Start Up: ticketing by face?, stop that PGP email, the man whose blood saved millions of babies, MFPs: the last word, and more

ZTE: the new phoenix? Photo by Bycroft Boy on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 9 links for you. One hand washes the other. I’m @charlesarthur on Twitter. Observations and links welcome.

Trump’s ZTE reversal flouts warnings from top national security officials • The Washington Post

Derek Hawkins:


The head of the FBI and other intelligence chiefs in congressional testimony this year urged American citizens to steer clear of products from ZTE and its Chinese rival Huawei. And just two weeks ago, the Pentagon banned the companies’ phones from being sold on military bases, saying they “may pose an unacceptable risk to Department’s personnel, information and mission.”

As my colleagues Tony Romm, Damian Paletta and Steven Mufson report, the Commerce Department last month said it would bar U.S. firms for seven years from exporting critical microchips and other parts to ZTE, as punishment for violating a sanctions settlement over illegal shipments to Iran and North Korea. On Wednesday, ZTE said it would shut down its global business but was “actively communicating with the relevant U.S. government departments in order to facilitate the [order’s] modification or reversal.”

Trump appeared receptive to the idea, sending shockwaves through the national security establishment by tweeting Sunday that he and Chinese President Xi Jinping were working to give ZTE “a way back into business, fast”.

“It’s striking that he is overruling the judgment of his own national security apparatus in order to help a Chinese company succeed,” Abraham Denmark, director of the Asia Program at the Woodrow Wilson International Center for Scholars, told me. “There’s often tension between economic issues and national security issues, and this tweet seems to suggest in this case the economic issues won out.”

Adam Segal, director of the Digital and Cyberspace Policy Program at the Council on Foreign Relations, called Trump’s instruction to his Commerce Department to assist ZTE “highly unusual, given the intelligence community has given several unambiguous warnings about using ZTE and Huawei products.”


Everyone is puzzled as hell about this. ZTE was caught bang to rights evading a US ban on selling telecoms equipment to Iran – even after it was warned not to. Iran is a country that Trump, apparently, doesn’t like anyone doing business with, so the Iran nuclear deal got ripped up. ZTE relies on US suppliers, but they were banned from selling to ZTE.

So why help ZTE? One suggestion: China has made that conditional if Trump wants its help in the North Korea talks. Another suggestion: a Chinese state-owned construction firm has put up to $500m into an Indonesian project with Trump-brand buildings. When the White House (deputy) spokesman was asked if the latter didn’t violate the US’s emoluments (foreign bribes) rules, he said you’d have to ask the Trump Organisation.

So the rules just don’t apply any more. Want to trade with Iran? Depends what your country has over Trump. (Thanks Mark C for the Indonesia link.)
link to this extract

Ticketmaster could replace tickets with facial recognition – The Verge

Jacob Kastrenakes:


“We will continue investing in new technologies to further differentiate Ticketmaster from others in the ticketing business,” Live Nation wrote in a note to investors last week. It added that Blink’s technology could let you “ associate your digital ticket with your image, then just walk into the show.”

While that sounds convenient, it also means that concert venues would have to be outfitted with surveillance equipment. And on perhaps an even worse note, it means that Ticketmaster — a company everyone hates more with each new convenience fee tacked onto their bill — would need to develop a database of all its concertgoers’ faces, which a lot of people aren’t going to be comfortable with.

For now, there don’t appear to be actual plans to put this tech into place. It’s not even clear that Blink’s tech works as effectively as the company describes. But it’s clearly something Ticketmaster is thinking about.


Oh, by the way, sure to include an extra booking fee.
link to this extract

Blood, sweat and tears in biotech — the Theranos story • Nature

Eric Topol reviews John Carreyrou’s new book (“Bad Blood: Secrets and Lies in a Silicon Valley Startup”) on you-know-who:


I met Holmes twice and conducted a video interview with her in 2013, for the medical-information website Medscape. At the time, I gave a fingerstick nanotainer blood sample and within 30 minutes received my results for many routine tests — allegedly showing, for instance, normal glucose and lipid levels in accordance with previous testing. Little did I know that they were run on a standard Siemens machine (I was not allowed to see the lab area) in the back room of Theranos, and had nothing to do with the miniLab. Like so many others, I had confirmation bias, wanting this young, ambitious woman with a great idea to succeed. The following year, in an interview with The New Yorker, I expressed my deep concern about the lack of any Theranos transparency or peer-reviewed research.

Near the end of Bad Blood, Carreyrou describes how, in 2015, litigator David Boies — then Theranos’s legal counsel — attempted to prevent The Wall Street Journal from publishing Carreyrou’s reportage. For instance, Boies accused the paper of publishing Theranos trade secrets and making false and defamatory statements. Despite the $125 million invested in Theranos by Murdoch, the newspaper’s owner, the pieces were published. We also learn about Carreyrou’s tipster, a pathologist and blogger, along with so many employees who were rightfully afraid of hurting patients with fraudulent lab results. The combination of these brave whistle-blowers, and a tenacious journalist who interviewed 150 people (including 60 former employees) makes for a veritable page-turner.


Though as he points out, there’s little reflection about how willing people were to put money into something with no independent validation or scientific enquiry.
link to this extract

How a smartwatch literally saved this man’s life and why he wants more people to wear one • South China Morning Post

Cathy Hilborn Feng:


Gaston D’Aquino did not wait for the priest’s final blessing before he left Easter Sunday mass in Hong Kong on April 1. He went directly to Adventist Hospital to learn why the alarm on his Apple Watch had gone off during the service, alerting him to a spike in his heart rate.

“I had read about these cases before, so I knew it was something that was serious,” the semi-retired diamond trader says, adding he skipped family Easter lunch because “I thought that going to the hospital was that important. It was a strong signal, not ambiguous. It said I had an elevated heart rate.” That decision probably saved his life.

“I told the doctor I don’t know why I’m here, but my watch tells me I have an elevated heart rate. He says, ‘Are you feeling anything?’ I said no, I feel fine, I’m feeling all right, nothing’s wrong.”

Hooked up to an electrocardiograph machine – which records the heart’s electrical activity – he learned something was wrong. He was immediately referred to cardiologists.

“I told them about the Apple Watch giving me this reading, and they told me that the watch gives pretty accurate readings,” says D’Aquino. After batteries of tests over the next three days, “they told me that out of the three main coronary arteries, two were completely blocked, and one was 90% blocked.”


Plenty of these examples, but they’re never boring. (Also: heart trouble doesn’t look like the movies. I feel some sort of trend here.)
link to this extract

He donated blood every week for 60 years and saved the lives of 2.4 million babies • CNN

Doug Criss:


Harrison’s remarkable gift of giving started when he had major chest surgery when he was just 14, the Australian Red Cross Blood Service said.

Blood donations saved his life, so he pledged to become a blood donor. A few years later, doctors discovered his blood contained the antibody which could be used to create Anti-D injections, so he switched over to making blood plasma donations to help as many people as possible.

Doctors aren’t exactly sure why Harrison has this rare blood type, but they think it might be from the transfusions he received when he was 14, after his surgery. He’s one of no more than 50 people in Australia known to have the antibodies, the blood service says.

“Every bag of blood is precious, but James’ blood is particularly extraordinary. His blood is actually used to make a life-saving medication, given to moms whose blood is at risk of attacking their unborn babies. Every batch of Anti-D that has ever been made in Australia has come from James’ blood.” Falkenmire said. “And more than 17% of women in Australia are at risk, so James has helped save a lot of lives.”

Anti-D, produced with Harrison’s antibodies, prevents women with rhesus-negative blood from developing RhD antibodies during pregnancy. More than three million does of Anti-D have been issued to Australian mothers with negative blood types since 1967.

Even Harrison’s own daughter was given the Anti-D vaccine. “That resulted in my second grandson being born healthy,” Harrison said. “And that makes you feel good yourself that you saved a life there, and you saved many more and that’s great.”

The discovery of Harrison’s antibodies was an absolute game changer, Australian officials said.
“In Australia, up until about 1967, there were literally thousands of babies dying each year, doctors didn’t know why, and it was awful. Women were having numerous miscarriages and babies were being born with brain damage,” Jemma Falkenmire, of the Australian Red Cross Blood Service, told CNN in 2015.


Anti-D, or Rho(D), still has to be extracted from blood plasma; it isn’t made via genetic engineering of bacteria (as Factor 8 clotting agent is). I was ready to dispute the maths in the headline, but there have been 14.7m live births in Australia since 1958, so he’s not the only contributor, and the 2.4m figure is possible.
link to this extract

Favstar Pro is no longer for sale • Favstar

Tim Haines, owner and operator of Favstar (which shows who’s doing best on the “liked” – previously “faved” – tweets):


At Favstar’s peak it was serving over 50 million visits a month. Not bad for a site operated from a single web-server by a single person.

During December 2017 Twitter stated that on June 19th 2018 they will be shutting down the method that Favstar and other third-party Twitter apps use to receive your Tweets, Likes, and Retweets. You can read more about this on Apps of a Feather.

Twitter wrote that they’ll be replacing this with another method of data access, but have not been forthcoming with the details or pricing. Favstar can’t continue to operate in this environment of uncertainty.

Favstar will go offline on June 19th 2018.

Favstar Pro is no longer for sale. Anyone who has a Favstar Pro Membership beyond June 19th will receive a refund.


More collateral damage from this change of Twitter’s, about which third-party developers still seem to be in the dark.

link to this extract

If you use PGP, you should probably stop • NY Mag

Brian Feldman:


If you use PGP encryption to protect your email, you might want to disable it for the time being. A team of European researchers have discovered vulnerabilities — they’re calling them “EFAIL” — which “might reveal the plaintext of encrypted emails, including encrypted emails sent in the past.” In the meantime, the researchers and the Electronic Frontier Foundation are recommending that users disable PGP plug-ins for popular email clients like Thunderbird and Apple Mail.

PGP (Pretty Good Privacy) is a popular encryption scheme in which a sender encrypts an email with the recipient’s public key, and the recipient decrypts it with their private key. Email client plug-ins can make this decryption process automatic, and an attacker can exploit that in concert with the way in which emails are rendered using HTML (similar to a web page).


The advice of “just stop using PGP for email” is good enough. Doesn’t matter whether there’s a problem with it. Layering encryption on top of email is like giving a lawnmower a fridge – especially when these days there are so many other end-to-end encrypted communications systems. Email isn’t encrypted, and just isn’t going that way. Or, as Wendy Grossman put it in 2011:


There are so many details you can get wrong to mess the whole thing up that if this stuff were a form of contraception, desperate parents would be giving babies away on street corners.


link to this extract

The nine minutes that almost changed America • Buzzfeed

Kate Nocera and Lissandra Villa:


At around 7:06 a.m., a man in a blue T-shirt approached the field and fired 62 7.62x39mm rounds through a lawfully purchased Century International Arms SKS-style semiautomatic assault rifle. The shooting was, Alexandria’s elected prosecutor concluded, “an act of terrorism” that was “fueled by rage against Republican legislators.” The day was one in a continuum of violent, surreal days over the past year, from mass shootings to Charlottesville.

You may love them, or you may disagree with almost everything they stand for, but that morning, the roughly two dozen people on that field just tried to stay alive. Those nine minutes were a near miss of modern American history, between the dark aftermath of a deadly, mass political assassination and our own reality, in which most people don’t think very often about June 14, 2017, the difference between everything changing and almost nothing changing at all.


It’s a remarkable retelling of the attack on the US congressional baseball team practice. They were very lucky in many ways, notably that there was a senior member there who had a security detail – who then engaged the shooter.

It’s notable for its detail about the physical and medical effects of being shot (it’s not like in the films), and the confusion of trying to work out where a shooter is. Also for this:


Some of the players don’t want to talk about the man who opened fire on them, or even think he should be discussed. None say the shooting changed what they thought about gun control, except that if Washington had different gun laws and they could carry weapons, maybe some of them would have had guns in their cars.

But many lawmakers are mad, or frustrated, or saddened, at how quickly the story disappeared from the headlines given that the shooter, James T. Hodgkinson, targeted Republicans. The FBI concluded the shooting wasn’t politically motivated — suicide by cop, they told members after an investigation.


So they’re angry not about his ability to get a gun and almost kill them, but because they didn’t stay in the headlines for longer? Talk about taking home the wrong lesson.
link to this extract

Digital copiers, faxes and MFP’s and their hard drives • Adventures in systems land

Mark Cathcart with the last word (for now) on these devices and their hard drives:


Copiers that are lightly used often have a lifecycle of 10-15 years. If you buy rather than lease, it’s quite possible you still have one that doesn’t include encryption of the internal hard drive. Even with a encrypted drive, there is still potential to hack the device software and retrieve the key, although pretty difficult.

The surprise thing is that many modern Multi-function Printers (MFP) also have local storage. While in modern models it is not an actual hard drive, it is likely to be some form of onboard flash memory ala cell phone memory, either part of the system board or via an embedded SD card. It’s worth remembering that these machines are Fax, copier, printers, and scanners all in one machine.

The US Federal Trade Commision has a web page that covers all the basics, in plain language.

Whatever the device, it is still incumbent on the owner to ensure it is wiped before returning it, selling it, or scrapping it. PASS IT ON!

For those interested in how you can get data from a copier/MFP type device, Marshall University Forensic Science team has a paper, here.


As they used to say in newspaper letters columns, this correspondence is now closed.
link to this extract

Errata, corrigenda and ai no corrida: none notified

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.