Start Up (holiday bonus): Facebook redux, what the Uber car should have seen, the fake NHS pay rise, and more

That’s a forgery! But will the blockchain spot it? Photo by Yersinia pestis on Flickr.

Today’s is just a bonus, because honestly, there’s a lot of tech stuff that needs noting, isn’t there? But truly, I am on holiday as you read this. I just wasn’t when I wrote it.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 12 links for you. Use them wisely. I’m @charlesarthur on Twitter. Observations and links welcome.

Bitcoin will eventually be the single global currency: Twitter’s Jack Dorsey • CNBC

Ari Levy:


Jack Dorsey, the CEO of Twitter and Square, expects bitcoin to become the single global currency within the next decade, he told the Sunday Times newspaper.

Dorsey, a personal investor in bitcoin, expects the cryptocurrency to be used for simple things like coffee and said its ascendance to world’s currency will occur over 10 years, “but it could go faster,” the U.K.-based paper reported.

Square said in November that it would start enabling the buying and selling of bitcoin on its Cash app. Dorsey is also an investor in a star-up called Lightning Labs, which is developing technology to make bitcoin faster and easier to use.

When it first came into use, Bitcoin was touted as an alternative to the dollar and even gold. However, the cryptocurrency has been on a wild ride in recent months, soaring to a record near $20,000 before crashing below $8000 last month.

Dorsey told the Times that bitcoin is “slow and it’s costly, but as more and more people have it, those things go away.”


I’m perfectly happy to take the other side of that bet and come back in ten years. How about you, Jack?
link to this extract

Facebook scraped call, text message data for years from Android phones • Ars Technica

Sean Gallagher:


If you granted permission to read contacts during Facebook’s installation on Android a few versions ago—specifically before Android 4.1 (Jelly Bean)—that permission also granted Facebook access to call and message logs by default. The permission structure was changed in the Android API in version 16. But Android applications could bypass this change if they were written to earlier versions of the API, so Facebook API could continue to gain access to call and SMS data by specifying an earlier Android SDK version. Google deprecated version 4.0 of the Android API in October 2017—the point at which the latest call metadata in Facebook users’ data was found. Apple iOS has never allowed silent access to call data.

Facebook provides a way for users to purge collected contact data from their accounts, but it’s not clear if this deletes just contacts or if it also purges call and SMS metadata. After purging my contact data, my contacts and calls were still in the archive I downloaded the next day—though this may be because the archive was still the same cache I had requested on Friday.

As always, if you’re really concerned about privacy, you should not share address book and call-log data with any mobile application. And you may want to examine the rest of what can be found in the downloadable Facebook archive, as it includes all the advertisers that Facebook has shared your contact information with, among other things.


Jelly Bean was released in September 2012, but it took until October 2013 for that version (or later) to be on more than 50% of Android phones.
link to this extract

Fact check: your call and SMS history • Facebook Newsroom


You may have seen some recent reports that Facebook has been logging people’s call and SMS (text) history without their permission.

This is not the case.

Opt-in features in Facebook Lite and Messenger
Call and text history logging is part of an opt-in feature for people using Messenger or Facebook Lite on Android. This helps you find and stay connected with the people you care about, and provide you with a better experience across Facebook. People have to expressly agree to use this feature. If, at any time, they no longer wish to use this feature they can turn it off in settings, or here for Facebook Lite users, and all previously shared call and text history shared via that app is deleted. While we receive certain permissions from Android, uploading this information has always been opt-in only.

We introduced this feature for Android users a couple of years ago. Contact importers are fairly common among social apps and services as a way to more easily find the people you want to connect with. This was first introduced in Messenger in 2015, and later offered as an option in Facebook Lite, a lightweight version of Facebook for Android.


Unsigned. Isn’t going to make it any more welcome. “Yeah, you agreed to that in the gazillion-page agreement. Remember? OK so it looked like something else. Get over it.”
link to this extract

How can I download a copy of my Facebook data? What is included – and what isn’t? • Big Brother Watch

You can download your information from your settings. To download your information:

1. Click at the top right of any Facebook page and select “Settings”
2. Click “Download a copy of your Facebook data” at the bottom of General Account Settings
3. Click “Start My Archive”
You will be prompted to confirm that you have requested the archive from your associated email account.

This archive will typically contain a large amount of very sensitive personal information, including contact information, addresses, photos and private messages (see below). You should be careful to store it securely.

I now have my Facebook archive. Where can I find the contact information it has stored about me?

See the ‘contact info’ tab under ‘html’. If you have closely controlled your privacy settings, you won’t see much here.

However, many people find comprehensive contact details from their phone and email accounts.

Some even find extensive call and text logs, likely to arise from app permissions that have been granted.

Why does my contacts list include people that are not on Facebook?

When you first sign up to Facebook, you are asked to hand over your contact lists and address books so Facebook can “Find Friends” for you.
link to this extract

‘Oh my God…It’s fake’: Far right falls for hoax about Broward County sheriff • POLITICO

Marc Caputo:


In the wake of the Marjory Stoneman Douglas High School massacre, the far-right fever swamps buzzed with false information and conspiracy theories about student “crisis actors” who were paid to lie about the mass shooting.

But ironically, conspiracy-minded conservatives fell for a political hoax involving a different kind of actor. The subject? Broward County’s Democratic sheriff, Scott Israel.

Israel for the past month has been assailed as everything from a “rapist” to a philanderer to a crooked cop thanks to three old YouTube videos in which a mystery woman accused him of impregnating her when she was 17 and forcing her to get an abortion. The videos together have been viewed almost 130,000 times since the Feb. 14 shooting.

But all of it was a lie, the woman and her attorney, Yechezkel Rodal, now tell POLITICO, which found her by combing internet videos and social media.

“I was paid to say these things. I didn’t even know what I was saying,” said the woman, who spoke with POLITICO on condition of anonymity because she fears political retribution from Internet trolls or from the sheriff’s office, which does not know her identity. “I’m sorry … It’s fake.”

The revelation comes amid growing concerns about the spate of conspiracy theories and “false flag” attacks surrounding recent mass shootings — especially in Florida — that are surfacing on right-wing and fringe media sites.


This happens at both extremes of political belief, of course.
link to this extract

Despite its mystique, Cambridge Analytica didn’t offer advertisers anything special • AdExchanger

James Hercher:


One agency found Cambridge Analytica was effective for campaigns with specific parameters and targets. The agency used Cambridge Analytica for a campaign heavy on earned media after it claimed it could drive new cycles and engagement.

“It worked, but we chose them because we knew we were targeting a Trump-like audience and they’d have models for that,” said the agency exec, who hasn’t worked with Cambridge Analytica since.

Cambridge Analytica was fairly effective, according to an executive from a news publisher that piloted a subscription campaign with the company, but the program was dropped because it was more expensive than similar optimization tech companies on the market.

Where Cambridge Analytica found success and longer-term work was in Washington, DC, where it positioned itself as an outside commercial option for Republican candidates losing the narrative on data and technology.

Besides need, the Republicans also presented opportunity. They had fewer vendors compared to the Democratic ecosystem, according to a former Cambridge Analytica executive and a digital media executive who worked closely with the company during the election.

“Republican candidates and committees had frankly been overpaying conservative vendors for a long time because really no competition was allowed,” said one political tech executive who worked closely with Cambridge during the campaign and refused to comment publicly due to a nondisclosure.

Cambridge Analytica’s technology may have been standard market fare, he said, but it was competing with overpriced platforms that had long attached big premiums to conservative media buys based on a vague sense that campaigns should have a more political-first media approach and, mostly, out of partisan loyalty.

“The truth is, Facebook or about any commercial DMP can do that better even if their employees want you to lose,” he said.


AdExchanger doesn’t want to tell us what DMP is. Jargon for “data management platform“, since you ask.
link to this extract

Indian agency denies security lapse in ID card project; ZDNet defends report • Reuters

Malini Menon:


Tech news site ZDNet said on Sunday it stood by its report that identified a security vulnerability in data-linked to Aadhaar – India’s national identity card project, after a semi-government agency that manages the database sought to discredit the report.

ZDNet reported that a data leak on a system run by a state-owned utility company could allow access to private information of holders of the biometric “Aadhaar” ID cards, exposing their names, their unique 12-digit identity numbers, and their bank details.

The Unique Identification Authority of India (UIDAI), which manages the Aadhaar program, said “there is no truth in this story,” in a statement late on Saturday.

ZDNet’s global editor-in-chief Larry Dignan said in an email to Reuters on Sunday the publication stood by its report. Dignan said they spent weeks compiling evidence and verifying facts.

“We spent weeks reaching out to the Indian authorities, specifically UIDAI, to responsibly disclose the security issue, and we heard nothing back — and no action was taken until after we published our story,” said Dignan.

UIDAI sought to downplay the report stating that even if the claims in the story were true, it would raise security concerns with the database of the utility company and not with the security of UIDAI’s Aadhaar database. UIDAI said it is “contemplating legal action against ZDNet”.


There have been so many reports of Aadhaar breaches that they can’t all be fake.
link to this extract

#PutinAtWar: trolls on Twitter • Medium

The Atlantic Council’s Digital Forensic Lab looks at how a poll about the Skripal poisoning by a British user was hijacked by a Russian account which spread it to others bots:


From Lisitsa, the retweet cascaded to dozens of other, primarily Russian-language accounts, forming the most substantial cluster of retweets throughout the scan.

None of these Russian accounts has an organic focus on, or interest in, UK politics; their content is dominated by pro-Kremlin messaging, mostly in Russian or English. Their purpose in retweeting the poll therefore seems to have been to spread it to a Russian audience which could be expected to vote against the UK government.

This intervention was small in itself, impacting one poll, from one account. However, the source account was an influential member of a politically vocal UK community; thus, by targeting it, the Russian accounts may have hoped to reinforce their message among UK opposition supporters.

If so, they succeeded. @Rachael_Swindon is not a member of this troll community; it has had no interactions with @malinka1102 or @rixstep, and does not post on hot-button Kremlin topics such as Crimea or MH17.

However, still on March 17, the account had a conversation with @ValLisitsa, at the end of which @Rachael_Swindon claimed, based on its own poll, that the “mood of the British public is starting to shift.”


If these researchers find it this easy to find Russian trolls, why can’t Twitter? Also, anyone who takes the slightest notice of a Twitter poll needs telling off.
link to this extract

Why you need an Untouchable day every week • Harvard Business Review

Neil Pasricha:


Now when I get home after work, I soak in time with my wife and two little boys. Nothing is or will ever be as precious to me, and I resist insight from anyone who isn’t making space for loved ones.  I realized that what I needed was a practical way to get more work done without taking more time. And, to be honest, I needed it fast. Why? Because in my first year as a full-time author, I actually started feeling my productivity slipping — even though I had quit my full-time job. It wasn’t just disheartening; it was also embarrassing. “So how’s the new book coming?” “Oh, now that I quit my job? Terribly!”

I finally found a solution that I feel has saved my career, my time, and my sanity. If you’re with me right now, I bet you need this solution too: I call it “Untouchable Days”.

These are days when I am literally 100% unreachable in any way…by anyone.

Untouchable Days have become my secret weapon to getting back on track. They’re how I complete my most creative and rewarding work. To share a rough comparison, on a day when I write between meetings, I’ll produce maybe 500 words a day. On an Untouchable Day, it’s not unusual for me to write 5,000 words.  On these days, I’m 10 times more productive.

How do I carve out Untouchable Days?

I look at my calendar sixteen weeks ahead of time, and for each week, I block out an entire day as UNTOUCHABLE. I put it in all-caps just like that, too. UNTOUCHABLE. I don’t write in all-caps for anything else, but I allow  UNTOUCHABLE days to  just scream out to me.

Why sixteen weeks ahead? The number of weeks isn’t as important as the thinking behind it. For me, that’s after my speaking schedule is locked in — but, importantly, before anything else is. That’s a magic moment in my schedule. It’s the perfect time to plant the Untouchable Day flag before anything else can claim that spot.


Not sure this works for those who aren’t authors who aren’t obliged to go to meetings and offices, but included just in case you’re looking for a new way to make your boss say “You’re WHAT?”
link to this extract

Police chief said Uber victim “came from the shadows”; don’t believe it • Ars Technica

Timothy B. Lee:


In this nighttime video, posted to YouTube by Brian Kaufman on Wednesday, the scene of the crash can be seen around 0:33. Features at the sides of the road—including curbs, signs, and bushes—are clearly visible. No pedestrians walk into the road during the video, but it seems clear that Herzberg would have been visible much earlier if the Uber video had been taken with this camera.

Mill Ave. at night.
Another YouTuber, Dana Black, posted this video. His camera work isn’t as good as Kaufman’s—the video is blurry and he doesn’t hold his camera steady. But his video supports the same basic conclusion. “It’s not as dark as that video made it look,” Black says in the video as he drives past the point in the road where Herzberg was hit (around 0:33). “My footage is from my Pixel XL and looks pretty similar to real life,” he writes in the YouTube description.

To be fair, there are a few other cars on the road in Black’s video, which might be adding some illumination. But Kaufman’s car appears to be the only vehicle on the road, and visibility is still much better than in Uber’s dashcam video.

It’s not surprising that the road was actually more brightly lit than the Uber video makes out. Think about it: the Uber car was going 38 miles per hour (61km/h), and people on pitch-black country roads drive faster than that all the time. That would be extremely reckless if—as the video implies—headlights can’t illuminate the road two seconds ahead at that speed.

The video implies that the Uber car’s headlights had a range under 110 feet (33 meters). For comparison, here’s a diagram from the Insurance Institute for Highway Safety showing headlight ratings for the car in question, a Volvo XC90:


IIHS shows the XC90 with a range just under 250 feet (76 meters) with “low beams” on. The car’s headlights are rated poorly by the IIHS compared with other cars on the market. Still, 250 feet is more than 4 seconds of illumination for a car driving 38 miles per hour. If the Uber car’s headlights really didn’t illuminate Herzberg until less than two seconds before the crash, there was something seriously wrong with them.


As I said previously, cameras don’t give you a good idea of how people see them, but the Uber dashcam really seems to be making it look a lot darker than it was. Uber doesn’t have an alibi.
link to this extract

Those eye-popping 6.5% to 29% NHS pay rises are a lie – and I can prove it •

Rachel Clarke is an NHS doctor, but used to be a journalist for ITV:


Pages 11-13 of the Framework Agreement purport to demonstrate, for each level of seniority of NHS staff, their “new” pay rise over three years. To expose the statistical sleights of hand deployed, take the example of staff on “point 24” of the payscale, screenshot below:

The total pay rise for a staff member on this point of the payscale would be, allegedly, 14.02% over three years. However, during that same three-year period, their pay would have risen anyway on the old payscale by 10.48% (from £29,626 to £32,731), as they received their annual incremental pay awards, reaching point “27” on the old payscale. In other words, their actual pay rise on the proposed new pay deal is a mere 3.54%, spread over three years.

That’s not even close to the promised minimum pay rise of 6.5%. It’s barely greater than 1% per annum.

Deploying the same simple arithmetic with the outlandish-sounding upper limit pay rises reveals, again, the dishonesty of the government’s figures. Let’s look at that alleged 29% pay rise. Here are those lucky individuals, on point “26” of the payscale:

But, once you deduct the increase in salary these staff members would have received anyway on the old payscale (from £31,696 to £35,577 = 12.24%), you find the headline figure of 29% shrinks down to an actual pay rise of 16.8%.

In short, the government – and the 13 unions who have agreed to sign up to these bogus figures, with the notable exception of the GMB – have misled NHS staff into thinking their pay rises over the next three years are vastly greater than they actually will be.


How surprising that the government would misrepresent a pay award in a way that favours it. Meanwhile I highly recommend Clarke’s book “Your Life In My Hands“.
link to this extract

This startup is using blockchain to fight art forgers • Bloomberg

Vivianne Rodrigues and Rob Urban:


Contemporary artist Philip Colbert, whose colorful, high-spirited art is finding buyers around the world, had been toying with the idea of creating his own catalog system to prove the authenticity of his expanding body of work.

“I had a dealer in Japan who had been telling me I needed to have better forms of certification for my artwork, because people are buying art as an investment,” said the British artist, who appropriates pop culture images in his paintings, fashion and furniture. “Art is a currency in a way; at the end of the day when they come to auction, the provenance is a very important element of their value.”

Then he met Rob Norton, the founder of Verisart, a U.S.-based startup that’s using blockchain, the ledger technology underlying Bitcoin, to verify the authenticity of artwork. It’s a problem as old as art itself, said Norton, and artists have long been unreliable when it comes to documenting their own work. As far back as the 17th century, Rembrandt’s dealer complained of his client’s poor record-keeping, Norton said.

Blockchain creates an immutable, traceable record of every transaction, whether it’s art changing hands or Bitcoin. Widespread adoption of the technology could give a boost to the market for art online, which has yet to explode…

…Colbert’s certificates, for example, contain small reproductions of the piece itself called “image hashes,” along with all of the relevant information about its creation, ownership and movement, such as whether it was part of an exhibition. He’ll have a show in Tokyo in September and Beijing next February.

Since Verisart uses the unaltered Bitcoin blockchain rather than a customized version, one risk may be that their effort can be easily replicated, since it brings little in the way of new technology. Some collectors, particularly those who buy and sell privately may also be reluctant to share their information in such a public way.

“The blockchain is a more efficient method of verification,” Colbert said. “You’re not worried about the authentic value of your work, because it’s all about locking down the time and place. Then all those fakes aren’t doing you any damage. All those fake Mona Lisas don’t do the Mona Lisa any harm.”


But how do you know that the image of the original thing that you hashed is authentic? Art faking often starts right at the point where the art enters the system. The first buyer thought it was a Monet; turns out it was a fake all along. Now do you do to the blockchain entry?
link to this extract

Errata, corrigenda and ai no corrida: none notified

Start Up: YouTube will ban gun ads, reproducing machine learning, the bird catastrophe, and more

Ikea assembly trouble? Maybe augmented reality can fix that. Photo by Robert Couse-Baker on Flickr.

PLEASE NOTE: The Overspill will be on holiday next week. So you’re unlikely to receive any emails/see any posts here.

(Why in bold red? Because I know some people will miss this. Next time I might bring back the <blink> tag for the message.)

A selection of 11 links for you. That’s the way it goes. I’m @charlesarthur on Twitter. Observations and links welcome.

YouTube to ban videos promoting gun sales • The New York Times

Niraj Chokshi:


The video-streaming service, which is owned by Google, said it would ban videos that promote either the construction or sale of firearms and their accessories. The new policy, developed with expert advice over the past four months, will go into effect next month, it said.

“While we’ve long prohibited the sale of firearms, we recently notified creators of updates we will be making around content promoting the sale or manufacture of firearms and their accessories, specifically, items like ammunition, gatling triggers, and drop-in auto sears,” YouTube said in a statement.

YouTube, which described the move as part of “regular changes” to policy, notified users in a Monday forum post. The company had previously banned videos showing how to make firearms discharge faster, a technique used by the gunman who killed 58 people in Las Vegas last fall.

The announcement comes days before planned student-led protests against gun violence on Saturday. It was met with frustration from gun rights advocates.

“Much like Facebook, YouTube now acts as a virtual public square,” the National Shooting Sports Foundation, a private group representing gun makers, said in a statement. “The exercise of what amounts to censorship, then, can legitimately be viewed as the stifling of commercial free speech, which has constitutional protection. Such actions also impinge on the Second Amendment.”


It’s not a stifling of commercial free speech (Google owns the platform; it gets to decide what’s on it) and it really doesn’t impinge on the Second Amendment. It’s not stopping anyone buying or owning a gun. Reason is a stranger to some.
link to this extract

Best Buy severs ties with Huawei on security concerns • Bloomberg

Mark Gurman:


Best Buy Co., the large consumer electronics retailer, plans to sever ties with Chinese phone maker Huawei amid U.S. government criticism of the phone maker, according to people familiar with the matter.

The U.S. retail giant will stop selling all Huawei phones, laptops, and smartwatches in the coming weeks, they said. In addition, Best Buy won’t sell phones under the Honor brand, a Huawei subsidiary that was supposed to help the Chinese phone maker sell in lower-cost smartphone markets globally, including in the U.S.

Best Buy follows U.S. mobile-phone carriers AT&T Inc. and Verizon Communications Inc. in distancing themselves from Huawei, which has come under scrutiny by U.S. officials concerned about whether the company is too closely affiliated with the Chinese government.

After the top two U.S. carriers decided not to go forward with Huawei devices, the company began selling its latest phone, the Mate 10 Pro, directly to consumers, through outlets like Best Buy and Inc. The device is still available on Best Buy’s website, but the retail giant won’t purchase new supply from Huawei and will stop selling the phone in the coming weeks, said the people, who asked not to be identified because the retailer’s action isn’t yet public.


This is quite weird. Gurman says it’s also going to stop selling Huawei laptops and smartwatches, though that’s probably not going to hurt as much.
link to this extract

Bannon oversaw Cambridge Analytica’s collection of Facebook data, says former employee • The Washington Post

Craig Timberg, Karla Adam and Michael Kranish:


The data and analyses that Cambridge Analytica generated in this time provided discoveries that would later form the emotionally charged core of Trump’s presidential platform, said Wylie, whose disclosures in news reports over the past several days have rocked both his onetime employer and Facebook.

“Trump wasn’t in our consciousness at that moment; this was well before he became a thing,” Wylie said. “He wasn’t a client or anything.”

The year before Trump announced his presidential bid, the data firm already had found a high level of alienation among young, white Americans with a conservative bent.

In focus groups arranged to test messages for the 2014 midterms, these voters responded to calls for building a new wall to block the entry of illegal immigrants, to reforms intended to “drain the swamp” of Washington’s entrenched political community and to thinly veiled forms of racism toward African Americans called “race realism,” he recounted.

The firm also tested views of Russian President Vladimir Putin.

“The only foreign thing we tested was Putin,” he said. “It turns out, there’s a lot of Americans who really like this idea of a really strong authoritarian leader and people were quite defensive in focus groups of Putin’s invasion of Crimea.”


link to this extract

The machine learning reproducibility crisis • Pete Warden’s blog

Warden was CTO at a company called Jetpac, which did some amazing deep learning stuff on Instagram photos and then on-device recognition of photo contents. Then Google bought Jetpac and now he’s shoulder-deep in machine learning stuff there:


In many real-world cases, the researcher won’t have made notes or remember exactly what she did, so even she won’t be able to reproduce the model. Even if she can, the frameworks the model code depend on can change over time, sometimes radically, so she’d need to also snapshot the whole system she was using to ensure that things work. I’ve found ML researchers to be incredibly generous with their time when I’ve contacted them for help reproducing model results, but it’s often months-long task even with assistance from the original author.

Why does this all matter? I’ve had several friends contact me about their struggles reproducing published models as baselines for their own papers. If they can’t get the same accuracy that the original authors did, how can they tell if their new approach is an improvement? It’s also clearly concerning to rely on models in production systems if you don’t have a way of rebuilding them to cope with changed requirements or platforms. At that point your model moves from being a high-interest credit card of technical debt to something more like what a loan-shark offers. It’s also stifling for research experimentation; since making changes to code or training data can be hard to roll back it’s a lot more risky to try different variations, just like coding without source control raises the cost of experimenting with changes.

It’s not all doom and gloom, there are some notable efforts around reproducibility happening in the community. One of my favorites is the TensorFlow Benchmarks project Toby Boyd’s leading. He’s made it his team’s mission not only to lay out exactly how to train some of the leading models from scratch with high training speed on a lot of different platforms, but also ensures that the models train to the expected accuracy. I’ve seen him sweat blood trying to get models up to that precision, since variations in any of the steps I listed above can affect the results and there’s no easy way to debug what the underlying cause is, even with help from the authors. It’s also a never-ending job, since changes in TensorFlow, in GPU drivers, or even datasets, can all hurt accuracy in subtle ways.


link to this extract

Google wants publishers to get users’ consent on its behalf to comply with EU privacy law • WSJ

Lara O’Reilly:


Alphabet Inc.’s Google will ask web publishers to obtain consent on its behalf to gather personal information on European users and target ads at them using Google’s systems, according to people familiar with the matter, part of a plan to comply with a coming data-privacy law in Europe.

Under the European Union’s forthcoming General Data Protection Regulation, which goes into effect on May 25, global companies will be required to obtain consent from European users to gather their personal information in many cases, and be more transparent about the data they collect and how it is used.

Companies found in violation of the sweeping regulation, known as GDPR, will face fines of up to 4% of their annual global revenue. Google is poised to announce its steps toward compliance for its ad-technology platforms as early as this week, the people familiar with the matter said.

The company will be gathering consent from users itself for data-usage on its own properties such as, Gmail and YouTube. But when it comes to third-party websites and apps that use Google’s ad technology to sell ads, the tech giant wants those publishers to be responsible for obtaining consent…

…It’s important for Google to get its GDPR strategy right. In January, Deutsche Bank analyst Lloyd Walmsley wrote in a research note that the GDPR could trim Google’s global revenue by 2 percentage points, should 30% of European users opt-out of some data sharing.

“GDPR is on the minds of most of us in the industry,” Sridhar Ramaswamy, Google’s senior vice president of ads and commerce, said Wednesday on stage at an ad-industry conference in London.

Google hasn’t yet briefed many publishers on its forthcoming plans. But people with some knowledge of Google’s plans said publishers might be concerned that by mandating through policy that publishers obtain consent on its behalf, Google is seeking different treatment from publishers’ other ad tech partners.


Suggestion from those in the know is that this isn’t going to work. Google is pushing it. The GDPR wave is just beginning.
link to this extract

Changes to improve your Instagram feed • Instagram


We’ve heard it can feel unexpected when your feed refreshes and automatically bumps you to the top. So today we’re testing a “New Posts” button that lets you choose when you want to refresh, rather than it happening automatically. Tap the button and you’ll be taken to new posts at the top of feed — don’t tap, and you’ll stay where you are. We hope this makes browsing Instagram much more enjoyable.

Based on your feedback, we’re also making changes to ensure that newer posts are more likely to appear first in feed. With these changes, your feed will feel more fresh, and you won’t miss the moments you care about. So if your best friend shares a selfie from her vacation in Australia, it will be waiting for you when you wake up.


What would make browsing Instagram much more enjoyable would be if posts appeared in reverse chronological order, newest at the top, always.

This is a step towards that; maybe if enough people mash that button, then they’ll move to a time-based timeline.
link to this extract

It certainly looks bad for Uber • Brad Ideas

Brad Templeton is a self-driving car consultant:


Above I have included a brightened frame from 3 seconds into the video. It is the first frame in which the white running shoes of the victim are visible in the dashcam video. They only appear then because she is previously in darkness, crossing at a poorly lit spot, and the headlamps finally illuminate her. Impact occurs at about 4.4 seconds (if the time on the video is right.)

She is crossing, we now see, at exactly this spot where two storm drains are found in the curb. It is opposite the paved path in the median which is marked by the signs telling pedestrians not to cross at this location. She is walking at a moderate pace.

The road is empty of other cars. Here are the big issues:

• On this empty road, the LIDAR is very capable of detecting her. If it was operating, there is no way that it did not detect her 3 to 4 seconds before the impact, if not earlier. She would have come into range just over 5 seconds before impact.
• On the dash-cam style video, we only see her 1.5 seconds before impact. However, the human eye and quality cameras have a much better dynamic range than this video, and should have also been able to see her even before 5 seconds. From just the dash-cam video, no human could brake in time with just 1.5 seconds warning. The best humans react in just under a second, many take 1.5 to 2.5 seconds.
• The human safety driver did not see her because she was not looking at the road. She seems to spend most of the time before the accident looking down to her right, in a style that suggests looking at a phone.
• While a basic radar which filters out objects which are not moving towards the car would not necessarily see her, a more advanced radar also should have detected her and her bicycle (though triggered no braking) as soon as she entered the lane to the left, probably 4 seconds before impact at least. Braking could trigger 2 seconds before, in theory enough time.)

To be clear, while the car had the right-of-way and the victim was clearly unwise to cross there, especially without checking regularly in the direction of traffic, this is a situation where any properly operating robocar following “good practices,” let alone “best practices,” should have avoided the accident regardless of pedestrian error.


The videos (external view, interior view) are alarming, and disturbing. The lighting is terrible – though it’s hard to tell what a (driving) human would have seen; our eyes adapt to darkness in ways that cameras don’t.

But the LIDAR failure is astonishing. Google has described early self-driving tests where the SDC stopped in a forest because it detected a deer at the side of the road. This fatality could be due to LIDAR failure. But if that can happen without alarms going off, it’s just as bad, if not worse, than anything else.
link to this extract

The Ikea manual of the future looks amazing • Fast Company

Mark Wilson:


Sure, Ikea’s ubiquitous instruction manuals look so simple and friendly, but translating the schematics from the page into real life can be challenging.

A designer named Adam Pickard has shown us a better way. He imagined that Ikea’s instructions were rendered in augmented reality–much like the company allows you to preview a couch in your living room today with its AR app.

Using 3D modeling and a bit of post-production trickery, he created a concept called AssembleAR. It’s a high fidelity vision for an app that could place Ikea’s wireframe build instructions right onto your living room floor. After scanning the barcode on the box, you could literally lay the step-by-step models right next to your actual built project.

In principle, this AR effect shouldn’t be all that much of an improvement over good old paper instructions. But in rendered reality, the little nuances, like animated bolts and screws twisting into place, seem like they could do wonders to eliminate those half-guess moments that seem so intrinsic to building a piece of furniture on your own.


Except it’s not definitely the manual of the future, is it? Not a great headline. But a nice use of AR.
link to this extract

‘It’s got me’ – lonely death of Soviet scientist poisoned by novichok • The Guardian

Andrew Roth and Tom McCarthy:


Before former spy Sergei Skripal and his daughter Yulia collapsed on a park bench in Salisbury on 4 March, the only other person confirmed to suffer the effects of novichok was a young Soviet chemical weapons scientist.

“Circles appeared before my eyes: red and orange. A ringing in my ears, I caught my breath. And a sense of fear: like something was about to happen,” Andrei Zheleznyakov told the now-defunct newspaper Novoye Vremya, describing the 1987 weapons lab incident that exposed him to a nerve agent that would eventually kill him. “I sat down on a chair and told the guys: ‘It’s got me.’”

By 1992, when the interview was published, the nerve agent had gutted Zheleznyakov’s central nervous system. Less than a year later he was dead, after battling cirrhosis, toxic hepatitis, nerve damage and epilepsy.

But by deciding to go public, he joined those blowing the whistle on a chemical weapons programme that was still charging forward years after George Bush and Mikhail Gorbachev signed the 1990 US–Soviet Chemical Weapons Accord in which each pledged to halt the production of chemical weapons.

Despite Zheleznyakov’s role in creating a binary of a nerve agent believed to be more potent than the deadly VX nerve agent, he remains a hero to some.

“He gave all the information – I couldn’t do that at the time,” said Vil Mirzayanov, a chemical weapons scientist put on trial in Russia for first revealing the existence of the novichok programme, speaking to the Guardian at his home in Princeton, New Jersey. “He was not afraid because he knew his days were numbered.”

Zheleznyakov was never prosecuted, but he could not outrun the poison. He lost the ability to concentrate, Mirzayanov said, and eventually isolated himself.

He died in 1993 of a brain seizure while eating dinner, divorced and childless, largely disgruntled at the perceived indifference shown him by his superiors and journalists.

Russian officials continue to deny ever having such a programme.


Novichoks (it’s a class) are binary agents – you mix two relatively harmless substances together.
link to this extract

A “tamper-proof” currency wallet just got backdoored by a 15-year-old • Ars Technica

Dan Goodin:


For years, executives at France-based Ledger have boasted their specialized hardware for storing cryptocurrencies is so securely designed that resellers or others in the supply chain can’t tamper with the devices without it being painfully obvious to end users. The reason: “cryptographic attestation” that uses unforgeable digital signatures to ensure that only authorized code runs on the hardware wallet.

“There is absolutely no way that an attacker could replace the firmware and make it pass attestation without knowing the Ledger private key,” officials said in 2015. Earlier this year, Ledger’s CTO said attestation was so foolproof that it was safe to buy his company’s devices on eBay.

On Tuesday, a 15-year-old from the UK proved these claims wrong. In a post published to his personal blog, Saleem Rashid demonstrated proof-of-concept code that had allowed him to backdoor the Ledger Nano S, a $100 hardware wallet that company marketers have said has sold by the millions. The stealth backdoor Rashid developed is a minuscule 300-bytes long and causes the device to generate pre-determined wallet addresses and recovery passwords known to the attacker. The attacker could then enter those passwords into a new Ledger hardware wallet to recover the private keys the old backdoored device stores for those addresses.

Using the same approach, attackers could perform a variety of other nefarious actions, including changing wallet destinations and amounts for payments so that, for instance, an intended $25 payment to an Ars Technica wallet would be changed to a $2,500 payment to a wallet belonging to the backdoor developer.


link to this extract

‘Catastrophe’ as France’s bird population collapses due to pesticides • The Guardian

Agence France-Presse:


“The situation is catastrophic,” said Benoit Fontaine, a conservation biologist at France’s National Museum of Natural History and co-author of one of the studies.

“Our countryside is in the process of becoming a veritable desert,” he said in a communique released by the National Centre for Scientific Research (CNRS), which also contributed to the findings.

The common white throat, the ortolan bunting, the Eurasian skylark and other once-ubiquitous species have all fallen off by at least a third, according a detailed, annual census initiated at the start of the century.

A migratory song bird, the meadow pipit, has declined by nearly 70%.

The museum described the pace and extent of the wipe-out as “a level approaching an ecological catastrophe”.

The primary culprit, researchers speculate, is the intensive use of pesticides on vast tracts of monoculture crops, especially wheat and corn.

The problem is not that birds are being poisoned, but that the insects on which they depend for food have disappeared.

“There are hardly any insects left, that’s the number one problem,” said Vincent Bretagnolle, a CNRS ecologist at the Centre for Biological Studies in Chize.

Recent research, he noted, has uncovered similar trends across Europe, estimating that flying insects have declined by 80%, and bird populations has dropped by more than 400m in 30 years.

Despite a government plan to cut pesticide use in half by 2020, sales in France have climbed steadily, reaching more than 75,000 tonnes of active ingredient in 2014, according to European Union figures.

“What is really alarming, is that all the birds in an agricultural setting are declining at the same speed, even ’generalist’ birds,” which also thrive in other settings such as wooded areas, said Bretagnolle.


This has been going on silently for years: older readers might remember how car windscreens and radiator grilles would be covered in dead insects after long journeys in the past. Now? Hardly anything. It’s not because insects are getting better at dodging cars.

I hope this doesn’t turn out to be the most significant story I ever link to.
link to this extract

Errata, corrigenda and ai no corrida: none notified

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

Start Up: Facebook’s zucka culpa, Apple Watch gets hearty, alarming Theranos, Dropbox and avocado?, and more

Deir ez-Zur in Syria: the site of a 2007 Israeli air attack on a suspected Syrian nuclear reactor. Photo by Jeff Werner on Flickr.

A selection of 13 links for you. Not represented on Facebook. I’m @charlesarthur on Twitter. Observations and links welcome.

Inside Israel’s secret raid on Syria’s nuclear reactor • POLITICO


Israel — which, despite having one of the world’s most competent and aggressive intelligence services, the Mossad — nearly missed the fact that North Korea was helping build a nuclear reactor in next-door Syria, a country long viewed by Israel as a dangerous threat.

The American CIA missed it, too, and now, 11 years after Israeli air force jets bombed the clandestine Syrian facility, Israel’s military censor is finally lifting the veil of secrecy and permitting locally based reporters to publish interviews with participants in the operation for the first time. We spoke with dozens of former cabinet ministers, including Prime Minister Ehud Olmert, as well as military and intelligence chiefs and commanders and even some of the pilots who took part in the operation. The codename for the Sept. 6, 2007, raid, conducted near the remote desert city of Deir ez-Zur: “Outside the Box.” Before today, Israel has never officially acknowledged its existence.

Years later, Israeli spooks are still raising bitter questions about the CIA’s intelligence failure. Former Mossad director Tamir Pardo asked in an interview with us: “Where were the Americans? North Korea is a highly important target for them. And it still isn’t clear whether [Syrian President Bashar] Assad was running the nuclear project, or was it the North Koreans?” The former spy chief added that he has some doubts that Syria was going to keep the plutonium, or perhaps it was going to be shipped to North Korea as a supply of which the West would be unaware. “This is a resounding failure by the Americans,” Pardo said.

Pardo’s questions raise another: If one of the best intelligence communities in the world, and certainly the most formidable in the Middle East, could be fooled by North Koreans and Syrians, what might the CIA be missing? That could be true in Korea, in Iran, or almost anywhere on Earth.


The full article details a litany of oversights and wrong assumptions. But the correct action in the end.
link to this extract

I want to share an update on the Cambridge Analytica situation • Facebook

Mark Zuckerberg:


In this case, we already took the most important steps a few years ago in 2014 to prevent bad actors from accessing people’s information in this way. But there’s more we need to do and I’ll outline those steps here:

First, we will investigate all apps that had access to large amounts of information before we changed our platform to dramatically reduce data access in 2014, and we will conduct a full audit of any app with suspicious activity. We will ban any developer from our platform that does not agree to a thorough audit. And if we find developers that misused personally identifiable information, we will ban them and tell everyone affected by those apps. That includes people whose data Kogan misused here as well.

Second, we will restrict developers’ data access even further to prevent other kinds of abuse. For example, we will remove developers’ access to your data if you haven’t used their app in 3 months. We will reduce the data you give an app when you sign in — to only your name, profile photo, and email address. We’ll require developers to not only get approval but also sign a contract in order to ask anyone for access to their posts or other private data. And we’ll have more changes to share in the next few days.

Third, we want to make sure you understand which apps you’ve allowed to access your data. In the next month, we will show everyone a tool at the top of your News Feed with the apps you’ve used and an easy way to revoke those apps’ permissions to your data. We already have a tool to do this in your privacy settings, and now we will put this tool at the top of your News Feed to make sure everyone sees it.

Beyond the steps we had already taken in 2014, I believe these are the next steps we must take to continue to secure our platform.


I knew Facebook would say that this had all been fixed in 2014. (It’s all in the past…) But the new stuff? Signing contracts to ask for access? And he’s still describing it as a “platform”. That’s where the trouble began.

Also: sorry seems to be the hardest word. It doesn’t appear in his post.
link to this extract

Mark Zuckerberg says Facebook will audit thousands of apps after ‘breach of trust’ • The Washington Post

Elizabeth Dwoskin:


After the Tuesday meeting [which neither Zuckerberg nor Sandberg attended], employees posted on social media about how demoralized they felt. In an app for anonymously discussing the workplace, Blind, which requires a corporate email address to join, a Facebook employee posted, “Is this how the downfall of Myspace happened?” Another person wrote, “I just keep thinking about my stock going to zero with all of this.” Others asked for advice about whether they should sell their stock and said they would advise recruits against joining the company.

Behind the scenes, Facebook was in damage-control mode. Lobbyists made the rounds on Capitol Hill. Communications executives sent statements to journalists saying workers and executives, including Zuckerberg, were “outraged” about being deceived. (Little was said about Facebook’s responsibilities except to defend the legality of its actions.)

Meanwhile, Facebook users began to comment that there were no articles about Cambridge Analytica on Facebook’s trending-news feed, a feature that showcases news stories on the right-hand side of the Facebook website, until late Tuesday afternoon. (Articles about Uber and were on the feed for much of the day.) And business case studies about the company’s efforts to assist political campaigns such as those of Barack Obama and Sen. Bernie Sanders (I-Vt.) were no longer indexed on the company’s website.


link to this extract

What the F*** was Facebook thinking? • Medium

James Allworth:


Think about the kind of damage someone with ill-intent could do to you if they had all of this: Your name. Your location. All your friends. Your family. Your work history. Your schooling. Your birthday. Your checkins. Your events. Your hometown. Your likes, photos. Your relationships. Your religion and politics.

And not just for you, but for one a half billion other people. Target’s data breach [of the details of one-third of US adults, in 2013] isn’t even in the ballpark.

At least Target had the decency to attempt to secure their user data from those who wanted to use it in ways that were never intended it when it was given to them. Facebook didn’t even bother. They just gave it away.

But this raises another question: why? Why on earth was Facebook giving away what amounts to the crown jewels for an advertising business: the incredibly valuable user data that allows advertisers to target? If you’re the fastest growing advertising business in the world, it makes no sense.

I don’t believe it was obliviousness to the impact that it might have — although Zuckerberg has demonstrated plenty of that over the years.

Nor do I think it was inept management — though people do forget how strategically inept Facebook was until it was dragged, kicking and screaming, into the mobile era.

The biggest reason?

For the longest period of time, Facebook was an advertising business that dreamed of being something else other than an advertising business. It wanted to be a platform. It was probably driven in part by the fact that, in tech, advertising is a pretty dirty business. And a platform? That’s the gold standard.

And if those are the grand illusions that you’ve got, it’s not your proprietary data that you view as the secret to your success (which you only need to advertise). Instead, it’s developers, and getting them to build on top of your precious platform.

And so began the great five year Facebook data giveaway to developers: If you build your apps on our platform, we’ll give you more user data than you could possibly imagine.

And that’s what happened. As Ben Thompson wrote on Stratechery as far back as 2013, Facebook was so focused on being a platform rather than being an advertising business that it almost missed the boat on mobile. The shift to mobile gave Facebook no choice but to abandon its platform pretensions, and effectively saved the company from itself.


As he also points out, there were a ton of startups built around the idea of relying on access to the social graph data.
link to this extract

Hm, i wonder what Mark Zuckerberg’s up to on Facebook right now • Huffington Post

Ashley Feinberg:


So what’s up with you, Mark Zuckerberg?

Thus far, the Facebook CEO and founder has kept himself out of public view. He didn’t surface at Tuesday’s meeting for Facebook employees, at which they were finally able to ask a company lawyer questions about what the world has learned over the past four days. Neither has he made any sort of public statement, even as Congress has been demanding that he answer for his company’s behavior. So what has Mark Zuckerberg been doing all this time? 

According to Facebook the company, Zuck’s been “working around the clock to get all the facts and take the appropriate action moving forward, because they understand the seriousness of this issue.” According to Facebook the website, however, he’s been busy smashing that “like” button.

Thanks to Facebook’s powerful public search features, we were able to see that Zuckerberg hit the like button on a Saturday morning post [a photo captioned “Winter wonderland”] by Swedish billionaire Daniel Ek.

As well as a post by early Facebook investor Don Graham.

Then, on Monday, he engaged with some precious content once again. 

So what has Mark Zuckerberg been up to? As of right now, the only thing we know definitively is that he’s been scrolling through his feed, liking pics of places he’d rather be.


Shameful. But the method of shaming is 👌
link to this extract

Tech giants face hundreds of millions in new taxes in Europe • WSJ

Natalia Drozdiak and Sam Schechner:


The proposed taxes are among Europe’s most-aggressive measures to target the perceived excesses of a small cadre of tech superpowers, including Facebook Inc. and Alphabet Inc.’s Google, potentially adding hundreds of millions of euros to some tech firms’ tax bills. The U.S. warned last week against imposing tax measures that single out digital companies.

On Wednesday, the European Commission, the bloc’s executive body, outlined an additional tax at 3% of revenue derived from certain digital activities by companies whose annual global revenue exceeds €750 million ($918 million). The tax, which is envisioned as temporary, would apply to services whose value is generated from user involvement, such as social media, ride-hailing or food-delivery platforms, and the selling of targeted ads.

Some U.S. tech giants rake in billions of euros via units in Europe, potentially exposing the firms to steep new taxes under the proposed new 3% levy on digital revenue.

The measure would expire once EU countries implement the commission’s proposal for long-term rules, which would tax profits companies make in countries where they have a significant number of users but might not have a physical presence. A company would have a “taxable digital presence” in a given country if it meets certain criteria, such as more than €7m in revenue or 100,000 users for the year…

…On average, the EU estimates that tech companies pay around 9.5% in tax on their profit on the continent, compared with 23.2% for traditional industries, though tech lobbyists dispute that figure.


All sounds groundbreaking, but an estimate is that this would only raise €4bn across the whole of the EU – which seems a tiny amount for such a dramatic move. Wouldn’t improving tax regimes – and making it harder for companies to shift revenues around – have a bigger effect without all the ructions?
link to this extract

Detecting atrial fibrillation with the Apple Watch: our clinically validated results •


[Cardiogram’s own neural network] DeepHeart has high accuracy [97% ±3%] on detecting atrial fibrillation in a hospital environment. The real world, however, is very different from a hospital bed. Motion, sweat, and sunscreen can cause inaccurate optical heart rate readings. Alcohol consumption and exercise can mask or be mistaken for arrhythmias. The task of detecting atrial fibrillation is much harder.

One measure of real world performance is discussed in the previous section: tuning accuracy on pseudo-ECG labels. In another branch of the experiment, DeepHeart was tasked with predicting self-reported persistent atrial fibrillation. This presented a more challenging task because the labels were not verified by an ECG, and so are less accurate. Furthermore, the task here is to predict users who suffer from atrial fibrillation, rather than to predict episodes of atrial fibrillation.

DeepHeart obtained a c-statistic of 71% (CI 0.64–0.78) on this validation set. This number demonstrates that DeepHeart is able to perform in a real world environment. The drop in c-statistic from 97% (Cardioversions) and 93% (Mobile ECG Tuning Set) to 71% is explained in part by imprecise labels: A patient may self-report atrial fibrillation even when he is not currently experiencing an episode.

In February of this year, we presented early results at the Association for the Advancement of Artificial Intelligence demonstrating that DeepHeart can predict diabetes with a c-statistic of 85%, high blood pressure at 81%, and sleep apnea at 83%. These results indicate that wearable devices can be used for large-scale, low-cost disease screening.

Imagine a world where diabetes can be caught early and reversed through behavioral change, where physicians are empowered by algorithms continuously analyzing troves of user data, and where everyone can benefit from low cost, non-invasive disease screening.


Very interesting – and now with clinical validation.
link to this extract

United Airlines: how bad strategy created a culture that kills puppies • Adam Hartung


The then Chairman of American Airlines received Wall Street Journal front-page coverage for realizing people weren’t eating their olives in first class, so he ordered olives removed from the first class meals. He was cheered for saving $100K. But what folks missed was that he, and his peers leading the airlines, were systematically trying to figure out “how do we offer the least possible service.” By focusing on a strategy of lowering cost, and being doggedly determined in that strategy, soon nothing else mattered.

Today, there are no free meals in coach, and terrible meals in first class. Management angered employees into strikes and multi-year negotiations, beating down compensation and eliminating benefits leading to unhappiness so bad that in 2010 a Jet Blue flight attendant pulled the emergency exit and jumped out of the plane as he quit.

So, all the airlines in America stink. And, many domestic airlines in Europe, such as Ryan Air, have followed suit. The execs keep saying “all customers care about is price.” They use that excuse to create a culture so hostile to employees, and customers, that pretty soon employees are beating up customers and killing family pets (after charging extra to take the pet on the plane) and actually not caring.

Employees have become gestapos for the leadership – which has created a culture in which nobody wins. So flight attendants do as little as possible, because they don’t care about customers any more than leadership does. In 2017, a JetBlue attendant threw a family off flight because their toddler kicked the seat. When a woman complains about a child in seat next to her a Delta attendant throws her off the plane. And just last week when a 2 year old cries during boarding a Southwest attendant throws the child and her father off the plane.


Deregulation led to an oligopoly. Now, customers have no choice. Some of us fly almost every week on business, and it is pure hell. Nobody we deal with, from TSA to airport vendors to airline staff like customers. The culture has become “I’m abused, so you will be abused.” To fly is to succumb to being obsequious to ALL employees in your effort to not anger anyone, for fear they will deny you service. Or, worse, beat you up or kill your pet. But, honestly, there is nothing customers can do about it.
link to this extract

Millennials investing in Spotify and Dropbox IPOs, says Stockpile • CNBC

Ari Levy:


Stockpile, a website that lets people buy stock in the form of gift cards and purchase fractional shares in companies, is fielding a growing number of emails from customers asking when they can buy shares in music streaming service Spotify and software developer Dropbox, said Avi Lele, the start-up’s CEO.

Two-thirds of Stockpile’s account holders are under age 35, and among the most popular stocks for them to buy are Apple, Amazon, Alphabet, Facebook, Tesla and Netflix, Lele said. For Spotify and Dropbox, investors can use Stockpile to order shares when they begin trading, though the purchases won’t go through until the market close that day.

Based on what customers are telling him, Lele expects both offerings to resonate with his audience because they’re popular services that consumers use all the time.

“They’re perfect examples of buying what you know and what you use on a daily basis,” said Lele, who was a lawyer for 15 years before co-founding Stockpile in 2011. “There are a lot of stocks that go public that our audience, and people in general, aren’t that familiar with.”


Being familiar as a user with a company’s product doesn’t make it a good investment.
link to this extract

Reporter’s notebook: the tale of Theranos and the mysterious fire alarm • California Healthline

Jenny Gold had to jump through hoops to try to get an interview with Theranos’s Elizabeth Holmes; first she wanted to speak to people getting its fingerprick test:


I arrived at the Walgreens on the morning of Nov. 4 and was met by two Theranos press representatives who would supervise my visit. I took out my recording equipment (the story was for NPR) and began approaching patients who were waiting in line to check in for testing. Some didn’t want to talk to a reporter, but others were open and gracious, sharing with me the reasons they had decided to give Theranos a try. One couple offered to let me come with them into the small testing room, set up to feel like a relaxing spa.

A pattern quickly emerged — none of the patients I talked to that day could get a finger-prick test, as promised. Instead, they received a regular venous blood draw, the same as I’d received on numerous occasions at my doctor’s office, though the phlebotomist said the needle was slightly smaller.

I asked the phlebotomist: Was this standard? Did most patients get the venous draw? She told me they “did more finger sticks than venous draws,” but couldn’t give me a number. One of the PR people approached me — I was not authorized to talk to the phlebotomist, he said — and asked me to erase the audio I had recorded. I declined.

I asked him: Why were none of the patients getting a finger prick? Just bad luck and timing, he said. This wasn’t how it usually was, he promised. And wouldn’t I just rather get a finger prick myself and report on the experience, as so many other journalists had agreed to do?

I said no. I needed an actual patient to make a compelling radio story. So, I continued waiting for other patients.

Soon, the two Theranos representatives approached me again — with a third on the phone, who said she wanted to talk to me. They were getting complaints about my asking patients questions, she told me. The main Theranos office had gotten several calls from people who had been in the Walgreens that morning, she claimed, complaining that a reporter was bothering them.

I hadn’t pressured anyone. The patients I’d interviewed had all been perfectly friendly and willing. I’ve also been a health reporter for 10 years, and never have I been told I was pushing patients to do something that made them uncomfortable.


Then things got weirder.
link to this extract

Spotify for brands: what is the value of streaming data? • Spotify

Spotify has a page in which Adam Bly, VP of data – who formerly worked at the big data company Seed Scientific – is interviewed by someone or other for the company. He gave his talk in 2017.


At Cannes, you’ll be demonstrating what this research can reveal about individual users. Can you give a hint of what we might expect?

So the first generation of user understanding for Spotify had been about knowing what people like at a very high level, in terms of their affinity for certain genres and artists. If you start from that premise—that we have best-in-class (and always-improving) understanding of music taste and now want to go deeper—then the next thing to look at is: How does that taste change in time and space?

One thing that’s really interesting to understand is how much a user forms routine. Are there times in the day, for a certain individual, where a certain kind of music, or a certain kind of listening, is really important to them? Are they the the kind of person who has a very specific weekday behavior, so Sunday is noticeably different than the rest of the week? For the first time, we’re really starting to see these musical journeys at an individual level.

How does the research benefit Spotify as a product? And how can it benefit brands and marketers?

Within the product, we are working to set the standard for state-of-the-art personalization. That doesn’t mean just getting a general sense of your taste spot on—it means being able to truly soundtrack your life in a profoundly meaningful way. This takes us to another level in making the product experience more relevant to our users.

Of course, as the product is more relevant to our users, it becomes ever more valuable to brands. They can use Spotify to interact with those users in moments that could be mutually beneficial to both the brand and the user. That’s sort of the Holy Grail of advertising.

What all of this data affords Spotify is the opportunity to create a level of ad personalization that is quite unprecedented. It stems from what we can learn about our users, and what we can express to brands anonymously, so they can craft the right strategy and creative, and present the right message to the right user at the right time.


But we’re all concerned about companies capturing data now, correct?
link to this extract

YouTube will ‘frustrate’ some users with ads so they pay for music • Bloomberg

Lucas Shaw:


YouTube has tried to sell its users paid music services in the past, with little to show for it. Most of those efforts predate [new Google global head of music Lyor] Cohen, who joined YouTube in 2016 after about 30 years in the record business, including stints as a road manager for Run-DMC and a senior executive at Warner Music Group.

This time will be different, Cohen says. The new service, which is already being used by thousands of Google employees, will “frustrate and seduce” users of YouTube’s free service. It will include exclusive videos, playlists and other offerings that will appeal to die-hard music fans. YouTube has already been funding the production of videos, taking fans behind-the-scenes with artists like rapper G-Eazy and Cuban-American singer Camila Cabello.

The new approach marks a big cultural shift for YouTube and its parent. Google, a division of Alphabet Inc., has sustained the most popular video site and search engine in the world by prioritizing free, easy-to-use services.

Cohen said he prevailed upon his colleagues and bosses to make some changes to “be good partners” to the music industry. They will “smoke out” people who can afford to pay for a subscription and shepherd them to the new service.

“There’s a lot more people in our funnel that we can frustrate and seduce to become subscribers,” Cohen said. “Once we do that, trust me, all that noise will be gone and articles people write about that noise will be gone.”


This comes after years and years of criticism from the music business that YouTube was effectively letting people listen for free to music (via gigantic playlists of videos) but with a colossally low payout rate compared to streaming services.

Be very interested to see (a) whether it works (b) what numbers Google releases about it. The music industry should see any effect: it’ll be clear from royalty payments.
link to this extract

Ditch all those other messaging apps: here’s why you should use Signal • Wired

Jordan McMahon:


Signal looks and works a lot like other basic messaging apps, so it’s easy to get started. It’s especially convenient if you have friends and family overseas because, like iMessage and WhatsApp, Signal lets you sidestep expensive international SMS fees. It also supports voice and video calls, so you can cut out Skype and FaceTime. Sure, you don’t get fancy stickers or games like some of the competition, but you can still send pictures, videos, and documents. It’s available on iOS, Android, and desktop.

But plenty of apps have all that stuff. The thing that actually makes Signal superior is that it’s easy to ensure that the contents of every chat remain private and unable to be read by anyone else. As long as both parties are using the app to message each other, every single message sent with Signal is encrypted. Also, the encryption Signal uses is available under an open-source license, so experts have had the chance to test and poke the app to make sure it stays as secure as what’s intended.

If you’re super concerned about messages being read by the wrong eyes, Signal lets you force individual conversations to delete themselves after a designated amount of time. Signal’s security doesn’t stop at texts. All of your calls are encrypted, so nobody can listen in. Even if you have nothing to hide, it’s nice to know that your private life is kept, you know, private.

Yes, this list of features sounds a lot like WhatsApp. It’s true, the Facebook-owned messaging app has over a billion users, offers most of the same features, and even employs Signal’s encryption to keep chats private. But WhatsApp raises a few concerns that Signal doesn’t. First, it’s owned by Facebook, a company whose primary interest is in collecting information about you to sell you ads. That alone may steer away those who feel Facebook already knows too much about us. Even though the content of your WhatsApp messages are encrypted, Facebook can still extract metadata from your habits, like who you’re talking to and how frequently.

Still, if you use WhatsApp, chances are you already know a lot of other people who are using it. Getting all of them to switch to Signal is highly unlikely. And you know, that’s OK—WhatsApp really is the next-best option to Signal.


Signal is definitely a good app. It became the de facto comms tool for the Clinton campaign – which, unlike John Podesta’s personal email inbox, wasn’t hacked.
link to this extract

Errata, corrigenda and ai no corrida: earlier this week there was a suggestion that Sierra Leone had run sorta kinda the world’s first blockchain election. The update: nope, not really.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

Start Up: Facebook’s problems deepen, the illegal blockchain?, WileyFox lives!, Apple’s FaceID lead, and more

Venezuela’s currency now has a crypto sibling – apparently helped by Russia. Photo by Ammon Beckstrom on Flickr.

A selection of 12 links for you. Quite Facebooky. I’m @charlesarthur on Twitter. Observations and links welcome.

Child abuse imagery found within bitcoin’s blockchain • The Guardian

Samuel Gibbs:


German researchers have discovered unknown persons are using bitcoin’s blockchain to store and link to child abuse imagery, potentially putting the cryptocurrency in jeopardy.

The blockchain is the open-source, distributed ledger that records every bitcoin transaction, but can also store small bits of non-financial data. This data is typically notes about the trade of bitcoin, recording what it was for or other metadata. But it can also be used to store links and files.

Researchers from the RWTH Aachen University, Germany found that around 1,600 files were currently stored in bitcoin’s blockchain. Of the files least eight were of sexual content, including one thought to be an image of child abuse and two that contain 274 links to child abuse content, 142 of which link to dark web services.

“Our analysis shows that certain content, eg, illegal pornography, can render the mere possession of a blockchain illegal,” the researchers wrote. “Although court rulings do not yet exist, legislative texts from countries such as Germany, the UK, or the USA suggest that illegal content such as [child abuse imagery] can make the blockchain illegal to possess for all users.”

“This especially endangers the multi-billion dollar markets powering cryptocurrencies such as bitcoin.”

While the spending of bitcoin does not necessarily require a copy of the blockchain to facilitate, some processes, such as some mining techniques, require the downloading of the full blockchain or chunks of it.


link to this extract

Exclusive: Russia secretly helped Venezuela launch a cryptocurrency to evade US sanctions • Time

Simon Shuster:


Ever since 2014, when the US and its allies used sanctions to punish Russia for invading parts of Ukraine, the Russian elites have been desperate to get those sanctions lifted and, in the long term, to weaken the West’s ability to impose them in the future. One of the core aims of these efforts, as Putin outlined in a policy paper on global trade that was published in September, is to “overcome the excessive dominance” of Western currencies, and especially the dollar.

Putin’s advisers have been more open about their ultimate aim: “The reign of the dollar must end,” Andrei Kostin, the head of state-controlled VTB, Russia’s second-largest bank, said in a speech last month in Moscow, calling on Russia to promote other currencies for use in international trade. “This whip that the Americans use in the form of the dollar would then, to a great extent, not have such a serious impact on the global financial system.”

While not as ambitious as the Russian attempt in 2016 to influence the US presidential election, the Kremlin’s move into cryptocurrencies reveals another layer of ingenuity in its struggle against what Putin’s advisers have called the US “hegemony” in global affairs. The use of cryptocurrencies could, at least in theory, hurt the US ability to control the flow of money in and out of sanctioned countries, thus chipping away at one of most powerful means of US influence around the world…

…instead of putting the ruble at risk, Russia encouraged its ally in Latin America to run the experiment on itself, the banker says. “Venezuela has nothing to lose. For them it’s the only chance.” Indeed, the value of the Venezuelan currency, the bolivar, has been decimated by official mismanagement and the impact of US sanctions, which were imposed last year to punish Maduro for his deepening authoritarianism. The crisis has also made Maduro’s regime deeply dependent on Russia for loans and investments.

“So Russia made its stronghold here in Venezuela,” says Armando Armas, an opposition member of the nation’s parliament, the National Assembly, which has tried in vain to block the creation of the petro. “Now they are using Venezuela as a guinea pig for their experiment,” Armas tells TIME by phone from Caracas.


The dollar collapsing due to China and Russia and others creating an alternative currency is the starting point for Lionel Shriver’s “The Mandibles”. And here’s Russia trying to make that a true story.
link to this extract

How a self-driving Uber killed a pedestrian in Arizona • The New York Times

Troy Griggs and Daisuke Wakabayashi:


The car, a Volvo XC90 sport utility vehicle outfitted with Uber’s sensor system, was in autonomous mode when it struck Elaine Herzberg, a 49-year-old woman, around 10 p.m. on Sunday. There was a human safety driver at the wheel, but the car was carrying no passengers.

The vehicle was doing about 40 miles per hour on a street with a 45 m.p.h. speed limit when it struck Ms. Herzberg, who was walking her bicycle across the street, according to the Tempe police.

Officials also said that it did not appear as though the car had slowed down before impact and that the Uber safety driver had shown no signs of impairment. The weather was clear and dry.

The accident was a reminder that self-driving technology is still in the experimental stage, as Silicon Valley giants, major automakers and other companies race to develop vehicles that can drive on their own. Governments, for their part, are still trying to figure out how to regulate the technology, and a patchwork of rules are currently in place around the country.

Uber’s self-driving program first started in Pittsburgh in Sept. 2016, and extended to Tempe in Feb. 2017.


Earlier reports suggested the car was doing 38mph in a 35mph zone, which would be breaking the law. The 40mph in a 45mph zone is more believable. The police have suggested that a human driver might not have been able to stop – but that’s not the point; SDCs are meant to have better systems and reactions than humans.
link to this extract

Cambridge Analytica says it won the election for Trump. Here’s what it’s actually talking about • Buzzfeed

Craig Silverman:


A pro-Trump super PAC funded by the billionaire Mercer family used Cambridge Analytica to help it generate millions of views for dark posted Facebook ads that aggressively attacked Hillary Clinton during the fall of 2016.

BuzzFeed News examined 27 dark posted ads from the Defeat Crooked Hillary Facebook page, which was run by the Make America Number One super PAC. (A dark posted ad looks like a post from a Facebook page but does not show up on a page’s public timeline and is only seen by the users it was targeted to reach.)

The video ads — which were directed at specific audience segments on Facebook — pushed themes of Clinton’s corruption, her supposed failing health, and referred to her as “the most corrupt politician of our time” while suggesting she “might be the first president to go to jail.”

Make America Number One paid more than $1.2m to Cambridge Analytica during the 2016 election cycle for services including campaign management consulting, web services, and “data acquisition services,” according to filings with the Federal Election Commission. The PAC did not disclose exactly what ads the firm worked on, or the specifics of the data and targeting services it provided. But Cambridge Analytica won an award and has previously taken credit for at least one of the PAC’s ads, which featured Michelle Obama and resulted in cease and desist letters from the Clinton campaign, as well as low ratings from fact-checkers.

Both Cambridge Analytica and Make America Number One are financed by Robert and Rebekah Mercer, who backed Donald Trump in the general election.


link to this extract

Exclusive: Mark Zuckerberg AWOL from Facebook’s data leak damage control session • Daily Beast

Spencer Ackerman:


It’s not just that he’s silent in public. Facebook CEO and co-founder Mark Zuckerberg declined to face his employees on Tuesday to explain the company’s role in a widening international scandal over the 2016 election.

Facebook employees on Tuesday got the opportunity for an internal briefing and question-and-answer session about Facebook’s role with the Trump-aligned data firm Cambridge Analytica. It was the first the company held to brief and reassure employees after, ahead of damaging news reports, Facebook abruptly suspended Cambridge Analytica. The Q&A session was first reported by The Verge.

But Zuckerberg himself wasn’t there, The Daily Beast has learned. Instead, the session was conducted by a Facebook attorney, Paul Grewal, according to a source familiar with the meeting. That was the same approach the company used on Capitol Hill this past fall, when it sent its top attorney, Colin Stretch, to brief Congress about the prevalence of Russian propaganda, to include paid ads and inauthentic accounts, on its platform.

Nor, The Daily Beast has learned, did chief operating officer Sheryl Sandberg attend the internal town hall.


I’m sure this is going to be just fine. He’s only been instructed to appear by the FTC in the US and the select committee of MPs for Culture, Media And For Some Reason Sport in the UK.

(Facebook later issued a statement: “Mark, Sheryl and their teams are working around the clock to get all the facts and take the appropriate action moving forward, because they understand the seriousness of this issue,” the statement said. “The entire company is outraged we were deceived. We are committed to vigorously enforcing our policies to protect people’s information and will take whatever steps are required to see that this happens.”)
link to this extract

October 2010: Facebook in online privacy breach; applications transmitting identifying information • WSJ

Emily Steel and Geoffrey Fowler, in October 2010:


Many of the most popular applications, or “apps,” on the social-networking site Facebook Inc. have been transmitting identifying information—in effect, providing access to people’s names and, in some cases, their friends’ names—to dozens of advertising and Internet tracking companies, a Wall Street Journal investigation has found.

The issue affects tens of millions of Facebook app users, including people who set their profiles to Facebook’s strictest privacy settings. The practice breaks Facebook’s rules, and renews questions about its ability to keep identifiable information about its users’ activities secure.

The problem has ties to the growing field of companies that build detailed databases on people in order to track them online—a practice the Journal has been examining in its What They Know series. It’s unclear how long the breach was in place. On Sunday, a Facebook spokesman said it is taking steps to “dramatically limit” the exposure of users’ personal information.

“A Facebook user ID may be inadvertently shared by a user’s Internet browser or by an application,” the spokesman said. Knowledge of an ID “does not permit access to anyone’s private information on Facebook,” he said, adding that the company would introduce new technology to contain the problem identified by the Journal.


I’m sure it’s they all made this just fine.
link to this extract

How Facebook Groups are being exploited to spread misinformation, plan harassment, and radicalize people • Buzzfeed

Craig Silverman:


One week after the mass shooting in Parkland, Florida, those searching on Facebook for information about the upcoming March for Our Lives were likely to be shown an active group with more than 50,000 members.

Called “March for Our Lives 2018 Official,” it appeared to be one of the best places to get details about the event and connect with others interested in gun control. But those who joined the group soon found themselves puzzled. The admins often posted pro-gun information and unrelated memes and mocked those who posted about gun control.

“I’m a retired federal law enforcement special agent. There is and never has been any reason for a civilian to have a high-capacity high velocity weapon,” posted one member on Feb. 20.

“Shutup fed and stop trying to spread your NWO BS,” was the top reply, which came from one of the group’s admins. (NWO is a reference to the “new world order” conspiracy theory.)

A few days later the group’s name was changed to “Kim Jong Un Fan Club,” and members continued to wonder what was going on.

The simple answer is they were being trolled. The more complicated one is that while Facebook groups may offer a positive experience for millions of people around the world, they have also become a global honeypot of spam, fake news, conspiracies, health misinformation, harassment, hacking, trolling, scams, and other threats to users, according to reporting by BuzzFeed News, findings from researchers, and the recent indictment of 13 Russians for their alleged efforts to interfere in the US election.


I’m sure it’s all going to be just fine.
link to this extract

Facebook’s surveillance machine • The New York Times

Zeynep Tufekci:


If Facebook failed to understand that this data could be used in dangerous ways, that it shouldn’t have let anyone harvest data in this manner and that a third-party ticking a box on a form wouldn’t free the company from responsibility, it had no business collecting anyone’s data in the first place. But the vast infrastructure Facebook has built to obtain data, and its consequent half-a-trillion-dollar market capitalization, suggest that the company knows all too well the value of this kind of vast data surveillance.

Should we all just leave Facebook? That may sound attractive but it is not a viable solution. In many countries, Facebook and its products simply are the internet. Some employers and landlords demand to see Facebook profiles, and there are increasingly vast swaths of public and civic life — from volunteer groups to political campaigns to marches and protests — that are accessible or organized only via Facebook.

The problem here goes beyond Cambridge Analytica and what it may have done. What other apps were allowed to siphon data from millions of Facebook users? What if one day Facebook decides to suspend from its site a presidential campaign or a politician whose platform calls for things like increased data privacy for individuals and limits on data retention and use? What if it decides to share data with one political campaign and not another? What if it gives better ad rates to candidates who align with its own interests?

A business model based on vast data surveillance and charging clients to opaquely target users based on this kind of extensive profiling will inevitably be misused.


link to this extract

Apple grabs two-year lead in 3D sensing race • Reuters

Sonam Rai and Stephen Nellis:


Tech research house Gartner predicts that by 2021, 40% of smartphones will be equipped with 3D cameras, which can also be used for so-called augmented reality, or AR, in which digital objects cling tightly to images of the real world.

“This kind of functionality is going to be very important for AR,” said Gartner analyst Jon Erensen. “I think that is something where you don’t want to get left behind.”

According to parts manufacturers Viavi Solutions Inc, Finisar Corp and Ams AG, bottlenecks on key parts will mean mass adoption of 3D sensing will not happen until next year, disappointing earlier expectations.

That means that China’s Huawei, Xiaomi and others could be a total of almost two years behind Apple, which launched Face ID with its iPhone X anniversary phone last September.

In particular, Android producers are struggling to source vertical-cavity surface-emitting lasers, or VCSELs, a core part of Apple’s Face ID hardware.

“It is going to take them a lot of time, the Android-based customers, to secure capacity throughout the whole supply chain,” said Bill Ong, senior director of investor relations from Viavi, seen as the only major supplier of optical filters needed for the 3D sensing modules.


No doubting that the iPhone X has driven a big bump in sales at the top end for Apple. Along with the OLED and the removal of the home button, it’s a whole different phone from its predecessors. The Android rivals aren’t quite making that leap. FaceID was part of a bigger change.
link to this extract

Telegram loses bid to block Russia from encryption keys • Bloomberg

Ilya Khrennikov:


Supreme Court Judge Alla Nazarova on Tuesday rejected Telegram’s appeal against the Federal Security Service, the successor to the KGB spy agency which last year asked the company to share its encryption keys. Telegram declined to comply and was hit with a fine of $14,000. Communications regulator Roskomnadzor said Telegram now has 15 days to provide the encryption keys.

Telegram, which is in the middle of an initial coin offering of as much as $2.55bn, plans to appeal the ruling in a process that may last into the summer, according to the company’s lawyer, Ramil Akhmetgaliev. Any decision to block the service would require a separate court ruling, the lawyer said.

“Threats to block Telegram unless it gives up private data of its users won’t bear fruit. Telegram will stand for freedom and privacy,” Pavel Durov, the company’s founder, said on his Twitter page.

Putin signed laws in 2016 on fighting terrorism, which included a requirement for messaging services to provide the authorities with means to decrypt user correspondence. Telegram challenged an auxiliary order by the Federal Security Service, claiming that the procedure doesn’t involve a court order and breaches constitutional rights for privacy, according to documents.

The security agency, known as the FSB, argued in court that obtaining the encryption keys doesn’t violate users’ privacy because the keys by themselves aren’t considered information of restricted access. Collecting data on particular suspects using the encryption would still require a court order, the agency said.


That’s not looking good for Telegram users. On the other hand: Telegram is known as the recruiting base for a lot of extremist groups (Isis was a favourite).
link to this extract

Risks in IAB Europe’s proposed consent mechanism • PageFair

Johnny Ryan points to problems with the upcoming collision of the EU’s GDPR data protection regime and the desperate attempts by ad-tech companies to stick with their old business model:


The ad-tech companies who drafted the IAB [Internet Advertising Bureau] Europe proposal claim that “publishers have full control over who they partner with, who they disclose to their users and who they obtain consent for.” But the IAB Europe documentation shows that adtech companies would remain entirely free to trade the personal data with their business partners if they wish. The proposed system would share a unique consent record “throughout the online advertising ecosystem”, every time an ad is loaded on a website:


“the OpenRTB request [from a website to an ad exchange] will contain the entire DaisyBit [a persistent cookie], allowing a vendor to see which other vendors are an approved vendor or a publisher and whether they have obtained consent (and for which purposes) and which have not.”


There would be no control over what happens to personal data once they enter the RTB system: “[adtech] vendors may choose not to pass bid requests containing personal data to other vendors who do not have consent”. This is a critical problem, because the overriding commercial incentive for many of the companies involved is to share as many data with as many partners as possible, and to share it with parent companies that run data brokerages. In addition, publishers are expected to trust that JavaScript in “ad creatives” is not dropping trackers, even though no tools to police this are proposed here.

IAB Europe is asking publishers and brands to expose themselves to the legal risk of routinely sharing these personal data with several thousand adtech companies. What publishers and brands need is a “trust no one” approach. IAB Europe is proposing a “trust everyone” approach. Indeed, the proposed system looks like the GDPR’s description of a data breach…


Someone’s going to be in trouble with this.
link to this extract

Wileyfox is back: new handsets arriving this year and more good news for owners • TechRadar

John McCann:


another British phone-maker, STK, has agreed a licensing deal with the Wileyfox Group to sell the firm’s handsets in the UK, Europe and South Africa.

STK isn’t just selling the handsets though – it’ll also be offering after-sales care and services, including customer support.

There’s more good news for current Wileyfox owners too, as STK will honour warranties that are still in date, ensuring that you have the support you need if your phone develops a fault.

STK will sell the Wileyfox Swift 2, Swift 2 Plus and Swift 2 X, and it’s currently planning a roadmap to launch new Wileyfox handsets in the second half of 2018.

It’s also working on rolling out the Android 8.1 update to existing Swift 2 range of devices within the next three weeks, ensuring that customers are up to date with the latest software.

There’s more too, as STK is adapting its STK Care app, which provides 24/7 live chat support for users directly on their device, for Wileyfox devices, giving owners a direct point of contact if they run into any trouble with their phone.

TechRadar spoke exclusively to Henri Salameh, STK’s Commerical Director, who told us: “What we saw was a good opportunity to not only to continue the production of the Wileyfox handsets and reinstate after-sale and warranty support, but also to save jobs in UK and Europe while merging two strong UK brands together to operate under one roof.”

STK already has its own smartphone portfolio, but Salameh said it plans to keep the two brands separate as they complement each other.


link to this extract

Errata, corrigenda and ai no corrida: none notified

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

Start Up: Facebook’s woeful failures, unsentimental sentiment analysis, location-location-location?, and more

A self-driving Uber car: a pedestrian’s death means the safety debate is now serious. Photo by Eddie Codel on Flickr.

A selection of 15 links for you. Hands on the wheel, eyes on the road. I’m @charlesarthur on Twitter. Observations and links welcome.

Facebook security chief said to leave after clashes over disinformation • The New York Times

Nicole Perlroth, Sheera Frenkel and Scott Shane:


Facebook’s chief information security officer, Alex Stamos, will leave the company after internal disagreements over how the social network should deal with its role in spreading disinformation, according to current and former employees briefed on the matter.

Mr. Stamos had been a strong advocate inside the company for investigating and disclosing Russian activity on Facebook, often to the consternation of other top executives, including Sheryl Sandberg, the social network’s chief operating officer, according to the current and former employees, who asked not to be identified discussing internal matters.

After his day-to-day responsibilities were reassigned to others in December, Mr. Stamos said he would leave the company. He was persuaded to stay through August to oversee the transition of his duties because executives thought his departure would look bad, the current and former employees said. He has been overseeing the transfer of his security team to Facebook’s product and infrastructure divisions. His group, which once had 120 people, now has three, the current and former employees said.

Mr. Stamos would be the first high-ranking employee to leave Facebook since controversy erupted over disinformation on its site. His departure is a sign of heightened leadership tensions at the company.


Where is Zuckerberg in all this? One expects he’ll pop up in a day or two, or post some big screed on his Facebook page. The longer he waits, the more directions the story splinters into.
link to this extract

Facebook and the endless string of worst-case scenarios • TechCrunch

Josh Constine:


Here’s an incomplete list of the massive negative consequences and specific abuses that stem from Facebook’s idealistic product development process. [Thanks to user suggestions, we’ve added some more in an upate].


It’s a long list – Beacon revealing shopping, “engagement ranked feed” leading to fake news, “engagement”-priced ads leading to polarising ads, app platform driving game spam, privacy controls that encourage you to make stuff public, and plenty, plenty more.

Facebook’s shares lost nearly 7% of their value through the day.
link to this extract

Uber halts autonomous cars after 49-year-old pedestrian is killed in Arizona • The Washington Post

Faiz Siddiqui and Michael Laris:


The National Transportation Safety Board has opened an investigation into the crash, NTSB spokesman Eric Weiss said.

Uber issued a short statement.

“Our hearts go out to the victim’s family. We are fully cooperating with local authorities in their investigation of this incident,” a company spokeswoman said.

The vehicle was in autonomous mode at the time of the crash, though a driver was behind the wheel, Tempe police said in a statement. The crash occurred about 10 p.m. Sunday in the area of Curry Road and Mill Avenue, a busy intersection with multiple lanes in every direction.

Police said the vehicle was northbound on Curry Road when a woman, identified as 49-year-old Elaine Herzberg, crossing from the west side of street, was struck. She died at a hospital, the department said.

Missy Cummings, a robotics expert at Duke University who has been critical of the swift rollout of driverless technology across the country, said the computer-vision systems for self-driving cars are “deeply flawed” and can be “incredibly brittle,” particularly in unfamiliar circumstances.


Herzberg wasn’t on a “crosswalk” (UK lingo: pedestrian crossing) when she was hit. But that’s irrelevant. Cars are meant to yield to pedestrians. Lots more to be discovered about this, including how fast the car was going, how well-lit things were, what system it was using to detect obstacles, and more.

So the first self-driving car has killed a non-driver. Now the really hard questions begin. Who’s responsible – the person inside the car, or the authors of the software? How do you stop this happening again – or is there a level of pedestrian killing that is “acceptable”?
link to this extract

Why America can’t regulate bitcoin • Hacker Noon


Hearings on Bitcoin and its derivatives are being held in the USA on a regular basis, and invariably the expert witnesses fail to properly describe the actual processes going on. If they used the correct language and excluded all analogies, the only possible conclusion would be that America cannot regulate Bitcoin under its current legal system. The Constitution guarantees the inalienable rights of American citizens, and therefore Bitcoin is a protected form of publishing. The only way Bitcoin can be made regulable is if the Constitution is changed; and that does not mean adding a new Amendment, it means removing the First Amendment entirely. Inevitably the anti-Bitcoin protagonists will face a robust and ultimately successful legal challenge that will remove the possibility of any sort of “BitLicense” or interference from the CTFC, FinCEN or any other agency. It will also remove any possibility of interference at the State level. The consequence of adhering to the basic law of the United States will cause America to become the centre of all Bitcoin business for the entire world.

Let me explain why this is the case.


It isn’t the case, because he hasn’t recognised the crucial difference between “printing out how bitcoin works” (free to do) and “offering money and services for bitcoins created using the process that was printed out” (which the government will tax and regulate).

Then again he thinks climate change is a fraud (he’s absolutely certain that “anthropogenic global warming theory has been falsified”) and that gun control is stupid.
link to this extract

The ridiculousness of sentiment analysis • Diginomica

Dennis Howlett got an email (three times!) from a PR company certain that it had got some amazing sentiment analysis on peoples’ opinions on social media about United Airlines suffocating a pet:


It was accompanied by the dross, breathtakingly insightful, no sh-t Sherlock commentary that:


This latest incident could be another massive blow to United’s reputation unless upper management takes control of the storm on social in an effective way. In this instance, United will need to do more than just apologize — they will need to provide solutions and reassure their wide customer base, and to do so intelligently, they must be mindful of the overwhelming responses they’re already receiving about the incident. Leveraging social listening during a crisis can help any brand gauge the right response, and hopefully, make a comeback.


And your point is…..????

I don’t know if these people have noticed, but following the United Breaks Guitars fiasco, the company barely missed a beat in reporting earnings.

The most recent incident, while wildly more egregious than the earlier one, will have almost zero effect on United. Unless…a few large corporate specifiers put ethics to the front of their choice parameters and say enough is enough.

The likelihood of that happening is almost zero because, like the other major U.S. airlines, United operates what are near monopoly hubs that act as choke points for others. You wanna go to the Bay Area from Chicago, Houston, Frankfurt or Denver? UA is pretty much your only realistic choice. In short, the U.S. airline majors operate as a set of cartels, ostensibly in competition, but in reality, having ‘safe’ harbors into and out of which they are the mob bosses owners with very little to lose.


link to this extract

Open Location Code and what3words • Medium

David Piesse:


Open Location Code is a Google (Zurich) based code library for giving a code to anywhere in the world. It is entirely based off of latitude and longitude tying it perfectly with GPS; and is indiscriminate with regards land, sea or population. It is a tiny amount of code for this algorithm, but has a few features that make it the best way to locate anything from a latitude & longitude.

Firstly it has scale. The code is built up of pairs of characters (e.g. 9C) that drill you into the next level of detail.

The first pair relates to a 20 by 20 degree square around the world (18 x 9 of them).

The second pair breaks this down to 1 degrees squares (20 by 20) within this 20 square degree area.

The third and fourth pair do the same again with 0.05 and 0.0025 degrees. That makes up roughly 10.3 billion areas.

Beyond that you can further refine up to 3 more characters, all of which are a 4×5 grid within the previous. At 10 characters (excluding the +) you have a area roughly 10m wide, at 11 characters it is only 3.4m x 2.7 ~ to w3w.

So to get to this area ( 6GCRMQPX+9GG) but people can’t remember that.

Cool — that is where w3w wins hands down. They have something that almost any literate people can understand.

However you can convert a OLC code into parts and potentially assign large levels of them a single word. Of the 162 top level areas only ~69 have any substantial population so we could assign only a few dozen words to over half the globe.

Think atlantic.something.something for the whole of the Atlantic ocean; or australia.something.something for Australia. This gives a high level drill down as to where you are. Large swathes of the globe can be covered with a few words; which both frees up word combinations, but also shortens codes eventually.


what3words is a neat concept but as he points out, it has some failings. His idea seems good; the trouble is making it work.
link to this extract

South Koreans reportedly not that enthusiastic about the Galaxy S9 • SamMobile

Adnan F.:


A local news outlet quotes mobile retailers in its report who have witnessed that consumers aren’t that interested in the Galaxy S9 and the Galaxy S9+ since they’re not that different from last year’s models.

Another retailer pointed out that it’s actually the Galaxy A8 (2018) that’s Samsung’s best-selling smartphone in South Korea currently. The handset’s dual front-facing camera is said to be one of the reasons why it’s immensely popular with the late-teens and 20s demographic which likes to take a lot of selfies.

Granted that the Galaxy S9 and Galaxy S9+ are faster and feature better cameras but the design is largely the same and so is the display size. The new flagship looks and feels quite similar to its predecessor and that’s why it might be a difficult sell to those who already own the Galaxy S8…

…Customers who are sold on the new features like Super Slow-motion video, variable aperture camera, AR Emoji, etc will certainly go ahead and purchase the Galaxy S9. However, those who view them as mere novelties or can’t justify purchasing an expensive smartphone for only these features will likely wait for Samsung’s 10th anniversary Galaxy smartphone due next year.


Would have thought the target market is those who own something older than the S8, really. The TV adverts for the S9 in the UK are really good. But the top-end market is static, at best.
link to this extract

A shakeout is underway among VR startups • The Information

Matt Pressberg and Tom Dotan:


A shakeout is underway in the VR startup world. An early flow of investments by consumer marketers and film studios, enthusiastic about experimenting with VR for marketing, has dried up. Instead, studios and venture capitalists are focusing on arcade-style VR installations at malls and movie theaters. These typically charge $30 for a half hour experience tied to a movie—like the Star Wars VR experience near Disneyland, where people wearing headsets can roam amongst Stormtroopers. That’s not a business best suited to smaller VR studios.

The shift reflects the continuing search for a viable business model tied to VR content, which can cost north of $1m a minute to produce. Sales for consumer VR headsets also have been slower than expected, limiting the market for VR games and videos.

“The early phase of VR is over,” says Vince Pizzica, an executive vice president of  Technicolor, which integrates technology for VR content production. Making short entertainment for VR has “no business case,” he says. Aside from VR arcades, education and architecture are both markets with lots of potential, he says.

It’s too early to say whether “location-based entertainment,” as the venues are known, can generate a return for content producers and venue owners. Aside from the high cost of making the entertainment, consumer demand remains uncertain. Mr. Pizzica estimated that the arcade-style model has two or three years to prove it can make money.


Arcades were the first success story for VR. Maybe they’re going to be the second as well. But the signs aren’t promising.
link to this extract

Demand for augmented reality/virtual reality headsets expected to rebound in 2018 • IDC


Worldwide shipments for augmented reality (AR) and virtual reality (VR) headsets will grow to 68.9m units in 2022 with a five-year compound annual growth rate (CAGR) of 52.5%, according to the latest forecast from the International Data Corporation (IDC) Worldwide Quarterly Augmented and Virtual Reality Headset Tracker. Despite the weakness the market experienced in 2017, IDC anticipates a return to growth in 2018 with total combined AR/VR volumes reaching 12.4m units, marking a year-over-year increase of 48.5% as new vendors, new use cases, and new business models emerge.

The worldwide AR/VR headset market retreated in 2017 primarily due to a decline in shipments of screenless VR viewers. Previous champions of this form factor stopped bundling these headsets with smartphones and consumers have shown little interest in purchasing such headsets separately. While the screenless VR category is waning, Lenovo’s successful fourth quarter launch of the Jedi Challenges Mirage headset—a screenless viewer for AR—showed the form factor may still have legs if paired with the right content. Other new product launches during the quarter included the first Windows Mixed Reality VR tethered headsets with entries from Acer, ASUS, Dell, Fujitsu, HP, Lenovo, and Samsung.

“There has been a maturation of content and delivery as top-tier content providers enter the AR and VR space,” said Jitesh Ubrani senior research analyst for IDC Mobile Device Trackers. “Meanwhile, on the hardware side, numerous vendors are experimenting with new financing options and different revenue models to make the headsets, along with the accompanying hardware and software, more accessible to consumers and enterprises alike.”


Not mentioned anywhere in this release: what the actual uses, demand and markets are that will drive this growth. I just don’t see it.
link to this extract

Be ready to pay a lot for Vive Pro’s higher-res virtual reality • Ars Technica

Kyle Orland:


HTC’s higher-resolution Vive Pro, first announced back in January, is setting new records for the price of a mass-market virtual reality headset. In pre-orders starting today ahead of planned April 5 shipments, customers will have to shell out $799 for the improved Vive Pro headset, a price that does not include any controllers or Lighthouse tracking base stations.

While the original Vive also cost $799 when it launched nearly two years ago, that package included two controllers and the two tracking stations necessary for un-occluded, room-scale VR. Existing HTC Vive owners will be able to reuse those accessories if and when they upgrade to the Vive Pro headset. New users, however, will currently have to purchase them à la carte (an HTC representative tells Ars that pricing for a separate “full kit” Vive Pro package will be announced soon).

HTC currently sells Vive controllers for $130 each and tracking base stations for $135 each. That means new Vive Pro customers will have to pay $1,330 for a higher-fidelity version of the same basic hardware included in the package for the original Vive (which is being reduced to $499 today, from the $599 price it has held since last April).

While the Vive and Vive Pro both technically work with other controllers (including some competing motion-tracked options), the vast majority of Vive-compatible VR software is designed to work with the hand-tracking “wand” controllers that have been a standard part of the Vive package since launch. At least one tracking base station is required to follow the Vive headset as a user moves their head, though two are recommended for more “room-scale” applications.


I think I’d argue with that phrase “mass-market virtual reality headset”. There is no mass market for VR headsets at present – and there’s still no obvious sign of what would spark wide adoption. (This isn’t, of course, good news for HTC. But these days, pretty much nothing is.)
link to this extract

Apple likely to buy up to 270 million smartphone panels in 2018 • Digitimes

Rebecca Kuo and Steve Shen:


Apple’s purchases of OLED panels in 2018 will reach 110-130m units, including 70-80m 5.9in units for the current iPhone X and an upgraded version of the same size. The remaining will be 40-50n 6.5in OLED panels for the production of a less expensive model, said the sources.

Apple will also take up a total of 60-70m 6.1in all-screen LTPS panels for another new iPhone model to be released in fall 2018, as well as 60-70m LTPS panels in 4-, 4.7- and 5.5in sizes for the production of iPhone 8 devices, iPhone SE and iPhone 7, indicated the sources.

Samsung Display will continue to serve as the primary supplier of OLED panels to Apple, according to IHS Markit. However, LG Display will strive to become the second supplier in the second half of 2018, aiming to secure orders for the new 6.5in OLED model to be launched this fall.

On the other hand, Japan Display, Sharp and LG Display will be the main suppliers of LTPS panels to Apple in 2018, said the sources.


So the expectation – if this is right – is that the larger “X” model will sell 40-50m units in a single quarter (given that Apple releases close to calendar Q4)? Or that those purchases will carry it across into the first quarter of 2019 as well, which would make a lot more sense.
link to this extract

Apple is secretly developing its own screens for the first time • Bloomberg

Mark Gurman:


Apple is designing and producing its own device displays for the first time, using a secret manufacturing facility near its California headquarters to make small numbers of the screens for testing purposes, according to people familiar with the situation.

The technology giant is making a significant investment in the development of next-generation MicroLED screens, say the people, who requested anonymity to discuss internal planning. MicroLED screens use different light-emitting compounds than the current OLED displays and promise to make future gadgets slimmer, brighter and less power-hungry.

The screens are far more difficult to produce than OLED displays, and the company almost killed the project a year or so ago, the people say. Engineers have since been making progress and the technology is now at an advanced stage, they say, though consumers will probably have to wait a few years before seeing the results.

The ambitious undertaking is the latest example of Apple bringing the design of key components in-house. The company has designed chips powering its mobile devices for several years. Its move into displays has the long-term potential to hurt a range of suppliers, from screen makers like Samsung Electronics Co., Japan Display Inc., Sharp Corp. and LG Display Co. to companies like Synaptics Inc. that produce chip-screen interfaces. It may also hurt Universal Display Corp., a leading developer of OLED technology.


Back in October 2017 I linked to a Digitimes story which said


Through acquiring US-based LuxVue Technology, Apple has acquired patented micro LED technology, especially that for mass transfer. In February 2017, Apple acquired a patent of fingerprint recogniton on micro LED panels via LuxVue, signaling Apple’s continued R&D of micro LED technology. But some reports have claimed that Apple, after LuxVue encountered bottlenecks in mass transfer, has withdrawn some of its technological staff working at a micro LED lab in northern Taiwan.


Seems like they may have got past the bottlenecks. But don’t hold your breath. Even so, it’s a classic example of Apple seeking to control the technologies that it depends on, from fingerprints to facial recognition to processors to modems. Only surprising that screens should have taken so long, really.

link to this extract

11 different brands of AA batteries, tested in identical flashlights. [OC] : dataisbeautiful • Reddit

The graphic seems to tell the obvious story – but, as commenters then point out, if you really want to know what you’re getting for your money, you need to look at the price per hour. That, it turns out, doesn’t go in line with the graph.
link to this extract

How has the average Hollywood movie crew changed? • Stephen Follows

Follows works in the film industry and (if you didn’t know) in his spare time does some wonderful analyses of public data from it:


In the past, I’ve looked at how big a movie crew can get, for both UK films and Hollywood movies. But I was recently asked by a reader how the composition of such crews has changed over time. Which departments are getting larger? Which jobs are on the rise and which are waning?

To answer this, I looked at the credits of the top 200 US-grossing movies of each of the past 20 years (1997-2016), giving me a dataset of 4,000 movies.


You can probably guess the department that’s grown biggest and fastest (clue: it’s not stunt actors), but some of the others are surprising.
link to this extract

Amazon Alexa meets music composed by AI in DeepMusic • RAIN News

After yesterday’s request for a sample of that Amazon Alexa AI-generated music, reader Alex Barredo points us to this, by Anna Washenko:


The AI compositions are generated from a collection of audio samples and a neural network. None of the music has received post-production editing by a human. If you listen on an Echo Show or Echo Spot speaker, you’ll also see artwork created by AI.

Given the number of services working to aid with the speed and ease of Alexa skill creation, it’s likely that we’ll be seeing a wave of innovative and creative applications of the voice technology. AI-made music is likely just the start of how people will think to take advantage of smart speakers.

Here’s what it sounds like:

Possibly not Grammy caliber, but interesting.


I can see endless possibilities for Muzak and Spotify playlists in this.
link to this extract

Errata, corrigenda and ai no corrida: none notified

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

Beware taking your Mac running High Sierra to the Genius Bar: APFS might surprise them

“Your Mac. On top”, according to the caption. But it might also be a source of confusion at the Genius Bar. Photo by tua ulamac on Flickr.

I wrote a while back about the problems I had with my 2012 retina MacBook Pro, and its strange shutdowns – which I suspected, but couldn’t absolutely prove, were due to the graphics card problem that these models have been known to suffer from: when the discrete graphics card was activated, there was a chance it would go completely off the rails.

Finally it shut down and didn’t seem to want to start. At that point, I turned over to using the iPad Pro full-time, which is another story. You might find it entertaining.

The only way to absolutely prove that the problem with the computer was the graphics card, of course, was to take it to a Genius Bar. After eventually getting an appointment (the Mac Geniuses are rare, compared to the iPhone/iPad Geniuses), I turned up with the rMBP which I’d left for dead.

“It was dead, honest”

Of course the first thing it did when the guy plugged it in was to start up and happily proceed to the login screen. Talk about embarrassing. I logged in. All seemed OK. But we were there for a Genius appointment, so we were going to do that. He restarted, booted from a network drive which has Apple’s Mac OS9-style hardware test, and gave it a once-over.

Mac OS 9: if you take your Mac to get Geniused, you’ll probably see a screen that looks something like this. Photo by Rodrigo Vera on Flickr.

(That’s OS9. It’s not what my machine looked like, except for how the progress bar looked.)

The checks all looked OK, except for the VST – video system test. That didn’t work – it said it couldn’t find the relevant drivers (which it looked for on the hard drive). So he ran Disk Utility off the network drive to see whether there was something wrong with the hard drive. (rMBPs from that time all have SSDs.).

At this point things got very confusing. Disk Utility showed that there were two drives – an SSD with 500GB capacity, and another also with 500GB capacity. One of them seemed to be called Macintosh HD, and the other seemed to have partitions such as “private” and “mem”.

Except that the rMBP only had a 500GB SSD. How had it got two? “Have you got a Fusion drive in here?” the Genius asked.

Me (cooperative citizen pulled over by policeman): “Er.. no.”

At this point the Genius said he suspected there was something wrong with my SSD. So he restarted the machine, held down the key to boot from a network drive, whizzed over to the one marked 10.12 and started up. Could Disk Utility read my drive now? No, it couldn’t.

“Do you have this backed up?” he asked, indicating the computer. I sure did – SuperDuper clones, and a Time Machine backup. “I think we might need to reinstall the operating system.”

(This is the point at which the smart readers are saying “ohhhh” because they’ve spotted the mistake that both he and I made.)

“You backed it up, of course?”

So yes, it was time to wipe the drive and reinstall everything. Thankfully the Wi-Fi in Apple Stores is really fast, so you can get your OS reinstalled quickly. Everything seemed to be going fine. I hung around, knowing that all the important stuff was backed up either in the cloud or on the backup disk. For fun, because I knew that it would take forever on our super-slow broadband, I decided to re-download my iCloud Photo library. All 16,800 or so of them. Look, the Wi-Fi’s free.

The photo download was fast. Everything seemed to be fine. The machine wasn’t crashing. I was now starting to question myself: was it really just something scuzzy on the hard drive?

Then, fatefully, I tried to look at a photo that had downloaded at full resolution. Click on the photo, it begins to fill the screen, and––

BAM. The machine shut down, just like that. It had been nothing to do with the hard drive or the OS. As I thought, whenever the discrete graphics card was called on to do something, it knocked the machine out.

Some more consultation, and another Genius. More network booting, and this time the video test seemed to indicate that, ehhhh, the video card might not be in good shape.

At this point I suddenly realised why the network-booted versions hadn’t been able to run the video card drivers from my hard drive, and now they could. The network drives were formatted with HFS+, which is the file system Apple has been using on Mac OSX (and MacOS) for a couple of decades. That’s why the version number on the network drive was 10.12 – the file format for Sierra.

13 is the magic number (it makes stuff disappear)

High Sierra! It was staring us in the face. Sorta.

But I had brought the machine in running 10.13 – High Sierra – which uses the APFS filesystem. APFS brings a number of benefits, such as “instant” file copying, disk space saving, better encryption performance, inherent SSD trim, and faster boot times, but it isn’t back-compatible with HFS+; if you boot from an HFS+ drive, it won’t be able to read a file encoded in APFS. (APFS can work read HFS+, of course.)

That, of course, is why the Genius’s HFS+-encoded 10.12 network drive couldn’t understand my APFS-encoded SSD. So I’d wiped the hard drive for nothing. If there had been an APFS-encoded network drive, it could have booted up the machine and run the video test and found the problem. (Well, probably.)

Anyhow – they took the machine in and replaced the entire logic board, and they did it under the guarantee (even though that had run out a little while earlier). In my case, the problem had gotten much worse after I got the battery replaced in November 2017; possibly doing that disturbed the logic board and the card’s connections, and led to a cascade of trouble.

When I got home, there was an email waiting for me from Apple – the standard “how did we do?” questionnaire. I had by then realised what had happened, and so I filled it in, explaining that they needed to update their procedures to take High Sierra/APFS users into account. I got a followup phone call from the Apple Store where I’d taken my machine, and they sounded interested and honestly grateful for the feedback. So this has possibly already been implemented. (I mean, you’d hope, right?)

Problem mostly solved

So what’s the solution? Apple obviously needs to implement some network drives formatted with APFS. Which might mean an overhaul of how it does some stuff in-store; but it should expect that there are going to be more and more people coming in with machines that are APFS-encoded.

As for me – I came home with a machine that was fixed; it’s got a new battery (since November) and now a totally new logic board. What’s really nice is how clean the machine is. All the dust and crumbs and fingermarks are blown and cleaned off. It’s like getting a brand-new machine. (I think they may even have replaced my letter “A”, which had taken a lot of punishment over the past five and a bit years.)

Getting the hard drive back to status quo ante took an afternoon or so. The one thing that’s not working? Can’t get my old Time Machine drive (which is of course HFS+ because Time Machine hasn’t moved forward to APFS yet) to believe that the new machine is essentially the same one. If I try to run a backup, it thinks for 12 hours or so (it’s not an SSD backup drive) and then declares that it’s going to need vast tracts of storage. I’ve tried command-line invocations (yes, I’ve read the manual for tmutil) without success. Strangely, I am apparently able to restore files from the drive; I just can’t put fresh ones onto it.

But that’s not a huge problem, because I have hardly any files that live exclusively on my Mac – doing so seems like a liability, and a self-inflicted handicap in these days of cloud synchronisation via iCloud and Dropbox – and the very few that there are can be handled by SuperDuper!, which does bootable backups (yes, even of APFS).

Back to my Mac

Oh sure, you’re wondering: what’s it like being back on the Mac after weeks exclusively on the iPad? Three key things: it’s damn heavy; I can type a bit faster; the screen (15in) is really big, which makes it feel like all the fonts are gigantic and yet can fit stuff onto the screen.

More generally, I find it easier to get distracted on the Mac. There are pings from emails, there’s the time spent waiting for the newsreader to load articles or web pages to load, during which one may decide to go and look at another app (email, Twitter) and get lost in that, breaking the flow of whatever I was doing before. I’m much more focussed when working on the iPad – I can go most of a day without looking at email, which is how I like things to be, unless it’s VIP email, in which case I get pinged. Also, I don’t get spinning beachballs on the iPad. Sure, it’s newer and it’s doing less simultaneous processing, but even so, as a user interface experience, Beachballs Are Bad, and one notices them even more when returning from a platform where you never, ever see them.

But anyhow, if your Mac does break down, and you’re on High Sierra, make sure to tell them if you’re on APFS when they come to the diagnostics. And if they tell you that you need to wipe your drive and start again, just make sure to ask them: “are you certain it’s that, or could it be your network drive can’t read the APFS file system on my machine?” It can’t hurt to ask.

Start Up: Cambridge Analytica in hot water, Alexa’s deep (AI) music, YouTube Kids joins the info wars, and more

Mattress reviews online are replacing sales people in stores. But not for the better. Photo by Sameer Vasta on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 13 links for you. “I’m.. working on a blockchain gang”. I’m @charlesarthur on Twitter. Observations and links welcome.

DeepMusic Alexa skill serves up AI-generated songs • MusicAlly

Stuart Dredge:


Amid all the industry conversation about how smart speakers will affect the way people listen to music, the assumption has been that the music in question will be made by humans.

Here’s a new Alexa skill to make you think, though. It’s called DeepMusic, and has just launched for Alexa-powered devices like the Echo speakers.

“DeepMusic is an Alexa skill that enables you to listen to songs generated by artificial intelligence (AI). Each song was composed entirely using AI. The songs were generated using a collection of audio samples and a deep recurrent neural network. There has been no post-production editing by a human,” explains its description on Amazon’s store.

AI was also used to create the artwork shown on the screen-equipped Echo Show and Echo Spot speakers. The skill can be tested by saying ‘Alexa, open DeepMusic’ and then commands like ‘Alexa, ask DeepMusic to play a song’.


We’ve had quite a few “AI music” links over the past few years. There was in August 2016, an AI-generated song in November 2016, and DeepBach in December 2016. If anyone wants to let us know how DeepMusic sounds, we’d love a review.
link to this extract

To find suspects, Raleigh police quietly turn to Google •

Tyler Dukes, WRAL public records reporter:


In the early morning hours of June 1, 2015, witnesses heard Pugh in an argument. They heard multiple gunshots. And they saw a figure illuminate the ground with a cell phone flashlight before fleeing the scene as the sun rose over north Raleigh.

A year and a half later across town, a taxi driver named Nwabu Efobi was gunned down in front of the Universal Cab Company. Security camera video caught Efobi in some kind of confrontation with the shooter before the unknown man opened fire. The day before, cameras caught the same guy several times walking around the building with what appeared to be a cell phone at his ear.

Raleigh police say the cases are unrelated. But in March 2017, months after investigations began into both shootings, separate detectives on each case, one day apart, employed an innovative strategy in criminal investigations.

On a satellite image, they drew shapes around the crime scenes, marking the coordinates on the map. Then they convinced a Wake County judge they had enough probable cause to order Google to hand over account identifiers on every single cell phone that crossed the digital cordon during certain times.

In at least four investigations last year – cases of murder, sexual battery and even possible arson at the massive downtown fire in March 2017 – Raleigh police used search warrants to demand Google accounts not of specific suspects, but from any mobile devices that veered too close to the scene of a crime, according to a WRAL News review of court records.


Two things: first, the idea of a “public records reporter” wouldn’t exist in the UK; they’re either incredibly hard to access, or trivial. Second, why only Google? What if there were iPhone users who didn’t use Google services in the area?
link to this extract

The online mattress industry promised a more honest shopping experience. We may have gotten the opposite instead • Recode

Jason Del Rey:


Gone is the slick-talking store sales guy directing you toward the mattress with the best profit margin or the highest commission. But in his place are a slew of website owners proficient in the art of search engine marketing, funneling you with the help of Google toward the mattress that lines their pockets the most.

These sites make money from so-called affiliate fees — commissions earned when a reader clicks a link in a review and goes on to purchase that mattress afterward. This model has been around almost as long as the internet. But the rise of online mattress sellers has created a perfect recipe for these content chefs: a high-priced item that results in a large commission, coupled with a heavy consumer reliance on reviews, since many of these new mattress brands are not widely sold in physical stores.

The power these websites amassed has not gone unnoticed in the industry. After Casper sued three of the sites, the high-profile mattress company financed the takeover of one of them, called Sleepopolis. This raised questions about a conflict of interest when Sleepopolis’ review of Casper suddenly improved. Today, Sleepopolis sends more traffic to Casper’s website than to any other mattress brand, according to data from SimilarWeb.


You might recall this amazing story about Sleepopolis and Casper and the whole crazy setup from October 2017. Another example of “the internet will improve it all” not coming true.
link to this extract

A cyberattack in Saudi Arabia had a deadly goal. Experts fear another try • The New York Times

Nicole Perlroth and Clifford Krauss:


In August, a petrochemical company with a plant in Saudi Arabia was hit by a new kind of cyberassault. The attack was not designed to simply destroy data or shut down the plant, investigators believe. It was meant to sabotage the firm’s operations and trigger an explosion.

The attack was a dangerous escalation in international hacking, as faceless enemies demonstrated both the drive and the ability to inflict serious physical damage. And United States government officials, their allies and cybersecurity researchers worry that the culprits could replicate it in other countries, since thousands of industrial plants all over the world rely on the same American-engineered computer systems that were compromised.

Investigators have been tight-lipped about the August attack. They still won’t identify the company or the country where it is based and have not identified the culprits.

But the attackers were sophisticated and had plenty of time and resources, an indication that they were most likely supported by a government, according to more than a dozen people, including cybersecurity experts who have looked into the attack and asked not to be identified because of the confidentiality of the continuing investigation.

The only thing that prevented an explosion was a mistake in the attackers’ computer code, the investigators said…

…What worries investigators and intelligence analysts the most is that the attackers compromised Schneider’s Triconex controllers, which keep equipment operating safely by performing tasks like regulating voltage, pressure and temperatures. Those controllers are used in about 18,000 plants around the world, including nuclear and water treatment facilities, oil and gas refineries, and chemical plants.

“If attackers developed a technique against Schneider equipment in Saudi Arabia, they could very well deploy the same technique here in the United States,” said James A. Lewis, a cybersecurity expert at the Center for Strategic and International Studies, a Washington think tank.


Most likely to be Iranian hackers. Second-tier nation-state hackers are now as big a problem as the top tier; they just don’t hit as many targets.

link to this extract

University of Arizona tracks student ID cards to detect who might drop out • The Verge

Shannon Liao:


The University of Arizona is tracking freshman students’ ID card swipes to anticipate which students are more likely to drop out. University researchers hope to use the data to lower dropout rates. (Dropping out refers to those who have left higher-education entirely and those who transfer to other colleges.)

The card data tells researchers how frequently a student has entered a residence hall, library, and the student recreation center, which includes a salon, convenience store, mail room, and movie theater. The cards are also used for buying vending machine snacks and more, putting the total number of locations near 700. There’s a sensor embedded in the CatCard student IDs, which are given to every student attending the university.

“By getting their digital traces, you can explore their patterns of movement, behavior and interactions, and that tells you a great deal about them,” Sudha Ram, a professor of management information systems who directs the initiative, said in a press release.

Researchers have gathered freshman data over a three-year time frame so far, and they found that their predictions for who is more likely to drop out are 73% accurate.


Big data brother is everywhere.
link to this extract

‘I created Steve Bannon’s psychological warfare tool’: meet the data war whistleblower • The Observer

Carole Cadwalldr:


What the email correspondence between Cambridge Analytica employees and [Aleksandr] Kogan shows is that Kogan had collected millions of profiles in a matter of weeks. But neither Wylie nor anyone else at Cambridge Analytica had checked that it was legal. It certainly wasn’t authorised. Kogan did have permission to pull Facebook data, but for academic purposes only. What’s more, under British data protection laws, it’s illegal for personal data to be sold to a third party without consent.

“Facebook could see it was happening,” says Wylie. “Their security protocols were triggered because Kogan’s apps were pulling this enormous amount of data, but apparently Kogan told them it was for academic use. So they were like, ‘Fine’.”

Kogan maintains that everything he did was legal and he had a “close working relationship” with Facebook, which had granted him permission for his apps.

Cambridge Analytica had its data. This was the foundation of everything it did next – how it extracted psychological insights from the “seeders” and then built an algorithm to profile millions more.

For more than a year, the reporting around what Cambridge Analytica did or didn’t do for Trump has revolved around the question of “psychographics”, but Wylie points out: “Everything was built on the back of that data. The models, the algorithm. Everything. Why wouldn’t you use it in your biggest campaign ever?”

In December 2015, the Guardian’s Harry Davies published the first report about Cambridge Analytica acquiring Facebook data and using it to support Ted Cruz in his campaign to be the US Republican candidate. But it wasn’t until many months later that Facebook took action. And then, all they did was write a letter. In August 2016, shortly before the US election, and two years after the breach took place, Facebook’s lawyers wrote to [data whistleblower Christopher] Wylie, who left Cambridge Analytica in 2014, and told him the data had been illicitly obtained and that “GSR was not authorised to share or sell it”. They said it must be deleted immediately.

“I already had. But literally all I had to do was tick a box and sign it and send it back, and that was it,” says Wylie. “Facebook made zero effort to get the data back.”


Facebook staff and ex-staff have been saying: 1) not a data breach as such (a headline on another of these stories) 2) this stuff doesn’t affect anyone anyway. The second isn’t believable. Are we meant to think advertising has no effect? If that were the case, nobody would do it.
link to this extract

Followup questions For Facebook, Cambridge Analytica and Trump Campaign on massive breach • Just Security

Justin Hendrix:


Journalists, regulatory bodies and Congress should be ready to ask a number of pressing questions to get to the bottom of exactly what happened. The answers are important- governments around the world are considering how best to regulate technology companies, and this extraordinary incident gets to the heart of the relationship between personal data, microtargeting, dark money and the impact of their combination with unaccountable platforms on the health of democracies.

Here are seven key questions:
[with the explanation removed, here are the questions:]
1. Why did Facebook take more than two years to inform the public of this massive breach?
2. Did the Trump campaign or Cambridge Analytica violate campaign finance laws?
3. Did Trump campaign or Cambridge Analytica employees lie to Congress, or to the British Parliament?
4. Did Facebook’s failure to disclose this breach to the public and notify its directly affected consumers break any laws?
5. Did any of the Facebook embeds in the Trump campaign know that stolen data was being used for targeting?
6. Did Facebook have evidence its own employees mishandled this situation? Was any disciplinary action taken?
7. Did other organizations or individuals exploit these apparent weaknesses, and are there other breaches we do not know about?


Question 3 is already being followed up.
link to this extract

Facebook bans Trump campaign’s data analytics firm for taking user data • The Washington Post

Elizabeth Dwoskin:


Facebook said Kogan had requested and gained access to information from 270,000 Facebook members after they chose to download his app. The app, “thisisyourdigitallife,” offered a personality prediction and billed itself on Facebook as “a research app used by psychologists.”

The Facebook members gave their consent for Kogan to access information such as the city they set on their profile, the content they had liked and some limited information about friend groups and contacts. Kogan then broke Facebook’s policies and passed the information to Cambridge Analytica and to Wylie. Facebook learned about Kogan’s activities in 2015.

The company removed Kogan’s app at the time and demanded certifications from Cambridge Analytica, Wylie and Kogan that the information he had shared had been destroyed. All three certified to Facebook that they had done so, but Facebook said it received reports several days ago that the data was not deleted.


“The horse bolted two years ago but to indicate our displeasure we are definitely shutting this stable door.” Also amusing: where the reports came from. It then threatened to sue one of the sources (The Observer) of those reports.
link to this extract

YouTube suggested conspiracy videos to children using its Kids app • Business Insider

James Cook:


YouTube’s app specifically for children is meant to filter out adult content and provide a “world of learning and fun,” but Business Insider found that YouTube Kids featured many conspiracy theory videos which make claims that the world is flat, that the moon landing was faked, and that the planet is ruled by reptile-human hybrids.

YouTube Kids is a separate app from the main YouTube app, and it’s meant to allow parents to let their children browse YouTube without being worried about any unsuitable content appearing. Children are encouraged to learn languages, read books, and watch educational videos.

Search for “UFO” on YouTube Kids and you’ll mostly find videos of toys that are clearly fine for children to watch. But one of the top videos claimed to show a UFO shooting at a chemtrail, and we found several videos by prominent conspiracy theorist David Icke in the suggested videos. YouTube removed the videos from YouTube Kids after we contacted it about the issue.

One suggested video was an hours-long lecture by Icke in which he claims that aliens built the pyramids, that the planet is run by reptile-human hybrids, that Freemasons engage in human sacrifice, that the assassination of President Kennedy was planned by the US government, and that humans would evolve in 2012.


With enough examples, is it possible that Google will actually take action before rather than after this happens? Except it’s been evident for ages that YouTube Kids is a complete mess. This just shows that it’s even worse than all those algorithmically-generated junk weird videos.

And boring though it might be to repeat this, kids brought up on the Encyclopaedia Britannica didn’t come across David Icke or moon landing conspiracies.
link to this extract

A quick (battle) field guide to the new culture wars • Ribbonfarm

Venkatesh Rao:


I haven’t yet gathered my thoughts on this whole theme properly, besides drawing my map, but I did tweet a bunch yesterday (March 5), throwing out some initial thoughts on the culture wars topic. I’m compiling them here.

The overarching theme of these tweets is this: there is a war on, and except for the low level of actual killing, it is a real war, not an allegorical or metaphoric one. The most visible battlefields are online forums like Twitter, Facebook, and various well-connected regions of the blogosphere. But there is also plenty of old-school direct action on the streets, in traditional media outlets, and behind closed doors.

The combatants include professional cyberwarriors and seasoned amateur guerrillas pursuing very well-defined objectives with military precision and specialized tools. Then there is the small but highly skilled corps of shitposters whose skill at information warfare is matched only by their fundamental incomprehension of the real damage they’re unleashing for lulz. And finally, masses of clueless patsies being programmed like insect swarms by all sides. What Renee DiResta labeled always-on mobs in her post last year.

In other words, there is a war on, it’s very real, causing real pain to many, and involves huge consequences hanging in the balance, from the future of academia and the conduct of science to the future of the planet itself.

Believe it or not, the swinging of a presidential election is actually a fairly minor chapter in the ongoing saga. When it’s all done and over with, and the dust has settled somewhat, I believe we’ll look back on this era as being as consequential in reshaping the future of the United States and the world as the Civil War.


This is a deeply fascinating post by Rao, and really obligatory reading if you are on social media at all. His comment on conspiracy theorists – they aren’t going to go away, and you might as well treat them as being from a parallel universe (I paraphrase) is worth the time in itself.

It’s also a concerning post. But knowing you’re in the midst of an infowar is perhaps the most useful information you can have.
link to this extract

Beyond the bitcoin bubble, the benefits of blockchain • Allianz Global Investors

Stefan Hofrichter is head of global economics and strategy at Allianz:


bitcoin ticks all of the boxes that we consider to be essential criteria of any asset bubble:

• “New-era” thinking. Bitcoin is perceived to be an entirely new kind of currency and a monetary innovation in the internet age.
• Overtrading. Trading volumes have increased by almost fivefold in the last five years, according to BIS data.
• Ultra-easy monetary conditions. Accommodative policy is still in place globally, despite a series of rate hikes by the US Federal Reserve.
• A lack of financial regulation. The “Wild West” bitcoin environment is only gradually being addressed by regulators around the world.
• The launch of related financial instruments. New products related to the bubbling asset class are popping up – from CBOE and CME futures contracts to the launch of “ICOs” (initial coin offerings).
• Rising leverage. Not only has private-sector leverage increased to record highs globally, but leveraged speculation in bitcoin is increasing.
• Swindles. Bitcoin has become the instrument of choice for many criminals, thanks to its ability to exist entirely outside of traditional banking channels.
• Significant overvaluation. Many other asset classes are pricey in today’s market, but bitcoin’s valuation seems to be without peer.

This brings us to a key question: what is the fair value of a bitcoin? In our view, its intrinsic value must be zero: a bitcoin is a claim on nobody – in contrast to, for instance, sovereign bonds, equities or paper money – and it does not generate any income stream.


Well this won’t be popular with the bitcoin miners.
link to this extract

Sierra Leone tests blockchain technology for tallying election results •

Daniel Finnan:


Sierra Leone has become one of the first countries to trial the use of blockchain technology during elections. A Swiss-based company called Agora used technology similar to that underpinning the BitCoin cryptocurrency to provide a partial count of election results. Sierra Leone went to the polls on 7 March to elect a new president, members of parliament, local councillors and mayors.

“We recorded the votes after tallying on our blockchain where the votes are anonymised,” Leonardo Gammar, the Chief Executive Officer of Agora, told RFI. “Our observers have a look at the ballots and they send the results on our blockchain per polling station,” he added.

The Agora e-voting system aims to provide a decentralised system that is both transparent and verifiable, according to Gammar. Blockchain technology emerged with the creation of Bitcoin and is a digital ledger of records much like a traditional database, except that it is encrypted and stored across several computers.

“Our goal is to provide voting solutions for people, electronic voting solutions, but decentralised,” said Gammar, during a telephone interview. “In Sierra Leone, what we did is just a use case and it’s not the full implementation of our digital solution.”

Agora aims to provide a full e-voting system from voter identification to the actual casting of ballots and counting of results in the future, Gammar said.

Agora’s voting app will be linked to this implementation of blockchain technology and will provide additional features, the Agora co-founder said. One such feature would help avoid electoral fraud such as vote buying. The app would enable voters to record their choice in the election when under pressure from unscrupulous actors, but change the vote to their desired choice at a later time, as long as the poll is still open.


That last bit is clear as mud. Also: if people are being pressured to sell their votes and there’s a public tally of how many votes there were for something.. that doesn’t seem good? And it doesn’t seem as though it changes the circumstance that existed before: either the vote-buyer could come into the voting booth and watch, or they had to take it on trust. (This is e-voting, so the risk of vote-buying being enforced seems bigger than if you have voting booths.)

This seems like a buzzword solution; encrypting the ledger and storing it on multiple computers is what any organisation that handles distributed logins does for its passwords. It does, though, have the benefit that there’s a hard-to-dispute distributed tally of recorded votes.
link to this extract

Truth isn’t the problem—we are • WSJ

Rebecca Newberger Goldstein on how “post-truth” is more about allegiance than truth:


Consider two different propositions, from opposite ends of American politics: (1) “The only way to stop violent crime is to allow citizens to arm themselves,” and (2) “For a person of privilege to make creative use of the culture of the underprivileged is an act of aggression and abuse.” The information that we can glean from these statements isn’t about the putative topics—gun control or cultural “appropriation,” respectively. It’s about the political identity of the speaker. Such assertions are tribal banners, and offering counter-evidence isn’t likely to get you very far.

Indeed, a pledge of political allegiance achieves greater authenticity if it flies in the face of counter-evidence, especially if that evidence comes from “so-called experts.” My insistence that “Human actions have no impact on global warming” gains immeasurably, as a pledge, from the fact that 97% of climate scientists disagree with me; it highlights the depth of my commitment to the cause. Similarly, to show my solidarity with others who wish to ban “Frankenstein” foods, I can insist that “Genetically engineered crops are unsafe for humans and animals,” even as I’m presented with an exhaustive study by the National Academies of Science concluding that there is no such evidence.

These pseudo-assertions aren’t just tribal markers, of course. They also purport to say what is and isn’t true. And that’s where we get into trouble—in the very fact that their persuasive potency, as pledges, is often a function of how far they depart from the best available evidence.

Democratic debate is never a strict weighing of evidence; emotional appeals to party, cause and country are always part of the mix. But our readiness today to proudly defy evidence is very troubling. It undermines our commitment to the truth—and our capacity to reach any sort of middle ground or consensus.


It generally seems to me that the problem in the US is the lack of a middle ground in politics. One counter to that has been the recent upsets in which Democrats have won with huge poll swings – but they’re in effect obliged to be middle-of-the-road to appeal to potential swing voters. If they can hang on, America might find itself inching back toward consensus through democratic (small d) means.
link to this extract

Errata, corrigenda and ai no corrida: none notified

Start Up: the Spotify playlist black market, how Siri soured, who’ll wear WearOS?, Toys’R’Us bust, and more

These guys will probably get their contract renewed. Photo by Elliott Brown on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 10 links for you. Use them wisely. I’m @charlesarthur on Twitter. Observations and links welcome.

Exclusive: Amazon’s internal numbers on Prime Video, revealed • Reuters

Jeffrey Dastin:


a person familiar with its strategy said the company credits a specific show for luring someone to start or extend a Prime subscription if that program is the first one a customer streams after signing up. That metric, referenced throughout the documents, is known as a “first stream.”

The company then calculates how expensive the viewer was to acquire by dividing the show’s costs by the number of first streams it had. The lower that figure, the better.

The internal documents do not show how long subscribers stayed with Prime, nor do they indicate how much shopping they do on Amazon. The company reviews other metrics for its programs as well. Consequently, the documents do not provide enough information to determine the overall profitability of Amazon’s Hollywood endeavor.

Still, the numbers indicate that broad-interest shows can lure Prime members cheaply by Amazon’s calculations. One big winner was the motoring series “The Grand Tour,” which stars the former presenters of BBC’s “Top Gear.” The show had more than 1.5 million first streams from Prime members worldwide, at a cost of $49 per subscriber in its first season.

The documents seen by Reuters reflect Prime subscribers in the United States, United Kingdom, Germany, Austria and Japan, where Amazon’s programs were available before Prime Video rolled out globally in December 2016.

Analysts estimate that 75 million or more customers have Prime subscriptions worldwide, including about half of all households in the United States.

About 26 million US Prime members watched television and movies on Amazon as of early 2017. Reuters calculated this number from the documents, which showed how many viewers a TV series had as a percentage of total Prime Video customers.

Rival Netflix Inc had twice that many US subscribers in the first quarter of last year. It does not disclose how many were active viewers.


Those numbers for Grand Tour perhaps aren’t surprising, but they’ll be very reassuring for Clarkson et al.
link to this extract

Graphics that look hand-drawn • Rough.js


Rough.js is a light weight (~8k), Canvas based library that lets you draw in a sketchy, hand-drawn-like, style. The library defines primitives to draw lines, curves, arcs, polygons, circles, and ellipses. It also supports drawing SVG paths.


So it produces effects like this:

or this

link to this extract

Inside the black market for Spotify playlists • Daily Dot

Austin Powell:


Tommie King could be the next rapper to breakout from Atlanta. He’s well-connected, has obvious swagger, and he’s been quietly building a successful collection of singles on Spotify. His latest, “Eastside (feat. Cyhi the Prynce),” has already clocked more than 110,000 streams, driven largely by its placement on 14 independent playlists.

Gone are the days of hustling in parking lots, selling mixtapes out of the trunk of your car. In the modern music economy, in which streaming services account for nearly two-thirds of the total revenue generated by recorded music, emerging artists are increasingly being tracked via big data. Spotify streams, YouTube views, Twitter interactions, and even Wikipedia searches are all being used to discover the proverbial next big thing. That’s why King’s manager has worked to land his music on a staggering 594 Spotify playlists to date.

“Without Spotify playlists, to tell you the honest truth, I wouldn’t feel like we were accomplishing much,” King tells me when I reach him at the phone number he lists publicly on his Facebook page. “Streams are now the only way to really reach people you otherwise wouldn’t be able to connect with. It gives you the ability to be played worldwide, which we’re doing quite well with.

“That’s everything nowadays.”

There’s just one catch: King essentially paid to be added to those Spotify playlists… The black market for Spotify playlists is booming. It’s cheaper than you might expect to hack the system — and if it’s done right, it more than pays for itself.


Ironic: because they’re human-curated, the biggest playlists are targets for this. It’s the modern payola. (Millenial readers: like paid SEO for music on the radio.)
link to this extract

‘Snitches get stitches’: how secure phones for criminals are sold on Instagram • Motherboard

Joseph Cox:


On Saturday, Motherboard reported that the FBI has arrested the CEO of Phantom Secure, a company allegedly providing security-focused phones to international organized crime groups including the Sinaloa drug cartel. A key issue is whether Phantom deliberately created its product to help facilitate crime, which the criminal complaint alleges.

As it turns out, a Phantom-linked Instagram account, used mostly for marketing the company’s products, isn’t subtle when it comes to the organization’s alleged connection to crime; a brazen trend seen across the wider secure phone industry, too.

“Snitches get stitches,” one image, uploaded to Phantom PGP’s Instagram account, an apparent reseller of Phantom’s phones, reads. It is unclear whether this particular reseller or those operating other accounts advertising Phantom phones are connected to the recent charges against the main Phantom company and its owner.

Phantom and a number of other companies in this space sell customized BlackBerry or Android devices, typically with the camera and microphone removed, as well as, in Phantom’s case, the GPS-tracking and ordinary internet browsing functionality. In place of texts or phone calls, Phantom’s phones route encrypted messages through the company’s own infrastructure.


link to this extract

The seven-year itch: how Apple’s marriage to Siri turned sour • The Information

Aaron Tilley and Kevin McLaughlin:


The Topsy team [acquired by Apple in 2013] ultimately grew into a massive organization under Mr. Stasior that now nearly rivals the number of employees on the Siri team, said one former employee. Topsy CEO Vipul Ved Prakash continues to lead that search group and reports directly to Mr. Stasior.

Uniting the existing Siri team with the expanding search unit under Mr. Stasior proved troublesome. Members of the Topsy team expressed a reluctance to work with a Siri team they viewed as slow and bogged down by the initial infrastructure that had been patched up but never completely replaced since it launched.

“There was a feeling that, ‘Why don’t we just start over and build what we need to build, and then worry about reconciling those two later?’” said a former member of the search team. “They’re still reconciling it.”

Core Siri and Spotlight are powered by a combination of both Topsy’s technology and Siri Data Services, which is based on older search technology ported over from iTunes search but modified for Siri and launched in 2013, said the former employee. Siri Data Services deals with things like Wikipedia, stocks and movie showtimes, while Topsy sorts through Twitter, news and web results. The Siri Data Services team was eventually lumped into the Topsy team under Mr. Prakash with the plan to integrate all of the tech into a single stack. But they’re based on two different programming languages and are tricky to reconcile.

The difficulty integrating the search teams led to some embarrassing outcomes. Users could get completely different responses to the same question based on whether they were using Siri or Spotlight—which were powered by two different search technologies built by two different teams.


This verrry long piece indicates that there’s a hell of a lot of competing groups, and no overarching view of quite how to fix Siri – nor quite what it should be. We all know what we want Siri to do. But it seems like there are conflicting ideas on how to get there.
link to this extract

‘Hey’ used to be for horses • 500ish Words

MG Siegler:


Save for the Echo, each of these assistants is invoked by speaking the words “hey _____.” “Hey Google.” “Hey Siri.” “Hey Cortana.” With Amazon’s device, it’s simply “Alexa.”

Again, this seems like a tiny thing. It’s one syllable. But I think it matters.

I live in a house with both the Echo and the Home. And I’m always testing out Siri to see what she can and cannot do in relation to the competition. It’s just so much nicer to invoke Alexa than the others. And I’m certain a part of it is not having to add that extra wake word.

It also happens to be an awful word. Hey. Every time I hear it, I think back to growing up when my parents would make the dreadful parenting joke — which was really more of a reprimand. “‘Hey’ is for horses.” These days, we’re not only letting our children say “hey”, we’re basically forcing them to.
So I welcome the news that Microsoft is apparently doing away with “hey” for Cortana. And I hope Apple and Google follow suit. Sure, it may lead to a few more cases of accidental invoking, but I think the upside will be worth it.

Eventually, I imagine all of these devices are going to let you choose your own wake word. Yes, you can already change it on the Echo, but I mean picking something totally random personalized to you or your family.


I thought it was “OK Google” rather than “hey, Google” but the general point holds. And being able to personalise the wake word seems like a completely obvious setting, especially for privacy-conscious Apple: why should absolutely anybody be able to invoke my personal assistant just because they’re in speaking range?
link to this extract

Android Wear, it’s time for a new name • Google Blog

Dennis Troper was director of product management at Android Wear:


Android Wear was founded on the belief that wearable technology should be for everyone, no matter what style you wear on your wrist or what phone you have in your pocket. Since then, we’ve partnered with top watch and electronics brands to create more than 50 watches to help you manage your fitness, connect with the people who matter most, and show you the information you care about. The best part: We’re just scratching the surface of what’s possible with wearables and there’s even more exciting work ahead.

As our technology and partnerships have evolved, so have our users. In 2017, one out of three new Android Wear watch owners also used an iPhone. So as the watch industry gears up for another Baselworld next week, we’re announcing a new name that better reflects our technology, vision, and most important of all—the people who wear our watches. We’re now Wear OS by Google, a wearables operating system for everyone.


And now Troper is director of product management at Wear OS. That one-in-three figure is quite a number, but I don’t think this is going to change the trajectory of Android W–er, Wear OS. Sales are tiny compared to Apple Watch, and there’s no reason to think this will suddenly juice them.
link to this extract

The key to the iPhone X’s future lies in China • Forbes

Luke Kelly on prospects for the rumoured larger-screened iPhone X+1 later this year:


As per this report from IDC, China consumed 50% of the 437.4m so-called “phablets” shipped in 2016, and the country is expected to remain the largest market for large-screen smartphones.

“Chinese customers like bigger screens,” says Jia. “Close to 26% of smartphones shipped in Q4 2017 had 6in screens or larger, while this figure is just 10.7% in the U.S.” This phenomenon has led the larger “Plus” iPhone models to sell significantly better than their smaller siblings in China – the iPhone 7 Plus was the second best selling handset in China last year.

This is because many Chinese smartphone users own just one device, explains Zhang. “A smartphone is their only device to connect to the internet, so they want their smartphones to be as big as possible for playing games, multitasking and watching videos,” she explains.

Although this upcoming device could cost even more than the iPhone X, it seems clear that for China’s most affluent citizens, affordability is not an issue. Where American and European consumers have balked at the X’s $1,000 asking price, the Chinese market has no such qualms. With profit margins becoming ever-more crucial in a saturated smartphone market, it appears that China will be the key to the future of the iPhone X line.  


This is a really confused piece. He says sales of the iPhone X have “fallen well short of expectations”, except in China.. where people want bigger screens, which the X doesn’t have compared to the iPhone 8 Plus. Huh?

What seems clearer is that lots of people don’t have a handle on a) how many iPhone Xs Apple expected to sell in the last calendar quarter of 2017 b) how that would affect sales in C1Q 18 c) how many Xs Apple expected to sell across those two quarters, and hence how its demand profile might have shifted. (Sell more in 4Q17, sell fewer in 1Q18, but still hit overall target.)
link to this extract

Toys’R’Us to close all 800 of its US stores • Washington Post

Abha Bhattarai:


A group of toymakers led by Isaac Larian, chief executive of MGA Entertainment, the giant behind brands such as L.O.L. Surprise!, Little Tikes and Bratz, on Wednesday submitted a bid to buy Toys R Us’s Canadian arm, which includes 82 stores, according to Larian. He added that he is also looking into buying as many as 400 US stores, which he would seek to operate under the Toys R Us name.

“There is no toy business without Toys R Us,” Larian said, noting that he sold his first product to the chain in 1979. “It’s a big deal and I’m going to try to salvage as much of it as possible.”

According to its September bankruptcy filing, Toys R Us owes MGA Entertainment $21.3m.

Despite turnaround efforts at Toys R Us, which included adding more hands-on “play labs,” retail experts say the 60-year-old company has been unable to get customers back into its stores. It doesn’t offer the low prices or convenience of some of its larger competitors, nor the fun-filled experience that many smaller outfits do, some analysts have said.

Toys R Us, based in Wayne, N.J., has been struggling for years to pay down billions of dollars in debt as competitors such as Amazon, Walmart and Target win over an increasingly larger piece of the toy market. Its bankruptcy filing last year cited $7.9bn in debt against $6.6bn in assets. The company said it has more than 100,000 creditors, the largest of which are Bank of New York (owed $208m), Mattel ($136 m) and Hasbro ($59m).


A leveraged buyout in 2005 overloaded it with debt (both financial and, arguably, strategic). Now all that has come home to roost. Wonder if a buyer will try to rebrand it.
link to this extract

Power outage reportedly disrupts Samsung NAND flash production • Digitimes

Jessie Shen:


A brief power outage took place at Samsung Electronics’ NAND flash plant in Pyeongtaek on March 9. Wafers damaged in the incident are equivalent to 3.5% of the global supply in March, a report from Taiwan’s TechNews.

About 5,000-60,000 wafers were damaged during a half-hour power outage at the Samsung NAND flash fab, the report quoted market watchers as saying. The damaged wafers are equivalent to about 11% of Samsung’s overall NAND flash output in March.

Samsung’s sufficient inventory will be able to offset the wafer losses caused by the outage, which will have no major impact on Samsung’s NAND chip operations, the watchers were cited as saying in the report.


3.5% of global supply from one factory’s power outage. That’s some concentration of production.
link to this extract

Errata, corrigenda and ai no corrida: none notified

Start Up: upload that brain!, Apple Watch adoption, YouTube’s weird fact-checking plan, Google to stop crypto ads, and more

Elizabeth Holmes has been given a 10-year ban from being an officer or director of a public company. (All the photos of her look like this.) Photo by Digital Spy on Flickr.

A selection of 10 links for you. I can feel it going, Dave. I’m @charlesarthur on Twitter. Observations and links welcome.

A startup is pitching a mind-uploading service that is “100% fatal” • MIT Technology Review

Antonio Regalado:


The startup accelerator Y Combinator is known for supporting audacious companies in its popular three-month boot camp.

There’s never been anything quite like Nectome, though.

Next week, at YC’s “demo days,” Nectome’s cofounder, Robert McIntyre, is going to describe his technology for exquisitely preserving brains in microscopic detail using a high-tech embalming process. Then the MIT graduate will make his business pitch. As it says on his website: “What if we told you we could back up your mind?”

So yeah. Nectome is a preserve-your-brain-and-upload-it company. Its chemical solution can keep a body intact for hundreds of years, maybe thousands, as a statue of frozen glass. The idea is that someday in the future scientists will scan your bricked brain and turn it into a computer simulation. That way, someone a lot like you, though not exactly you, will smell the flowers again in a data server somewhere.

This story has a grisly twist, though. For Nectome’s procedure to work, it’s essential that the brain be fresh. The company says its plan is to connect people with terminal illnesses to a heart-lung machine in order to pump its mix of scientific embalming chemicals into the big carotid arteries in their necks while they are still alive (though under general anesthesia).


Money-back guarantee? And just when we’d got one sorted…
link to this extract

SEC charges Theranos founder Elizabeth Holmes with fraud • WSJ

John Carreyrou:


Theranos founder and chief executive Elizabeth Holmes surrendered voting control of her blood-testing company, paid a $500,000 penalty and agreed to a 10-year ban from being an officer or director in a public company in settling civil-fraud charges Wednesday with the Securities and Exchange Commission.

The settlement follows a more than two-year investigation by the SEC prompted by revelations in The Wall Street Journal. In October 2015, the Journal published an article revealing that Theranos used its proprietary blood-testing technology for only a fraction of the blood tests it offered in Walgreens stores. The article also reported that former employees were leery of the technology’s accuracy.

Theranos has since voided nearly one million test results, and Ms. Holmes agreed to a two-year federal ban from owning or operating laboratories. The company also has settled lawsuits from a hedge-fund investor and Walgreens, its former retail partner, alleging that it made misleading representations to them.

In addition to reaching a settlement with Ms. Holmes, the SEC is pursuing civil securities fraud charges in California against Ramesh “Sunny” Balwani, Theranos’s former president and chief operating officer. Ms. Holmes and Mr. Balwani jointly ran the company for seven years before he retired in May 2016…

…“The Theranos story is an important lesson for Silicon Valley,” said Jina Choi, director of the SEC’s regional office in San Francisco, in a statement released Wednesday by the agency. “Innovators who seek to revolutionize and disrupt an industry must tell investors the truth about what their technology can do today, not just what they hope it might do someday.”


Carreyrou wrote the original story in October 2015 casting gigantic doubt over Theranos. At the time, Theranos was said to be worth $9bn. A win for journalism.
link to this extract

Apple Watch adoption • David Smith

Smith is an independent iOS deeloper


It seems like recently Apple has been more reticent to drop support for old hardware, but I hope that the pattern that we saw with the iPad might be repeated here. Where the first generation of the product was more quickly deprecated (2.5 years later in the case of the 1st Gen iPad). After that short lifespan for the first version, they then kept the second generation, iPad 2, supported for 5 years. The Series 1 & Series 2 watches would be a great baseline going forward. While not quite so fast as the Series 3, they are a mile ahead of the Series 0.

So far the data is looking promising that this dream of mine might actually be possible. The Series 3 is being adopted incredibly quickly and just last week became the most popular Apple Watch overall amongst my users with 33% of the overall user-base. The Series 0 is steadily falling, currently at around 24%.

I don’t know how low Apple would feel comfortable cutting off support for the Series 0, but it certainly seems like it is a possibility.

If I do some completely unscientific, wild, and almost certainly unreliable extrapolations of the current adoption trends (straight linear projection based on the trends since Christmas). It looks like by this fall, when presumably the next Apple Watch would be released and watchOS 5 will be generally available, the Series 0 may be as low as 15-20%.


I’d be amazed if the next version of WatchOS supports the Series 0. What that graph doesn’t depict is the expanding user base; the number of Series 0 users is probably pretty constant now, so the Series 3 users are really rocketing in numbers.
link to this extract

Google bans bitcoin adverts in cryptocurrency crackdown • The Guardian

Samuel Gibbs:


Google will ban all adverts for cryptocurrencies, including bitcoin and initial coin offerings (ICOs), as it seeks to “tackle emerging threats”.

The ad ban will come into force from June as part of a clampdown on unregulated financial products. Google’s director of sustainable ads, Scott Spencer, said in a blogpost: “We updated several policies to address ads in unregulated or speculative financial products like binary options, cryptocurrency, foreign exchange markets and contracts for difference (or CFDs).”

Google said its ban includes cryptocurrency exchanges and wallets. The company will also begin blocking some gambling ads, such as those for services using virtual items worth real-world money, known as skins betting, as it seeks to “combat new threats and improve the ads experience online”.

The move follows similar bans made by advertising rival Facebook, which banned all cryptocurrency and ICO adverts in January after finding that many were being used to scam potential investors.


What none of the stories about this explain is why they’re waiting until June to do it. It’s March now. That’s three months of jolly scamming for the jolly scammers, who will surely ramp up their efforts knowing there’s a deadline.
link to this extract

Raspberry Pi 3 B+ has faster CPU, Wi-Fi, and easier compliance testing • Ars Technica

Peter Bright:


The Raspberry Pi Foundation has announced a new version of its modular compute platform: the Raspberry Pi 3 Model B+.

The B+ has the same form factor and dimensions as the Pi 2 B and Pi 3 B, making it a drop-in replacement but with a better processor and connectivity. Compared to the Pi 3 B, the B+ adds many hundreds of MHz—it runs its quad core 64-bit Cortex-A53 processor at 1.4GHz, up from 1.2GHz—along with dual band 2.4/5GHz 802.11b/g/n/ac Wi-Fi and Bluetooth 4.2, up from 2.4GHz and Bluetooth 4.1.

The Ethernet port has been upgraded from 100Mb/s to what is technically gigabit; it syncs at gigabit speeds, but the actual Ethernet controller is only USB 2, so transfer rates are limited to about 300Mb/s.Other connections are unchanged, four USB 2 ports, a 40-pin GPIO connector, an HDMI video output, camera and touchscreen ports, stereo/composite video, and a microSD slot for its software and operating system. It uses the same 5V/2.5A power as before and will also support power-over-Ethernet with an accessory (coming soon) sold separately.

The faster processor and better networking don’t change the price: it’s still a $35 piece of hardware.


Still pretty amazing.
link to this extract

Toys R Us to shut all UK stores, resulting in 3,000 job losses • The Guardian

Sarah Butler:


Toys R Us is to shut all 100 of its UK stores, with closures beginning on Thursday after administrators failed to find a buyer for the collapsed retailer, resulting in the loss of 3,000 jobs.

The chain’s administrators said the group would be extending a nationwide discounting programme and encouraged shoppers to “take advantage of special offers while stocks remain high”.

The toy chain appointed Moorfields Advisory to oversee an administration at the end of February after the firm failed to find a last-minute rescuer.

On Wednesday, staff were told that no buyer had been found for Toys R Us and that all stores would close, with 67 staff at the group’s head office in Maidenhead, Berkshire, made redundant.


This isn’t the US arm (that was yesterday). Potential investors were told in February they would need to put in at least £120m to prevent liquidation. But if you were going to try to sell toys now, would you open 100 big retail stores on high streets, malls and out-of-town centres? British retail is having a bad time.
link to this extract

YouTube will link directly to Wikipedia to fight conspiracy theories • WIRED

Louise Matsakis:


On Tuesday, however, YouTube CEO Susan Wojcicki detailed a potential solution. YouTube will now begin displaying links to fact-based content alongside conspiracy theory videos.

Wojcicki announced the new feature, which she called “information cues,” during a talk with WIRED editor-in-chief Nicholas Thompson at the South by Southwest conference in Austin, Texas. Here’s how it will work: If you search and click on a conspiracy theory video about, say, chemtrails, YouTube will now link to a Wikipedia page that debunks the hoax alongside the video. A video calling into question whether humans have ever landed on the moon might be accompanied by the official Wikipedia page about the Apollo Moon landing in 1969. Wojcicki says the feature will only include conspiracy theories right now that have “significant debate” on the platform.

The decision to include links to other websites represents a dramatic shift for YouTube, which has historically existed as a mostly contained ecosystem. It’s also notable that YouTube chose to link out to text-based sites, rather than rearrange its own search algorithm to further favor content from truthful creators and video journalists. One reason for the decision might be that YouTube wants to avoid the perception that it’s rigging its platform to favor certain creators, a criticism it has faced in the past. It also prevents YouTube from having to censor content outright, serving as the ultimate arbiter of truth.


YouTube (and Google) keep dancing around this subject, but it’s going to bite them hard soon. People get information from YouTube. A lot of that information is just plain wrong. Adults who know better point out that that information is wrong, and they lower their trust, and the trust they offer, in it. Viewers lose trust, advertisers lose trust, it’s a downward spiral.

As a solution, this is also stupid, and – one hopes – short-term. As Mike Isaac pointed out, you don’t solve the problem of an infinitely gameable platform by fact-checking it from a service that literally anyone can edit. Is Wikipedia prepared for the edit wars that will naturally follow from this decision? It’s another example of Google offloading the work of checking content onto someone, anyone, else.

Maybe it’s time for the Encyclopaedia Britannica to make a comeback. Those would be the fact-checks to run alongside those videos. (Though it doesn’t have an entry for “chemtrails” – not surprising, since it’s a made-up word about a fantasy. It does have contrails, though.)
link to this extract

Britain First has just been banned by Facebook for inciting hatred against minorities • Buzzfeed

Mark Di Stefano:


London mayor Sadiq Khan, a frequent target of Britain First, praised Facebook’s action.

“Britain First is a vile and hate-fuelled group whose sole purpose is to sow division,” Khan said in a statement. “Their sick intentions to incite hatred within our society via social media are reprehensible, and Facebook’s decision to remove their content is welcome.

“The global tech revolution has brought incredible benefits and social media is enjoyed by billions of people around the world. But big social media companies must wield the power they’ve amassed responsibly.

Matthew Collins, the head of research at social media advocacy group Hope Not Hate, also praised Facebook’s decision.

“Britain First used Facebook as a means to leverage its position and push out some of the most divisive and vile anti-Muslim hatred you could find online,” Collins said.

“Ironically, if you wanted to watch an ISIS beheading you didn’t need to go to an Islamic State page, instead Britain First would show it for you.”


Here’s the subtle thing. Jim Waterson points out on Twitter that


“large amounts of their enormous Facebook following was based on convincing people to share pictures of dogs, which they then pivoted into racism. They just knew how to game the system better than anyone else! Dogs and racism!”


Meanwhile, we’re still waiting for Trump’s apology for retweeting their stuff. (In his interview with Piers Moron he said “I would certainly apologise if you’d like me to do that.” Moron failed to follow up by asking him to do so.)
link to this extract

Only Russia could be behind UK poison attack: toxin’s co-developer • Reuters

Joseph Ax:


A Russian chemist who helped develop the Soviet-era nerve agent used to poison a former Russian double agent in southern England said only the Russian government could have carried out the attack with such a deadly and advanced toxin.

Vil Mirzayanov, 83, said he had no doubt that Russian President Vladimir Putin was responsible, given that Russia maintains tight control over its Novichok stockpile and that the agent is too complicated for a non-state actor to have weaponized.

“The Kremlin all the time, like all criminals, denying – it doesn’t mean anything,” Mirzayanov said in an interview in his home in Princeton, New Jersey, where he has lived in exile for more than 20 years.

Sergei Skripal, a former Russian military intelligence agent who betrayed dozens of Russian agents to British intelligence, and his daughter are fighting for their lives after they were found on March 4 collapsed on a bench, having been poisoned with Novichok, according to British authorities.

British Prime Minister Theresa May said on Monday that it was “highly likely” that Putin was behind the attack, a charge Russia denies.


Russia’s use of products that simply aren’t available to any standard criminal – polonium and now a nerve agent – is an obvious way of telling any Russian considering working for another state that the consequences are going to be severe. The UK’s response looks milquetoast, but seems to be heading for a version of the Magnitsky Act, which Russia’s rulers really hate. (It’s what they were trying to get Trump’s team to revoke when they had the meeting in Trump tower in summer 2016, during the election campaign.)
link to this extract

Former Equifax executive charged with insider trading • US Securities and Exchange Commission


The Securities and Exchange Commission on Wednesday charged a former chief information officer of a U.S. business unit of Equifax with insider trading in advance of the company’s September 2017 announcement about a massive data breach that exposed the social security numbers and other personal information of about 148 million U.S. customers.   

According to the SEC’s complaint, Jun Ying, who was next in line to be the company’s global CIO, allegedly used confidential information entrusted to him by the company to conclude that Equifax had suffered a serious breach.  The SEC alleges that before Equifax’s public disclosure of the data breach, Ying exercised all of his vested Equifax stock options and then sold the shares, reaping proceeds of nearly $1 million.  According to the complaint, by selling before public disclosure of the data breach, Ying avoided more than $117,000 in losses.

“As alleged in our complaint, Ying used confidential information to conclude that his company had suffered a massive data breach, and he dumped his stock before the news went public,” said Richard R. Best, Director of the SEC’s Atlanta Regional Office.  “Corporate insiders who learn inside information, including information about material cyber intrusions, cannot betray shareholders for their own financial benefit.”


Well now. This is going to be a good one to watch. If Ying really acted on this information (and the SEC cites some of his web searches which are verrry suspicious), he must have thought that the share price was going to absolutely crater – where in fact it seems more like a 10% fall.

If he’d had the opportunity to read my forthcoming book Cyber Wars, about high-profile hacking incidents, he’d know instead that companies’ share prices usually aren’t affected in the long term by hacks.
link to this extract

Errata, corrigenda and ai no corrida: when I said yesterday that the “Strava bike theft” was a story that went back some years, I’d forgotten that I linked to exactly such back in October 2015.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

Start Up: iPad FacePro at WWDC?, 3D printing Marines, Toys’R’Us in trouble, Fitbit tries again, and more

Maybe stop sharing your bike rides on Strava? Photo by RaINsday on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 8 links for you. Use them wisely. I’m @charlesarthur on Twitter. Observations and links welcome.

Cyclists warned to beware sharing data on ride-tracking apps • Sky News

Lorna Shaddick:


Police and cybersecurity firms are warning cyclists to be careful with the data they share on ride-tracking apps because they could be helping bike thieves.

Peter Murtagh, from Dublin, is a keen triathlete – but recently had his top of the range racing and road bikes stolen in a daring, daylight raid on his house.

“I came downstairs and noticed one of my bikes, it was gone. That was in the front of the house,” Mr Murtagh told Sky News.

“Little did I know, the thieves were still in the house, they’d got in with a crowbar, they broke three windows and they stole my second bike too.”

Mr Murtagh cannot prove it, but thinks he might know why the thieves knew exactly where to look.
He had been using an app that logs cycling data, called Strava, to track his cycling speeds and compete against other users – but her did not realise his settings were the default ones – which are “public”.

The setting meant that the start and end of his rides could easily be seen online. He had also recorded the make and model of his top of the range time-trial bikes.


This is a perennial: I found stories of exactly the same content – Strava, high-priced bikes, theft – dating back to 2014. You’ll recall the stories of Strava’s defaults locating secret military bases; now it says it’s going to remove some of that data. Doesn’t get the bikes back though, does it?
link to this extract

Marines’ love affair with 3D printing: small is cheap, and beautiful • Breaking Defense

Sydney Freedberg:


Why are the Marines in love with 3D printing? Like most romances, it starts with the small things, things too small for the conventional supply system to manage, like a two-cent plastic button that preempts a $11,000 repair. Big defense contractors, take notice.

“There’s an intercom in most helicopters,” said Gen. Robert Neller, commandant of the Marine Corps. Ground-pounders like him tend to hit the buttons too hard and break them. But the Pentagon supply system doesn’t deal in replacing individual buttons. “You’ve got to buy the whole faceplate of the intercom,” Neller said. “It costs $11,000.”

The only hitch? The parts weren’t approved for installation on an aircraft. “I said, put the button on,” Neller told the National Defense Industrial Association last week. “Print a bag of them and hang them there.”

Neller’s No. 2, Gen. Glenn Walters, has his own longtime love affair with 3D printing. His favorite anecdote is a Marine Corps tank unit that had six 70-ton M1 Abrams tanks idled because of a broken impeller fan needed to clear the air filter. Ordering a single spare fan through the normal system would cost $1,400 and take 18 months. Instead, Walters said, a young female sergeant in the 1st Maintenance Battalion took the initiative to find a contractor “who could 3D print that thing for about $300 dollars and delivered all of them in seven days.”

“My eyes are watering with what our young people can do right now,” Walters told the McAleese/Credit Suisse conference last week. “I have an engineering background, but I’m telling you, some of these 21- and 22-year-olds are well ahead of me.”


As they should be. 3D printing finding its place: low-cost replacement.
link to this extract

Toys ‘R’ Us misses vendor payments • Bloomberg

Matthew Townsend:


Toys “R” Us Inc. has missed payments to some suppliers in recent days as its U.S. division heads toward a likely liquidation, according to people with knowledge of the situation.

The payments stopped without explanation, said the people, who asked not to be identified because the matter is private. Some of the people said they can’t get anyone to respond to questions at the retailer, which filed for bankruptcy in September and faces a $5bn debt load. Toymakers Mattel Inc. and Hasbro Inc. touched their daily lows on the news.

Toys “R” Us also recently stopped negotiating settlements with vendors on money owned before it filed for bankruptcy, some of the people said. A representative for Wayne, New Jersey-based Toys “R” Us declined to comment.

The bleak situation lends evidence to the notion that Toys “R” Us is moving toward winding down its U.S. operations for good.


Over-leveraged retailers are in some deep brown stuff. If Toys’R’Us goes down, it’s going to be like a neutron bomb hitting toymakers.
link to this extract

iPad Pro with Face ID will ‘likely’ debut at WWDC 2018 in early June • Mac Rumors

Joe Rossignol:


Apple’s rumored iPad Pro with Face ID will likely be released in the second quarter of 2018, according to Rosenblatt Securities analyst Jun Zhang.

iPad Pro with Face ID mockups via Ben Geskin and Carlos Guerra

If accurate, the timeframe suggests Apple will unveil the new iPad Pro models at its annual Worldwide Developers Conference, which will take place June 4-8 at the McEnery Convention Center in San Jose, California. Apple similarly unveiled its current iPad Pro lineup at WWDC last year.

Zhang expects the revamped iPad Pro to have slimmer bezels and no home button, in line with the iPhone X. The revamped design will likely be featured on both the 10.5-inch and 12.9-inch iPad Pro, although his research note didn’t specify.

Apple’s plans to release an iPad Pro with Face ID were first revealed by KGI Securities analyst Ming-Chi Kuo, who said the refresh would occur in 2018. Bloomberg’s Mark Gurman was a bit more specific, noting the iPad Pro with Face ID would debut “a little more than a year” after the current models.

The 10.5-inch iPad Pro and second-generation 12.9-inch iPad Pro launched in June 2017, so it’s not entirely clear if “a little more than a year” meant WWDC 2018 or Apple’s annual September event where it introduces new iPhones.

The new iPad Pro models will likely retain LCDs instead of OLED displays due to supply, cost, and technological constraints. It’s unclear if the tablets will have a notch for the TrueDepth sensor housing, or if the device will have uniformly slim bezels on all four sides with enough room for the components.


Would FaceID on an iPad be more useful than TouchID? I rarely use an iPad in portrait orientation, and hardly ever pick it up that way. And given the number of times I unlock it while it’s in landscape (with the keyboard attached), this doesn’t look like a great idea.

But then people said that about FaceID..
link to this extract

Fitbit’s Versa is the smartwatch the Ionic should have been • TechCrunch

Brian Heater:


The Versa looks exactly like the leaks predicted, with a smaller casing design that has more in common with Pebble’s design language (and, for that matter, the Apple Watch) than the fugly Ionic. It’s a “squircle,” and more to the point it’s thin and light, and will fit a lot more wrists than its last device. That will, hopefully, help broaden the product’s appeal for many among the female user base who may have been put off by the unwieldiness of the Ionic.

In fact, the company’s doubling down with its appeal for a female audience. Version 2.0 of the watch operating system brings targeted tracking for female users that incorporates menstrual cycle data into the overall health tracking picture. The company also, thankfully, began delivering on the promise of more apps a few months back, which means the product will have a stronger foundation than anemic selection Ionic offered over time. The new OS should bring improved, personalized reminders as well, though that’s “coming later in 2018,” according to the company.

The Versa’s screen measures 1.34 inches — which makes it smaller than Apple’s 38mm model. It’s certainly light though, as advertised, and the design language is a major upgrade over the Ionic. It’s actually got most of the Ionic’s features on-board, as well, including both fitness and sleep tracking, heart-rate monitoring and onscreen workouts. The company claims the battery should last around four days on a charge, with normal use — though we’ll be happy to put that claim to the test when we get a review unit.


Looks a zillion times better than the Ionic, and priced at $200 it might have a chance. And Fitbit needs it to be a hit – the fitness band business is dying on its feet.
link to this extract

How conservative activists catfished Twitter • Gizmodo

Kashmir Hill on how Project Veritas – which tried to disprove the Roy Moore accusations (and ended up showing how well-reported they were) and has had to pay $100,000 to someone it recorded without consent – targeted people from Twitter:


While Project Veritas’s findings weren’t particularly shocking, how they were obtained was. Project Veritas didn’t just fake-recruit its targets, it fake-seduced them. Many of the male employees were secretly recorded while on dates at dimly-lit restaurants, sipping wine. Based on the number of times he appears in the videos in different locations and dress, one security engineer, Clay Haynes, appears to have been enamored enough with the operative pumping him for information to go out with her at least three times. All of the Veritas operatives’ faces are blurred, but you can see his date’s jangly bracelets and long blond hair. It’s unclear just how far the seduction of Haynes went, but they became serious enough to go on a double date to Morton’s Steakhouse with her friend, a disguised James O’Keefe.

“NO ONE should have to experience this,” said Haynes via Facebook message. Haynes, who is still employed by Twitter, ultimately opted not to talk to me at the company’s request.

Beyond the questionable journalistic ethics of exploiting people’s desires for work and love, Project Veritas’s tactics broke the law, says John Nockleby, a professor who specializes in privacy at Loyola Law School-Los Angeles. While consent laws for recording conversations vary from state to state, California is a two-party consent state, meaning you have to tell someone if you’re recording them, or face up to a year of jail time and a $2,500 fine. “You’re allowed to do video in a public place without getting consent, but not take audio, unless it’s someone like a politician giving a speech to a crowd,” Nockleby told me by phone. “In California, even in a public place, if you’re audio recording without consent, that’s not legal.”


link to this extract

YouTube doesn’t know why Alex Jones videos are appearing at the top of its search results • Vice

David Gilbert:


An InfoWars video claiming that Antifa members are the “prime suspects” in the mysterious package bombings in Austin, Texas appeared at the top of search results Monday on YouTube — and the company has no idea why.

The video appeared as the third result when VICE News searched for the term “Austin explosions” on Monday evening. Another Infowars video was listed fourth in the search results.

The videos were posted by Ron Gibson, who is part of Jones’ Free Speech Systems YouTube network. His channel alone has over 158,000 subscribers and the video which was appearing on YouTube’s search results has been viewed more than 9,000 times.

In the first video Jones asks: “Is Antifa behind the third bombing in Austin?” before answering his own question by calling them “prime suspects.” His evidence? “They are violent, they call for violence, they call for attacking gentrification, any old white people moving into East Austin.” He goes on to say that the accusation is “not a conspiracy theory” despite providing no supporting evidence

Jones also says Antifa is “listed as a terror group.”


(Narrator’s voice: “it’s not listed as a terror group.”)

YouTube really needs to start getting its crap together. The radicalisation problem looks exactly like this. Divisive, inflammatory, untrue content. But hey, it’s all stuff you can sell ads against, right?

Also: you really must click through to the story for its wonderful illustration around the headline.
link to this extract

Russian pleads guilty to aiding massive hacks in US • Daily Beast

Kevin Poulsen:


Jurijs Martisevs, a 36-year-old Moscovite arrested on a trip to Latvia, helped run a service called Scan4you that filled a crucial niche in the underground economy. Before deploying a piece of malware, hackers need to know it won’t be immediately detected and quarantined by the dozens of consumer and commercial security products on the market. That’s where Scan4you comes in. For fifteen cents a pop, a hacker could upload their pre-launch code to Scan4you, which would then automatically check it against 30 different security scanners and report back the results.

Armed with that information, a hacker can make iterative changes to their code until the detection rate is sufficiently low, or even zero. Scan4you was the most successful of a slew of similar offerings advertised on underground forums, and operated from at least 2009 until the arrest of Martisevs and a co-defendant last year.

“Throughout its lifetime, the service has had thousands of users,” reads a statement of facts agreed to by Martisevs, “and has received and scanned millions of malicious files.”

According to Martisevs’ plea documents, Scan4you’s customers included some serious players, including the perpetrators of a national retail breach in November 2013. The retailer is unnamed, but the timing and description coincides with that month’s massive Target hack. The hackers submitted variations of their credit card stealing code to Scan4you four times over the course of two weeks before finally deploying the malware on Black Friday weekend. The Target breach ultimately netted thieves some 40 million credit and debit cards, and resulted in a $10 million consumer class action against Target.

Ruslans Bondars, Martisevs’ co-defendant, was allegedly the creator and technical brains behind Scan4you. Bondars is a Latvian national extradited along with Martisevs. He’s in custody pending a May trial date.


The Feds may have the full database of malware, and even customer details. That would be a hell of a thing.
link to this extract

Errata, corrigenda and ai no corrida: none notified