Start Up: VR company dumps VR, Facebook’s Russian reach, bloating browsers, and more

The first iPhone X review – well, impression – is in. Face front. Photo by MarkGregory007 on Flickr.

A selection of 11 links for you. Question: do colloids collude? I’m @charlesarthur on Twitter. Observations and links welcome.

Apple’s iPhone X: the first field report • WIRED

Steven Levy was one of the first reviewers of the original iPhone, and has been using an iPhone X since last Tuesday:


Does [Face ID] work? Pretty much. It seems reliable at fending off intruders. I have thrust my phone into several people’s faces—though considerably fewer than the million punims that Apple says I’d have to try before a false positive—and it has not fallen for any of them. I even offered up my own head shot to the camera: no go. How it has dealt with my own real-life face is another matter. There have been times when, despite a clear view of my face, the iPhone X has ghosted me. (Apple tells me that perhaps I wasn’t making what the iPhone X considers eye contact. I wouldn’t want it to turn on every time my face was within camera range, would I?)

Eventually I devised a strategy. When waking my iPhone I think of it as De Niro’s mirror in Taxi Driver. You talkin’ to me? Well, I’m the only one here! I then see if the little lock icon on the screen has released its latch. Alternatively, a good way to see when you’ve been recognized is to notice the generic messages on the lock screen saying “you have a notification” from Facebook, Gmail, or wherever. When you and your iPhone X make that turn-on connection, those flesh out with the actual content of the message…

…A decade hence, when it’s time for the iPhone 20 (XX?), we’ll already be on the road to what comes after the smartphone; the X might be a halfway point to that future. And that’s why, despite the fact that the iPhone X at present is no more than a great upgrade to the flagship device of the digital age, I can’t easily dismiss Tim Cook’s effusions that this is more than just another iteration.

It’s no accident that some of the most impressive expressions of the new phone’s technology is in the realm of augmented reality, where the digital world adds layers onto the physical one.


What’s notable is that to demonstrate what’s radical about it, he’d do the animated poo emoji thing. But that’s a real sign of where it’s all heading: superimpose things on reality.
link to this extract

CCP Games ending VR efforts after building its biggest titles • UploadVR

Ian Hamilton:


In what can only be characterized as one of the biggest blows to the budding VR industry, CCP Games is shelving its VR efforts.

The Iceland-based creator of EVE Online is one of VR’s biggest proponents and earliest developers, producing some of the industry’s most prominent titles including Rift-first space battle game EVE: Valkyrie, mobile VR turret shooter Gunjack and PlayStation-first sports game Sparc. The company is closing its Atlanta office and selling its Newcastle office, according to a report by the Iceland Monitor. The decision affects around 100 employees.


Well well. This is dramatic.
link to this extract

Russian content on Facebook may have reached 126 million users — far more than first disclosed, company testimony says • The Washington Post

Craig Timberg and Elizabeth Dwoskin:


Facebook plans to tell lawmakers on Tuesday that 126 million of its users may have seen content produced and circulated by Russian operatives, many times more than what the company previously disclosed about the reach of the disinformation campaign during the 2016 presidential election, according to documents obtained by the Washington Post.

Google on Monday acknowledged for the first time that its platforms were also compromised, revealing that Russian trolls uploaded over a thousand videos to YouTube on 18 different channels.

The disclosures, which are contained in draft testimonies obtained by The Washington Post ahead of three Capitol Hill hearings this week, come as tech giants face mounting pressure to more fully investigate how Russians used their platforms to influence American voters and reveal more of their findings to the public.

Previously, Facebook had focused its disclosures on Russian ads. The company has said that 470 accounts and pages run by a Russian troll farm had purchased roughly 3,000 ads, which the company said reached an estimated 10 million users. But the troll farm, known as the Internet Research Agency, also published free content. Researchers estimated that the spread of free content was far greater than that of ads and that Facebook has been under pressure to share more about those posts.


link to this extract

Facebook’s Mark Zuckerberg makes another appearance in China • WSJ

Alyssa Abkowitz:


Later that evening, Mr. Zuckerberg posted a picture of himself with Tsinghua students – drawing several comments that pointed to the obstacles Facebook must overcome for any return of its social-networking platform to China.

“If you think you can ever convince them about opening up to a free speech platform like Facebook, forget it,” one commenter wrote. “They just had a 19th Congress that reaffirmed their commitment for censorship and weeding out dissent.”

Mr. Zuckerberg has said he considers China crucial to Facebook’s future, and his participation on the Tsinghua board may be a sign that he hasn’t given up on hopes of re-entering the country’s market, said Mark Natkin, managing director at Marbridge Consulting in Beijing.

“I think he’s someone who likes a challenge and who is accustomed to beating the system,” Mr. Natkin said. “The arrangement with Tsinghua is probably one of many ways he has come to believe it may help his company in China.”

Mr. Zuckerberg was appointed to the board in 2014 and attended its annual meeting in 2015.

In addition to Mr. Zuckerberg, Western business leaders present included Apple Inc. Chief Executive Tim Cook, Blackstone Group Chief Executive Stephen A. Schwarzman and former U.S. Treasury Secretary Hank Paulson. During the meeting, Mr. Xi said he was looking forward to U.S. President Donald Trump’s visit to China next month, and said China wanted to deepen its cooperation with the U.S. and resolve their conflicts, according to CCTV’s evening broadcast.


That’s a lot of executives milling around Xi. They don’t seem to be doing the same around Trump. Just an observation.
link to this extract

Thread Reader • TTTThreads


Thread Reader helps you unroll a full Twitter thread on a dedicated beautifully designed page to allow an easy read of the whole story.

Enter any tweet from the thread.


For those who have been struggling with epics such as Seth Abramson’s 130+ tweet threads, this is what you really want. Being able to enter *any* tweet from the thread makes life a lot simpler than trying to find the end of it (which is required for my previous favourite on this, Spooler.)
link to this extract

Gotta have standards? Security boffins not API about bloated browsers • The Register

Richard Chirgwin:


The W3C introduces API standards that end up mostly unused, doing nothing more than loading up the code base with vulnerabilities.

That’s the conclusion of a paper by University of Illinois, Chicago researchers to be presented next week at the ACM’s Conference on Computer and Communications Security in Dallas.

While the research – “Most Websites Don’t Need to Vibrate: A Cost-Benefit Approach to Improving Browser Security” – which you can find here at arXiv, focuses on Firefox, its findings are relevant across the board.

Graduate computer science student Peter Snyder and colleagues Cynthia Taylor and Chris Kanich structure the paper as a cost-benefit analysis of having 74 APIs with which browser authors need contend. On the benefit side, they measured the proportion of websites that use a feature (thereby making browser support important); on the cost side, they tried to measure the security exposure a feature created.

The “cost” side takes a couple of characteristics into account, including the number of historical CVEs associated with a feature (since that hints that it’s hard to code to the API securely); and the number of API entry points and lines of code that are associated with a feature, since that indicates more complex code.

Their headline finding should chill browser authors: “Blocking 15 of the 74 standards avoids 52.0% of code paths related to previous CVEs, and 50.0% of implementation code identified by our metric, without affecting the functionality of 94.7% of measured websites.”


So: browsers are getting unnecessarily complicated, and that’s making them vulnerable to exploits. But because some sites want toys, they’re pushing for it.
link to this extract

Data Viz Project • datavizproject


A ollection of data visualizations to get inspired and find the right type.


They’re fascinating, and man are they plentiful. Also, each one has examples of how you’d use them. There are dozens. (One for you, Sophie.)
link to this extract

Chasm of comprehension • Remains of the Day

Eugene Wei:


 In the future, diagnosing why Autopilot or other self-driving algorithms made certain choices will likely only become more and more challenging as the algorithms rise in complexity.

At times, when I have my Tesla in Autopilot mode, the car will do something bizarre and I’ll take over. For example, if I drive to work out of San Francisco, I have to exit left and merge onto the 101 using a ramp that arcs to the left almost 90 degrees. There are two lanes on that ramp, but even if I start in the far left lane and am following a car in front of me my car always seems to try to slide over to the right lane.

Why does it do that? My only mental model is the one I know, which is my own method for driving. I look at the road, look for lane markings and other cars, and turn a steering wheel to stay in a safe zone in my lane. But thinking that my car drives using that exact process says more about my limited imagination than anything else because Autopilot doesn’t drive the way humans do. This becomes evident when you look at videos showing how a self-driving car “sees” the road.

When I worked at Flipboard, we moved to a home feed that tried to select articles for users based on machine learning. That algorithm continued to be to tweaked and evolved over time, trying to optimize for engagement. Some of that tweaking was done by humans, but a lot of it was done by ML.

At times, people would ask why a certain article had been selected for them? Was it because they had once read a piece on astronomy? Dwelled for a few seconds on a headline about NASA? By that point, the algorithm was so complex it was impossible to really offer an explanation that made intuitive sense to a human, there were so many features and interactions in play.

As more of the world comes to rely on artificial intelligence, and as AI makes great advances, we will walk to the edge of a chasm of comprehension.


link to this extract

Bug in Google’s bug tracker lets researcher access list of company’s vulnerabilities • Motherboard

Lorenzo Franceschi-Bicchierai:


Alex Birsan, a security researcher, found three vulnerabilities inside the Google Issue Tracker, the company’s internal platform where employees keep track of requested features or unpatched bugs in Google’s products. The largest one of these was one that allowed him to access the internal platform at all. The company has quickly patched the bugs found by Birsan, and there’s no evidence anyone else found the bugs and exploited them.

Still, these were bad bugs, especially the one that gave him access to the bug-tracking platform, which could have provided hackers with a list of vulnerable targets at Google.

“Exploiting this bug gives you access to every vulnerability report anyone sends to Google until they catch on to the fact that you’re spying on them,” Birsan told Motherboard in an online chat. “Turning those vulnerability reports into working attacks also takes some time/skill. But the bigger the impact, the quicker it gets fixed by Google. So even if you get lucky and catch a good one as soon as it’s reported, you still have to have a plan for what you do with it.”


Reminiscent of Microsoft being hacked so that its bug list could be seen. This is obviously the two-step way to finding big weaknesses.
link to this extract

This doctor diagnosed his own cancer with an iPhone ultrasound • MIT Technology Review

Antonio Regalado:


Earlier this year, vascular surgeon John Martin was testing a pocket-sized ultrasound device developed by Butterfly Network, a startup based in Guilford, Connecticut, that he’d just joined as chief medical officer.

He’d been having an uncomfortable feeling of thickness on his throat. So he oozed out some gel and ran the probe, which is the size and shape of an electric razor, along his neck.

On his smartphone, to which the device is connected, black-and gray images quickly appeared. Martin is not a cancer specialist. But he knew that the dark, three-centimeter mass he saw did not belong there. “I was enough of a doctor to know I was in trouble,” he says. It was squamous-cell cancer.

The device he used, called the Butterfly IQ, is the first solid-state ultrasound machine to reach the market in the U.S. Ultrasound works by shooting sound into the body and capturing the echoes. Usually, the sound waves are generated by a vibrating crystal. But Butterfly’s machine instead uses 9,000 tiny drums etched onto a semiconductor chip.


Medicine is changing. The IQ cost about $2,000. The nearest comparison is a Philips portable which costs $6,000. And of course they’re looking to add AI to make it even more usable. (Though I hope they don’t rely on headphone jacks.)
link to this extract

Robert Mueller’s show of strength: a quick and dirty analysis • Lawfare

Susan Hennessey and Benjamin Wittes:


Before we dive any deeper into the Manafort-Gates indictment—charges to which both pled not guilty to today—or the Papadopoulos plea and stipulation, let’s pause a moment over these two remarkable claims, one of which we must still consider as allegation and the other of which we can now consider as admitted fact. President Trump, in short, had on his campaign at least one person, and allegedly two people, who actively worked with adversarial foreign governments in a fashion they sought to criminally conceal from investigators. One of them ran the campaign. The other, meanwhile, was interfacing with people he “understood to have substantial connections to Russian government officials” and with a person introduced to him as “a relative of Russian President Vladimir Putin with connections to senior Russian government officials.” All of this while President Trump was assuring the American people that he and his campaign had “nothing to do with Russia.”

The release of these documents should, though it probably won’t, put to rest the suggestion that there are no serious questions of collusion between the Trump campaign and the Russian government in the latter’s interference on the former’s behalf during the 2016 election. It also raises a profound set of questions of its own about the truthfulness of a larger set of representations Trump campaign officials and operatives have made both in public, and presumably, under oath and to investigators.


Lawfare is a very thorough, quite wonk-ish US legal site. Hennessey and Wittes are reasonably neutral voices in this maelstrom. So this is probably the one to read.
link to this extract

Errata, corrigenda and ai no corrida: apparently half of you reading the email do open it. Well done! For those of you who don’t.. hmm, this is a puzzler.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.