just how many people does Channel 4 imagine are buying bombs online? For a recommendations algorithm to be suggesting shrapnel to sulfur shoppers implies that thousands or tens of thousands of people are putting these items together in their shopping cart. So where are all these black powder bombers? And why on earth would an aspiring bomber use an online shopping cart tied to their real identity?

A more responsible report would have clarified that black powder, a low-velocity explosive, is not a favored material for bomb making. Other combinations are just as easy to make, and pack a bigger punch.

The bomb that blew up the Federal building in Oklahoma City, for example, was a mixture of agricultural fertilizer and racing fuel. Terrorists behind the recent London bombings have favored a homemade explosive called TATP that can be easily synthesized from acetone, a ubiquitous industrial solvent.

Those bombers who do use black powder find it easier to just scrape it out of commercially available fireworks, which is how the Boston Marathon bomber obtained the explosives for his device. The only people carefully milling the stuff from scratch, after buying it online in an easily traceable way, are harmless musket owners and rocket nerds who will now face an additional level of hassle.

The shoddiness of this story has not prevented it from spreading like a weed to other media outlets, accumulating errors as it goes.

The New York Times omits the bogus shrapnel claim, but falsely describes thermite as “two powders that explode when mixed together in the right proportions and then ignited.” (Thermite does not detonate.)


And more where those came from. I have one issue: he thinks bad reporting comes from the desire to get clicks. It’s been around a lot, lot longer than the internet. But like all of his articles, this one has killer blows. (Thanks John Naughton for the link.)
link to this extract

Diversification (aka how to survive a crash) • AVC

Fred Wilson is pretty sure a crash in cryptocoin is inevitable:


I have advocated many times on this blog that people should have some percentage of their net worth in crypto. I have suggested as much as 10% or even 20% for people who are young or who are true believers. I continue to believe that and advocate for that.

But we don’t have that much of our net worth in crypto. We probably have around 5% between direct holdings and indirect holdings through USV and other crypto funds. I think that’s a prudent number for a portfolio like ours.

I know a lot of people who are true believers in crypto and have made fortunes in it. They are “all in” on crypto and have much of their net worth (all in some cases) invested in this sector. I worry about them and this post is aimed at them and others like them. It is fine to be a true believer and being all in on crypto has made them a lot of money. But preservation of capital is about diversification and I think and hope that they will take some money off the table, pay the taxes, and invest it elsewhere.


Bet you didn’t know how little of his holdings are in cryptocoin.
link to this extract

CCleaner malware outbreak is much worse than it first appeared • Ars Technica

Dan Goodin:


Because the CCleaner backdoor was active for 31 days, the total number of infected computers is “likely at least in the order of hundreds,” researchers from Avast, the antivirus company that acquired CCleaner in July, said in their own analysis published Thursday.

From September 12 to September 16, the highly advanced second stage was reserved for computers inside 20 companies or Web properties, including Cisco, Microsoft, Gmail, VMware, Akamai, Sony, and Samsung. The 20 computers that installed the payload were from eight of those targeted organizations, Avast said, without identifying which ones. Again, because the data covers only a small fraction of the time the backdoor was active, both Avast and Talos believe the true number of targets and victims was much bigger.

The second stage appears to use a completely different control network. The complex code is heavily obfuscated and uses anti-debugging and anti-emulation tricks to conceal its inner workings. Craig Williams, a senior technology leader and global outreach manager at Talos, said the code contains a “fileless” third stage that’s injected into computer memory without ever being written to disk, a feature that further makes analysis difficult. Researchers are in the process of reverse engineering the payload to understand precisely what it does on infected networks…

…The group behind the attack remains unknown. Talos was able to confirm an observation, first made by AV provider Kaspersky Lab, that some of the code in the CCleaner backdoor overlaps with a backdoor used by a hacking group known both as APT 17 and Group 72. Researchers have tied this group to people in China.


This is a hell of a thing.
link to this extract

EU buried its own $400,000 study showing unauthorized downloads have almost no effect on sales • Techdirt

Glyn Moody:


The 304-page document (pdf), made available on the site, contains all the details of the questions that were put to a total of 30,000 people from Germany, France, Poland, Spain, Sweden, and the UK, their answers, and exhaustive analysis. The summary reveals the key results:


In 2014, on average 51% of the adults and 72% of the minors in the EU have illegally downloaded or streamed any form of creative content, with higher piracy rates in Poland and Spain than in the other four countries of this study. In general, the results do not show robust statistical evidence of displacement of sales by online copyright infringements. That does not necessarily mean that piracy has no effect but only that the statistical analysis does not prove with sufficient reliability that there is an effect. An exception is the displacement of recent top films. The results show a displacement rate of 40% which means that for every ten recent top films watched illegally, four fewer films are consumed legally.


That is, there is zero evidence that unauthorized downloads harmed sales of music, books and games. Indeed, for games, there was evidence that such downloads boosted sales…


So it clearly shows that there is an effect on films, and there might be one for all the others (though not games). High prices were essentially to blame: where prices aren’t high, piracy recedes.
link to this extract

App that paid users to exercise owes nearly $1m for not paying users to exercise • Gizmodo

Rhett Jones:


In the capitalistic nightmare we live in, everything has to be a transaction. So, when Pact launched its fitness app that let you make money for working out—or else pay a fee for failing to do so—it seemed to be the perfect motivational tool. There was just one problem: The company apparently wasn’t that great at paying up, and was it too good at collecting fees.

On Thursday, the FTC announced that it has settled its complaint against the makers of Pact for failing to live up to their agreement with users. A $1.5m judgment will be partially suspended based on Pact’s apparent lack of funds, the FTC writes, but Pact will be required to pay out $948,788 to customers who were wronged by the company.


link to this extract

Google experiment tests top 5 browsers, finds Safari riddled with security bugs • BleepingComputer

Catalin Cimpanu:


The Project Zero team at Google has created a new tool for testing browser DOM engines and has unleashed it on today’s top five browsers, finding most bugs in Apple’s Safari.

The tool — named Domato — is a fuzzer, a security testing toolkit that feeds a software application with random data and analyzes the output for abnormalities.

Google engineer Ivan Fratric created Domato with the goal of fuzzing DOM engines, the browser components that read HTML code and organize it into the DOM (Document Object Model), which is then “painted” and displayed inside the browser window that human users view on their screens.

Google: DOM engine bugs should be a priority
Fratric says he focused on DOM engines because it’s “a rare case that a vendor will publish a security update that doesn’t contain fixes for at least several DOM engine bugs,” showing how prevalent they are today.

He also argues that while Flash bugs provide a cross-browser attack surface, once Flash reaches end-of-life (in 2020), attackers will focus their efforts on DOM engines, the browser’s biggest attack surface.

With Domato he wants to help browser vendors test and patch as many security bugs in their respective DOM engines before it is too late.


After 100m tests: 17 bugs in Safari. Edge found 6, IE and Firefox 4, Chrome has 2. “Riddled” might be overstating it. Google has given a copy of Domato to all the browser makers.

Ah, but has also open-sourced Domato. So every hacker can have a go and find the bugs. In the matter of security, Project Zero gives and it takes away.
link to this extract

Fitbit Ionic review: A great fitness tracker, a mediocre smartwatch • Macworld

Michael Simon:


Fitbit has leveraged its Pebble acquisition to create a brand new foundation for apps, and you’ll get a handful of them at launch: Weather from AccuWeather, Pandora, Starbucks, and Strava, along with a few stock Fitbit apps, including Exercise, Coach, Wallet, Timers, Alarms, Relax, Settings, and Today.

That’s a pretty weak selection to start with, but it might be easier to overlook if any of the non-fitness-related apps did something useful. Aside from Timers and Alarms, which do what you’d expect, Ionic’s apps are frustratingly limited, with most offering single-page and in some cases, single-use functionality. For example, the Starbucks app is nothing more than a place to store your card. And the Wallet app (the logical place for your Starbucks card) merely offers instructions for how to make payments (by holding the left button).

That’s right, Ionic includes an NFC chip for on-the-go payments. The means yet another payment service (Fitbit Pay, natch), and it works like any other: pull up a card and hold the screen up to a checkout reader. But you can’t add cards without the phone app and Ionic only stores one at a time. It’s clearly designed for athletes who want to leave their wallet behind when on a run rather than someone who wants to abandon cash and credit cards.

You might have noticed a few key smartwatch apps that are missing from Ionic: messages, phone, mail, and maps. As it stands, you can’t do any of those things on the watch. Notifications will alert you to incoming messages and calls, but you’ll need your phone handy if you want to interact with them. It’s a very hands-off affair that might have been novel with the first Pebble way back when, but today’s smartwatches are much more than mere conduits for our phones.


The Ionic seems to have lots to recommend it on the fitness front, and the music storage and NFC elements. It’s the compatibility with smartphones which creates the problem for Fitbit. That, and Apple selling products with better “smartwatch” functionality above and below its $300 price.
link to this extract

2017 US music sales are up 17%; streaming is up 48% • Recode

Peter Kafka:


More than 30 million people are now paying for a subscription streaming service in the U.S., which pushed streaming revenue up 48%, to $2.5 billion, in the first half of the year. Streaming now accounts for 62% of the U.S. music business.

And that’s pushing the overall music business back up again, after a fall that started in 1999, with the ascent of Napster, and didn’t stop until a couple years ago. Retail sales were up 17%, to $4bn, and wholesale shipments were up 14.6%, to $2.7bn.

Meanwhile, iTunes-style digital download sales continue to fall. They’re down 24 percent. Because why buy songs for a dollar when you can legally stream (almost) anything you want for a price that ranges between zero and $10 a month?

One surprise: Physical sales — things you buy that you can hold in your hand, like in the olden days — are nearly flat, down just 1%. That’s partly because of you hipsters and your facial hair, who pushed vinyl sales up 3%. But it’s also because some of you still like CDs, and maybe you’re always going to like CDs. Those sales were only down 3%.


What I find puzzling is that anyone is paying for downloads, given that Spotify has a free tier. Except, I guess, the instances where albums are only released for download. But that can’t be a substantial number.
link to this extract

The LTE Apple Watch is a glimpse into the not-so-distant future • BirchTree

Matt Birchler got an Apple Watch Series 3, and has a mobile connection set up, and he’s really happy with making calls and sending messages while not having to carry a phone on his run:


AirPods also behaved swimmingly on this workout. I’d never paired them to this Apple Watch before, but since they’re both linked to my iCloud account, the watch was able to see the AirPods and connect to them without a fuss. Interacting with AirPods is nice and easy too. I have mine set up where tapping the left will play/pause and tapping the right will skip to the next track. watchOS 4 helpfully displays your media controls on screen and in the Workout app, but being able to just tap my ear to move onto the next song is a little easier to do mid-run.

And like I said, because my Apple Watch has an LTE connection, I was also able to place and receive messages during this workout, I could check when the Packers were playing the next day, and even place a call (just to see if I could). The only smartphone thing I really missed was the camera. It was a night run, so I would not have taken any pictures anyway, but I do sometimes shoot quick photos while out in the world on a workout, and I would hate too miss a cool moment because =I simply didn’t have a camera with me. God help me, I think I want a camera on the next Apple Watch!

As any Android fan will tell you, Apple is not the first to this game. There have been LTE Android Wear watches for a couple years now, so I’m just an Apple fanboy who has never left the Apple bubble and thinks Apple does everything first even though they’re years behind. So left me make it clear, I have a drawer full of Android phones that I use regularly, and I have had the uh, pleasure of using an LTE-equipped Android Wear watch and I can tell you without a shadow of a doubt the experience was far more clunky and less enjoyable than my experience last night. My short time doing similar things with all Android devices made me think “maybe we will always need smartphones for everything, because this sucks” while the watchOS experience left me literally giddy with excitement for the future.


(That point about being able to specify what taps on each AirPod will do might have passed you by, but it’s new in iOS 11.)

The integration of the Watch and AirPods is remarkable, and this is definitely what Apple sees as a tempting possibility – but is it limited only to those who want to exercise?
link to this extract

It’s official – B&N has thrown in the towel on the Nook • The Digital Reader

Nate Hoffelder:


People want to shop online, and they want to buy ebooks, and for a brief while it looked like B&N could give customers what they want. But that illusion was slowly stripped away as Nook entered its death spiral following the 2012 holiday season.

Nook revenues have since declined to the point that Kindle Unlimited is far larger (and the new version of B&N’s website is so painful to use that online sales are also declining). While one estimate said  Nook ebooks sales exceeded Kobo ebook sales in 2016, you shouldn’t bet money on things staying that way.

Instead, the more likely scenario is that B&N is going to strike a deal with Kobo to let the latter either run Nook or simply take over Nook customer accounts. In either case, B&N will got from being a potential player to being little more than one of Kobo’s retail partners – think Indigo, only in the US.

B&N probably winces every time they are compared to Indigo, but that Canadian bookseller is the perfect example of what Barnes & Noble could have done.


Yes, like you I thought “Nook is still going in any shape or form?”
link to this extract

Push for gender equality in tech? Some men say it’s gone too far •

Nellie Bowles:


as the nation’s technology capital — long identified as one of the more hostile work environments for women — reels from a series of high-profile sexual harassment and discrimination scandals, these conversations are gaining broader traction.

One of those who said there had been a change is James Altizer, an engineer at the chip maker Nvidia. Mr. Altizer, 52, said he had realized a few years ago that feminists in Silicon Valley had formed a cabal whose goal was to subjugate men. At the time, he said, he was one of the few with that view.

Now Mr. Altizer said he was less alone. “There’s quite a few people going through that in Silicon Valley right now,” he said. “It’s exploding. It’s mostly young men, younger than me.”

Mr. Altizer said that a gathering he hosts in person and online to discuss men’s issues had grown by a few dozen members this year to more than 200, that the private Facebook pages he frequents on men’s rights were gaining new members and that a radical subculture calling for total male separatism was emerging.

“It’s a witch hunt,” he said in a phone interview, contending men are being fired by “dangerous” human resources departments. “I’m sitting in a soundproof booth right now because I’m afraid someone will hear me. When you’re discussing gender issues, it’s almost religious, the response. It’s almost zealotry.”


I for one totally support their right to colonise the moon or Mars. In future years, they’ll make a great case study in how cults emerge.
link to this extract

Zuckerberg nixes new Facebook share class after shareholder lawsuit

Tom Hals:


Facebook chairman Mark Zuckerberg abandoned plans on Friday to create a new class of company stock with no voting power, which was meant to be a way for Zuckerberg to retain control over the company he founded while fulfilling a pledge to give away his wealth.

Zuckerberg on Friday said that he could meet the charity pledge and maintain voting control of Facebook without the change. His decision followed a shareholder lawsuit opposed to the creation of a new class of stock.

Zuckerberg said in a post on Facebook that the company’s stock had performed well enough that he could fund his philanthropy by selling stock for at least 20 years and still retain voting control of the company. In December 2015 Zuckerberg and his wife, Priscilla Chan, a pediatrician, pledged to give away 99% of their Facebook shares to charity.


Odd how it took him until the lawsuit to figure out that 20 years thing.
link to this extract

I helped create Facebook’s ad machine. Here’s how I’d fix it • WIRED

Antonio García Martínez:


modern digital advertisers constantly tweak and experiment with ads. When big brands requested the ability to post lots of different creative, it posed a real problem. Brands wanted to show a dozen different ad variations every day, but they didn’t want to pollute their page (where all posts necessarily appear). ‘Dark posts’ were a way to shoehorn that advertiser requirement into the Pages system, allowing brands to create as many special, unseen posts as they’d like, which would only be seen by targeted audiences in their Feeds, and not to random passers-by on their page. The unfortunate term ‘dark post’ assumed a sinister air this past election, as it was assumed that these shady foreign elements, or just certain presidential candidates, were showing very different messages to different people, engaging in a cynical and hypocritical politicking.

Zuckerberg’s proposes, shockingly, a solution that involves total transparency…

As big a step as the transparency feature sounds, I don’t see how Facebook can launch it until these Pages product concerns are worked out. The Facebook Pages team product managers must be sitting right now in a conference room frantically scrawling new design ideas on a whiteboard. I’d bet anything that the Ads Quality and Pages teams are prioritizing that as you read this. This is one scandal Facebook isn’t going to weasel its way out of with generic appeals to “openness” and “community”…

…If democracy is to survive Facebook, that company must realize the outsized role it now plays as both the public forum where our strident democratic drama unfolds, and as the vehicle for those who aspire to control that drama’s course. Facebook, welcome to the big leagues.


link to this extract

Errata, corrigenda and ai no corrida: none notified

2 thoughts on “Start Up: fixing Facebook’s ad machine, the gender idiots, Apple Watch v Fitbit Ionic, and more

  1. I didn’t get the idea that “he thinks bad reporting comes from the desire to get clicks”, as in never seen before, from his article. Rather, it was more along the lines that The Algorithm Peril Which Threatens To Destroy Democracy is not some Skynet or omigod-terrorists-bombs scary threat. Instead, it’s the *intensification* of market pressure for bad reporting over good reporting. This isn’t a great analogy, but it’s something like this:

  2. “So it clearly shows that there is an effect on films, and there might be one for all the others (though not games). High prices were essentially to blame: where prices aren’t high, piracy recedes.”

    No, it clearly shows there is an effect on blockbuster films. Not on all films.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.