Start Up: what Apple knows about you, Sonos’s patent play, Iran hackers get played, Trump’s second ZTE U-turn, and more

Hokkaido, by night: the number of lights is correlated with GDP. Photo by Stuart Rankin on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 9 links for you. Nearly Friday! I’m @charlesarthur on Twitter. Observations and links welcome.

I asked Apple for all my data. Here’s what was sent back • ZDNet

Zack Whittaker:


What’s interesting about the data is what Apple has – and what it doesn’t.

The zip file contained mostly Excel spreadsheets, packed with information that Apple stores about me. None of the files contained content information – like text messages and photos – but they do contain metadata, like when and who I messaged or called on FaceTime.

Apple says that any data information it collects on you is yours to have if you want it, but as of yet, it doesn’t turn over your content which is largely stored on your slew of Apple devices. That’s set to change later this year when the tech giant will allow customers to download their data archives, largely to comply with new European data protection and privacy rules. And, of the data it collects to power Siri, Maps, and News, it does so anonymously – Apple can’t attribute that data to the device owner.

My entire set of data can be perused in less than an hour – at most.

One spreadsheet – handily – contained explanations for all the data fields, which we’ve uploaded here. Not all the spreadsheets contained information referencing these fields, but it shows you what kind of data Apple can collect on you…

…As insightful as it was, Apple’s treasure trove of my personal data is a drop in the ocean to what social networks or search giants have on me, because Apple is primarily a hardware maker and not ad-driven, like Facebook and Google, which use your data to pitch you ads.


In short, it doesn’t tell very much about you. (Side note: the comments. 🙄)
link to this extract

How Sonos played patent hardball to strike Google deal • The Information

Aaron Tilley starts out by explaining how Sonos waved a patent on tuning speakers to rooms to get Google to put Assistant on Sonos products, but this is where it gets more interesting:


Sonos was founded in 2002. Despite being located far from Silicon Valley in Santa Barbara, it managed to become an influential player in the tech industry and has grown to $1bn in revenue in 2017.

Along the way, it built up a portfolio of roughly 1,300 patents and pending applications, around features like how music can be streamed to speakers from phones or servers in the cloud, how antennas are laid out on a device or how the speaker can automatically be tuned. Starting in 2016, Sonos has also begun filing more patents around how voice assistants work with its speaker system, said Mr. Triplett.

Sonos’ patents are ranked number two in the electronics industry, behind only Apple, according to Patent Power ranking in IEEE Spectrum, an engineering magazine. The ranking takes into account not the number of patents, but how often they are cited in other company patents and how influential they are.

“Sonos’ patents are highly cited by other companies,” including the likes of Google, Apple and Bose, said Patrick Thomas, co-founder of 1790 Analytics, the intellectual property firm that conducts the Patent Power ranking every year. “It suggests that these companies are looking at Sonos’ technology and saying this is state of the art and how can we improve it.”

Sonos’ most influential patent was filed in 2004 and describes a method for controlling its sound system across multiple speakers. New speaker systems from Apple and Google include a similar feature.

“This is the key patent in their portfolio,” said Mr. Thomas. “It underpins their technology.”

…Sonos appears to have considered, and then mostly abandoned, trying to make money by licensing. Last year, it hired its first chief licensing officer with Tanya Moore, a veteran patent lawyer used to working out massive patent licensing deals at Microsoft and IBM.

Licensing its patents could generate royalty revenue, but would open up competition for Sonos, making it a short-term approach. Sonos appears to have realized that. Ms. Moore left Sonos earlier this year and the company said it doesn’t plan to hire a replacement.


That point about licensing being a problem is worth noting.
link to this extract

Vigilante hacks government-linked cyberespionage group • Motherboard

Joseph Cox:


Somewhere, government-linked hackers might be panicking. A digital vigilante has struck back against what researchers believe is a cyberespionage group connected to a nation state. The hacker has allegedly stolen, rather ironically, a cache of data that the government-linked hackers lifted from their own victims across the Middle East.

The news provides a rare instance of someone targeting a so-called advanced persistent threat, or APT, as well as an opportunity for a behind-the-scenes look at a government hacking campaign.

“10 minutes of effort; intel on Iranian APTs,” the anonymous hacker told Motherboard in an online chat, saying which nation they believe may be linked to the hacking group. Some cybersecurity experts tentatively agreed. But Kaspersky, which originally reported on the hacking group it dubbed “ZooPark” earlier this month, told Motherboard it could not currently link the outfit to a known actor.

The stolen data the hacker provided to Motherboard though is noteworthy. It includes text messages, emails, and GPS locations seemingly swept up by ZooPark’s tools; audio recordings apparently captured by the malware of people speaking; and the hacker said they found another related server hosted in Tehran, Iran during their spree.


An Android hacking campaign which had victims in Egypt, Jordan, Morocco, Lebanon and Iran. Feels like an Iranian nation-state group.
link to this extract

Trump links ZTE rescue to larger trade talks with China, contradicting top aides • The Washington Post

Damian Paletta:


President Trump on Wednesday said for the first time that he would allow a rescue of embattled Chinese telecommunications company ZTE only if China agrees to a range of trade concessions, contradicting several of his top advisers who had said that the firm would be dealt with separately.

Trump’s comments, made in morning Twitter posts, mark the most direct linkage he has made between helping ZTE and extracting concessions from Chinese leaders on trade.

But the Twitter posts also included statements that appear at odds with what he or his aides had asserted in recent days about ZTE and the status of trade talks with China.

The biggest discrepancy came over whether ZTE would be dealt with individually or as part of a larger trade package with China.

“Nothing has happened with ZTE except as it pertains to the larger trade deal,” Trump wrote Wednesday in posts that also criticized CNN and The Washington Post for their coverage of the issue.


Their coverage of the issue, where they’d been trying to work out what on earth his strategy was, partly based on his tweets, which seemed conciliatory. And of course from talking to his Commerce Secretary and others. The White House doesn’t know what it’s doing from room to room.
link to this extract

‘I lost it’: the boss who banned phones, and what came next • WSJ

John Simons:


Mr. Hoopes put his convictions into practice at group gatherings when he took over a team of about 25 people at the aerospace defense company three years ago. “Every time someone’s phone went off, they had to stand for the rest of the meeting,” he says. Before long, he asked the group to leave their phones at their desks when two or more people got together.

Over time, he says, he has noticed not only an improvement in the quality of conversation and ideas in meetings, but also that his people seem to show more respect and appreciation for one another’s work.

Mat Ishbia, CEO of United Wholesale Mortgage, banned technology from meetings about two years ago and recently asked that his executive team and other managers not check their phones as they walk to and from meetings.

“Don’t act like we’re too important to say hello,” he says he told them. “Make eye contact with people.”

Mr. Ishbia is now piloting another solution to phone addiction. A group of about 250 workers are part of an experiment in which they refrain from all personal phone use at their desks. If they want to use their devices they must go to a common area designated for phone use and socializing. Forty-five days into the trial run, workers are checking their phones a lot less, he said.


So we’re moving back towards the point where we use our phones sensibly.
link to this extract

If solar and wind hit 50% of generation, US wholesale energy prices could fall 25% or more • Greentech Media

Emma Foehringer Merchant:


In a world where wind and solar resources make up 40% to 50% of generation, wholesale energy prices will drop by as much as $16 per megawatt-hour, according to a study released Wednesday from a group of researchers at Lawrence Berkeley National Laboratory.

Modeling 2030 scenarios in which CAISO, NYISO, SPP and ERCOT reach combined wind and solar penetration at or above 40%, the researchers found electricity prices will fall — but price fluctuations may increase and the number of peak net-load hours will spread to a greater number of days.  

According to co-author Joachim Seel, the study offers a “holistic” analysis of price formation in a decarbonizing market. He said that data is not generally available to the public. 

Researchers hope the results, part of a three-part study stretching into the next several years, will offer policymakers, utilities and grid authorities a long-range view of how current choices could impact their future ability to cope with changes in the electric sector.


That’s quite a fall – though it would also be a dramatic rise in PV/wind generation.
link to this extract

Microsoft reportedly working on $400 Surface tablets to compete with the iPad • The Verge

Chaim Gartenberg:


Microsoft is working on a new line of budget Surface tablets to better compete with Apple’s low-cost iPad options, according to a report from Bloomberg.

According to the report, the new Surface tablets won’t just be smaller, cheaper Surface Pros. Rather, Microsoft is said to be completely redesigning the devices, with 10in screens instead of the 12in size currently found on the Surface Pro, rounded corners that more resemble an iPad than the more rectangular Surface design, and USB-C for charging. Most importantly, priced at $400, they will be more in line with Apple’s cheaper tablets, too.

Bloomberg also claims that the new models will be around 20% lighter than the current Surface Pro, although that reduced weight comes at the cost of around four hours fewer of battery life. Like the full-size Surface, the new budget Surface computer will feature Intel processors and graphics, and run the full version of Windows 10 Pro. (No word on whether or not S Mode will be enabled by default, which may make sense given the budget nature of the device.) And like the iPad, Microsoft is said to be planning on models that offer LTE connectivity.


A discussion on Twitter between Tom Warren (longtime Microsoft watcher) and Steve Sinofsky (ex-Surface creator) drew the conclusion that this is more about competing with Chromebooks than the iPad. You’re not going to get people to switch from the iPad to a Surface.
link to this extract

Satellite data strongly suggests that China, Russia and other authoritarian countries are fudging their GDP reports • The Washington Post

Christopher Ingraham:


China, Russia and other authoritarian countries inflate their official GDP figures by anywhere from 15 to 30% in a given year, according to a new analysis of a quarter-century of satellite data.

The working paper, by Luis R. Martinez of the University of Chicago, also found that authoritarian regimes are especially likely to artificially boost their gross domestic product numbers in the years before elections, and that the differences in GDP reporting between authoritarian and non-authoritarian countries can’t be explained by structural factors, such as urbanization, composition of the economy or access to electricity.

Martinez’s findings are derived from a novel data source: satellite imagery that tracks changes in the level of nighttime lighting within and between countries over time…

“The key question that the paper tries to tackle is whether the checks and balances provided by democracy are able to constrain governments’ desire to manipulate information or, more specifically, their desire to exaggerate how well the economy is doing,” Martinez said via email. “The way I try to answer the question above is by comparing GDP (a self-reported indicator, prone to manipulation) and nighttime lights (recorded by satellites from outer space and much harder to manipulate) as measures of economic activity.”

Research published in 2012 by economists from Brown University and the National Bureau of Economic Research showed how changes in nighttime lighting closely tracked with changes in economic activity. “Consumption of nearly all goods in the evening requires lights,” that paper explained. “As income rises, so does light usage per person, in both consumption activities and many investment activities.”


The paper leans a lot on others’ data, so it’s hard to see quite how reliable this is. One can think of lots of confounding factors. But it’s an interesting point.
link to this extract

UK police use of facial recognition technology a failure, says report • The Guardian

Vikram Dodd:


Some in policing see facial recognition as the next big leap in law enforcement, akin to the revolution brought about by advances in DNA analysis. Privacy campaigners see it as the next big battleground for civil liberties, as the state effectively asks for a degree of privacy to be surrendered in return for a promise of greater security.

But for now the Big Brother Watch report says the benefits are missing, because the technology does not work.

The Met used facial recognition at the 2017 Notting Hill carnival, where the system was wrong 98% of the time, falsely telling officers on 102 occasions it had spotted a suspect.

The technology failed to pick out any suspects during the Met’s trial at the previous carnival.

South Wales police have been given £2.1m by the Home Office to test the technology, but so far it gets it wrong 91% of the time. It was used at at a festival to celebrate Elvis, a Kasbian concert in Cardiff, a royal visit by Prince Harry and a Liam Gallagher concert, among other deployments.

On 31 occasions police followed up the system saying it had spotted people of concern, only to find they had in fact stopped innocent people and the identifications were false.


So how long until it is good enough, a la Facebook tagging you in photos? A few years? Many years? Never?
link to this extract

Errata, corrigenda and ai no corrida: none notified

Start Up: Facebook’s spam blast, White House zaps cyber czar, that meme explained, HTC’s blocky phone, and more

If you don’t recognise this scene, get a kid to explain it to you. Photo by BagoGames on Flickr.

A selection of 11 links for you. No, you broke up the negotiations. I’m @charlesarthur on Twitter. Observations and links welcome.

Facebook closed 583m fake accounts in first three months of 2018 | Technology | The Guardian

Alex Hern and Olivia Solon:


Facebook said the overwhelming majority of moderation action was against spam posts and fake accounts: it took action on 837m pieces of spam, and shut down a further 583m fake accounts on the site in the three months. But Facebook also moderated 2.5m pieces of hate speech, 1.9m pieces of terrorist propaganda, 3.4m pieces of graphic violence and 21m pieces of content featuring adult nudity and sexual activity.

“This is the start of the journey and not the end of the journey and we’re trying to be as open as we can,” said Richard Allan, Facebook’s vice-president of public policy for Europe, the Middle East and Africa.

The amount of content moderated by Facebook is influenced by both the company’s ability to find and act on infringing material, and the sheer quantity of items posted by users. For instance, Alex Schultz, the company’s vice-president of data analytics, said the amount of content moderated for graphic violence almost tripled quarter-on-quarter…

…Facebook also managed to increase the amount of content taken down with new AI-based tools which it used to find and moderate content without needing individual users to flag it as suspicious. Those tools worked particularly well for content such as fake accounts and spam: the company said it managed to use the tools to find 98.5% of the fake accounts it shut down, and “nearly 100%” of the spam.

Automatic flagging worked well for finding instances of nudity, since, Schultz said, it was easy for image recognition technology to know what to look for. Harder, because of the need to take contextual clues into account, was moderation for hate speech. In that category, Facebook said, “we found and flagged around 38% of the content we subsequently took action on, before users reported it to us”.


That’s pretty good work by the AI, though of course we don’t know how many fake accounts it missed.
link to this extract

Russian troll farm hijacked American teen girls’ computers for Likes • Daily Beast

Kevin Poulsen:


The Kremlin-linked Russian troll farm known as the Internet Research Agency took an ominous detour into malware distribution in the middle of the 2016 presidential campaign, targeting teenage girls in the US with a Chrome plug-in that pulled their browsers into a crude botnet, according to an analysis by The Daily Beast and outside security experts.

The app, called FaceMusic, was billed as an embedded music player that would allow users to listen to free tunes while browsing Facebook. The Internet Research Agency purchased Facebook ads promoting the app in May 2016 through one of its fraudulent profiles, “Stop All Invaders,” which normally pushed xenophobic anti-immigration memes in support of the Donald Trump campaign.

Facebook data released by Congress last week shows the FaceMusic ads garnered 24,623 impressions from 107 ads, but only 85 clicks in all. The most successful single ad run, with 28 clicks, used Facebook’s targeting system to go after female users in the United States between 14 and 17 years old. (In total, more than 13,000 machines were likely infected by the FaceMusic malware, according to a Daily Beast analysis.)

Google has since removed the malicious app from the Chrome store, and the public FaceMusic website at fbmusic[.]com is now defunct. But an examination of an archived copy of the code, coupled with an analysis of its web traffic, shows it packed hidden functionality that was active even when the victim wasn’t on Facebook.


Despite passing Google’s review before going on the Chrome Web Store, it could connect to a server and silently connect to web addresses it was told to. Considering what Chrome extensions can do, that’s unlikely to have attracted attention. But it’s a basis for clickfraud and botnets. Time to reconsider Chrome extensions, as it once was for ActiveX on IE6?

link to this extract

Qualcomm’s new smartwatch chips launch soon – what do they mean for Wear OS? • Wareable

Hugh Langley:


Wear OS is in an awkward spot. Having recently rebranded the smartwatch OS formerly known as Android Wear, Google hopes the number of iPhone users buying Wear smartwatches will continue to swell – but the bedrock on which these wearables are built is starting to fossilise.

Over the last few years Google has assembled an all-star cast of fashion and technology brands to build Wear OS smartwatches, but they’re all being held back by technology that feels antiquated – and is rapidly falling behind the competition. Qualcomm’s Snapdragon Wear 2100 system-on-chip was announced at the start of 2016 and – some software improvements aside – hasn’t been refreshed since, while the Apple Watch and even Samsung’s Tizen smartwatches have bounded ahead.

That will change when Qualcomm unveils its new silicon later this year, said Pankaj Kedia, Qualcomm’s senior director of wearables. The new platform will be announced this autumn alongside a lead smartwatch, he revealed, and by the holidays several partners will have Wear OS smartwatches with the new chipset on the market. Sadly a lot of the specifics will remain under wraps until Qualcomm is ready for a more formal announcement, but in a discussion with Wareable, Kedia and Dennis Troper, Wear OS director of product, confirmed the new platform is coming and gave us a taste of what it will look like.


This all feels to me like digital media players in the iPod age. One company made the hardware, another the software, and the content (apps, here) came from another place – though on watches, at least, there’s less demand for third-party apps. The problem with the modular (Microsoft) model, though, is that it can’t move as fast as the vertical one. In this case, the laggard element is Qualcomm, which hasn’t seen enough demand to make it worth updating those smartwatch chips. If the next lot don’t sell – as seems likely – it could be a few years before it updates them again.
link to this extract

Justice Department and FBI are investigating Cambridge Analytica • The New York Times

Matthew Rosenberg and Nicholas Confessore:


The Justice Department and the FBI are investigating Cambridge Analytica, the now-defunct political data firm, and have sought to question former employees and banks that handled its business, according to an American official and other people familiar with the inquiry.

Prosecutors have questioned potential witnesses in recent weeks, telling them that there is an open investigation into Cambridge Analytica — which worked on President Trump’s election and other Republican campaigns in 2016 — and “associated U.S. persons.” But the prosecutors provided few other details, and the inquiry appears to be in its early stages, with investigators seeking an overview of the company and its business practices.

The investigation compounds the woes of a firm that has come under intense scrutiny from lawmakers and regulators in the United States and Britain since The New York Times and Observer in London reported in March that it had harvested private data from more than 50 million Facebook profiles, and that it may have violated American election laws. This month, Cambridge Analytica announced that it would shut down and declare bankruptcy, saying that negative press and cascading federal and state investigations had driven away customers and made it impossible for the firm to remain in business.


This is what is known in British football manager lingo as “squeaky bum time”.
link to this extract

Is this a pigeon? The story behind the internet’s new favorite meme • The Guardian

Sam Wolfson:


The image comes from a scene in the show where an android is trying to convince a police detective that he is human. He’s a long way from Westworld standards of artificial intelligence, however, and keeps wrongly identifying the objects around him. He thinks roses are violets, and asks if a butterfly is a pigeon…

…Finding an image that can tell a story so perfectly isn’t easy, but “is this a pigeon?” fits the bill, which is likely why it remerged. It also helps that anyone with the most slapdash editing skills can give it a go, even me.


Thank you, Sam. (There are some great other examples in there, though sadly the four-frame biker-father-and-son one has already been forgotten.)
link to this extract

A DC think tank uses fake Twitter accounts and a shady expert to reach the NSA, FBI, and White House • Buzzfeed

Craig Silverman:


Earlier this year, leaders from the Marine Corps, the Department of Homeland Security, NASA, the NSA, the White House, and the FBI gathered at a Ritz-Carlton in Virginia to discuss the latest in cybersecurity and information warfare.

The event was organized by the Institute for Critical Infrastructure Technology, a nonprofit think tank founded just a few years ago that quickly established itself as a convener of well-attended cybersecurity events, a facilitator of Capitol Hill briefings, and the beneficiary of hundreds of thousands of dollars in sponsorships from top private sector security vendors.

The day’s closing session featured James Scott, ICTI’s senior fellow and cofounder, discussing Russian cyberinfluence operations and his new book about information warfare. What audience members from intelligence and law enforcement agencies didn’t know is that Scott and ICIT have been running their own deceptive information operation.

BuzzFeed News identified a network of at least 45 fake Twitter accounts being used to amplify ICIT content and Scott’s book, as well as a group of fake YouTube accounts that upload and like ICIT videos and frequently post adoring comments about Scott on content featuring him.

Reporting by BuzzFeed News has also established that Scott, ICIT’s top expert, previously sold spammy and fake social media engagement services, has a history of manufacturing flattering articles about himself and his ventures using dubious SEO techniques, and ran companies that are magnets for online complaints about dishonest business practices. His background in information security also primarily consists of self-published books on the topic that he only began publishing in 2013.


Scott has been emailing me (I notice) since early 2016. I haven’t actioned any of it, though the ICIT seems to generate some legitimate-looking content.

link to this extract

White House eliminates top cyber adviser post • POLITICO

Eric Geller:


The Trump administration has eliminated the White House’s top cyber policy role, jettisoning a key position created during the Obama presidency to harmonize the government’s overall approach to cybersecurity policy and digital warfare.

POLITICO first reported last week that John Bolton, President Donald Trump’s new national security adviser, was maneuvering to cut the cyber coordinator role, in a move that many experts and former government officials criticized as a major step backward for federal cybersecurity policy.

According to an email sent to National Security Council staffers Tuesday, the decision is part of an effort to “streamline authority” for the senior directors who lead most NSC teams. “The role of cyber coordinator will end,” Christine Samuelian, an aide to Bolton, wrote in the email to NSC employees, which POLITICO obtained from a former U.S. official.

The NSC’s cyber team has two senior directors, Samuelian wrote, and thus “cyber coordination is already a core capability.”

…“I don’t see how getting rid of the top cyber official in the White House does anything to make our country safer from cyber threats,” Senate Intelligence ranking member Mark Warner (D-Va.) tweeted Tuesday.


If they’re not being listened to (and can you believe they were?) it probably doesn’t make any difference if they’re there or not.
link to this extract

How Fortnite captured teens’ hearts and minds • The New Yorker

Nick Paumgarten on the huge hit, which (if you didn’t know) is like a cross between the Hunger Games and Minecraft; 100 of you start, only one can survive:


It was hard to do homework on a night like this; Gizzard Lizard returned to the game. He played on a PC he’d built at school. It didn’t have a graphics card. He’d never been a big gamer—his parents were fairly strict about screens and had never consented to an Xbox or even a Wii—though he’d played Minecraft for a while. This level of obsession was something new. He saw on his find-your-friends bar that a bunch of schoolmates were playing, so he FaceTimed one who goes by ism64. They teamed up and hit Lucky Landing. Gizzard Lizard wore an earbud under a set of earphones, so that he could talk with ism64 while listening for the sound of approaching enemies. From a distance, it appeared that he was talking to himself: “Let’s just build. Watch out, you’re gonna be trapped under my ramp. I’m hitting this John Wick. Oh my God, he just pumped me. Come revive me. Build around me and come revive me. Wait, can I have that chug jug? Thank you.”

I’d been struck, watching Gizzard Lizard’s games for a few days, by how the spirit of collaboration, amid the urgency of mission and threat, seemed to bring out something approaching gentleness. He and his friends did favors for one another, watched one another’s backs, offered encouragement. This was something that I hadn’t seen much of, say, down at the rink. One could argue that the old arcade, with the ever-present threat of bullying and harassment and the challenge of claiming dibs, exposed a kid to the world—it’s character-building!—but there was something to be said for such a refuge, even if it did involve assault rifles and grenades.

And then the John Wick was upon him. “Oh God! Oh God!” Foiled again.

A John Wick was an accomplished player who had earned a skin that bears a resemblance to the character played by Keanu Reeves in the “John Wick” movies. (Officially, the skin is called the Reaper, presumably to avoid licensing fees, but players call it John Wick.) It was available to anyone who had attained all hundred tiers of the game in Season 3—a combination of achievement and experience which would have required playing for between seventy-five and a hundred and fifty hours.


link to this extract

HTC Exodus: Blockchain powered smartphone for decentralized networks • Business Insider

Zoë Bernard:


On Tuesday, HTC unveiled the HTC Exodus — a phone that it’s describing as “the world’s first native blockchain phone.”

The HTC Exodus, will be similar to HTC’s other Android smartphones. The difference is that will be designed to support for blockchain-based distributed apps, and feature what the company describes as “built-in secure hardware.”

Details, including price, are currently scant. The big-picture idea, says HTC, is that this is a phone for the privacy-minded user. By using blockchain tech, HTC promises that the Exodus can give privacy-minded users control over their data, without having to rely on the major technology companies for cloud storage.

Furthermore, the phone will come with a built-in cryptocurrency wallet. Ultimately, HTC says that each Exodus will act as a node for the bitcoin and ethereum blockchains — so that every phone increases the overall size and scope of the network.


“The folks in marketing have had another brainwave. Yeah, I know. No, this one doesn’t involve paying huge sums to Robert Downey Jr…”
link to this extract

Wisconsin’s voter-ID law suppressed 200,000 votes in 2016; Trump won by 22,748 • The Nation

Ari Berman:


Prior to the 2016 election, Eddie Lee Holloway Jr., a 58-year-old African-American man, moved from Illinois to Wisconsin, which implemented a strict voter-ID law for the first time in 2016. He brought his expired Illinois photo ID, birth certificate, and Social Security card to get a photo ID for voting in Wisconsin, but the DMV in Milwaukee rejected his application because the name on his birth certificate read “Eddie Junior Holloway,” the result of a clerical error when it was issued. Holloway ended up making seven trips to different public agencies in two states and spent over $200 in an attempt to correct his birth certificate, but he was never able to obtain a voter ID in Wisconsin. Before the election, his lawyer for the ACLU told me Holloway was so disgusted he left Wisconsin for Illinois.

Holloway’s story was sadly familiar in 2016. According to federal court records, 300,000 registered voters, 9% of the electorate, lacked strict forms of voter ID in Wisconsin. A new study by Priorities USA, shared exclusively with The Nation, shows that strict voter-ID laws, in Wisconsin and other states, led to a significant reduction in voter turnout in 2016, with a disproportionate impact on African-American and Democratic-leaning voters. Wisconsin’s voter-ID law reduced turnout by 200,000 votes, according to the new analysis.

Donald Trump won the state by only 22,748 votes…

…It’s important to note that this study was conducted by a Democratic Party–affiliated group and has not been peer-reviewed or gone through the typical academic vetting process. While some studies have shown big reductions in turnout among minority voters because of voter-ID laws, others have not. But the Priorities USA study is consistent with a 2014 study by the Government Accountability Office, which found that strict voter-ID laws in Kansas and Tennessee reduced turnout by 2%, enough to swing a close election, with the largest drop-off among newly registered voters, young voters, and voters of color.


You won’t be surprised to hear that those disadvantaged by this tended to be African-American, and tended to be Democrat voters.

link to this extract

Twitter will start hiding tweets that “detract from the conversation” • Slate

Will Oremus:


Are you the sort of person who annoys, frustrates, and offends lots of people on Twitter—but manages to avoid technically violating any of its policies on abuse or hate speech? Then Twitter’s newest feature is for you. Or, rather, it’s for everyone else but you.

Twitter is announcing on Tuesday that it will begin hiding tweets from certain accounts in conversations and search results. To see them, you’ll have to scroll to the bottom of the conversation and click “Show more replies,” or go into your search settings and choose “See everything.” Think of them as Twitter’s equivalent of the Yelp reviews that are “not currently recommended” or the Reddit comments that have a “comment score below threshold.”

But there’s one difference: When Twitter’s software decides that a certain user is “detract[ing] from the conversation,” all of that user’s tweets will be hidden from search results and public conversations until their reputation improves. And they won’t know that they’re being muted in this way; Twitter says it’s still working on ways to notify people and help them get back into its good graces. In the meantime, their tweets will still be visible to their followers as usual and will still be able to be retweeted by others. They just won’t show up in conversational threads or search results by default.

You’ve heard of Twitter jail? Let’s call this Twitter purgatory. (Note: This is not Twitter’s preferred nomenclature, as the company’s representatives made clear to me when I suggested the term in a phone call Monday. “That kind of makes me cringe,” a spokesperson said.)


“Twitter purgatory” is a neat way to put it. The company blogpost is here; it’s the first work I know that Del Harvey has been involved in since she returned from maternity leave. And it’s good.
link to this extract

Errata, corrigenda and ai no corrida: none notified

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

Start Up: ticketing by face?, stop that PGP email, the man whose blood saved millions of babies, MFPs: the last word, and more

ZTE: the new phoenix? Photo by Bycroft Boy on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 9 links for you. One hand washes the other. I’m @charlesarthur on Twitter. Observations and links welcome.

Trump’s ZTE reversal flouts warnings from top national security officials • The Washington Post

Derek Hawkins:


The head of the FBI and other intelligence chiefs in congressional testimony this year urged American citizens to steer clear of products from ZTE and its Chinese rival Huawei. And just two weeks ago, the Pentagon banned the companies’ phones from being sold on military bases, saying they “may pose an unacceptable risk to Department’s personnel, information and mission.”

As my colleagues Tony Romm, Damian Paletta and Steven Mufson report, the Commerce Department last month said it would bar U.S. firms for seven years from exporting critical microchips and other parts to ZTE, as punishment for violating a sanctions settlement over illegal shipments to Iran and North Korea. On Wednesday, ZTE said it would shut down its global business but was “actively communicating with the relevant U.S. government departments in order to facilitate the [order’s] modification or reversal.”

Trump appeared receptive to the idea, sending shockwaves through the national security establishment by tweeting Sunday that he and Chinese President Xi Jinping were working to give ZTE “a way back into business, fast”.

“It’s striking that he is overruling the judgment of his own national security apparatus in order to help a Chinese company succeed,” Abraham Denmark, director of the Asia Program at the Woodrow Wilson International Center for Scholars, told me. “There’s often tension between economic issues and national security issues, and this tweet seems to suggest in this case the economic issues won out.”

Adam Segal, director of the Digital and Cyberspace Policy Program at the Council on Foreign Relations, called Trump’s instruction to his Commerce Department to assist ZTE “highly unusual, given the intelligence community has given several unambiguous warnings about using ZTE and Huawei products.”


Everyone is puzzled as hell about this. ZTE was caught bang to rights evading a US ban on selling telecoms equipment to Iran – even after it was warned not to. Iran is a country that Trump, apparently, doesn’t like anyone doing business with, so the Iran nuclear deal got ripped up. ZTE relies on US suppliers, but they were banned from selling to ZTE.

So why help ZTE? One suggestion: China has made that conditional if Trump wants its help in the North Korea talks. Another suggestion: a Chinese state-owned construction firm has put up to $500m into an Indonesian project with Trump-brand buildings. When the White House (deputy) spokesman was asked if the latter didn’t violate the US’s emoluments (foreign bribes) rules, he said you’d have to ask the Trump Organisation.

So the rules just don’t apply any more. Want to trade with Iran? Depends what your country has over Trump. (Thanks Mark C for the Indonesia link.)
link to this extract

Ticketmaster could replace tickets with facial recognition – The Verge

Jacob Kastrenakes:


“We will continue investing in new technologies to further differentiate Ticketmaster from others in the ticketing business,” Live Nation wrote in a note to investors last week. It added that Blink’s technology could let you “ associate your digital ticket with your image, then just walk into the show.”

While that sounds convenient, it also means that concert venues would have to be outfitted with surveillance equipment. And on perhaps an even worse note, it means that Ticketmaster — a company everyone hates more with each new convenience fee tacked onto their bill — would need to develop a database of all its concertgoers’ faces, which a lot of people aren’t going to be comfortable with.

For now, there don’t appear to be actual plans to put this tech into place. It’s not even clear that Blink’s tech works as effectively as the company describes. But it’s clearly something Ticketmaster is thinking about.


Oh, by the way, sure to include an extra booking fee.
link to this extract

Blood, sweat and tears in biotech — the Theranos story • Nature

Eric Topol reviews John Carreyrou’s new book (“Bad Blood: Secrets and Lies in a Silicon Valley Startup”) on you-know-who:


I met Holmes twice and conducted a video interview with her in 2013, for the medical-information website Medscape. At the time, I gave a fingerstick nanotainer blood sample and within 30 minutes received my results for many routine tests — allegedly showing, for instance, normal glucose and lipid levels in accordance with previous testing. Little did I know that they were run on a standard Siemens machine (I was not allowed to see the lab area) in the back room of Theranos, and had nothing to do with the miniLab. Like so many others, I had confirmation bias, wanting this young, ambitious woman with a great idea to succeed. The following year, in an interview with The New Yorker, I expressed my deep concern about the lack of any Theranos transparency or peer-reviewed research.

Near the end of Bad Blood, Carreyrou describes how, in 2015, litigator David Boies — then Theranos’s legal counsel — attempted to prevent The Wall Street Journal from publishing Carreyrou’s reportage. For instance, Boies accused the paper of publishing Theranos trade secrets and making false and defamatory statements. Despite the $125 million invested in Theranos by Murdoch, the newspaper’s owner, the pieces were published. We also learn about Carreyrou’s tipster, a pathologist and blogger, along with so many employees who were rightfully afraid of hurting patients with fraudulent lab results. The combination of these brave whistle-blowers, and a tenacious journalist who interviewed 150 people (including 60 former employees) makes for a veritable page-turner.


Though as he points out, there’s little reflection about how willing people were to put money into something with no independent validation or scientific enquiry.
link to this extract

How a smartwatch literally saved this man’s life and why he wants more people to wear one • South China Morning Post

Cathy Hilborn Feng:


Gaston D’Aquino did not wait for the priest’s final blessing before he left Easter Sunday mass in Hong Kong on April 1. He went directly to Adventist Hospital to learn why the alarm on his Apple Watch had gone off during the service, alerting him to a spike in his heart rate.

“I had read about these cases before, so I knew it was something that was serious,” the semi-retired diamond trader says, adding he skipped family Easter lunch because “I thought that going to the hospital was that important. It was a strong signal, not ambiguous. It said I had an elevated heart rate.” That decision probably saved his life.

“I told the doctor I don’t know why I’m here, but my watch tells me I have an elevated heart rate. He says, ‘Are you feeling anything?’ I said no, I feel fine, I’m feeling all right, nothing’s wrong.”

Hooked up to an electrocardiograph machine – which records the heart’s electrical activity – he learned something was wrong. He was immediately referred to cardiologists.

“I told them about the Apple Watch giving me this reading, and they told me that the watch gives pretty accurate readings,” says D’Aquino. After batteries of tests over the next three days, “they told me that out of the three main coronary arteries, two were completely blocked, and one was 90% blocked.”


Plenty of these examples, but they’re never boring. (Also: heart trouble doesn’t look like the movies. I feel some sort of trend here.)
link to this extract

He donated blood every week for 60 years and saved the lives of 2.4 million babies • CNN

Doug Criss:


Harrison’s remarkable gift of giving started when he had major chest surgery when he was just 14, the Australian Red Cross Blood Service said.

Blood donations saved his life, so he pledged to become a blood donor. A few years later, doctors discovered his blood contained the antibody which could be used to create Anti-D injections, so he switched over to making blood plasma donations to help as many people as possible.

Doctors aren’t exactly sure why Harrison has this rare blood type, but they think it might be from the transfusions he received when he was 14, after his surgery. He’s one of no more than 50 people in Australia known to have the antibodies, the blood service says.

“Every bag of blood is precious, but James’ blood is particularly extraordinary. His blood is actually used to make a life-saving medication, given to moms whose blood is at risk of attacking their unborn babies. Every batch of Anti-D that has ever been made in Australia has come from James’ blood.” Falkenmire said. “And more than 17% of women in Australia are at risk, so James has helped save a lot of lives.”

Anti-D, produced with Harrison’s antibodies, prevents women with rhesus-negative blood from developing RhD antibodies during pregnancy. More than three million does of Anti-D have been issued to Australian mothers with negative blood types since 1967.

Even Harrison’s own daughter was given the Anti-D vaccine. “That resulted in my second grandson being born healthy,” Harrison said. “And that makes you feel good yourself that you saved a life there, and you saved many more and that’s great.”

The discovery of Harrison’s antibodies was an absolute game changer, Australian officials said.
“In Australia, up until about 1967, there were literally thousands of babies dying each year, doctors didn’t know why, and it was awful. Women were having numerous miscarriages and babies were being born with brain damage,” Jemma Falkenmire, of the Australian Red Cross Blood Service, told CNN in 2015.


Anti-D, or Rho(D), still has to be extracted from blood plasma; it isn’t made via genetic engineering of bacteria (as Factor 8 clotting agent is). I was ready to dispute the maths in the headline, but there have been 14.7m live births in Australia since 1958, so he’s not the only contributor, and the 2.4m figure is possible.
link to this extract

Favstar Pro is no longer for sale • Favstar

Tim Haines, owner and operator of Favstar (which shows who’s doing best on the “liked” – previously “faved” – tweets):


At Favstar’s peak it was serving over 50 million visits a month. Not bad for a site operated from a single web-server by a single person.

During December 2017 Twitter stated that on June 19th 2018 they will be shutting down the method that Favstar and other third-party Twitter apps use to receive your Tweets, Likes, and Retweets. You can read more about this on Apps of a Feather.

Twitter wrote that they’ll be replacing this with another method of data access, but have not been forthcoming with the details or pricing. Favstar can’t continue to operate in this environment of uncertainty.

Favstar will go offline on June 19th 2018.

Favstar Pro is no longer for sale. Anyone who has a Favstar Pro Membership beyond June 19th will receive a refund.


More collateral damage from this change of Twitter’s, about which third-party developers still seem to be in the dark.

link to this extract

If you use PGP, you should probably stop • NY Mag

Brian Feldman:


If you use PGP encryption to protect your email, you might want to disable it for the time being. A team of European researchers have discovered vulnerabilities — they’re calling them “EFAIL” — which “might reveal the plaintext of encrypted emails, including encrypted emails sent in the past.” In the meantime, the researchers and the Electronic Frontier Foundation are recommending that users disable PGP plug-ins for popular email clients like Thunderbird and Apple Mail.

PGP (Pretty Good Privacy) is a popular encryption scheme in which a sender encrypts an email with the recipient’s public key, and the recipient decrypts it with their private key. Email client plug-ins can make this decryption process automatic, and an attacker can exploit that in concert with the way in which emails are rendered using HTML (similar to a web page).


The advice of “just stop using PGP for email” is good enough. Doesn’t matter whether there’s a problem with it. Layering encryption on top of email is like giving a lawnmower a fridge – especially when these days there are so many other end-to-end encrypted communications systems. Email isn’t encrypted, and just isn’t going that way. Or, as Wendy Grossman put it in 2011:


There are so many details you can get wrong to mess the whole thing up that if this stuff were a form of contraception, desperate parents would be giving babies away on street corners.


link to this extract

The nine minutes that almost changed America • Buzzfeed

Kate Nocera and Lissandra Villa:


At around 7:06 a.m., a man in a blue T-shirt approached the field and fired 62 7.62x39mm rounds through a lawfully purchased Century International Arms SKS-style semiautomatic assault rifle. The shooting was, Alexandria’s elected prosecutor concluded, “an act of terrorism” that was “fueled by rage against Republican legislators.” The day was one in a continuum of violent, surreal days over the past year, from mass shootings to Charlottesville.

You may love them, or you may disagree with almost everything they stand for, but that morning, the roughly two dozen people on that field just tried to stay alive. Those nine minutes were a near miss of modern American history, between the dark aftermath of a deadly, mass political assassination and our own reality, in which most people don’t think very often about June 14, 2017, the difference between everything changing and almost nothing changing at all.


It’s a remarkable retelling of the attack on the US congressional baseball team practice. They were very lucky in many ways, notably that there was a senior member there who had a security detail – who then engaged the shooter.

It’s notable for its detail about the physical and medical effects of being shot (it’s not like in the films), and the confusion of trying to work out where a shooter is. Also for this:


Some of the players don’t want to talk about the man who opened fire on them, or even think he should be discussed. None say the shooting changed what they thought about gun control, except that if Washington had different gun laws and they could carry weapons, maybe some of them would have had guns in their cars.

But many lawmakers are mad, or frustrated, or saddened, at how quickly the story disappeared from the headlines given that the shooter, James T. Hodgkinson, targeted Republicans. The FBI concluded the shooting wasn’t politically motivated — suicide by cop, they told members after an investigation.


So they’re angry not about his ability to get a gun and almost kill them, but because they didn’t stay in the headlines for longer? Talk about taking home the wrong lesson.
link to this extract

Digital copiers, faxes and MFP’s and their hard drives • Adventures in systems land

Mark Cathcart with the last word (for now) on these devices and their hard drives:


Copiers that are lightly used often have a lifecycle of 10-15 years. If you buy rather than lease, it’s quite possible you still have one that doesn’t include encryption of the internal hard drive. Even with a encrypted drive, there is still potential to hack the device software and retrieve the key, although pretty difficult.

The surprise thing is that many modern Multi-function Printers (MFP) also have local storage. While in modern models it is not an actual hard drive, it is likely to be some form of onboard flash memory ala cell phone memory, either part of the system board or via an embedded SD card. It’s worth remembering that these machines are Fax, copier, printers, and scanners all in one machine.

The US Federal Trade Commision has a web page that covers all the basics, in plain language.

Whatever the device, it is still incumbent on the owner to ensure it is wiped before returning it, selling it, or scrapping it. PASS IT ON!

For those interested in how you can get data from a copier/MFP type device, Marshall University Forensic Science team has a paper, here.


As they used to say in newspaper letters columns, this correspondence is now closed.
link to this extract

Errata, corrigenda and ai no corrida: none notified

Start Up: music’s “unacceptable behaviour”, Iran’s hackers are back, Skype’s update problem, and more

When you drown, it doesn’t look like what you probably think drowning looks like. Photo by Simon Huggins on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 10 links for you. Use them wisely. I’m @charlesarthur on Twitter. Observations and links welcome.

Apple Music and Pandora have pulled R. Kelly’s music from curated playlists • The Verge

Andrew Liptak:


Pitchfork reported that Apple quietly began to pull R. Kelly from some of its curated playlists prior to Spotify’s announcement in light of renewed reports about his behavior from a number of women. However, other artists, like XXXTentacion, who was also pulled from Spotify’s playlists, remains on Apple’s promoted playlists.

Similarly, Pandora has reportedly been working for “months” to update its policies on artists who have exhibited questionable behavior, according to Blast. Like Spotify, it has removed Kelly from its playlists. The service told Blast that its “policy is to not actively promote artists with certain demonstrable behavioral, ethical or criminal issues. We approach each of these scenarios on a case–by–case basis to ensure we address components true to Pandora’s principles while not overreaching and avoiding censorship.”

Spotify told The Verge earlier this week that R. Kelly’s music remains on the various services: the service just won’t promote it to users through its playlists. The same appears to be true for Apple and Pandora: the companies aren’t pulling their music from their catalogs, and are simply exercising some editorial control over who goes on the curated lists.


So this is tricky. None of these artists has actually been found guilty of anything. The services are free to do as they like with content, but if they are actually taking action over accusations of past behaviour (as is clearly the case) are they also going to pay the artist back all the money they took as their cut? After all, they clearly don’t want to benefit from “undesirable” behaviour. Doesn’t that apply to behaviour that occurred in the past too, then? (And the lack of proven built is quite apart from the question of how you’re going to set fences around “acceptable” and “questionable” behaviour in the music business.)
link to this extract

Drowning doesn’t look like drowning • Soundings Online

Mario Vittone wrote this article perhaps a decade ago; now he’s republishing it in the hope that ahead of summer, people learn its lessons. Please read the whole thing:


The new captain jumped from the deck, fully dressed, and sprinted through the water. A former lifeguard, he kept his eyes on his victim and headed straight for a couple who were swimming between their anchored sportfish and the beach. “I think he thinks you’re drowning,” the husband said to his wife. They had been splashing each other, and she had screamed, but now they were just standing neck-deep on a sandbar. “We’re fine, what is he doing?” she asked, a little annoyed. “We’re fine!” the husband yelled, waving him off, but his captain kept swimming hard toward him. “Move!” he barked as he sprinted between the stunned owners. Directly behind them, not 10 feet away, their nine-year-old daughter was drowning. Safely above the surface in the arms of the captain, she burst into tears and screamed, “Daddy!”

How did this captain know — from 50 feet away — what the father couldn’t recognize from just 10? Drowning is not the violent, splashing call for help that most people expect. The captain was trained to recognize drowning by experts and years of experience. The father, on the other hand, learned what drowning looks like by watching television.

If you spend time on or near the water (hint: that’s all of us), then you should make sure that you and your crew know what to look for when people enter the water. Until she cried a tearful, “Daddy,” the owner’s daughter hadn’t made a sound. As a former Coast Guard rescue swimmer, I wasn’t surprised at all by this story. Drowning is almost always a deceptively quiet event. The waving, splashing and yelling that dramatic conditioning (television) prepares us to look for is rarely seen in real life…

…if a crewmember falls overboard and everything looks okay, don’t be too sure. Sometimes the most common indication that someone is drowning is that they don’t look as if they’re drowning. They may just look as if they are treading water and looking up at the deck. One way to be sure? Ask them, “Are you alright?” If they can answer at all, they probably are. If they return a blank stare, you may have less than 30 seconds to get to them. And parents — children playing in the water make noise. When they get quiet, you need to get to them and find out why.


I was once walloped by three waves in the surf about 10 metres off Bondi Beach on a busy day. I couldn’t catch my breath before each one, and realised that if I didn’t get clear of the next wave, I would drown – even though there were people all around me. As he says, drowning doesn’t look like films/TV suggest. Less drama, more crisis.
link to this extract

Is ‘SimCity’ homelessness a bug or a feature? • Motherboard

Emanuel Maiberg:


SimCity players have discussed a variety of creative strategies for their virtual homelessness problem. They’ve suggested waiting for natural disasters like tornadoes to blow the vagrants away, bulldozing parks where they congregate, or creating such a woefully insufficient city infrastructure that the homeless would leave on their own.

You can read all of these proposed final solutions in Matteo Bittanti’s How to Get Rid of Homelessness, “a 600-page epic split in two volumes documenting the so-called ‘homeless scandal’ that affected 2013’s SimCity.”

“I started to find the discussion about homeless in SimCity way more interesting than SimCity itself because people were talking about the issue in a very—how can I say, not racist, not classist, but definitely peculiar way,” said Bittanti, a visiting professor at IULM University in Milan who spent seven years teaching in the Bay Area.

Bittanti collected, selected, and transcribed thousands of these messages exchanged by players on publisher Electronic Arts’ official forums, Reddit, and the largest online SimCity community Simtropolis, who experienced and then tried to “eradicate” the phenomenon of homelessness that “plagued” SimCity.

SimCity’s homeless people are represented as yellow, two-dimensional, ungendered figures with bags in tow. Their presence makes SimCity residents unhappy, and reduces land value. Like many other players, Bittanti discovered the online discussions when he was searching for a way to deal with them.


A metaphor for San Francisco. Pay more in taxes, people. It’s the price of good weather. (There’s still plenty of discussion on this.)

By the way, this article is from January 2015.
link to this extract

Without nuclear deal, US expects resurgence in Iranian cyberattacks • The New York Times


Within 24 hours of Mr. Trump announcing on Tuesday that the United States would leave the deal, researchers at CrowdStrike, the security firm, warned customers that they had seen a “notable” shift in Iranian cyberactivity. Iranian hackers were sending emails containing malware to diplomats who work in the foreign affairs offices of United States allies and employees at telecommunications companies, trying to infiltrate their computer systems.

And security researchers discovered that Iranian hackers, most likely in an intelligence-gathering effort, have been quietly examining internet addresses that belong to United States military installations in Europe over the last two months. Those researchers would not publicly discuss the activity because they were still in the process of warning the targets.

Iranian hackers have in recent years demonstrated that they have an increasingly sophisticated arsenal of digital weapons. But since the nuclear deal was signed three years ago, Iran’s Middle Eastern neighbors have usually been those hackers’ targets.

Now cybersecurity experts believe that list could quickly expand to include businesses and infrastructure in the United States. Those concerns grew more urgent on Thursday after Israeli fighter jets fired on Iranian military targets in Syria, in response to what Israel said was a rocket attack launched by Iranian forces.

“Until today, Iran was constrained,” said James A. Lewis, a former government official and cybersecurity expert at the Center for Strategic and International Studies in Washington. “They weren’t going to do anything to justify breaking the deal. With the deal’s collapse, they will inevitably ask, ‘What do we have to lose?’”

Mr. Lewis’s warnings were echoed by nearly a dozen current and former American and Israeli intelligence officials and private security contractors contacted by The New York Times this week.


Iran is a “second-tier” hacking nation: not quite at the level of the US/UK/China/Russia, but adept. (As much as anything it’s about resources.) This development is predictable enough; they want to know what the discussion is around sanctions. It’s pure intelligence. The only surprise is if they haven’t had silent malware in there to monitor it for some time, given that Trump’s intent has been clear for months.
link to this extract

Don’t Skype me: how Microsoft turned users against its beloved video-chat program • LA Times

Dina Bass and Nate Lanxon:


The company hasn’t updated the number of Skype users since 2016, when it put the total at 300 million. Some analysts suspect the numbers are flat at best, and two former employees describe a general sense of panic that they’re actually falling. The former Microsoft workers, who requested anonymity to discuss confidential statistics, say that as late as 2017 they never heard a figure higher than 300 million discussed internally.

Chief Executive Satya Nadella has repeatedly said he wants the company’s products to be widely used and loved. By turning Skype into a key part of its lucrative Office suite for corporate customers, though, Microsoft is threatening what made it appealing to regular folks in the first place. “It is like Tim Tebow trying to be a baseball player,” Malik said. “The product is so confusing, kludgey and unusable”…

…Skype has tried to be all things to all people, “and almost all those things are executed better elsewhere,” says Matthew Culnane, a user experience and content strategist at the U.K.’s Open University.

It doesn’t help that Microsoft keeps overhauling the app. A redesign last summer sent ratings plunging. In a scorching Twitter commentary, security journalist Brian Krebs said that finding basic buttons was a pain and that the recent update was “probably the worst so far.” The tweet — and retweets — got the attention of Skype’s social network team. “Brian, we’re sorry to hear this,” a representative replied. “Would love to hear more feedback and see if there’s anything we can help with.”

“There was a demographic that loved Skype for what it was; it was clean and simple,” says Carolina Milanesi, an analyst at Creative Strategies. “That’s no longer the case.” Milanesi once paid for a Skype subscription for her mother in Italy. Then her mother got an iPad, and now they talk on Apple Facetime. Millions do the same, despite the fact that Skype apps are a download away on iPhone and Android smartphones and tablets.


The redesign is really appalling. Not broken? Don’t fix. The only thing that keeps people using Skype (for podcasts and so much else) is that you can record it relatively easily: the security of apps like Signal actually works against them for things like that.
link to this extract

Apple hit with class action suit over MacBook, MacBook Pro butterfly switch keyboard failures • Apple Insider

Mikey Campbell:


Lodged in the Northern District Court of California, the complaint levels multiple claims targeting MacBook models manufactured from 2015 and MacBook Pro models produced from 2016. Both laptops feature the company’s butterfly keyboard mechanism, an ultra low-profile switch advertised as both more responsive and robust than traditional scissor-type components.

According to the filing, “thousands” of MacBook and MacBook Pro owners have experienced some type of failure with Apple’s butterfly keyboard, thus rendering the machine useless. Specifically, the suit claims the design is such that small amounts of dust or debris impede normal switch behavior, causing keystrokes to go unregistered.

In extreme cases, the key fails, forcing owners to take their laptop in for service at a Genius Bar or authorized Apple repair facility, a trip that could cost hundreds of dollars if the machine is out of warranty.

One named plaintiff, Zixuan Rao, purchased a new 15-inch MacBook Pro in January and began to experience problems with the laptop’s “B” key about a month later. After attempting to clean out the key on his own, Rao ultimately sought help from the Apple store in April. Representatives were unable to fix the issue and suggested repair under Apple’s gratis one-year warranty.

Not able to wait the one week it would take to fix the machine, and unconvinced that a repair would permanently solve the issue, Rao declined the offer and purchased an external keyboard.


As Nati Shochat said on Twitter, this was inevitable. The challenge will be to show that Apple has been negligent and to find enough people who agree, I think.
link to this extract

Cryptocurrency has been great for GPU makers—that might change soon • Ars Technica

Timothy Lee:


Cryptocurrency values have been falling in recent months, and graphics cards have been following along with it. GPUs haven’t quite returned to “normal” values last seen a year ago, but they’re a lot cheaper than they were earlier this year.

On Thursday, Nvidia said it was projecting next quarter’s cryptocurrency-specific revenue to be a third what it was in the first quarter.

AMD didn’t provide a specific projection for blockchain-related revenues in the second quarter, but a company spokesman said last month that he expected blockchain revenue to be a “mid-to-high single-digit percentage” of revenue for all of 2018—again, suggesting that the rest of the year will be significantly below the first-quarter sales.

If cryptocurrency prices continue to fall, that could have dire consequences for GPU makers. If cryptocurrency prices fall low enough, we won’t just see miners stop buying new GPUs. We could start to see them selling the graphics cards they already have on the secondary market. The resulting graphics-card glut could push graphics-card values well below MSRP, which would be great news for gamers but bad news for companies trying to sell new GPUs.

But in last month’s earnings call, AMD president Lisa Su said she wasn’t worried about this scenario. “There are multiple currencies being used,” she said. “People who are mining do go from one currency to another depending on what’s happening.”


At the time of writing, bitcoin (and so naturally the other cryptocurrencies) are having a minor crash, lying below $8500. Everything about it is unsustainable, but as they say, the market can stay irrational longer than you can stay solvent. (If, that is, you put money into it. I haven’t.)
link to this extract

What data can be recovered from a MFP (multifunction printer) hard drive? • Spiceworks

Anon user, in 2013:


My company has a Sharp 4101N MFP and it leases it and we do not plan to renew it. We were reminded by Sharp support to wipe any data from it before returning it. We do not have the “Data security kit” that Sharp offers to wipe the data. The frustrating thing is that they want to charge $500.00 for the Data Security Kit to be used or $500.00 to take the hard drive out and give it to us. I know that there are proven free utilities that can wipe a hard drive successfully such as Darik’s Boot and Nuke which is commonly used with Hiren’s disc.

Does anyone know if there is actually detailed data from scans, faxes, and print jobs that can be recovered or would it more or less just be basic print job files which I would not think would contain a whole lot?


SO ANYWAY. Last Friday’s link about MFPs (printer-copier-scanners) having hard drives which store everything turned out to be a CBS News story from 2010. My mistake for not noticing.

Except that nothing seems to have changed since then. If you want to wipe that drive, you’ll have to access the factory settings menu; you probably won’t have been warned about it. Or your company might, as above, be charged $500 for something you didn’t realise would be needed.

So, to sum up: this is still a problem, and might be an even bigger problem with GDPR.
link to this extract

Microsoft’s Joe Belfiore on the future of Windows and connecting phones to PCs • The Verge

Tom Warren interview Belfiore and Shilpa Ranganathan about Microsoft’s forthcoming “Your Phone” Windows 10 program:


While Microsoft has used Cortana for linking SMS and notifications to PCs in the past, this new app will be the primary way phones connect to Windows 10 PCs. Microsoft has shown off messages, notifications, and photo sharing at the moment, but not all of these features will necessarily work on both iOS and Android.

“We will actually have photos on iOS and notifications as well,” explains Shilpa Ranganathan. “Apple does make it a tad harder for messages, but we’re very willing to work with Apple.” A number of third-party apps use workarounds to support messages, but Microsoft’s vision is essentially to bring iMessage to Windows inside its Your Phone app. “I want to do this in a supported way with a respect for the ecosystem we’re building on and at the same time make it a delightful experience,” says Ranganathan. “Messages is one where we’re not currently where we need to be compared to Android, but we need to work with Apple.”

That work with Apple has not started, and Microsoft has not yet approached the company to see if it’s willing to work with Microsoft. It seems very unlikely that it will be able to convince Apple to partner on such a project, so Your Phone will likely ship with better features on Android. Still, Microsoft is also looking at other features for the app. “I know people have asked for calling and dialing as well, that’s something that has been on our radar as well,” reveals Ranganathan. Microsoft is also investigating clever features like providing directions based on text message information, or surfacing relevant contact information through the app. It’s still early for Your Phone, but Microsoft is clearly committed to making this a powerful part of Windows 10.


Apple’s not going to let Microsoft touch iMessage. Not while it can get platform leverage by making it available only on Macs. Of course there are more Android users on Windows than iOS users on Windows (because there are more Android users overall), so Microsoft might not lose out that heavily.
link to this extract

IBM employees banned from using all removable storage • ExtremeTech

Joel Hruska says it’s an easy edict, but it’s not real-world viable:


But — and boy is there a but, here — it’s also precisely the kind of decision that plays great in the C-suite and causes merry hell in the rank and file. There are going to be times and cases when servicing a machine or helping a customer with software deployment is going to require distributing patches via USB stick. Not every system or server is automatically configured for external internet support. Not every business makes their corporate Wi-Fi available for guests. IBM’s argument is that its employees can simply switch to using its Sync’n’Share service for such needs. To be fair to IBM, that’s probably true — to a point.

But if you’ve ever done any kind of IT work, you know that real life adores these kinds of rigid policies, precisely so it can fling you curveballs that suddenly become problems. I had to hang on to a 1.44-inch floppy drive long after they’d stopped shipping in new PCs, for example. First, Windows XP (the dominant OS of the time) didn’t support loading storage drivers off anything but a floppy, unless they were slipstreamed into the OS image on the CD. Second, BIOS updates of the day couldn’t be run off anything but floppy disks, either. This eventually improved, but it wasn’t unusual to have a BIOS flash utility that was only compatible with FAT16 or FAT32 devices, while you had an NTFS partition on the primary drive. How often did I use that floppy drive? Almost never. Most of the time, there were ways to get around driver issues. Most motherboards didn’t need a flash. But it’s the “almost” in “almost never” that made me keep the stupid thing around, long after it should’ve outlived its usefulness. Hell, I think I’ve still got one sitting in the garage.

Of course, it’s possible IBM has perfectly programmed its systems, built the perfect cloud sync system, conceived of every possible circumstance in which its employees might need to access said system, and taken every step to make certain nobody on a service call winds up not being able to access necessary files due to network permissions or firewalls.

But you know, I kind of doubt it.


He’s right; word is that IBM is already offering that there can be extenuating circumstances when USB sticks could be allowed for software updates. Which is exactly the sort of problem you’re trying to prevent, of course: Stuxnet, the worm that delayed Iran’s nuclear ambitions, was spread via USB sticks.
link to this extract

Errata, corrigenda and ai no corrida: last Friday’s link about the hard drives on multi-function printers was from 2010. See above (if you’ve skipped) for a link about what still seems to be the case.

Start Up: Facebook’s (extra) Russian ads, iOS 11.4’s Lightning stop, Klout gets clonked, and more

Digital photocopiers keep a record of what they’ve seen. Think about that. Photo by Pesky Librarians on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 8 links for you. Still, Friday! I’m @charlesarthur on Twitter. Observations and links welcome.

#BlueLivesMatter and Beyoncé: Russian Facebook ads hit hot-button US issues • The Guardian

Olivia Solon and Julia Carrie Wong:


The ads cover a range of issues, including racial injustice, gun control, LGBT rights, immigration and patriotism. Included with each ad is information about how many people saw or engaged with the ad, the price paid in rubles and the target audience.

A sample of the ads bought by the notorious Russian troll factory between 2015 and 2017 for a total of about $100,000 was previously released by Democrats on the House intelligence committee last year. Facebook provided them to the panel last year as part of an investigation into Russian meddling in the election.

The collection doesn’t include the 80,000 posts that were shared by 120 fake Russian-backed pages, shared by 29 million Americans directly and viewed by as many as 126 million Americans.

Among the cache are sponsored posts describing police brutality against black people, including the killings of the 12-year-old Tamir Rice, the Ferguson teenager Michael Brown and the unarmed motorist Walter Scott. They link to the “Black Matters” page on Facebook.

One batch of advertisements promotes “Williams and Kalvin”, a pair of black YouTube vloggers who decried racism and police brutality in their advertisements. The Daily Beast previously reported on the pair’s YouTube videos, in which they railed against Clinton and supported Trump.

The documents show that Williams and Kalvin targeted their ads specifically toward African Americans: many of the ads instruct Facebook to exclude people who are designated as showing Hispanic or Asian American “behavior” but include people whose “behavior” is designated as “African American (US)”. Facebook did not immediately respond to a request for clarification on how Facebook defines African American “behavior”.


In September I was on a radio show as all this was getting underway, and suggested there was plenty more to come out. Even with this, there’s still plenty more to come out. But it does show how easily Russia made an end run around Facebook (and America) by understanding the value and nature of propaganda.
link to this extract

Google Duplex makes your life easier by deceiving others • NYMag

Brian Feldman:


The hypothetical economic benefits of such a system are obvious and substantial. It’s also, in the classic Google mode, a huge boon to daily convenience. And boy, is it impressive technology — and worrying.

To some extent, these worries are more cultural than technical. The Duplex demos showed the system completing a task, like booking an appointment, and the dialogues stuck to discussing the program objective. How does Duplex work when the conversation goes off on a tangent, or if there’s an emotional component (let’s say your preferred stylist is out because of a family emergency)? Duplex inverts what we usually want out of our software. It is a complex system for performing dead-simple tasks. Google told the Verge that “it can only converse in ‘closed domains’ — exchanges that are functional, with strict limits on what is going to be said.” As of now, Duplex can only book hair appointments, make restaurant reservations, and ask a store’s holiday hours. At that point, you’re taking what should be a relatively simple, personable action and making it artificial and complicated. Not to be a grouch, but it’s not hard to pick up the phone and call if that’s really the only option left.

At its heart, the system that Duplex proposes is imbalanced. The system of making reservations or appointments over the phone isn’t a power struggle, but for it to work well everyone has to be coming from the same place, with the same restrictions on time and effort. The introduction of automation upsets this balance. Now it’s one person tapping a button and the other performing conversation. It’s not clear what sort of safeguards are in place to ensure that, for instance, the human answering the phone is not dealing with an overload of robocalls. After all, these places don’t have online reservations systems; how can Google know if they’re all booked up? Google told Wired that it is limiting the number of background calls users can place per day, and putting in safeguards to make sure a single user can’t spam a single number (it’s got a bit of experience identifying the habits of spammers).


I get the impression Google is listening for the reaction to Duplex to decide what it’s going to do; that’s why it isn’t giving a date for rolling it out. It might never release it, or only use it in some limited area. Some people have suggested it would be good for booking a place if you don’t talk the language (but Duplex, natch, does). Though it’s then going to be fun ordering your food there, isn’t it?
link to this extract

Digital photocopiers loaded with secrets • CBS News

Armen Keteyian:


Nearly every digital copier built since 2002 contains a hard drive – like the one on your personal computer – storing an image of every document copied, scanned, or emailed by the machine. In the process, it’s turned an office staple into a digital time-bomb packed with highly-personal or sensitive data. If you’re in the identity theft business it seems this would be a pot of gold.

“The type of information we see on these machines with the social security numbers, birth certificates, bank records, income tax forms,” John Juntunen said, “that information would be very valuable.” Juntunen’s Sacramento-based company Digital Copier Security developed software called “INFOSWEEP” that can scrub all the data on hard drives. He’s been trying to warn people about the potential risk – with no luck. “Nobody wants to step up and say, ‘we see the problem, and we need to solve it,'” Juntunen said.

This past February, CBS News went with Juntunen to a warehouse in New Jersey, one of 25 across the country, to see how hard it would be to buy a used copier loaded with documents. It turns out … it’s pretty easy. Juntunen picked four machines based on price and the number of pages printed. In less than two hours his selections were packed and loaded onto a truck. The cost? About $300 each.

Until we unpacked and plugged them in, we had no idea where the copiers came from or what we’d find. We didn’t even have to wait for the first one to warm up. One of the copiers had documents still on the copier glass, from the Buffalo, N.Y., Police Sex Crimes Division.

It took Juntunen just 30 minutes to pull the hard drives out of the copiers. Then, using a forensic software program available for free on the Internet, he ran a scan – downloading tens of thousands of documents in less than 12 hours.

The results were stunning: from the sex crimes unit there were detailed domestic violence complaints and a list of wanted sex offenders. On a second machine from the Buffalo Police Narcotics Unit we found a list of targets in a major drug raid.


Did not know there was a hard drive. How do you access it and see what’s on it? Or how do you get it to wipe?
link to this extract

iOS 11.4 to introduce USB Restricted Mode: disables Lightning port after 7 days • Pocket-lint

Max Langridge:


The Lightning connector can still be used for charging, but no data can be extracted from the iOS device. However, if the owner of the iPhone or iPad unlocks it using a passcode, the Lighting port will reactivate. The feature was first seen in the iOS 11.3 beta, but was never officially released, so there’s still a chance it won’t be ready for the full iOS 11.4 rollout.

Apple’s official notes for the feature say: “To improve security, for a locked iOS device to communicate with USB accessories you must connect an accessory via lightning connector to the device while unlocked – or enter your device passcode while connected – at least once a week.”

Elcomsoft has tested the feature, but still hasn’t figured out if the Lightning port disables only if the device isn’t unlocked with a passcode for seven days, if it isn’t unlocked at all using a passcode or biometrics, or if the device hasn’t been unlocked or connected to a trusted computer. In their testing, Elcomsoft didn’t try to unlock the iOS device at all, or connect it to a trusted computer and the port disabled.

This means that if law enforcement agencies need to obtain information from an iPhone or iPad, they will have a much smaller window of time in which to unlock it. It should also mean services such as GreyKey won’t be able to get into them either. GreyKey uses the Lightning port to install a piece of software that can figure out the passcode of an iOS device.


Strange that Elcomsoft didn’t test it further. Did they not want to know? This does seem intended to block unwanted intrusion into the device, though. For those in dictatorial regimes, that could be welcome.
link to this extract

Medium abruptly cancels the membership programs of its 21 remaining subscription publisher partners • Nieman Journalism Lab

Shan Wang:


Medium has informed publishers using its platform to offer paid memberships that it’s ending that feature. An email at the end of last month from Medium’s head of partnerships Basil Enan told publishers that the company was planning to discontinue memberships in May.

“We were among the first to sell memberships on Medium, among the few local organizations working with them,” Chris Faraone, founder of the Boston Institute for Nonprofit Journalism, told me. “We’ve had an arrangement with them for two years. I’m not saying they don’t have a right to break it. We’ve been scaling back, trying to get people to other platforms anyway. But it’d be nice to have more of a heads up.” (Faraone also works as the news and features editor of alt-weekly DigBoston.) “Our experience in dealing with a lot of these tech-oriented operations is that there’s some good reception, but in the end, it’s whatever their whim is.

“Meanwhile, we’re trying to make a living here. We’re cool with experimenting. But this is been an unbelievable blow. Could we have a better metaphor for the way Silicon Valley considers local journalism?”


So Medium has tried ad-supported, premium, non-premium.. can’t be long before it starts doing a Medium conference aiming to pay for the cost of running the site.
link to this extract

Chinese tech giant on brink of collapse in new US cold war • The New York Times

Raymond Zhong:


One of China’s most internationally successful technology suppliers, with about $17 billion in annual revenue, ZTE is facing a death sentence. The Commerce Department has blocked its access to American-made components until 2025, saying the company failed to punish employees who violated trade controls against Iran and North Korea.

American microchips power ZTE’s wireless stations. American optical components go into its optical fiber networks. Google’s Android operating system runs its smartphones. As the Trump administration threatens a trade war to stymie China’s plans for promoting advanced industries, the firm’s travails are proving an apt demonstration, for China’s leaders, of exactly why the country needs to be more self-sufficient in technology.

President Xi Jinping recently issued a rousing call to action, according to the state news agency Xinhua.

“By tightening our belts and gritting our teeth, we built ‘two bombs and one satellite,’” Mr. Xi said, referring to a Mao-era weapons development program. “This was because we made best use of the socialist system — we concentrated our efforts to get great things done. The next step is to do the same with science and technology. We must cast away false hopes and rely on ourselves.”

ZTE’s moment of crisis, if it leads to the company’s collapse, could also show how the tech cold war might ripple around the world.

The company has 75,000 employees and does business in more than 160 countries. It is the No. 4 smartphone vendor in the United States. And its telecommunications gear supports the digital backbone of a great swath of the developing world.


Watching ZTE go down is like watching the death of the Titanic. Just a little tilt, and then more and more… but China’s reaction is going to make a big difference. If China becomes self-sufficient in hardware, the balance of power will change dramatically.
link to this extract

Klout, the scoring system for social media influence, is shutting down • Business Insider

Kif LEswing:


Klout was founded in 2009 by Joe Fernandez, partially as a way to get a job at Twitter, according to Business Insider. But ranking people by importance or influence turned out to be a strong enough idea to raise four rounds of venture funding from top-tier firms totaling $40m.

Eventually, it was sold in 2014 for $200m to Lithium Technologies, which is the company that is shutting down the service later this month. Lithium is a private company that makes digital marketing tools.

Klout enabled users to share their Facebook and Twitter data, and parsed that data through a vague algorithm to give users a simple popularity metric between 10 and 100, called the “Klout score.”

Here’s a screenshot of the software, taken on Thursday:

Lithium CEO Pete Hess discussed the shutdown in an email to customers on Thursday. “The Klout acquisition provided Lithium with valuable artificial intelligence (AI) and machine learning capabilities but Klout as a standalone service is not aligned with our long-term strategy,” he wrote.

To be fair, Klout scores are probably not aligned with anyone’s long-term strategy, unless that involves becoming a huge Twitter star. Over the years, Klout scores became a punchline for techies and the Twitter-obsessed. “Klout has been one of my go-to punchlines for some time now,” TechCrunch founder Michael Arrington wrote in August 2012.


And yet it carried on independently for two more years, and for another four after that. Nine years of Klout? Though I can’t say I’ll miss it. Never used it; what’s a single number compared to the complexity of human interaction?
link to this extract

Android P’s gesture navigation is bad, Google • Android Police

David Ruddock:


The multitasking button is gone – that’s the first thing to know. The home button is now a pill, and the back button appears in apps, but not on the launcher. Swiping up on the home button opens the new multitasking interface (which I actually think looks great), and swiping up a second time opens the app drawer (this makes no sense). Or, if you’re on the homescreen, a long swipe up to the middle of the screen briefly opens the multitasking UI then flips open the app drawer. Swiping right on the home button allows you to quickly switch back to the last app you had open (functionally, this is equivalent to double-tapping recents on Oreo).

Google has taken what was a not-particularly-attractive but otherwise functional navigation model and replaced it with one that isn’t any better (arguably, it is worse). At the same time, I’d argue strongly that this new navigation bar is even uglier than the old one. It’s visually uneven with the missing multitasking key, and now the back key isn’t filled. I suspect the latter inconsistency is about highlighting that the back key is ephemeral, which I get, but it looks like something out of a bad custom ROM – not a serious smartphone OS.

We also get no extra real estate out of this deal. The navigation bar still takes up a big strip on the bottom of the screen in apps, unlike the iPhone X, which integrates the home bar seamlessly over the interface of applications (and it’s completely hidden on the homescreen). The beauty of Apple’s system is that gestures allow you to get rid of overt visual elements for extremely common actions. Pull up to go home. Hold up to multitask (or go up and left to immediately multitask). Swipe on the bar to quickly switch between apps. Swipe from the left of the screen to go back (admittedly, this isn’t true in many apps, which still use the back button in the upper left).

Reviews of the iPhone X routinely cite gesture navigation as one of the best features of the phone, and for all the problems I have with using an iPhone, the gesture navigation is easily the thing I miss most after coming back to Android.

Android P’s half-baked attempt – one foot in the world of gestures, one back in software keys – simply isn’t an acceptable compromise.


There’s some way to go before Android P is locked down, but it’s hard to know how much of this can be changed.
link to this extract

Errata, corrigenda and ai no corrida: none notified

Start Up: did Tidal inflate its numbers?, Europe’s smartphone shrinkage, the fake review economy, and more

If you’re an evolutionary scientist, you think: what if we put this into an MRI scanner and played it Bach? Photo by Nemodus photos on Flickr.

A selection of 9 links for you. Number not inflated. I’m @charlesarthur on Twitter. Observations and links welcome.

TIDAL accused of deliberately faking Kanye West and Beyoncé streaming numbers • Music Business Worldwide

Tim Ingham:


In March 2016, the firm claimed that Kanye West’s The Life Of Pablo, a six-week exclusive on its platform, had been streamed 250m times in just 10 days. At the same time, TIDAL claimed that its platform had surpassed 3m subscribers.

These numbers meant that, on average, every single TIDAL subscriber would have had to be playing the Kanye album over eight times a day.

Similar suspicions were triggered by the success of Beyonce’s record-breaking Lemonade a couple of months later.

TIDAL claimed that Lemonade was streamed 306m times on its platform in its first 15 days post-release. Stats like this led Norwegian newspaper Dagens Næringsliv to investigate in January 2017 – and uncover documents which, it said, suggested that TIDAL had been deliberately inflating its subscriber figures.

This report was lend credence by data from trusted music industry research firm Midia in the same month, which estimated that TIDAL’s subscriber base actually only included 1m people worldwide.

Now, DN has run an update – following more than a year of journalistic digging. And it’s an absolute jaw-dropper.

Its central accusation: ‘Beyoncé’s and Kanye West’s listener numbers on TIDAL have been manipulated to the tune of several hundred million false plays… which has generated massive royalty payouts at the expense of other artists.’

The newspaper’s investigation was ignited by its receipt of an illicit hard drive, which it says ‘contains ‘billions of rows of [internal TIDAL data]: times and song titles, user IDs and country codes’.

The veracity of the data on this hard drive has been strongly challenged by TIDAL, but according to DN, the numbers match exactly with information received by record labels during the dates in question.


Oh my. Lemonade is amazing, but you need subscribers too.
link to this extract

Smartphone shipments fall 6.3% in Europe in Q1 2018 • Canalys


Smartphone fatigue hit Europe in Q1 2018, as shipments fell 6.3% year on year, the biggest ever drop in a single quarter. Western Europe bore the brunt, down 13.9% with 30.1m units shipped. Central and Eastern Europe, though a smaller market, remained a growth region, up 12.3% at 15.9m units, driven by a buoyant Russia.

“This is a new era for smartphones in Europe,” said Ben Stanton, Analyst at Canalys. “The few remaining growth markets are not enough to offset the saturated ones. We are moving from a growth era to a cyclical era. This presents a brand-new challenge to the incumbents, and we expect several smaller brands to leave the market in the coming years.”

Adapting to new market dynamics, the top three vendors all had starkly different results:

• Samsung remained on top, shipping over 15m smartphones, but slipped 15% compared with last year as Huawei and Xiaomi put pressure on its low-end and mid-range models. But the high price of the Galaxy S9, as well as its earlier launch in the calendar year than the Galaxy S8, prompted a drastic rise in its ASP over the previous year, and helped Samsung boost its shipment value by over 20%.

• Apple outperformed the market and shipped over 10m units, but this still represented a 5.4% decline. As a percentage of models shipped, the iPhone X declined slightly from Q4, to around 25%, but it remained comfortably the best-shipping smartphone in the region. Apple’s larger portfolio strategy will become more important as the year progresses, with over 25% of its Q1 shipments the iPhone SE, 6 and 6S – models that are over two years old. This wider spread of shipments did, however, offset the value growth driven by the pricier iPhone X.

• Huawei bucked the trend, growing 38.6% and shipping 7.4m units. It shipped over 1m of its new P Smart in its first full quarter. But the delay to its flagship P20, versus last year’s P10, meant that very few of its Q1 shipments were premium models. Despite its large volume growth, it only managed to boost its shipment value by 1.7% over the previous year. But it will be confident of a rise in ASP as the P20 truly comes into play in Q2.


That fall in the UK is pretty dramatic – down by a third. That’s saturation at work. And the fifth-biggest supplier might surprise you.
link to this extract

Scientists stuffed a crocodile into an MRI machine to see if it likes Bach • ExtremeTech

Joel Hruska:


This is rather less ridiculous than it might seem at first glance. The team in question was investigating the evolution of complex stimulus processing. Crocodiles have remained phenotypically similar for tens of millions of years; crocodilians like Deinosuchus that lived 80-73 million years ago look quite similar (if much larger) than crocodiles today. The last common ancestor between crocodiles and birds lived 240 million years ago, which makes modern crocodiles an interesting comparison case for both mammals and birds.

And one of the interesting things about mammals and birds is that we handle complex audio processing in areas of our brains that are functionally similar, even if the regions themselves are quite physiologically distinct. The question was, would reptiles show similar functional similarity, or did they evolve an entirely different method of processing this information? The only way to find the problem was to chuck a crocodile in an MRI and play it some music.

This is easier said than done. “The difficulty in scanning crocodiles—beside being a little bit dangerous for the experimenter—is that they are cold-blooded reptiles,”” lead researcher Dr. Felix Ströckens, from the Department of Biopsychology at Ruhr University Bochum, told Gizmodo. “We thus had to find a temperature which allowed us to pick up a good signal and was comfortable for the animal. We also had to keep this temperature stable within the scanner which is relatively difficult since the coils used for scanning also emit heat.”

The crocodiles were tested with a wide range of stimuli, including various colors, simple sounds, and complex audio, with the latter provided by Johan Sebastian Bach’s Brandenburg Concerto No. 4.


I’m not going to spoil the surprise for you.
link to this extract

Qualcomm plans exit from server chips • Bloomberg

Ian King:


The San Diego-based company is exploring whether to shutter the unit or look for a new owner for the division, which was working on ways to get technology from ARM Holdings Plc into the market for chips that are at the heart of servers, the person said. ARM is one of Intel’s only rivals in developing semiconductor designs, and its architecture is primarily used in less power-intensive products, such as smartphones.

Qualcomm is the largest backer of an effort to find a role for ARM designs in the highest end of the computing market, where individual chips sell for multiple thousands of dollars. Chipmakers have been trying for years to provide owners of large data centers – companies such as Alphabet Inc.’s Google and Inc.’s Amazon Web Services – with processors to run them, trying to break into a business that Intel dominates with about 99% market share.

A Qualcomm spokesman declined to comment. In the company’s earnings report last month, Chief Executive Officer Steve Mollenkopf told analysts that Qualcomm is focused on spending reductions in its non-core product areas.

Servers, which crunch data in corporate networks and act as the backbone of the internet, are a much smaller market than phones and personal computers when measured by shipments. But the price that chipmakers are able to charge for the high-performance parts needed to run them makes the market attractive.

Qualcomm began selling a server chip, the Centriq 2400, based on ARM technology last year. At the time, the company said the chips, which were manufactured by Samsung Electronics Co., offered better results than an Intel Xeon Platinum 8180 processor, based on energy efficiency and cost. At the public introduction of the server chip line in November, potential customers such as Microsoft Corp. took to the stage to voice their interest in the offering. Since then, Qualcomm has been silent about its progress.


Strange; ARM chips for servers seemed like the next big thing a few years ago. But it’s gone nowhere – perhaps because it’s not just about having a cooler chip.
link to this extract

Bail-bond industry suffers another blow as Facebook and Google ban ads • NBC News

Jon Schuppe:


Google and Facebook, the world’s most dominant online-advertising companies, will no longer take money from America’s for-profit bail bond agencies, siding with a growing national movement to eliminate cash bail from the criminal justice system.

The two tech giants said this week that their decisions to block bail-bond ads were part of a broader effort to protect users from damaging or hurtful content. Typically, that strategy has focused on scams and deception. But that list has recently expanded to include guns, marijuana, payday loans, cryptocurrencies and, now, bail bonds.

David Graff, Google’s senior director of global product policy, said in a statement on Monday that the company was persuaded by studies showing that bail bond agencies profited off poor and minority communities, where people who are arrested often must go into debt in order to post court-ordered bonds that guarantee their return for trial.

“We made this decision based on our commitment to protect our users from deceptive or harmful products, but the issue of bail bond reform has drawn support from a wide range of groups and organizations who have shared their work and perspectives with us,” Graff wrote in a blog post.


Without a doubt, a good thing. Gambling next? That profits off poor and minority communities too.
link to this extract

Inside Amazon’s fake review economy • Buzzfeed

Nicole Nguyen:


One morning in late January, Jake picked up the box on his desk, tore through the packing tape, unearthed the iPhone case inside, snapped a picture, and uploaded it to an Amazon review he’d been writing. The review included a sentence about the case’s sleek design and cool, clear volume buttons. He finished off the blurb with a glowing title (“The perfect case!!”) and rated the product a perfect five stars. Click. Submitted.

Jake never tried the case. He doesn’t even have an iPhone.

Jake then copied the link to his review and pasted it into an invite-only Slack channel for paid Amazon reviewers. A day later, he received a notification from PayPal, alerting him to a new credit in his account: a $10 refund for the phone case he’ll never use, along with $3 for his trouble — potentially more, if he can resell the iPhone case.

Jake is not his real name. He — along with the four other reviewers who spoke to BuzzFeed News for this story — wanted to remain anonymous for fear Amazon would ban their accounts. They are part of an extensive, invisible workforce fueling a review-fraud economy that persists in every corner of the largest marketplace on the internet. Drawn in by easy money and free stuff, they’ve seeded Amazon with fake five-star reviews of LED lights, dog bowls, clothing, and even health items like prenatal vitamins — all meant to convince you that this product is the best and bolster the sales of profiteers hoping to grab a piece of the Amazon Gold Rush. Meanwhile, sellers trying to play by the rules are struggling to stay afloat amid a sea of fraudulent reviews, and buyers are unwittingly purchasing inferior or downright faulty products. And Amazon is all but powerless to stop it…

…Amazon won’t reveal how many reviews — fraudulent or total — it has. But based on his analysis of Amazon data, [ReviewMeta CEO Tommy] Noonan estimates that Amazon hosts around 250 million reviews. Noonan’s website has collected 58.5 million of those reviews, and the ReviewMeta algorithm labeled 9.1%, or 5.3 million of the dataset’s reviews, as “unnatural.”


If it can be gamed, it will be gamed. If it can be gamed for money, it will be gamed for money. The problem is limiting the scale. Plenty of stories here of scammy products, honest products scammed, and the scammy reviewers.
link to this extract

And for his next act, Ev Williams will fix the internet • The New York Times

Kevin Roose:


Echoing Mr. Zuckerberg’s testimony before Congress last month, Mr. Williams said he now believed that he had been too optimistic during social media’s early days, and had failed to appreciate the risks of putting such powerful tools in users’ hands with minimal oversight.

“One of the things we’ve seen in the past few years is that technology doesn’t just accelerate and amplify human behavior,” Mr. Williams wrote. “It creates feedback loops that can fundamentally change the nature of how people interact and societies move (in ways that probably none of us predicted).”

Mr. Williams has not given up on Twitter, but “I think I was a little bit ahead of some people in seeing the dark side” of social media, he said.

Mr. Williams is only a partial heretic. He acknowledges that social media companies have not done enough to promote high-quality content, but he also blames publishers for amping up sensationalism in order to increase their traffic. And when I asked if he agreed with Mr. Zuckerberg’s recent statement that “the world would lose if Facebook went away,” he demurred.

“I honestly don’t know my answer to that,” he said. “I think it’s probably right.”

But if Mr. Williams isn’t ready to denounce social media, he is at least muting its effects in his own life. He still uses Twitter, but he has turned off most mobile notifications, and he tries to leave his phone behind when he’s with his friends or his kids. He is reading less daily news these days, he said, and more books and long-form articles.

“That’s been healthy for me,” he said. “I feel the effects of that.”

Listening to an architect of the fast-twitch internet extol the benefits of books and magazines is a little odd, like watching Chef Boyardee open a farm-to-table restaurant. But Mr. Williams is not alone among tech leaders in his quest for a slower and more balanced media diet. (Mr. Dorsey, who has been Twitter’s chief executive since 2015, went on a 10-day silent meditation retreat in December.)


link to this extract

China’s ZTE Corp says main business operations cease due to US ban • Reuters

Sijia Jiang:


ZTE, China’s second biggest telecom equipment maker, was hit last month with a ban from Washington forbidding US firms to supply it with components and technology after it was found to have violated US export restrictions.

“As a result of the Denial Order, the major operating activities of the company have ceased,” ZTE said in the filing.

“As of now, the company maintains sufficient cash and strictly adheres to its commercial obligations subject to compliance with laws and regulations,” it said.

ZTE said it was actively communicating with the US government “in order to facilitate the modification or reversal of the Denial Order by the US government and forge a positive outcome in the development of matters.”

The ban that threatens to cut off ZTE’s supply chain came amid heightened tension over a possible US-China trade war. The Chinese government raised the issue of ZTE last week with a visiting US trade delegation.

ZTE said on Sunday it had submitted a request to the US Commerce Department for the suspension of the ban.


That’s colossal. But without access to American(-owned) component sources, ZTE was stuffed.

No doubt: this is going to make the Chinese government determined to secure its own component companies. It won’t like having a big player like this liable to shutdown by American fiat. (ZTE was banned for selling equipment to Iran when sanctions were in place.)

Next question being, is Huawei going to be affected somehow?
link to this extract

Leaving on a jet plane: the trade in fraudulently obtained airline tickets • SpringerLink

Alice Hutchings:


Nohl found flight bookings could be accessed using brute force attacks, whereby common surnames and potential passenger name records (PNRs) are repeatedly tried against airline’s online systems. Furthermore, provided with access to a boarding pass, or a photograph of one (which are readily posted on social media sites), the PNR can be read with the use of a barcode scanner (and are printed in plain text on baggage tags). Malicious actors who access booking systems in such a way could change flight dates or destinations, or request refunds, allowing them to travel under the victim’s name. Some airlines also allow name changes.

Less obtrusively, they could insert or replace a frequent flyer account number, to harvest the traveller’s points. While the new frequent flyer account must be in the same name as the traveller, some airlines allow name changes on these accounts. Furthermore, the PNR includes the passenger’s name and email address, which may be used to send targeted phishing emails requesting confirmation of frequent flyer credentials or payment details. Nohl was also concerned that GDS’ do not properly authenticate users accessing PNRs, do not rate limit attempts to access the system, therefore allowing the brute force attacks to occur, and do not log when PNRs have been accessed, making unauthorised access harder to detect. Nohl’s work is a proof of concept, showing such attacks are possible. It is unknown if these attacks, or variations of them, had already occurred, although some of the vulnerabilities were reported many years earlier.


This (free to read) article is a real eye-opener about the extent of this fraud, which is reckoned to cost airlines about €1bn annually.
link to this extract

Errata, corrigenda and ai no corrida: quite a few people have said that landlines remain a necessity in the US, so that beating spam callers is still a real challenge.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

Start Up: Google I/O top lines, mobile gaming takes over, encrypted Twitter DMs?, iMac timing, and more

Got a ton of email? Google will write the replies for you. Photo by Robert Couse-Baker on Flickr.

A selection of 13 links for you. Unlucky for unlucky people. I’m @charlesarthur on Twitter. Observations and links welcome.

Twitter has an unlaunched ‘Secret’ encrypted messages feature • TechCrunch


Buried inside Twitter’s Android app is a “Secret conversation” option that if launched would allow users to send encrypted direct messages. The feature could make Twitter a better home for sensitive communications that often end up on encrypted messaging apps like Signal, Telegram or WhatsApp.

The encrypted DMs option was first spotted inside the Twitter for Android application package (APK) by Jane Manchun Wong. APKs often contain code for unlaunched features that companies are quietly testing or will soon make available. A Twitter spokesperson declined to comment on the record. It’s unclear how long it might be before Twitter officially launches the feature, but at least we know it’s been built.

The appearance of encrypted DMs comes 18 months after whistleblower Edward Snowden asked Twitter CEO Jack Dorsey for the feature, which Dorsey said was “reasonable and something we’ll think about.”

Twitter has gone from “thinking about” the feature to prototyping it.


Coming late to the game. Will it be end-to-end like iMessage? Will it be decryptable on the server?
link to this extract

Just in time • Asymco

Horace Dediu:


To me the incredible aspect of the iMac’s entry is its uncanny timing. It came not only just in time to save Apple but exactly half-way between the first two ages of computing. In the following graph showing “share of computing” you can see it as launching precisely at “peak Windows”.

In retrospect you have to wonder if Apple, with the iMac, was lucky to survive into this next era or if that era would have ever happened without the iMac. It’s a question of causality which quickly devolves into an un-winnable argument about stochastic vs. deterministic existence.

Regardless, the result was felt more than seen. The computing industry was pivoting. The results are seen also in the graphs above. The iMac came right in the middle of the “desert” of platform choice of the late 1990s. By the 2000s mobile platforms detonated on the scene. The iPod was Apple’s first entry, in 2001, but it was not a computer. It was an appliance. A stepping stone at a time when the early platform contenders Nokia, Palm, Microsoft and BlackBerry surged before realizing that they did not have sound foundations upon which to build ecosystems. Their advances could not be consolidated.

The spoils went to the later entries of iOS and Android. The resulting disruption was shocking and disorienting. Not only did the old order get up-ended but the magnitude of the new was 100x the old. The iMac enabled at least a trillion dollars of value to be created and made Apple the biggest company in the world.


But, as he asks, what is the “new iMac” to arrive now that the mobile world dominates?
link to this extract

Self-driving cars are here • Medium

Andrew Ng of, which is introducing self-driving cars in Frisco, Texas in July:


It is every self-driving company’s responsibility to ensure safety. We believe the self-driving car industry should adopt these practices:

• Self-driving cars should be made visually distinctive, so that people can quickly recognize them. Even with great AI technology, it is safer if everyone recognizes our cars. After examining multiple designs, we found that a bright orange design is clearly recognizable to pedestrians and drivers.

We deliberately prioritized recognizability over beauty, since it is recognizability that enhances safety.

• While a human driver would make eye contact with a pedestrian to let them know it is safe to cross, a driverless car cannot communicate the same way. Thus, a self-driving car must have other ways to communicate with people around it. is using exterior panels to do this.

• Self-driving car companies should engage with local government to provide practical education programs. Just as school buses, delivery trucks, and emergency vehicles behave differently from regular cars, so too are self-driving cars a different class of vehicle with their own behaviors. It has unique strengths (such as no distracted driving) and limitations (such as inability to make eye contact or understand hand gestures). It’s important to increase the public’s awareness of self-driving through media, unique signage, and dedicated pickup and dropoff zones. We also ask members of the local community to be lawful in their use of public roads and to be considerate of self-driving cars so that we can improve transportation together.


OK, but what about people who seem like plastic bags?
link to this extract

Google I/O 2018: The 11 most important announcements • BGR

Zach Epstein:


The annual Google I/O developer conference is Google’s biggest event of the year by far. Unlike Apple, where the biggest event each year is the company’s late-summer iPhone unveiling, Google is a software company first and foremost. At Google I/O each year, Google takes us on a journey through the company’s efforts to push the boundaries of consumer technology. Google isn’t a completely open book, of course, and there are plenty of secret projects being worked on behind closed doors. But the company is always quite open about its core focuses, and Google I/O 2018 was a showcase of all the key areas of concentration at Google.

Artificial intelligence was obviously among the stars of the show at Google I/O 2018, and Google Assistant will play an even more central role in Google’s ecosystem than it already has over the past few years. We also got our first glimpse at the newly updated version of Android P, which is available to developers (and anyone else who wants to install it on his or her Pixel phone) beginning today. The company covered all that and more during its 90-minute Google I/O 2018 keynote presentation, and we’ve rounded up all of the most important announcements right here in this recap.


Or if you don’t want to read it, a couple of highlights…
link to this extract

Gmail’s new “smart compose” feature will help you write emails faster • Ars Technica

Valentina Palladino:


At today’s I/O keynote, Google announced a new Gmail feature dubbed “smart compose.” This AI-based system will let Gmail users write messages faster by suggesting phrases to them as they type out emails.

Google CEO Sundar Pichai presented a short demo of the new feature, showing how the AI suggests words and phrases and even completes sentences as you type out messages in a new email window. Smart compose will suggest options for what you may want to say next based on what you’ve already typed. If it works as well as it did in the demo, smart compose should help Gmail users write emails faster and more efficiently.

We’ve seen features similar to “smart compose” in other contexts, like smartphone messaging apps. However, those apps typically stop at suggesting words and short phrases—Google’s new AI feature for Gmail goes even further to suggest full sentences. “Smart compose” will be rolling out to Gmail users this month.


Making the calls, writing the emails, editing the photos, controlling the apps.. Google seems keen on taking tasks away. What you think of that possibly depends on your age (or your email volume).
link to this extract

Google Maps is getting the coolest new feature since turn-by-turn directions • BGR

Chris Mills:


Google is adding some massive new features to Google Maps, the biggest being the addition of augmented reality directions to help with walking directions. If you’re trying to follow a set of directions, you can now hold your phone up, and Google Maps will match the view from your camera to the saved Street View imagery of the world. Street View can label things in the real world using your camera, and show you an overlay to let you know which way to go.

The company didn’t say when the augmented reality features will come to the Google Maps app, but it did hint that it might even include a cute robotic fox to act as your virtual guide.


I’ve lost count of the number of times I’ve emerged from an underground station (US readers: subway station) and tried to work out which direction I’m facing, compared to where the map is directing me.

Betting on Apple having something like this in the works for WWDC?
link to this extract

Google Assistant will call businesses for you to set up appointments • Android Police


Google Assistant is pretty great already, but there are some things you need an actual human for. Not every business has an online booking system, so in some cases, you have to talk to an actual person to make a reservation (the horror!). Google’s solution for this is ‘Duplex,’ which will allow Assistant to actually call a business for you to set up an appointment or reservation.

Once the feature goes live, you’ll be able to ask Assistant to book something for you. For example, you can say “Make me a haircut appointment on Tuesday morning anytime between 10 and 12.” After that, Assistant will call the business and interact with the person on the other site of the call to book the appointment. The person on the other side of the call will probably think Assistant is a person, especially since it uses “hmm” and “um” between words.

The on-stage demo was nothing short of incredible, but we’ll have to wait and see how well it works in real-world testing.


Google blogpost with more detail. What happens when you get machines to answer the phones too (as often happens)? They’re going to be messing with each other for ages.
link to this extract

HTC reports earnings for 1Q18 • Digitimes

Steve Shen:


HTC has reported net profits of NT$21.1bn (US$707.69m) or NT$25.7 per share for the first quarter of 2018, ending its 11 consecutive quarterly losses.

The earnings were mainly contributed by non-operating income of NT$31.6bn from the sale of its ODM business unit to Google, which offset its operating losses of NT$5.2bn and other expenses in the quarter.

Gross margin remained negative at -3.1% in the first quarter, but was a significant improvement from -30.8% of a quarter earlier.

However, the company’s smartphone business has remained in the doldrums, seeing its monthly revenues drop to an over 14-year low of NT$2.099bn in April. And year-to-date, the company had combined revenues of NT$10.89bn, down 43.4% from a year earlier.


So its underlying business remains as unprofitable as it has been for the past three years, while the company shrinks. That Google bonus can only keep it going for so long.
link to this extract

Mobile gaming cements its dominance, takes majority of worldwide sales • Ars Technica

Kyle Orland:


Just over two years ago, we looked back at analyst reports for the 2015 gaming market and highlighted the surprising finding that the PC was actually the world’s most important gaming platform from a raw revenue perspective. But we warned that continued double-digit growth in the mobile market meant the PC’s market dominance wouldn’t last forever.

Fast-forward to the forecast for the 2018 global game market, and things could scarcely look more different. Newzoo’s 2018 Global Games Market Forecast now predicts that mobile games will make up a slim majority (51%) of all worldwide gaming revenue this year (including smartphones and tablets, but not dedicated gaming handhelds). That’s up from 34% in 2015 and just 18% in 2012. Console and PC games will split the remainder of the pie relatively evenly in 2018, at 25% and 24% of worldwide spending, respectively.

The growth of the mobile market doesn’t show any signs of stopping, either: by 2021, Newzoo estimates that 59% of all gaming spending will go to mobile platforms, with console and PC games dividing up the scraps.

If you had to sum up that change in one word, it could easily be “Asia,” which now represents 52% of the global games market (when paired with Oceania). China alone is now responsible for 28% of all gaming spending in the world, up from 24% in 2015. Mobile gaming is overrepresented in the world’s biggest gaming market, responsible for 61% of all Chinese gaming revenue and poised to grow to 70% by 2021.


link to this extract

AI generates new Doom levels for humans to play • MIT Technology Review


[Edoardo Giacomello and colleagues at the Politecnico di Milano in Italy] say it is indeed possible to create compelling Doom levels in this automated way, and that the technique has significant potential to change the way game content is created.

The team’s approach is relatively straightforward. They begin with 1,000 Doom levels taken from a repository called the Video Game Level Corpus, which includes all the official levels from Doom and Doom 2 as well as more than 9,000 levels created by the gaming community.

The team then processed each level to generate a set of images that represent its most important features, such as the walkable area, walls, floor height, objects, and so on. They also created a vector that captured important features of the level in numerical form, such as the size, area, and perimeter of rooms, the number of rooms, and so on.

Then they used a deep-learning technique called a generative adversarial network to study the data and learn how to generate new levels.

The results show just how powerful this technique is. After some 36,000 iterations, the deep-learning networks were able to produce levels of good quality. “Our results show that generative adversarial networks can capture intrinsic structure of DOOM levels and appears to be a promising approach to level generation in first person shooter games,” say Giacomello and co.


Makes sense; much cheaper and it seems like a crazy thing to spend time getting humans to design something when they aren’t needed. Though you could imagine that the AI might come up with an impossible level, which would only be discovered on trying to play it.
link to this extract

Facebook announces a ban of all Eighth referendum ads from foreign sources • The Irish Journal

Cormac Fitzgerald:


Social media giant Facebook has announced that it is banning all ads on its platform related to the upcoming referendum if they are from advertisers based outside of Ireland.

Facebook said that it will not allow any ads coming from foreign sources which are deemed to be “attempting to influence the outcome of the vote on May 25″. It said that this would relate to paid of advertisements on its platform.

“We do not intend to block campaigns and advocacy organisations in Ireland from using service providers outside of Ireland,” the company said in a statement on its website.

The ban from Facebook comes following concerns that unknown actors from outside of the state could buy ads to influence Irish voters ahead of the historic referendum.

On 25 May the Irish public will vote on whether to repeal of retain the Eighth Amendment of the constitution – which grants the equal right to life to the mother and the unborn child.

Transparency campaigners and advocates have been voicing concerns over a number of difficult to trace advertisements related to the referendum that have been appearing on Facebook and other platforms in recent weeks.

Online advertising is not regulated for under Ireland’s electoral laws. Currently, there are no laws or regulations governing social media advertisements or targeting of voters by overseas organisations in relation to the upcoming referendum.


About time; the arguments over the Eighth Amendment (a “Yes” vote would legalise abortion in the Irish Republic up to a foetal age of 12 weeks) have been goign on for months, and there has been a lot of foreign money buying ads on Facebook – from America, pushing the “No” side.
link to this extract

Yes, it’s bad. Robocalls, and their scams, are surging • The New York Times

Tara Siegel Bernard:


In an age when cellphones have become extensions of our bodies, robocallers now follow people wherever they go, disrupting business meetings, church services and bedtime stories with their children.

Though automated calls have long plagued consumers, the volume has skyrocketed in recent years, reaching an estimated 3.4 billion in April, according to YouMail, which collects and analyzes calls through its robocall blocking service. That’s an increase of almost 900 million a month compared with a year ago.

Federal lawmakers have noticed the surge. Both the House and Senate held hearings on the issue within the last two weeks, and each chamber has either passed or introduced legislation aimed at curbing abuses. Federal regulators have also noticed, issuing new rules in November that give phone companies the authority to block certain robocalls.

Law enforcement authorities have noticed, too. Just the other week, the New York State attorney general, Eric T. Schneiderman, warned consumers about a scheme targeting people with Chinese last names, in which the caller purports to be from the Chinese Consulate and demands money. Since December, the New York Police Department said, 21 Chinese immigrants had lost a total of $2.5m.

Despite these efforts, robocalls are a thorny problem to solve. Calls can travel through various carriers and a maze of networks, making it hard to pinpoint their origins, enabling the callers to evade rules. Regulators are working with the telecommunications industry to find ways to authenticate calls, which would help unmask the callers.

In the meantime, the deceptive measures have become more sophisticated. In one tactic, known as “neighborhood spoofing,” robocallers use local numbers in the hope that recipients will be more likely to pick up.


Why would you have a landline phone at all in the US?
link to this extract

Who controls glibc? • LWN

Jonathan Corbet:


Toward the end of April, Raymond Nicholson posted a patch to the glibc manual removing a joke that he didn’t think was useful to readers. The joke played on the documentation for abort() to make a statement about US government policy on providing information about abortions. As Nicholson noted: “The joke does not provide any useful information about the abort() function so removing it will not hinder use of glibc”. On April 30, Zack Weinberg applied the patch to the glibc repository.

Richard Stallman, who added the joke sometime in the 1990s, asked that it not be removed. The resulting discussion touched on a number of issues. Carlos O’Donell, who has been trying hard to resolve the issue with some degree of consensus, suggested that the joke could hurt people who have had bad experiences associated with abortion. He proposed a couple of possible alternatives, including avoiding jokes entirely or discussing such issues in a different forum. Stallman, however, replied that “a GNU manual, like a course in history, is not meant to be a ‘safe space'”. He suggested the possibility of adding a trigger warning about functions that create child processes, since childbirth is “far more traumatic than having an abortion”


There’s insensitivity, and then there’s Richard Stallman. This seems to be one of those “nobody’s laughing – THAT’S WHY IT’S FUNNY” jokes.
link to this extract

Errata, corrigenda and ai no corrida: none notified

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

Start Up: how Facebook helped form Isil, spotting old Flash memory, Xiaomi’s real business model, the GOP donor hack, and more

Will a self-driving car see the person, or just the bag? Photo by Paolo Gamba on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 7 links for you. Tuesday! Could be worse. I’m @charlesarthur on Twitter. Observations and links welcome.

Uber finds deadly accident likely caused by software set to ignore objects on road • The Information

Amir Efrati:


Uber has determined that the likely cause of a fatal collision involving one of its prototype self-driving cars in Arizona in March was a problem with the software that decides how the car should react to objects it detects, according to two people briefed about the matter.

The car’s sensors detected the pedestrian, who was crossing the street with a bicycle, but Uber’s software decided it didn’t need to react right away. That’s a result of how the software was tuned. Like other autonomous vehicle systems, Uber’s software has the ability to ignore “false positives,” or objects in its path that wouldn’t actually be a problem for the vehicle, such as a plastic bag floating over a road. In this case, Uber executives believe the company’s system was tuned so that it reacted less to such objects. But the tuning went too far, and the car didn’t react fast enough, one of these people said…

…Uber’s findings may cause other self-driving car developers to examine the kind of software tuning they do to deal with potential false positives. The entire industry has been wondering whether the accident was caused by issues that might also apply to them. Aside from Uber, Alphabet’s Waymo and dozens of companies ranging from General Motors’ Cruise to startups like Aurora Innovation and Voyage are testing self-driving cars. Developers such as Nvidia and Toyota said they temporarily suspended testing of autonomous vehicle prototypes in the wake of the crash.

In the collision investigation, Uber found that a vital piece of the self-driving car was likely working properly: the “perception” software, which combines data from the car’s cameras, lidar and radars to recognize and “label” objects around it. In this case, the software is believed to have seen the objects. The problem was what the broader system chose to do with that information.


Hell of a scoop by Efrati. And how do you get around this problem for self-driving cars? Plastic bags and other opaque debris are going to be a constant feature of roads.
link to this extract

Elliott Broidy and the GOP’s bad hacking karma • Bloomberg

David Voreacos and Michael Riley:


Whoever took [GOP donor Elliott] Broidy’s emails has doled out curated selections to media outlets, including the New York Times, the Wall Street Journal, and Bloomberg News.

The leaks, from a group called LA Confidential, have led since March to a succession of embarrassing stories on Broidy’s attempts to trade his proximity to the president for his benefit and that of wealthy clients in Malaysia, the United Arab Emirates, and elsewhere. (Broidy also admitted paying $1.6m to a former Playboy Playmate who had an affair with him and became pregnant, a deal negotiated by Trump attorney Michael Cohen.) American national security officials concluded that in 2016 the Democrats were hacked by Russian intelligence operatives trying to tip the scales of the U.S. election. Broidy believes he was targeted for political motives as well—in his case, by UAE rival Qatar. He claims Qatar was retaliating against him because he has spoken out about what he sees as that country’s support for terrorism and its friendliness with Iran. If Qatar were behind the hack, it would be the latest example of a foreign power trying to influence domestic American politics by exposing the secrets of the political elite.

Broidy allowed Bloomberg to talk with security experts working for him as part of an effort to focus more attention on the hack (and less, presumably, on the leaks). In March, he filed a lawsuit in California accusing Qatar of orchestrating the attack. The experts confirmed that the hackers probably got away with tens of thousands of emails and other documents, a cache they could continue to dribble out for months. “It is a horrible experience to have business and personal information stolen and disseminated,” Broidy told Bloomberg in an email. “This attack on our privacy has taken a great emotional toll on me, my family, and my employees.”…

…The hackers got access to emails from Broidy and five of his employees because they all used the same password, his security team confirmed.


Brody was hacked via his wife, who fell for the same Gmail phishing attack that was used to break into Clinton campaign chairman John Podesta’s personal Gmail inbox – because he (and she) didn’t have two-factor authentication enabled. (Although a well-coordinated state hacking attack could break that too.)

As it happens, I look in detail at how Podesta was hacked, and how the campaign’s security reacted, in a full chapter in my new book Cyber Wars. Available now in the UK, and physically on May 28 in the US.
link to this extract

Google and JBL’s all-in-one soundbar combines Android TV and Google Home • Ars Technica

Ron Amadeo:


Welcome to Day Zero of Google I/O 2018. The keynote might be tomorrow, but that isn’t stopping one of the more interesting products from being announced a day ahead of time. Google and JBL have built the JBL Link Bar, a soundbar that combines the functionality of Android TV with Google Home. Your TV gets upgraded sound, the Android TV interface and apps, and always-on Google Home functionality, all in a compact soundbar package that can be wall-mounted.

Android TV devices have had the Google Assistant since 2017, and while this seems to have the usual Android TV Assistant commands, it also works as a smart speaker. It has the always-on “OK Google” hotword and four front lights, just like a Google Home. You can tell it to turn the TV on, all without touching a thing.


Not sure why you’d want a soundbar to be a smart speaker; it’s meant to be subservient to the TV, surely.
link to this extract

That new memory smell: tech can tell if your Flash is new or recycled • IEEE Spectrum

Samuel Moore:


A flash memory cell is like an ordinary transistor, it has a source and a drain and a channel through which current flows under the control of voltage on the gate electrode. The difference is that the gate is split into several layers—the control gate, the blocking oxide, the floating gate, and the tunneling oxide.  Voltage on the control gate causes electrons to tunnel through that bottom oxide and get stuck inside the floating gate. This charge or its absence is the stored bit. It alters how much voltage you need to turn the transistor on in a way that you can easily measure. Erasing the bit is done by reversing the voltage and driving the charge out of the floating gate.

Ray and his team took advantage of the rather high voltages—about plus or minus 20 volts—needed to program and erase flash. The more you program and erase a cell, the more defects will accumulate in the oxide, he explains. These defects lead to an increase in the amount of current that leaks through the transistor when it’s supposed to be off, and it also slows down the rate at which charge moves through the device. These effects show up as a slowdown in the memory’s erase time. They examined other metrics, but “we found that slower erase is the best metric to get [a chip’s] age.”

In research reported this week at the IEEE International Symposium on Hardware Oriented Security and Trust, in Washington, D.C., the Alabama engineers’ erase-time technique was able to identify recycled flash with as little as 3% usage with 100% confidence.


OK, but as it says, Flash is designed to last 10 years or more. Is 3% really enough to make a difference?
link to this extract

Xiaomi is more like Facebook than Apple • Bloomberg

Tim Culpan:


“We pioneered an amazing, innovative business model underpinned by courage and trust,” founder Lei Jun said in an open letter accompanying its offer document Thursday in which he reiterated a pledge to cap hardware margins in favor of making money via services.

Reading through its 597-page prospectus, it’s apparent that in Xiaomi-speak, “services” means “serving ads.”

Xiaomi has done quite a job of monetizing device buyers beyond the initial transaction, tripling sales from the services segment over the past two years. Smartphones accounted for 70% of revenue last year and 46% of gross profit. Internet services, on the other hand, accounted for 8.6% of revenue but an outsized 39% of gross profit.

What surprised me most is how dependent this business is on advertising, which accounted for 57% of the category’s revenue last year. (Online games is the other major component.)

“We use our proprietary technologies and big data analytical capabilities to offer comprehensive and innovative services to our business partners and users.”

When you remember that “business partners” means advertisers, you start to understand that Xiaomi isn’t a rip-off of Apple Inc., as has been suggested, but is mimicking Facebook Inc.

Here’s how it works: Xiaomi sells a smartphone at near-cost, including its MIUI mobile interface. Through that, Xiaomi tracks your usage and learns what you might be interested in. It then starts suggesting apps, some of which will be Xiaomi-developed. Once installed, the company then has an ad-serving platform right in front of your eyes.


link to this extract

Facebook accused of introducing extremists to one another through ‘suggested friends’ feature • Daily Telegraph

Martin Evans:


Researchers, who analysed the Facebook activities of a thousand Isil supporters in 96 countries, discovered users with radical Islamist sympathies were routinely introduced to one another through the popular ‘suggested friends’ feature.

Using sophisticated algorithms, Facebook is designed to connect people who share common interests.

The site automatically collects a vast amount of personal information about its users, which is then used to target advertisements and also direct people towards others on the network they might wish to connect with.

But without effective checks on what information is being shared, terrorists are able to exploit the site to contact and communicate with sympathisers and supporters.

The extent to which the ‘suggested friend’ feature is helping Isil members on Facebook is highlighted in a new study, the findings of which will be published later this month in an extensive report by the Counter Extremism Project a non profit that has called on tech companies to do more to remove known extremist and terrorist material online.

Gregory Waters, one of the authors of the report, described how he was bombarded by suggestions for pro-Isil friends, after making contact with one active extremist on the site.

Even more concerning was the response his fellow researcher, Robert Postings, got when he clicked on several non-extremist news pages about an Islamist uprising in the Philippines. Within hours he had been inundated with friend suggestions for dozens of extremists based in that region.


That’s the “suggested friends” algorithm working exactly as it’s designed to. Unfortunately…
link to this extract

How Michael Cohen, Trump’s fixer, built a shadowy business empire • The New York Times

William K. Rashbaum, Danny Hakim, Brian M. Rosenthal, Emily Flitter and Jesse Drucker:


Mr. Cohen’s businesses are private entities, making it difficult to get a full picture of their finances and operations. But a New York Times review of thousands of pages of public records, and interviews with bankers, lawyers and businessmen who have interacted with Mr. Cohen, reveal the degree to which he has often operated in the backwaters of the financial and legal worlds.

While he has not been charged with a crime, many of his associates have faced either criminal charges or stiff regulatory penalties. That includes partners in the taxi business, doctors for whom he helped establish medical clinics and lawyers with whom he worked.

He has spent much of his personal and professional life with immigrants from Russia and Ukraine. His father-in-law, who helped establish him in the taxi business, was born in Ukraine, as was one of Mr. Cohen’s partners in that industry. Another partner was Russian. And Mr. Cohen used his connections in the region when scouting business opportunities for Mr. Trump in former Soviet republics.

More recently, Mr. Cohen and his father-in-law lent more than $25m to a Ukrainian businessman who has a checkered financial record and a history of defaulting on loans. And Mr. Cohen long held a small stake in his uncle’s catering hall, which was frequented by Russian and Italian mobsters.

In addition to his legal and taxi businesses, Mr. Cohen has had a seemingly charmed touch as a real estate investor. On one day in 2014, he sold four buildings in Manhattan for $32 million, entirely in cash. That was nearly three times what he paid for them no more than three years earlier.


The way in which this never says “money laundering” is impressive.
link to this extract

Errata, corrigenda and ai no corrida: none notified

Start Up: Instagram pets train AI, GDPR’s first success, COBOL forever?, • kills the Android app, and more

It was 20 years ago today (well, yesterday). Photo by Marcin Wichary on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 12 links for you. Use them wisely. I’m @charlesarthur on Twitter. Observations and links welcome.

The original iMac: 20 years since Apple changed its fate • Six Colors

Jason Snell:


with the rise of the Internet, someone at Apple realized that there was suddenly a huge opportunity to sell people an appliance to let them get online. That was the core idea of the Jeff Goldbum-narrated “There’s No Step Three” TV ad: Plug in the iMac, plug in a phone line, and that’s it—you’re on the Internet. That concept put the “i” prefix in Apple’s product dictionary, where it remains to this day.

Apple’s bold choice to rip out all of the Mac’s traditional ports—Mac serial, Apple Desktop Bus, and SCSI—and replace it with the USB standard that was just starting to emerge in the PC world, was also helpful. It made all of us longtime Mac users cringe—you think the iPhone losing its headphone jack was tough?—but in a stroke it made the iMac compatible with a huge range of peripherals previously only designed to be used on PCs, and it made accessory manufacturers happy because with a low amount of effort the stuff they were making for PCs could now also be sold to new iMac users.

It was very clear, in the days after the announcement, that there would be a lot of those new iMac users. The iMac wasn’t a computer for the existing Mac user base (though we all came along as well, in the end), but for a whole new group—this was a true renewal of the promise, made 14 years earlier, that the Mac was a “computer for the rest of us.”

That original iMac “Elroy” enclosure was radical in an era where all computers were boxy and beige. It was hugely influential on what was to come—both in freeing designers to be more whimsical, with curves and colors and translucency, and in leading to an infestation of translucent blue plastic stuff in the lives of everyone during the late 90s and early 2000s. If you were a plastics manufacturer, translucency and bright colors immediately went into your brochure—because you haven’t lived until you’ve bought an orange semi-clear clock radio.

In fact, as I wrote this article I realized just how far the iMac’s design legacy has gone. My family owns a bright blue first-generation Nissan Leaf. I realize now that for the last year I’ve been driving around an iMac G3.


The impact that the “Bondi Blue” iMac had on design was colossal: that translucency was aped by the makers of all sorts of products. The computer itself made designers think about Apple again. It was the slipway back to success, as Snell says. (Just don’t mention the mouse.)

Here’s the Steve Jobs presentation, where as Snell points out, he has to spend a big chunk explaining that Apple’s not going bust. (That had been the year before.)

Which company is doing the equivalent now?
link to this extract

Google broke up a Vietnamese con scheme after an employee was scammed buying a Bluetooth headset • South China Morning Post

Jillian D’Onfro:


When a Google executive found a high-end Bluetooth headset selling at a steep discount on the company’s shopping site earlier this year, he didn’t consider that the deal may have been too good to be true.

He ordered the product and waited. And waited. The expected delivery date passed. He tried calling the website’s customer service number. It was disconnected. The headset never arrived. The money was lost.

In reality, the merchant wasn’t based in the U.S., as its website indicated. Google Shopping had redirected the buyer to a bogus seller, who took the Google employee’s credit card information with no intention of ever sending out a headset.

The prospective buyer kicked the case over to his co-workers to start an investigation. But instead of simply banning the bad actor from listing new products, Google Shopping’s trust and safety team initiated a global probe that ultimately tracked down 5,000 merchant accounts wrapped up in a sophisticated scheme to defraud users.

“I think we caught them right at the tip of when they were trying to scale up,” Saikat Mitra, Google Shopping’s director of trust and safety, told CNBC.


link to this extract

Your Instagram #Dogs and #Cats are training Facebook’s AI • WIRED

Tom Simonite:


An artificial intelligence experiment of unprecedented scale disclosed by Facebook Wednesday offers a glimpse of one such use case. It shows how our social lives provide troves of valuable data for training machine-learning algorithms. It’s a resource that could help Facebook compete with Google, Amazon, and other tech giants with their own AI ambitions.

Facebook researchers describe using 3.5 billion public Instagram photos—carrying 17,000 hashtags appended by users—to train algorithms to categorize images for themselves. It provided a way to sidestep having to pay humans to label photos for such projects. The cache of Instagram photos is more than 10 times the size of a giant training set for image algorithms disclosed by Google last July.

Having so many images for training helped Facebook’s team set a new record on a test that challenges software to assign photos to 1,000 categories including cat, car wheel, and Christmas stocking. Facebook says that algorithms trained on 1 billion Instagram images correctly identified 85.4% of photos on the test, known as ImageNet; the previous best was 83.1 percent, set by Google earlier this year.

Image-recognition algorithms used on real-world problems are generally trained for narrower tasks, allowing greater accuracy; ImageNet is used by researchers as a measure of a machine learning system’s potential. Using a common trick called transfer learning, Facebook could fine-tune its Instagram-derived algorithms for specific tasks. The method involves using a large dataset to imbue a computer vision system with some basic visual sense, then training versions for different tasks using smaller and more specific datasets.

As you would guess, Instagram hashtags skew towards certain subjects, such as #dogs, #cats, and #sunsets. Thanks to transfer learning they could still help the company with grittier problems. CEO Mark Zuckerberg told Congress this month that AI would help his company improve its ability to remove violent or extremist content. The company already uses image algorithms that look for nudity and violence in images and video.


link to this extract

Sonos announces June 6th event for new home theater speaker with Alexa • The Verge

Chris Welch:


Sonos just sent out press invites for a June 6th event in San Francisco. The invitation shows a coffee table littered with TV and other home theater remotes and has a simple tagline: “You’re better than this.” The company recently registered a new home theater smart speaker — very likely a successor to the Playbar or Playbase — with the FCC. Documents attached to that filing reveal that the product will include HDMI connectivity and microphones for voice control.

The invite might be alluding to Alexa’s ability to control some TVs and other components of an entertainment setup. An HDMI port would give Sonos’ next speaker more direct control over the big screen in your living room. Sonos has previously pledged to add support for Google Assistant to its voice-enabled speakers as well.


Strange how the headline is certain about the Alexa-ness, while the story hedges its bets. I don’t think the headline is wrong, but you’d like the story to be more confident.

For Sonos, a soundbar with HDMI ARC (audio return – means you can connect it to more devices, rather than relying on optical-out, which quite a few TVs don’t have) is long overdue. The optical-only Playbar came out in 2013. These days you can get HDMI ARC soundbars for a song. What’s Sonos’s USP in this situation? Sound quality is hard to discern, and doesn’t show up in a spec list; and “play streaming music” isn’t usually a task you give your soundbar. That Sonos IPO needs to arrive in a hurry.
link to this extract

Improving the Advanced Protection Program for iOS users • Google blog


Last October, Google launched the Advanced Protection Program, our strongest level of account security, designed to protect the overlooked segment of our users who face an increased risk of sophisticated attacks. These users may be journalists, activists, business leaders, political campaign teams, and others who feel especially vulnerable.

Today we’re announcing that Advanced Protection now supports Apple’s native applications on iOS devices, including Apple Mail, Calendar, and Contacts. This allows iOS users to enroll in the program without having to adjust how they use Google services on their Apple devices.

To protect you from accidentally sharing your most sensitive data with fraudulent apps or web services, Advanced Protection places automatic limits on which apps can gain access to your Google data. Before today, this meant that only Google applications were able to access your data if you were enrolled in the program.

With today’s update, you can now choose to allow Apple’s native iOS applications to access your Gmail, Calendar, and Contacts data. When you sign into iOS native applications with your Google account, you will get instructions on how to complete the sign-in process if you’re enrolled in Advanced Protection. We’ll continue to expand the list of trusted applications that can access Google data in the future. 


I didn’t even know this existed. (Perhaps it was only offered by invitation?) How is Google going to stop everyone from claiming they need Advanced Protection, I wonder.
link to this extract

Fail by design: COBOL and banking′s legacy of dark code • DW


“When these large scale financial systems were developed, they were developed on mini and mainframe [computer] systems,” says Simon Moores, a former UK “IT ambassador” and managing director at Zentelligence Research.

They were big systems with inscrutable names, like HP minis, DEC VAX, Dexcom, or IBM MVS, running in big rooms, creating lots of heat.

“Those things are robust. The best analogy is that of a tank or a Kalashnikov — you can drop it, kick, fill it full of sand and it just works,” says Moores. “It was created with COBOL running underneath, and it was absolutely suitable for the environment and the requirements of the time.”

But over time we’ve added more and more requirements at increasing speed as the technology has advanced, and it’s getting harder to tell how each new layer will interact with the old — especially as COBOL is now what some programmers call “dark code.” All the experts have either retired or died, few universities teach it, and as a result even fewer people can understand or fix it.

When the TSB Bank tried to upgrade its system, it appears the upgrade couldn’t cope with the level of transactions coming in at that same time.

“A slight incompatibility cascades into something catastrophic, and, I would suggest, that maybe nobody existed to be able to look at the code, or even understand the code, because it was compiled [Ed.: source code is compiled or “interpreted” before it is executed], to know what might possibly go wrong — other than to code it with your fingers crossed,” says Moores.  


This turns into an engrossing piece about COBOL (COmputer Business Oriented Language), which most modern-day programmers will never have come across. (I’ve dipped a toe in, a long time ago.) It’s got one of the strangest, yet logical, structures you’ll ever come across.
link to this extract

PewDiePie blasts YouTube’s ad revenue in new vlog • Daily Dot

Josh Katzowitz:


YouTube’s most popular vlogger says he’s not making enough money on the platform.

In a video released Wednesday, PewDiePie, who has 62 million subscribers, said he’s basically a hat salesman these days because of his decreased earnings.

“Honestly, legit, I am making more on selling these hats this month than I’m making on ad revenue, despite uploading daily content,” he said. “Do you understand how bad ad revenue is? I might as well not even call myself a YouTuber, I’m a hat merch, I’m a hat salesman, at this point. That is my profession.

“I really want to thank YouTube for having such a great way of monetizing on their platform. It’s wonderful. I am so thankful.”

PewDiePie, whose real name is Felix Kjellberg, has been caught in plenty of controversies that haven’t helped his earning potential. He’s uploaded multiple videos where he’s used anti-Semitic imagery and made anti-Semitic jokes—Disney cut ties with him for that, and YouTube canceled his YouTube Red series—and he casually dropped a racial slur while livestreaming last year. He’s apologized for those mistakes.

Even still, Forbes reports PewDiePie still earned $12m between June 1, 2016, and June 1, 2017—he also made $15m the year before that.


That inaudible noise? The Tiniest Violin Symphony Orchestra tuning up.
link to this extract

YouTube has 1.8 billion logged-in viewers each month • The Verge

Adi Robertson:


YouTube CEO Susan Wojcicki says that 1.8 billion registered users are watching videos on the platform each month, not counting anyone who’s watching without an account. Wojcicki announced the milestone at YouTube’s Brandcast presentation to advertisers, alongside some of the year’s most noteworthy successes — like Beyoncé’s record-setting 41 million livestream views at Coachella and the “Despacito” music video passing 5 billion views last month. The company previously announced that it had 1.5 billion logged-in monthly users in mid-2017.


It’s a data point. Well, two.
link to this extract to close to EU users saying it can’t comply with GDPR • TechCrunch

Natasha Lomas:


Put on your best unsurprised face:, a company that has, for years, used the premise of ‘free’ but not very useful ’email management’ services to gain access to people’s email inboxes in order to data-mine the contents for competitive intelligence — and controversially flog the gleaned commercial insights to the likes of Uber — is to stop serving users in Europe ahead of a new data protection enforcement regime incoming under GDPR, which applies from May 25.

In a section on its website about the regional service shutdown, the company writes that “unfortunately we can no longer support users from the EU as of the 23rd of May”, before asking whether a visitor lives in the EU or not.

Clicking ‘no’ doesn’t seem to do anything but clicking ‘yes’ brings up another info screen where writes that this is its “last month in the EU” — because it says it will be unable to comply with “all GDPR requirements” (although it does not specify which portions of the regulation it cannot comply with).


Don’t expect this to be the end. The adtech swamp is getting drained.
link to this extract

There’s a ⚫ emoji message that crashes any Android app, but it’s no big deal • Android Police

Martim Lobao:


There’s a message that’s making the rounds on WhatsApp that mysteriously causes the app to crash if you dare to tap on the black dot within. You may have already come across it and wondered how just tapping on a single emoji can cause an app to freeze and become unresponsive. The answer, unsurprisingly, is that it can’t.

The message, which is shown below, is actually made up of more than what meets the eye. You might have even suspected as much if you already noticed that tapping anywhere on the message — and not only on the black dot — triggers the bug. The fact is that there are hundreds (around two thousand, actually) of invisible characters in the message that end up causing Android’s text rendering engine to go haywire and ultimately crash, particularly on older devices. (Some newer phones like the Pixel 2 seem to recover after freezing up and don’t force close the app.)

…the invisible part of the message is comprised of special characters which Unicode uses to specify whether a given text should be laid out right-to-left or left-to-right. These characters are necessary to properly display text in several languages that are written right-to-left, such as Hebrew and Arabic.

There’s nothing wrong with these characters per se. Modern devices have been able to handle LTR and RTL text for decades, even within the same sentence. The issue only shows up when a strange combination of characters triggers some obscure bug in the rendering engine — which is precisely what is happening here. The sequence of two thousand characters switches the text’s orientation back and forth repeatedly, and when the engine can’t handle this string of characters, it locks up and crashes the app. The curious part is that Android is able to display the characters without any issue, but locks up when a user tries to tap the message.


Not seeing how this is different from the rendering bugs on iOS that cause people to write OMG IPHONE IS BROKEN APPLE CAN’T CODE IT IS DOOMED stories. Those aren’t a big deal either, of course, but the contrast is weird.
link to this extract

UK regulator orders Cambridge Analytica to release data on US voter • The Guardian

Carole Cadwalladr:


Cambridge Analytica has been ordered to hand over all the data and personal information it has on an American voter, including details of where it got the data and what it did with it, or face a criminal prosecution.

The UK Information Commissioner’s Office (ICO) served the enforcement notice to the company on Friday in a landmark legal decision that opens the way for up to 240 million other American voters to request their data back from the firm under British data protection laws.

The test case was taken to the ICO by David Carroll, an associate professor at Parsons School of Design in New York. As a US citizen, he had no means of obtaining this information under US law, but in January 2016 he discovered Cambridge Analytica had processed US voter data in the UK and that this gave him rights under British laws. Cambridge Analytica had refused to accept this and told the ICO that Carroll was no more entitled to make a so-called “subject access request” under the UK Data Protection Act “than a member of the Taliban sitting in a cave in the remotest corner of Afghanistan”.

The ICO did not accept this as a valid legal argument and has now told SCL Elections, which acted as the data controller for Cambridge Analytica, that it has 30 days to comply or appeal. Cambridge Analytica and its affiliates announced this week that they had gone into liquidation, but the ICO has made it clear that it cannot avoid its responsibilities under UK law and states that “failure to comply with this enforcement notice is a criminal offence”.


The way that Cadwalladr has worked on this story has been like water eroding a stone. Over time, the stone gives up its weakness.
link to this extract

Telegram messaging app scraps plans for public coin offering • WSJ

Paul Vigna:


The popular messaging app Telegram has brought in so much money from a small group of private investors that it is calling off a planned sale of cryptocurrency to the wider investing public, according to a person familiar with the matter.

Telegram Group Inc. has pulled in $1.7bn by selling newly created cryptocurrency to fewer than 200 private investors.

The startup, founded by two Russian brothers, has created a groundswell of enthusiasm in the private markets for its next project, which it describes as a digital payments and technology platform that will appeal to a wider audience than established virtual currencies like bitcoin.

Telegram says it is using the money it has raised for the project, called Telegram Open Network, to build out its technology and further redevelop and maintain its main messenger service, which has about 200 million users globally.

The network, which will be built using “blockchain” ledger technology, “can become a Visa/Mastercard alternative for a new decentralized economy,” the company noted in a 23-page description of its plans.


That’s an average of $8.5m each from those investors. They must think that the “shares” (that’s what they effectively are) will appreciate substantially in value over the coming years.

Cryptocurrencies are becoming investment vehicles kept growing by faith that they’ll keep growing. I’m not sure how sustainable that is.
link to this extract

Errata, corrigenda and ai no corrida: none notified

Start Up: Xiaomi preps giant IPO, tablet market (but not iPad) withers, the CIA cop on the streets, and more

GoPro made another loss. How long before its time runs out? Photo by Janeen on Flickr.

You can sign up to receive next week’s (and the future’s!) daily Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 11 links for you. My Twitter password isn’t in here. I’m @charlesarthur on Twitter. Observations and links welcome.

The spy who came home • The New Yorker


Though [Patrick] Skinner had completed his training just two months earlier, he already knew every road in the Third Precinct. On slow nights, he tried to memorize the locations of Savannah’s traffic lights and stop signs, so that he could visualize the quickest route to any call. Darren Bradley, who went through training with Skinner, said, “When they gave us the sheets with police signals and codes”—a list of nearly two hundred radio call signs—“he looked it over once and had it in his head.”

As Skinner approached Summerside, a white Camaro with tinted windows pulled out and came toward him. Cars registered in Georgia don’t have license plates on the front, but, as the Camaro zoomed past, Skinner glanced into his side mirror, memorized the rear-plate number from its backward reflection, and called it in.

Skinner sped north, picturing the Camaro’s likely escape route, and how to cut the driver off. “If he’s an idiot, he’ll turn right on Fifty-second Street and end up behind me at the next light,” Skinner said. Two minutes later, the Camaro rounded a bend and pulled up behind Skinner. He smiled.

In Savannah, several cars are stolen every day—often for use in other crimes. The Camaro driver made some evasive maneuvers, but, to Skinner, this behavior did not qualify as probable cause for a traffic stop. When the dispatcher ran a check on the license plate, it came back clean. Skinner continued on his patrol.

Georgia’s law-enforcement-training program does not teach recruits to memorize license plates backward in mirrors. Like many of Skinner’s abilities, that skill was honed in the C.I.A.


This is a long, but great, read.
link to this extract

Facebook’s dating service is a chance to meet the catfisher, advertiser or scammer of your dreams • The Washington Post

Drew Harwell and Elizabeth Dwoskin:


The love-seeking singles of Facebook’s new dating service, privacy experts say, may not be prepared for what they’ll encounter: sham profiles, expanded data gathering and a new wave of dating fraud.

Facebook — under fire for viral misinformation, fake accounts and breaches of trust — said this week it will soon offer a new dating service designed to help its users find love, giving the world’s largest social network a uniquely intimate vantage point on its users’ romantic desires and personal lives.

The service will allow people older than 18 to create a dating profile — separate from their main profile and invisible to their friends — that it shows to potential matches based on common interests, dating preferences, location and mutual friends, company officials said.

Using a button — not a swipe, as popularized by popular dating app Tinder — people will then be able to say whether they’re “interested” or would rather “pass” on those potential partners, officials said. Matches will be shown the other person’s first name, age, current city and photo, though users will also have the option of sharing their work, education and other biographical information. The service will begin testing in a few months.

Privacy watchdogs, advertising experts and industry rivals worry the service could expose users more acutely to the worst of the Web — scams, malicious strangers and other problems Facebook already has its hands full with.


This was pretty much my point when I spoke to CNN about this earlier in the week. We know what the desired consequences are; but Facebook should try to think about the possible unintended consequences. (Of course the problem is it’s really, really hard to forecast them.) We’ve seen what happened with the news feed: fake news, and inflammatory behaviour creating social disruption. What happens with the “dating feed”?
link to this extract

GoPro reports smaller-than-expected loss on lower costs • Reuters


Action-camera maker GoPro Inc reported a smaller-than-expected first-quarter loss on Thursday as the company cut costs and sold more of its new entry-level cameras…

GoPro — whose cameras are used by surfers, skydivers and other action junkies — said revenue fell to $202.35 million from $218.61 million. Analysts had expected revenue of $184.2m. The company’s net loss narrowed to $76.3m in the quarter ended March 31, from $111.2m a year earlier. Total operating expenses fell to $119.7m from $156.8m.

The company – which exited its Karma drone business to stem losses- has been trying to attract users with its $199.99 entry-level HERO camera that was announced in March.

The company in April also announced huge discounts and trade-up programs for its premium products.

Demand for GoPro’s cameras have been waning as users move to cheaper options and smartphones with powerful cameras.


As with Fitbit yesterday, the question has to be: how close to the ground is it going to get before it’s scooped up? There’s no reason for it to exist in its own right; it doesn’t have enough of an ecosystem. Hardware on its own is insufficient – something that Cisco (rightly, in retrospect) figured out when it abruptly closed its Flip camera division in 2011 as smartphones ate its business.

Likely buyer: Xiaomi, which should have some cash to spare soon. (Read on.)
link to this extract

How to live in San Francisco without spending any money • WSJ

Eliot Brown:


Venture capital has barreled by the billions into startups aimed at urban millennials, hunting for hits in businesses meant to shake up food delivery, home cleaning and car sharing, typically starting in the tech-savvy Bay Area.

But with record levels of money lying around, investors don’t always have patience for slow growth. So companies juice demand with heavy discounts to first-time users—and generous referral bonuses for anyone who signs up a friend. Ideas that gain traction spawn competitors who tend to spend even heavier on marketing.

All the promotions make for a golden consumer age in San Francisco, so long as these businesses last.

Want a rental car? Getaround starts at $5 an hour, and the first $20 is free. A snickerdoodle cookie within 15 minutes? Doughbies offers $10 off your first delivery. Or $20 off your first $30 order of marijuana? Eaze will deliver in San Francisco within 20 minutes with a discount code.

Elad Ossadon and Noam Szpiro, who work in software engineering, have become referring pros. In 2016, they created a website called VC Fund My Life, which catalogs discounts and freebies. When a user signs up for the startups listed, they get a referral bonus, often alerted by a buzz of their phones.

Mr. Ossadon said before he started the site, he was pushing startups with bonuses on anyone he knew.

“Friends that visit here, move here—friends of friends, random people,” he said. His reward: free burgers and Thai food delivered by startup Postmates and “months over months” of free housecleanings from on-demand services company Handy.

In all, Mr. Ossadon and Mr. Szpiro estimate they have earned over $10,000 in referral credits, although many startups have started to put an expiration on the credits. “The challenge after a while became, can you use your credits before they expire?” said Mr. Szpiro, in a gray knit shirt acquired with the aid of referral credits from online retailer Everlane.


But none for rent, are there?
link to this extract

Player 3 has joined the game – Chrome OS detachables paint a brighter future while tablet market struggles • IDC


Global tablet shipments in the first quarter of 2018 (1Q18) reached 31.7m, declining 11.7% from the prior year, according to preliminary data from the International Data Corporation (IDC) Worldwide Quarterly Tablet Tracker. However, the growing niche of detachable tablets like the Microsoft Surface and iPad Pro did experience more than 2.9% year-over-year growth and captured 15.3% share as newer models came into play. Meanwhile, the decline for traditional slate tablets continued as vendors managed to ship 26.8m units, down 13.9% from the prior year.

“Chrome OS’ entrance in the detachable market is a welcome change as Google is finally a serious contender from a platform perspective,” said Jitesh Ubrani, senior research analyst with IDC’s Worldwide Quarterly Mobile Device Trackers. “Google’s tighter control and integration of Chrome OS will allow brands to focus more on hardware design and additional services rather than spending resources reconfiguring Android to work in a detachable setting. Combined with Microsoft’s efforts to run Windows on ARM, the detachable market is poised for strong growth in the near term.”

“The timing of Chrome OS’ official entry into the tablet category is apt,” stated Linn Huang, research director, Devices and Displays. “Peak education buying season is approaching, and Chrome OS has resonated with administrators for its manageability where deployment is strong. Schools looking for that same environment but in tablet form – generally students aren’t provisioned a device with a keyboard until older – could find favor with these new devices.


The detachables market seems to be (on those numbers) 4.85m. Apple sold 1.8m iPad Pros – making it leader in the detachables market. Lenovo managed 0.2m detachables, apparently. That leaves another 2.85m split between all the others.

link to this extract

Sources: Facebook has fired multiple employees for snooping on users • Motherboard

Joseph Cox and Max Hoppenstedt:


On Tuesday, Facebook fired an employee who had allegedly used their privileged data access to stalk women online. Now, multiple former Facebook employees and people familiar with the company describe to Motherboard parts of the social media giant’s data access policies. This includes how those in the security team, which the fired employee was allegedly a part of, have less oversight on their access than others.

The news emphasizes something that typical users may forget when scrolling through a Silicon Valley company’s service or site: although safeguards against abuse may be in place, there are people who have the power to see information you believe to be private, and sometimes they may look at that data.

Motherboard granted the sources in this story anonymity to speak more candidly about Facebook’s policies and procedures. One source specifically mentioned Facebook’s strict non-disclosure agreement.

One former Facebook worker said when they joined the company multiple people had been terminated for abusing access to user data, including for stalking exes.

Another former Facebook employee said that they know of three cases where people were fired because they mishandled data, one of which included stalking. Typically, these incidents are not publicly reported.

As with many other businesses, data access is distributed depending on an employee’s role in a company. One source familiar with Facebook employees’ data access told Motherboard that different teams have varying levels of access, and that they can request additional access if required. The person added that the security team is more trusted than other departments, and abuse there is more difficult to detect.


link to this extract

Xiaomi shows off scorching growth ahead of $10bn IPO • Bloomberg


The Chinese smartphone maker filed for an IPO in Hong Kong Thursday, kicking off a process that’s expected to raise at least $10bn and confer a value of $100bn on the eight-year-old company. That offered investors a glimpse into the inner workings of the company controlled by billionaire Lei Jun, and its ups-and-downs since almost dropping off the radar in 2016…

…Xiaomi, reporting detailed financials for the first time, posted a net loss of 43.9bn yuan in 2017, reversing from a meager profit a year earlier. Some of that however reflected one-time items such as share-based compensation and changes in the value of preferred shares, the company said in its filing. Excluding those, operating profit reached 12.2bn yuan.

The company is taking advantage of changes by Hong Kong that allowed companies with different share classes to list. The filing didn’t mention how much it’s looking to raise, with the number of shares and price among details redacted from the document. It’s a big win for Hong Kong Exchanges & Clearing Ltd., whose officials spent years pushing to scrap a ban on the weighted voting rights that give founders control even with minority ownership. Xiaomi’s decision, four years after Alibaba Group Holding Ltd. chose New York, signals a new phase for the city’s ambitions to rival the U.S. market.

“Investors will like Xiaomi’s business model because growing user numbers guarantee profits in the future,” said James Yan, an analyst at Counterpoint. “A bigger hardware user base will translate to stronger profitability from services and at the ecosystem end.”


Lots of detail in this: 40% of its smartphone sales from outside China in 2017. (That will be mostly India.) It’s doing OK, especially given how it stumbled in 2016.
link to this extract

Xiaomi phones to be sold in UK, Italy, and other European markets • Android Authority

Oliver Cragg:


The Beijing-based firm today announced that it has partnered with CK Hutchinson to bring Xiaomi products to Three Group Europe stores in Austria, Denmark, Italy, Ireland, Sweden, and the U.K.

Three — one of the four major carriers in the UK — has confirmed that Xiaomi phones will be sold in stores across the country in the near future. This marks the first time Xiaomi phones will be officially available to buy in the region without having to resort to importing websites.

“We have been watching Xiaomi’s success from afar and impressed with the huge range of connected devices that they currently offer,” said Tom Malleschitz, chief digital officer at Three’s U.K. division.


Has Xiaomi managed to figure out how to get around the patent infringement claims that are sure to follow this?
link to this extract

Senior North Korean counterintelligence official believed to have defected •

Joseph Fitsanakis:


One of North Korea’s most senior intelligence officials, who played a major role in building Pyongyang’s nuclear weapons program, has disappeared and is believed to have defected to France or Britain, according to sources. South Korean media identified the missing official as “Mr. Kang”, and said he is a colonel in North Korea’s State Security Department (SSD), also known as Ministry of State Security. Mr. Kang, who is in his mid-50s, enjoyed a life of privilege in North Korea, because he is related to Kang Pan-sok (1892-1932), a leading North Korean communist activist and mother to the country’s late founder, Kim Il-sung.

According to South Korean reports, Kang was in charge of North Korea’s counter-espionage operations in Russia and Southeast Asia, including China. He is also believed to have facilitated secret visits to Pyongyang by foreign nuclear scientists, who helped build North Korea’s nuclear weapons program. In recent years, Kang was reportedly based in Shenyang, the largest Chinese city near the North Korean border, which is home to a sizeable ethnic Korean population.


This could make the summit a little more interesting. Reckoned to have defected to Britain or France some time in February; North Korea reckoned to have a manhunt going on. He’ll do well to evade the sort of VX nerve agent murder that Kim Jong-un used on his half-brother. (It’s not only Russians that do that sort of thing.)
link to this extract

Businesses warned over GDPR privacy policies • Out-Law


Many companies have issued new privacy terms to consumers ahead of the new General Data Protection Regulation (GDPR) taking effect on 25 May. However, European data protection supervisor Giovanni Buttarelli said some of the policies he has seen present a “take-it-or-leave-it proposition” that may not comply with the new laws.

“Too often privacy policies have seemed to be designed to provide legal cover for the companies themselves in the case of harm to a customer: non-negotiable, incredibly long, complicated, full of legal jargon which nobody reads …”, said Buttarelli. “Furthermore, the policies have tended to give an illusion of user control – while in reality you cannot see or control what the company does with information about you.”

“Companies whose business model depends on tracking are now asking their customers to say whether they agree to, for example, the use of sensitive data and data from outside sources. Just like with the notorious cookie pop-ups, people fell pushed towards clicking ‘I accept’ because the only apparent alternative on offer seems complicated, time-consuming and risks excluding them from digital society,” he said.

“We and other DPAs (data protection authorities) are therefore worried that even the biggest companies may not yet understand that with the GDPR these manipulative approaches must change. They must change, for instance, to satisfy Article 7(4) of the GDPR, which states that consent cannot be freely given if the provision of a service is made conditional on processing personal data not necessary for the performance of a contract,” he said.


It’s going to be a mess. Twitter is likely in a few advocates’ sights: its system for data control is pretty rubbish.
link to this extract

Google Pay is rolling out on the web for desktop and iOS • Android Police

Rita El Khoury:


The move from Android Pay, Google Wallet, and Pay with Google to Google Pay hasn’t been completely smooth sailing, but the Mountain View giant is slowly getting its footing and transitioning everything from the old brandings to the new one. The latest to make the switch are web payments done either on desktop or on iOS.

Google is starting to roll out Pay on the web for iPhone, iPad, and desktop users so you should start seeing it when you’re trying to make a payment on a supported site, regardless of the browser or device you’re using.


Why would you want to use Google Pay on iOS? If it wasn’t on desktop previously, then the only way would be if you had Google Pay on an Android and switched. But iOS encourages you to set up an Apple Pay account when you set up the device. And Google Pay would be less convenient than the built-in Apple Pay system.
link to this extract

Errata, corrigenda and ai no corrida: none notified