Start Up: YouTube’s conspiracy-mongers, how Facebook ads helped Trump, Apple acquiesces to China on iCloud, and more

Nearly half of 2017’s ICOs have already failed. More to come? Photo by Dimitris Kalogeropoylos on Flickr

»You can sign up to receive each day’s Start Up post by email (arriving at about 0800GMT each weekday). You’ll need to click a confirmation link, so no spam.«

A selection of 10 links for you. Use them wisely. I’m @charlesarthur on Twitter. Observations and links welcome.

Untrue-tube: monetizing misery and disinformation • Medium

Jonathan Albright looked into the “Up Next” videos (which generally play automatically after one you watch ends:


Every time there’s a mass shooting or terror event, due to the subsequent backlash, this YouTube conspiracy genre grows in size and economic value. The search and recommendation algorithms will naturally ensure these videos are connected and thus have more reach.

In other words, due to the increasing depth of the content offerings and ongoing optimization of Youtube’s algorithms, it’s getting harder to counter these types of campaigns with real, factual information.

I hate to take the dystopian route, but YouTube’s role in spreading this “crisis actor” content and providing these thousands of false videos is akin to a parasite-host relationship. This genre of videos is especially troublesome, since the content has targeted (individual) effects as well as the potential to trigger mass public reactions.

The view count for 50 of the top mass shooting-related conspiracy videos is around 50 million. Not every single video overlaps directly with conspiracy-related subjects, but it’s worth pointing out that these 8842 videos have registered almost four billion (3,956,454,363) views.

Contrary to my earlier remarks on Twitter about YouTube’s algorithm getting “gamed,” I’m no longer sure. The only gaming here appears to be using tragic events for automated content monetization.


Perverse incentives. Read on for more.
link to this extract

Trump and the weird attention economy of Facebook • Boing Boing

Cory Doctorow:


When you try to buy online ads from Facebook’s self-serve ad-auctioning platform, merely being the highest bidder isn’t enough to guarantee that your ads will get through: Facebook multiplies your bid by a software-generated prediction about how responsive the audience will be to it, so the clickbaitier your ad is, the less it costs to place it.

This is just one of the insights into the odd attention economics lessons in Antonio García Martínez’s deep dive into the Trump campaign’s use of Facebook in the 2016 election; another important lesson is that poor, rural voters aren’t very attractive to advertisers, so there’s less competition when you try to reach them and that makes them cheaper to advertise to than voters in big, Democratic-leaning cities.

The really interesting stuff is about the six-year-old Facebook practice of selling ads to Custom Audiences (people who engaged in a specific activity that Facebook knows about, like putting a pair of shoes in an online shopping basket, visiting a given website, etc), and Lookalike Audiences (people who have similar characteristics to a Custom Audience, that is, “Advertise this to people substantially similar to people you know about who have recently gone shoe-shopping”).

»Unsurprisingly, the Russians also apparently made use of Custom Audiences in their ads campaign. The unwary clicker on a Russian ad who then visited their propaganda site suddenly could find yet more planted content in their Feed, which could generate downstream engagement in Feed, and thus the great Facebook wheel turned. The scale of their spend was puny, however, a measly $100,000, which pales in comparison to the millions Trump spent on online advertising.

The above isn’t mere informed speculation, the Trump campaign admitted to its wide use of both Custom and Lookalike audiences. There seems to be little public coverage of whether the Clinton campaign used Facebook Ads extensively, but there’s no reason to think her campaign did not exploit the same tools.«


There was a lot of surprise about this when I tweeted an extract from the Wired piece (which I can’t get to load; it’s linked in this piece) on Saturday. That’s because we don’t expect ads to work like that. We’re familiar with a straight transaction – spend X, show to Y people. The idea that the platform itself inserts a multiplier seems weird to anyone unversed in it.

And it also implies that you can do better with crazy just-about lies than with calm, reasoned statements about what you’ll do. That doesn’t imply good things about closing the US partisan gap.
link to this extract

Amazon AWS servers might soon be held for ransom, similar to MongoDB • Bleeping Computer

Catalin Cimpanu:


Amazon AWS S3 cloud storage servers might soon fall victims to ransom attacks, similar to how hacker groups held tens of thousands of MongoDB databases for ransom throughout 2017.

The statement, made today on social media by infosec expert Kevin Beaumont, is nothing short of a prophecy of things to come, an opinion shared by many security professionals to whom Bleeping Computer spoke today.

Amazon AWS S3 storage servers have been leaking data all 2017, being behind some of the most notable data leaks of last year, including breaches at the NSA, the US Army, analytics providers, and more.

Those incidents happened because companies left data on publicly-readable S3 buckets (“bucket” being a term used to describe an S3 storage unit). In most cases, that data was found by security researchers who helped companies secure their systems, but hackers could get to these files first, too.

However, there’s also a category of S3 buckets that are even more dangerous than publicly-readable servers. Those are publicly-writeable ones —buckets allowing any user, with or without an Amazon S3 account, to write or delete data on the AWS S3 instance. A Skyhigh Networks report from September 2017 found that 7% of all Amazon AWS S3 buckets were publicly-writeable.

Experts believe that hacker groups who have been busy holding MongoDB, ElasticSearch, Hadoop, CouchDB, Cassandra, and MySQL servers for ransom all of 2017 might soon turn their sights on S3 publicly-writeable buckets.

The 2017 ransom attacks usually followed the same pattern. Hackers found an exposed server, wiped data, and left a ransom note behind asking for a ransom. Some victims paid, hoping to recover data, but most users were left at the altar, as hackers did not have the storage space to back up all the ransomed servers, and never returned any of the promised data.

Now, something like this is bound to happen to Amazon S3 server owners.


A few days later Beaumont found a Javascript cryptominer merrily fizzing away on an S3 bucket. This, despite Amazon having released a tool the day this story appeared to let people check and correct the read/write permissions of said buckets.

Basically, open season for any capable hacker to take over.
link to this extract

Apple moves to store iCloud keys in China, raising human rights fears • Reuters

Stephen Nellis:


When Apple begins hosting Chinese users’ iCloud accounts in a new Chinese data center at the end of this month to comply with new laws there, Chinese authorities will have far easier access to text messages, email and other data stored in the cloud.

That’s because of a change to how the company handles the cryptographic keys needed to unlock an iCloud account. Until now, such keys have always been stored in the United States, meaning that any government or law enforcement authority seeking access to a Chinese iCloud account needed to go through the US legal system.

Now, according to Apple, for the first time the company will store the keys for Chinese iCloud accounts in China itself. That means Chinese authorities will no longer have to use the US courts to seek information on iCloud users and can instead use their own legal system to ask Apple to hand over iCloud data for Chinese users, legal experts said.

Human rights activists say they fear the authorities could use that power to track down dissidents, citing cases from more than a decade ago in which Yahoo handed over user data that led to arrests and prison sentences for two democracy advocates. Jing Zhao, a human rights activist and Apple shareholder, said he could envisage worse human rights issues arising from Apple handing over iCloud data than occurred in the Yahoo case.

In a statement, Apple said it had to comply with recently introduced Chinese laws that require cloud services offered to Chinese citizens be operated by Chinese companies and that the data be stored in China. It said that while the company’s values don’t change in different parts of the world, it is subject to each country’s laws.


China today – and Russia, Turkey, the Philippines tomorrow, if they pass similar laws? Where does it stop? An iCloud backup also includes iMessage, so this is a risk to activists. I expect they will take two countermeasures: stop using iCloud (and delete all their backups), and start (or continue) using apps such as Signal.

It’s a sign of the roach motel effect of China on Apple: it’s such a big slice of its business now that it can’t (unlike Google in 2010) just refuse to do business there.
link to this extract

Manafort left an incriminating paper trail because he couldn’t figure out how to convert PDFs to Word files • Slate

Jacob Brogan:


So here’s the essence of what went wrong for [Trump aides] Manafort and Gates, according to Mueller’s investigation: Manafort allegedly wanted to falsify his company’s income, but he couldn’t figure out how to edit the PDF. He therefore had Gates turn it into a Microsoft Word document for him, which led the two to bounce the documents back-and-forth over email. As attorney and blogger Susan Simpson notes on Twitter, Manafort’s inability to complete a basic task on his own seems to have effectively “created an incriminating paper trail.”

In Manafort’s defense, converting documents to and from Word could be easier. Not having tried it for a while, I attempted to transform my Word draft of this blog post into a PDF. I confess that I did fumble a bit at first (it’s been a while), but I eventually managed to get the job done. According to my stopwatch, the full ordeal took me 42 seconds. It involves a few steps, but there are plenty of accessible tutorials out there if you get lost.

Changing PDFs back to editable Word documents, meanwhile, does get a little more complicated. Try it in Adobe Acrobat (via the “Save as Other” command under “File” on a Mac) and you’ll quickly be redirected to Adobe’s website and presented with a handful of subscription packages that will allow you to transform your documents. For as little as $2 a month, Adobe will allow you to convert PDF files to Word, Excel, and rich text formats. If this feels extortionate, there are also plenty of services online that promise to let you do the same thing for free, but—and, to be clear, I’m no financial genius—even people who are allegedly misreporting millions of dollars in income can almost certainly afford the budget option. Indeed, it’s probably a little safer, all things considered.


This is a little like the Mars lander which crashed because one team used imperial units and the other used metric. Tiny technical details bringing down a huge enterprise.
link to this extract

Venezuelan president asks banks to mine the national cryptocurrency. Unions are aghast • Fortune

Chris Morris:


Launched earlier this week, the Petro raised $735m in its first day, despite investor warnings from groups including the US Treasury Department. Maduro has said he plans to offer a total of 100 million Petros, with a starting price of $60 each, for a total of about $6bn.

“Our country has released our first official crypto in the history of the world,” Maduro said in a nationally televised event. “It’s also the only one whose value is backed by real estate. The Petro demonstrates, today more than ever, that together all is possible.”

In making the proposal, Maduro added that banks that build mining farms could increase the benefits of their employees. Union leaders, though, rejected the proposal.

“That seems to us an abuse of power and a totalitarianism,” said Ana Yanez, the national coordinator of the National Union of Workers. “In addition, [the Petro] is a virtual currency that violates the Constitution. As workers, we disagree that this cryptocurrency is imposed on us.”


Oh, but that’s not the end of it. The catch to the Petro is how difficult it is to redeem: you can’t redeem it for actual oil. You redeem it for the value of a barrel of oil, paid for in bolivars – whose own value is dwindling at a huge rate.
link to this extract

Ai facial recognition works better for white skin – because it’s being trained that way • World Economic Forum

Larry Hardesty:


Three commercially released facial-analysis programs from major technology companies demonstrate both skin-type and gender biases, according to a new paper researchers from MIT and Stanford University will present later this month at the Conference on Fairness, Accountability, and Transparency.

In the researchers’ experiments, the three programs’ error rates in determining the gender of light-skinned men were never worse than 0.8%. For darker-skinned women, however, the error rates ballooned — to more than 20% in one case and more than 34% in the other two.

The findings raise questions about how today’s neural networks, which learn to perform computational tasks by looking for patterns in huge data sets, are trained and evaluated. For instance, according to the paper, researchers at a major US technology company claimed an accuracy rate of more than 97% for a face-recognition system they’d designed. But the data set used to assess its performance was more than 77% male and more than 83% white.

“What’s really important here is the method and how that method applies to other applications,” says Joy Buolamwini, a researcher in the MIT Media Lab’s Civic Media group and first author on the new paper. “The same data-centric techniques that can be used to try to determine somebody’s gender are also used to identify a person when you’re looking for a criminal suspect or to unlock your phone. And it’s not just about computer vision. I’m really hopeful that this will spur more work into looking at [other] disparities.”


Would love to know which big American company that was.
link to this extract

46% of last year’s ICOs have failed already •

Kai Sedgwick:


Given enough time, everything withers and dies, from the most robust institutions to the most popular crowdsales. No one expected all of 2017’s ICOs to last the course. The pace at which they’ve withered and died may come as a surprise though. Tokendata, one of the more comprehensive ICO trackers, lists 902 crowdsales which took place last year. Of these, 142 failed at the funding stage and a further 276 have since failed, either due to taking the money and running, or slowly fading into obscurity. This means that 46% of last year’s ICOs have already failed.

The number of ICOs that are still a going concern is actually even lower. An additional 113 ICOs can be classified as “semi-failed”, either because their team has stopped communicating on social media, or because their community is so small as to mean the project has no chance of success. This means that 59% of last year’s crowdsales are either confirmed failures or failures-in-the-making.


link to this extract

Instagram is killing the way we experience art • Quartz

Anne Quito:


Are social platforms changing the way we judge art, or making us more easily dismissive? Put another way, does a work that an artist has labored over for months, even years, deserve more than a glance on a tiny screen?

As the images of the Obama portraits started streaming out, the reactions came hard and fast. Looking at art online feeds a coterie of casual critics, just as everyone’s a design critic with every new logo launch these days. Within minutes of the live-streamed unveiling, Twitter was ablaze with hot takes, critiques and memes.

A seminal 2001 study found that museum goers spent an average of 17 seconds looking at a work of art in a museum, with the bulk of time spent the reading the wall text. With social media, this time is probably even shorter.

There was a time when art lovers traveled great distances to see a work of art. For these pilgrims, a personal audience with genius was the goal. A museum was a place to hone one’s ability to detect beauty and appreciate nuance—with only our own internal filters between us and the work.

Platforms like the incredible Google virtual museum tours have eliminated the need to travel, by enabling art lovers to “visit” top museums and “see” works of art up close, at even higher resolutions than if they were to stand before it a museum.

But despite the democratizing value of widely disseminating great masterpieces, the fact is that looking at art on our backlit screens is not the same as encountering it in person. Take the work of the British painter J.M.W. Turner: To the casual Instagram swiper, his wild brushstrokes might seem unruly, even quaint. In person, even a smaller canvas like Peace – Burial at Sea is so arresting and emotional it’s impossible to ignore.


I’m probably the last person anyone would call an art connoisseur, but the reality is that art, including paintings, is three-dimensional. (Sculpture, of course, even more so.) The swirls of paint on a van Gogh or Pisarro tell you about the artist’s intent and skill. A photo – even a virtual museum – won’t show you that.
link to this extract

China’s cutthroat smartphone market is coming down to a handful of major brands • South China Morning Post

Li Tao:


“The top-20 smartphone brands control 93% of the market,” said Counterpart research director Neil Shah. “That means 180 other brands are competing for just the remaining seven% share, which means we could see a potential exit for some of these firms this year.”

He said the slowdown [in smartphone sales, which went into reverse in Q4 17] in China “has caused serious pain for tier-2 and tier-3 smartphone brands, such as Gionee, Coolpad and LeEco, which largely depend on domestic sales”. A further slowdown this year would make it more difficult for these companies to compete in terms of scale in component supply deals for production and in marketing, he said.

With fewer marketing resources at their disposal, small Chinese smartphone companies will be absent at this year’s edition of Mobile World Congress (MWC), the world’s largest exhibition for the mobile industry, to be held in Barcelona, Spain, from 26 February to 1 March.

This year’s absentees include Meizu, Gionee and Coolpad, which took part the past three years, and LeEco, which was at the event in 2015 and 2016.


Meizu insists it’s profitable, but I think the others face a cold winter.
link to this extract

Errata, corrigenda and ai no corrida: none notified.

Start Up: Goldilocks meets the iPhone, Google’s bad searches, awaiting AirPods 2, has pro-Trump media met its Vietnam?, and more

A Bulgarian playlist on Spotify (not this one) is reckoned to have made a huge profit – legally. Photo by Andrew Mager on Flickr

»You can sign up to receive each day’s Start Up post by email (arriving at about 0800GMT each weekday). You’ll need to click a confirmation link, so no spam.«

A selection of 10 links for you. Tell them you hear them. I’m @charlesarthur on Twitter. Observations and links welcome.

Bot-driven credential stuffing hits new heights • Infosecurity Magazine

Phil Muncaster:


More than 40% of global log-in attempts are malicious thanks to bot-driven credential stuffing attacks, according to the latest report from Akamai.

The cloud delivery provider’s latest State of the Internet/Security report for Q4 2017 comprised analysis from over 7.3 trillion bot requests per month.

It claimed that such requests account for over 30% of all web traffic across its platform per day, excluding video streaming. However, malicious activity has seen a sharp increase, as cyber-criminals look to switch botnets from DDoS attacks to using stolen credentials to try to access online accounts.

Of the 17 billion login requests Akamai tracked in November and December, over two-fifths (43%) were used for credential abuse. The figure rose to a staggering 82% for the hospitality industry.

The stats chime with similar data from fraud prevention specialist ThreatMetrix, which claimed in its latest Cybercrime report for Q4 2017 that there were 34 million bot attacks during the peak festive shopping period, rising to 800 million for the quarter.

It said that for some businesses bot activity can make up as much as 90% of their daily traffic.

Akamai claimed that credential stuffing can cost businesses up to $2.7m annually.


Just amazing. It’s as though the internet isn’t really for actual people most of the time.
link to this extract

The Goldilocks era for iPhone has begun • Above Avalon

Neil Cybart:


The lack of iPhone unit sales growth is not surprising. In May 2016, I published “iPhone Warning Signs” and the conclusion that “the iPhone growth story is breaking apart and management does not seem to be in control of the situation.” Over the past two years, this is exactly what has happened as the four iPhone growth warnings signs highlighted in my article have fully materialized. 

• Mobile carrier expansion is complete. Apple no longer has a sales tailwind from bringing iPhone to new carriers around the world. 
• India isn’t the next China. Any expectation of India becoming an iPhone sales growth engine in the near term is misplaced.
• Smartphone saturation. The era of iPhone sales growth coming from people buying their first smartphone has come to an end.
• Running out of Android switchers. There are only so many premium Android users in a position to switch to iPhone. 

Two additional red flags have now appeared:

Slowing iPhone upgrade rate. iPhone users are holding on to their devices for longer before upgrading. This trend has been unfolding for years, but the impact on iPhone sales is only now being felt.
Overserving users. One reason iPhone users are holding on to their devices for longer is that their needs are being met with older models and less capable features. While new iPhones are still intriguing and enticing to a majority of iPhone users, a growing percentage of the iPhone installed base is content with their current device. 

Instead of there being one particular reason or cause for the lack of iPhone unit sales growth, the six preceding factors have come together to create a much less friendly growth environment.


This applies across the smartphone market, of course. (Remember IDC says total sales shrank last year.) Expect more churn between OEMs at the lower price ranges, and a real challenge at the premium end – and not just for Apple. It’s probably safer than others.
link to this extract

#NotOKGoogle search suggestions: 2018 edition • Medium

Jonathan Albright:


I’m at a loss to understand how this could *still* be happening. The quality and reliability of Google’s search suggestions have actually devolved in the past year. It almost reads like these input signals are coming out of Reddit, Twitter and other online and social news forums.

Here’s February 20, 2018. Below are some examples of what kids are likely to see when they begin to type in or use Google to look up a controversial topic. Why does this matter? It matters because this is information pollution at the most critical interface: search. Google is the knowledge portal for most of the world.

When toxic information — suggestions like the ones seen below — get in the way of people actively fact checking and truth-seeking, it’s a major problem.

We’re at a critical juncture in social cohesion & the role of tech in society. The walls have been breached; platforms are now getting vandalized in broad daylight.


Note also that those are searches relating to American topics. But as Carole Cadwalladr has shown at the Guardian (a year ago, and again when Albright showed these) you get just as bad outside the US.
link to this extract

Internet of babies: when baby monitors fail to be smart • SEC Consult


Baby monitors serve an important purpose in securing and monitoring our loved ones. Unfortunately, the investigated device “Mi-Cam” from miSafes (and potentially further devices) is affected by a number of critical security vulnerabilities which raise serious security and privacy concerns. An attacker is able to access and interact with arbitrary video baby monitors and hijack other user accounts. Based on observed user identifier values extracted from the cloud API and Google Play store data, an estimated total number of more than 52,000 user accounts and video baby monitors are affected (implying a 1:1 distribution of user accounts to video baby monitors). Even worse, neither the vendor nor the CNCERT/CC could be reached for the coordination for our responsible disclosure process. Hence the issues are (up until the publication of this article) not patched and our recommendation is to keep the video baby monitors offline until further notice.


Baby monitors have never been the most secure things (in older times, they offered a couple of radio channels; people in adjacent flats or houses could sometimes eavesdrop accidentally). But this is taking it further.
link to this extract

Ex-engineer sues Google, saying he was fired for *condemning* diversity memo • The Guardian

Julia Carrie Wong:


Tim Chevalier, a site reliability engineer who worked for Google until November 2017, sued his former employer in California state court on Wednesday. Chevalier, who identifies as queer, disabled and transgender, alleges that Google terminated him over posts he made on internal forums advocating for diversity at Google and criticizing Damore.

Damore was fired for “advancing harmful gender stereotypes” in August 2017 after the memo, in which he posited that psychological differences between men and women explain the gaping gender imbalance at Google, was leaked and went viral…

…The Chevalier lawsuit offers a different spin on the debates that played out on Google’s internal email lists and message boards, which the attorney David Lowe described in a statement as “a cesspool of bullying and harassment”. Google failed to prevent employees from using the internal platforms to discriminate against marginalized groups, the suit alleges, allowing Google employees to call LGBT co-workers “immoral” and post statements such as:“If we have fewer Black and Latin@ people here, doesn’t that mean they’re not as good?”

Chevalier regularly participated in these internal discussions, the lawsuit states, “calling out discrimination and harassment for what it was and asking his peers to reflect on perspectives different from their own”.

“It is a cruel irony that Google attempted to justify firing me by claiming that my social networking posts showed bias against my harassers,” Chevalier said in a statement. “The anti-discrimination laws are meant to protect marginalized and underrepresented groups – not those who attack them.”

In an emailed statement, Google defended its termination of Chevalier.

“An important part of our culture is lively debate. But like any workplace, that doesn’t mean anything goes,” a spokeswoman, Gina Scigliano, said…


This now just seems like there’s war brewing internally.
link to this extract

The pro-Trump media has met its match in the Parkland students • Buzzfeed

Charlie Warzel:


factions of the mainstream media have proven time and again that they are unprepared for the pro-Trump media’s information war. Whether it’s Scott Pelley falling into a trap while interviewing pro-Trump personality Mike Cernovich, former New York Times public editor Liz Spayd taking the bait while being trolled on Twitter, or Megyn Kelly and NBC allowing Alex Jones to gin up outrage and scoop her on her own interview, the mainstream media has repeatedly failed to grasp the pro-Trump media’s new rules. It’s never quite understood that its online arm isn’t just an opposition force — it’s a parallel institution that insists on its own reality.

In the case of the Parkland students, however, the mold doesn’t fit. A look at the Twitter feeds of students like David Hogg shows that they are a remarkable foil for the pro-Trump media’s trolling tactics. Like the pro-Trump media, they, too, are an insurgent political force that’s native to the internet. And while they use legacy platforms like cable news to build awareness of their names and of their causes, much of the real work happens online.

They use platforms like Twitter to call out and put pressure on politicians. They address prominent critics like Bill O’Reilly not with bland, carefully written statements, but by dunking on them, and they respond to misinformation in real-time with their own viral, emoji-laden posts. Rather than take the bait on the crisis actor narrative, they opted to have fun with the conspiracy theories by mocking them. “I’m thankful that there are people out there finding my doppelgangers for me. I’ve always wanted to have a party with a room full of people who look like me,” Emma Gonzalez, a Parkland student, told BuzzFeed News. By dismissing the conspiracies for what they are — a tired, rather boring page in the Infowars playbook — Gonzalez and her classmates have stripped them of their power. Before the pro-Trump media can finish its line of attack, the students, unfazed, have moved on, staying one step ahead of their political enemies and owning the story.


It is fascinating to behold – and now that Twitter has verified a lot of those students, they are amassing huge followings. It is different this time. Wendy Grossman, an Overspill reader, suggests that US school shootings and gun control might be this new generation’s Vietnam: “their lives are threatened by decisions made by ‘the grown-ups’, who are out of touch with the incoming change in society.”
link to this extract

Apple plans upgrades to popular AirPods headphones • Bloomberg

Mark Gurman:


The Cupertino, California-based technology giant is working on a new version for release as soon as this year with an upgraded wireless chip, the [unnamed] people said. A subsequent model for as early as next year is planned to be water resistant, they added, asking not to be identified discussing private product plans.

The model coming as early as this year will let people summon Apple’s Siri digital assistant without physically tapping the headphones by saying “Hey Siri.” The function will work similarly to how a user activates Siri on an iPhone or a HomePod speaker hands-free. The headphones, internally known as B288, will include an upgraded Apple-designed wireless chip for managing Bluetooth connections. The first AirPods include a chip known as the W1, and Apple released the W2 with the Apple Watch last year.

The idea for the water-resistant model is for the headphones to survive splashes of water and rain, the people said. They likely won’t be designed to be submerged in water.


“Splashes of water”? Didn’t know they were subjected to that much. Note in passing all the fol-de-rol of formal American newswriting: the amazingly dull headline, the requirement to describe Apple as “the Cupertino-based technology giant”, in case you were trying to find them on a map; the inability to just say “my sources”; the strangulated “as soon as this year” instead of “perhaps this year”. It’s like a weird grammar of its own.
link to this extract

The great big Spotify scam: did a Bulgarian playlister swindle their way to a fortune on streaming service? • Music Business Worldwide

Tim Ingham:


Our sources tell us that this data, within Spotify’s analytics, was pretty consistent: around 1,200 monthly listeners, with some variation, were hitting play on each ‘Soulful Music’ song.

So let’s bring all of this information together:

• A Bulgarian individual or collective managed to run at least one third-party playlist – ‘Soulful Music’ – which generated so much revenue in September 2017, it landed at No.35 on Spotify’s global 100 chart. (We actually have a testimonial from a further trusted source that ‘Soulful Music’ went on to break the US Top 10 in late September, but we haven’t seen the evidence.)
• However, ‘Soulful Music’ had less than 1,800 followers at the time.
• What’s more, each of its 467 tracks were only attracting around 1,200 monthly listeners apiece.

Considering these numbers, how on earth could ‘Soulful Music’ beat down branded efforts from Sony, Universal and Warner to become one of the biggest playlists in the world?

There are only two possible answers to that question.

Soulful Music could – cough, splutter, sneeze – have been a completely legitimate niche playlist which was simply so addictive, 1,800 people just kept playing their way through it over and over and over.

Or – and this rather strikes us as the more likely scenario – an individual in Bulgaria set up circa 1,200 Spotify accounts, which continually played these 467 tracks on a loop, on random (thus why some songs had slightly different play counts to others).

In order to generate enough revenue to hit Spotify’s US Top 15 playlist rankings, all of these accounts must have been paid-for, premium subscriptions.

And it’s here that the genius of the (potential) ‘scam’ starts to become clear.

Let’s say that our friend the Bulgarian had laid out the money to purchase 1,200 premium accounts.

That would take a lot of work; they’d have to create individual email addresses and identities for each one.

It would also be expensive. A nice easy calculation shows why: 1,200 X $9.99-per-month would mean an outlay of $12,000 per month (although this could be reduced by family plans and other discounts).

That’s the monthly outgoings.

Now let’s work out the potential monthly revenue generation.


Spoiler: it’s a lot bigger. (It’s a LOT bigger.) And I bet family plans would be the way to go in setting up the paid accounts, cutting outgoings by 80%.
link to this extract

Jihadists see a funding boon in bitcoin • WSJ

Brett Forrest and Justin Scheck:


cryptocurrency has become an increasingly discussed topic among jihadist groups in the Middle East. This month, an issue of al-Haqiqa, a pro-al Qaeda online magazine, included a “Tech Talk” section that outlines bitcoin basics.

Al Sadaqah has realized what other violent groups have found: Raising funds in cryptocurrencies can evade the rules the global banking system has put in place to block terror financing and money laundering.

“It is fast, efficient, and does not pass through the same interest-loaded and traceable routes that any usual payment methods would go through,” Hassan Abdo, an al Sadaqah spokesman, wrote to The Wall Street Journal in a text message. “This way we and our donors can keep our full anonymity.”

Yaya Fanusie, an ex-CIA analyst who is a director of the Washington-based counterterrorism think tank Foundation for Defense of Democracies, has been tracking al Sadaqah’s bitcoin accounts for months. He said it is difficult to confirm the identities of such groups online because they hide behind fake personas and use technology to protect their identities.

“What they’re more than likely attempting to do isn’t just to pick up a few peanuts in donations here,” said Michael Smith, a fellow at the New America think tank who studies terrorists’ use of technology. “It’s to build a network of sympathizers.”


Maybe that’s the new use for the blockchain. Not quite what Satoshi intended.
link to this extract

The #1 reason facebook won’t ever change • Om Malik

Om Malik on how “growth” and “engagement” are the constant refrains for Facebook:


now you know why Facebook does what it has been doing recently — sending various messages constantly to get you back on the service. I know first hand. I left Facebook on September 23, 2017, and not a single day has gone by when I don’t get at least a couple of emails or some SMS messages trying to get me back with notes about what friends have posted recently, or birthdays or other milestones. I keep unsubscribing and they still keep coming. Now I’ve set up a spam rule: all emails from go straight into the spam folder.

Facebook’s DNA also explains why it is pushing Protect (the FB-owned VPN) and what it brings to the table. First of all, it allows the company to keep tabs on what apps people are using in different parts of the world, which in turn gives it a leg up on who or what to copy or, potentially, acquire.

The VPN data also allows Facebook to better target its ads — much like how Google Mail and Google Chrome allows Google to better target what ads you see. By the way, Facebook isn’t the only one who is taking data from VPN mobile streams. Other data brokers buy data from other VPN apps. To be clear, just because others are doing it doesn’t make it right for Facebook to follow suit. I would love to see a US version of GDPR — a citizen data rights manifesto — to be put on the table.

How does Protect help Facebook?

Protect can tell that you browsed H&M’s North American site, visited, and bought groceries on Farmstead. It can figure out how much time you spend on various sites and services and start to build a better profile of your online usage for smarter ad targeting and to place you in more and more buckets.

In other words, Protect brings more granular and refined data into Facebook’s system, which in turn allows Facebook to refine its algorithms and become more efficient at targeting of ads. It is especially more useful in the Asia Pacific region and other emerging markets where it is pretty tricky to create buckets and hyper-targeting. Overseas users of Facebook are using the social platform on phones that are usually pre-paid phones and don’t have as much personalized information available from third party sources to create profiles. Facebook needs to find more high-value customers in the hordes of users in Asia, Africa, and Latin America.


I hadn’t thought about the point that PAYG phones mean less data for networks, but in retrospect it’s obvious, and relevant.
link to this extract

Errata, corrigenda and ai no corrida: none notified.

Start Up: The bot army, Samsung’s OLED questions, how hackers will use AI, Spotify hardware?, and more

Twitter has banned automated control of multiple accounts. (Finally?) Photo by untitled exhibitions on Flickr

»You can sign up to receive each day’s Start Up post by email (arriving at about 0800GMT each weekday). You’ll need to click a confirmation link, so no spam.«

A selection of 12 links for you. Will not mark wood. I’m @charlesarthur on Twitter. Observations and links welcome.

After Florida school shooting, Russian ‘bot’ army pounced • NY Times

Sheera Frenkel and Daisuke Wakabayashi:


When the Russian bots jumped on the hashtag #Parklandshooting — initially created to spread news of the shooting — they quickly stoked tensions. Exploiting the issue of mental illness in the gun control debate, they propagated the notion that Nikolas Cruz, the suspected gunman, was a mentally ill “lone killer.” They also claimed that he had searched for Arabic phrases on Google before the shooting. Simultaneously, the bots started other hashtags, like #ar15, for the semiautomatic rifle used in the shooting, and #NRA.

The bots’ behavior follows a pattern, said Mr. Morgan, one of the researchers who worked with the German Marshall Fund to create Hamilton 68, the website that monitors Russian bot and fake Twitter activity. The bots target a contentious issue like race relations or guns. They stir the pot, often animating both sides and creating public doubt in institutions like the police or media. Any issue associated with extremist views is a ripe target.

The goal is to push fringe ideas into the “slightly more mainstream,” Mr. Morgan said. If well-known people retweet the bot messages or simply link to a website the bots are promoting, the messages gain an edge of legitimacy.

An indictment made public on Friday by Mr. Mueller as part of the investigation into Russian interference in the election mentioned a Russian Twitter feed, @TEN_GOP, which posed as a Tennessee Republican account and attracted more than 100,000 followers. Messages from this now-deleted account were retweeted by the president’s sons and close advisers including Kellyanne Conway and Michael T. Flynn, the former national security adviser…

By Friday morning, the bots that pushed the original tweets around the Parkland shooting had moved on to the hashtag #falseflag — a term used by conspiracy theorists to refer to a secret government operation that is carried out to look like something else — with a conspiracy theory that the shooting had never happened.

By Monday, the bots had new targets: the Daytona 500 auto race in Daytona Beach, Fla., and news about William Holleeder, a man facing trial in the Netherlands for his suspected role in six gangland killings. It is unclear why.


link to this extract

Automation and the use of multiple accounts • Twitter Developer blog

Yoel Roth:


Keeping Twitter safe and free from spam is a top priority for us. One of the most common spam violations we see is the use of multiple accounts and the Twitter developer platform to attempt to artificially amplify or inflate the prominence of certain Tweets. To be clear: Twitter prohibits any attempt to use automation for the purposes of posting or disseminating spam, and such behavior may result in enforcement action.

In January, we announced that as part of our Information Quality efforts we would be making changes to TweetDeck and the Twitter API to limit the ability of users to perform coordinated actions across multiple accounts. These changes are an important step in ensuring we stay ahead of malicious activity targeting the crucial conversations taking place on Twitter — including elections in the United States and around the world.

Today, we’re sharing details about those changes, as well as important guidance for developers on how to comply with these rules…

Do not (and do not allow your users to) simultaneously post identical or substantially similar content to multiple accounts. For example, your service should not permit a user to select several accounts they control from which to publish a given Tweet.


Something of a stable door/horse move, but if it prevents amplification by automated accounts as above then it’s welcome. (And as some pointed out, this tells you how the Russians at the Internet Research Agency were doing it.)
link to this extract

Why we may soon be living in Alexa’s world • NY Times

Farhad Manjoo:


there are also advantages to Alexa’s model for ubiquity. Imagine if you could gain access to your smartphone on just about any screen you encountered. Move from your phone to your TV to your laptop to your car, and wherever you went, you’d find all your apps, contacts and data just there, accessible through the same interface.

That model isn’t really possible for phones. But because Alexa runs in the cloud, it allows for a wondrously device-agnostic experience. Alexa on my Echo is the same as Alexa on my TV is the same as Alexa on my Sonos speaker.

And it’s the same even on devices not in your home. Ford — the first of several carmakers to offer Alexa integration in its vehicles — lent me an F-150 pickup outfitted with Alexa. The experience was joyously boring: I called up Alexa while barreling down the highway, and although she was slower to respond than at home, she worked just the same. She knew my musical tastes, my shopping list, the apps and smart-home services I had installed, and just about everything else.

It was the best showcase of the possibilities of always-on voice computing. In the future, wherever you go, you can expect to talk to a computer that knows you, one that can get stuff done for you without any hassle.

There’s a lot of money in the voice game. For Amazon, Alexa’s rise could lead to billions of dollars in additional sales to its store, Mark Mahaney, an analyst at RBC Capital Markets, predicted recently. Amazon is thus not the only company chasing the dream of everywhere voice computing.


You can pretty much have that “all documents/contacts/etc” interface with Google or Apple; the trouble with voice remains that it’s so difficult to know what you can and can’t ask it. Is it “turn up the volume” or will “turn it up” suffice? And so on.
link to this extract

Artificial intelligence poses risks of misuse by hackers, researchers say • Reuters

Eric Auchard:


The study, published on Wednesday by 25 technical and public policy researchers from Cambridge, Oxford and Yale universities along with privacy and military experts, sounded the alarm for the potential misuse of AI by rogue states, criminals and lone-wolf attackers.

The researchers said the malicious use of AI poses imminent threats to digital, physical and political security by allowing for large-scale, finely targeted, highly efficient attacks. The study focuses on plausible developments within five years.

“We all agree there are a lot of positive applications of AI,” Miles Brundage, a research fellow at Oxford’s Future of Humanity Institute. “There was a gap in the literature around the issue of malicious use.”

Artificial intelligence, or AI, involves using computers to perform tasks normally requiring human intelligence, such as taking decisions or recognizing text, speech or visual images.

It is considered a powerful force for unlocking all manner of technical possibilities but has become a focus of strident debate over whether the massive automation it enables could result in widespread unemployment and other social dislocations.

The 98-page paper cautions that the cost of attacks may be lowered by the use of AI to complete tasks that would otherwise require human labor and expertise. New attacks may arise that would be impractical for humans alone to develop or which exploit the vulnerabilities of AI systems themselves.


I deal with this in a chapter in my forthcoming book Cyber Wars. It’s concerning.
link to this extract

Spotify is ‘on its way’ to creating its first hardware according to job ad • Musically

Stuart Dredge:


The role? “You will define and manage Distribution, Supply, Logistics, fulfillment and Customer Service for Hardware Products and work with partners to deliver the optimal Spotify experience to millions of users.”

Based in Stockholm, this isn’t a job about managing integrations with third-party devices: among the job’s duties is to “manage the supply chain, demand and forecast & inventory”.

Separate ads for a Senior Project Manager: Hardware Production and Project Manager: Hardware Production & Engineering are also indications that Spotify’s hardware plans are ramping up.

Many people will leap to ‘smart speaker’ as the assumption about what the first Spotify-branded hardware product will be. Which begs the question: if so, where will its voice assistant – its equivalent of Alexa, Google Assistant and Siri – come from?


We last heard about this in April 2017 and still there’s no word of what this might be. Wearable? Smart speaker? Dumb speaker? Wait for production to start in the Far East, then I give it a couple of weeks to a leak.
link to this extract

Apple’s iPhone X is the instant scapegoat for Samsung’s failure to win OLED orders from Chinese vendors • Patently Apple

Jack Purcher in an effective repudiation of yesterday’s piece on this topic:


In late January Patently Apple posted a report titled “Apple to end Samsung’s exclusive OLED contract and Shift to a new L-Shaped Battery with Increased Capacity.” In that report we also noted that China’s BOE and Sharp were vying for Apple’s OLED business.

Yet despite Samsung overestimating OLED display demand, the Nikkei Asian Review’s report adds: “To make matters worse, Chinese OLED panel makers are expanding production capacity, heating up the price competition even more.”

But somehow the blame continually shifts back to Apple being the real problem due to cutting back on orders for OLED display for calendar Q1. Even though iPhone demand annually drops after the holiday quarter, somehow it’s always viewed by the Nikkei that this is a shock and sign of trouble for Apple.

On February 8th we reported that in Q4 Apple surpassed Samsung to become the #1 smartphone brand in the world. I guess Samsung Display didn’t sell as many OLED displays to their own Samsung Electronics division. That very point was echoed by British Research company IHS which stated that “the number of OLED smartphone panels Samsung internally sources for its own smartphones fell year on year in 2017.”

Yet in the end, the Nikkei focuses back on Samsung’s OLED plant failures as being caused by Apple and forgets the reality that Samsung failed to win OLED orders from Chinese vendors like Oppo, Vivo or Xiaomi.


link to this extract

iPad 2018 rumors: Eurasian Economic Commission approves two new models for sale • Macworld

Michael Simon:


As first spotted by French site Consomac, the Eurasian Economic Commission has given approval to Apple to sell two new iPad models we’ve never seen before: A1893 and A1954. The EEC approves the sale of any products with encryption sold in Armenia, Belarus, Kazakhstan, Kyrgyzstan, and Russia.

We can’t glean too much from the model numbers themselves—the “A” model numbers cannot be directly translated into any particular feature or specification. But iPads of the same size and generation typically only differ in the last two numbers, meaning that A1893 and A1954 are probably different sizes, not just the Wi-Fi and Cellular versions of the same iPad.

Plausible? Apple often holds an event in March to announce new hardware, but it doesn’t do so every year. iPads often feature as part of that announcement. The timing of this certification suggests that Apple will hold a March event again this year and announce two iPads, though that does not preclude the company from also releasing an iPad or two later in the year. The regular lower-cost 9.7in iPad may get an annual refresh, and the iPad Mini is long overdue for an update. Apple is also said to be preparing a new high-end iPad with slim bezels and a TrueDepth camera module, though our guess would be that such a product would be announced later in the year.

While we already heard a rumor that the next round of iPads would support Face ID for unlocking, a report on iOS 12 in Bloomberg contains some some confirmation that Apple’s tablet will be adopting the iPhone X’s unique camera. Mark Gurman reports that Apple is working on a new iPad “that will have the required Face ID camera” to handle Animoji.


Doubt that the iPad mini will be updated. That part of the market has died.
link to this extract

Apple in talks to buy cobalt directly from miners • Bloomberg

Jack Farchy:


The move means Apple will find itself in competition with carmakers and battery producers to lock up cobalt supplies. Companies from BMW AG and Volkswagen AG to Samsung SDI Co. are racing to sign multiyear cobalt contracts to ensure they have sufficient supplies of the metal to meet ambitious targets for electric vehicle production. 

Australian Mines Ltd., developing the Sconi mine in Queensland state, this week agreed a cobalt and nickel supply deal with SK Innovation Co., South Korea’s top oil refiner, that’s worth about A$5bn ($3.9bn) at current prices, the Perth-based company said Wednesday in a presentation.

SK Innovation, which plans to use the raw materials at an EV battery manufacturing plant in Hungary, agreed to buy all of the project’s planned output for up to 13 years, according to the filing.

BMW is also close to securing a 10-year supply deal, the carmaker’s head of procurement told German daily FAZ in early February.

Cobalt is an essential ingredient in lithium-ion batteries for smartphones. While those devices use about eight grams of refined cobalt, the battery for an electric car requires over 1,000 times more. Apple has around 1.3 billion existing devices, while Apple Chief Executive Officer Tim Cook has been bullish about the prospects for electric vehicles.

The price of cobalt has more than tripled in the past 18 months to trade above $80,000 a metric ton. Two-thirds of supplies come from the Democratic Republic of Congo, where there has never been a peaceful transition of power and child labor is still used in parts of the mining industry.


Ethical challenges ahoy for Apple, then, if it does go direct to the DRC. Or could it make a difference to a poor, exploited country?
link to this extract

Money laundering via author impersonation on Amazon? • Krebs On Security

Brian Krebs:


Patrick Reames had no idea why sent him a 1099 form saying he’d made almost $24,000 selling books via Createspace, the company’s on-demand publishing arm. That is, until he searched the site for his name and discovered someone has been using it to peddle a $555 book that’s full of nothing but gibberish.

Reames is a credited author on Amazon by way of several commodity industry books, although none of them made anywhere near the amount Amazon is reporting to the Internal Revenue Service. Nor does he have a personal account with Createspace.

But that didn’t stop someone from publishing a “novel” under his name. That word is in quotations because the publication appears to be little more than computer-generated text, almost like the gibberish one might find in a spam email.

“Based on what I could see from the ‘sneak peek’ function, the book was nothing more than a computer generated ‘story’ with no structure, chapters or paragraphs — only lines of text with a carriage return after each sentence,” Reames said in an interview with KrebsOnSecurity.

The impersonator priced the book at $555 and it was posted to multiple Amazon sites in different countries. The book — which as been removed from most Amazon country pages as of a few days ago — is titled “Lower Days Ahead,” and was published on Oct 7, 2017.

Reames said he suspects someone has been buying the book using stolen credit and/or debit cards, and pocketing the 60% that Amazon gives to authors. At $555 a pop, it would only take approximately 70 sales over three months to rack up the earnings that Amazon said he made.


This is the sort of thing that would be really, really hard to eradicate.
link to this extract

The random walk of cars and their collision probabilities with planets • ArXiv

Hanno Rein, Daniel Tamayo, and David Vokrouhlicky:


On February 6th, 2018 SpaceX launched a Tesla Roadster on a Mars crossing orbit. We perform N-body simulations to determine the fate of the object over the next several million years, under the relevant perturbations acting on the orbit. The orbital evolution is initially dominated by close encounters with the Earth. The first close encounter with the Earth will occur in 2091. The repeated encounters lead to a random walk that eventually causes close encounters with other terrestrial planets and the Sun.

Long-term integrations become highly sensitive to the initial conditions after several such close encounters. By running a large ensemble of simulations with slightly perturbed initial conditions, we estimate the probability of a collision with Earth and Venus over the next one million years to be 6% and 2.5%, respectively. We estimate the dynamical lifetime of the Tesla to be a few tens of millions of years.


Well, you did ask.
link to this extract

Swype keyboards for Android & iOS discontinued as company focuses on business market • 9to5Google

Ben Lovejoy:


Nuance’s Swype keyboard apps for iOS and Android have been discontinued, as the company focuses its efforts on the business market.

The news was revealed when a Reddit user posted a message from Nuance support. Xda-developers did some checking and found that the same was true of the iOS keyboard:

»We are sad to announce that Swype Dragon for Android has faced end of development. Here is a statement from Swype Product Team:

Nuance will no longer be updating the Swype Dragon keyboard for Android. We’re sorry to leave the direct-to-consumer keyboard business, but this change is necessary to allow us to concentrate on developing our AI solutions for sale directly to businesses.«

Swype usage took a hit in 2016, when Google launched its Gboard keyboard. Alongside built-in search, the keyboard also supported Swype-style glide-typing.


Always difficult when you’re making something that is a feature more than a business.
link to this extract

Not again: Google Home Max can also damage wood furniture (but…) • Tom’s Guide

Mike Prospero:


Why hadn’t I noticed the Home Max’s white mark before, when Google’s speaker was sitting on my cabinet? Simple: I wasn’t using it with the silicone pad at the time.
Google ships the pad with the Max, but I had left the pad in the box, figuring it wasn’t that necessary. However, when devising this test, I decided to use the pad to see its effect. So, if you have or plan to purchase the Google Home Max, and want to place it on wood furniture, I would advise against using the silicone pad. We have reached out to Google for comment.

I still think the Sonos One, HomePod and Google Home Max (to a slightly lesser extent) deliver the best sound of all the smart speakers. When we put all three to the test, the Sonos One came out on top, but the Google Home Max was competitive, not only for its sound, but also for what you can do with Google Assistant. But if you purchase or own any of the speakers that can damage furniture, I advise placing it on a non-silicone pad or coaster.


OMG what a radical idea. I’m starting to get the feeling that applying a weight to a silicone pad on treated wood causes staining.
link to this extract

Errata, corrigenda and ai no corrida: none notified.

Start Up: Twitter and Facebook at bay, the teens opposing the NRA, Samsung cutting OLED output?, and more

Growing new teeth could be a matter of taking an Alzheimer’s drug. Photo by Chapendra on Flickr

»You can sign up to receive each day’s Start Up post by email (arriving at about 0800GMT each weekday). You’ll need to click a confirmation link, so no spam.«

A selection of 10 links for you. Not the subject of MPs’ letters. I’m @charlesarthur on Twitter. Observations and links welcome.

“Just an ass-backward tech company”: how Twitter lost the internet war • Vanity Fair

Maya Kosoff:


At the same time, her defenders say, [head of Twitter Trust & Safety, Del] Harvey has been forced to clean up a mess that Twitter should have fixed years ago. Twitter’s backend was initially built on Ruby on Rails, a rudimentary web-application framework that made it nearly impossible to find a technical solution to the harassment problem. If Twitter’s co-founders had known what it would become, a third former executive told me, “you never would have built it on a Fisher-Price infrastructure.” Instead of building a product that could scale alongside the platform, former employees say, Twitter papered over its problems by hiring more moderators. “Because this is just an ass-backward tech company, let’s throw non-scalable, low-tech solutions on top of this low-tech, non-scalable problem.”

Calls to rethink that approach were ignored by senior executives, according to people familiar with the situation. “There was no real sense of urgency,” the former executive explained, pointing the finger at Harvey’s superiors, including current CEO Jack Dorsey. “It’s a technology company with crappy technologists, a revolving door of product heads and CEOs, and no real core of technological innovation. You had Del saying, ‘Trolls are going to be a problem. We will need a technological solution for this.’” But Twitter never developed a product sophisticated enough to automatically deal with with bots, spam, or abuse.


I’ve known Del Harvey for years, as a journalist, so I’m probably a bit biased. But she’s not failing; Twitter’s problem is its drive for users instead of quality. It lives up to Mark Zuckerberg’s dismissive comment that “it’s a clown car that drove into a gold mine.”
link to this extract

Facebook battles new criticism after US indictment against Russians • WSJ

Robert McMillan:


The Twitter comments of Mr. Goldman, Facebook’s head of advertising, also fueled disagreement about the intent of the Russian efforts. One of Mr. Goldman’s tweets said “swaying the election was *NOT* the main goal” of the Russian ads, and that “the majority of the Russian ad spend happened AFTER the election.”

On Saturday, President Donald Trump cited Mr. Goldman’s comment in support of the idea that Russia’s actions didn’t affect the election.

Following criticism that he was obscuring the intent of the Russians, Mr. Goldman later tweeted that “the Russian campaign was certainly in favor of Mr. Trump.” He also dialed back some of his claims. “I am only speaking here about the Russian behavior on Facebook. That is the only aspect that I observed directly,” he tweeted.

Clint Watts, a fellow with the Foreign Policy Research Institute who studied the Russian influence campaign, said the ads bought on Facebook were only “a much smaller part of a very large effort.”

“Mr. Goldman should have stayed silent,” Mr. Watts said, adding that playing down the effect of the influence campaign risked further angering Americans. “The public is upset that they got duped on Facebook’s platform. Facebook got duped,” he said. “It makes it seem like they don’t get it.”

While Facebook’s role in the Russian campaign is in the spotlight, some researchers who have studied the efforts note that it was far from the only institution to fall short.

“Let’s not mince words. The Obama administration did not react quickly enough to this problem. The intelligence community did not react quickly enough to this problem,” said Thomas Rid, professor of strategic studies at Johns Hopkins University.


link to this extract

Scientists have found a drug that can repair cavities and regrow teeth • World Economic Forum

Kara Lant:


Dental fillings may soon be left in the ash heap of history, thanks to a recent discovery about a drug called Tideglusib. Developed for and trialled to treat Alzheimer’s disease, the drug also happens to promote the natural tooth regrowth mechanism, allowing the tooth to repair cavities.

Tideglusib works by stimulating stem cells in the pulp of teeth, the source of new dentine. Dentine is the mineralized substance beneath tooth enamel that gets eaten away by tooth decay.

Teeth can naturally regenerate dentine without assistance, but only under certain circumstances. The pulp must be exposed through infection (such as decay) or trauma to prompt the manufacture of dentine. But even then, the tooth can only regrow a very thin layer naturally—not enough to repair cavities caused by decay, which are generally deep. Tideglusib changes this outcome because it turns off the GSK-3 enzyme, which stops dentine from forming.

In the research, the team inserted small, biodegradable sponges made of collagen soaked in Tideglusib into cavities. The sponges triggered dentine growth and within six weeks, the damage was repaired. The collagen structure of the sponges melted away, leaving only the intact tooth.


link to this extract

Here’s what it’s like at the headquarters of the teens working to stop mass shootings • Buzzfeed

Remy Smidt:


behind the scenes, they’re also just kids — sitting in a circle on the floor in the home of one of their parents, eating a batch of baked pasta, tweeting at each other, and comparing which celebrity just shared their post. There’s laughter and tears, and “Mr. Brightside” by the Killers plays briefly, but it’s also remarkably businesslike. There’s work to do and a seemingly endless number of phone calls to answer.

Remy Smidt/BuzzFeed News

“We slept enough to keep us going, but we’ve been nonstop all day, all night,” said Sofie Whitney, 18, a senior who estimated that she has spent 70% of the past 48 hours speaking with reporters. “This isn’t easy for us, but it’s something I need to do.”

Whitney told BuzzFeed News that “[she] wouldn’t like to return to school until the federal government starts making some progress.” Other student organizers have said the same thing. When asked how her parents might feel about this, Whitney responded, “I haven’t really discussed this with my parents, but I’ll deal with them.”

On Tuesday, the teens will travel to Tallahassee, Florida’s state capital, to push for a change in gun laws. On Wednesday night CNN will air a special town hall meeting with students and lawmakers. The teens are also planning the “March for Our Lives,” a nationwide March 24 demonstration that they hope will serve as the movement’s coming-out party.


The Tuesday attempt (to get assault rifle sales stopped) failed. But these kids are close to voting age, and they’re angry. There’s a wind blowing: 20 years ago, same-sex marriage wasn’t backed by a majority. Now, it is, quite apart from the legal side.

And guns are owned by a minority of Americans.
link to this extract

The car of the future will sell your data • Bloomberg

Gabrielle Coppola:


Picture this: You’re driving home from work, contemplating what to make for dinner, and as you idle at a red light near your neighborhood pizzeria, an ad offering $5 off a pepperoni pie pops up on your dashboard screen.

Are you annoyed that your car’s trying to sell you something, or pleasantly persuaded? Telenav Inc., a company developing in-car advertising software, is betting you won’t mind much. Car companies—looking to earn some extra money—hope so, too.

Automakers have been installing wireless connections in vehicles and collecting data for decades. But the sheer volume of software and sensors in new vehicles, combined with artificial intelligence that can sift through data at ever-quickening speeds, means new services and revenue streams are quickly emerging. The big question for automakers now is whether they can profit off all the driver data they’re capable of collecting without alienating consumers or risking backlash from Washington.

“Carmakers recognize they’re fighting a war over customer data,” said Roger Lanctot, who works with automakers on data monetization as a consultant for Strategy Analytics. “Your driving behavior, location, has monetary value, not unlike your search activity.”

Carmakers’ ultimate objective, Lanctot said, is to build a database of consumer preferences that could be aggregated and sold to outside vendors for marketing purposes, much like Google and Facebook do today.


Whooaaa horsey. First: Google and Facebook do not sell your data. They sell anonymised access to profiles – people searching for lobsters, or people who own old cars and live in Uttoxeter.

Second, I recall a lot of “smartphones with Bluetooth will mean retailers can beam special offers to you as you walk past in the street!” Hasn’t happened.

Third, if cars were to do this, I think they’d get hacked pretty fast to stop them doing it.
link to this extract

Israel confirms it will tax bitcoin as property • Coindesk

Stan Higgins:


Israel’s government confirmed Monday that it would treat bitcoin and other cryptocurrencies as a kind of property for tax purposes.

The notice confirms past indications that the Tax Authority will regard cryptocurrencies as “a property, not a currency”, making it therefore taxable as such. The Authority’s position was first detailed in a draft circular issued in January of this year.

The circular explains that profits from cryptocurrencies will be subject to capital gains tax at rates between 20% and 25%, while individuals mining or trading cryptocurrencies in connection with businesses must pay a 17% value-added tax (VAT) in addition to capital gains tax.

That latter aspect – excluding broad swaths of investors from potential VAT charges – is in line with a trend seen in recent years since the issue gained prominence. The Israeli government started exploring the taxation of cryptocurrencies as early as 2013.


OK – but how will they determine that someone owns bitcoin in any appreciable amount?
link to this extract

Airfoil for Mac 5.7 rocks the HomePod • Rogue Amoeba

Paul Kafasis (of indie developer Rogue Amoeba:


Airfoil includes a built-in equalizer that lets you tweak your audio to get it just right. The HomePod sounds great, but you may wish to tone down its bass. Airfoil’s “Bass Reducer” preset is a great place to start.

Of course, if you want to go the other direction and really feel the music, the Bass Booster preset can help. Airfoil’s equalizer includes almost two dozen presets, and you can create and save custom presets as well.

Airfoil for Mac can even receive direction directly from the HomePod. That means you can use “Hey Siri” or the volume buttons to adjust playback levels. Even better, you can pass playback commands from the HomePod through Airfoil and on to supported sources. A single tap on the top of the HomePod will toggle play/pause, a double-tap will skip to the next track, and a triple-tap will jump back. Addressing Siri with these same commands works as well.

If you’re fortunate enough to have two (or more) HomePods, you can use Airfoil to send to all of them at once, with playback happening in sync. Airfoil has long been able to play audio to multiple devices in sync, and playback to the HomePod is no exception. Apple has touted multi-speaker sync as part of their delayed AirPlay 2 protocol, but it’s already possible today using Airfoil.


Not sure at this point why Apple hasn’t bought Rogue Amoeba. Its apps are so useful if you’re doing anything involving sound – which is a big part of its pro and semi-pro audience.
link to this extract

Tesla’s cloud hacked, used to mine cryptocurrency • Gizmodo

Dell Cameron:


In an email to Gizmodo, a Tesla spokesperson said there is “no indication” the breach impacted customer privacy or compromised the security of its vehicles.

“We maintain a bug bounty program to encourage this type of research, and we addressed this vulnerability within hours of learning about it,” a Tesla spokesperson told Gizmodo in an email. “The impact seems to be limited to internally-used engineering test cars only, and our initial investigation found no indication that customer privacy or vehicle safety or security was compromised in any way.”

According to RedLock, mining cryptocurrency is likely a more valuable use of Tesla’s servers than the data it stores.

“The recent rise of cryptocurrencies is making it far more lucrative for cybercriminals to steal organizations’ compute power rather than their data,” RedLock CTO Gaurav Kumar told Gizmodo. “In particular, organizations’ public cloud environments are ideal targets due to the lack of effective cloud threat defense programs. In the past few months alone, we have uncovered a number of cryptojacking incidents including the one affecting Tesla.”

Kumar said the attackers leveraged the Stratum mining protocol and evaded detection by hiding the true IP address of the mining pool server behind CloudFlare and keeping CPU usage low, among other tactics.

“Given the immaturity of cloud security programs today, we anticipate this type of cybercrime to increase in scale and velocity,” Kumar said.


Tired: hacking data. Wired: hacking CPUs to mine.
link to this extract

Samsung to slash OLED panel output as iPhone X slumps • Nikkei

Kenichi Yamada:


Samsung Electronics is to slash production at its OLED panel plant in response to customer Apple’s decision to reduce output of the iPhone X following weak demand.

Samsung Display now plans to manufacture organic light-emitting diode panels for 20 million or fewer iPhones at the South Chungcheong site in the January-March quarter. The initial goal was to supply panels for 45 million to 50 million iPhones.

The company has yet to decide its production target for the April-June period, but a further cutback may be in store.

The new target will reduce production at the plant to around 60% of the original plan. When it comes to the facility dedicated to making panels for Apple, the rate will fall to 50% or lower.

The Samsung group unit is looking to offset the impact by securing more orders from Chinese and other customers.


Could be that Apple hit its targets early – or that it really has tapped out the buyers for the iPhone X. Or, perhaps, it has found an alternative OLED supplier – everyone has been expecting LG to come on stream.
link to this extract

Say goodbye to Android Pay and hello to Google Pay • Techcrunch

Frederic Lardinois:


At first glance, the new Google Pay app is basically a redesign of Android Pay, with a look and feel that adheres closer to Google’s own Material Design guidelines than the original. In terms of functionality, there isn’t all that much here that’s new. One notable change, though, is that the Google Pay home screen now shows you relevant stores around you where you can pay with Google Pay. That list is personalized, based on previous stores where you used the service, as well as your location. In addition, the home screen shows you all of your recent purchases and you can still add all of your loyalty cards to the app.

As Google’s VP of Product Management for Payments, Pali Bhat, told me, the team really wanted to make it extremely easy to get started with Google Pay.


Personalising the list is a neat touch.
link to this extract

Errata, corrigenda and ai no corrida: none notified.

Start Up: Huawei’s no-Mate, illegal deepfaking?, Facebook’s Group problem, Cape Town’s true water trouble, and more

Centaurs! They’re the future, at least if you want humans to get on with AI. Photo by Mike S on Flickr

»You can sign up to receive each day’s Start Up post by email (arriving at about 0800GMT each weekday). You’ll need to click a confirmation link, so no spam.«

A selection of 10 links for you. Reflective. I’m @charlesarthur on Twitter. Observations and links welcome.

How to become a centaur • MIT Journal of Design and Science

Nicky Case on the idea of “centaurs” – humans using AI, for example in chess tournaments where the human, advised by the AI, picks a move:


won’t AI eventually get better at the dimensions of intelligence we excel at? Maybe. However, consider the “No Free Lunch” theorem, which comes from the field of machine learning itself. The theorem states that no problem-solving algorithm (or “intelligence”) can out-do random chance on all possible problems: instead, an intelligence has to specialize. A squirrel intelligence specializes in being a squirrel. A human intelligence specializes in being a human. And if you’ve ever had the displeasure of trying to figure out how to keep squirrels out of your bird feeders, you know that even squirrels can outsmart humans on some dimensions of intelligence. This may be a hopeful sign: even humans will continue to outsmart computers on some dimensions.

Now, not only does pairing humans with AIs solve a technical problem — how to overcome the weaknesses of humans/AI with the strengths of AI/humans — it also solves that moral problem: how do we make sure AIs share our human goals and values?

And it’s simple: if you can’t beat ‘em, join ‘em!

The rest of this essay will be about AI’s forgotten cousin, IA: Intelligence Augmentation. The old story of AI is about human brains working against silicon brains. The new story of IA will be about human brains working with silicon brains. As it turns out, most of the world is the opposite of a chess game:

Non-zero-sum — both players can win.


link to this extract

Huawei Mate 10 Pro review: software sadness • The Verge

Dan Seifert:


as with any phone, the hardware is only half the story, and software is generally what makes or breaks an experience. In the case of the Mate 10 Pro, Huawei’s software breaks it.

The Mate 10 Pro runs Android 8.0 Oreo with Huawei’s EMUI user interface on top of it, and it’s wildly different from the version of Android you find on a Pixel or other modern phones. The best way I can describe it is a poorly made knockoff of iOS.

Huawei has customized almost everything about Android, and often, not in a good way. For example, you can’t expand notifications on the lock screen, so deleting an email or marking a to-do complete can’t be done without unlocking the phone. The settings menu, messaging app, and share sheet have been lifted right out of iOS and shoehorned onto Android. For some reason, most of the apps in the share sheet are hidden by default, forcing extra taps and swipes just to see them all.

Sure, you can change some of these things by downloading a different launcher or messaging app, but you can’t change things like the quick settings menu that doesn’t match the rest of the notification shade or that awful share sheet. You can’t turn on an option to make notifications on the lock screen more useful. On top of that, there are frustrating bugs — even when I downloaded another launcher and attempted to use that, the Mate 10 would frequently reset itself to Huawei’s own launcher.

This isn’t the kind of software experience anyone should have on an $800 phone, especially when there are already so many better options available. It’s bad enough that I honestly think nobody should buy the Mate 10 Pro because of its software, especially not at this price.


link to this extract

Tool for journalists: Flourish, for creating data visualisations without coding •


What is it? A platform for data visualisation and storytelling, without the need for the user to code.

Cost: Free, with premium services priced at £39 per month. Flourish is working with Google News Lab to offer newsrooms free premium accounts, which include features such as HTML downloads, private projects and custom templates.

How is it of use to journalists? Although it may be true that journalists in 2018 are expected to be jacks of all trades, able to report, film, take and edit photos, produce podcasts and on top of that be social media hacks, there are many tools out there designed to help reporters with their work.

Web development is a sought after skill in newsrooms, but coding can seem daunting to journalists who haven’t had any training in basic programming.

Flourish, which was previously available in private beta but has recently opened to the public, aims to remove the complex nature of coding, helping journalists produce with data visualisations without having to enlist the help of programmers to design interactive stories for them.

After creating an account with their email address, users get access to core templates, like a variety of maps and charts. They can insert the data either directly into the webpage or by uploading an Excel, CSV or TSV file, before being able to download and embed the creations on their websites for public view.

The visualisations can be produced on mobile and desktop, and can also be saved for offline use, useful if you want to add them to a project on social media or to an offline conference presentation.


Looks interesting, and having something to do visualisations easily is always welcome.
link to this extract

US lawmakers worry about rise of fake video technology • The Hill

Ali Breland:


Senator Ron Wyden (Democrat, Oregon), one of the most vocal members of Congress on tech issues, painted a grim picture about what the advances could mean for the future of discerning truth in media. 

“Since we can’t rely on the responsibility of individual actors or the platforms they use, I fully expect there will be a proliferation of these sorts of fictions to a degree that nearly drowns out actual facts,” Wyden told The Hill.

“For those who value real information, there will still be some reliable publications and news outlets, and their credibility will need to be guarded all the more intently by professional journalists,” he added.

Rep. Adriano Espaillat (Dem, NY), who has targeted fake news in the past through legislation, also told the The Hill that he’s concerned. 

Espaillat said that he is worried about the potential for foreign governments to use counterfeit audio and videos to manipulate the American public.

Lawmakers’ fears are backed up by concern from experts, who say that manipulated videos are another dangerous addition to the rising trend of fake news.

“Democracy depends on an informed electorate, and when we can’t even agree on the basics of what’s real, it becomes increasingly impossible to have the hard conversations necessary to move the country forward,” said Renee DiResta, one of the first researchers to sound the alarm on how social media platforms were being manipulated by foreign actors. 
“The cumulative effect of this is a systemic erosion of trust, including trust between people and their leaders,” she added.


Encouraging that they’re trying to get in front of this. That hardly ever happens. And Renee DiResta is always worth seeking out – she sounded the alarm over anti-vaccine idiots on Facebook, and how its echo chamber enabled them.
link to this extract

Like Peter Thiel, tech workers feel alienated by Silicon Valley ‘echo chamber’ • WSJ

Douglas MacMillan:


Sometimes Silicon Valley venture-capital investors and startup founders “have a certain way of thinking, and if you don’t fit into that way of thinking you’re not in the cool club,” said Ms. Kasireddy, who declined to state her political beliefs but said they didn’t influence her decision to move. She also said she realized many of the resources she needed to build her next project—a blockchain startup—didn’t require her to be in Silicon Valley.

Apart from ideological issues, many are being driven away from the Bay Area by soaring housing costs and increasing traffic congestion, a 2016 survey by the Bay Area Council suggested. Of the 1,000 registered voters from the nine counties making up the Bay Area, 40% said they were considering leaving the region, citing the cost of living, traffic and a lack of availability of housing.

Still, there are signs that the political discussions pervading workplaces over the past two years have alienated a section of the workforce. According to a recent survey by Lincoln Network, an advocacy group for conservatives and libertarians in the tech sector, 31% of the 387 tech workers polled said they know someone who didn’t pursue or left a career in tech because they saw a conflict in viewpoints with their employer or colleagues. Among respondents who identified themselves as “very conservative,” that number was 59%.

Dan Hackney, a 31-year-old who describes his political views as adhering to Ayn Rand’s objectivist philosophy, said he left his job as a software engineer at Alphabet Inc.’s Google in January, after growing frustrated with what he saw as a lack of tolerance for conservative views at the company.

He said he was surprised when, shortly after Donald Trump was elected president in November 2016, the firm canceled a companywide product demonstration and instead held an all-hands meeting to talk about the results of the election.

Mr. Hackney said he doesn’t support Mr. Trump, but added that he worried that Google’s co-founders, Larry Page and Sergey Brin, who attended the meeting, were setting a tone that it was OK to exclude certain types of political views from the dialogue in the workplace.


Libertarians and conservatives need advocacy in Silicon Valley? I thought it was the heartland of rapacious libertarian capitalism.
link to this extract

Why the iPhone is losing out to Chinese devices in Asia • WSJ

Newley Purnell:


In China, Apple’s market share is roughly 8% now from 13% in 2015, research firm Canalys says. In India—which last year overtook the US to become the world’s second-biggest smartphone market—Apple has had just a 2% market share since 2013. Apple’s shipments to India fell last quarter compared with the year before, a rare contraction, Canalys says.

The iPhone maker’s market share in Indonesia, home to some 260 million people, has fallen to 1% from 3% in 2013. Apple’s market share has also dropped in the Philippines and Thailand, and has remained static in Malaysia and Vietnam.

Meanwhile, Apple’s Chinese rivals are gobbling up customers. Beijing-based Xiaomi has jumped to 19% of India’s market today from just 3% in 2015. While much of that rise has been on the back of inexpensive phones, increasingly it is putting more expensive devices on the market that offer the look, feel and functionality of iPhones and even a few extra features.

Chitra Patricia, a 27-year-old Jakartan, picked an Oppo over Apple for its selfie features.

Oppo’s “selfie expert” F3 offers options such as a front-facing camera for selfies with wide angle that lends itself to “wefies,” or group shots with several people crammed into the frame. The phone also has a “beautify” function that smooths out users’ selfies, making them appear younger and more glamorous.

“It can capture around a dozen people in one ‘wefie,’” making it great for gatherings, said Ms. Patricia.

Xiaomi has an edge in many markets because it can customize for each country while Apple creates the same products for everyone, said Jai Mani, Xiaomi’s product manager for India.


The debate is whether those people who buy Xiaomi or OPPO or vivo now are lost to Apple forever, or if there’s some possibility that they will shift to it in the future. That requires software and apps that they want (the hardware is a wash). The signs there are mixed, at best.
link to this extract

The Mueller indictment exposes the danger of Facebook’s focus on Groups • The Verge

Casey Newton:


Last year, Facebook said 100 million people are in what the company calls “very meaningful” groups, or groups that are a primary part of the user’s social networking experience and extend to offline interactions. A parenting group might be very meaningful to a young family, for example. In his post last year, Zuckerberg said Facebook hoped to increase the number of people in very meaningful groups to 1 billion.

But what if those very meaningful groups are run by foreign actors working to make the country more polarized? It’s impossible to say how “meaningful” the groups Russia created were to its members, but the troll farms worked to create pages around subjects that generate the maximum level of emotion. Often, they were tied to identity. For immigration matters, there was a page called “Secured Borders.” For Black Lives Matter, there was “Blacktivist.” For religion, there were “United Muslims of America” and “Army of Jesus.” By 2016, those pages collectively had hundreds of thousands of American followers…

… the dark side of “developing the social infrastructure for community” is now all too visible. The tools that are so useful for organizing a parenting group are just as effective at coercing large groups of Americans into yelling at each other. Facebook dreams of serving one global community, when in fact it serves — and enables —countless agitated tribes. The more Facebook pushes us into groups, the more it risks encouraging the kind of polarization that Russia so eagerly exploited.


link to this extract

Facebook turned its two-factor security ‘feature’ into the worst kind of spam • Gizmodo

Kate Conger:


Sometimes, Facebook will send emails to users warning them that they’re having problems logging into their accounts, Bloomberg reported last month. “Just click the button below and we’ll log you in. If you weren’t trying to log in, let us know,” the emails reportedly read. Other times, Facebook will ask for a user’s phone number to set up two-factor authentication—then spam the number with notification texts.

I’ve been getting these text-spam messages since last summer, when I set up a new Facebook account and turned on two-factor authentication. I created the new profile with somewhat vague intentions of using it for professional purposes—I didn’t like the idea of messaging sources from my primary Facebook account, where they could flip through pictures of my high school prom or my young nephews. But I didn’t end up using the profile often, and I let it sit mostly abandoned for months at a time.

At first, I only got one or two texts from Facebook per month. But as my profile stagnated, I got more and more messages. In January, Facebook texted me six times—mostly with updates about what my ex was posting. This month, I’ve already gotten four texts from Facebook. One is about a post from a former intern; I don’t recognize the name of one of the other “friends” Facebook messaged me about.

The texts are a particularly obnoxious form of spam, and instead of making me want to log into Facebook, they remind me why I’m avoiding it. It’s painful to see my ex’s name popping up on my phone all the time, and while my intern was great at her job, I’m not invested in keeping up with her personal life.


The texts will actively turn people away from using 2FA, which is a really bad move. (You can use the Authenticator app to do 2FA for Facebook, rather than letting them text. They still haven’t figured out how to spam you there.)
link to this extract

What’s actually behind Cape Town’s water crisis • The Atlantic

Richard Poplak explains that lack of rain is only part of it:


Since 2009, the Western Cape, of which Cape Town is the capital, has been governed by the Democratic Alliance (DA), the official opposition to the African National Congress (ANC). (A DA-led coalition won Cape Town from the ANC in 2006. They now run the city outright.) The DA is a strange beast, a party with a white-dominated federal executive, and, until 2015, a white leader. There’s a longstanding perception that the party serves the white population’s agenda, described by its enemies as maintaining economic apartheid at the expense of black advancement—a notion that Cape Town’s spatial divisions reinforce. (The party’s former leader, Helen Zille, who has also served as Cape Town’s executive mayor, has a habit of posting tweets extolling the benefits of colonialism, which hasn’t helped matters much.) Culturally and politically, the Cape is a world apart from the rest of South Africa.

Accordingly, the DA has long pitched itself to voters as a “clean” version of the horrifically corrupt ANC—it self-identifies as a liberal, social-democratic party in the stodgy German mold. Back when the ANC ran Cape Town, the rains fell mostly on schedule, and planning for the worst took a back seat to systemic corruption. The DA promised that it would do better. Instead, it has been bad, but in its own special ways. Its near-messianic adherence to fiscal rectitude has meant that local bureaucrats have tended to ignore repeated warnings from civil engineers and climate scientists, who insisted that Cape Town’s water infrastructure, which relies exclusively on six dams in parched catchment areas, would not be able to meet demand should rainfall patterns change due to climate change. Theewaterskloof Dam, the biggest and most vital feeder site, is in an area of the Western Cape that has been subject to creeping desertification for at least a decade. It is currently at 11.7% to 12.5% of its capacity, and effectively unusable.

The drought is so severe that planning for it would take genuine governmental prescience. But over the years, the Cape Town government has studiously ignored reams of data and studies readily available in the public domain.


When economic dogma reigns… in the short term, expect unrest and disease. In the less short term, higher food prices and unrest. Climate change has consequences.
link to this extract

Where is Elon Musk’s Tesla Roadster with Starman? • Where Is Roadster

Ben Pearson (who isn’t anything to do with Tesla), using data from Nasa’s JPL Horizons:


where is this vehicle? The current location is 2,295,742 miles (3,694,640 km, 0.025 AU) from Earth, moving away from Earth at a speed of 6,732 miles/hour (10,835 km/hour, 3.01 km/s).

A plot of the Tesla Roadster's path through space
The Tesla Roadster (space edition) is on the green path; the picture shows its closest approach to Mars for a while – in 2020.

The car is 137,198,709 miles (220,799,988 km, 1.476 AU) from Mars, moving toward the planet at a speed of 42,967 miles/hour (69,149 km/hour, 19.21 km/s).


All those numbers are out of date now. Visit again regularly! And note from his graphic that it looks like its closest approach to Mars will be October 2020. Not quite close enough to, er, park though.
link to this extract

Errata, corrigenda and ai no corrida: none notified.

Life on an iPad

IPad Pro with Smart Keyboard, and devil

The Mac went to the day of the dead, so the iPad had to step in

A couple of weeks ago, I opened my Macbook Pro as usual. The keyboard lit up, as usual. I waited – there’s that pause while the display gathers itself (it’s a 2012 model) and the processor pulls everything together and presents the login window.

Except this time, nothing. The display didn’t light. There was the quiet sound of the fans going, but nothing. Oh dear. Closed the display, opened it to catch it unawares – no, that wasn’t going to fool it. After a bit more futzing around, I concluded that it was not in the mood to work. But I had work to do, and so I turned to my iPad Pro.

That was, as I say, a couple of weeks ago. Since then I’ve been doing everything I’ve done on this iPad – a 12in iPad Pro, with Smart Keyboard. That means email, writing articles for papers, editing chapters for my book, composing The Overspill’s daily Start Up post, and so on.

A few years ago, this would probably have been impossible. I wouldn’t have contemplated it. Now? Getting along fine. In a number of ways, the iPad is preferable – particularly weight and connectivity. In only a couple of ways is it worse (the most notable being “lappability”).

The big advantage these days is that if you trust your documents to iCloud, then moving between Mac and iPad isn’t a problem. (OK, for the chapters in the book that has been a mixture of iCloud – for the Pages edits of Word documents – and Dropbox, which is where Scrivener, which I used to write it originally, stores documents.) I was able to go straight to my iPad and have all the tools I needed.

Let’s run through a few of those things.

• writing my book: wait, you didn’t know I had a book coming out? Yes, in May – Cyber Wars, looking in detail at seven big hacking incidents: how and why they happened. You can order it on Amazon. (US, UK.) I wrote it in Scrivener, which is wonderful, and has an iOS as well as MacOS version. Documents and “projects” are synced via Dropbox, and it detects if you’ve done something in one place or the other and offers to sync them up.

• editing book chapters: the publishers sent back chapters as Word documents with Track Changes. Import those to Pages (on the iPad), run through the Track Changes, export to Word documents (also in iCloud Drive) and send back. All lives in iCloud Drive, so will be available when (if?) the Mac revives.

• writing articles for papers: this is generally easiest in Google Docs (because a lot of papers are on Google Apps). Weirdly, although Google will let you write things in Google Docs in Safari on MacOS, it absolutely won’t let you do that on Safari on the iPad, even if you request the desktop site. You have to use the app. This is the only case I’ve come across where you can’t do it on the site and have to use the app.

• making and recording Skype calls for work.

• curating The Overspill. This involves spotting links, selecting content from them, perhaps adding a comment and an image from that link, and then collating all the links together in a specific format (using particular HTML formatting), and putting those into a timed WordPress post with a Flickr CC-BY licensed picture at the top. (The CC-BY has to include a link back to the original photo and the photographer’s name or username.)

The most complex part of those is composing The Overspill, where I use a mixture of Instapaper, Pinboard and WordPress for the raw content. On the Mac, I collect the links and content and comment using the Javascript supplied by Pinboard. But that’s not available (or wasn’t) on the iPad, so I used Workflow to write an Action Extension: when I’m on a page, I select the text, hit the Share button and choose “Run Workflow”, and I can put the selected text – with a comment – into Pinboard. It’s actually better than on MacOS, because Workflow has options so you can grab the author name from the page meta-content.

Workflow script for iOS

Workflow (now owned by Apple) means you can script across applications on iOS

On the Mac, I compose the daily Overspill post using a custom Applescript I wrote (it queries Pinboard and posts to MarsEdit). Fortunately, well before the Mac went into a coma I’d translated the script into Python for iOS, using Pythonista – which is a damn useful program that lets you write and run Python programs which will interact with web pages, web APIs, and the OS itself. I wish there was something like it on MacOS; it makes writing Python programs to do tasks so much easier than doing them in the Terminal and other interfaces. (Pythonista apparently can also sync files between devices, as Workflow does, if you enable a setting – I wasn’t aware of it.)

Python script, in Pythonista, with console output

Pythonista on iOS means you can run Python scripts – it’s even more convenient than on the Mac

(Please don’t laugh at my coding. It just has to get the job done, not be pretty.)

I don’t do any podcast recording (which I understand is still a problem on iPads, as Garageband fights with Skype), nor any video editing. But what I’m trying to do is “real work”, at least for me. It’s work that earns money, and isn’t that what we’re after?

So a couple of weeks in, here’s what I find to be the good and the bad points of working full-time on an iPad to do things I used to do on a Mac laptop.

The good

the weight. It’s so much lighter (even with the Smart Keyboard) than a laptop. Put it in a bag and go and you hardly know it; that’s a big difference compared to toting around the MacBook Pro (5.6lb, v 1.6lb for the iPad plus 0.75lb for the Smart Keyboard – so half the weight).

• battery life. If it doesn’t last a couple of full days, then I’m disappointed and slightly surprised. Compare that with the laptop, where you’d expect to get a morning and an afternoon, and then be hunting for a power outlet.

• connectivity. I’ve got a PAYG sim from Three, with 1GB of credit, and I use that if I find myself somewhere without Wi-Fi: just hook into the mobile network. Yes, I know you can do this by setting up a hotspot from your phone to your laptop, but being able to have the device do it on its own is far more satisfying.

• focus. The iPad lets you work on two – max three – apps at once on the screen. If you tailor notifications correctly, you can get a lot done. So if I don’t want to be disturbed by email, then I don’t let it notify me, and I can go literally hours without being interrupted. (I don’t use email in the browser.) Then you go to your email and deal with it. Remember, you might think of it as “my inbox” but it’s actually composed of messages sent out of your control by other people. In general, “your” inbox is not under your control at all; it’s other peoples’ ideas of what you should do – a task manager compiled by other people. Not looking at email is good.

• aptitude. By which I mean that some of the scripts I write (with Workflow, with Pythonista) can do more than equivalents on MacOS. My Workflow one can get the name of the author of a page/article, which the standard Pinboard bookmarklet doesn’t. (Possibly a little bit of Javascript hacking could sort that, but when you roll your own you see the gaps in what you’re provided with.) On the Mac I use Viewfinder to get details of Flickr CC-BY photos, but the Pythonista script I’ve written gets the photographer name too, which Viewfinder doesn’t offer.

• the keyboard. I really like the keyboard. The odd thing is that I don’t much like the keyboard on the new MacBooks/MacBook Pros, but the Smart Keyboard uses the exact same key design. The crucial difference is that the Smart Keyboard covers them in a layer of fabric, which has two huge advantages: it makes them much quieter (because oh my lord the bare keys are CLACKY), and it proofs them against the specks of dust which have been the downfall of recent designs. Double win. If they could make a MacBook with these keys covered in fabric they’d have solved their problems, but I’m guessing that there would be thermal dissipation problems with that – most laptops vent plenty of heat out of the gaps around the keys.

The bad

• ‘lappability’. Laptops have the huge advantage that they’re designed to work in your lap: the big flat base sits on your lap and the screen can be adjusted to your taste, and then the keyboard has a solid base too. With the iPad and Smart Keyboard, it’s difficult to get the same effect, because it’s so light and the screen angle is fixed. (That wouldn’t be improved by the Microsoft Surface’s adjustable leg, because I can’t adjust the length of my femur to cope with where the slide must rest for a specific screen angle.) With the iPad Pro, you really want a table to rest it on – or else something that can go on your lap. (I’m writing this sitting in a car, so it’s not impossible.)

• lack of keyboard shortcuts for one’s own scripts. On MacOS, I can use Keyboard Maestro (and some of Apple’s custom keyboard shortcut offerings) to create a keyboard shortcut to invoke scripts which do tasks such as adding text or HTML to a clipping. On iOS, there’s no such option. So I invoke the Share menu and Workflow a lot.

• grab problems. Sometimes it’s difficult to select a chunk of text, especially if it goes past a photo on a page.

• can’t grab inline image URLs. There isn’t a way that I can see on the iPad to find the URL to an image on a Safari page and directly copy that. It might be possible with a bit of scripting (input some text before and after the picture; script grabs the source, looks for image links between those words). Solution: presses on the image and choose “open in new tab” and grab the link from that tab. But it’s an extra step, and isn’t always available – take the example below from Techcrunch.

Confusing choices on an image menu on Safari on the iPad

An image on Techcrunch (though it happens on many sites). It’s not obvious that “copy” means “copy the image URL to the clipboard” rather than “copy the whole image to the clipboard”.

(OK, so people on Twitter have pointed out that the “copy” there is “copy the image URL”. I have to say that isn’t self-evident, and I didn’t try it because I didn’t want to destroy what was already on the clipboard. Anyway, there you have it: the solution is to “copy”.)

• information density. If you compare the number of pixels on an iPad with those on a laptop, it doesn’t seem like that many more. But the action targets (the things you have to hit with the mouse) are way smaller on the laptop than on the iPad, where they’re larger because it must expect that people will only use their fingers to operate it – even if the Pencil is an option. Smaller targets and more pixels means a lot more space can be used for information.

• you’re using a tablet? Some sites still don’t expect that. Yes, I’m looking at you, Flickr, and your impossible-to-copy text in the “embed” link. On a Safari page, this comes up as it does on the desktop – a floating window with some HTML. But trying to tap-to-select the necessary part of that code – which begins “https://farm…” and ends “.jpg” is a fight, and copying precisely what you want a truly vexing process. (I haven’t found a way to script the grabbing of the necessary code, and the Flickr app is unbelievably useless: can’t restrict a search to a specific licence, can’t do a view by date/relevance, and so on. It’s mindless crap meant for the most passive user imaginable.)

• missing web page functions. I use Instapaper to collect links through the day/week; in Safari on Mac you get icons to delete links after you’ve used them. Not on Safari on iPad. (The Instapaper app does, though.)

• easier to miss stuff. The Overspill Start Up daily email requires a specific set of things to be correct about the WordPress blogpost (correct category, launch before a certain time). I’ve made more mistakes with the WordPress interface in Safari on the iPad in three weeks than I did on the laptop in three years, which has led to missed blogpost launches and missed email deliveries (sometimes both, sometimes just one). It’s very annoying; partly it’s that some of the work was done before by Marsedit (see below) and that the web interface for WordPress is appalling when it comes to the scheduling/category stuff. (Ought to be at the top of the page; instead is relegated to the side, sometimes well down the side.)

• miss having a newsreader. I use NetNewsWire on the Mac, which I’ve been using for about 15 years now. (It’s not as good as it was.) I know it’s available for iOS; I just hadn’t set up the synchronisation, so it would have been a big slog.

Room for improvement

• Mail needs work. Quite a bit to bring it up to speed. Though you can filter your inbox(es) by all/unread/flagged/has attachment/to me/cc me, there are no Smart Mailboxes (I can’t create a virtual inbox of messages with particular characteristics, or from a particular sender or domain or set of domains). I also want to be able to see more emails on the left-hand pane – if you get any appreciable number of emails per day, they’re going to overwhelm those you were previously dealing with, which screws up your workflow.

• I’d really like a good blogpost editor, ideally scriptable – basically, MarsEdit for iPad. MarsEdit is a wonderful blogpost writing/editing program which can deal with multiple blogs, and is also scriptable so that you can fire up a script and get things done. The WordPress app (in which I’m writing this) is OK, but not very intuitive. Although – as soon as I made this complaint to myself, I realised there might be a solution. And so there was, via Workflow (which can control WordPress – you can do pretty much everything up to scheduling the post) plus Python(ista). With a bit of finagling, I had a solution which did slightly more than the version I run on my Mac.

In many ways, this post is like the real-life experience that I wrote about more as a theory in Benjamin Button moves from an iPad Pro to a MacBook Pro. But it’s reality. Necessity may be the mother of invention, but sometimes it’s just the mother of getting on and discovering what tools are actually available.

I eventually got a Genius Bar appointment for the Mac. After a lot of to-ing and fro-ing (including a disk wipe that turned out to be unnecessary, but that’s for another post) the diagnosis was a problem with the NVidia video card – a known fault on my model. Weird that it took over five years to become calamitous, but that’s computers.

In the meantime, I’ve got the iPad, and over the weekend wrote a combination Workflow/Pythonista script which automates almost the whole process of compiling and scheduling The Overspill. Of course, rather as we redefine artificial intelligence to be “anything that computers can’t yet do” (where the goalposts move from “beat humans at chess” to “beat humans at Go” to “be better than us at Where’s Waldo”), the definition of “real work” has probably moved so that, because everyone knows you can’t do “real work” on an iPad, it’s now all the things that I don’t or didn’t try to do – the podcasts and video editing.

But you know what? It works for me. Plus it’s improved my Python.

TL;DR: want to do pretty much everything you do on a Mac, but on an iPad? Get Workflow and Pythonista.

Start Up: Facebook’s smart speakers (with screens?), Russia’s internet farm, China’s piece of the US, and more

Here’s your new internet router! Take care turning it off and on again. Photo by Andi Sidwell on Flickr

»You can sign up to receive each day’s Start Up post by email (arriving at about 0800GMT each weekday). You’ll need to click a confirmation link, so no spam.«

A selection of 11 links for you. Thank Workflow + Pythonista. I’m @charlesarthur on Twitter. Observations and links welcome.

A Chinese casino has conquered a piece of America • Bloomberg

Matthew Campbell on the Chinese casino being built on Saipan, a tiny island in the Pacific that is even so part of the US:


So many laborers were getting hurt that [Dr] Rohringer’s colleagues began keeping an unofficial spreadsheet, separate from standard hospital records: a grim catalog of broken bones, lacerations, puncture wounds, dislocated limbs, and eyes penetrated by flying metal. The dead man Rohringer saw was not, of course, a tourist who’d stumbled over a railing—he was a builder named Hu Yuanyou, and he’d plummeted from a scaffold. His colleagues hadn’t called 911; instead, they’d pulled the work clothes off his broken body in a clumsy attempt to obscure his identity. The less that outsiders learned about the casino, the better.

Hu died building what’s become, on paper, the most successful gambling operation in history. In the first half of 2017, table for table, Imperial Pacific turned over nearly six times more cash than the fanciest gaming facilities in Macau, which themselves dwarf the activity in Las Vegas. And that was before Imperial Pacific opened its lavish megacasino in July.

Given Macau’s status as a hub for industrial-scale money laundering, the Saipan figures have left gaming veterans astonished that they could be generated on U.S. soil, under Washington’s ostensible oversight. Eight casino executives and analysts interviewed for this story, all with extensive experience of the Asian gaming trade, said they saw no way such volumes could be generated legitimately. Asked if there could be a benign explanation for such instantaneous success at a casino more than three hours’ flight from any major city, on a drowsy island where the best hotel is a 1970s-era Hyatt, one of the executives burst out laughing.

Per capita, there’s almost certainly more Chinese money moving through Saipan than anywhere else in the world.


Boardwalk Empire, Pacific version.
link to this extract

Hacker group makes $3m by installing Monero miners on Jenkins servers • Bleeping Computer

Catalin Cimpanu:


Hackers are targeting Jenkins, a continuous integration/deployment web application built in Java that allows dev teams to run automated tests and execute various operations based on test results, including deploying new code to production servers. Because of this, Jenkins servers are extremely popular with both freelance web developers, but also with large enterprises.

On Friday, Israeli security firm Check Point announced it uncovered the footprint of a large hacking operation targeting Jenkins servers left connected to the Internet.

Attackers were leveraging CVE-2017-1000353, a vulnerability in the Jenkins Java deserialization implementation that allows attackers to run malicious code remotely without needing to authenticate first.

Check Point says hackers used this vulnerability to make Jenkins servers download and install a Monero miner (minerxmr.exe).

The miner was being downloaded from an IP address located in China and assigned to the Huaian government network. It is unclear if this is the attacker’s server, or a compromised server used to host the miner on behalf of the hackers.

The attackers have been active for months. This has allowed them to mine and already cash out over 10,800 Monero, which is over $3.4m, at the time of writing.


Hardly going out on a limb to suggest it’s either Chinese or North Korean hackers.
link to this extract

Facebook to launch two smart speakers in July 2018 • Digitimes

Aaron Lee and Willis Ke:


Facebook is set to officially foray into the global smart speaker market in mid-2018 by launching two new models, codenamed Aloha and Fiona – both with 15-inch touchscreens – in July at the latest, with the devices positioned as a way to allow family and friends to stay in touch with video chat and various social features, according to industry sources.

The sources said that the Facebook move is expected to further heat up the global smart speaker market, which has been crowded with heavyweight players, including top supplier Amazon and other tech giants such as Google, Microsoft, Apple and many China players including Alibaba. According to estimates by market researcher Canalys, the global market sales of smart speakers are likely to double to over 50 million units in 2018 from 2017.

Supply chain sources said that Facebook was originally slated to release the devices in May, but has decided to reschedule the launch to allow more time for perfecting the acoustic quality of the gadgets and software modification.

The two models will be fitted with 15-inch in-cell touchscreen panels reportedly to be sourced from LG Display, while Taiwan’s Pegatron is also reported to be the sole contract assembler of the devices. But both firms declined to comment on matters concerning clients.

The sources said that the Aloha model is more sophisticated than Fiona, both designed by Facebook’s Building 8 hardware lab. The Aloha model, to be marketed under the official name Portal, will use voice commands but will also feature facial recognition to identify users for accessing Facebook via a wide-angle lens on the front of the device.


1) a 15-inch touchscreen? Isn’t that what’s known as a “tablet”?
2) Will it do more than Facebook – will it do the rest of the web?
3) recall that Facebook’s last foray into hardware (the HTC-made One phone) was an epic failure. This feels very me-too.
link to this extract

Spires for hire in UK government broadband deal with Church of England • Bloomberg

Angelina Rascouet:


The Church of England struck a deal with the UK government departments to encourage the church to “use its buildings and other property to improve broadband, mobile and wifi connectivity for local communities,” the Department for Digital, Culture, Media and Sport said in a statement on Sunday.

The accord, also involving the Department for the Environment, Food and Rural Affairs, expands on an initiative that already exists in some dioceses in the UK including Chelmsford and Norwich.

“Our work has significantly improved rural access to high-speed broadband,” Bishop Stephen Cottrell of Chelmsford said in the statement.

About 65% of Anglican churches and 66% of parishes in England are in rural areas, according to the government.

The accord includes rules to ensure that any telecommunication infrastructure used doesn’t affect the character and architecture of the churches, according to the statement. The DCMS also said similar deals could be made with other religious communities.

The announcement follows last year’s pledge by the UK government that no part of the country or group in society should be without adequate connectivity, a pledge that includes the complete roll-out of 4G and superfast broadband by 2020.


Would love to know if any money is changing hands here. (Fundraising for church spire maintenance is a trope of British rural life, with giant thermometers of funds raised displayed at churches, and usually woefully far from their target.) This is a good way though for companies to bypass BT’s swingeing charges for use of its ducts and poles.
link to this extract

Trolls on twitter: how mainstream and local news outlets were used to drive a polarized news agenda • Medium

Jonathan Albright has done extensive (as in, really extensive work on how (Russian-controlled?) troll accounts went to work in the US election:


The chart below is the top-line breakdown of where these 11-plus thousand external links in my set of 36.5k troll tweets from 2016 pointed to. This includes the expanded short URLs and redirects. This shows the news outlets the troll accounts (through tweeting, retweeting, and tweet-quoting) tended to re-broadcast from the middle of 2016 through election day:

Top 25 most-linked news sources across 11.5k troll tweets (using thousands of expanded short links)

Looking at this breakdown, a result from this sample of tens of thousands of tweets is that the most-shared news outlets from 11.5k links across 388 troll accounts in the six months leading up to the election isn’t your typical hyper-partisan “fake news.”

Sure, Breitbart ranks first, but it’s followed by a long list of what many would argue are credible — if not mainstream — news organizations, as well a surprising number of local and regional news outlets.

Another result from this analysis is the effect of “regional” troll accounts, aka the fake accounts with a city or region name in the handle (e.g., HoustonTopNews, DailySanFran, OnlineCleveland), which showed a pattern of systematically re-broadcasting local news outlets’ stories.

The linking pattern is also consistent: a large number of story links are Bitly-wrapped, and links to local outlets often originate through RSS or Google Feedproxy — to some degree co-opting local outlets’ content streams in an attempt to establish themselves and connect with local audiences.


The collapse in local news outlets in the US (largely mirrored in the UK) magnifies this effect.
link to this extract

What Mueller’s indictment reveals about Russia’s Internet Research Agency • New Yorker

Adrian Chen:


The indictment names thirteen Russians, twelve of whom worked for a shadowy, Kremlin-connected outfit called the Internet Research Agency. The Agency has been linked to a campaign of online disinformation that included the creation of hundreds of fake political pages on Facebook and accounts on Twitter that were presented as belonging to everyday Americans; during the election, according to the indictment, this disinformation campaign was aimed at boosting Donald Trump, undermining Hillary Clinton, and sowing general “political discord” in the United States by supporting radical causes on both sides. It was sort of like a cutting-edge social-media marketing operation run, as the indictment alleges, by a St. Petersburg-based oligarch named Yevgeny Prigozhin.

Much of the information in the indictment isn’t new. The Agency was first noticed by Russian media outlets in 2014, when it was dedicated mainly to spreading online propaganda in support of pro-Russian separatists in the Ukraine conflict. In the spring of 2015, when the idea of a President Donald Trump was still a laughable fantasy, I travelled to St. Petersburg to investigate the Agency, which had recently started experimenting with targeting audiences outside Russia. As I conducted my reporting, I was myself the target of an elaborate smear campaign to label me a neo-Nazi sympathizer and U.S. intelligence agent—an early use of the kind of bizarre tactics that have been documented by numerous investigations in both the Russian and Western media, and by the internal investigations of social-media companies.

Yet the new indictment offers the most complete look yet at the Agency’s internal workings. Mueller’s investigators discovered that the Agency used a network of shell companies— entities with names like MediaSintez LLC, GlavSet LLC, and MixInfo LLC—to hide its activities and funding. The indictment alleges that the Agency employed hundreds of workers, and that by September, 2016, it had a monthly budget of more than $1.25m. The document details how the Agency’s “specialists” worked in day and night shifts, and the way they were constantly trying to measure the effect of their efforts. The employees ran fake conservative Twitter and Facebook accounts, and even planned (sparsely attended) real-life rallies.


link to this extract

A former Russian troll speaks: ‘it was like being in Orwell’s world’ • Washington Post

Anton Troianovski interviewed one such:


What was the working environment like — was it really like a factory?

There were two shifts of 12 hours, day and night. You had to arrive exactly on time, that is, from 9 a.m. to 9 p.m. There were production norms, for example, 135 comments of 200 characters each. … You come in and spend all day in a room with the blinds closed and 20 computers. There were multiple such rooms spread over four floors. It was like a production line, everyone was busy, everyone was writing something. You had the feeling that you had arrived in a factory rather than a creative place.

How did the trolling work?

You got a list of topics to write about. Every piece of news was taken care of by three trolls each, and the three of us would make up an act. We had to make it look like we were not trolls but real people. One of the three trolls would write something negative about the news, the other two would respond, “You are wrong,” and post links and such. And the negative one would eventually act convinced. Those are the kinds of plays we had to act out.

Do you think it worked?

Who really reads the comments under news articles, anyway? Especially when they were so obviously fake. People working there had no literary interest or abilities. These were mechanical texts. It was a colossal labor of monkeys, it was pointless. For Russian audiences, at least. But for Americans, it appears it did work. They aren’t used to this kind of trickery. They live in a society in which it’s accepted to answer for your words. And here — I was amazed how everyone was absolutely sure of their impunity, even as they wrote incredibly offensive comments. They were sure that with the anonymity of the Internet, no one would find them.

How much would you get paid?

Around 40,000 rubles a month [about $700 at the current exchange rate]. We’d work 12-hour days, two days on, two days off.


I love the nose-wrinkling of “who really reads the comments under news articles, anyway?”
link to this extract

Apple’s new spaceship campus has one flaw – and it hurts • Bloomberg

Mark Bergen:


Surrounding the building, located in Cupertino, California, are 45-foot tall curved panels of safety glass. Inside are work spaces, dubbed “pods,” also made with a lot of glass. Apple staff are often glued to the iPhones they helped popularize. That’s resulted in repeated cases of distracted employees walking into the panes, according to people familiar with the incidents. 

Some staff started to stick Post-It notes on the glass doors to mark their presence. However, the notes were removed because they detracted from the building’s design, the people said. They asked not to be identified discussing anything related to Apple. Another person familiar with the situation said there are other markings to identify the glass. 

Apple’s latest campus has been lauded as an architectural marvel. The building, crafted by famed architect Norman Foster, immortalized a vision that Apple co-founder Steve Jobs had years earlier. In 2011, Jobs reportedly described the building “a little like a spaceship landed.” Jobs has been credited for coming up with the glass pods, designed to mix solo office areas with more social spaces.


Seems more like an argument for not looking at your phone while walking, but glass demarcation is always a pain in offices.
link to this extract

The false teeth of Chrome’s ad filter • Electronic Frontier Foundation

Alan Toner:


The Coalition for Better Ads [which determined which ads could and could not be shown through the new adblocking Chrome] lacks a consumer voice. The Coalition involves giants such as Google, Facebook, and Microsoft, ad trade organizations, and adtech companies and large advertisers. Criteo, a retargeter with a history of contested user privacy practice is also involved, as is content marketer Taboola. Consumer and digital rights groups are not represented in the Coalition.

This industry membership explains the limited horizon of the group, which ignores the non-format factors that annoy and drive users to install content blockers. While people are alienated by aggressive ad formats, the problem has other dimensions. Whether it’s the use of ads as a vector for malware, the consumption of mobile data plans by bloated ads, or the monitoring of user behavior through tracking technologies, users have a lot of reasons to take action and defend themselves.

But these elements are ignored. Privacy, in particular, figured neither in the tests commissioned by the Coalition, nor in their three published reports that form the basis for the new standards. This is no surprise given that participating companies include the four biggest tracking companies: Google, Facebook, Twitter, and AppNexus. 


Taboola in particular is cited disapprovingly for “helping fund the underbelly of the net”.
link to this extract

How long is long enough? Minimum password lengths by the world’s top sites • Troy Hunt

Hunt is (if you’ve not been paying attention) behind the HaveIBeenPwned site, and well-versed in security topics:


I’ve been giving a bunch of thought to passwords lately. Here we have this absolute cornerstone of security – a paradigm that every single person with an online account understands – yet we see fundamentally different approaches to how services handle them. Some have strict complexity rules. Some have low max lengths. Some won’t let you paste a password. Some force you to regularly rotate it. It’s all over the place.

Last year, I wrote about authentication guidance for the modern era and I talked about many of the aforementioned requirements. I particularly focused on how today’s thinking is at odds with many of the traditional views of how passwords should be handled. That post has a lot of guidance from the NCSC in the UK and NIST in the US and it debunked many of those long-held beliefs; get rid of complexity rules, allow long passwords, let people paste them and move away from forced rotation. However, there was nothing on minimum required lengths, and that got me thinking – what’s the correct number?

When I run my Hack Yourself First workshop, that’s one of the first questions I ask – “what’s the correct minimum password length?” I was thinking about that again just this weekend when preparing V2 of Pwned Passwords because I thought I might be able to use a minimum length threshold to reduce the size of the data set. So, rather than projecting my own views on minimum password length, I thought I’d go and check what the world’s top sites are doing.


By the end, he had answered one question and found another, more difficult one.
link to this extract

Infamous Google memo author shot down by Federal Labor Board • Arc Technica

Sam Machkovech:


The National Labor Relations Board published its memo this week, which was issued in January after Damore filed a charge against his former employer on August 8. In spite of Damore withdrawing his NLRB filing in September, the board proceeded to examine and issue its own ruling:

Google “discharged [Damore] only for [his] unprotected conduct while it explicitly affirmed [his] right to engage in protected conduct.” The NLRB emphasized that any charge filed by Damore on the matter should be “dismissed.”

In explaining the board’s reasoning, NLRB member Jayme Sophir points to two specific parts of the controversial memo circulated by Damore in August: Damore’s claim that women are “more prone to ‘neuroticism,’ resulting in women experiencing higher anxiety and exhibiting lower tolerance for stress” and that “men demonstrate greater variance in IQ than women.”

Sophir describes how these gender-specific claims resemble other cases decided by the NLRB that revolved around racist, sexist, and homophobic language in the workplace. She says that specific Damore statements were “discriminatory and constituted sexual harassment, notwithstanding [his] effort to cloak [his] comments with ‘scientific’ references and analysis, and notwithstanding [his] ‘not all women’ disclaimers. Moreover, those statements were likely to cause serious dissension and disruption in the workplace.”
The NLRB memo also includes a quote from Google’s letter of termination given to Damore in August, which Sophir says focused specifically on offending, fireable content while also protecting other portions of his speech:

»I want to make clear that our decision is based solely on the part of your post that generalizes and advances stereotypes about women versus men. It is not based in any way on the portions of your post that discuss [the Employer’s] programs or trainings, or how [the Employer] can improve its inclusion of differing political views. Those are important points. I also want to be clear that this is not about you expressing yourself on political issues or having political views that are different than others at the company. Having a different political view is absolutely fine. Advancing gender stereotypes is not.«


I’m sure that will be the end of it 🙄 But of course not. Jordan Peterson has tweeted that it’s the end for science. Google’s HR made a subtle distinction in its dismissal, and Damore might not be able to get around that. But every cause needs its martyr.
link to this extract

Errata, corrigenda and ai no corrida: none notified.

Start Up: the duo who took on Google, cracking Facebook, Dyon’s electric cars, Nokia to drop wearables?, and more

It’s written in Telugu, and it can crash your iMessage app – until a forthcoming iOS update. Photo by Sean Ellis on Flickr

»You can sign up to receive each day’s Start Up post by email (arriving at about 0800GMT each weekday). You’ll need to click a confirmation link, so no spam.«

A selection of 11 links for you. Also: Friday! I’m @charlesarthur on Twitter. Observations and links welcome.

Google will make copyright disclaimers more prominent in image search • The Verge

Thuy Ong:


Getty Images and Google announced the forming of a multiyear global licensing partnership, nearly two years after Getty filed a competition law complaint against Google with the European Commission. As part of the partnership, Google will be modifying its image search to improve attribution of contributors’ work. The changes will also include making copyright disclaimers more prominent and removing view image links to the image URL.

The April 2016 complaint, which Getty has since formally withdrawn, accused Google of creating galleries of “high-resolution, copyrighted content,” and of “promoting piracy resulting in widespread copyright infringement.” Getty also accused Google of distorting search results in favor of its own services. Today’s partnership deal means Google will be able to use Getty Images’ content in its products and services, principally the image search portion of Google search with which Getty took issue.


TL;DR Getty got Google to stop making it so easy to steal images.
link to this extract

I cracked Facebook’s new algorithm and tortured my friends • Buzzfeed

Katie Notopoulos is the one to blame:


We’ve come to accept nonchronological feeds in our social media. Even on Instagram, where people do still seem to complain the most about it, we understand the rules of the new feed. It’s in the moments where the cracks start show — when the same awful video is at the top of your Facebook page for 12 days straight — that we remember how fucked up it is having our friendships ruled by an algorithm. It’s like in a sci-fi movie where a sexy android peels off her mask and you remember she’s made of steel, or the Wizard of Oz furiously cranking his noise machine behind the curtain. This algorithm doesn’t understand friendship. It can fake it, but when we see Valentine’s Day posts on Instagram four days later, or when the machines mistake a tornado of angry comments for “engagement,” it’s a reminder that the machines still don’t really get the basics of humanity.

I’ve been down this path before. In fact, I’ve written about this problem before. In the summer of 2016, Facebook did another recalibration of its News Feed that prioritized posts from friends and family over publishers, ending what seemed to many like a three-year tyranny of BuzzFeed quizzes and cooking videos. Soon after, I noticed a post from a coworker, asking if anyone had ever tried making overnight oats, had “stuck” to the top of my Facebook feed for five days straight, even though I had never commented or liked the post. I dubbed this phenomenon the overnight oats problem…

…You can try this yourself; it’s easy to game the system by posting something that drives comments. Try asking a question, or for advice: “Does anyone have a shampoo they love?” or “What was the most embarrassing thing that happened to you in middle school?”

Trust me, you will get lots of replies. And it will stick to the top of your friends’ feeds for days.

And if they are like my friends, they will hate you for it. Good luck.


Personally I detest nonchronological feeds. It’s a big reason why I rarely go on Facebook or Instagram.
link to this extract

A new iOS bug can crash iPhones and disable access to iMessages • The Verge

Tom Warren:


The bug itself involves sending an Indian language (Telugu) character to devices, and Apple’s iOS Springboard will crash once the message has been received. Messages will no longer open as the app is trying and failing to load the character, and it appears that the only way to regain access to your iMessages is to have another friend send you a message and try to delete the thread that contained the bad character.

We’ve also tested the bug on third-party apps like Facebook Messenger, WhatsApp, Gmail, and Outlook for iOS and found that these apps can become disabled once a message is received. It might be difficult to fix and delete the problem message for apps like WhatsApp, unless you have web access enabled. Telegram and Skype appear to be unaffected. The public beta version of iOS 11.3 is also unaffected. It appears Apple was made aware of the problem at least three days ago, and plans to address it in an iOS update soon.


Let’s hope soon is “very soon”. Though it’s clear that iMessage has real challenges when it come to rendering text – moreso, it seems, than any other app. Why?
link to this extract

Apple iPhone takes huge 515 share of global smartphone revenues in Q4 2017 • Strategy Analytics


According to the latest research from Strategy Analytics, global smartphone revenues hit an all-time high of US$120bn during the fourth quarter of 2017. Apple captured a record 51% global smartphone revenue share, accounting for more than the rest of the entire industry combined.

Linda Sui, Director at Strategy Analytics, said, “We estimate total global smartphone wholesale revenues grew 8% annually to reach an all-time high of US$120bn during Q4 2017. The smartphone industry’s wholesale average selling price surged 18% annually from US$255 in Q4 2016 to US$300 in Q4 2017. The smartphone industry has managed to increase massively its pricing and revenues, despite a recent decrease in shipment volumes.”


What’s also notable is that revenues increased for Samsung, Apple and Huawei, but decreased for “others” – by $3bn. Smaller players are getting squeezed out or down in price.
link to this extract

Dyson bets on electric cars to shake up industry • FT

Peter Campbell and Michael Pooler:


Through interviews with more than 20 people, the FT has gleaned details about the project’s scope and current status, including learning that Dyson is considering excluding its world-leading “solid state” battery technology from its debut model.

Dyson declined to confirm many of the details in this report.

The company is initially planning a range of three vehicles, according to two people.

The first car will be used to establish a route to market, a supply chain and a potential customer base. Because of this, the vehicle will have a relatively low production run — in the single-digit thousands, three people said.

The second and third vehicles, released later, will aim to be substantially higher volume.

“Even with a low-volume vehicle, they can make a business case and they will learn a tremendous amount about how to build a vehicle,” says Philippe Houchois, an automotive analyst at Jefferies investment bank. 

Dyson has worked extensively on lightweight materials, leading several people to speculate the first vehicle may be substantially comprised of plastics rather than metals, something usually reserved for high-end supercars.


link to this extract

Nokia might give up on wearables (updated) • Engadget

Rachel England:


Less than two years after spending millions repositioning itself in the consumer health market, Nokia has announced a strategic review of its digital health business which comes after news that the company could shed up to 425 jobs in its home country of Finland. Nokia acquired French fitness tracker manufacturer Withings for $191m in 2016 as part of its new digital health strategy WellCare, which is not dissimilar to Apple’s HealthKit. The deal came amid a spate of acquisitions by Nokia, buoyed by investment from Microsoft following their Windows Phone agreement.

But despite the company’s confident move into the health market, it wrote down $175m of goodwill on the business in the third quarter of 2017, which essentially means Withings’ net assets weren’t as valuable as Nokia initially thought. Nokia has tried to replicate Withings’ previous accomplishments, but what works for a small French startup has clearly not worked for a conglomerate with expectations of huge success. And, there’s less demand for wearables now than when they first landed – by the time Nokia got involved, Apple already had a firm hold on the market.


Not necessarily withdrawal, but looks a lot like it.
link to this extract

Why Silicon Valley singles are giving up on the algorithms of love • Washington Post

Drew Harwell:


Melissa Hobley, an executive at the dating app OkCupid, hears the complaints about the apps [being unable to find good matches] regularly and thinks they get a bad rap. Silicon Valley workers “are in the business of scalable, quick solutions. And that’s not what love is,” Hobley said. “You can’t hurry love. It’s reciprocal. You’re not ordering an object. You’re not getting a delivery in less than seven minutes.”

Finding love, she added, takes commitment and energy — and, yes, time, no matter how inefficiently it’s spent.

“You have a whole city obsessed with algorithms and data, and they like to say dating apps aren’t solving the problem,” Hobley said. “But if a city is male-dominant, if a city is known for 16-hour work days, those are issues that dating apps can’t solve.”

One thing distinguishes the Silicon Valley dating pool: The men-to-women ratio for employed, young singles in the San Jose metro area is higher than in any other major area. There were about 150 men for every 100 women, compared with about 125 to 100 nationwide, of never-married young people between 25 and 34 in San Jose, U.S. Census Bureau data from 2016 shows.

That ratio permeates the economy here, all the way to the valley’s biggest employers, which have struggled for years to bring more women into their ranks. Men make up about 70% of the workforces of Apple, Facebook and Google parent Alphabet, company filings show. The firms are also so big that different departments, with differing gender balances, barely mix.


link to this extract

Guess what? Sonos One speakers also damage wood • Tom’s Guide

Mike Prospero:


When I learned yesterday that Apple’s HomePod speaker—which I had been testing—can damage oil-stained wood, I was more than a little concerned, as it had been sitting on my cabinet for quite some time.

When I got home, I saw a large white ring, a telltale indication that the HomePod’s silicone base had messed up the finish. But, as I was inspecting the damage, I noticed a series of smaller white marks near where the HomePod was sitting.

A closer inspection revealed that the Sonos One speaker, which also has small silicone feet, had made these marks on my cabinet. Looking around the top of the cabinet, I noticed a bunch of little white marks, all left from the Sonos Ones as I moved them around. So, they will damage your wood furniture, too. We’re awaiting comment from Sonos.


link to this extract

Coinhoarder: tracking a Ukrainian bitcoin phishing ring DNS-style • Talos Intelligence

Edmund Brumaghin:


On February 24, 2017, Cisco observed a massive phishing campaign hosted in Ukraine targeting the popular Bitcoin wallet site with a client request magnitude of over 200,000 client queries. This campaign was unique in that adversaries leveraged Google Adwords to poison user search results in order to steal users’ wallets. Since Cisco observed this technique, it has become increasingly common in the wild with attackers targeting many different crypto wallets and exchanges via malicious ads.

Cisco identified an attack pattern in which the threat actors behind the operation would establish a “gateway” phishing link that would appear in search results among Google Ads. When searching for crypto-related keywords such as “blockchain” or “bitcoin wallet,” the spoofed links would appear at the top of search results. When clicked, the link would redirect to a “lander” page and serve phishing content in the native language of the geographic region of the victim’s IP address.

The reach of these poisoned ads can be seen when analyzing DNS query data. In February 2017, Cisco observed spikes in DNS queries for the fake cryptocurrency websites where upwards of 200,000 queries per hour can be seen during the time window the ad was displayed…

…Based on our findings associated with this syndicate, we estimate the COINHOARDER group to have netted over $50m over the past three years. It is important to note that the price of Bitcoin has shot up drastically over 2017, starting around $1,000 in January and hitting a high point just under $20,000 in December. While criminals were able to profit from this, it also adds a new level of complexity for criminals to convert their cryptocurrency funds to a fiat currency like US dollars. The historic price of Bitcoin during the height of this campaign would have made it very difficult to move these ill-gotten finances easily.


“Google AdWords really paid off for our phishing business!”
link to this extract

Google’s nemesis: meet the British couple who took on a giant, won… And cost it £2.1bn • Wired

Rowland Manthorpe speaks to Adam and Shivaun Raff, who set up Foundem – a price comparison site – in 2007 and then saw Google demote it in favour of its own offerings:


Because Google is hosted across numerous data centres, Adam was able to watch, horrified, as the penalty swept across the search engine, downgrading Foundem for every search except its own name.

One second Foundem ranked first or third (a status it maintained on Yahoo! and Microsoft’s Bing). The next, it was down in the 70s and 80s. For huge swathes of online life, Google is the default entry point. In a single stroke, Foundem had effectively been disappeared from the internet.

The Raffs knew instantly this was an existential threat. “We didn’t kid ourselves for one second,” says Adam. “If Google didn’t lift this penalty, we’d be dead.” But when they tried to contact Google, it was like sending messages into the void. Through a contact, they reached the firm’s head of search quality. The response came back from a colleague, saying he had “no specific insights to offer”.

No matter what they tried – and over the next two years the Raffs pursued every conceivable avenue – there was no reasoning with Google. Their only option was to find alternative sources of revenue, by licensing Foundem’s software to publishers such as Bauer and IPC Media.

To the Raffs, this is Google’s real crime: its inaccessibility and unwillingness to respond, even to legitimate complaints. “We’ve never said that the fault was being penalised,” says Adam. “Collateral damage in complex algorithms is inevitable. The fault was not having a procedure by which we could appeal and get timely relief.”


The Raffs have done analysis after analysis of the ways that Google’s “solutions” to the antitrust complaint on search are self-serving. But it has taken years, and Google’s present “solution” is one which was rejected previously. Even though Vestager, the new EC antitrust commissioner, has found against Google, it’s too slow.

Justice delayed is justice denied, and this has been delayed at least seven years.
link to this extract

Search tool accesses firms’ documents in the cloud • BBC


A website created by anonymous hackers has been launched that allows anyone to search for sensitive data stored in the cloud.
Buckhacker is a tool that trawls servers at Amazon Web Services (AWS), a popular cloud computing platform.

AWS provides data storage to private firms, governments and universities, among others.
Exposed data has been found on it before, but Buckhacker makes searching for it much easier.

The name comes from the fact that AWS Simple Storage Servers (S3) are known as “buckets” – this is the part of AWS that Buckhacker accesses.

The BBC alerted Amazon to Buckhacker shortly after it went live, but the firm has yet to issue a statement on the matter.

On Wednesday afternoon, Buckhacker went offline “for maintenance”, though it had previously been working allowing a number of cyber-security experts to explore it.

“We went online with the alpha version [too] early,” said a Twitter account associated with the Buckhacker site.

Security expert Kevin Beaumont told the BBC: “It’s a goldmine of stuff which shouldn’t be public.”


“Goldmine of stuff which shouldn’t be public” can describe much of the internet, but in this case it’s pretty accurate. Amazon has done well at security before, but now it has a serious problem.
link to this extract

Errata, corrigenda and ai no corrida: none notified.

Start Up: Twitch v TV, Google Chrome v (some) ads, iPhone Xx3?, HomePod crop circles, and more

North Korea’s hacker army probably isn’t as easy to spot as this. But might be just as numerous. Photo by (stephan) on Flickr

»You can sign up to receive each day’s Start Up post by email (arriving at about 0800GMT each weekday). You’ll need to click a confirmation link, so no spam.«

A selection of 12 links for you. Not facilitated by lawyers. I’m @charlesarthur on Twitter. Observations and links welcome.

Twitch just passed MSNBC and CNN for January viewers • Dotesports

Ana Valens:


It’s no secret that Twitch is one of the internet’s most popular streaming services. But now, its numbers are challenging traditional cable television. New statistics reveal that Twitch’s January viewership was higher than both CNN and MSNBC’s figures.

Last month, Twitch clocked in 962,000 average concurrent viewers throughout the month, which amounts to a 22% increase from January 2017 and a 26% increase since December, reports. The site also revealed that Twitch’s January viewership beat out both MSNBC and CNN, who reportedly featured 885,000 and 783,000 watchers for their total day viewership during Jan. 2018, respectively.

While Twitch performed well for January, it didn’t necessarily beat out the U.S.’s biggest cable networks. Fox News Channel and ESPN both reported 1.5 million viewers for total day viewership, beating out Twitch by over 500,000 viewers. But with Twitch close to reaching over 1 million viewers on average, its January 2018 figure isn’t something to scoff at by any means. Cable television has a hefty competitor.


Something is wayyyy off about those numbers for CNN and MSNBC – and Fox. Pretty sure they net loads more viewers than that. Is this just measuring concurrent viewers?
link to this extract

Google will block spammy ads (just not many of its own) • WSJ

Douglas MacMillan:


The Coalition [For Better Ads]worked with [coalition member] Google to improve the research, including deciding on a number of additional ad formats to test, said one person involved in the process. Google tested 55 desktop ad formats and 49 mobile formats and presented the findings to the group.

The coalition ultimately deemed 12 ad formats unacceptable.

Google’s leading role in the standard-setting process troubled some of the coalition’s members, who observed that the blacklisted ad formats generally don’t apply to Google’s own business, according to people who were part of the process. Google generates most of its revenue from text search ads and rectangular display ads, rather than the visually rich media ads that will be banned by the coalition.

“They are creating a standard that doesn’t apply to them,” said Ryan McConville, president of mobile-ad startup Kargo, one of 17 members on the coalition’s board.

Some of the members lobbied the coalition to make exceptions, including Facebook, which argued that the social network should be excluded from a rule banning videos that automatically play with sound. Bounce Exchange Inc., a pop-up ad maker, argued the pop-up ad rule should be changed to exclude ads that appear when a user is idle for more than 30 seconds. Both efforts were successful.

Google didn’t test one of its own most prominent ad formats, the ads that run on YouTube videos for several seconds before users can skip them.


Surprrriiiise! The blocking will begin today (Feb 15) on the updated version of Google Chrome, the world’s most widely-used browser on desktop and mobile.
link to this extract

Barclays says second-generation iPhone X could have smaller notch • MacRumors

Joe Rossignol:


Apple will launch a trio of new iPhone models later this year with a second-generation TrueDepth camera system, which will potentially be reduced in size, according to a research note issued today by analysts Andrew Gardiner, Hiral Patel, Joseph Wolf, and Blayne Curtis at investment bank Barclays.

While the analysts believe the new TrueDepth system will only “evolve slightly,” they predict it could allow for a “smaller notch” on the 2018 range of iPhones with Face ID, which is rumored to include a second-generation iPhone X, a larger iPhone X Plus, and an all-new mid-range 6.1-inch LCD model.

MacRumors obtained a copy of the research note, which also corroborates rumors about Apple extending Face ID to the iPad Pro this year…


Second generation and smaller and faster makes sense – that was the path with TouchID after all.
link to this extract

Silicon Valley’s tax-avoiding, job-killing, soul-sucking machine • The Atlantic

Scott Galloway:


If you want to manufacture and sell a Popsicle to children, you must undergo numerous expensive FDA tests and provide thorough labeling that outlines the ingredients, calories, and sugar content of the treat. But what warning labels are included in Instagram’s user agreement? We’ve now seen abundant research indicating that social- media platforms are making teens more depressed. Ask yourself: If ice cream were making teens more prone to suicide, would we shrug and seat the CEO of Dreyer’s next to the president at dinners in Silicon Valley?

Anyone who doesn’t believe these products are the delivery systems for tobacco- like addiction has never separated a seven- year-old from an iPad in exchange for a look that communicates a plot to kill you. If you don’t believe in the addictive aspects of these platforms, ask yourself why American teenagers are spending an average of five hours a day glued to their Internet- connected screens. The variable rewards of social media keep us checking our notifications as though they were slot machines, and research has shown that children and teens are particularly sensitive to the dopamine cravings these platforms foster. It’s no accident that many tech companies’ execs are on the record saying they don’t give their kids access to these devices.

All of these are valid concerns. But none of them alone, or together, is enough to justify breaking up big tech. The following are reasons I believe the Four should be broken up.


It’s quite the wild ride – and was quoted on Wednesday on the US Senate.
link to this extract

Youtube CEO to Facebook: ‘get back to baby pictures’ • The Guardian

Alex Hern:


YouTube’s chief executive, Susan Wojcicki, joined a lineup of tech and media executives lambasting Facebook at a conference in California.

Wojcicki, whose own company is facing intense criticism over its handling of shock-jock vlogger Logan Paul, suggested Facebook should head further down the path it started on when it announced plans in January to de-prioritise news content.

“They should get back to baby pictures and sharing,” Wojcicki told Code Media in Los Angeles.

But the CEO said Facebook’s increasing attempts to establish itself as a video platform do not keep her awake at night: “[Y]ou always have to take your competitors seriously, but you don’t win by looking backwards and looking around.”

She wasn’t the only one using the stage to attack Facebook, which has become one of the industry’s favourite punching bags in recent months. BuzzFeed co-founder and CEO Jonah Peretti joined in, arguing that Facebook should extend its revenue sharing practices to the news feed itself. “Most of Facebook’s revenue is in News Feed, and that’s where they’ve not shared revenue,” Peretti told the conference.

The social network does split advertising revenue from instant articles, or videos posted to the site, but Peretti argued that that isn’t enough. “These are places with a lot less distribution so there’s a lot less revenue.”


Not a great look for Wojicki, to be honest. YouTube’s problems look just as bad as Facebook’s, if not worse.
link to this extract

Black people in tech are still paid less than white people, according to Hired • Techcrunch

Megan Rose Dickey:


Pay discrimination and discrepancies based on gender and race are nothing new. Unfortunately, it seems that little has changed over the years.

In the tech industry, white people on average make $136,000 a year, which is about $6,000 more than black people with the same level of expertise. It also turns out white tech workers ask for more money, according to Hired’s data. Hired’s data is based on its marketplace of over 69,000 people and 10,000 companies.

“The racial gap may be partially a result of black and hispanic tech workers undervaluing their skills, which is symptom of being underpaid in previous roles,” Hired CEO Mehul Patel said in a blog post. “Black and hispanic candidates on the Hired platform set their preferred salaries lowest ($124K). Ultimately though, Hispanic candidates are offered $1K more than their black counterparts. For comparison, white tech workers ask for an average of $130K and Asian tech workers ask for an average of $127K.”

It also turns out people who identify as multiracial receive less than people who identify as one race.


link to this extract

Inside North Korea’s hacker army • Bloomberg

Sam Kim talks to three people who defected from North Korea’s program – which as they describe it seems to be about earning foreign currency by any means possible:


Lim Jong In, head of the department of cyberdefense at Korea University in Seoul and a former special adviser to South Korea’s president, says that North Korea’s hacking strategy has evolved since Jong defected. At the program’s height, he says, well over a hundred businesses believed to be fronts for North Korean hacking were working in the Chinese border cities of Shenyang and Dandong alone. China has since cracked down on these operations in an effort to comply with United Nations sanctions, but they’ve simply been moved elsewhere, to countries such as Russia and Malaysia. Their value to the regime—and to the hackers themselves—is simply too high to forgo. “North Korea kills two birds with one stone by hacking: It shores up its security posture and generates hard currency,” Lim says. “For hackers it offers a fast track to a better life at home.”

[Ex-North Korean state hacker] Jong is doing well for himself in Seoul. He blushes when congratulated for a promotion he recently received at a local software security company, saying he had to work especially hard for it. “I feel like my value as a programmer is discounted by half when I tell people I’m from North Korea,” he says. Others in the 30,000-odd defector community express similar frustrations about their outsider status; some display contempt for their adopted country’s concerns about appearances and money, and recall with pride their homeland’s penchant for bluntness.

Still, there’s no going back.


link to this extract

The hotlines between North and South Korea • Electrospaces

The unnamed author on the modern version of the formal communications link between north and south, which was first opened in 1971:


On the South Korean side, the hotline equipment is located in the communication office on the second floor of the Freedom House, which was built in 1998. On the North side, the line ends at a desk in the Panmungak building, which is less than 100 meters (328 feet) away.

The current equipment, which is seen in the most recent photos, was installed in 2009 and consists of a large, wood-panelled console on a desk. On top is a sign that says “South-North Direct Telephone”. The system features disk drives, USB ports and a computer screen, which shows the Windows XP user interface. It’s not clear what the function of the screen is, as there’s no keyboard visible.

Equipment of the Red Cross or border hotline on the South Korean side
(photo: YTN News)

The most important parts are however two telephone handsets, one red and one green. The red one is for incoming calls from North Korea, while the South uses the green handset to make outgoing calls to the North. However, both phone sets are capable of sending and receiving, but there have been installed two of them just in case one fails.

Since 2015, the console has two digital clocks on top, as in that year North Korea shifted to UTC 08:30 or Pyongyang Time (PYT), while South Korea stayed in the UTC 09:00 or Korea Standard Time (KST) zone. The green clock shows 3:34 for South Korea and the orange/red one 3:04 for North-Korea.

Next to the hotline console there’s a fax machine through which North Korea sometimes sends messages about topics that range from logistics to threats.


Ah yes, we used to have a fax machine like that connected to head office.
link to this extract

The house that spied on me • Gizmodo

Kashmir Hill and Surya Matta:


Matta: Yes, I am basically Kashmir’s sentient home. Kashmir wanted to know what it would be like to live in a smart home and I wanted to find out what the digital emissions from that home would reveal about her. Cybersecurity wasn’t my focus. (I wasn’t interested in hacking her sex toy or any of her other belongings.) Privacy was. What could I tell about the patterns of her and her family’s life by passively gathering the data trails from her belongings? How often were the devices talking? Could I tell what the people inside were doing on an hourly basis based on what I saw?

Using a Raspberry Pi computer, I built a router with a Wi-Fi network called “iotea” (I’m not very good at naming things) to which Kashmir connected all of her devices, so that I could capture the smart home’s network activity. In other words, I could see every time the devices were talking to servers outside the home.

I had the same view of Kashmir’s house that her Internet Service Provider (ISP) has. After Congress voted last year to allow ISPs to spy on and sell their customers’ internet usage data, we were all warned that the ISPs could now sell our browsing activity, or records of what we do on our computers and smartphones. But in fact, they have access to more than that. If you have any smart devices in your home—a TV that connects to the internet, an Echo, a Withings scale—your ISP can see and sell information about that activity too. With my “iotea” router I was seeing the information about Kashmir and her family that Comcast, her ISP, could monitor and sell.


All very scary, really. And inconvenient: she needed 14 different apps (and accounts) to control it all, and the lights wouldn’t listen to the Alexa, and “smart coffee was also a world of hell”. (The dream of making-coffee-at-a-distance just won’t go away.)
link to this extract

Does Injong Rhee’s departure spell doom for Bixby? • Medium

Philip Berne:


The scale and effort to create Bixby cannot be undersold. It was a massive undertaking of talent and brute force that few companies could muster. According to the company’s own Newsroom, Samsung spent over $13.6bn (14.8trn KRW) on R&D in 2016. In the same year, Apple spent about $10.4bn. Samsung has the resources to tackle massive projects like Bixby, but does it have the will?

Injong [who is going to Google to work on its Internet of Things projects] provided the will. This was a point we hammered to media repeatedly, especially when Milk Music, or the TouchWiz interface, or any other Samsung software failures came up. What’s different here is Injong. Injong has a track record of success. He has proven that he would not quit until the project is successful.

Well, Injong just quit. Of course Samsung won’t be giving up on Bixby right away. In one of the most boneheaded design decisions ever, the company put a dedicated button on their flagship phones. In another boneheaded move, they KEPT putting the Bixby button on phones, and it seems the upcoming Galaxy S9 flagship will feature that button. Feature. Thankfully, they positioned the button opposite the power button, so users will be able to squeeze it accidentally and will get to experience Bixby for themselves.

I actually liked using Bixby, and I loved Bixby’s ambition. Like Samsung Pay’s magnetic stripe compatibility, Bixby was truly filling a gap in the smartphone market, helping users navigate archaic interface designs. Also like Samsung Pay, it was a gap that persisted from the past, and would likely be filled by future innovations…

The question is whether Samsung can hold onto this ambition, as the chief architect and cheerleader for not giving up has himself moved on to something better.


link to this extract

Apple’s HomePod speakers leave white marks on wood • BBC


Apple’s new smart speakers can discolour wooden surfaces, leaving a white mark where they are placed, the firm has acknowledged.

The US company has suggested that owners may have to re-oil furniture if the HomePod is moved.

The device went on sale last week after having been delayed from its original 2017 release date.

Apple told Pocket-lint that it was “not unusual” for speakers with silicone bases to leave a “mild mark”.

But the gadget review site told the BBC it had never seen anything like this problem.

The website’s founder, Stuart Miles, told the BBC that a speaker left a mark on his kitchen worktop within 20 minutes.

“To clear it, I had to sand the wood down and then re-oil it,” Mr Miles said.

“It wasn’t the end of the world for us. But if you’ve bought an expensive Scandinavian sideboard or some beautiful piece of wooden furniture and then got a mark on it from the speaker, you can imagine the horror,” he added.


“Siri, show me something that should have been spotted during testing in Jony Ive’s lab with its big wooden tables.”
link to this extract

Audiophile HomePod reviewer turns out to not know much about measuring audio • Kirkville



The much touted review of the HomePod posted by an “audiophile” on Reddit last week – and gleefully tweeted by Apple’s Phil Schiller – turns out to be a long mess of uninformed and poorly made measurements.

This reply on Reddit highlights many of the problems, notably the fact that the HomePod wasn’t measure in an anechoic room, but mainly the fact that the “reviewer” fudged the display of his graphs, making them look better than they were.


Oh lordy, this process is never going to end, is it.
link to this extract

Errata, corrigenda and ai no corrida: none notified.