Start Up: Facebook v the fakes, bitcoin hits the bumpers (and bounces), UWP’s enterprise problem, and more


Will Apple’s next iPhone X get smaller, or packed with more stuff? Photo by William Hook on Flickr

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 11 links for you. That’s 30/30, never to be repeated. I’m @charlesarthur on Twitter. Observations and links welcome.

It’s the (democracy-poisoning) golden age of free speech • WIRED

The always-readable Zeynep Tufekci:

»

The most effective forms of censorship today involve meddling with trust and attention, not muzzling speech itself. As a result, they don’t look much like the old forms of censorship at all. They look like viral or coordinated harassment campaigns, which harness the dynamics of viral outrage to impose an unbearable and disproportionate cost on the act of speaking out. They look like epidemics of disinformation, meant to undercut the credibility of valid information sources. They look like bot-fueled campaigns of trolling and distraction, or piecemeal leaks of hacked materials, meant to swamp the attention of traditional media.

These tactics usually don’t break any laws or set off any First Amendment alarm bells. But they all serve the same purpose that the old forms of censorship did: They are the best available tools to stop ideas from spreading and gaining purchase. They can also make the big platforms a terrible place to interact with other people.

Even when the big platforms themselves suspend or boot someone off their networks for violating “community standards”—an act that does look to many people like old-fashioned censorship—it’s not technically an infringement on free speech, even if it is a display of immense platform power. Anyone in the world can still read what the far-right troll Tim “Baked Alaska” Gionet has to say on the internet. What Twitter has denied him, by kicking him off, is attention.

Many more of the most noble old ideas about free speech simply don’t compute in the age of social media. John Stuart Mill’s notion that a “marketplace of ideas” will elevate the truth is flatly belied by the virality of fake news.

«

link to this extract


In some countries, Facebook’s fiddling has magnified fake news • The New York Times

Sheera Frenkel, Nicholas Casey and Paul Mozur:

»

“People usually don’t share boring news with boring facts,” said Filip Struharik, the social media editor of Denník N, a Slovakian subscription news site that saw a 30% drop in Facebook engagement after the changes. Mr. Struharik, who has been cataloging the effects of Facebook Explore through a monthly tally, has noted a steady rise in engagement on sites that publish fake or sensationalist news.

A bogus news story that spread in December illustrates the problem, Mr. Struharik said. The story claimed that a Muslim man had thanked a good Samaritan for returning his lost wallet, and had warned the Samaritan of a terrorist attack that was planned at a Christmas market.

The fabricated story circulated so widely that the local police issued a statement saying it wasn’t true. But when the police went to issue the warning on Facebook, they found that the message — unlike the fake news story they meant to combat — could no longer appear on News Feed because it came from an official account.

Facebook explained its goals for the Explore program in Slovakia, Sri Lanka, Cambodia, Bolivia, Guatemala and Serbia in a blog post in October. “The goal of this test is to understand if people prefer to have separate places for personal and public content,” wrote Adam Mosseri, head of Facebook’s News Feed. “There is no current plan to roll this out beyond these test countries.”

The company did not respond to a list of questions about the Explore program, but Mr. Mosseri said in a statement on Friday that the company took its role as a “global platform for information” seriously.

“We have a responsibility to the people who read, watch and share news on Facebook, and every test is done with that responsibility in mind,” he said.

«

Every time Facebook thinks it has it, it slips away.
link to this extract


Bitcoin plunges—now down 42% from December peak • Ars Technica

Timothy Lee:

»

Bitcoin’s value plunged on Tuesday, falling to $11,300—the lowest value the virtual currency has seen in 2018. Bitcoin’s value is down more than 20% over the last 24 hours, and down 42% from December’s all-time high of around $19,500.

Bitcoin’s fall was part of a broader crypto-currency selloff. Every major cryptocurrency has suffered double-digit losses over the last 24 hours, according to CoinMarketCap. Ethereum is down 21%. Bitcoin Cash is down 25%. Litecoin is down 20%, while Dash is down 21%, and Monero is down 25%.

It’s hard to say what causes cryptocurrencies to go up or down on any given day. In recent months, Bitcoin and other cryptocurrencies have exhibited classic signs of a speculative bubble, with millions of ordinary investors flooding into the market in hopes of making an easy buck. That helped to push Bitcoin to new heights, but it also heightened the cryptocurrency’s already significant volatility.

«

It briefly dipped below $10,000, but made its way up again. Maybe stop calling it crypto-currency? Cryptocommodity? (Though how disheartening, and exhausting, to be the journalist with the task of writing “today’s fall in crypto prices.” There’s a job for AI.)
link to this extract


Omni raises funding from Ripple execs and Highland Capital • WSJ

Cat Zakrzewski:

»

The startup Omni has taken an unconventional approach to storage. Rather than holding clients’ camping gear or old strollers in traditional storage units, the company also gives customers the option to rent out their gear to other peers through the platform.

In keeping with its nontraditional business strategy, Omni raised $25m in new funding with a twist. The funding includes a Series B round of venture financing from Highland Capital Partners as well as a partnership and strategic investment made by blockchain financial startup Ripple Inc.’s executives.

Ripple said executives Chris Larsen and Stefan Thomas personally invested in Omni an undisclosed sum using the startup’s cryptocurrency XRP, and Highland Capital Partners invested in traditional dollars.

At the time of the round’s close in December, the round’s value was equivalent to more than $25m. Ripple sees the deal as a strategic investment and did not take equity in the company.

«

So basically Larsen and Thomas invested some stuff whose value is yo-yoing by huge amounts. Odd thing for Omni to agree to.
link to this extract


New cyberattack on cryptocurrency investors came from North Korea, report says • WSJ

Jonathan Cheng:

»

A new hacking offensive against cryptocurrency investors uses malware similar to that deployed in North Korea’s attack on Sony Pictures Entertainment and its WannaCry ransomware assault, cybersecurity researchers said, providing further evidence of Pyongyang’s involvement in crypto heists.

U.S. cybersecurity firm Recorded Future in a report on Tuesday identified the Lazarus group—a hacking operation with links to the North Korean regime—as behind the malware campaign, which began targeting users of a South Korean exchange in the late fall and may still be active. It isn’t known how successful the hackers were, or how much was stolen.

«

No surprise. The only people in the world who really, really want to cash out of cryptocurrency and ignore the price or “to the moon!” nonsense are the North Koreans who have mined or hacked it, because they’re so constrained for other ways to get foreign currency.
link to this extract


Microsoft and the UWP For Enterprise delusion • Dean Chalk

»

So, its 2018 and WPF/WinForms is now a legacy platform.

I don’t remember the WPF technology stack getting any significant updates over the last 12 years, so it dies pretty much how it started. Its apparent replacement is the so-called ‘Universal Windows Platform’ or UWP (previously it was ‘WinRT’ — no ‘Store’ — no ‘Metro’ no……??), however there is one huge and massive issue with UWP on the desktop, and that is it isn’t designed for the desktop.
Nonsense!, you might say — but Its true. UWP will never been an enterprise desktop software development technology stack, and I will tell you exactly why in the next paragraphs.

The ‘Mobile First’ fallacy: the enterprise doesn’t care about mobile — it really doesn’t. Sure there are a small number of enterprises that need delivery guys with handheld devices , and those devices need to have mobile software written for them, but they are in a tiny minority.

The few mobile enterprise apps currently out there are more about productivity triage — a quick glance while your getting a latte — nothing more.

Your email app on your iPhone isn’t designed for you to use 8 hours straight at your desk. The spreadsheet app on your iPad is pretty useless for a whole days work. You NEED a big screen with mouse and keyboard to do an 8 hour shift on the company’s CMS system, and no mobile-first setup is going to be even remotely productive for 99% of enterprise employees.

However, UWP is a mobile-first platform. It’s designed for small devices that are being used by people touching a screen with sausage-shaped fingers. Yes you can have the app adapt to different screen sizes but its still the same issue — powerless and simplified, with low levels of information density — if that’s all you needed, then you’re going to build a web app instead anyway.

«

link to this extract


Harvard study shows why Big Telecom is terrified of community-run broadband • Motherboard

Karl Bode:

»

A new study out of Harvard once again makes it clear why incumbent ISPs like Comcast, Verizon and AT&T are so terrified by the idea of communities building their own broadband networks.

According to the new study by the Berkman Klein Center for Internet and Society at Harvard University, community-owned broadband networks provide consumers with significantly lower rates than their private-sector counterparts.

The study examined data collected from 40 municipal broadband providers and private throughout 2015 and 2016. Pricing data was collected predominately by visiting carrier websites, where pricing is (quite intentionally) often hidden behind prequalification walls, since pricing varies dramatically based on regional competition.

In many markets, analysts couldn’t make direct comparisons with a private ISP, either because the ISP failed to meet the FCC’s 25 Mbps down, 3 Mbps up standard definition of broadband (a problem for countless telcos who refuse to upgrade aging DSL lines), or because the ISP prequalification website terms of service “deterred or prohibited” data collection.

But out of the 27 markets where they could make direct comparisons, researchers found that in 23 cases, the community-owned ISPs’ pricing was lower when the service costs and fees were averaged over four years.

«

link to this extract


Apple might have found a way to make the notch smaller on next year’s iPhones • BGR

Zach Epstein:

»

The TrueDepth Camera is what enables Face ID, an advanced facial recognition system that is far more secure than similar biometric authentication systems on rival phones. It works by using an infrared dot projector to beam 30,000 invisible dots onto the user’s face, and then a special camera reads the dots and matches the resulting data to the phone’s saved face profile.

Apple is expected to unveil three new iPhone models this September, and all three of them will reportedly feature the iPhone X’s “all-screen” design, complete with the infamous notch. According to a new report from ETNews, however, next year’s new iPhones might not be quite as notchy.

“According to industries, it is heard that Apple is planning to strengthen face sensing function starting from 2019 models,” the report reads. “That is why it is planning to increase number of parts that will be used for iPhones and is looking into combination of a face recognition module with a camera module.” It should be noted that this is a translation of a Chinese-language report.

It’s possible that Apple’s upcoming new iPhones will combine elements of the TrueDepth camera with the standard front-facing camera. Apart from allowing Apple to squeeze a more complex solution into the phone, this might also allow the company to reduce the footprint of the sensor array. In other words, next year’s new iPhones might have a smaller notch.

«

I would expect the notch to stay the same size – devs have built for it already – and Apple to squeeze more dots into its projector thing, which will take up the same space.

More interesting question: will it be the iPhone XI?
link to this extract


Google memory loss • ongoing

Tim Bray:

»

I think Google has stopped in dex ing the old er parts of the We b. I think I can prove it. Google’s com pe ti tion is do ing bet ter.

Ev i dence · This isn’t just a proof, it’s a rock-n-roll proof. Back in 2006, I pub lished a re view of Lou Reed’s Rock n Roll An i mal al bum. Back in 2008, Brent Sim mons pub lished That New Sound, about The Clash’s Lon don Calling. Here’s a chal lenge: Can you find ei ther of these with Google? Even if you read them first and can care ful ly con jure up exact-match strings, and then use the “site:” pre fix? I can’t. ¶

[Up date: Now you can, be cause this piece went a lit tle vi ral. But you sure couldn’t ear li er in the day.]

Why? · Ob vi ous ly, in dex ing the whole Web is crush ing ly ex pen sive, and get ting more so ev ery day. Things like 10+-year-old mu sic re views that are nev er up dat ed, no longer ac cept com ments, are light ly if at all linked-to out side their own site, and rarely if ev er visited… well, let’s face it, Google’s not go ing to be sell ing many ads next to search re sults that turn them up. So from a busi ness point of view, it’s hard to make a case for Google in dex ing ev ery thing, no mat ter how old and how ob scure. ¶

My pain here is pure ly per son al; I freely con fess that I’d been us ing Google’s glob al in fras truc ture as my own per son al search in dex for my own per son al pub li ca tion s. But the pain is re al; I fre quent ly mine my own his to ry to re-use, for ex am ple in con struct ing the cur rent #SongOfTheDay se ries.

«

Bing and DuckDuckGo can find it, he points out. So?

»

When I have a ques tion I want an swered, I’ll prob a bly still go to Google. When I want to find a spe cif ic Web page and I think I know some of the words it con tain s, I won’t any more, I’ll pick Bing or Duck Duck Go.

«

Bray used to work at Google.
link to this extract


CES 2018: real advances, real progress, real questions • Learning by Shipping

Steve Sinofsky (you know, the skateboarding on a Surface guy) went to Vegas:

»

I’m confident that a core problem with voice right now are expectations. There’s all sorts of real world problems from home guests to people standing outside a window yelling into your house to deal with, but one does quickly get used to walking into a room and saying “Alexa please turn the lights on” and of course if you can also get questions about the weather and so on answered along with music, this is a net add.

Where voice really disappoints is the same way that almost every new product disappoints—it doesn’t do as much as you’d like or can imagine. Tech enthusiasts have been trying to do home automation scenarios for years—the idea of “programming” your home to lock the doors, arm perimeter security, turn off inside lights (except the bedroom), turn off the TV, turn on the baby monitor and so on all to the command “bedtime”. That’s not going to happen and anyone with that design point will fail. This will fail just like that microwave button “reheat” doesn’t work or voice response systems asking you “state your problem” always take you “please hold while I connect you to an operator”.

I’m optimistic about voice for basic command and control. Beyond that we are at the very early stages with a good deal of frustration ahead…

…[re TV sets]All the major players were showing large (up to 85″) OLED screens all ultra-thin. Here’s a CES thing to notice. The fancy “not yet shipping” OLED TVs all have integrated bases upon which the 5mm screens rest. These bases are speaker bars and use some of the depth gained to enable a rear-firing subwoofer on the back of the panel. Since everyone is showing these it is likely where things are heading after 15 years of over the fireplace wall mounts and 4″ recessed wall nooks that are never the right size for the next display.

Also there were basically no curved TVs and certainly zero 3D. I was trying to think of something that came and went as fast as 3D and all I could come up with might be VR headsets.

«

Tons more great insight in his post. Set aside some time to read it.
link to this extract


Holy ****, the iPad Pro • BirchTree

Matt Birchler got a 10.5in iPad Pro:

»

There is nothing I can throw at this thing that it does not do basically instantly. I was a little apprehensive about getting an iPad with an A10X processor when my iPhone has a newer A11, but those fears are (at least for now) unfounded. The A10X is blazingly fast, and all the apps I throw at it run perfectly. Whether it’s editing a podcast in Ferite, editing RAW image files in Lightroom, or multitasking with up to 3 apps on screen at a time, the iPad Pro keeps up. As many have mentioned before, the bottleneck on the iPad Pro is software right now, not hardware.

Another part of the iPad Pro I love is the Pro Motion display. For many years, we described 60fps animations as the buttery dream all software should strive for. Now with the 2017 iPad Pros, 120fps now feels like the benchmark, and my god is it nice. I mentioned above that the iPad Pro has a one generation older system on a chip than the iPhone 8/X, but the iPad Pro often feels even faster than the iPhone because of the fluidity of the animations. Seriously, it is an absolute joy to use a computer with everything moving with this level of fluidity.

Finally, despite all it’s flaws, iOS 11 is a game changer for the iPad. The dock is a great addition, and the multitasking view is miles better than what we had last year. The split screen options are better than ever, not only because the zippy iPad Pro loads multiple apps with ease, but because you can now more easily manage your multiple apps, and you can even have a third app on screen at a time with a swipe in from the right gesture. I use this all the time and it makes me treat the iPad more like a computer built for getting things done than ever before. I’d love to see Apple continue to move the needle this year with iOS 12, but the advance we got last year is fantastic, and Apple should be credited with making the iPad leaps and bounds better than any other tablet computer.

«

He also has a post about which apps he retains a Mac for; basically, Final Cut Pro X. For me, it’s just my incompetence at rewriting Applescript in Python (using Pythonista), and/or the lack of an equivalent for the now-discontinued Viewfinder for searching Flickr.
link to this extract


Errata, corrigenda and ai no corrida: a couple of things about yesterday’s OnePlus link. First, I’m reliably informed that its revenue was “more than $1.4bn” (ie more than £1bn), not $1bn. Second, OnePlus’s ASP was somewhere between $400 and $500, according to users and analysts.

So that means it sold between 2.8m and 3.5m phones over the whole year – somewhat smaller than my 4m to 8m estimate.

Start Up: boosting bitcoin, Nintendo shuffles off VR, LG delays G7?, how to stop US gun violence, and more


One Plus says 2017 revenue passed a billion dollars. How many phones is that? Photo by Dennis Sylvester Hurd on Flickr.

A selection of 11 links for you. Not for sale in Nebraska. I’m @charlesarthur on Twitter. Observations and links welcome.

Inside Telegram’s ambitious $1.2B ICO to create the next Ethereum • TechCrunch

Jon Russell:

»

We have even more information about messaging app Telegram’s plans for cashing in on its popularity within the crypto community with the massive ICO for its proposed Telegram Open Network (TON) project (that we first reported), after obtaining the whitepaper and investor prospectuses in full.

From the documents, it is clear that Telegram isn’t content with sitting on a platform like Ethereum for its token sale and services, as most ICOs are. Instead, it wants to create a platform of its own to rival Ethereum for hosting a new wave of decentralized services and internet experiences tipped to emerge thanks to the blockchain.

Telegram’s ICO will be a record if all goes according to plan, but that’s only the start.

The company plans to raise a staggering $1.2 billion in total, starting with a $600 million pre-sale that’s strictly for traditional venture capital backers and those inside its executive’s close circles.

«

Gather round, children, and let me tell you of a man called Ponzi.
link to this extract


Researchers find that one person likely drove Bitcoin from $150 to $1,000 • TechCrunch

John Biggs:

»

Researchers Neil Gandal, JT Hamrick, Tyler Moore, and Tali Oberman have written a fascinating paper on Bitcoin price manipulation. Entitled “Price Manipulation in the Bitcoin Ecosystem” and appearing in the recent issue of the Journal of Monetary Economics the paper describes to what degree the Bitcoin ecosystem is controlled by bad actors.

To many it’s been obvious that the Bitcoin markets are, at the very least, being manipulated by one or two big players. “This paper identifies and analyzes the impact of suspicious trading activity on the Mt. Gox Bitcoin currency exchange, in which approximately 600,000 bitcoins (BTC) valued at $188 million were fraudulently acquired,” the researchers wrote. “During both periods, the USD-BTC exchange rate rose by an average of four% on days when suspicious trades took place, compared to a slight decline on days without suspicious activity. Based on rigorous analysis with extensive robustness checks, the paper demonstrates that the suspicious trading activity likely caused the unprecedented spike in the USD-BTC exchange rate in late 2013, when the rate jumped from around $150 to more than $1,000 in two months.”

The team found that many instances of price manipulation happened simply because the market was very thin for various cryptocurrencies including early Bitcoin. “Despite the huge increase in market capitalization, similar to the bitcoin market in 2013 (the period examined), markets for these other cryptocurrencies are very thin. The number of cryptocurrencies has increased from approximately 80 during the period examined to 843 today! Many of these markets are thin and subject to price manipulation.”

«

Speaking of which…
link to this extract


The anatomy of a pump and dump group • Bitfalls

“Bruno”:

»

Pump and dump (P&D) schemes are a common occurrence in the cryptocurrency world.

They most often happen in Telegram or Discord (chat programs) groups in which several thousand people buy a specific shitcoin (a crypto token without a value or future) at the same time in an attempt to artificially inflate its value. This value increase is called the pump while the selling of this now expensive token to naïve bystanders is the dump phase.

In this article, we’ll take a look at the anatomy of one such smaller P&D group…

…When the organizers buy a coin before telling everyone, that’s what’s called a pre-pump. For example, in the group we were watching for this post, the OAX coin was announced with a pump start due at 23:00. But if we look at its graph, the pre-pump is obvious:

The graph clearly shows the organizers having loaded up on the coin 20 minutes earlier. This allowed them to start dumping on their group’s members immediately on start time at 23:00. The reason they were able to move the market by themselves was because this coin had a total trading volume of 2 Eth on HitBTC, which meant even half an ether could move the needle.

«

Anyhow, to the moon, etc.
link to this extract


This AR app teaches you how to play the piano • VRScout

Steve Ip and Sydney Wuu:

»

App users slip on their AR headsets and follow the instructions displayed directly on their instrument to learn how to play the piano. A virtual band accompanies the user to teach them how to improvise within a group setting. The software also includes interactive theory lessons, live practice sessions, and animated demonstrations that allow you to explore blues, rock, jazz, and classical styles.

Music Everywhere currently operates on a bidirectional MIDI-over-Bluetooth connection utilizing a Microsoft HoloLens AR device or Windows Mixed Reality immersive headset.

It has been hinted that Music Everywhere may be headed to Mira as well, a lightweight AR headset that is powered by an iPhone. Mira retails as an iPhone accessory below $200, compared to a HoloLens that can cost upwards of $3000.

«

From the description, you think: great! But the video is so woeful. This doesn’t teach you piano; you have to be good at playing the piano already. It’s like Wii Music, which seemed like it would be great and turned out to be appalling.

And it’s barely better than perching a tablet on the music stand. AR needs more imagination.
link to this extract


Want to fix gun violence in America? Go local • The Guardian

Aliza Aufrichtig, Lois Beckett, Jan Diehm and Jamiles Lartey:

»

Half of America’s gun homicides in 2015 were clustered in just 127 cities and towns, according to a new geographic analysis by the Guardian, even though they contain less than a quarter of the nation’s population.

Even within those cities, violence is further concentrated in the tiny neighborhood areas that saw two or more gun homicide incidents in a single year.

Four and a half million Americans live in areas of these cities with the highest numbers of gun homicide, which are marked by intense poverty, low levels of education, and racial segregation. Geographically, these neighborhood areas are small: a total of about 1,200 neighborhood census tracts, which, laid side by side, would fit into an area just 42 miles wide by 42 miles long.

The problem they face is devastating. Though these neighborhood areas contain just 1.5% of the country’s population, they saw 26% of America’s total gun homicides.

Gun control advocates say it is unacceptable that Americans overall are “25 times more likely to be murdered with a gun than people in other developed countries”. People who live in these neighborhood areas face an average gun homicide rate about 400 times higher than the rate across those high-income countries.

«

Amazing piece of data journalism, digging down to the neighbourhood level: gun murder is a more common act where poverty, lack of education and racial segregation are high.
link to this extract


Suspect in deadly Kansas “swatting” hoax charged with manslaughter • Ars Technica

Timothy Lee:

»

A Los Angeles man accused of making a hoax phone call that led to the death of an innocent man in Wichita, Kansas, has been charged with involuntary manslaughter. 25-year-old Tyler Barriss was arrested in Los Angeles late last month, and authorities there extradited him to Kansas. He made his first appearance in a Kansas courtroom on Friday, court records show.

Authorities believe that Barriss made a hoax phone call that sent police to the home of an innocent man, Andrew Finch, on December 28. Finch opened the door with his hands up. But when he briefly lowered his hands toward his waistband, a police officer shot him, believing that Finch could be reaching for a gun.

The incident appears to have originated with an online feud over a $1.50 Call of Duty bet. One of the parties to that dispute reportedly approached online user SWAuTistic, who had a reputation for initiating “swatting” pranks against online gamers. SWAuTistic called the Wichita police, pretending to be a deranged man who had already shot his father and threatened to shoot other members of his family.

«

Such a waste of two lives, and enabled by a militarised police force which shoots to kill.
link to this extract


Nintendo doesn’t seem to be “looking into” VR very much anymore • Ars Technica

Kyle Orland:

»

Readers with decent memories may remember early 2016, when Nintendo President Tatsumi Kimishima said the company was looking into the virtual reality space at an investor’s briefing. Coming months before we had concrete details on the company’s upcoming Switch, the statement set off industry alarm bells about Nintendo’s potential future plans. A vague Nintendo patent for a head-mounted tablet holster that surfaced in late 2016 got the chatter going even further.

Fast forward to today, and it’s increasingly clear that Nintendo has finished “looking” and has decided VR shouldn’t be part of its plans for the time being. The latest evidence comes from a recent interview with Nintendo France General Manager Philippe Lavoué in French publication Les Numeriques. “If you look at VR headsets, I doubt they can appeal to the mainstream,” Lavoué said in a translation of that interview. “Consumers are not patient with entertainment if you’re not able to deliver an all-inclusive package.”

«

Remember when VR was the future? What a week that was.
link to this extract


LG Electronics chief orders revision of ‘G7’ smartphone from scratch: source • Korea Herald

Song Su-hyun:

»

Jo Seong-jin, vice chairman and CEO of LG Electronics, has ordered a revision of the company’s upcoming premium phone, temporarily called the “G7,” further delaying its launch to April.

According to a company official who asked for anonymity, the G7 smartphone team of the company’s mobile communications business was told to halt recent work related to development of the newest phone, and to review the new product from scratch.

“Right after the vice chairman made the announcement at the Consumer Electronics Show last week, a direct order was sent down to the working-level officials to start over,” the official told The Korea Herald.

“A new decision on a possible launch date will be released around the Lunar New Year holiday next month,” he said. The smartphone was initially expected to be unveiled at the end of February and launched in March.

«

This could actually work in its favour (though the “from scratch” line means nothing; you don’t start phones from scratch). LG loses money every time it launches a top-end phone because it pours money into marketing, which isn’t recouped through sales. Delaying the G7 by a month or a quarter could work wonders.
link to this extract


Ho, ho, ho, Xiaomi • Bloomberg Gadfly

Tim Culpan:

»

Xiaomi Corp. is set to pull in revenue of $17bn to $18bn this year, ahead of its own target, Reuters reported Friday, citing the company’s comments to bankers.That’s impressive, but believable. Xiaomi has had a great year.

Stretching the credibility scale, though, are estimates that net income could hit $1bn. They’re banker projections, Reuters notes, not necessarily Xiaomi’s. The company later confirmed to Bloomberg News that revenue topped $15bn within the first 10 months of 2017, without commenting on earnings.If those profit numbers are true, it would mean the smartphone and device maker will deliver a net income margin of as much as 5.9%. That’s astounding. An operating margin of 5.9% would be pretty incredible, but a net margin that high would have Xiaomi well ahead of almost everyone in the market – up with Samsung Electronics Co. and Huawei Technologies Co.

Suffice to say, Xiaomi is no Samsung. But bankers desperately want in on Xiaomi’s expected IPO, and talking up the company is a good way to endear themselves. Remember when that real estate agent told you your rundown two bedder was a treasure and guaranteed to fetch a good price? Yeah, it’s like that.

Reuters reports that bankers see Xiaomi’s earnings doubling to $2bn next year. To get there, Xiaomi would need to dramatically boost revenue and widen margins. That’s hard to do simultaneously, especially in a weakening devices market. But such lofty estimates are helping these bankers talk up a $100bn share sale, when just two weeks ago the chatter was around a $50bn listing.

«

Buying Xiaomi shares would be a sucker move. You can’t honestly believe that it’s going to make $100bn in its lifetime.
link to this extract


Chinese smartphone maker OnePlus breaks billion-dollar sales barrier • The Telegraph

James Titcomb:

»

Oneplus, the cult Chinese smartphone maker, has broken the billion-dollar sales barrier for the first time and made a profit, a rare feat in the ultra-competitive mobile market.

The company’s chief executive Pete Lau told The Telegraph that its revenues last year had doubled to more than $1.4bn (£1bn) and that this had come with “healthy profits”. It comes as OnePlus plans to challenge bigger players by tying up with mobile networks in the US and Europe.

The smartphone market has been flooded by competition from Chinese upstarts in recent years, making profits rare and sending established brands like HTC and Motorola into losses. While OnePlus pales to most of its rivals in size, Mr Lau said it has eked out healthy margins by focusing only on the high-end of the market. It sells most of its mobiles directly to a core of fans online, instead of through mobile networks, although it began to distribute phones through O2 in the UK in 2016.

«

Some confusion between the headline, intro and second para. I think it’s that they’ve passed a billion dollars. That’s an average of $250m per quarter; at $250 per handset that would be a million per quarter, or 4m per year. At $125 per handset, it’s 8m per year. Those seem like the likely boundaries of its sales.

So that’s the good news. Now we go to the bad news…
link to this extract


Some people have had their credit card numbers stolen after buying OnePlus phones online • BGR

Chris SMith:

»

If you purchased a OnePlus phone and paid with a credit card, you should check your account for fraudulent charges immediately. Apparently, it already happened to some OnePlus customers, who were notified about fraudulent transactions on credit cards that were used to buy OnePlus phones.

According to a poll on the company’s own forum, 69 people so far have noticed fraudulent charges after a OnePlus transaction.

OnePlus has yet to confirm a data breach that would have allowed hackers to steal user data such as credit card information. And it’s always possible that the users who were notified of fraudulent charges by their banks were hacked in some other way, and it’s all a big coincidence. But the poll, available at this link, seems to suggest there may be an issue with OnePlus, as some of the impacted customers used their cards online for little else other than to buy a OnePlus phone online…

…The company says it started investigating the issue but found no cause so far. OnePlus says that card info is “never processed or saved on our website.” Instead, the data is sent “directly to our PCI-DSS-compliant payment processing partner over an encrypted connection, and processed on their secure servers.”

«

link to this extract


Errata, corrigenda and ai no corrida: none notified

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

Start Up: making China great again (by omission), Fancy Bear is back, crafting Apple’s emoji, and more


Yes, I’m afraid that machine learning has spoiled the fun of this as well. Photo by in_future on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 10 links for you. Start the week as you mean to finish it. I’m @charlesarthur on Twitter. Observations and links welcome.

Techmate: how AI rewrote the rules of chess • Financial Times

Richard Waters:

»

Besides being pleasantly struck by the similarities he sees between AlphaZero’s game and his own, Kasparov suggests there have been some surprises from watching the software play. It’s well known, for instance, that the person who plays white, and who moves first, has an edge. But Kasparov says that AlphaZero’s victory over Stockfish has shown that the scale of that starting advantage is actually far greater than anyone had realised. It won 50% of the games when it played white, compared to only 6% when it played black. (The rest of the games were draws.)

Kasparov is cautious about predicting that AlphaZero has significant new chess lessons to teach, although he concedes it might encourage some players to try “a more dynamic game”. But if he seems only mildly interested in the quality of the chess, he is more forthright in his admiration for the technology. Kasparov has studied AI and written a book on it. AlphaZero, he says, is “the prototype of a flexible machine”, the kind that was dreamed of at the dawn of the computer age by two of the field’s visionaries, Alan Turing and Claude Shannon.

All computers before this, as he describes it, worked by brute force, using the intellectual equivalent of a steamroller to crack a nut. People don’t operate that way: “Humans are flexible because we know that sometimes we have to depart from the rules,” he says. In AlphaZero, he thinks he has seen the first computer in history to learn that very human trick…

…When transferred to the real world, however, the gulf between AI and the human brain looms large again. Chess, says [Stuart] Russell [who has been looking at AI and chess], has “known rules and short horizons”, and it is “fully observable, discrete, deterministic, static”. The real world, by contrast, “shares exactly none of these characteristics”.

«

One really good point is that Stockfish, which was defeated, was programmed by people who start from the point of valuing material: capturing is good. Being a pawn up is good. (It’s more subtle now.) But play like AlphaZero’s is more focussed on winning than material.
link to this extract


How to find Wally with a neural network • Towards Data Science

Tadej Magajna:

»

Deep learning provides yet another way to solve the Where’s Wally puzzle problem. But unlike traditional image processing computer vision methods, it works using only a handful of labelled examples that include the location of Wally in an image.

«

“What did parents do before there were neural networks?”

“They put their kids to sleep by making them play Where’s Wally. Damn computers.”
link to this extract


Making China Great Again • The New Yorker

Evan Osnos has a big analysis of how Trump’s reluctance, or inability, to engage with CHina’s growing desire to influence the world is giving Xi the long-sought chance to move into driving seat. Here he looks at how a recumbent US leaves gaps for aggressive moves in technology:

»

In Beijing, I hailed a cab and headed to the northwest corner of the city, where a Chinese company called SenseTime is working on facial recognition, a field at the intersection of science and individual rights. The company was founded in 2014 by Tang Xiao’ou, a computer scientist who trained at M.I.T. and returned to Hong Kong to teach. (For years, China’s startups lagged behind those in Silicon Valley. But there is more parity now. Of the forty-one private companies worldwide that reached “unicorn” status in 2017—meaning they had valuations of a billion dollars or more—fifteen are Chinese and seventeen are American.)

SenseTime’s offices have a sleek, industrial look. Nobody wears an identification badge, because cameras recognize employees, causing doors to open. I was met there by June Jin, the chief marketing officer, who earned an M.B.A. at the University of Chicago and worked at Microsoft, Apple, and Tesla. Jin walked me over to a display of lighthearted commercial uses of facial-recognition technology. I stepped before a machine, which resembled a slender A.T.M., that assessed my “happiness” and other attributes, guessed that I am a thirty-three-year-old male, and, based on that information, played me an advertisement for skateboarding attire. When I stepped in front of it again, it revised its calculation to forty-one years old, and played me an ad for liquor. (I was, at the time, forty.) The machines are used in restaurants to entertain waiting guests. But they contain a hidden element of artificial intelligence as well: images are collected and compared with a facial database of V.I.P. customers. “A waiter or waitress comes up and maybe we get you a seat,” Jin said. “That’s the beauty of A.I.”

Next, Jin showed me how the technology is used by police. She said, “We work very closely with the Public Security Bureau,” which applies SenseTime’s algorithms to millions of photo I.D.s. As a demonstration, using the company’s employee database, a video screen displayed a live feed of a busy intersection nearby. “In real time, it captures all the attributes of the cars and pedestrians,” she said. On an adjoining screen, a Pac-Man-like trail indicated a young man’s movements around the city, based only on his face. Jin said, “It can match a suspect with a criminal database. If the similarity level is over a certain threshold, then they can make an arrest on the spot.”

«

link to this extract


Cybersecurity firm: US Senate in Russian hackers’ crosshairs • Associated Press

Raphael Satter:

»

The same Russian government-aligned hackers who penetrated the Democratic Party have spent the past few months laying the groundwork for an espionage campaign against the U.S. Senate, a cybersecurity firm said in a report Friday.

The revelation suggests the group often nicknamed Fancy Bear, whose hacking campaign scrambled the 2016 U.S. electoral contest, is still busy trying to gather the emails of America’s political elite.

“They’re still very active — in making preparations at least — to influence public opinion again,” said Feike Hacquebord, a security researcher at Trend Micro Inc. who authoered the report. “They are looking for information they might leak later.”

The Senate Sergeant at Arms office, which is responsible for the upper house’s security, declined to comment, but Nebraska Sen. Ben Sasse said it was time for U.S. Attorney General Jeff Sessions to return to Congress to say what action had been taken to help ensure lawmakers’ digital safety.

“The Administration needs to take urgent action to ensure that our adversaries cannot undermine the framework of our political debates,” he said in a statement.

Trend Micro based its report on the discovery of a clutch of suspicious-looking websites dressed up to look like the U.S. Senate’s internal email system. The Tokyo-based firm then cross-referenced digital fingerprints associated with those sites to ones used almost exclusively by Fancy Bear, which it dubs “Pawn Storm.”

«

Blimey, they’re a busy bunch, what with hacking the IOC and all. And the same method, broadly, as used against Hillary Clinton’s team and John Podesta.
link to this extract


Army rips out Chinese-made surveillance cameras overlooking US base • WSJ

Dan Strumpf:

»

The U.S. Army said it removed surveillance cameras made by a Chinese state-backed manufacturer from a domestic military base, while a congressional committee plans to hold a hearing this month into whether small businesses face cybersecurity risks from using the equipment.

Fort Leonard Wood, an Army base in Missouri’s Ozarks, replaced five cameras on the base branded and made by Hangzhou Hikvision Digital Technology Co. , said Col. Christopher Beck, the base’s chief of staff. He said officials at the base acted after reading media reports about the company.

“We never believed [the cameras] were a security risk. They were always on a closed network,” Col. Beck said. The decision to replace the cameras was meant to “remove any negative perception” surrounding them following media reports, he added, without elaborating…

…A Defense Department spokesman said the Hikvision cameras at Fort Leonard Wood weren’t connected to the military network. He said the department is conducting a review of all network-connected cameras on the base to ensure they are “in compliance with all security updates.” The spokesman declined to comment on whether Hikvision cameras are in use at other military facilities.

«

There’s no threat but they don’t want it to look bad? That’s shonky. However plenty of these cameras are amazingly insecure; the Mirai and Reaper botnets feast on this stuff.
link to this extract


Where’s Cortana? Microsoft is playing the long game as Amazon and Google dominate CES • GeekWire

Nat Levy:

»

Lost in the shuffle of Amazon and Google’s digital assistant showdown this week at CES is another tech giant’s virtual brain: Microsoft’s Cortana.

Unlike fellow tech heavyweights Facebook and Apple, which don’t go to CES, Microsoft does have a presence here. But it is more behind the scenes than Google’s flashy booth or the array of Alexa announcements. That’s because, in Microsoft’s view, the voice assistant market is in the very early stages.

“It’s a long journey to making a real assistant that you can communicate with over a longer period of time to really be approachable and interesting and better than the alternative,” Andrew Shuman, corporate vice president of Cortana engineering, told GeekWire. “That is our journey, to make some make some great experiences that shine through, and recognize that long haul.”

«

Translation: we’re getting squashed in this contest. Consumer isn’t really where Microsoft plays, but it’s where the voice play is. (Yes yes Windows but Cortana isn’t getting traction there.)
link to this extract


The making of Apple’s emoji: how designing these tiny icons changed my life • Medium

Angela Guzman:

»

It was the summer of 2008, and I was one year away from receiving my MFA in Graphic Design from the Rhode Island School of Design (RISD). It was the same summer I landed an internship at Apple on a team I was eager to meet. The same design team responsible for the iPhone; a magical device that launched the year prior at Macworld Expo in San Francisco. One could only imagine the size of my butterflies as I flew to Cupertino and arrived at 1 Infinite Loop. To add to the uncontrollable fluttering, I had no idea what project I would be given, the size of the team, where I would sit, or if I could really bike to work (I’m terrible on bikes).

Soon after my arrival and meeting the team (oh and biking to work!) I was handed my project. I was still trying to make sense of the assignment I’d just received when someone asked if I knew what an emoji was. And well, I didn’t, and at the time, neither did the majority of the English speaking world. I answered ‘no’. This would all change, of course, as the iPhone would soon popularize them globally by offering an emoji keyboard. Moments later I learned what this Japanese word meant and that I was to draw hundreds of them. Just as I was looking down the hallway and internally processing, “This isn’t type or an exercise in layout, these are luscious illustrations,” I was assigned my mentor…

…My first emoji was the engagement ring, and I chose it because it had challenging textures like metal and a faceted gem, tricky to render for a beginner. The metal ring alone took me an entire day. Pretty soon, however, I could do two a day, then three, and so forth. Regardless of how fast I could crank one out, I constantly checked the details: the direction of the woodgrain, how freckles appeared on apples and eggplants, how leaf veins ran on a hibiscus, how leather was stitched on a football, the details were neverending. I tried really hard to capture all this in every pixel, zooming in and zooming out, because every detail mattered. And for three months I stared at hundreds of emoji on my screen.

«

Wonderful story.
link to this extract


CES was full of useless robots and machines that don’t work • Daily Beast

Taylor Lorenz:

»

Take the FoldiMate, a giant robotic machine that costs $850 that can supposedly fold your clothes. The machine, which took up more space than a washing machine, might be worth it if you could dump a huge pile of laundry inside some chamber and have your garments returned to you in neatly folded stacks. But that type of machine has yet to be built.

In order for the FoldiMate to work, you must individually button up each shirt then manually clip it onto the machine, which could be more time consuming than just folding everything yourself.

The machine can only fold certain items too. Dress pants and traditional button up shirts are fine, bulky sweatshirts, baby clothes, socks, or undergarments are off the table.

The FoldiMate fit right in with the other “smart home”-type products at CES, where the primary innovation in the past year seemed to be adding Amazon Alexa to absolutely everything.

The Haier smart mirror caught my eye as I stepped into the Central Hall of the convention center. It promised to help me dress by recommending outfits for travel, work, or a date. It could also give detailed washing instructions for different garments and track where it was sitting in my closet.

Intrigued, I asked how it would know so much about all my clothes. “Do I dump all my laundry into a big scanner?” I asked naively.

«

Read it to find out just how naive. (Very.)
link to this extract


Can’t remove the lithium battery from your smart luggage? Consider it grounded • Washington Post

Andrea Sachs:

»

On Monday, airlines including American, Alaska, Hawaiian, Delta, United and Southwest will no longer allow passengers to fly with smart bags that contain nonremovable lithium batteries. The policy change applies to checked and carry-on bags that require lithium batteries to power high-tech features such as a USB charging station and a location tracker.

“Customers who travel with a smart bag must be able to remove the battery in case the bag has to be checked at any point in the customer’s journey,” American Airlines said in a statement. “If the battery cannot be removed, the bag will not be allowed.”

The rule springs from safety concerns. Lithium metal and lithium ion/polymer batteries are susceptible to emitting smoke, catching fire and even exploding. Between March 1991 and May 2017, the Federal Aviation Administration documented 160 incidents involving lithium batteries that were being transported as cargo or baggage.

«

That’s going to put a crimp on a few of the early adopters.
link to this extract


The secret history of the Russian consulate in San Francisco • Foreign Policy

Zach Dorfman with a fascinating long read about the now-closed consulate and its former occupants:

»

Some suspected Russian intelligence officers were found engaging in weird, repetitive behaviors in gas stations in dusky, arid burgs off Interstate 5, California’s main north-south artery. In one remarkably strange case, said one former intelligence official, two suspected Russian spies were surveilled pulling into a gas station. The driver stood next to his car, not purchasing any fuel. The passenger approached a tree, circling it a few times. Then they both got back into the car and drove away. Suspected Russian intelligence operatives would perform the same strange rituals multiple times at the same gas stations.

Multiple theories about these activities emerged. One was that the Russians were trying to confuse and overwhelm their FBI surveillance teams, in order to gauge just how extensive their coverage really was — in other words, to test the capacity of their counterspies. Another theory revolved around a long-standing communications technique among Russian spies, known as “burst transmissions,” wherein intelligence operatives transmit data to one another via short-wave radio communications. But for these, said another former intelligence official, you need a line of sight, and such transmissions are only effective at relatively short distances.

Many of these behaviors, however, didn’t seem to fit a mold. For one, the FBI couldn’t establish that these suspected Russian intelligence operatives — some of whom were spotted with little devices in their hands, others without — were engaging in any communications. But according to multiple sources, one recurrent and worrying feature of these activities was that they often happened to correspond to places where underground nodes connected the country’s fiber-optic cable network.

«

And then it gets a whole lot more spooky.
link to this extract


Errata, corrigenda and ai no corrida: none notified

Start Up: Roku’s ambition, Dropbox to IPO, can you hack Aadhaar?, Russia’s new Olympic sport, and more


Does the NFL really have a “moat” that keeps viewers loyal and pulls in new ones too? Photo by Keith Allison on Flickr.

A selection of 10 links for you. Isn’t that something? I’m @charlesarthur on Twitter. Observations and links welcome.

Roku transforms from tech startup to TV streaming powerhouse • Variety

Janko Roettgers:

»

Roku is also getting ready to significantly expand its hardware business. Just last week the company announced an expansion into the home audio space. For this, Roku is once again teaming up with consumer electronics brands, which will license the company’s technology to build smart sound bars and speakers with integrated voice control. Roku-powered speakers will work together throughout a consumer’s home, capable of playing the same song synchronized in every room.

Smart, internet-connected speakers are not a new idea. Forrester Research recently estimated that 15 million U.S. households already owned a smart speaker by the end of 2017, and Amazon was expected to once again sell millions of its Echo devices over the holidays. Google has aggressively been pushing its own speakers; Sonos has been transitioning to voice-controlled devices; Apple is about to unveil its HomePod. Samsung, Microsoft and others are pushing into the market as well. “There are already too many smart speakers,” says Internet of Things expert Stacey Higginbotham.

Roku is betting it will have a chance to succeed in the market by making its own products TV-centric. “We see TVs as the central part of a growing home entertainment network,” explains the company’s VP of product, Mark Ely.

Roku has been investing heavily in research and development in this new growth area, acquiring Danish multi-room audio start-up Dynastrom in November for $3.5 million, as Variety was first to report. Roku even built its own smart assistant, meant to compete head-to-head with Amazon’s Alexa, Apple’s Siri and Google’s Assistant, thanks to an emphasis on media consumption. “We are an entertainment company,” says Ely. “An assistant has to be really great at entertainment.”

«

That market share figure – from US broadband households, 1Q 2017 – is surprising: I’d have expected Google to have a much larger share.
link to this extract


Dropbox files confidentially for US IPO • Bloomberg

Alex Barinka:

»

Dropbox Inc., the file-sharing private company valued at $10 billion, has filed confidentially for a U.S. initial public offering, people familiar with the matter said.

Goldman Sachs Group Inc. and JPMorgan Chase & Co. will lead the potential listing, according to the people, who asked not to be identified because the filing wasn’t public. Dropbox is talking to other banks this month to fill additional roles on the IPO, the people said. The company is aiming to list in the first half of this year, one of the people said.

Representatives for Dropbox, Goldman Sachs and JPMorgan declined to comment.

A share sale by San Francisco-based Dropbox, one of a closely watched group of high-profile private tech companies with multibillion-dollar valuations, would follow Snap Inc.’s disappointing step into the public markets. How the stock fares post-listing will be an ongoing focus for both Wall Street and the tech community. Snap shares are down 15% from its IPO last March.

«

What do we expect from this? Higher prices, less free storage, more insistent upsells?
link to this extract


Is India’s Aadhaar system really “hack-proof”? Assessing a publicly observable security posture • Troy Hunt

»

UIDAI is the Unique IDentification Authority of India and they run the Aadhaar project. Their statement echoes comments made around this latest incident that espouse the complete security of the system: “The Aadhaar data, including biometric information, is fully safe and secure”.

Here’s the issue I (and many others) have with these statements and I want to make it crystal clear:
Security is not a boolean proposition. It’s not “secure” versus “insecure”, “safe” versus “unsafe”, rather it is a spectrum of controls that all contribute to an overall security posture. There is no “fully”, there is no “completely”; every system – every single one – has weak points and a sufficiently well-equipped and determined adversary will find them.

It’s the hubris of the UIDAI’s statements which is the most worrying and it neglects so many of the highly sophisticated precedents that have come before the current situation. Precedents like Stuxnet, created by the US and Israeli governments to damage the Iranian nuclear program by targeting air-gapped centrifuges via 4 previously unknown “zero-day” flaws. That’s almost a cliched example to pull out these days, the point is simply that where there is sufficient will and resources, any information system can be compromised.

But let’s get back to that original tweet and the question therein: “Can you prove otherwise?” I certainly wouldn’t want to be the person probing away at Aadhaar in an unauthorised fashion in order to prove otherwise (although make no mistake, many people are), but per the title of this post, there are many publicly observable things I can easily draw attention to. To be crystal clear, none of this is “hacking”, it will merely involve looking at how the system responds to legitimate requests and observing the gap between what it does at present and what it ideally should do.

«

Lengthy post. It’s not certain that Aadhaar can be hacked, but one tends to think that where there’s a will – and 1.2bn user records – there’s a way.
link to this extract


Uber’s secret tool for keeping the cops in the dark • Bloomberg

Olivia Zaleski and Eric Newcomer:

»

In May 2015 about 10 investigators for the Quebec tax authority burst into Uber Technologies Inc.’s office in Montreal. The authorities believed Uber had violated tax laws and had a warrant to collect evidence. Managers on-site knew what to do, say people with knowledge of the event.

Like managers at Uber’s hundreds of offices abroad, they’d been trained to page a number that alerted specially trained staff at company headquarters in San Francisco. When the call came in, staffers quickly remotely logged off every computer in the Montreal office, making it practically impossible for the authorities to retrieve the company records they’d obtained a warrant to collect. The investigators left without any evidence.

Most tech companies don’t expect police to regularly raid their offices, but Uber isn’t most companies.

«

The tool is called Ripley:

»

From spring 2015 until late 2016, Uber routinely used Ripley to thwart police raids in foreign countries, say three people with knowledge of the system. Allusions to its nature can be found in a smattering of court filings, but its details, scope, and origin haven’t been previously reported.

The Uber HQ team overseeing Ripley could remotely change passwords and otherwise lock up data on company-owned smartphones, laptops, and desktops as well as shut down the devices. This routine was initially called the unexpected visitor protocol.

«

In the words of Matt Stoller: “Uber often looks like a criminal conspiracy that happens to run a ride-sharing service.”
link to this extract


Beware the lessons of growing up Galapagos • Remains of the Day

Eugene Wei:

»

If I weren’t in two fantasy football leagues with friends and coworkers, I would not have watched a single game this season, and that’s a Leftovers-scale flash-forward twist for a kid who once recorded the Superbowl Shuffle to cassette tape off a local radio broadcast just to practice the lyrics.

If you disregard any historical romantic notions and examine the typical NFL football game, it is mostly dead time (if you watch a cut-down version of a game using Sunday Ticket, only about 30 minutes of a 3 to 3.5 hr game involves actual game action), with the majority of plays involving action of only incremental consequence, whose skill and strategy on display are opaque to most viewers and which are explained poorly by a bunch of middle-aged white men who know little about how to sell the romance of the game to a football neophyte. Several times each week, you might see a player hit so hard that they lie on the ground motionless, or with their hands quivering, foreshadowing a lifetime of pain, memory loss, and depression brought on by irreversible brain damage. If you tried to pitch that show concept just on its structural merits you’d be laughed out of the room in Hollywood.

Cultural products must regenerate themselves for each successive age and generation or risk becoming like opera or the symphony is today…

…I don’t trust a bunch of rich old white male owners who grew up in such favorable monopolistic conditions to both understand and adapt in time to rescue the NFL from continued decline in cultural relevance. They are like tortoises who grew up in the Galapagos Islands, shielded on all sides from predators by the ocean, who one day see the moat dry up, connecting them all of a sudden to other continents where an infinite variety of fast-moving predators dwell.

«

link to this extract


Apple’s indirect presence fades from CES • Tech.pinions

Ben Bajarin:

»

It is easy to say that because Apple was never present at CES that the show didn’t mean something to them or their ecosystem. It is easy, and correct to say that CES was not, or never was, a measure of the health of Apple’s products. It is, however, incorrect and dangerous to miss that CES had been, for some time, a barometer for the health of Apple’s ecosystem.

As I mentioned, our ability to measure any platforms ecosystem from what we observe at CES, is the main reason so many are paying attention to what is happening with Amazon’s Alexa platform. Google Assistant is certainly more present than it was last year, however, when you look at how third parties are talking about-and marketing-their support of these assistants they are putting significantly more effort into talking about Alexa than Google Assistant. Which is a telling signal. Again, to reiterate this point, third parties used to market, and spend energy talking about their integration with iOS or support of iPhone/iPad with the same rigor they are now talking about Amazon’s Alexa. This can not be ignored.

As I outlined, with the two scenarios for Amazon’s Alexa, one could take a position that this is short-lived, and the dust will settle once Apple enters the market with HomePod and you will see more partners and third parties start talking more about HomeKit than anything else. For Apple’s sake, I would love for this to happen but I don’t see it unless Apple’s makes some changes to where Siri can be integrated outside of Apple first-party hardware.

With all of that being said, I am noticing a bit more support of HomeKit this year vs. last and with Apple’s recent pivot surrounding HomeKit requirements which required a dedicated security chip from Apple that now allows that security and authentication to be done in software, I do expect even more HomeKit support next year.

«

Certainly it used to be true that you’d go to CES and it would be iPhone accessory this, iPad case that. Now apparently it’s all Alexa this, Alexa that. So he has a point. Where’s consumer electronics going now?
link to this extract


Dear Google: please stop using my advertising dollars to monetize hate speech • Quartz

John Ellis:

»

My company sponsors online hate speech, fake news and racist propaganda. It’s not that we are trying to—and given the small budget of the engineering company I run, my contribution may only amount to pennies a month. But in total, online advertising accounts for tens of billions of dollars annually, so even tiny percentages mean millions of dollars directed from the bank accounts of advertisers to the pockets of Holocaust deniers, Sandy Hook hoaxers and promoters of vile, racist content.

The reason advertisers like me inadvertently sponsor and monetize hate speech is that ad-tech companies like Google have partnerships with publishers who allow and promote this type of content. And unless advertisers proactively identify and block objectionable sites as I try to do, their ads may appear there.

(Editors Note: In the time since Quartz first reviewed this article for publication, some of the sites pictured below have stopped running advertising, but similar sites have cropped up running the same juxtapositions of hate speech and advertising delivered via Google products.)

«

Whack-a-mole on both sides.
link to this extract


Russia, banned from the Winter Olympics, apparently is hacking Olympic emails • Buzzfeed

Kevin Collier:

»

The origin of the emails is unclear. Some of the emails, which date from late 2016 to spring 2017, appear to be between IOC employees and third parties discussing the Russian doping conspiracy.

“These emails and documents point to the fact that the Europeans and the Anglo-Saxons are fighting for power and cash in the sports world,” “Fancy Bears” said in its posting, though it’s unclear how the emails are meant to support that claim. Some of the emails’ contents are encrypted and are therefore illegible.

The IOC declined to comment on the “Fancy Bears” post or to verify that the emails are authentic, telling BuzzFeed News that “we do not comment on leaked documents.” WADA has not disputed the validity of any of the hacked documents previously attributed to the organization.

One of the people whose emails appear in the leak, and who is specifically named on the “Fancy Bears” website, is Colorado lawyer Richard Young, who helped WADA draft new anti-doping rules and worked to create a so-called “independent person” report for WADA on the doping allegations.

Young told BuzzFeed News he was unaware of the “Fancy Bears” activity, but said that a September 2016 email included in the dump sounded authentic to him when read over the phone.

“It’s no great revelation that I was involved in the IP investigation. I’m named in it,” Young laughed. “I think it’s somewhere in the first five pages that my role is explained.”

The original WADA hack occurred in late summer 2016, as allegations that Russian athletes had been caught participating in a vast and elaborate blood doping conspiracy were gaining international attention.

«

They should enter the Hacking Olympics. Venue: the internet. (Though these antics only go to strengthen the idea that Fancy Bear were behind the hacks of US organisations hostile to Russia, such as the Democratic party and Hillary Clinton’s campaign manager’s personal account.)
link to this extract


UCL to investigate eugenics conference secretly held on campus • The Guardian

Kevin Rawlinson and Richard Adams:

»

University College London has launched an urgent investigation into how a senior academic was able to secretly host conferences on eugenics and intelligence with notorious speakers including white supremacists.

The London Conference on Intelligence was said to have been run secretly for at least three years by James Thompson, an honorary senior lecturer at the university, including contributions from a researcher who has previously advocated child rape.

One prominent attendee at the conference in May last year was Toby Young, the head of the government-backed New Schools Network, who ran into controversy over efforts to appoint him as a university regulator…

…Young, in a speech to a similar conference in Canada last year, described the extreme measures that Thompson employed to keep the conference a secret.

“Attendees were only told the venue at the last minute, an anonymous ante-chamber at the end of a long corridor, called ‘lecture room 22’, and asked not to share this information with anyone else.

“One of the attendees, on discovering I was a journalist, pleaded with me not to write about the fact that he was there – he didn’t want his colleagues to find out,” Young said.

“But these precautions were not unreasonable, considering the reaction that any references to between-group differences in IQ generally provoke.”

Previous attendees included Richard Lynn, whom the US-based research group Southern Poverty Law Center labelled an “unapologetic eugenicist”, and the blogger Emil Kirkegaard, who has written supportively about pedophiles being allowed to have “sex with a sleeping child”.

«

Young has written vaguely in favour of eugenics for those deemed “low IQ”. You might say – what’s the harm in a university, meant to be a temple to ideas, hosting a conference on even a controversial idea like this, when we freely talk about CRISPR potentially improving our genetic profile? The problem is that eugenics is about *removing* people from the future population; it’s totalitarian, in that sense. CRISPR is about optionally choosing improvements.

It’s a subtle but important difference. Ask the parents of a disabled child if they’d want the child never to have been born: they’ll not take that option. (Which is eugenics.) Ask them if they’d want the child to have been born without disability; they’ll probably – but not always – say yes, while recognising it’s just a wish. That Young apparently can’t recognise that difference, and finds himself with fellow travellers of questionable morals, is disturbing.
link to this extract


We found a deleted page that reveals the paparazzi roots of Kodak Coin • Ars Technica

Timothy Lee:

»

The evidence strongly suggests that Kodak Coin is the re-branding of an initial coin offering called RYDE coin that never got much attention and was apparently aborted days before Kodak Coin was announced. Until recently, the project had a page on the crowdfunding site Start Engine. The page is no longer there, but Google cached a copy of the site on January 3. [At the time, the project had attracted 10 backers who had pledged a total of $875.]

As recently as last week, RYDE coin was being pitched as a way of expanding the licensing business of its creator, paparazzi photo company WENN Media. Now the RYDE page has disappeared, and WENN Media’s parent company, WENN Digital, has partnered with Kodak to create a blockchain platform that sounds a lot like RYDE—except that there’s no mention of celebrity photographs.

We’ve asked both Kodak and WENN about the connection between RYDE coin and Kodak Coin, and we will update the story if we hear back…

…What’s WENN Digital? A spokesman told Ars that WENN Digital is a new company that has acquired UK-based WENN Media, which describes itself as a “celebrity and entertainment news agency.”

“WENN can offer you an opportunity to join our worldwide team of top paparazzi snappers,” the “About Us” section of blog.wenn.com says.

«

So basically it’s sticking the Kodak name on a paparazzi project. Also, the “Kodak Coin” won’t make money for anyone who “mines” it, as David Gerard – whose book “Attack of the 50 Foot Blockchain” is hilarious in its dissection of the fantasies and fantasists around this topic – explains. It’s a mess, but then everything Kodak has done for years is a mess.
link to this extract


Errata, corrigenda and ai no corrida: none notified

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

Start Up: coding to kill, CES goes dark, Apple sells mesh Wi-Fi, Huawei chief’s rant, and more


The Great Barrier Reef is dying due to climate change. What now? Photo by FarbenfroheWunderwelt on Flickr.

A selection of 14 links for you. Buy high, sell low, unless you’re buying my cryptocoins, in which case just buy. I’m @charlesarthur on Twitter. Observations and links welcome.

This Israeli presentation on how to make drone strikes more “efficient” disturbed its audience • The Intercept

Sam Biddle:

»

The doctoral student who presented the research demonstrated how pioneering data visualization techniques could show a drone operator, using lines and arrows of varying thickness, which direction fast-moving people and vehicles were most likely to travel, for example, at an intersection or while fleeing a building. The presentation clearly angered at least some of the crowd, including the moderator, prompting hostile questions.

“The guy’s talk (and its video documentation) revealed much of what’s very wrong about UAV warfare,” said Mushon Zer-Aviv, a web designer and activist and an organizer of the conference, the data visualization confab known as ISVIS.

The incident at ISVIS underscores the extent to which drone warfare’s deeply technological basis and inhumanity has become a major part of global public debate around its use. Once viewed (and still promoted) as an efficient, safer way to target terrorists, the growing ubiquity of lethal drone strikes in global hotspots is increasingly seen as helping to create wastelands and fomenting the sort of terroristic support it’s designed to eradicate.

«

I can’t do better than Maciej Cieglowski’s comment: “This is an extreme example of a dynamic we see across the tech world: abdicating moral agency to work on cool code.”
link to this extract


Great Barrier Reef tourism operators beg for action on bleaching • Brisbane Times

Jorge Branco:

»

Dozens of Queensland small businesses, many which wouldn’t exist without the Great Barrier Reef, have issued a dire warning to Prime Minister Malcolm Turnbull.

The open letter published on Saturday comes as new research predicts bleaching as severe bleaching could become the “new normal”, recurring biyearly by the mid-2030s.

In a move contrary to recent attempts from tourism bodies to downplay the extent of the bleaching, 175 tourism operators, dive professionals and tradies labelled the mass damage a “disaster needing urgent action”.

They called on the Turnbull government to rule out any financing, investment or help with associated infrastructure for the Abbot Point coal terminal expansion and Adani’s controversial Carmichael mine, the largest in Australia.

They pointed the finger at climate change, calling for investment in renewable energy projects, particularly in regional Queensland and a band on any new coal mines.

Eye to Eye Marine Encounters director John Rumney said some businesses had been afraid to speak out, worried it could mean bad publicity. “But the long-term viability of all our businesses relies entirely on Reef staying healthy and it is in danger,” he said, in a press release issued by the Climate Media Centre.

«

In our lifetimes, the Great Barrier Reef could be dead. This is a calamity.
link to this extract


Apple now selling mesh Wi-Fi system as AirPort line remains unchanged • 9to5Mac

Zac Hall:

»

Apple has started selling a mesh Wi-Fi system from Linksys both on its website and in stores. The move is notable as Apple hasn’t updated its own Wi-Fi base station hardware since 2013 and doesn’t currently offer its own mesh Wi-Fi system.

The future of Apple’s networking hardware has long been unclear for that reason.

Bloomberg reported over a year ago that Apple disbanded its AirPort team and planned no future hardware releases. Since then we’ve seen no update to the AirPort hardware. AirPort Wi-Fi base stations are still being sold today and haven’t changed in price…

…When asked about the move to sell a third-party mesh system and the future of the AirPort line, an Apple spokesperson shared this with 9to5Mac:

People love our AirPort products and we continue to sell them. Connectivity is important in the home and we are giving customers yet another option that is well suited for larger homes.

Apple’s choice for that option is the Linksys Velop Whole Home Mesh Wi-Fi System which comes in two flavors: $350 for a 2-pack system or $500 for a 3-pack solution. The Tri-Band Wi-Fi system is rated to provide coverage for 2,000 square feet with each Node which can be configured from the Linksys iPhone and iPad app.

«

Well that’s certainly interesting. It’s not as if it was going to sell Google’s offering, of course. I don’t think eero’s has been cleared for UK or European use. Mesh seems like the future if you need something that size.
link to this extract


Major power outage hits CES, a consumer electronics show • The Verge

Dami Lee:

»

Power in the North and Central halls of the Las Vegas Convention Center, which hosts CES annually, was out for nearly two hours on Wednesday. First reports of the power outage began hitting Twitter from convention goers starting around 11:14AM PT, and was slowly restored shortly after 1:00PM PT. Security evacuated most visitors from the affected halls during that time.

The outage impacted hundreds of companies, including giants like LG, Samsung, and Sony, as well as many small startups that paid thousands of dollars to have a presence on the giant show floor. This year’s CES seems to be marked by more chaos than usual, including unprecedented rain that flooded streets and shut down Google’s giant funhouse booth for a day.

«

Maybe they could make this a regular thing there.
link to this extract


Bitcoin can drop 50% and China miners will still make money • Bloomberg

Dan Murtaugh:

»

“Bitcoin mining under the current price is likely to be profitable under any electricity price regime in China,” Lu wrote.

Cryptocurrency power use is facing more scrutiny, particularly in China, which is concerned miners are taking advantage of low electricity prices. Digital currency transactions require energy-intensive computer networks, with the industry now using as much power as 3.4 million U.S. households, according to Digiconomist Bitcoin Energy Consumption Index. China is said to be planning to limit power use by miners, which are starting to look elsewhere.

Electricity demand for bitcoin mining rose to about 20.5 terawatt-hours a year by the end of 2017, according to BNEF. That equates to more than half the 38 terawatt-hours of electricity used annually by the world’s biggest traditional miner, BHP Billiton – or a tenth of the electricity needed to power South Africa.

In China, miners used 15.4 terawatt hours, which is just a blip in the country’s massive power industry. Even though it plays host to the world’s biggest community of bitcoin miners, they only used 0.2% of the country’s annual electricity production, according to the report.

«

Dammit.
link to this extract


‘Sexy girl’ bots scam ¥1 billion from dating app users in China • That’s Beijing

Gary Bailer:

»

In possibly the oddest news story to have come out of China so far this year, police recently revealed that chat bots posing as bodacious babes have scammed dating app users out of a collective fortune.

The investigation began last August, when Guangdong police picked up on an app asking users to pay to view pornographic videos that, alas, did not exist.

From there, the investigation expanded to apps run in 13 provinces across China. As of January 8, over 600 individuals had been arrested and 21 companies shut down in cities including Beijing, Guangzhou, Shenzhen, Hangzhou, Changsha and Wuhan.

On the dating apps they formerly operated, some of the so-called single women were in fact chat bots programmed to flirt with users, especially ones that were new to the platform.

In at least one case, Sixth Tone reports, app users could exchange a few messages with a ‘sexy’ bot before being asked to upgrade to VIP status for RMB200.

«

This is the oddest story out of China so far? Then again it’s only the 10th.

Basically, though, Ashley Madison but a bit more low-rent.
link to this extract


Stellar iPhone X performance in GB, China & Japan • Kantar Worldpanel

»

In the USA, the iPhone X was outsold by the iPhone 8 and iPhone 8 Plus in the month of November but did round off the top three best-selling models for the month, easily beating the top Samsung model, the Galaxy S8, which is in sixth position.

The iPhone X was the top selling Smartphone in Japan in November, commanding an 18.2% share, closely followed by the iPhone 8 at 17.2% share. Meanwhile, in urban China, demand for the iPhone X has exceeded all expectations, as Dominic Sunnebo explains, “Apple was riding on the back of some momentum before the iPhone X release but demand for latest model in urban China has been staggering given its price point.

“Apple is now back on form – the iPhone X was the top selling model in urban China in November, with a market share of 6.0%. Unlike in Europe and the US, where the vast majority of new early iPhone X sales came from existing Apple smartphone owners, in urban China there are significant numbers of Huawei, Xiaomi and Samsung customers switching to the new iPhone models, which they deem a cut above the rest.”

«

Apple had a share of 49.4% in the UK in November. That’s astonishing.
link to this extract


Maven buys HubPages: No future for mom-and-pop publishers • ZDNet

Tom Foremski:

»

[HubPages CEO Paul] Edmondson told me that it seemed as if improving the quality of the content resulted in triggering a volatile ranking by Google rather than a positive increase. Months of hard work were not paying off.

I found the reason it wasn’t working described in a Google patent.

Google is very suspicious of anything that increases a sites search rank. It suspects some possible spammy search engine optimization tricks might be at work so it will flag the web site and cause its search rank to fluctuate wildly so as to prevent testing the possible SEO actions. Then it will schedule a manual check of the web site to see if it is legit.

This means that if you rewrite your website to improve quality — and Google wants higher quality content — you are using optimizing your site deliberately to improve your ranking. Google will flag this as suspicious behavior and will vary your page ranking on a random basis that has nothing to do with the changes you made.

You cannot win. Your business success is in the hands of another entity.

Google and Facebook today have about 85% of all mobile ad traffic and they dominate desktop ad markets – small mom and pop publishers have to combine into large enough networks to attract the media buyers.

It’s a race to the bottom – Google revenues are 15% to 18% less per click per quarter – but Google can race to the bottom and still beat Wall Street estimates. That’s not the case for smaller media companies.

The disruption in the media industry will continue in 2018. There is no stable business model and there is none in sight.

«

On the plus side, a lot of the junk sites which fed off the 2016 US election should die, if this is correct.
link to this extract


Sneaky crypto malware miners are targeting ad networks next • CoinDesk

Jonathan Keane:

»

Websites and publishers need to be prepared for cryptocurrency miners slipping into ads on their sites, according to Israeli adtech firm Spotad.

The company, which operates an AI-powered advertising platform for purchasing media space, recently discovered cryptocurrency mining activity on its network, a development the company claims is becoming part of wider trend.

Spotad’s AI system, named “Sarah,” recently identified anomalies in the code of seemingly legitimate ads for both desktop and mobile that turned out to be a miner for the cryptocurrency monero. The JavaScript-enabled ad was designed to dupe users into clicking on a pop-up that would initiate the mining process.

According to co-founder Yoav Oz, the agency responsible for the ad was unaware of the code that was embedded inside. The name of the agency or the subject of the ad has not been disclosed.

«

The irony would be if some of the fake sites that run ads were to be exploited in this way. Be really hard to know where one’s sympathies lay then.
link to this extract


Essential Phone review, four months later: The sun is setting on this experiment • Android Central

Andrew Martonik:

»

Aside from the hardware, every other aspect of my Essential Phone experience has been about frustration. Mostly, it boils down to horrendous software stability and performance. Despite dozens of updates and the anecdotes you may have seen that indicate performance issues have been “fixed,” it most certainly hasn’t. The Essential Phone is handily outperformed by a Moto G5, and that’s just unacceptable — at $699, for sure, but at $499 as well.

Four or five years ago, Android phones were slow and unstable like this. But not today.
It all starts with just general app instability. Apps crash — a lot. More than I’ve experienced on any other phone. They freeze, stutter, lock up and force close. Sometimes you tap an app to open it, and nothing happens for multiple seconds.

«

The comments are the thing here – plenty of people with the same experience. Essential’s whopping valuation suddenly looks like smoke unless it can do something amazing in the smart home space.
link to this extract


Huawei’s CEO going off-script to rage at US carriers was the best speech of CES • The Verge

Vlad Savov:

»

The Huawei boss did something unexpected at the end of his keynote, however. Framed by a simple slide reading “Something I Want to Share,” Yu proceeded to address the failure of Huawei’s carrier deal directly. Shedding the earlier hesitation in his speech, he made the point that American phone buyers can’t have the best and widest choice of device if Huawei products — those of the world’s third-biggest phone vendor — weren’t on offer. “Everybody knows that in the US market that over 90% of smartphones are sold by carrier channels,” he said. “It’s a big loss for us, and also for carriers, but the more big loss is for consumers, because consumers don’t have the best choice.”

Harkening back to the beginning of his Huawei career 25 years ago, Yu radiated a quiet anger at the mistrust his company is being subjected to. He said Huawei faced plenty of doubters in its native China too, being an almost total newcomer to consumer devices six years ago. “We win the trust of the Chinese carriers, we win the trust of the emerging markets… and also we win the trust of the global carriers, all the European and Japanese carriers,” he said. “We are serving over 70 million people worldwide. We’ve proven our quality, we’ve proven our privacy and security protection.”

I craned my neck to look at the teleprompters behind me and they were blank. Yu’s most inspired and most eloquent speech, it turned out, was being delivered without any external help.

«

Then again “best speech of CES” isn’t that high a bar.
link to this extract


News UK finds high levels of domain spoofing to the tune of $1 million a month in lost revenue • Digiday

Jessica Davies:

»

To investigate the level of domain spoofing occurring against its news brands, News UK conducted a programmatic blackout test for two hours in December. The result: 2.9 million bids per hour were made on fake inventory purporting to be News UK’s The Sun and The Times of London newspaper brands.

From the results, the publisher estimates that marketers are wasting £700,000 ($950,000) on domain-spoofed inventory per month. A total of 650,000 ad requests were made each hour, according to the publisher.

The publisher conducted the test between 3a.m. and 5 a.m. on Dec. 4, deliberately choosing a time that would be less disruptive to site visitors and wouldn’t hamper revenues or ongoing campaigns. The publisher shut down all programmatic advertising on its sites, including all supply-side platforms, its header bidding wrapper and all networks. During this time, it was impossible to buy programmatic inventory on The Sun, the Times or News UK’s fantasy football brand Dream Team. That made it easy to isolate inventory that still appeared to be offered on its sites as fraudulent.

«

That’s a lot of money which is being sent to fake sites pretending to be News UK. You can bet it’s repeated far and wide through the ad business. Third-party digital ads must, surely, surely now be reaching some kind of point where it’s not worth advertisers using them, at which point the system collapses?
link to this extract


Collision course: why this type of road junction will keep killing cyclists • Single Track World

“Bez” on a junction in the UK where the angle of road intersection is perfect to make a cyclist invisible behind the driver-side pillar as they approach it:

»

At the position shown, approximately 100m from the junction at Ipley Cross, the pillar obscures roughly 12m of Beaulieu road. That’s six bicycle lengths: enough to hide not just a cyclist but a small group of riders.

Of course, as the driver approaches that junction, that obscured section of road moves towards the junction with them. As does the cyclist.

Parekh’s car had a black box type device, which (contrary to his statements to police) recorded his approach to the junction at a steady speed of 37mph. At this speed it would have taken six seconds to cover the 100m to the collision, and the following image shows the approximate areas obscured by the Zafira’s pillar at six points in time representing each incremental second leading up to impact, with the red area showing the pillar shadow one second prior to impact.

Although the obscured section of road becomes smaller as the driver approaches, it remains large enough to completely obscure a bicycle until less than a second prior to impact: too late for either party to react.

«

There have been multiple accidents with cyclists – including deaths – at that junction. It would be good to have a way to figure out how to discover where such junctions exist.
link to this extract


I tried the first phone with an in-display fingerprint sensor • The Verge

Vlad Savov:

»

The mechanics of setting up your fingerprint on the phone and then using it to unlock the device and do things like authenticate payments are the same as with a traditional fingerprint sensor. The only difference I experienced was that the Vivo handset was slower — both to learn the contours of my fingerprint and to unlock once I put my thumb on the on-screen fingerprint prompt — but not so much as to be problematic. Basically, every other fingerprint sensor these days is ridiculously fast and accurate, so with this being newer tech, its slight lag feels more palpable.

Vivo is using a newly announced Synaptics optical sensor, which has been in development for years. It works by peering through the gaps between the pixels in an OLED display (LCDs wouldn’t work because of their need for a backlight) and scanning your uniquely patterned epidermis. This is likely the tech that Synaptics and Samsung were collaborating on for the Galaxy S8 for last year, right up until it became apparent that it wouldn’t be ready in time for the phone’s release. Things are different now, as Vivo is close to announcing this as-yet-unnamed phone properly and Synaptics is already in mass production with the so-called Clear ID sensor.

«

Won’t replace or be added to FaceID; Samsung might get it into the Galaxy Note 9. It’s a nice idea, but there are questions about the accuracy – as it’s optical, how good will the error rate (positive or negative) be?
link to this extract


Errata, corrigenda and ai no corrida: none notified

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

Start Up: discovering Spectre and Meltdown, where are Wikileaks’s bitcoinillions?, self-mending screens, and more


Uber launches in Cincinnati in 2014. Think it’s profitable there? Probably not. Photo by 5chw4r7z on Flickr.

Back early, by hardly any demand at all! But that’s life.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 13 links for you. Unlucky for some I’m @charlesarthur on Twitter. Observations and links welcome.

How Meltdown and Spectre were independently discovered by four research teams at once • WIRED

Andy Greenberg:

»

The Graz team’s discovery, an attack that would come to be known as Meltdown, proved a critical crack in one of computing’s most basic safeguards. And perhaps most troubling of all, the feature they had exploited was introduced into Intel chips in the mid-1990s. The attack had somehow remained possible, without any apparent public discovery, for decades.

Yet when Intel responded to the trio’s warning—after a long week of silence—the company gave them a surprising response. Though Intel was indeed working on a fix, the Graz team wasn’t the first to tell the chip giant about the vulnerability. In fact, two other research teams had beaten them to it. Counting another, related technique that would come to be known as Spectre, Intel told the researchers they were actually the fourth to report the new class of attack, all within a period of just months.

“As far as I can tell it’s a crazy coincidence,” says Paul Kocher, a well-known security researcher and one of the two people who independently reported the distinct but related Spectre attack to chipmakers. “The two threads have no commonality,” he adds. “There’s no reason someone couldn’t have found this years ago instead of today.”

«

I’d imagine there were people in security agencies who found this a while ago, and liked it. The coincidental discovery? There are tons of people everywhere who are trying to find security glitches and hacks.
link to this extract


The Spectre of an advertising meltdown: what you need to know • Lawfare

Nicholas Weaver:

»

The information security world is focused on two new security vulnerabilities, “Spectre” and “Meltdown”, that represent vulnerabilities embedded in computer hardware. Lawfare readers should respond in two ways: keep their operating systems up to date and, critically, install an ad-blocker for your web browser. (Here are guides on how to do so in Chrome and Firefox.) In fact, a proper response to Spectre should involve ad-blocking on all government computers. Other than that, don’t worry.

Readers who just wanted to know what to do can stop reading. But for those curious about some of the technical background on these vulnerabilities and why ad-blocking is an essential security measure for a modern computer, read on.

«

link to this extract


No tracking, no revenue: Apple’s privacy feature costs ad companies millions • The Guardian

Alex Hern:

»

Advertising technology firm Criteo, one of the largest in the industry, says that the Intelligent Tracking Prevention (ITP) feature for Safari, which holds 15% of the global browser market, is likely to cut its 2018 revenue by more than a fifth compared to projections made before ITP was announced.

With annual revenue in 2016 topping $730m, the overall cost of the privacy feature on just one company is likely to be in the hundreds of millions of dollars.

Dennis Buchheim, general manager of the Interactive Advertising Bureau’s Tech Lab, said that the feature would impact the industry widely.

“We expect a range of companies are facing similar negative impacts from Apple’s Safari tracking changes. Moreover, we anticipate that Apple will retain ITP and evolve it over time as they see fit,” Buchheim told the Guardian.

“There will surely be some continued efforts to ‘outwit’ ITP, but we recommend more sustainable, responsible approaches in the short-term,” Buchheim added.

«

John Gruber called this article “pro-ad industry”. Can’t say I see that myself.
link to this extract


Uber is not price competitive with transit • Medium

Paris Marx:

»

Uber’s strategy of reporting large losses to develop a customer base is not unique; many tech companies have taken a similar path before it. The tech press has compared Uber favorably with Amazon — now the fourth largest company in the world by market cap — because the latter reported growing losses every year from 1994 to 2000, during which time investors worried it would ever turn a profit. But there’s an important detail left out of those stories: how the scale of Uber’s losses compare to Amazon’s.

In WTF? What’s the Future and Why It’s Up to Us, Tim O’Reilly writes that Amazon lost $2.9bn over its first five years before turning a profit in 2001. That may seem like a lot, until Uber’s losses are placed beside it.

In 2016 alone, Uber lost $2.8bn, almost as much as Amazon lost over five years; but the losses didn’t stop there. Over the first three quarters of the 2017 fiscal year, Uber has already lost $3.2bn, with a loss of $1.5bn in the most recent quarter. A chart of Uber’s financials shows its losses have gotten worse in each quarter of 2017, suggesting annual losses for the year will likely hit $5bn, and the company has no realistic path to profitability.

«

Well, it does have a path to profitability – raise its prices. Except that (it’s later explained)

»

“Transportation industry expert Hubert Horan has detailed how “[d]rivers, vehicles and fuel account for 85% of urban car service costs” — costs which cannot be reduced with scale”.

«

And Marx (this one) does look at the question of driverless filling the gap.
link to this extract


Where did WikiLeaks’ $25m bitcoin fortune go? • The Daily Beast

Joseph Cox:

»

Everyone from early investors to cybercriminals has benefited from the huge spike in the value of bitcoin in the past few weeks. It’s a boon for one other outfit that has likely racked up tens of millions of dollars’ worth of the cryptocurrency: WikiLeaks.

The transparency organization may be sitting on a stockpile of bitcoin valued at around $25 million, and has likely exchanged several other large cryptocurrency caches for fiat cash, according to two sources who independently analyzed WikiLeaks’ bitcoin transactions.

“Last wallet looks like his piggy bank,” John Bambenek, a security expert who has previously tracked Neo-Nazis’ use of bitcoin, told The Daily Beast, pointing to a specific bitcoin address believed to be linked to WikiLeaks.

An oft-repeated myth is that bitcoin is an anonymous currency. Although it can sometimes be harder for observers to determine which bitcoin address belongs to whom, the blockchain—the ledger listing all bitcoin transactions—is entirely public. Using this, it’s often possible to see which bitcoin wallets are associated with one another, perhaps link them to real identities, and infer what a bitcoin transaction was for…

…“Well, considering Julian [assange] is holed up in an embassy, it’s entirely possible someone else has physical possession. But would you trust that cash to someone else?” Bambenek said.

Julian Assange and the main WikiLeaks Twitter account did not respond to a request for comment.

Unsurprisingly, it appears WikiLeaks may have converted some of its bitcoin donations into much more practical fiat currency, too. Several other large chunks of bitcoin moved from the WikiLeaks donation address to BitPay, a bitcoin exchange platform, Bambenek said.“I am assuming he spent, because it went to BitPay,” Bambenek added, referring to WikiLeaks founder Assange. The second source said WikiLeaks has spent around 3,500 bitcoin since its move to the digital currency.

«

With rumours that Ecuador is looking to shift Assange out of its London embassy – and thus into the waiting arms of UK police – he might need that.
link to this extract


Google faces new discrimination charge: paying female teachers less than men • The Guardian

»

Google, which has been accused of systematically underpaying female engineers and other workers, is now facing allegations that it discriminated against women who taught employees’ children at the company’s childcare center.

A former employee, Heidi Lamar, is alleging in a complaint that female teachers were paid lower salaries than men with fewer qualifications doing the same job.

Lamar, who worked at Google for four years before quitting in 2017, alleged that the technology company employed roughly 147 women and three men as pre-school teachers, but that two of those men were granted higher starting salaries than nearly all of the women.

“I didn’t want to work for a company that I can’t trust, that makes me feel like my values of gender equality are being compromised,” Lamar, 31, told the Guardian.

«

Oh, but now read on.
link to this extract


Google memo author James Damore sues company for discrimination against white males • Buzzfeed

Ryan Mac:

»

The author of a controversial memo that sparked debates about gender and diversity at Google sued his former employer on Monday, alleging that the company discriminates against politically conservative white men.

James Damore, who was fired in August for internally circulating a manifesto that argued Google’s gender pay gap was the result of genetic differences that tend to favor men, said in a lawsuit filed in Santa Clara Superior Court that the search giant “singled out, mistreated, and systematically punished and terminated” employees who deviated from the company’s view on diversity. Damore and a second plaintiff, David Gudeman, another former Google engineer, are seeking class-action status for anyone who identifies as conservative, Caucasian, or male.

The men are being represented by Harmeet K. Dhillon, the Republican National Committee’s committeewoman for California.

“Google’s management goes to extreme — and illegal — lengths to encourage hiring managers to take protected categories such as race and/or gender into consideration as determinative hiring factors, to the detriment of Caucasian and male employees and potential employees at Google,” the suit reads.

«

Another quote from the suit: “…The presence of Caucasians and males was mocked with ‘boos’ during company- wide weekly meetings”. I bet Google wishes it had dumped Damore’s CV and never gave him an interview.
link to this extract


CoffeeMiner hijacks public Wi-Fi users’ browsing sessions to mine cryptocurrency • ZDNet

Charlie Osborne:

»

According to the developer, public Wi-Fi may also now be a source of income for hackers that successfully pull off man-in-the-middle (MiTM) attacks to launch cryptocurrency miners.

The project, released to the public for academic study, leans upon the recent discovery of a cryptocurrency miner discovered on a Starbucks Wi-Fi network.

CoffeeMiner works in a similar way. The attacking code aims to force all devices connected to a public Wi-Fi network to covertly mine cryptocurrency.

The attack works through the spoofing of Address Resolution Protocol (ARP) messages by way of the dsniff library which intercepts all traffic on the public network.

Mitmproxy is then used to inject JavaScript into pages the Wi-Fi users visit. To keep the process clean, the developer injected only one line of code which calls a cryptocurrency miner.

«

Can’t wait for the cryptocurrency madness to expire.
link to this extract


No boundaries for user identities: web trackers exploit browser login managers • Freedom To Tinker

Gunes Acar:

»

We show how third-party scripts exploit browsers’ built-in login managers (also called password managers) to retrieve and exfiltrate user identifiers without user awareness. To the best of our knowledge, our research is the first to show that login managers are being abused by third-party scripts for the purposes of web tracking.

The underlying vulnerability of login managers to credential theft has been known for years. Much of the past discussion has focused on password exfiltration by malicious scripts through cross-site scripting (XSS) attacks. Fortunately, we haven’t found password theft on the 50,000 sites that we analyzed. Instead, we found tracking scripts embedded by the first party abusing the same technique to extract emails addresses for building tracking identifiers.

The image above shows the process. First, a user fills out a login form on the page and asks the browser to save the login. The tracking script is not present on the login page [1]. Then, the user visits another page on the same website which includes the third-party tracking script. The tracking script inserts an invisible login form, which is automatically filled in by the browser’s login manager. The third-party script retrieves the user’s email address by reading the populated form and sends the email hashes to third-party servers.

«

The link above (“has been known”) is actually only one of the five offered in that phrase – OK, so I’m lazy about copying all the HTML sometimes. It’s a problem though that the most secure way to handle passwords is also so exploitable. So it’s back to remembering them all?
link to this extract


My internet mea culpa • Shift Newco

Rick Webb:

»

Being generous to the prophets [Stewart] Brand and [Kevin] Kelly et al, it’s entirely reasonable to argue that this version of a global village is not what they proposed or envisioned. Minorities are still denied equal voices on the internet — harassed off of it, or still unable to even get online. Massive amounts of data is still hidden behind firewalls or not online at all. Projects to bring more information online (such as Google Books) have foundered due to institutional obstruction or a change of priorities in those undertaking them. Governments still have secrets. Organizations such as Wikileaks that showed early promise in this regard have been re-cast as political tools through some mix of their own hubris and the adversarial efforts of the governments they seek to expose.

It’s quite easy to see the differences between the internet world we live in and the utopia we were promised. And a fair measure of that is because we didn’t actually make it to the utopia. The solution, then, the argument goes, is to keep at it. To keep taking our medicine even as the patient gets more sick, on the faith that we will one day reach that future state of total-information-freedom and equality of voices.

This isn’t an unreasonable position, but I think it would have been worth thinking about beforehand. There is a difference between Advil and chemotherapy. If you’re not dying of cancer, the benefits of something like chemotherapy are dubious. A better metaphor might be back pain. I have back pain. I could get surgery for my back pain. But the surgery is hugely debilitating, with only moderate chances of success. It is not unreasonable for me to say “nah, not worth it.”

«

I think Wikileaks on its own sums up the degradation of the dream. It began trying, and succeeding, in exposing African dictators; it has ended up helping Russian ones, and quite where it morphed from idealism to cynicism is difficult to pinpoint.
link to this extract


What happened when the infosec community outed its own sexual predators • The Verge

Sarah Jeong:

»

Since autumn, I’ve noticed SHA hashes popping up again across my social media feeds — hashes of men’s initials or sometimes full names. These strings cannot be decrypted but if you know or suspect what the solution is, you can try running the same algorithm over it and see if the hash matches. Women describe how they or a friend were harassed or assaulted, they describe in vague terms the man in question. And then they post the hash, so their friends can check to see if they’ve been attacked by the same man.

It’s a step up from the “Shitty Media Men” spreadsheet that went viral a couple of months ago, a means of sharing information that is easy enough among the women who are capable of opening a command line window and running SHA-256 on a man’s name — women who deal professionally with secrets, privacy, truth, and verification. These are women whose technical abilities, whose place in their world, have long been questioned. They have been treated like fakes and posers and interlopers and arm candy. But they are here and have always been here. And when all the bad men who “do good work” have fallen from their pedestals, those women are waiting, ready to inherit the tech industry.

«

Such a clever idea. Hide it from everyone except those who also know it, so that you can be sure that you all agree before going public. (Could such a system be used for the accused in rape trials?)
link to this extract


Phone screen, heal thyself • CCS Insigh

Shaun Collins:

»

Researchers at the University of Tokyo have discovered a new polymer that can actually heal itself, pointing the way to a future of self-healing phone screens.

There’s been ongoing efforts to improve the strength of displays on smartphones and tablets, and there’s no denying that they’ve become tougher. Nonetheless, round-the-clock smartphone use has increased the potential for drops and smashes. Screens are getting damaged all the time.

The polymer was discovered by accident by a Japanese graduate student, Yu Yanagisawa, who thought the material would become a type of glue. He found that cut edges of the polymer would stick to each other, and formed a strong sheet after being compressed by hand at 21 degrees Celsius.

The findings of a team of researchers led by Professor Takuzo Aida have been published in Science magazine. Titled Mechanically robust, readily repairable polymers via tailored noncovalent cross-linking, the research promises a hard glass-like polymer called polyether-thioureas that can heal itself with only hand pressure. This makes it different from other materials that need high heat to recover from a break.

«

CCS Insight reckons between 10% and 15% of smartphone owners crack or smash a display every year. It’s a big business.
link to this extract


What do you call a world that can’t learn from itself? • Eudaimonia

Umair Haque:

»

There is a myth of exceptionalism in America that prevents it from looking outward, and learning from the world. It is made up of littler myths about greed being good, the weak deserving nothing, society being an arena, not a lever, for the survival of the fittest  —  and America is busy recounting those myths, not learning from the world, in slightly weaker (Democrats) or stronger (Republicans) forms. Still, the myths stay the same  —  and the debate is only really about whether a lightning bolt or a thunderstorm is the just punishment from the gods for the fallen, and a palace or a kingdom is the just reward for the cunning.

Hence, I have never once sees in America a leader saying, “hey! See that British healthcare system? That German union and pension system? Why don’t we propose that? They work!!” Instead, the whole American debate is self-referential  —  pundits debating Andrew Jackson (LOL) instead of, say, what the rest of the world does today in 2017. How can a broken society grow only by looking inwards? If you are a desperate, heart-broken addict, what can you learn from yourself? Won’t you only, recounting your pain, reach for the needle quicker?

«

This is a fabulous essay. As he points out, American life expectancy is also lower than you’ll find in comparable European countries, and as he also notes:

»

The same is true for things like maternal mortality, stress, work and leisure, press freedom, quality of democracy — every single thing you can think of that impacts how well, happily, meaningfully, and sanely you live is worse in America, by a very long way.

«

But as he also points out, neither is learning the lessons of the other.
link to this extract


Errata, corrigenda and ai no corrida: none notified