Start Up: a new Twitterpocalypse?, what Scott Pruitt hasn’t done, oh woe Windows Phone, Zuck’s 14-year apology your, and more

You can measure it using just two buttons. And pretty well, too. Photo by agaumont on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 11 links for you. Non-polluting (mostly). I’m @charlesarthur on Twitter. Observations and links welcome.

Apps of a Feather

The makers of Tweetbot, Twitteriffic, Talon and Tweetings have got together to explain how coming changes to Twitter’s API will affect them:


Who’s Affected?
This change affects people who use third-party Twitter apps. All software platforms are affected, but it’s worse on iOS and Android where users rely on push notifications to know when something happens on Twitter.

What’s Changing?
Third-party apps open a network connection to Twitter and receive a continuous stream of updates (hence the name). For push notifications, this connection is done on the developer’s server and used to generate messages that are sent to your devices. For timeline updates, the stream is opened directly on your mobile device or desktop computer.

This streaming connection is being replaced by an Account Activity API. This new infrastructure is based on “webhooks” that Twitter uses to contact your server when there’s activity for an account. But there are problems for app developers…

Why Can’t You Fix It?
The new Account Activity API is currently in beta testing, but third-party developers have not been given access and time is running out.

With access we might be able to implement some push notifications, but they would be limited at the standard level to 35 Twitter accounts – our products must deliver notifications to hundreds of thousands of customers. No pricing has been given for Enterprise level service with unlimited accounts – we have no idea if this will be an affordable option for us and our users.


Soon after this appeared, and annoyed tweets (I did one myself) began appearing aimed at Twitter’s developer account, the company announced that it would “delay” the June 19th deprecation. But that’s not clarity on what happens afterwards.

Twitter began open; it’s becoming closed. There’s a clear tendency among modern companies to shift from open beginnings to closed continuance.
link to this extract

Flamingo, one of the best Twitter clients on Android, is dead • Android Central

Joe Maring:


Flamingo’s developer Sam Ruston broke the news on Twitter when answering a user’s question as to why the app wasn’t showing up in the Play Store, saying “Very close to the token limit so it has been unpublished. You can still download it if you have purchased it previously by looking in the My Apps section of Google Play”.

That “token limit” that Ruston mentions has been the bane of existence for a number of Twitter clients over the years. Twitter essentially creates x amount of tokens for third-party developers, with each new download of the app resulting in one token. Once a certain limit is reached, the app won’t work for new users. It’s a terrible system, and it’s now caused one of the most customizable and polished clients to be put to rest.


Twitter might have extended its deadline, but the token system is still terrible. If the problem is that third-party clients don’t show ads (and one would have to ask: why is your API on this so poor, Twitter?) then why not fix that, rather than screwing up others?
link to this extract

The myth of Scott Pruitt’s EPA rollback • POLITICO Magazine

Michael Grunwald:


EPA Administrator Scott Pruitt’s spiraling ethics scandals and perilous job status were big news this week, but he also made headlines with his latest assault on President Barack Obama’s environmental legacy. “Pruitt Announces Rollback of Obama-Era Auto Fuel Efficiency Rule,” ABC News reported. “EPA’s Pruitt Kills Obama’s Auto Rules,” the Washington Examiner put it. The New York Times analyzed how the furor over Pruitt’s behavior has overshadowed his triumphs over regulation: “For Scott Pruitt, a Spotlight Shines on His Ethics, Not His EPA Rollbacks.”

But Pruitt did not kill or roll back Obama’s strict fuel-efficiency standards; he merely announced his intention to launch a process that could eventually weaken them. In fact, Pruitt has not yet killed or rolled back any significant regulations that were in place when President Donald Trump took office. While Pruitt is often hailed (or attacked) as Trump’s most effective (or destructive) deregulatory warrior, the recent spotlight on his ethics—allegations of a sweetheart housing deal; pay raises for favored aides; lavish spending on travel, furniture and security; and retaliation against underlings who questioned him—has arguably overshadowed his lack of regulatory rollbacks during his first 15 months in Washington. The truth is that Scott Pruitt has done a lot less to dismantle the EPA than he—or his critics—would have you believe.

It’s not for lack of trying. Pruitt has taken aim at just about every major Obama-era EPA rule, which has made him a pariah on the left, a hero on the right and the bureaucratic face of Trump’s vocal advocacy for fossil-fuel interests and other industrial polluters. But so far he’s only managed to delay a few rules that hadn’t yet taken effect. His supporters, critics and boss have all promoted the perception that he’s repealed Obama’s environmental legacy and shredded America’s environmental rulebook—and no one has promoted that perception more energetically than Pruitt, who frequently sued Obama’s EPA when he was Oklahoma’s attorney general. Nevertheless, that perception is wrong.


Interesting. Perception counts for so much in media.
link to this extract

Customer satisfaction at the push of a button • The New Yorker

David Owen with a fascinating look at a super-simple system developed by a Finnish company for monitoring customer satisfaction:


A single HappyOrNot terminal can register thousands of impressions in a day, from people who buy and people who don’t. The terminals are self-explanatory, and customers can use them without breaking stride. In the jargon of tech, giving feedback through HappyOrNot is “frictionless.” And, although the responses are anonymous, they are time-stamped. One client discovered that customer satisfaction in a particular store plummeted at ten o’clock every morning. Video from a closed-circuit security camera revealed that the drop was caused by an employee who began work at that hour and took a long time to get going. She was retrained, and the frowns went away.

Last year, a Swedish sofa retailer hired HappyOrNot to help it understand a sales problem in its stores. Revenues were high during the late afternoon and evening but low during the morning and early afternoon, and the retailer’s executives hadn’t been able to figure out what their daytime employees were doing wrong. The data from HappyOrNot’s terminals surprised them: customers felt the most satisfied during the hours when sales were low, and the least satisfied during the hours when sales were high. The executives realized that, for years, they’d looked at the problem the wrong way. Because late-day revenues had always been relatively high, the executives hadn’t considered the possibility that they should have been even higher. The company added more salespeople in the afternoon and evening, and earnings improved.

HappyOrNot was founded just eight years ago, but its terminals have already been installed in more than a hundred countries and have registered more than six hundred million responses—more than the number of online customer ratings ever posted on Amazon, Yelp, or TripAdvisor. HappyOrNot is profitable, and its revenues have doubled each year for the past several years; its clients have a habit of inquiring whether, by chance, the company is for sale—significant accomplishments for a still tiny enterprise whose leaders say that their ultimate goal is to change not just the way people think about customer satisfaction but also the way they think about happiness itself.


They got their big break at Heathrow in 2012 ahead of the Olympics.
link to this extract

Hey, Alexa, what can you hear? And what will you do with it? • The New York Times

Sapna Maheshwari:


Amazon and Google, the leading sellers of such devices, say the assistants record and process audio only after users trigger them by pushing a button or uttering a phrase like “Hey, Alexa” or “O.K., Google.” But each company has filed patent applications, many of them still under consideration, that outline an array of possibilities for how devices like these could monitor more of what users say and do. That information could then be used to identify a person’s desires or interests, which could be mined for ads and product recommendations.

In one set of patent applications, Amazon describes how a “voice sniffer algorithm” could be used on an array of devices, like tablets and e-book readers, to analyze audio almost in real time when it hears words like “love,” bought” or “dislike.” A diagram included with the application illustrated how a phone call between two friends could result in one receiving an offer for the San Diego Zoo and the other seeing an ad for a Wine of the Month Club membership.

Some patent applications from Google, which also owns the smart home product maker Nest Labs, describe how audio and visual signals could be used in the context of elaborate smart home setups… Google said it did not “use raw audio to extrapolate moods, medical conditions or demographic information.” The company added, “All devices that come with the Google Assistant, including Google Home, are designed with user privacy in mind.”

…Jamie Court, the president of Consumer Watchdog, a nonprofit advocacy group in Santa Monica, Calif., which published a study of some of the patent applications in December, said, “When you read parts of the applications, it’s really clear that this is spyware and a surveillance system meant to serve you up to advertisers.”


And now here’s something from Dave Farber’s IP list related to this, by an ex-Googler:


I know from working at Google that at least back in 2008 some of the advertising folks were trying to figure out if they put a microphone in a store and pick up the same voice print of someone who had asked for directions to that store using the Goog-411 service. The goal being to create the equivalent of a ‘click’ in the online world that they could bill the company for sending that customer their way. I worked for about a month using some 20% time to sketch out what would have to be true for something like that to work, for example a microphone near the entrance to the store and a greater who would say hello to people, encouraging them to say hello back so that a voice sample could be collected.

That project didn’t really go anywhere as far as I could tell, Google was still leery about building hardware that had to live outside of data centers.


But that was 2008. Who knows where we are now. Still feeling good about your smart speaker? Want Facebook’s one?
link to this extract

Europe’s tough new data-protection law: the joys of data hygiene • The Economist

The EU’s GDPR, for data protection, comes into force across the EU on May 25th:


there are many complaints from companies about the law’s complexities and the bureaucratic burden it will impose. Critics also argue that the GDPR will stymie innovation in Europe: for instance, by making it more difficult for firms to develop artificial-intelligence services, for which data are the main input. When firms launch a new offering, they may have to ask people again whether they can use their information even if they have already stored it (although the GDPR allows for use of data for scientific and statistical purposes without further consent in some cases).

Yet amid the gripes, there are also positive noises. “The text is actually quite easy to read and it makes organisations like ours aware of the data they hold,” says Mr Cecconi of Datakind. “It has helped us to put our data house in order,” agrees Daniel Ross, a lawyer at Allscripts, an American firm that helps hospitals and doctors manage electronic health records. The unexpected welcome stems from the fact that the GDPR is “two-faced”, in the words of Viktor Mayer-Schönberger of Oxford University. It imposes costs but also structure.

The new law was mostly written by privacy-conscious Germans. Consent to collect and process personal data now has to be “unambiguous” and for “specific” purposes, meaning that catch-all clauses hidden in seldom-read terms and conditions, such as “your data will be used to improve our services”, will no longer be sufficient. “Data subjects” can demand a copy of the data held on them (“data portability”), ask for information to be corrected (“right to rectification”), and also request it to be deleted (“right to be forgotten”).

The GDPR is prescriptive about what organisations have to do to comply. They have to appoint a “data-protection officer” (DPO), an ombudsman who reports directly to top management and cannot be penalised for doing his job. They also have to draw up detailed “data-protection impact assessments”, describing how personal data are processed. And they have to put well-defined processes in place to govern the protection of personal data and to notify authorities within 72 hours if there is a breach. Companies that persistently ignore these rules face stiff fines of up to €20m ($25m) or 4% of global annual sales, whichever is greater.


An Economist leader argues that the US should adopt at least a version of GDPR before people completely lose trust in US companies’ treatment of their data among the abuses and hacks going on.
link to this extract

Why Mark Zuckerberg’s 14-year apology tour hasn’t fixed Facebook • WIRED

Zeynep Tufekci:


I don’t doubt that the company has, on occasion, held itself back from bad behavior. That doesn’t make Facebook that exceptional, nor does it excuse its existing choices, nor does it alter the fact that its business model is fundamentally driving its actions.

At a minimum, Facebook has long needed an ombudsman’s office with real teeth and power: an institution within the company that can act as a check on its worst impulses and to protect its users. And it needs a lot more employees whose task is to keep the platform healthier. But what would truly be disruptive and innovative would be for Facebook to alter its business model. Such a change could come from within, or it could be driven by regulations on data retention and opaque, surveillance-based targeting—regulations that would make such practices less profitable or even forbidden.

Facebook will respond to the latest crisis by keeping more of its data within its own walls (of course, that fits well with the business of charging third parties for access to users based on extensive profiling with data held by Facebook, so this is no sacrifice). Sure, it’s good that Facebook is now promising not to leak user data to unscrupulous third parties; but it should finally allow truly independent researchers better (and secure, not reckless) access to the company’s data in order to investigate the true effects of the platform. Thus far, Facebook has not cooperated with independent researchers who want to study it. Such investigation would be essential to informing the kind of political discussion we need to have about the trade-offs inherent in how Facebook, and indeed all of social media, operate.

Even without that independent investigation, one thing is clear: Facebook’s sole sovereign is neither equipped to, nor should he be in a position to, make all these decisions by himself, and Facebook’s long reign of unaccountability should end.


And that really is the key point. You’re all serfs in Zuckerberg’s kingdom, whose every keystroke – and even deletion – is noted.
link to this extract

I miss Windows Phone • The Verge

Tom Warren revived a Windows Phone he had for an April Fool’s joke, and then realised he quite like what he had given up in 2014:


Live Tiles were one of Windows Phone’s most unique features. They enabled apps to show information on the home screen, similar to the widgets found on Android and iOS. You could almost pin anything useful to the home screen, and Live Tiles animated beautifully to flip over and provide tiny nuggets of information that made your phone feel far more personal and alive. I’m hopeful that Apple will eventually take the Live Tiles concept, or even one that was designed for iOS 8, and bring it to the iPhone. Widgets just aren’t enough. Rumors suggest Apple is planning to refresh the iOS home screen soon, so there’s hope that iOS might move away from its static and dull home screen.

Outside of the design features, there was plenty more that showed how Microsoft was truly innovative with Windows Phone. The software keyboard is still far better than the defaults on iOS and Android, and Microsoft even added a tracing option that let you swipe to write words like many Android keyboards do now. The Windows Phone keyboard always felt accurate, at a time when Apple was struggling with its iOS autocorrect.


Trouble is that Windows Phone’s principal role was to provide a triangulation against iOS and Android: it wasn’t either of them and it did things neither of them did. It was also the most colossal money pit, which burnt through Nokia’s mobile division (cost: $1.3bn in losses) and then Microsoft (way past $5bn, probably much more, in losses and writeoffs).

See also ex-Microsoftie Charlie Kindel’s writeup in 2011 of why it wasn’t going to work. (Kindel, who has long since moved to Amazon, said on Twitter this weekend that he stands by his analysis.)
link to this extract

The germs that love diet soda • NY Times

Moises Velasquez-Manoff:


By one estimate, deaths linked to [the bacterium Clostridium difficile, aka C. diff] increased fivefold between 1999 and 2007.

One reason the bug has become more virulent is that it has evolved antibiotic resistance and is not as easily treatable. But some years ago, Robert Britton, a microbiologist at Baylor College of Medicine, discovered something else about C. diff: more virulent strains were outcompeting less virulent strains in the gut.

Dr. Britton and his colleagues wanted to know what gave these strains their edge, so they combed through over 200 sugars and amino acids present in the gut to see if these microbes better utilized some food source compared with others. The results of their investigation, recently published in the journal Nature, suggest a deceptively banal adaptation: two of the most problematic C. diff strains have a unique ability to utilize a sugar called trehalose.

Trehalose occurs naturally in mushrooms, yeasts and shellfish, among other things. It has historically been expensive to use, but in the late 1990s a new manufacturing process made the sugar cheap. That was good news for companies that manufactured prepackaged foods, because trehalose works great for stabilizing processed foods, keeping them moist on the shelf and improving texture. Since about 2001, we’ve added loads of it to everything from cookies to ground beef.

What Dr. Britton and his colleagues contend is that, in doing so, we’ve inadvertently cultivated the most toxic C. diff strains, driving what has become a scourge of hospitals.

As evidence, he points to the timing of recent C. diff epidemics. The virulent strains existed before 2000, but they didn’t cause as many outbreaks. Only after large quantities of trehalose entered the food supply did they become this deadly.


To the European palate, American processed food tends to taste unbearable sweet. There’s so much added sweetener. Which turns out to have knock-on effects.
link to this extract

Is it a bird? Is it a plane? No, it’s a terrible breach of drone buyers’ data • The Register

Gareth Corfield:


A popular drone dealership website left its entire transaction database exposed online with no encryption at all, revealing a host of purchases by thousands of police, military, government and private customers.

The site was left wide open by its operators, who failed to protect critical parts of its web infrastructure from curious people, as spotted by Alan at, who told The Register.

We discovered more than 10,000 online purchase receipts had been saved to its web servers without any encryption or even password protection whatsoever – and the sensitive customer details in those receipts were exceptionally easy to access. Even your grandparents could have found it using Internet Explorer.

Details available for world+dog to browse through included names, addresses, phone numbers, email addresses, IP addresses, devices used to connect to the site, details of ordered items, the card issuer (e.g. Visa) and the last 4 digits of credit cards used to pay for goods…

…orders seen by The Reg include ones placed by: staff from privatised defence research firm Qinetiq; the UK’s Defence Science and Technology Laboratory’s radar R&D base at Portsdown Hill; the Brit Army’s Infantry Trials and Development Unit; UK police forces up and down the country; local councils; governmental agencies; and thousands more orders placed by private individuals.

Many were for cameras and other optical gear as well as drones, reflecting the network of branded e-commerce sites that Drones For Less forms a part of.


Amazing that one could run an e-commerce site and have such poor security. The details would allow any half-competent fraudster to have a go at phishing, or properly defrauding, anyone who’d bought this stuff. (Might be risky, of course, given the buyers..)
link to this extract

Russia moves to block Telegram after encryption key denial • ZDNet

Zack Whittaker:


Russia’s media and internet regulator has asked a court to block the encrypted messaging app Telegram after the company refused to give its encryption keys to state authorities.

The regulator, known as Roskomnadzor, filed the suit Friday in a Moscow district court.

The lawsuit, which has yet to be published, contains a “request to restrict access to the territory of Russia to the information resources” of the app, said a statement.

In other words, the government wants to block the app from working in the country.

The lawsuit lands after the Russian state security service, the FSB (formerly known as the KGB), demanded that the Dubai-based app maker hand over its encryption keys, which Russia contends is a legal demand. Russian entrepreneur and company founder Pavel Durov refused, and the Russian government took Telegram to court.

Russia’s Supreme Court upheld the demand in late March.

Telegram was ordered to hand over the keys by Wednesday, but refused. Roskomnadzor must now sue the company to obtain the authority to block the service.

Durov said that any threats to block Telegram in the country “won’t bear fruit,” but did not outright say if he or the company would hand over the keys.


Continuing the court case. I take it that Russia would block Telegram by blackholing the Telegram servers (because it’s a “cloud-based messenger with seamless sync”). What if someone uses a VPN to access it, though? Now you have to block VPNs as well.
link to this extract

Errata, corrigenda and ai no corrida: none notified

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.