#cyberwars: Harry Potter and the army of hackers (or why hackers are wizards, of a sort)


Cyber Wars book cover This is the second of a series of posts about my book Cyber Wars, published May 2018 in the UK and in the US, which investigates hacking incidents such as the Sony Pictures hack, the TalkTalk hack, ransomware, the Mirai IoT botnet. It looks at how the people in those organisations responded to the hacks – and takes a look at what future hacks might look like. (The first was on phishing.)

Hermione alohomora

When I’m giving presentations about Cyber Wars, I often include this picture in a slide. It shows the character Hermione Granger in one of the Harry Potter films opening a door by saying the spell “Alohomora”. Hacking, I explain, is the search for the spell that will open the door. Not a physical door, generally, but the “door” into the target computer so that you can make it do what you want.

I think that the resemblances go deeper, though. The wizards in the Harry Potter novels are all hackers, in one way or another: they’re using their skills to make something that doesn’t ordinarily happen (levitating feathers, say) occur.

Like hackers, they range in ability, from the most basic “script kiddies” following instructions handed down by their seniors – basically, the classrooms where the first-years learn to incant “wingardium leviosa!” – to the people working at the limits of what’s known, good or bad: think Voldemort and his groundbreaking approach to not dying, or Dumbledore and his research (pre-Hogwarts, I think?) into various types of magic.

Mother and father of invention (and wizards)

This might seem like an overcooked metaphor to you, but there’s an important question in the Harry Potter universe which isn’t directly answered in the books.

It’s this: where do spells come from? And the related question: can you invent new ones? This relates to hackers, because if wizards can invent new spells, then they’re exactly like hackers, who are always searching for new ways to break into stuff – think Heartbleed, Meltdown, Spectre, Shellshock – even as they rely on older tried and trusted methods, such as SQLi and buffer overflows, the “Alohomora” and “Accio!” of the hacking world.

JK Rowling never deals with the question of where spells come from in the books. But this doesn’t mean that she hasn’t left clues or that we can’t tease out the truth about it. Rowling famously plotted everything in great detail, but just as she doesn’t deal with where spells come from, she doesn’t deal with what makes a wizard, well, wizardy.

When it comes to wizardry, it’s evident from the way the capability passes through families, and sometimes drops out of families (as in the case of the Hogwarts caretaker Filch, a non-wizard born to wizarding parents who describes himself as a “squib”), or pops up in non-wizarding families (as with Hermione, born to non-wizarding parents) that it is genetic. Inevitably, there’s been a paper written about this, suggesting it’s autosomal dominant; squibs are from double recessives, and wizards born to Muggles from spontaneous mutations. (Autosomal dominant characteristics are usually described for their bad characteristics – Huntington’s disease, for example. Wizards might differ.)

Cast a spell

So let’s move on to spells. We know that there are lots and lots of spells; the children are taught them, at tedious length. It’s clear too that some adults have access to levels of skill in applying spells that the children can’t perceive; think of the fight (best shown in the film) between Voldemort and Dumbledore in the Ministry of Magic, which for my money is the best sequence of all the films.

But crucially, in Harry Potter and the Half-Blood Prince, we learn that spells can be improved upon. Harry comes across an old textbook for his Potions class which has handwritten notes about how to make various potions; they improve on what’s in the book, demonstrating that you can do better than what past wizards do. Harry then discovers a spell in it that he’s never seen before: a fighting curse, “sectumsempra” (which, if it were Latin, would mean “always cut”), which he later employs to almost lethal effect. When he subsequently tries to use it on a fleeing adult, his attempt is deflected – and the adult sneers at him: “you dare use my own spells against me?”

There’s your proof: in the Harry Potter universe, wizards can indeed invent their own spells. The potential is literally unlimited, bounded only by what they can imagine and find to do. That is, spells are not the same as, say, laws of physics or chemical elements. Spells are human – well, wizard – creations rather than natural phenomena.

In this way, Harry Potter wizarding is exactly like hacking. There, people try to find new ways to get computers to do stuff that nobody had expected. You mean that when you demand more data from the input buffer of a TLS server, it gets read and sent back? Sure – that’s Heartbleed, which seems to have been discovered at least three and possibly four times, if you include the two final times that led to its public disclosure. (One of those pre-discoverers is thought to be the US National Security Agency.) Who would have thought to ask that? Who would have thought to try “sectumsempra” as a fighting curse? (In the book, it says that different versions of the word have been written and crossed out before the final one is left. Which leaves you wondering how the previous versions were tested.) Trial and error plays a huge part in hacking too: trying combinations, trying different things, guessing, intuiting. And if you’re lucky or talented or both, you’ll get results.


(image from Wikipedia)

Butterbeer and layer cake

We can also see that the Potter world is striated rather like the hacking world. At the base level, you have the script kiddies (OK, spell kiddies): carrying out commands without really knowing quite how they work, but pleased with the effect.

Then there are the professionals: people who are using these techniques to get things done, and will occasionally invent their own methods to get around limitations that block them. For the most part, though, it’s the careful refinement of existing processes – think of all those people in the Ministry of Magic doing magic gruntwork. Think too of the commercial hackers rewriting a piece of ransomware to take account of the new defences put up against them.

At a higher level still you have those who are using more sophisticated versions of these skills for personal and political ends. Of course we’re back with Dumbledore and Voldemort. What doesn’t vary, though, is the general requirement to explore the capabilities of the systems involved, and in that you’re talking about the same sort of approach. Creating a Horcrux to defeat your enemies? Developing a virus that will wipe every computer on your target’s network once you’ve exfiltrated all their email, spreadsheets and a number of unreleased films? Pretty much the same process: a certain amount of education, knowledge, research, non-live testing, and then implementation.

One point about this metaphor is that we’re used to thinking of Harry Potter and his ilk as the good guys, the white hats, the nice ones. This is true enough if you think that most wannabe hackers go on to be “white hat” players, defending systems from attack from the Hogwarts first-years. (It’s also disconcerting if you take this approach, because a significant number of systems are hacked by people whose hacking skills are comparable with Neville Longbottom rather than Hermione’s.) When you think of Potter creating “Dumbledore’s Army” in “Order of the Phoenix”, just recast it as a password-protected online hacker forum where a bunch of script kiddies are trading methods to break into commercial systems.

When thinking about real-world hackers, it’s useful to consider that some people are very highly skilled – wizards, almost – and that their ability to use the hacker equivalent of the Imperius spell to subvert systems you thought you could rely on means you might not even realise that they’re inside. Certainly that was the experience recently of Dixons Carphone, which in June said that it had discovered that hackers had been inside its systems since the previous July. Eleven months? That’s pretty dramatic, and embarrassing for those who were meant to be guarding the perimeter, and the inside.

One could go on extending this metaphor: Azkaban prison is like any old prison. The Dementors are the plain old law enforcement, taking away your soul – well, computer – and leaving you as good as dead. House-elves are perhaps Internet of Things devices (which would explain why they occasionally cease obeying us altogether when a hacker comes along and gives them different instructions). Other suggestions of metaphor extensions – for dragons, goblins, and other members of that universe – are welcome.

And meanwhile, although there isn’t any discussion of Harry Potter and hacking in my book, there is plenty about hacking topics. See the links at the top.

Start Up: poisoning neural networks, the quiet smart home, will Article 13 pass?, Cook v Trump, and more


Superglue! Sticks human tissue! Why not in surgery too? Photo by Bill Keaggy on Flickr.

A selection of 10 links for you. Why the caged bird sings. I’m @charlesarthur on Twitter. Observations and links welcome.

How to stealthily poison neural network chips in the supply chain • The Register

Thomas Claburn:

»

“Hardware Trojans can be inserted into a device during manufacturing by an untrusted semiconductor foundry or through the integration of an untrusted third-party IP,” [Clemson University researchers Joseph Clements and Yingjie Lao] explain in their paper. “Furthermore, a foundry or even a designer may possibly be pressured by the government to maliciously manipulate the design for overseas products, which can then be weaponized.”

The purpose of such deception, the researchers explain, would be to introduce hidden functionality – a Trojan – in chip circuitry. The malicious code would direct a neural network to classify a selected input trigger in a specific way while remaining undetectable in test data.

“For example, an adversary in a position to profit from excessive or improper sale of specific pharmaceutics could inject hardware Trojans on a device for diagnosing patients using neural network models,” they suggest. “The attacker could cause the device to misdiagnose selected patients to gain additional profit.”

They claim they were able to prototype their scheme by altering only 0.03% of the neurons in one layer of a seven-layer convolutional neural network.

Clements and Lao say they believe adversarial training combined with hardware Trojan detection represent a promising approach to defending against their threat scenario. The adversarial training would increase the number of network network neurons that would have to be altered to inject malicious behavior, thereby making the Trojan large enough potentially to detect.

«

link to this extract


Only 6% of smart speaker owners using them to control smart home devices • 9to5Mac

Ben Lovejoy:

»

A new survey of smart speaker owners found that only 6% of them are currently using the device to control smart home devices like lighting and heating.

Interestingly, even for HomePod – which is a very music-focused device – playing music was only the third most common use …

The IHS Markit study found that answering a question and checking the news or weather led the way, with discovering and controlling music in third place. Controlling other smart home devices is currently the least common use of a smart speaker.

However, the company told us this is expected to change rapidly.

“Controlling smart home devices by voice currently represents only a small fraction of total smart-speaker interactions,” said Blake Kozak, principal analyst, smart home, IHS Markit. “However, this category will continue to trend upward as more video-streaming devices come to rely on voice control, as security alarm systems adopt voice control to arm and disarm, and as more builders embed smart devices throughout new homes.”

«

Survey of 937 owners, so that’s 56 people doing this, across US, UK, Japan, Germany and Brazil. But yes, you’d expect this number to pitch up as the systems they’re linked to get smarter.
link to this extract


Russian trolls weigh in on Roseanne Barr and Donald Trump Jr • WSJ

Georgia Wells, Rob Barry and Shelby Holliday:

»

Newly identified Russian trolls posted politically divisive messages on Twitter as recently as last month, hitting on a wide array of hot-button issues, according to a Journal analysis of recently revealed investigative documents and Twitter data.

The new tranche of about 1,100 account names, released Monday by Democrats on the House Intelligence Committee, brings the total number of publicly known Russian troll farm-operated accounts to more than 3,800. Last month, the Journal reported that the identities of many of the Russian accounts had not been publicly revealed.

The newly identified users posted more than 2.9 million tweets and retweets, bringing the total amount of Russian troll farm content on the platform to more than 8 million tweets and retweets, the Journal’s analysis found.

«

EIGHT MILLION. Is that a lot? I mean, there are lots of tweets every day. Twitter says it has 330 million monthly active users. And a lot of these accounts are pretty small beer – though they have had a couple of viral tweets. There’s influence, and then there’s “influence”. I wonder if the writers looked at each other when they got the 8m number and went “eh, sounds big enough for the newsdesk if we look outraged – say EIGHT MILLION in a loud voice.”
link to this extract


On June 20, an EU committee will vote to crown Google and Facebook permanent lords of internet censorship • Boing Boing

Cory Doctorow:

»

On June 20, the EU’s legislative committee will vote on the new Copyright directive, and decide whether it will include the controversial “Article 13” (automated censorship of anything an algorithm identifies as a copyright violation) and “Article 11” (no linking to news stories without paid permission from the site).

These proposals will make starting new internet companies effectively impossible — Google, Facebook, Twitter, Apple, and the other US giants will be able to negotiate favourable rates and build out the infrastructure to comply with these proposals, but no one else will. The EU’s regional tech success stories — say Seznam.cz, a successful Czech search competitor to Google — don’t have $60-100,000,000 lying around to build out their filters, and lack the leverage to extract favorable linking licenses from news sites.

If Articles 11 and 13 pass, American companies will be in charge of Europe’s conversations, deciding which photos and tweets and videos can be seen by the public, and who may speak.

The MEP Julia Reda has written up the state of play on the vote, and it’s very bad. Both left- and right-wing parties have backed this proposal, including (incredibly) the French Front National, whose Youtube channel was just deleted by a copyright filter of the sort they’re about to vote to universalise.

«

Wired says that “the EU’s bizarre war on memes is totally unwinnable“, and that sums it up. Copyright allows for “fair dealing” (aka “fair use”) in the UK, and other elements of this will fail because the EU supports “freedom of expression” as part of its human rights law.
link to this extract


Superglue built planes, nukes and saved soldiers’ lives • War Is Boring

James Simpson:

»

Throughout the late 1930s and ’40s, aircraft switched from heavy glass canopies to acrylic. By virtue of being readily formed and having increased strength, acyrlic gave pilots better visibility than glass, which had to be mounted into opaque frames.

New jet airplanes also needed new canopies. Flying at higher speeds than propeller-driven planes, the jets’ cockpits needed to be stronger, tougher and more heat-resistant.

Still at Eastman Kodack and now based in Tennessee, Coover was once more on the case. The chemist headed a team that experimented with acylate polymers in the hope of finding an optically-clear plastic that could survive the stresses of jet flight.

Fred Joyner, one of Coover’s teammates, prepared a sample from the long list of compounds, and the team planned to measure its refractive index — the degree to which the material bends light. Joyner put ethyl cyanoacrylate between two $700 prisms called refractometers, noted down the result and then found that he couldn’t pull them apart.

The cyanoacrylate had bonded the two expensive glass prisms together and neither Joyner nor his superiors could figure out how to separate them. Coover then realized the importance of his discovery nine years prior. “I didn’t recognize, at first, that this was not a casting material we were working with but a unique new adhesive,” he told the Chicago Tribune in 1986.

His eyes now open, Coover took a sample of Joyner’s monomers and tried sticking together everything he could find in the lab. The glue was instant and strong — stronger than anything available at the time.

«

A reprint of a 2015 story, and it’s a great one. (Question: what are reprints in the web age?) Plus the struggle to get it used medically must have been exhausting.
link to this extract


ZTE, US suppliers shares tank after Senate puts Trump reprieve in doubt • Reuters

Sijia Jiang:

»

The 85-10 bipartisan vote marked one of the few times the Republican-led Senate has veered from White House policy and came on the same day that US President Donald Trump threatened to impose a 10% tariff on $200bn of Chinese goods, escalating tensions between the world’s two biggest economies.

Trump is expected to lobby hard against the amendment to the National Defense Authorization Act (NDAA), and before it can become law the bill must be reconciled with one passed by the US House of Representatives that does not include the amendment.

Any compromise measure must then be passed by both chambers and signed into law by Trump, a series of hurdles that has Asia-based analysts predicting ZTE will get eventually get its reprieve.

“The NDAA is not really a reversal of the ZTE deal, but will in all probability prolong the ban-lifting process for ZTE,” said Nikhil Batra, a senior research manager with industry consultancy IDC.

ZTE’s Hong Kong-listed shares tumbled as much as 27% to HK$9.56, their lowest level in nearly two years, before ending the day down 25%.

«

Trump is going to be made to sweat for his promise to lift ZTE out of the grave. Plenty of road left in this tale.
link to this extract


Apple chief Tim Cook condemns ‘inhumane’ US detention of children • Irish Times

Ciara O’Brien:

»

Speaking in Dublin on Tuesday, Mr Cook described the situation as “inhumane” and said Apple would be working with people in the US government to try to be a “constructive voice” on the issue.

“It’s heartbreaking to see the images and hear the sounds of the kids. Kids are the most vulnerable people in any society. I think that what’s happening is inhumane, it needs to stop,” Mr Cook told The Irish Times.

We’ve always felt everyone should be treated with dignity and respect. In this case, that’s not happening.”

The Apple chief executive said he had previously spoken with Mr Trump on a number of issues.

“I have spoken with him several times on several issues, and I have found him to listen,” he said. “I haven’t found that he will agree on all things.”

Among the issues Mr Cook has disagreed with the president on are the US decision to pull out of the Paris climate accord, and the ongoing issue of the status of so-called Dreamers, who are undocumented people living in the US.

He said Apple would would take a constructive approach to try to deal with the current situation.

“I’m personally a big believer in the way to be a good citizen is to participate, is to try to advocate your point of view, not to just sit on the sideline and yell or complain,” he said.

«

He may have spoken to Trump several times, but if he thinks Trump is listening beyond the point where he walks out of the room, I think he’s wrong. Trump’s moves in tariffs against China demonstrate that.
link to this extract


Augmented reality and virtual reality are on the VRge of growth • IDC

»

Worldwide shipments of augmented reality (AR) and virtual reality (VR) headsets were down 30.5% year over year, totaling 1.2m units in the first quarter of 2018 (1Q18), according to the International Data Corporation (IDC) Worldwide Quarterly Augmented and Virtual Reality Headset Tracker. Much of the decline occurred due to the unbundling of screenless VR headsets during the quarter. For much of 2017, vendors bundled these headsets free with the purchase of a high-end smartphone, but that practice largely came to an end by the start of 2018. Despite a poor start to 2018, IDC anticipates the overall market will return to growth over the remainder of the year as more vendors target the commercial AR and VR markets and low-cost standalone VR headsets such as the Oculus Go make their way into stores. IDC forecasts the overall AR and VR headset market to grow to 8.9 million units in 2018, up 6% from the prior year. That growth will continue throughout the forecast period, reaching 65.9 million units by 2022.

“On the VR front, devices such as the Oculus Go seem promising not because Facebook has solved all the issues surrounding VR, but rather because they are helping to set customer expectations for VR headsets in the future,” said Jitesh Ubrani senior research analyst for IDC Mobile Device Trackers. “Looking ahead, consumers can expect easier-to-use devices at lower price points. Combine that with a growing lineup of content from game makers, Hollywood studios, and even vocational training institutions, and we see a brighter future for the adoption of virtual reality.”

When it comes to augmented reality headsets, many consumers have already had a taste of the technology through screenless viewers such as the Star Wars: Jedi Challenges product from Lenovo. IDC anticipates these types of headsets will lead the market in shipment volumes in the near term.

«

So they’re saying the fall is really down to a different way of counting. I’m not so sure. VR either needs more computing power than people are willing to put into it, or better applications.
link to this extract


China’s social media app WeChat demands more info from users • Radio Free Asia

Qiao Long:

»

China’s massively popular social media platform WeChat appears to have further tightened requirements for user registration, demanding access to all files and media content, and potentially giving the authorities access to everything on a user’s smartphone, RFA has learned.

A newly registered WeChat account resulted in a pop-up request on Thursday, calling for permission to access the device’s “photos, media library, and file content.”

Pressing “Deny” resulted in a further pop-up asking to turn on “storage space permissions.” Denying such permission resulted in the registration being aborted.

An internet service user in Guangzhou who has technical knowledge of WeChat’s functions told RFA that the app has evolved from a simple chat client to a form of spyware that monitors users’ behavior.

“If you use WeChat, there will be nothing private left on your phone,” Hu said. “Anything on your phone can be read by the app, which can even take control of the phone’s camera and microphone.”

“If the government wants to see what you are doing, or wants to hear what you are talking about, it can monitor you through WeChat, so it’s a very powerful tool,” he said.

Hu said users would be better off keeping at least one phone that didn’t have the app installed.

«

link to this extract


Tech giants are starting to line up for a David-versus-Goliath privacy fight in California • AdWeek

Marty Swant:

»

The initiative is being headed up by a core group of three people, none of whom come from the engineering or venture-capital circles of Silicon Valley, the epicenter of the very area that would be most affected by the passage of the proposal.

Rick Arney, a financial executive and one of the organizers, said the idea started two years ago after he and fellow organizers Alastair Mactaggart and Mary Ross couldn’t get traction in the state’s legislature. (Mactaggart comes from the real estate industry, while Ross spent her career in the CIA.)  

“It is not hard to find someone on a subway train that has been a victim of identity theft,” Arney said. “And when you tell people this will help stop that, they say, ‘Where do I sign up?’”  

The act targets larger businesses, those with annual gross revenue of $50m selling personal information of more than 100,000 consumers or devices, or having at least half of its annual revenue from selling personal information.

“We’ve tried to craft something that’s really common sense. This bill is something that moves the ball forward,” Arney said. “But I’m a businessperson. We’re not here to tear down companies.”

Some of the largest tech companies in the US—and the advertising trade groups that represent them—say the proposal goes much further than existing laws in the US or Europe. 

For example, while the EU allows people to opt out of exchanging data for offers, the California proposal would ban companies from giving preferential economic treatment—discounts or other promotions—to people who willingly provide their data. Some experts say the sweeping measure would also prevent companies like Facebook from having a paid model for those who don’t want their data collected if there’s still a free version for those who don’t mind targeted ads.

«

As you can imagine, there’s a ton of lobbying against this from the big companies.
link to this extract


You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

Errata, corrigenda and ai no corrida: ref yesterday’s post, it is New Zealand, not France, that is the fifth member of the “Five Eyes” intelligence sharing group. Thanks to Jonathan Beeston for the correction.

Start Up: DeepMind’s 3D mapper, Cohen’s BlackBerry cracked, smartwatches ticking up, and more


A flaw in Chromecast and Google Home could let companies zero in on your location via web pages. Photo by Marco Verch on Flickr.

A selection of 11 links for you. Not to be sold separately. I’m @charlesarthur on Twitter. Observations and links welcome.

DeepMind AI learns to reconstruct scenes from images • Axios

Alison Snyder:

»

The system uses a pair of images of a virtual 3D scene taken from different angles to create a representation of the space. A separate “generation” network then predicts what the scene will look like from a different viewpoint it hasn’t seen before.

• After training the generative query network (GQN) on millions of images, it could use one image to determine the identity, position and color of objects as well as shadows and other aspects of perspective, the authors wrote.

• That ability to understand the scene’s structure is the “most fascinating” part of the study, wrote the University of Maryland’s Matthias Zwicker, who wasn’t involved in the research.

• The DeepMind researchers also tested the AI in a maze and reported the network can accurately predict a scene with only partial information.

• A virtual robotic arm could also be controlled by the GQN to reach a colored object in a scene.

«

Full paper at Science.
link to this extract


Samsung’s cancelled Project Valley foldable phone revealed in pictures • SamMobile

“Abhijeet”:

»

As you can see in the images, Samsung’s early foldable phone was simply a regular smartphone with a second display panel attached to it with a folding hinge. It’s a rather unattractive design that would have seemed out of place at a time when the Korean giant launched the beautiful Galaxy S6 and Galaxy S6 edge. It would certainly have garnered a lot of attention as no other manufacturer would have had something similar to offer at the time, but Samsung clearly wasn’t interested in releasing a foldable phone just to be the first on the market.

That’s not to say this early Project Valley prototype isn’t important, as it’s proof that Samsung has been serious about foldable devices for a long time. The company went as far as filing a patent for the user interface for the device, and it has recently been pretty upfront about its plans to release a foldable smartphone at some point in the near future.

«

I’d have called this a “folding” phone rather than a “foldable” phone. Somehow “foldable” to me suggests a single screen that somehow can be made smaller. But whatever – this looked horrible.
link to this extract


Listen to children who’ve just been separated from their parents at the border • ProPublica

Ginger Thompson:

»

The baritone voice of a Border Patrol agent booms above the crying. “Well, we have an orchestra here,” he jokes. “What’s missing is a conductor.”

Then a distraught but determined six-year-old Salvadoran girl pleads repeatedly for someone to call her aunt. Just one call, she begs anyone who will listen. She says she’s memorized the phone number, and at one point, rattles it off to a consular representative. “My mommy says that I’ll go with my aunt,” she whimpers, “and that she’ll come to pick me up there as quickly as possible.”

An audio recording obtained by ProPublica adds real-life sounds of suffering to a contentious policy debate that has so far been short on input from those with the most at stake: immigrant children. More than 2,300 of them have been separated from their parents since April, when the Trump administration launched its “zero tolerance” immigration policy, which calls for prosecuting all people who attempt to illegally enter the country and taking away the children they brought with them. More than 100 of those children are under the age of four. The children are initially held in warehouses, tents or big box stores that have been converted into Border Patrol detention facilities.

«

I recognise that this isn’t a political collection (generally), but this action by the present US administration – actions which predecessors including GW Bush and Obama considered and rejected – is indicative of a descent in public behaviour. A week ago I linked to an article which said “American collapse isn’t just economic and political – it’s moral and ethical, too“. This policy is indicative of that collapse.

I realise one wants to detain people who might be illegal immigrants at the border. But that doesn’t necessitate separating them from their children. That is inhuman.
link to this extract


Google to fix location data leak in Google Home, Chromecast • Krebs on Security

Brian Krebs:

»

Craig Young, a researcher with security firm Tripwire, said he discovered an authentication weakness that leaks incredibly accurate location information about users of both the smart speaker and home assistant Google Home, and Chromecast, a small electronic device that makes it simple to stream TV shows, movies and games to a digital television or monitor.

Young said the attack works by asking the Google device for a list of nearby wireless networks and then sending that list to Google’s geolocation lookup services.

“An attacker can be completely remote as long as they can get the victim to open a link while connected to the same Wi-Fi or wired network as a Google Chromecast or Home device,” Young told KrebsOnSecurity. “The only real limitation is that the link needs to remain open for about a minute before the attacker has a location. The attack content could be contained within malicious advertisements or even a tweet.”

…When Young first reached out to Google in May about his findings, the company replied by closing his bug report with a “Status: Won’t Fix (Intended Behavior)” message. But after being contacted by KrebsOnSecurity, Google changed its tune, saying it planned to ship an update to address the privacy leak in both devices. Currently, that update is slated to be released in mid-July 2018.

«

The accuracy by this method is to within 10 metres – rather than the 2-3 miles that a typical IP address alone offers. If they get your location, plus an IP, plus some cookies, they’ve got your identity forever. “They” being advertisers who will want to pursue you on and off the net. Though how does Google Home “go” to a page, exactly?

Krebs suggests putting your IoT devices on a separate intranet from everything else. Quite a struggle.
link to this extract


FBI recovers WhatsApp, Signal data stored on Michael Cohen’s BlackBerry • Ars Technica

Sean Gallagher:

»

In a letter to the presiding judge in the case against Michael Cohen, President Donald Trump’s long-time personal attorney, the US Attorney’s Office for the Southern District of New York revealed today that it had obtained additional evidence for review—including a trove of messages and call logs from WhatsApp and Signal on one of two BlackBerry phones belonging to Cohen. The messages and call logs together constitute 731 pages of potential evidence. The FBI also recovered 16 pages of documents that had been shredded, but it has not yet been able to complete the extraction of data from the second phone.

The letter to Judge Kimba Wood stated that “the Government was advised that the FBI’s original electronic extraction of data from telephones did not capture content related to encrypted messaging applications, such as WhatsApp and Signal… The FBI has now obtained this material.”

This change is likely because of the way the messages are stored by the applications, not because the FBI had to break any sort of encryption on them. WhatsApp and Signal store their messages in encrypted databases on the device, so an initial dump of the phone would have only provided a cryptographic blob. The key is required to decrypt the contents of such a database, and there are tools readily available to access the WhatsApp database on a PC.

In a post to Twitter, attorney Michael Avenatti, who represents Stormy Daniels in her suit against Cohen over a nondisclosure agreement regarding her alleged sexual encounters with Donald Trump, crowed about the new evidence.

«

Manafort, Cohen – their opsec is revealed as pretty woeful. Part of what the FBI offered is “reconstructed shredded documents”. Oh dear.
link to this extract


New wearables forecast: smartwatches to continue ascendance while wristbands face flat growth • IDC

»

“The shift in consumer preferences towards smartwatches has been in full swing these past few quarters and we expect that to continue in the coming years,” said Jitesh Ubrani senior research analyst for IDC Mobile Device Trackers. “While Apple will undoubtedly lead in this category, what bears watching is how Google and its partners move forward. WearOS (formerly Android Wear) has been somewhat of a laggard recently and despite expected changes to the OS and the release of new silicon, we anticipate Android-based watches to be WearOS’ closest competitor due to the high amount of customization available to vendors and the lack of Google services in China.”

“Additionally, keep an eye on the other smartwatch platforms, including Fitbit’s Fitbit OS, Garmin’s Connected IQ, and Samsung’s Tizen,” said Ramon T. Llamas, research director for IDC’s Wearables team. “Fitbit’s Versa has had a warm reception in the market, and Garmin’s devices have had a steady presence for many quarters. Expect both companies to dive deeper into health and fitness while exploring new areas as well. Samsung, meanwhile, continues to make strides in the commercial space, including health care and wearable workflows.”

Smartwatches will evolve to encompass far more features and functionalities than they have today. “The smartwatches of 2022, even 2020, will make today’s smartwatches seem quaint,” added Llamas. “Health and fitness is a strong start, but when you include cellular connectivity, integration with other Internet of Things (IoT) devices and systems, and how smartwatches can enable greater efficiencies, the smartwatch market is heading for steady growth in the years to come.”

«

Forecasts the total market will grow 8.2% this year, to 124.9m units; smartwatches to be 44% of that (55m), of which Apple will be 20.2m.
link to this extract


Self-described ‘classical liberal’ YouTubers join far-right European political party • Right Wing Watch

Jared Holt:

»

YouTuber pundit Carl Benjamin, known online as “Sargon of Akkad,” Infowars editor-at-large Paul Joseph Watson and Scottish “Nazi pug” comedian Mark Meechan have announced that they are joining the right-wing populist and anti-immigrant UK Independence Party (UKIP), demolishing their claims that they are merely “classical liberals.”

Benjamin, Watson, and most recently Meechan, have become popular voices online for right-wing media audiences on YouTube in North America and Europe. For years, Benjamin and Watson have used their supposed “classical liberal” political orientation to present right-wing ideologies favorably and to incessantly bash caricatures of “social justice warrior” figures. Now these figures are joining an explicitly right-wing political party that has been rapidly crumbling since its political high point in 2015.

The first of the trio to join UKIP was Meechan, who is a Scottish comedian who was adopted by right-wing audiences when he stood trial for distributing a video in which a pug does a Nazi salute after Meechan prompts it with phrases like “Sieg Heil.” Meechan was supported in court by anti-Muslim activist Stephen “Tommy Robinson” Yaxley, but was ultimately fined £800 for the video.

«

I’m not sure if I would call UKIP “far right wing” – its members tend to be, though its policies are just very right wing. But these people joining it is hilarious: a case of the rats joining the sinking ship. UKIP is finished as a political force in the UK; it’s the dog that caught the car, since its only raison d’etre was to get the UK to leave the EU. Its vote collapsed in the council elections and general election last year.
link to this extract


Shortcuts: a new vision for Siri and iOS automation • MacStories

Federico Viticci:

»

In their apps, third-party developers can embed messages and buttons (which they can design) to bring up the Siri UI to record a shortcut phrase. This means we’ll start seeing apps populate important screens or actions with suggestions and buttons to record a shortcut phrase. Moreover, in the Siri recording UI, developers can include a phrase suggestion, but it’s up to the user to decide what they want to record.

More importantly, users always have to create personalized shortcut phrases through direct interaction: apps cannot automatically fill the ‘My Shortcuts’ page in Settings with shortcuts and custom phrases. The user has to associate a custom phrase to a shortcut first.

The more I think about it, the more I see custom shortcut phrases as the next big step in making Siri a more personal assistant that is unique to each user. As would happen with an actual assistant, shortcut phrases allow users to form their own language over time, creating a personalized set of instructions that only their assistant can interpret and act upon. It’s the equivalent of jargon in a group of friends, but applied to Siri and app actions. The potential accessibility perks are tremendous too: Apple now enables everyone to create custom Siri phrases that can be however long or short they want; this removes the need to find actions nested in apps, multiple levels deep into their navigation stack.

Here’s why I believe Apple and the Workflow (now Shortcuts) team have been incredibly smart in reframing the concept of user automation around Siri and voice: when you think about it, custom phrases aren’t too dissimilar from keyboard shortcuts. However, spoken phrases are easier to remember – they don’t feel like dark magic to regular users who have never bothered with “automation” before, and, most of all, they are natively supported across the entire spectrum of Apple products, from iPhones and AirPods to HomePods and Watches.3

I strongly believe that personalized phrases are the first step towards changing the fundamental Siri experience, which is going to evolve into a personal command log – from one Siri to a million Siris, each uniquely tailored to the user who customized it.

«

There’s then a lot more about the Shortcuts app – what used to be the (third-party) Workflow app. You can turn any Workflow workflow into a Shortcut shortcut, if you follow me. It has taken quite a while, but Apple is getting iOS towards Android’s scriptability.
link to this extract


Google to invest $550m in Chinese ecommerce giant JD.com • Venturebeat

Reuters:

»

Google will invest $550m in Chinese ecommerce powerhouse JD.com, part of the US internet giant’s efforts to expand its presence in fast-growing Asian markets and battle rivals including Amazon.com.

The two companies described the investment as one piece of a broader partnership that will include the promotion of JD.com products on Google’s shopping service. This could help JD.com expand beyond its base in China and Southeast Asia and establish a meaningful presence in US and European markets.

Company officials said the agreement initially would not involve any major new Google initiatives in China, where the company’s main services are blocked over its refusal to censor search results in line with local laws.

JD.com’s investors include Chinese social media powerhouse Tencent Holdings Ltd, the arch-rival of Chinese e-commerce leader Alibaba Group Holding Ltd, and Walmart Inc.

Google is stepping up its investments across Asia, where a rapidly growing middle class and a lack of infrastructure in retail, finance and other areas have made it a battleground for US and Chinese internet giants. Google recently took a stake in Indonesian ride-hailing firm Go-Jek, and sources have told Reuters that it may also invest in Indian e-commerce upstart Flipkart.

Google declined to comment on the rumored Flipkart deal. The JD.com investment is being made by the operating unit of Google rather than one of parent company Alphabet’s investment vehicles.

Google will get 27.1m newly issued JD.com Class A ordinary shares as part of the deal. This will give them less than a 1% stake in JD, a spokesman for JD said.

«

Google seems like it still wants to work out some way to get a toehold in China. Will this give it access to shopping data? Seems unlikely.
link to this extract


Adtech won’t fix ad fraud because it’s too lucrative, say specialists • Which-50

Joseph Brookes:

»

Adtech companies themselves are rarely accused of fraud. Instead, most of the fraud that Which-50 has investigated is committed by bad agents exploiting technical and process weaknesses found in the legitimate adtech ecosystem.

The rewards are significant. One former fraudster last year described to Which-50 how a small operation he worked in, with only three staff running a fairly unsophisticated grift, was raking in $US25,000 a week.

Our recent report about the MegaCast app serving tens of thousands of video ads in the background — irrespective of whether the app was engaged — operated at different scale altogether.

Another example: last year Forbes reported that a “… South Korean company, Kiniwini, hid an illegitimate ad clicking function inside 41 apps, most of which were games.” 

That scam was uncovered not by Google, which manages the Android app store, but by security company Checkpoint. As Forbes noted, the scam bypassed Google’s Bouncer technology which is designed to mitigate against fraud. This was because the offending capability was downloaded after installation.

Google also missed the MegaCast racket. It was actually discovered by Pixalate which revealed the details in a company blog.

Accusations of direct fraud by adtech companies are more rare, although not unheard of. Occasionally these come to light where companies are accused directly of fraud by their competitors — such as when Steelhouse and Criteo went at each other in the US courts in 2016.

The parties settled their arguments shortly before their respective lawyers were due to commence the legal discovery process, telling the market through a statement that once they had a better understanding of how each other’s business worked, they realised it was all just an unfortunate misunderstanding.

Which-50 is not accusing either company of fraud. Rather we merely point out that each accused the other of exactly that before they settled.

«

link to this extract


China’s Huawei rebuts Australian security concerns amid Sino-Canberra tensions • Reuters

Colin Packham:

»

Australia is likely to ban Huawei from participating in a 5G mobile telecommunications roll-out in the nation as it fears the company is de facto controlled by China and sensitive infrastructure will fall into the hands of Beijing, according to Australian media reports.

Huawei denies the allegations, and, in a move that threatens to draw Australian politicians into a public spat that will further stain relations with China, dismissed Canberra’s security concerns.

“Recent public commentary around China has referenced Huawei and its role in Australia and prompted some observations around security concerns,” Huawei Australia Chairman John Lord and board directors John Brumby and Lance Hockridge wrote in the unprecedented letter.

“Many of these comments are ill-informed and not based on facts.”

Huawei, the world’s largest maker of telecommunications network equipment and the No. 3 smartphone supplier, has already been virtually shut out from the giant US market because of national security concerns.

Australia has longstanding concerns about Huawei. In 2012 it banned the company from supplying its massive National Broadband Network, and in May Canberra committed millions of dollars to ensure Huawei did not build an internet cable between Australia and the Solomon Islands.

«

Notable how US and Australia, two of the “five eyes” countries (along with Canada, UK and France) which cooperate on spying, aren’t happy about letting Huawei in. Though the UK, with care, is.
link to this extract


You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

Errata, corrigenda and ai no corrida: none notified

Start Up: Theranos founder charged, USB-C headphones?, Instagrammers v hotels, Manafort’s terrorist technique, and more


The Rolls-Royce Trent 1000 engine is having teething problems – as are other jet engines. That’s expensive. Photo by Joe A. Kunzler on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 11 links for you. Very timely. I’m @charlesarthur on Twitter. Observations and links welcome.

Troublesome advanced engines for Boeing, Airbus jets have disrupted airlines and shaken travelers • The Seattle Times

Dominic Gates:

»

Rolls-Royce is returning the repaired engines to airlines with only a temporary fix. A permanent modification won’t be available until the end of the year at the earliest.

“Those engines will have to come back to us when the final fix is available,” said [Rolls-Royce Trent 1000 project director Gary] Moore.

Meanwhile, repeated technical problems with another engine — Pratt & Whitney’s Geared Turbofan (GTF), the innovative new design that will power close to half of the Airbus A320neo fleet — have caused Pratt to fall way behind in deliveries, leaving engineless planes to stack up on the ground at Airbus factories.

At a gathering of the world’s top airline executives in Sydney this month, Guillaume Faury, the new president of Airbus Commercial Aircraft, said that by the end of June the European jetmaker will have about 100 otherwise completed A320neos sitting grounded without engines outside its final-assembly plants in Toulouse, France, and Hamburg, Germany.

“We have an industrial crisis to manage,” Faury told trade publication Aviation Week…

…The more recent, and now more pressing, problem showed up when cracks were found in the roots of the blades of the Intermediate-Pressure Compressor (IPC), behind the fan at the front of the engine.

Moore pointed to a design flaw: The vibrating frequency of the compressor blades resonated with the frequency of the engine at high thrust, magnifying the vibration to a level that over time caused the cracks to develop.

The immediate need was to inspect the susceptible engines — initially the “Package C” version of the Trent 1000, a total of 383 engines — and remove any with cracks for repair.

The problem intensified when fractured blades and excessive vibration led to several inflight engine shutdowns and aborted takeoffs.

«

You’ve probably not heard much about this, but it’s evidently big news in the aircraft industry. 100 completed aircraft sitting without engines is a lot of money going nowhere. And over a resonance flaw? You’d think that would have been discovered early on.
link to this extract


Why USB-C headphones aren’t, and likely never will be, mainstream • The Verge

Vlad Savov:

»

The most obvious factor working against USB-C headphones is that the two biggest smartphone makers don’t need them. Apple’s iPhones might lack a headphone jack but they also don’t have a USB-C port, while Samsung retains the 3.5mm port, so neither the iPhone X nor the latest Galaxy S9 family are in need of USB-C earphones. Things could change if Samsung were to drop the analog connection, too, but for now at least, the market for USB-C headphones is dramatically constrained by the absence of demand from the two most popular phone brands. In any case, for tech companies that want to produce headphones that work with both Apple and Samsung gear, the obvious universal standard today is to go wireless via Bluetooth.

Talking with Jabra at CES in January about the wireless Elite 65t that the company had just announced, I asked why the new buds charged via the old (and busted) Micro USB. The answer was cost. Jabra could have used a USB-C charger — and, in the process, streamlined life for people like me with a USB-C-charging laptop and phone, allowing us to carry only one charger and cable around with us — but that would have pushed the Elite 65t up into a higher price bracket. I’ve heard the same sentiment expressed over and over again, even from the typically less cost-conscious Bang & Olufsen, which defended its use of Micro USB charging for the Beoplay E8 wireless buds on the basis of cost.

During Computex earlier this month, Synaptics was showing off a PQI My Lockey USB-A dongle that provides ultra secure fingerprint authentication for Windows 10 machines, targeting business customers especially. When I asked why not a USB-C version as well, Synaptics VP Godfrey Cheng told me that a USB-C version could be as much as 25% more expensive, taking a $100 product up to $125. That might be a price worth paying if the entire world is using USB-C devices, but as of today, it’s a prohibitive additional cost.

«

Vlad hates micro-USB; likes USB-C. Reality seems to disagree, in multiple ways.
link to this extract


Instagram influencers are driving luxury hotels crazy • The Atlantic

Taylor Lorenz:

»

Kate Jones, marketing and communications manager at the Dusit Thani, a five-star resort in the Maldives, said that her hotel receives at least six requests from self-described influencers per day, typically through Instagram direct message.

“Everyone with a Facebook these days is an influencer,” she said. “People say, I want to come to the Maldives for 10 days and will do two posts on Instagram to like 2,000 followers. It’s people with 600 Facebook friends saying, ‘Hi, I’m an influencer, I want to stay in your hotel for 7 days,’” she said. Others send vague one-line emails, like “I want to collaborate with you,”with no further explanation. “These people are expecting five to seven nights on average, all inclusive. Maldives is not a cheap destination.” She said that only about 10% of the requests she receives are worth investigating.

Jack Bedwani, who runs The Projects, a brand consulting agency that works with several top hospitality brands, said that he’s close with the PR manager for a new hotel and day club in Bali. “They get five to 20 direct inquiries a day from self-titled influencers,” he said. “The net is so wide, and the term ‘influencer’ is so loose.”

“You can sort the amateurs from the pros very quickly,” Bedwani said.“The vast majority of cold-call approaches are really badly written. It sounds like when you’re texting a friend inviting yourself over for dinner—it’s that colloquial. They don’t give reasons why anyone should invest in having them as a guest.”

Some hotels report being so overwhelmed by influencer requests that they’ve simply opted out.

«

There’s a certain irony in content makers, who are so often asked to do stuff for free in return for “exposure”, turning the tables. But I’m amazed if any hotel takes these people seriously.
link to this extract


Briefing: Theranos founder indicted on fraud charges • The Information

Nick Wingfield:

»

Theranos founder Elizabeth Holmes and the blood-testing firm’s former president, Ramesh “Sunny” Balwani, were indicted by federal grand jury alleging that the two engaged in schemes to defraud investors, doctors and patients. Ms. Holmes stepped down as Theranos’ CEO and was replaced by general counsel David Taylor, though she remains the chair of the company’s board.

With the company already facing a dire cash situation, the indictments add to the suffocating pressure on Theranos. The indictments come three months after Ms. Holmes settled SEC fraud charges.

«

InJohn Carreyrou’s book Bad Blood, about Theranos, Balwani comes across as an utter self-obsessed dolt.
link to this extract


I worked at Theranos, and this is a glimpse of my story. : tech • Reddit

A person who says they were at Theranos in 2013 makes a number of points, but key among them was is this:

»

They treated the company like a software company. They launched way too early. Sept 2013 they launched their Edison device which was nowhere near ready. Why did they launch too early? In meetings #2 [on the hierarchy, ie Balwani] would create timelines and deadlines like they do in software development. He would ask for very hard and fixed deadlines for things in R&D. Anyone who has done science knows that timelines constantly change, are usually always extended due to the development process. #2 thought he could ignore the setbacks. He would openly tell engineers in meetings, “Engineers are the most valued in this company.” It showed because they spoiled the engineers by giving them a lot of perks other people did not observe. At the end of the day they never realized that the science was just as important as the engineering.

«

Again and again it’s clear that the company’s aims ran miles ahead of the science – but because Holmes didn’t really understand the science at a deep level, she couldn’t see this fundamental flaw.
link to this extract


The lifespan of a lie • Medium

Ben Blum:

»

Whether you learned about Philip Zimbardo’s famous “Stanford Prison Experiment” in an introductory psych class or just absorbed it from the cultural ether, you’ve probably heard the basic story.

Zimbardo, a young Stanford psychology professor, built a mock jail in the basement of Jordan Hall and stocked it with nine “prisoners,” and nine “guards,” all male, college-age respondents to a newspaper ad who were assigned their roles at random and paid a generous daily wage to participate. The senior prison “staff” consisted of Zimbardo himself and a handful of his students.

The study was supposed to last for two weeks, but after Zimbardo’s girlfriend stopped by six days in and witnessed the conditions in the “Stanford County Jail,” she convinced him to shut it down. Since then, the tale of guards run amok and terrified prisoners breaking down one by one has become world-famous, a cultural touchstone that’s been the subject of books, documentaries, and feature films — even an episode of Veronica Mars.

The SPE is often used to teach the lesson that our behavior is profoundly affected by the social roles and situations in which we find ourselves. But its deeper, more disturbing implication is that we all have a wellspring of potential sadism lurking within us, waiting to be tapped by circumstance. It has been invoked to explain the massacre at My Lai during the Vietnam War, the Armenian genocide, and the horrors of the Holocaust. And the ultimate symbol of the agony that man helplessly inflicts on his brother is Korpi’s famous breakdown, set off after only 36 hours by the cruelty of his peers.

There’s just one problem: Korpi’s breakdown was a sham.

“Anybody who is a clinician would know that I was faking,” he told me last summer, in the first extensive interview he has granted in years. “If you listen to the tape, it’s not subtle. I’m not that good at acting. I mean, I think I do a fairly good job, but I’m more hysterical than psychotic.”

Now a forensic psychologist himself, Korpi told me his dramatic performance in the SPE was indeed inspired by fear, but not of abusive guards. Instead, he was worried about failing to get into grad school.

«

Failure to peer-review or duplicate is a big problem for sociology.
link to this extract


Editorial board: break up Google • The Boston Globe

»

the problem at hand is not merely economic. “A handful of people working at a handful of tech companies steer the thoughts of billions of people every day,” notes former Google design ethicist Tristan Harris. A recent study of 10,000 people from 39 countries suggests Google “has likely been determining the outcomes of upwards of 25% of the national elections in the world for several years now, with increasing impact each year as Internet penetration has grown.”

Why is a breakup of Google so unthinkable? Google’s products are undeniably convenient. And, at least on the surface, they’re free; average users are paying not with money, but with their personal data. The company has a near-spotless public image. The famous maxim from the company’s early years — “don’t be evil” — helped cement Google’s public image as one of the good guys.

It is ironic that the company perhaps most responsible for unleashing a tidal wave of human creativity, learning, and, yes, competition is also stifling it. It is frustrating competition, discouraging innovation, punishing American business, and distorting the free marketplace of commerce and ideas. Europe has led the wider fight over the right to privacy and the regulation of data, but the time is right for the United States to lead on dismantling tech monopolies — starting with the most powerful player. So, how to start?

«

Its suggestion: break it into search, YouTube, Android, cloud services and “the rest”. This begins to feel like the noise around Microsoft before the DoJ case.
link to this extract


Why we don’t read, revisited • The New Yorker

Caleb Crain:

»

It’s possible that a compositional effect explains the decline of reading in America. Maybe, for example, as more women have entered the workforce, their full-time employment has left them with less leisure to read. It’s easy to check such a hypothesis by parsing the data from the American Time Use Survey according to gender. Women read more than men, it turns out, but time spent reading has declined steadily for both genders. If you break down the data according to employment status, meanwhile, you see that the unemployed do read more, but they, part-timers, and full-timers all read steadily less as the decade went forward. The same applies when you break down the data by race and ethnicity or by age; you see differences in the amount of reading, but a decline is taking place in almost every subgroup.

A less explored cause might be the recession. America’s middle class is shrinking, and the proportion of Americans in the labor force is lower than it has been since the nineteen-seventies. Maybe people read less when they have less money? From a breakdown of reading by income quartile, it turns out that the rich read more—but they read less and less every year. Americans in the lowest income quartile did manage to read more in 2016 than they did in 2003—a rare trend—but that’s probably a dead-cat bounce; the 2003 number was so low that it was as likely to improve as not. All these factors are probably making some contribution to a compositional effect. But nothing, to my eye, looks substantial enough to explain away the over-all trend: Americans are reading less.

«

I wonder if the ONS or similar collects data as granular as the US does about reading time; it has to be done on an hour-by-hour basis to be even vaguely reliable.
link to this extract


UK report warns DeepMind Health could gain ‘excessive monopoly power’ • TechCrunch

Natasha Lomas:

»

The DeepMind Health Independent Reviewers’ 2018 report flags a series of risks and concerns, as they see it, including the potential for DeepMind Health to be able to “exert excessive monopoly power” as a result of the data access and streaming infrastructure that’s bundled with provision of the Streams app — and which, contractually, positions DeepMind as the access-controlling intermediary between the structured health data and any other third parties that might, in the future, want to offer their own digital assistance solutions to the Trust.

While the underlying FHIR (aka, fast healthcare interoperability resource) deployed by DeepMind for Streams uses an open API, the contract between the company and the Royal Free Trust funnels connections via DeepMind’s own servers, and prohibits connections to other FHIR servers. A commercial structure that seemingly works against the openness and interoperability DeepMind’s co-founder Mustafa Suleyman has claimed to support.

“There are many examples in the IT arena where companies lock their customers into systems that are difficult to change or replace. Such arrangements are not in the interests of the public. And we do not want to see DeepMind Health putting itself in a position where clients, such as hospitals, find themselves forced to stay with DeepMind Health even if it is no longer financially or clinically sensible to do so; we want DeepMind Health to compete on quality and price, not by entrenching legacy position,” the reviewers write.

«

Once you begin to rely on an AI black box, you’re at risk of being tied even more closely to a provider. It’s rather like the lock that IBM used to have in a long-gone past of mainframe computing.
link to this extract


How Peppa Pig became a video nightmare for children • The Guardian

James Bridle returns to the scene of the crime – those weird algorithmically-generated YouTube videos, which he was the first to write about in utter puzzled concern last year:

»

In the months since first writing about YouTube’s weird video problem, I’ve met a few people from the company, as well as from other platforms that have been caught up in similar vortices.

While most are well-meaning, few seem to have much of a grasp of the wider structural issues in society which their systems both profit from and exacerbate. Like most people who work at big tech companies, they think that these problems can be solved by the application of more technology: by better algorithms, more moderation, heavier engineering.

Many outside the tech bubble – particularly in the west and in higher income brackets – are simply appalled that anyone would let their kids use YouTube in the first place. But we won’t fix these issues by blaming the companies, or urging them do better, just as we won’t solve the obesity crisis by demonising fast food but by lifting people out of poverty. If YouTube is bridging a gap in childcare, the answer is more funding for childcare and education in general, not fixing YouTube.

What’s happening to kids on YouTube, to defendants in algorithmically enhanced court trials, and to poor debtors in Australia, is coming for all of us. All of our jobs, life support systems, and social contracts are vulnerable to automation – which doesn’t have to mean actually being replaced by robots, but merely being at their mercy.

YouTube provides another salutary lesson here: only last week it was reported that YouTube’s most successful young stars – the “YouTubers” followed and admired by millions of their peers – are burning out and breaking down en masse.

«

link to this extract


Mueller’s team accused Manafort of ‘foldering,’ a technique used by drug cartels and terrorist groups to secretly communicate • Business Insider

Pat Ralph:

»

A prosecutor on Mueller’s team brought up the allegation during Manafort’s hearing on Friday, according to Politico. The practice of foldering is when two or more people communicate through email drafts, using an email account that all participants have the password to, rather than corresponding through sending email messages.

The technique was originally used by the terrorist group Al Qaeda and was also by David Petraeus when he tried to hide his extramarital affair during his tenure as CIA director, as journalist Yashar Ali noted.

Foldering is a communication technique that has also been used by drug cartels, according to Renato Marrioti. Marrioti said Manafort knew he was doing something wrong and did not want to be caught exchanging messages with witnesses.

Manafort was sent to jail on Friday to await trial after a federal judge revoked his bail. Prosecutors accused him of attempting to tamper with witnesses in Mueller’s investigation into Russian election meddling and the Trump campaign’s possible role in it.

«

Sneaky. Doubt that Manafort will be able to do that now he’s in jail.
link to this extract


Errata, corrigenda and ai no corrida: none notified

Start Up: ARM MacBooks?, catching the hoax copier, Google Plus is milkshake ducked, Echo beats Fire, and more


Is she listening to music? To nothing? How would you know? Photo by Doug Kaye on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 10 links for you. Something for the weekend. I’m @charlesarthur on Twitter. Observations and links welcome.

Apple’s next laptops could be more iPhone than Mac • WSJ

Christopher Mims:

»

mobile processors are gaining capabilities that are less common in larger computers. Today, the depth sensor on the iPhone X enables face recognition, but it could someday play a key role in Apple’s augmented-reality software. (Qualcomm has its own Snapdragon XR1 platform for augmented reality.)

Apple is also pushing capabilities such as on-device artificial intelligence, which could enable better voice recognition and other capabilities, and the company aims to support only its own graphics software in the future. Because Apple’s in-house chip designers only have one customer—Apple—they’re able to tune its silicon to run all these things as fast as possible.

“You see Intel delaying new technologies anywhere from six to eight months, and that hurts Apple’s roadmap,” says Ben Bajarin, an analyst at market-research firm Creative Strategies. “Apple in particular doesn’t want to have to be hamstrung.” By using its own silicon, Apple could potentially offer machines that do things other notebook manufacturers might not match for some time, he says.

The result would be an ARM-powered variation on the MacBook or MacBook Air, or something new that meets similar needs and runs MacOS.

There is a limit to what ARM chips can pull off. Apple’s MacBook Pro laptops are powered by Intel’s Core i5 and i7 processors and—like Apple’s desktop computers—will probably continue to be for a long time.

Workhorse computers need processors that are good at general computing tasks, more than the specialized, task-specific silicon that powers mobile devices.

«

Everyone is expecting this to happen sooner rather than later. Apple, meanwhile, seems to be moving really quite slowly when it comes to updating its laptops. Not to mention desktops. Not to mention iPads, actually.
link to this extract


Apple’s Airpods are an omen • The Atlantic

Ian Bogost:

»

The AirPods do look a little ridiculous. White sprouts hang down an inch below the ears where the cords would attach. Those with longer hair, like me, can obscure them partially, at least, for the time being. But eventually it won’t matter, as people will get used to everyone having wireless buds stuck in their heads. Not like they’re used to wired earbuds, in the train or on the sidewalk or at the dog park. No, more like they’re used to people staring at phones all the time, anywhere. The earbuds won’t disappear, just like the smartphones haven’t. But they will become invisible as they become ubiquitous. Human focus, already ambiguously cleft between world and screen, will become split again, even when maintaining eye contact.

There are some consequences to this scenario, if it plays out. For one, earbuds will cease to perform any social signaling whatsoever. Today, having one’s earbuds in while talking suggests that you are on a phone call, for example. Having them in while silent is a sign of inner focus—a request for privacy. That’s why bothering someone with earbuds in is such a social faux-pas: They act as a do-not-disturb sign for the body. But if AirPods or similar devices become widespread, those cues will vanish. Everyone will exist in an ambiguous state between public engagement with a room or space and private retreat into devices or media.

The smartphone’s own excesses might accelerate the matter. In Georgia, where I live, a new law intended to reduce distracted driving goes into effect on July 1. The law prohibits holding a phone while driving. There are exceptions, including operating a mapping app, but ambiguities of actual use (and fears that police might use it as an excuse for citing other infractions) might push more drivers to newer, better hands-free options. AirPods are expensive, but they’re a lot cheaper than traffic infractions or insurance hikes.

«

I used the headline from the web page itself, rather than the header text – “Are Apple’s AirPods any good?”, which is an absurd bit of clickbaity nonsense. Bogost is posing a bigger question: what happens when you can’t tell if someone is paying attention to you or not? It used to be that someone walking alone down the street talking aloud was unhinged. Now, it’s more likely they’re on the phone. Social judgement shifts. Technology shapes society.
link to this extract


A fact-checker hatched an elaborate scheme to catch a site that was stealing his stories • Buzzfeed

Craig Silverman:

»

Until yesterday, Shawn Rice was one of the internet’s most prolific debunkers of online hoaxes.

Since at least November 2016, Rice has written thousands of articles about hoaxes for business2community.com, a business and marketing blog. His quick, formulaic debunks appeared high on the first page of Google search results and in Google News. He was the site’s most frequent contributor and recently scored its biggest hit on Facebook of the past two years with a debunk of a fake story about Netflix picking up the recently canceled TV series Roseanne, according to data from social tracking tool BuzzSumo. Rice’s story generated over 80,000 shares, reactions, and comments on Facebook.

But last night close to 6,000 of Rice’s more than 7,200 articles were suddenly deleted — including all of his debunks…

…[Maarten] Schenk [whose stories were being ripped off] hatched a plan to catch Rice in the act. First, he identified the IP addresses he believed Rice’s computer was using when accessing the Lead Stories site. Rice’s LinkedIn profile lists his day job as an editor for LexisNexis, the legal information publisher. Schenk found that IP addresses linked to LexisNexis would access his site before Rice published a new story.

Schenk created an alternate homepage that would be shown only to visitors coming to the site from those IPs, and that would show a selection of content rather than all of his latest work.

Schenk soon saw that Rice would debunk only the stories on that homepage. At one point he put an old story on the special homepage and watched as Rice soon published a post about the same hoax. Rice did not credit Lead Stories in any of these articles.

Then Schenk went a step further and created a blog called the Honey Pot Times and uploaded a George Lucas death hoax. “I know [Rice] likes to steal stories about death hoaxes, so I created one for him,” he said.

«

Very neat.
link to this extract


Xiaomi wants to come to America, but it feels more stuck in China than ever • Android Police

David Ruddock:

»

There is no doubt in my mind that Xiaomi understands its home market and customers in a way that I, as an American, never will. But also as an American, I fail to understand just how Xiaomi intends to ever be a success here.

And this isn’t me sniping critique from a half-mile away: Xiaomi invited US journalists to demo showcases for its products earlier this week specifically to try to make the pitch that the company is taking the US market seriously. Xiaomi wants Americans to understand its ecosystem approach and all the benefits that it comes with. Xiaomi’s business model is predicated upon the idea that, as its smartphone customer base grows, so too will the customer base for its Mi ecosystem devices and, more importantly, subscription software and media services. Xiaomi has even promised that it won’t make more than 5% profit on any hardware it sells, as though to assure customers that they are getting the very best deal possible. The company’s profitability is supposed to be predominantly derived from those subscription services I mentioned.

As to how that could ever work in America? Frankly, the responses I got to this question – one Xiaomi has likely faced countless times from American journalists now – were basically nonsense. A product manager essentially told me a half-dozen times that he worked for Spotify, and he’s an American, so he gets it.

That’s… not an answer. Xiaomi was willing to acknowledge that the American market for things like email, cloud storage, streaming video, music, and smart home gadgets is intensely crowded. But there was no real pitch for how Xiaomi could leverage its hardware business to sell its own software and services to notoriously fickle Americans who already have tons of options for things like storage and streaming movies. The argument, in the end, boiled down to “if people buy some of our products, they will buy the rest of them.”

It’s just another take on the same very bad argument LeEco tried to use. And we all know how that ended.

«

LeEco, if you’d forgotten, imploded after claiming it would have a fabulous electric car. And yes, this is the problem for Xiaomi outside China: there’s a lot of competition from companies, notably Google (which gets in first on the device), offering cloud services.
link to this extract


White nationalists, Nazis find new space for racism on Google Plus • The Hill

Abi Breland:

»

Many groups espousing racist rhetoric and hate speech were kicked off Facebook and Twitter after violence erupted at the “Unite the Right” rally last summer in Charlottesville, Va., where a woman was killed by a car that was driven into a crowd of protesters.

While such voices have been kicked off Facebook and Twitter, they have not been purged from Google Plus.

Groups openly posting explicitly racist and anti-Semitic content have established dozens of Google Plus communities, the equivalent of Facebook groups. The communities have follower counts that range from the hundreds to the thousands.

Some of the communities reviewed by The Hill are still active. Others appear to be abandoned but still serve as repositories of hate content with links directing users to hate speech and white nationalist communities on other platforms and websites.

Google Plus’s user policy stipulates that much of the content posted by such groups is not welcome on its platform. But many posts with racist or anti-Semitic content have remained on the social media platform for months and even years.

The groups are often easily accessible through searches of known neo-Nazi and white nationalist groups, and their posts cover the gamut of hateful speech and imagery, including swastikas.

One meme shows a black woman holding up a sign at a rally that says “They can’t kill us all #BlackLivesMatter,” accompanied by an image of a Klansman holding a shotgun underneath with text superimposed on it that reads “Challenge accepted.”

«

“OK, Sundar, well, let’s go first with the good news. People are still using Google Plus…”
link to this extract


State of the Site: Metafilter financial update and future directions • MetaFilter MetaTalk

Josh Millard, of the MetaFilter staff:

»

– We are, specifically, running about $8,000 a month short of an operating budget of about $38,000 a month.
– This is a new problem as of this year and specifically the last few months.
– At the start of 2018, we were breaking even, but there’s been a significant decline in Adsense revenue the last few months.
– We’ve also been affected by Amazon’s reduction in affiliate program payouts starting around the middle of last year.
– At our current rate of loss, we have enough in savings to bear us through the next four months or so with no change to spending.
– After that we’ll hit a critical point where cutting the budget by $8K/mo will be necessary to keep a minimum safe amount in savings month to month.
– Almost all of our budget goes to payroll, and cuts would have to come out of that, which means pay cuts and/or laying moderators off.
– Our two obvious paths to reducing or eliminating that budget shortfall are (1) new ad revenue and (2) new recurring contributions from members and supporters of the site.

I am working on the ad revenue aspect, and will talk more about that more in the future. We’re also looking as a team at what we can manage for immediate small-scale, hopefully temporary, reductions in pay to slow the approach of that critical major-cuts point.

But the community funding part we can address right now…

«

MetaFilter is a discussion site – nearly 19 years old. Millard says there’s been a significant fall in engagement since a peak in 2008-2010; and AdSense (generating most of the revenue) and Amazon (about a quarter) have fallen too. MeFi (as it’s called) saw a falloff in traffic from a Google tweak a while back; that hasn’t improved.
link to this extract


Just 7% of people in UK pay for news, Reuters Digital News Report reveals • Press Gazette

Charlotte Tobitt:

»

The Reuters Institute Digital News Report 2018, launched today, revealed that 7% of people in the UK have paid for online news in the past year – joint with Croatia and above only Greece on 6%.

This compares to 16% in the US and a 22% average in the Nordic countries.

The survey, which is the biggest of its kind, was conducted by Yougov and involved 74,000 people – including 2,117 from the UK – from 37 countries.

It said: “While digital advertising remains a critical source of revenue, most publishers recognise that this wil not be enough, on its own, to support high quality journalism.

“Across the industry we are seeing a renewed push to persuade consumers to pay directly for online news through subscription, membership, donations or per-article payments.

“Our data suggests that these efforts are paying off in some countries, but not yet in others.”

«

link to this extract


Sony starts pretending it cares about Switch-PS4 ‘Fortnite’ cross-play • BGR

Chris Smith:

»

Nintendo announced a few days ago that Switch owners will finally be able to play the hottest game out there right now, the free-to-play Fortnite. And that’s when PS4 owners discovered that you could count on Sony to ruin your gaming experience. Sony does not support cross-play support between the PS4 and the Switch, and that also means that you can’t play Fortnite on the Switch with the account you’ve created on the PlayStation because that account is tied to your PSN account. And Sony is a huge douche about it.

The backlash was instant and so powerful that Sony felt compelled to not really say anything about it in an official statement.

Sony says that it’s open to hearing what you think about “enhancing” your gaming experience. But the company never mentioned the Switch in a comment provided to the BBC and others. Here’s what it says:

»

We’re always open to hearing what the PlayStation community is interested in to enhance their gaming experience. Fortnite is already a huge hit with PS4 fans, offering a true free-to-play experience so gamers can jump in and play online. With 79 million PS4s sold around the world and more than 80 million monthly active users on PlayStation Network, we’ve built a huge community of gamers who can play together on Fortnite and all online titles. We also offer Fortnite cross-play support with PC, Mac, iOS, and Android devices, expanding the opportunity for Fortnite fans on PS4 to play with even more gamers on other platforms.

«

«

You have to be tuned in to how gigantic Fortnite is, and how foolish this is – Sony not acknowledging that people play it in more contexts than the PS4 – but once you see that, you realise Sony is completely shooting itself in the foot. When the game is bigger than the platforms, you ignore it at your peril.
link to this extract


Echo sales overtake Fire tablets – but international uptake remains dwarfed by the US • Futuresource Consulting Analysts

Jack Wetherill is a consumer electronics analyst at FutureSource:

»

The rise of Amazon’s Echo speaker has been well documented in recent years, culminating Echo selling more units worldwide in 2017 than Amazon Fire tablets – just.  With almost 20m units sold worldwide during 2017, Echo’s installed base stood at 28m by the end of the year, marginally ahead of Fire tablets at 27m, with Fire TV also close behind, at 26m.

The closeness of these installed bases highlights that, despite the hype surrounding Echo, Amazon isn’t focusing all its device efforts on its smart speakers. The Alexa voice assistant is now also standard on its Fire TVs and tablets and last week’s announcement of the Fire TV Cube is the latest development in the Seattle-based firm’s multi-device strategy to position itself as the key “Go-to” facilitator in the smart home. Futuresource’s Smart Speaker tracker also highlights that, whilst Amazon is the category leader globally, Echo sales are still heavily skewed towards the USA – with only 13% of its 2017 sales derived from elsewhere. As a result, Fire tablets outsold Echo speakers internationally in 2017 by a ratio of over 4 to 1. Despite its strong position therefore in the USA (with UK a distant second), Amazon has much work to do in order to become the same driving force internationally…

…According to the 2018 edition of Futuresource Consulting’s “Smart Home Devices & Appliances” consumer survey, 38% of non-adopters of smart speakers “can’t see a use for smart home devices”, with a third citing privacy concerns. While Amazon has stolen a march on the competition it needs to continue to build use cases and – perhaps more importantly – address consumers’ fear of having a device in their homes which eavesdrop upon their conversations.

«

I wonder how tight the overlap is between owners of Echos, Fire tablets and Fire TV sticks. I’d bet it’s pretty strong.
link to this extract


Stephen Bannon buys into bitcoin • The New York Times

Jeremy Peters and Nathaniel Popper:

»

Mr. Bannon won’t reveal very much about his cryptocurrency plans — he worries that the controversy that comes with his name could have a bad impact on projects just getting off the ground.

But he has had private meetings with cryptocurrency investors and hedge funds where he has discussed working on so-called initial coin offerings through his investment business, Bannon & Company. And in his first interview on the topic, he said he had a “good stake” in Bitcoin.

In a small gathering of academics at Harvard University this spring, he even floated the possibility of creating a new virtual currency, the “deplorables coin.” The name is a nod to Hillary Clinton’s description of Mr. Trump’s supporters as “a basket of deplorables.”

The work that Mr. Bannon is doing in the virtual currency realm is still in its early stages. But he has expressed an interest in helping entrepreneurs and even countries looking to create their own cryptocurrencies — generally outside the United States.

The offbeat world of cryptocurrencies has drawn interest from all sorts over the last few years, from drug dealers and scam artists to the biggest companies in Silicon Valley and the most staid institutions of Wall Street.

It is not a shocking place for Mr. Bannon, 64, to plot his re-emergence. Cryptocurrencies have many of the characteristics that drew him into Tea Party politics: They break old rules, they exist on the periphery, and they pose a challenge to the powerful figures and institutions that have long called the shots.

«

Bannon’s minted; he can afford to lose money on this. I wonder how the people in Kentucky are doing.
link to this extract


Errata, corrigenda and ai no corrida: none notified

Start Up: Fortnite takes control, solar shines in US, Antarctica melts, hacking smart locks, and more


Ben Nevis in 2.5D. Photo – Creative Commons licensed! – by Ordnance Survey on Flickr.

A selection of 9 links for you. Nothing to do with the price of fish. I’m @charlesarthur on Twitter. Observations and links welcome.

Fortnite live streams have taken over the market • Recode

Rani Molla:

»

People aren’t just playing Fortnite in droves, they’re watching other people play it en masse as well.

Epic Games’ Fortnite accounted for more than a third of streaming video game views globally in May, up from just 2% in February, according to viewership on Mobcrush, a platform that lets gamers stream video across social media sites, including Twitch, YouTube and Facebook.

The free “battle royale” game, which became available on PC and gaming consoles last September, didn’t even launch on iOS — where it is more popular than on PCs or consoles, according to Mobcrush — till this March. Yet it took just one month on mobile to supplant Vainglory, which has been around since 2014, as the most popular video game to watch.

Fortnite isn’t even available on Android yet, so viewership will likely jump much higher when it is…

…The eSports market — which includes revenue from sponsorships, advertising and media rights — is currently worth around $900 million worldwide and is expected to reach $1.65 billion in three years, according to the report.

Fortnite generated $300m in revenue in April through nonessential in-app purchases like clothing, and currently has 125 million players. It’s the fourth-most-downloaded iOS app in the US and the No. 1 action game, according to App Annie. It’s bringing in more in-app revenue than Pokémon Go or HBO Now.

«

Fortnite is an absolute phenomenon. The continual refinement of the gameplay – and the experimentation of how the rewards work within that – is heading towards some sort of perfection. I wonder if Epic Games will put machine learning systems onto it to try to evolve the game.

And Fortnite’s arrival on the Nintendo Switch was inevitable – but what’s interesting is that Nintendo allows voice chat within the app (for Squad mode), which it has never done on its own games.
link to this extract


Solar has overtaken gas and wind as biggest source of new US power • Bloomberg

Chris Martin:

»

Despite tariffs that President Trump imposed on imported panels, the US installed more solar energy than any other source of electricity in the first quarter.

Developers installed 2.5 gigawatts of solar in the first quarter, up 13% from a year earlier, according to a report Tuesday from the Solar Energy Industries Association and GTM Research. That accounted for 55% of all new generation, with solar panels beating new wind and natural gas turbines for a second straight quarter.

The growth came even as tariffs on imported panels threatened to increase costs for developers. Giant fields of solar panels led the growth as community solar projects owned by homeowners and businesses took off. Total installations this year are expected to be 10.8 gigawatts, or about the same as last year, according to GTM. By 2023, annual installations should reach more than 14 gigawatts.

«

Solar is unstoppable; the price of making panels keeps falling, and it’s additive – you don’t have to tear down old installations to put new ones in. And penetration of panels is at a tiny percentage of the potential.

Mining coal is a mug’s game: expensive, dangerous, polluting. Speaking of which…
link to this extract


Antarctica is screwed and so are we • The Outline

Caroline Haskins:

»

Antarctica has enough water stored in its ice to raise sea levels by 58 meters, or 216 feet, if it disappeared entirely. That would completely obliterate states like Florida and displace hundreds of millions of people in Brazil, Argentina, Guinea-Bissau, Denmark, China, Indonesia, and Australia.

Researchers from Northern Illinois University who studied Antarctica’s rebound 10,000 years ago found that, at its worst, Antarctica’s melted to a dangerous place where it was even smaller than it is today. However, they urged against undue optimism: what happened 10,000 years ago was natural. What’s happening today is human-caused, and it’s happening far more quickly.
“What happened roughly 10,000 years ago might not dictate where we’re going in our carbon dioxide-enhanced world, where the oceans are rapidly warming in the polar regions,” lead researcher Reed Scherer said in a press release. “If the ice sheet were to dramatically retreat now, triggered by anthropogenic warming, the uplift process won’t help regrow the ice sheet until long after coastal cities have felt the effects of the sea level rise.”

To be clear, no one is anticipating that Antarctica will disappear entirely by the end of the century. However, by 2070, University of Massachusetts Amherst (UMA) researchers found that unchecked emissions and pollution by humans could melt a humongous portion of the continent. We still don’t know how exactly how much will melt. But according to new research from the University of Leeds, Antarctica melting is already happening much more quickly than anticipated.

“The continent is causing sea levels to rise faster today than at any time in the past 25 years,” lead researcher Andrew Shepherd said in a press release. “This has to be a concern for the governments we trust to protect our coastal cities and communities.”

«

link to this extract


Totally pwning the Tapplock smart lock • Pen Test Partners

Andrew Tierney:

»

We move onto the Bluetooth Low Energy and this is where things get really, really bad.

Normally I love reading about IoT hacks that take time, effort and ingenuity, but I can’t do that here. In under 45 minutes, we had the ability to walk up to any Tapplock and unlock it.

First things first, the app communicates over HTTP. There is no transport encryption. This is unforgiveable in 2018.

I could see that a string of “random” looking data was sent to the lock over BLE each time I connected to it. Without this data, the lock would not respond to commands.

But it was also noted that this data did not change, no matter how many times I connected. A couple of lines of commands in gatttool and it was apparent that the lock was vulnerable to trivial replay attacks.

The app allows you to “share” the lock with someone else, revoking permissions at a later date. I shared the lock with another user, and sniffed the BLE data. It was identical to the normal unlocking data. Even if you revoke permissions, you have already given the other user all the information they need to authenticate with the lock, in perpetuity.

This issue is remarkably similar to the problem with the Ring Smart Doorbell – it was impossible to revoke another high privilege users permissions.

«

I’m doing a webinar today (Thursday) titled “The Internet of Insufficiently Safe Things“. This is obviously going to be a late addition.
link to this extract


Bitcoin’s price was artificially inflated last year, researchers say • The New York Times

Nathaniel Popper:

»

A concentrated campaign of price manipulation may have accounted for at least half of the increase in the price of Bitcoin and other big cryptocurrencies last year, according to a paper released on Wednesday by an academic with a history of spotting fraud in financial markets.

The paper by John Griffin, a finance professor at the University of Texas, and Amin Shams, a graduate student, is likely to stoke a debate about how much of Bitcoin’s skyrocketing gain last year was caused by the covert actions of a few big players, rather than real demand from investors.

Many industry players expressed concern at the time that the prices were being pushed up at least partly by activity at Bitfinex, one of the largest and least regulated exchanges in the industry. The exchange, which is registered in the Caribbean with offices in Asia, was subpoenaed by American regulators shortly after articles about the concerns appeared in The New York Times and other publications.

Mr. Griffin looked at the flow of digital tokens going in and out of Bitfinex and identified several distinct patterns that suggest that someone or some people at the exchange successfully worked to push up prices when they sagged at other exchanges.

«

This implies that lots of people bought bitcoin on faked information; that $20,000 peak now looks dangerously like many people being the greater fools.
link to this extract


Researchers studied 160 million memes and found most of them come from two websites • Motherboard

Samantha Cole:

»

Researchers at University College London developed a new way to measure how memes are made and spread. What they found won’t surprise anyone who’s peered into the darker parts of the internet in the last few years: The most toxic, yet most effectively spread, memes are first shared on two places, the subreddit r/the_donald and 4chan’s “politically incorrect” forum, called /pol/.

The researchers said they studied multiplatform meme ecosystems, with a focus on “fringe and potentially dangerous communities.”

“Considering the increasing relevance of digital information on world events, our study provides a building block for future cultural anthropology work, as well as for building systems to protect against the dissemination of harmful ideologies,” they added.

They’re not the first to think deeply and academically about the meme ecosystem, but the patterns they found also bolster what we already knew about memes: that based on sheer size and spread of these communities, you’re probably sharing images that were made to be distributed in toxic communities…

…/pol/ had the highest volume of memes, while the_donald was the best at getting memes spread outside of its own community. Reddit and Twitter users shared more “fun” memes, they concluded, while /pol/ and Gab saw more racist or politically-motivated images.

«

Has anyone tried comparing their spread to actual viral spread?
link to this extract


Unlocking of government’s mapping and location data to boost economy by £130m a year • GOV.UK

»

Chancellor of the Duchy of Lancaster and Minister for the Cabinet Office, David Lidington, said

“Opening up OS MasterMap underlines this Government’s commitment to ensuring the UK continues to lead the way in digital innovation. Releasing this valuable government data for free will help stimulate innovation in the economy, generate jobs and improve public services.

“Location-aware technologies – using geospatial data – are revolutionising our economy. From navigating public transport to tracking supply chains and planning efficient delivery routes, these digital services are built on location data that has become part of everyday life and business.

“The newly available data should be particularly useful to small firms and entrepreneurs to realise their ideas and compete with larger organisations, encouraging greater competition and innovation.

“OS MasterMap data already supports emerging technologies such as driverless vehicles, 5G and connected cities – important drivers of economic growth.

Today’s announcement follows the launch of the first GovTech challenge in May this year – a competition designed to incentivise Britain’s tech firms to come up with innovative solutions to improve public services. These competitions will be delivered using the £20m GovTech fund launched by the Prime Minister in November 2017.”

«

Ordnance Survey’s MasterMap is the most detailed map that Ordnance Survey has: multiple layers at centimetre-precision mapping of the whole of the UK. From the “narrative“:

»

The datasets that will be made available for free up to a threshold of transactions through the APIs are:
● OS MasterMap Topography Layer, including building heights and functional sites;
● OS MasterMap Greenspace Layer;
● OS MasterMap Highways Network;
● OS MasterMap Water Network Layer; and
● OS Detailed Path Network.

«

When Michael Cross and I launched the Free Our Data campaign back in 2006 at The Guardian, many inside and outside OS refused to believe the idea that making map data available for free could generate revenue and wealth for the country. The counterpoint: GPS. Funded by the US government, creates huge value for all sorts of companies, saves huge amounts of time and money.

So: it’s taken some time, and a few governments, but open data wins.
link to this extract


Scooter startup Bird is reportedly about to hit a $2bn valuation • TechCrunch

Matthew Lynley:

»

More financing is coming in for Bird, this time potentially valuing the company at $2bn, according to a new report by Axios.

There’s not a ton to add here compared to the last round (which happened just weeks ago), as the same dynamics are probably in play here. While Uber was a bet on car rides and generally getting around, Bird is that but at a dramatically more granular level — thinking short hops of a few miles in congested areas. Startups that are exceedingly hot can sometimes pull off these rolling rounds where investors are coming in at various points, especially as the model further proves out over time.

If you live in a major metropolitan area, you’ve probably seen Bird (and Lime) scooters hanging out on the sidewalks — potentially knocked over in a spot where someone might trip over them while checking his or her phone. That’s been a point of tension in areas like San Francisco, where Bird has had to temporarily come off the sidewalks as a permit system rolls out. Bird isn’t the first mobility-focused service that has faced regulatory challenges before, but it is one that’s become very popular very quickly.

«

Scooters (they’re literally just those stupid two-wheeled things that you see patient parents carrying for their exhausted children in the park, though in these cases with added electric motors) are poised to succeed where the Segway failed hard more than a decade ago.

“Micro-mobility” is a good description. Short range, but very competitive.
link to this extract


Apple’s design language has killed fun in consumer electronics • Quartz

Mike Murphy:

»

By refining its products to near-impenetrable pieces of glass and metal, and bringing the aesthetic of the entire consumer electronics market along with them, Apple has stamped out much of the fun within its own company, and the greater industry. There are no smartphones that take real design risks these days (barring, perhaps, the Motorola Moto Z3 Play, which holds out hope that we’ll want to modify our phones), because looking like an iPhone seems to work well enough. Even beyond phones, high-end laptops emulate the MacBook, tablets are samey, and everything else is still pretty much just a black box. (One outlier that still produces truly innovative and fun consumer tech is Nintendo.)

There are signs that fun is slowly creeping back into Apple. Its recent ad for the HomePod, directed by Oscar-winner Spike Jonze and starring artist FKA Twigs, was enjoyable and well-received, and the music videos Apple made using its Animoji are cute too.

It’s been a long time since Apple introduced a truly revolutionary product that has universally surprised and delighted audiences. Perhaps there will be something soon again—the company is hinting at something truly game-changing in augmented reality—but its aesthetic of refined elegance may never give way.

«

Murphy’s complaint is that Apple used to make coloured things (iMacs, iPods) and now the things aren’t coloured. But the flaw in his argument is in the second clause of the first sentence quoted above. Nobody forced the “greater industry” or “the entire consumer electronics market” to mimic Apple; the industry’s designers and marketers chose to do that because people seemed to like it. The iMac led to an explosion of other devices and accessories also using translucent coloured plastic rather than opaque beige. The Titanium Powerbook led to lots of aluminium-sleek laptops. And the iPhone – well, you’ve seen.

Murphy’s failure here is that he doesn’t ask why these other companies have chosen to ape Apple. Five minutes on the phone with a few designers could have created an informative piece. Instead, we get something casting around for a thread. This is where people – well, writers – need editors to tell them that story ideas aren’t good enough, and to go back and try again.
link to this extract


Errata, corrigenda and ai no corrida: none notified

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

Start Up: ZTE still in trouble, a router subscription?, Tesla’s naggier autopilot, and more


Among things Facebook tracks: your phone’s battery level. Photo by Kārlis Dambrāns on Flickr.

A selection of 10 links for you. No nuclear weapons were harmed in the making of this historic set of links. I’m @charlesarthur on Twitter. Observations and links welcome.

Senators move to sink Trump’s ZTE deal • WSJ

Siobhan Hughes:

»

In a rare rebuke of President Donald Trump, Republican Senate leaders set up a vote for this week that would undo the White House deal to revive Chinese telecommunications company ZTE Corp.

Commerce Secretary Wilbur Ross was on Capitol Hill late Monday to lobby against the move. But Democratic and Republican lawmakers said that an agreement had been reached to wrap into the National Defense Authorization Act an amendment that would ban ZTE from buying components from U.S. suppliers. The Commerce Department in mid-April had banned exports to the company as punishment for breaking a settlement to resolve sanctions-busting sales to North Korea and Iran.

In private meetings with Republicans last week, the president argued in favor of the agreement, which saved ZTE by allowing the Chinese company to resume buying components from U.S. suppliers.

The Trump administration agreed to lift the ban as part of a larger deal in which ZTE would pay a $1 billion fine and allow U.S. enforcement officers inside the company to monitor its actions. Cutting off access to U.S. components was essentially a death knell for the company.

«

The twists! The turns! Also: this “rebuke” of Trump is so rare it must have come in riding a unicorn with a dodo on its head.
link to this extract


Here Are 18 things you might not have realized Facebook tracks about you • Buzzfeed

Nicole Nguyen:

»

1. information from “computers, phones, connected TVs, and other web-connected devices,” as well as your “internet service provider or mobile operator”
2. “mouse movements” on your computer
3. “app and file names” (and the types of files) on your devices
4. whether the browser window with Facebook open is “foregrounded or backgrounded,” and time, frequency, and duration of activities
5. information about “nearby Wi-Fi access points, beacons, and cell towers” and “signal strength” to triangulate your location (“Connection information like your IP address or Wi-Fi connection and specific location information like your device’s GPS signal help us understand where you are,” said a Facebook spokesperson.)
6. information “about other devices that are nearby or on their network”
7. “battery level”
8. “available storage space”
9. installed “plugins”
10. “connection speed”
11. “purchases [users] make” on off-Facebook websites
12. contact information “such as an address book” and, for Android users, “call log or SMS log history” if synced, for finding “people they may know” (Here’s how to turn off contact uploading or delete contacts you’ve uploaded.)
13. information “about how users use features like our camera” (The Facebook spokesperson explained, “In order to provide features like camera effects, we receive what you see through camera, send to our server, and generate a mask/filter.”)
14. “location of a photo or the date a file was created” through the file’s metadata
15. information through your device’s settings, such as “GPS location, camera, or photos”
16. information about your “online and offline actions” and purchases from third-party data providers
17. “device IDs, and other identifiers, such as from games, apps or accounts users use”
18. “when others share or comment on a photo of them, send a message to them, or upload, sync or import their contact information”

«

And that’s apart from all the demographic and other intensely personal data they hold. This list was released to the US congress on Tuesday.
link to this extract


How a powerful spy camera invented at Duke ended up in China’s hands • WSJ

Wenxin Fan:

»

Five years ago, a group of Duke University scientists developed a pioneering gigapixel camera to provide long-range surveillance for the U.S. Navy through a sponsorship from the Pentagon.

The technology, never picked up by the U.S. government, is now being used by Chinese police to identify people from nearly a football field away, after lead Duke researcher David Brady moved to China in 2016 to kick-start his business.

China’s easier access to startup funding, manufacturing supply chain and burgeoning demand for high-tech cameras attracted Mr. Brady, whose original venture in the U.S. failed to win over financial backers and customers. Within two years of the move to China, his company obtained enough funding to build its first commercial camera…

Mr. Wang helped land early investment from a former Shanghai government official who now runs a venture-capital fund. The investor, who said he had been searching for technologies he could bring back to China, invested almost $5 million in Aqueti. Mr. Wang said Aqueti has attracted about $28m in two rounds of fundraising—a far cry from the U.S., where Aqueti’s effort to raise $25,000 on crowdfunding site Kickstarter in 2013 yielded just $1,007.

To secure the investment, Mr. Brady, a professor in photonics at Duke’s campus in Kunshan, took a less conventional route. Rather than set up a joint venture, he packaged his original U.S. business into Aqueti China and obtained a license to use the camera technology, to which Duke owns the patent.

“Where else can we build these?” Mr. Brady said. “This is naturally a Chinese project.” In addition to the funding, the supply chain to make such cameras is in China, he added. “Even if you raised the money in the U.S., you uniformly spend the money in China.”

«

link to this extract


Plume is turning home Wi-Fi into a subscription service • The Verge

Jacob Kastrenakes:

»

First, Plume is launching a more capable, tri-band router called the SuperPod. (Its normal router is called the Plume Pod.) It’s a bit bigger and a lot more expensive, and there isn’t much special about it on its own; most mesh systems offer both dual- and tri-band options at this point.

The bigger change is Plume’s business model, which is completely changing today. Previously, you would buy a Plume router (or several of them, since this is a mesh system) and go on your way, just as you would with every other router in existence. But that’s not the case anymore.

Now, you’ll have to subscribe to Plume’s Adaptive WiFi service before you can even buy a router. And once you own Plume routers, you’ll want to stay subscribed, or else the routers won’t work — period. (Existing Plume Pod owners will be grandfathered in.)

Plume’s subscription service will cost $60 per year, or $200 for a lifetime membership. One of the most tangible things you get for paying is reduced pricing on Plume’s routers, as well as a warranty for each year that you pay (lifetime members get a flat five years). Plume’s current routers come in a three-pack for $179. With the subscription, you can get a three-pack (that includes two dual-band and one tri-band router) for $39, which is a major discount. It still gets pricey if you want to buy more routers (especially tri-band units), but it’s still cheaper than buying this kind of router somewhere else.

«

My (and probably your) first reaction is: get stuffed, Plume. But think a little. Yes, this is expensive for a router. However, Plume by virtue of demanding the subscription is now responsible for keeping their software up to date – and in a world where routers are increasingly under attack, that is big shift.

My concern would be that your router, effectively under their care (it’s what the sub is for, right?) might get hacked, and that you’d be unable to get satisfactory redress. That would be amazingly annoying. On balance, might want to just stuck with the ordinary routers.
link to this extract


Federal judge clears AT&T’s bid for Time Warner • CNBC

Sara Salinas:

»

A federal judge said Tuesday that AT&T’s $85.4bn purchase of Time Warner is legal, clearing the path for a deal that gives the pay-TV provider ownership of cable channels such as HBO and CNN as well as film studio Warner Bros.

The judge did not impose conditions on the merger’s approval.

The Justice Department sued last year to block the merger, citing concerns that AT&T, owner of satellite television provider DirecTV, could charge rival distributors more for Time Warner content, resulting in higher prices for consumers. But AT&T has countered that the logic doesn’t hold up since the point of owning content is to get widespread distribution, which brings in affiliate fees and advertising revenue.

US District Court Judge Richard Leon was expected to issue the decision following a six-week trial.

AT&T, also the No. 2 wireless carrier in the US, said it was buying Time Warner in October 2016 to diversify its revenues and also become a media powerhouse that could attract consumers by bundling entertainment with mobile service. CEO Randall Stephenson has said the deal would help AT&T compete against tech giants like Amazon and Netflix, which are investing more in content.

The outcome of the trial could have implications for future deals in the telecom and media industries, as well as vertical mergers, where a company buys its supplier.

«

AT&T’s point about content needing distribution is a strong one, but companies always want to turn into monopolies if they possibly can. It’s in their nature. Side note: once again Time Warner is the bride in a giant merger aimed at content and distribution; who can forget the doomed $165bn AOL-Time Warner merger of 2000? Maybe this will go the same way.
link to this extract


Xiaomi unveils big loss as it prepares to hawk IPO to investors • Bloomberg

Yuan Gao and Crystal Tse:

»

Xiaomi Corp. revealed it lost more than $1bn in the first three months of 2018, as the Chinese smartphone maker prepares to persuade investors to buy into the largest initial public offering since 2014.

The eight-year-old company has begun gauging demand for a first-time share sale intended to fuel its expansion beyond China and bankroll the development of devices and media services. It also published its first prospectus for the sale of China Depositary Receipts in Shanghai on Monday, saying it plans to use about 40% of the proceeds to enlarge its global footprint. Xiaomi reported a 7bn yuan ($1.1bn) net loss on revenue of 34.4bn ($5.3bn) yuan in the first quarter…

…The Beijing-based company saw sales from more lucrative smart-home devices and internet services grow as a proportion of overall revenue in the first quarter. Roughly 31.8% of Xiaomi’s revenue in 2018’s first three months came from products such as air purifiers and scooters and online services such as mobile apps, according to the filing. Those two segments contributed 29% of sales in 2017.

Its biggest business, smartphones that barely make a profit, declined in importance to just 67.5% of sales from more than 70% in 2017. Xiaomi said it made a profit excluding one-time items of 1.038bn ($162m) yuan in the first quarter.

«

Estimates are that it could be valued at around $90bn. Personally, I don’t see what its moat is – what is there to stop its users drifting away to other brands, or alternatively to stop other brands moving into its space? It’s already losing out on its best-known space, smartphones. Though with a $3.3bn revenue, it’s a significant player, ahead of LG, Sony, Motorola/Lenovo, and other names.

The phones are pretty cheap, though. On that revenue, and Counterpoint’s figure of 27m shipped, the ASP is $122 – which doesn’t leave any room for error.
link to this extract


Tesla updates Autopilot to force users to keep their hands on the wheel • BGR

Chris Mills:

»

Tesla is pushing a new update to its Autopilot cruise control system that “nags” drivers every 15 to 20 seconds if their hands are off the wheel, according to Tesla owners. The update also adds some performance improvements and bug fixes to the Autopilot system, but the addition of frequent nags is the big that’s already causing Tesla owners to complain.

Under the old system, drivers would still get an Autopilot “nag,” but the reminders were much less frequent. Drivers would be prompted to hold the steering wheel after five minutes if driving on a slow road, or after one to three minutes when going faster than 45mph.

Those “nags” kept Autopilot as a hands-free system in effect, just a more attentive one. More than anything, the nags served as a check that the drivers were paying attention, but it didn’t force drivers to have their hands constantly on the wheel. Under the new update, drivers will get a nag after just 15 seconds (the precise nag interval is reported as being anywhere from 15 to 30 seconds), which in practice means people will just keep their hands on the steering wheel. The steering system also appears to have got an update, so there’s a small amount of “play” in the wheel which drivers can wiggle to prove that they’re there, without overriding the Autopilot system and turning it off.

Users are already complaining about the nags…

«

Of course they are. But as Musk pointed out in reply to some of the complaints, if people get too complacent, then safety suffers. And Tesla needs to focus on safety after some high-profile crashes.
link to this extract


Apple 2019 iPhone likely to support USB-C • Digitimes

Cage Chao and Jessie Shen:

»

Apple is redesigning chargers and related interface for its next-generation iPhone and iPad devices, and will likely have its 2019 series of iPhones come with USB Type-C support, according to sources at analog IC vendors.

The adoption of USB Type-C in Apple’s MacBook series has already encouraged other notebook vendors to follow suit. However, sales of their new models that come with a Type-C port have been affected negatively by a general slowdown in the global PC market.

Apple’s adoption of Type-C in its iPhones will accelerate other smartphone companies’ adoption of the interface in their products, the sources indicated. The popularity of Type-C interface among handsets will still depend on the adoption in Apple’s iPhones, nevertheless, the sources said.

«

Noooooooooooooooo. Also, With hundreds of millions of Lightning ports and cables out there, would Apple really do this? Apple laptops and desktops are one thing; they sell in comparatively small numbers – tens of millions per year. Would it really do it on phones, though? I’d have thought going for wireless charging on iPhones and iPads is far more likely, while retaining Lightning.
link to this extract


Giant Martian dust storm threatens Opportunity Rover • ExtremeTech

Ryan Whitwam:

»

The Mars Reconnaissance Orbiter first spotted the beginnings of this super-storm on June 1st. The MRO team notified Opportunity’s controllers as soon as they saw how close it was to the rover. It didn’t take long for the dust storm to grow in size to cover more than 7 million square miles (11.2 million square kilometers), which is larger than North America. Stuck smack in the middle of it is Opportunity. The small blue dot in the below image of the storm (click to enlarge) indicates Opportunity’s location in Perseverance Valley.

This is a problem for the rover because unlike its younger cousin Curiosity, Opportunity is solar-powered. According to NASA, the opacity level or “tau” of the new storm is 10.8. That means very little light is reaching the surface. Opportunity reported a significant drop in battery charge last Wednesday, so NASA suspended science operations and placed the rover in low power mode.

The good news is Opportunity made contact with NASA over the weekend to confirm that it’s still operational. At the time, the rover reported an internal temperature of -20 degrees Fahrenheit (-29C). In low power mode, the rover conserves power to make sure its heaters remain active. Without the heaters, the rover’s batteries would likely fail and doom the mission.

«

Anyway, to get back to the subject of our talk today… who wants to get on Elon Musk’s missions to Mars?
link to this extract


Survey: most Facebook users don’t expect much privacy • Fast Company

Ben Bajarin, of Creative Strategies, surveyed consumers’ attitudes to privacy and Facebook, and found that attitudes depend on context:

»

Consumers are becoming more sensitive to companies’ aggressive tracking of their online behavior. That tracking is beginning to affect consumers’ expectation of privacy.

Our research shows that consumers don’t seem to mind seeing ads on Facebook. They even indicated some level of gratitude when they found a new product or service on Facebook that fit their interests. But consumers feel that Facebook crosses the “creepy” line when it targets its ads using personal information it gleaned outside of Facebook. To this point, 58% of consumers in our study said they’re less than comfortable with how good Facebook has become at tracking their general online activity.

It’s here I believe the technology industry needs to start a broader conversation on privacy. The industry may need provide some protections for consumers who do not want their non-public online behavior to be tracked by companies like Facebook and Google. Any regulation of Facebook and companies like it should focus on this. Perhaps some consumer data should be off-limits to companies like Facebook and Google even if that activity happens on their own platforms.

Consumers are becoming more aware of the sophisticated tracking and ad-targeting technology used by Facebook, Google, and others have become. That awareness is raising privacy concerns.

No, people will not leave Facebook in droves. But people may start using Facebook less, as 45% of our study respondents said they were. Or more consumers may change their privacy settings and on-Facebook practices to limit how much information they share. Our survey found that 39% of consumers had already changed their Facebook privacy settings because of privacy concerns.

«

link to this extract


Errata, corrigenda and ai no corrida: none notified

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

Start Up: a new AI film!, Facebook ‘spying’ redux, the Android ‘app install’ scam, Quebec slows crypto mining, and more


We regret to inform you that USB-C is still a world of pain. Photo by Aaron Yoo on Flickr.

A selection of 10 links for you. Not open to negotiation. I’m @charlesarthur on Twitter. Observations and links welcome.

This wild, AI-generated film is the next step in “whole-movie puppetry” • Ars Technica

Sam Machkovech:

»

Zone Out’s script, just like Sunspring’s, teeters on the edge of inanity and emotion—which, honestly, puts it right up there with the best of the sci-fi canon. (A dialogue example taken directly from the film, which almost sounds like Benjamin’s criticism of his masters: “Why don’t you tell me what… you say is true that the human being will be able to reenforce the destruction of a human being?”) This time, the script’s odd, not-quite-human results are only amplified by having so many other film-production tasks automated by AI.

Snags arose during production as the duo struggled to find public-domain film footage that they could safely use in their own potentially commercial enterprise. The challenge wasn’t just about copyright; the footage had to contain a significant number of shots with sole actors facing directly toward the camera, which Benjamin could more easily snip and insert into whatever it composed. Between their deep dive into a public domain film database and conversations with a lawyer, Goodwin and Sharp settled on two films: The Last Man on Earth and The Brain That Wouldn’t Die.

The most striking part of the film is its reliance on face-swapping technologies to adapt existing films to Benjamin’s will. Face-swapping has become a pretty hot topic in pop culture, particularly after an altered video of President Barack Obama went viral in 2017 (and a followup take, with director/comedian Jordan Peele filling in as an impersonator, rekindled the viral fire in April). Still, the technology’s limitations are quite apparent, especially when time limits factor into any production. An April attempt to insert actor John Cho into popular films illustrated the immense amount of computational time needed to refine a face swap, and Zone Out’s production team ran into similar issues while having Benjamin parse pre-recorded footage of actors Thomas Middleditch, Elisabeth Gray, and Humphrey Ker.

«

Since you ask, here it is:

https://www.youtube-nocookie.com/embed/vUgUeFu2Dcw?rel=0

Getting better, aren’t they? Refer back to that strange film Sunspring from two years ago.
link to this extract


Why the future of machine learning is tiny • Pete Warden

Pete Warden is thinking small – in both size and energy consumption terms:

»

I spend a lot of time thinking about picojoules per op. This is a metric for how much energy a single arithmetic operation on a CPU consumes, and it’s useful because if I know how many operations a given neural network takes to run once, I can get a rough estimate for how much power it will consume. For example, the MobileNetV2 image classification network takes 22 million ops (each multiply-add is two ops) in its smallest configuration. If I know that a particular system takes 5 picojoules to execute a single op, then it will take (5 picojoules * 22,000,000) = 110 microjoules of energy to execute. If we’re analyzing one frame per second, then that’s only 110 microwatts, which a coin battery could sustain continuously for nearly a year. These numbers are well within what’s possible with DSPs available now, and I’m hopeful we’ll see the efficiency continue to increase. That means that the energy cost of running existing neural networks on current hardware is already well within the budget of an always-on battery-powered device, and it’s likely to improve even more as both neural network model architectures and hardware improve.

In the last few years it’s suddenly become possible to take noisy signals like images, audio, or accelerometers and extract meaning from them, by using neural networks. Because we can run these networks on microcontrollers, and sensors themselves use little power, it becomes possible to interpret much more of the sensor data we’re currently ignoring. For example, I want to see almost every device have a simple voice interface. By understanding a small vocabulary, and maybe using an image sensor to do gaze detection, we should be able to control almost anything in our environment without needing to reach it to press a button or use a phone app. I want to see a voice interface component that’s less than fifty cents that runs on a coin battery for a year, and I believe it’s very possible with the technology we have right now.

As another example, I’d love to have a tiny battery-powered image sensor that I could program to look out for things like particular crop pests or weeds, and send an alert when one was spotted. These could be scattered around fields and guide interventions like weeding or pesticides in a much more environmentally friendly way.

«

link to this extract


#109 is Facebook spying on you? • Reply All Podcast

Via former Facebook ads guyt Antonio Garcia Martinez, this podcast transcript:

»

PJ: So what’s going on here is that we’re talking to people who believe that Facebook is listening in on them using their microphones. And Alex, who’s done a lot of research, and as far as I can tell believes it’s not happening, he’ll try to give you an alternate explanation
MONIQUE: Ok, so I have a very quick story, and this is so funny, I was just telling my friend about this last night. Um, so, a few months ago I was on the phone talking to my friend and she was talking about this device that she had bought, um, to help her open coconuts.
PJ: What
MONIQUE: It was this really weird thing and she was trying to explain–she was explaining this tool, but she couldn’t remember the name. And we get off the phone, and then that was it. And maybe 15, 20 minutes later, I’m scrolling on Facebook and I see an ad for this device called the Coco-Jack.
PJ: (laughs) The Coco-Jack?
MONIQUE: I screenshot it. And was like “Is this what you were talking about?” And she was like “Yes.” And ever since then, I’ve been convinced that they’re onto me.
ALEX: OK (clears throat).
PJ: God, this is like watching a conductor warm up.
ALEX: OK, is this person your friend on Facebook?
MONIQUE: Yes.
ALEX: Did she buy the Coco-Jack online?
MONIQUE: I don’t know for sure, but I don’t think she did.
PJ: I just watched a balloon deflate–
ALEX: No! Not necessarily.
PJ: OK.
ALEX: Do you know where she bought it?
MONIQUE: If I recall correctly, she was in Vegas at some, like um, weird little shop, like “as seen on TV” shop. And she picked it up there.
ALEX: Do you think that she was, like, frustrated by all her coconuts beforehand, and so she Googled like, “How to open coconuts?”
MONIQUE: Perhaps. Maybe. But why would I be seeing it on my- like I saw it on my feed?

«

OK, maybe not listening to your phone – but it comes across as maybe even more creepy.
link to this extract


Android users: beware these popularity-faking tricks on Google Play • We Live Security

Lukas Stefanko:

»

The trick takes advantage of the fact that apart from the app icon and name, there is one more element the user sees when browsing apps – the developer name, displayed just below the app name. And since unknown developer names are no use for popularity-boosting purposes anyway, some app authors have been setting fictitious, high numbers of installs as their developer names, in an effort to look like established developers with vast userbases.

We have discovered hundreds of apps using this and similar tricks to deceive users. The apps we’ve analyzed were either misleading users about their functionality or had no functionality at all, yet most display many advertisements.


Figure 1 – Apps uploaded to Google Play under the developer name “Installs 1,000,000,000 – 5,000,000,000”

The freedom to set any number of choice as developer name has inspired some remarkably ambitious claims – one game developer, for instance, would like users to believe his games have been installed more than five billion times. (Note: the highest-ranking apps in terms of number of installs fall into the category “1,000,000,000 ” at the time of writing; this category includes Google Play itself, Gmail, Facebook, WhatsApp, Skype, etc.)

In one particular case, we saw a developer change his name from a fake installation number to an actual developer name over time, which might indicate the trick is used as a temporary measure aimed at boosting the popularity of newly uploaded apps.

«

Wonder how easy will be for Google to block this? Searching for “install” as a developer name, or for figures, would probably catch it. How long before this trick is squashed?
link to this extract


ZTE’s near-collapse may be China’s Sputnik moment • NY Times

Li Yuan, suggesting that ZTE’s near-death experience will affect China as the sight of Sputnik overhead did America, presaging a technological surge:

»

China offers a competing vision to those who see technology as a global, liberating force. Its robust online culture coexists with stringent censorship. China forcefully espouses a view of sovereignty in the cyber realm that sees a greater degree of government control than the internet’s creators ever envisioned — a view that doesn’t seem as far-fetched as it once did, as politicians around the world grapple with the unintended consequences of technology.

Before we get to that future, however, the ZTE incident offers a glimpse of where China stands now.

ZTE’s near-collapse has shaken tech entrepreneurs, investors and ordinary Chinese people alike. In social media chat groups, at dinner tables, at industry conferences, terms like “semiconductors” and “fundamental scientific research” have become buzzwords. My novelist, economist and philosophy professor friends all ask me: How far behind is China’s microchip industry? How long will it take us to catch up with the United States? (Some ask even more basic questions, like: What’s a microchip?)

“The recent ZTE incident made us see clearly that no matter how advanced our mobile payment is, without mobile devices, without microchips and operating systems, we can’t compete competently,” Pony Ma, chief executive of the Chinese internet giant Tencent Holdings said last month at a science forum.

China feels new urgency to increase its technological abilities. Its current push — called Made in China 2025 — lies at the root of worsening trade relations between the United States and China. But the problems with ZTE, which had $17bn in revenue in 2017, will only spur Chinese leaders to push ahead.

«

link to this extract


It’s 2018 and USB type-C is still a mess • Android Authority

Robert Triggs:

»

USB Type-C was billed as the solution for all our future cable needs, unifying power and data delivery with display and audio connectivity, and ushering in an age of the one-size-fits-all cable. Unfortunately for those already invested in the USB Type-C ecosystem, which is anyone who has bought a flagship phone in the past couple of years, the standard has probably failed to live up to the promises.

Even the seemingly most basic function of USB Type-C — powering devices — has become a mess of compatibility issues, conflicting proprietary standards, and a general lack of consumer information to guide purchasing decisions. The problem is that the features supported by different devices aren’t clear, yet the defining principle of the USB Type-C standard makes consumers think everything should just work.

The charging example clearly demonstrates a very common frustration with the standard as it currently stands. Moving phones between different chargers, even of the same current and voltage ratings, often won’t produce the same charging speeds. Furthermore, picking a third party USB Type-C cable to replace the typically too short included cable can result in losing fast charging capabilities.

I have three different phone chargers from LG, Huawei, and Samsung. Points for guessing how many of them can fast charge a phone from a different brand. It’s a simple question with a complicated answer.

«

Something involving plugging a cable into a charger shouldn’t have a complicated answer. I begin to wonder how USB-C is going to get out of this mess. (Thanks Papanic for the link.)
link to this extract


Canada’s Quebec halts crypto mining projects, may raise fees • Reuters

Allison Lampert:

»

The provincial government announced the move as state-owned power generator Hydro Quebec said it has asked the province to limit total power available to all digital currency miners to a block of 500 megawatts. That is about enough energy to run a single aluminum smelting plant, or a fraction of the 17,000 megawatts in capacity requested so far by miners looking to operate in Quebec.

The firm also said it asked the province’s energy board to determine quickly how much it should charge digital currency miners to help maximize the energy producer’s revenue.

Quebec’s energy ministry said it ordered Hydro Quebec to hold off on connecting new digital currency mining operations until regulators set new roles for the industry.

«

500 out of 17,000? That’s quite a halt. Bitcoin prices are down too, currently below $7,000 – compared to the $20,000 peak. Always dangerous to predict but can’t see what would bring it back now the impacts are becoming visible.
link to this extract


American collapse isn’t just economic and political — it’s moral and ethical, too • Medium

Umair Haque on how Kim Kardashian gets more attention than children being put in camps: what does this say about American morality

»

First, there’s the Kantian idea of a universal law of treating others as you wish to be treated, Kant’s “kingdom of ends.” It’s blindingly obvious to see that American don’t treat one another that way — they want everything for themselves, but deny the most meager of basics to their neighbours. Hence, the American Dream became something like a McMansion, a fleet of SUVs, and a black Amex card — and damn universal healthcare, education, media, finance. So Americans immediately fail the test of Kantian ethics — so-called “deontological” ethics, which simply mean “rules for what is right.” There is no rule for what is right in America — and that has profound consequences, which we will soon come to.

Second is the idea of utilitarian ethics, acting for the so-called greater good. But here again, Americans fail at the slightest observation. They will happily invest in more things that give them zero added utility, but genuinely make them miserable, like that Amazon gadget that spies on you, hours on Facebook which leave them lonelier, meaner, dumber, more resentful, envious, and unhappy — but they won’t spend a collective dime for the sake of the greater good. It’s shatteringly obvious that if Americans were the slightest bit concerned with the greater good, like good utilitarians, they’d spend time, energy, money on, say healthcare for everyone — but that hasn’t happenedin our adult lifetimes. So Americans fail this moral test, too.

Now, most moral systems fall somewhere between these two poles, of utilitarian (or consequentialist) ethics, and Kantian (or deontological) ethics… Nowhere within the spectrum of morality as we know it can we place the behaviour of Americans.

«

Somewhat damning, but the moral paralysis in the US (I think it’s that rather than indifference) is quite shocking. Compare the fury in the UK over Windrush citizens.
link to this extract


Facebook aims to bring the fun back into music • Midia Research

Mark Mulligan:

»

For a whole host of reasons that warrant a blog post of their own, streaming music has coalesced around a very functional value proposition. In short, the fun has been taken out of music. Apps like Dubsmash and Musical.ly showed that it doesn’t have to be that way. These apps were small enough to be able to do first and ask for forgiveness later. Even though Facebook has all the ingredients to do what those guys did – and at scale, it is far too big to try to get away with that strategy, so it had to get licences in place first. YouTube is the only other scale player that really brings a truly social element to streaming. Now it has got a serious challenger that just upped the ante beyond comments, mash ups and likes / dislikes. The music industry so needs this right now, especially to win over Gen Z.

«

Competition for Youtube makes this a very interesting arrival. Are the music companies getting more per play from Facebook than from Youtube?
link to this extract


Opposing onshore UK windfarms ‘means higher energy bills’ • The Guardian

Adam Vaughan:

»

The government ended subsidies for t[onshore] windfarms in 2015 but the energy minister Claire Perry has recently said she is “looking carefully” at a U-turn for windfarms built in Wales and Scotland. Last week, the government gave its backing to windfarms on remote islands, such as the Isle of Lewis.

[Conservative peer Lord] Deben told the Guardian: “There is no doubt, and I feel very strongly about it, that onshore wind is the cheapest form of electricity. If the Scots want to have it, on which basis should we say they shouldn’t have it?”

Advocates believe onshore windfarms could be built for subsidies guaranteeing prices as low as £50 per megawatt hour – below the average £62.14 awarded to the latest offshore windfarms and far lower than the £92.50 for the Hinkley Point C nuclear power station.

The payments are a top-up on the wholesale electricity price of around £45/MWh, with the difference paid by householders through their energy bills. Hinkley alone is expected to add £10-15 to annual bills by 2030.

«

Hinckley C was such a terrible decision. Theresa May, bamboozled by China on that one.
link to this extract


Errata, corrigenda and ai no corrida: yesterday’s link about Facebook “listening to you” got some pushback, as they say. So take a look at the link from the Reply-All podcast.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

Start Up: Apple Watch getting touchy?, crypto heists top $1bn, the NYC taxi price crash, why ringtones bug you, how China’s bugging Trump, and more


Photo by Jan Persiel on Flickr

»You can sign up to receive each day’s Start Up post by email (arriving at about 0800GMT each weekday). You’ll need to click a confirmation link, so no spam.«

A selection of 9 links for you. Not approved at a summit. I’m @charlesarthur on Twitter. Observations and links welcome.

US officials prepare to thwart Chinese spying at Singapore summit • NBC News

Courtney Kube, Carol E. Lee, Ken Dilanian and Andrea Mitchell:

»

According to three US officials, in one recent case a top US official working in China repeatedly had trouble with his hotel key card. He had to replace it several times at the front desk because it wouldn’t open his door.

He brought one of the key cards back to the US, where security officials found a microphone embedded inside, according to the US officials.

The Chinese have placed listening and tracking devices in chips embedded in credit cards, key chains, jewelry, and even event credentials, the officials said, often with the intent of capturing secret conversations among American officials.

In advance of Chinese President Xi Jinping’s 2017 meeting with Trump at Mar-a-Lago, Trump’s south Florida estate, White House officials received detailed briefings on how the Chinese would try to spy on them during the visit “in every possible way,” said an official who was part of the visit.

And US officials “swept all of our phones afterward” to check if they were infiltrated by the Chinese, the official added.

Seven months later when Trump traveled to Beijing, White House officials were given more extensive briefings, according to officials who were on the trip, in which they were told to assume the Chinese would be tracking, taping and watching them the entire time they were in the country.

During the visit, the officials say the Chinese gave the US delegation pins that the Americans called their friendship pins. But members of the delegation were not allowed to wear the pins into a secure area because security officials warned they likely had embedded listening devices.

The officials said their belongings were rifled through while they were not in their hotel rooms, as happened to US officials during previous presidential trips to China.

«

Not surprising. The friendship surveillance pins are a nice touch. And of course we’re not mentioning what the Americans do.
link to this extract


Your phone is listening and it’s not paranoia • Vice

Sam Nichols:

»

For your smartphone to actually pay attention and record your conversation, there needs to be a trigger, such as when you say “hey Siri” or “okay Google.” In the absence of these triggers, any data you provide is only processed within your own phone. This might not seem a cause for alarm, but any third party applications you have on your phone—like Facebook for example—still have access to this “non-triggered” data. And whether or not they use this data is really up to them.

“From time to time, snippets of audio do go back to [other apps like Facebook’s] servers but there’s no official understanding what the triggers for that are,” explains [senior cybersecurity consultant for Asterix, Dr Peter] Henway. “Whether it’s timing or location-based or usage of certain functions, [apps] are certainly pulling those microphone permissions and using those periodically. All the internals of the applications send this data in encrypted form, so it’s very difficult to define the exact trigger.”

He goes on to explain that apps like Facebook or Instagram could have thousands of triggers. An ordinary conversation with a friend about needing a new pair of jeans could be enough to activate it. Although, the key word here is “could,” because although the technology is there, companies like Facebook vehemently deny listening to our conversations.

“Seeing Google are open about it, I would personally assume the other companies are doing the same.” Henway tells me. “Really, there’s no reason they wouldn’t be. It makes good sense from a marketing standpoint, and their end-use agreements and the law both allow it, so I would assume they’re doing it, but there’s no way to be sure.”

With this in mind, I decided to try an experiment. Twice a day for five days, I tried saying a bunch of phrases that could theoretically be used as triggers. Phrases like I’m thinking about going back to uni and I need some cheap shirts for work. Then I carefully monitored the sponsored posts on Facebook for any changes.

«

Guess what happened? This topic – are our phones listening to us? – has been hotly discussed on my Twitter feed recently. This is quite an eye-opener.
link to this extract


Android Messages integration with Chrome OS is one step closer to reality • Android Police

Corbin Davenport:

»

Almost a year ago, evidence first appeared of an ‘SMS connect’ feature on Chrome OS. It would allow users to see text messages from your phone on your Chromebook, similar to Pushbullet and similar software. We haven’t heard much about it since then, but Google has also been working on a web client for Android Messages. Thankfully for Chrome OS users, a new commit reveals SMS Connect is one step closer to going live.

A commit on the Chromium Gerrit repository, as spotted by XDA, simply adds a feature flag for “CrOS Android Messages integration.” In other words, SMS Connect will become a feature you an easily turn on from the chrome://flags page, meaning users will finally be able to try it out.

«

Apple users who have wanted it have had this functionality for years, if they use an iPhone and a Mac: the Messages app handles SMS too, which can then appear on the desktop. Perhaps it’s Apple’s legacy with the desktop which meant it made this a priority (of sorts). But it’s also a sign of Google’s haphazard approach to messaging: as much as anything, the problem would be deciding which of its many, many messaging apps should get the privilege of receiving texts on ChromeOS.
link to this extract


No, iPhone ringtones aren’t bad. They’re musically sophisticated • The Washington Post

Alyssa Barna:

»

Two of the most instantly recognizable iOS ringtones are “Marimba” and “Xylophone,” sounds that have become comfortable and familiar. But as music theory demonstrates, subtle details in the composition of these tunes all but demand that we cut them off by picking up the phone. That’s partly because they are fundamentally disruptive, intrusively insisting on our attention. Ultimately, the effect may be key to Apple’s cultural impact. With the possible exception of Nokia and its now-historical ringtone, no other company has managed to make the sounds of its devices quite so central to its brand identity.

Consider the ringtone “Xylophone,” which consists of two lines — a cutesy melody on top supported by a constant pulsing layer underneath that sustains your attention. “Xylophone” is composed around the concept of syncopation — accentuating weaker beats to mess with a rhythm a bit and make it more complex. Think: “Buh-buh-bummm, buh-buh-b-b-b-buh” in the upper line, and “bum-bum-bum-bum-bum-bum-bum-bum” consistently in the lower line. These two lines may not seem to match up at first, but the melody fits awkwardly with the supporting tones underneath. The lower line features annoying pulsing beats, while the melody articulates beats that the second line doesn’t hit. In theoretical terms, we would say one line has isochronous rhythms — that is, they are evenly spaced and patterned. By contrast, the line with the syncopated melody uses non-isochronous rhythms. Together, these two patterns create a barrage that aims to unsettle the listener. This is a tune that Apple has stuck with precisely because we don’t want to listen to it.

«

Before you ask, Barna has a Masters in music theory. The idea that ringtones work because we don’t want to listen to them is rather clever. It’s like the near-impossibility of ignoring a ringing telephone while you’re trying to have a face-to-face conversation.
link to this extract


139 NY taxi medallions will be offered at bankruptcy auction • New York Post

John Aidan Byrne:

»

A record 139 taxi medallions will be offered for sale in bankruptcy auction this month — the latest sign that a deluge of ride-sharing apps like Uber are squeezing cabbies out of business and deeper into debt, as well as pinching the incomes of for-hire drivers, according to analysts.

The medallions will be auctioned for a fraction of their original value — some likely having cost their owners as much as $1m or more apiece.

A minimum of 20 will be sold, the auctioneers say. The collection is part of the 13,587 licensed medallions required to operate New York City’s fleet of iconic yellow cabs. Back in 2013, a medallion fetched a whopping $1.3m.

Today, prices have plunged to between $160,000 to $250,000 each, as a wave of ride-sharing vehicles floods the market.

Last year, 46 medallions were reportedly sold at an auction in Queens for an average price of $186,000, snatched up by Connecticut-based MGPE, a hedge fund presumably seeking yield on a distressed asset.

For-hire vehicles on New York’s congested streets have surged from 50,000 in 2011, when Uber entered the New York market, to about 130,000 today.

Not surprisingly, earnings for yellow cabbies have fallen off the cliff — full-time average annual earnings, before taxes, are down from $45,000 as recently as 2013, to as low as $29,000 today, according to some estimates.

«

Which leads to the obvious question: is Uber bad? Here it has pretty much bankrupted thousands of people (or, perhaps, groups who bought a medallion together).

But: look at the number of vehicles on the streets. It’s easier to get a cab to go where you want to.

The convenience of many has been acquired through the pain of a few. That doesn’t make their pain any less, but this was inevitable one way or another.
link to this extract


Cryptocurrency theft tops $1bn in past six months • Security Week

Kevin Townsend:

»

$1.1bn has been stolen in cryptocurrency thefts over the past six months. This is the visible effect of an illicit dark web market economy which is reportedly worth $6.7m. That market fuels cryptocurrency thefts from exchanges, businesses, and individuals; and the growing incidence of cryptojacking.

The basic problem is that cryptocurrencies are increasingly popular, which drives up their value. This makes investment popular for both individuals and businesses; and this in turn attracts the criminals. The three most common attacks involve currency-stealing malware (designed to quietly steal the users’ wallet content and send it to the attacker); illicit mining (designed to use business infrastructures to mine cryptocurrency for the attacker); and cryptojacking (which is illicit mining targeted at individuals).

A six-month study (PDF) by Carbon Black into how cryptocurrency malware is bought and sold in the dark web has shown an estimated 12,000 dark web marketplaces selling approximately 34,000 offerings related to cryptocurrency theft. Malware offerings range from as little as $1.04 to as much as $1,000, with an average price of $224.

Bitcoin remains the primary cryptocurrency used for legitimate cyber transactions — but cybercriminals are moving to alternative and more profitable currencies, such as Monero — which is now used in 44% of all attacks.

«

I’d guess that North Korea has been behind a fair number of those attacks, because it needs the foreign currency. Crypto hacks are effectively free currency, so it doesn’t mind getting a “poor” exchange rate on them.
link to this extract


The Apple Watch will get touch-sensitive, solid-state buttons • Fast Company

Mark Sullivan:

»

The Apple Watch will be getting solid state buttons that don’t move up and down but rather sense the touch of a finger, a source with direct knowledge of Apple’s plans tells Fast Company.

Apple will stick with the Watch’s current button configuration, with a button and a digital crown situated on one side of the device, but neither will physically click as before. Rather than reacting to the user’s touch by physically moving back and forth, the new buttons will vibrate slightly under the fingertip, using the haptic effect Apple calls the Taptic Engine. (The digital crown will still physically rotate to navigate through content.)

The switch to solid state buttons in the Watch is similar to the conversion of the iPhone’s home button to a solid-state design in 2016’s iPhone 7. In past years, other Apple components such as MacBook trackpads and iPod control wheels have also gone from moving parts to solid-state technology.

The new buttons could be part of the new Apple Watch the company will announce this fall, or, if not, will be included in the 2019 Watch, the source said.

Solid-state buttons will make the Watch more water resistant because the opening needed for a physical button is eliminated. The solid-state controls also take up less space in the design, freeing up room for a bigger battery, the source said.

«

I’d expect this to come this year – there have been four iterations of the current design, and Apple has had the Taptic Engine for at least four years. Enough time to design it into a watch button or two.
link to this extract


Copyright law could put end to net memes • BBC News

»

Memes, remixes and other user-generated content could disappear online if the EU’s proposed rules on copyright become law, warn experts.

Digital rights groups are campaigning against the Copyright Directive, which the European Parliament will vote on later this month. The legislation aims to protect rights-holders in the internet age. But critics say it misunderstands the way people engage with web content and risks excessive censorship.

The Copyright Directive is an attempt to reshape copyright for the internet, in particular rebalancing the relationship between copyright holders and online platforms. Article 13 states that platform providers should “take measures to ensure the functioning of agreements concluded with rights-holders for the use of their works”.

Critics say this will, in effect, require all internet platforms to filter all content put online by users, which many believe would be an excessive restriction on free speech. There is also concern that the proposals will rely on algorithms that will be programmed to “play safe” and delete anything that creates a risk for the platform.

A campaign against Article 13 – Copyright 4 Creativity – said that the proposals could “destroy the internet as we know it”. “Should Article 13 of the Copyright Directive be adopted, it will impose widespread censorship of all the content you share online,” it said.

«

This is clearly going to fail to recognise the “fair dealing” (US phrase: “fair use”) exceptions that abound for copyright law. It’s going to be honoured more in the breach than the observance if it’s voted in.
link to this extract


Carbon engineering and Harvard find way to convert CO2 to gasoline • CNBC

Chloe Aiello:

»

A team of scientists claims to have discovered a cheaper way to extract carbon dioxide from the atmosphere and turn it into gasoline or other fuels, which could arm humanity with a new tool in the fight against climate change.

Published in the scientific journal Joule on Thursday, the research demonstrates a new technique that pulls carbon dioxide out of the atmosphere, and converts it into liquid gasoline, diesel or jet fuel.

Canadian clean energy company Carbon Engineering, in partnership with researchers from Harvard, used little more than limestone, hydrogen and air for the process, which can remove one metric ton of CO2 for as little as $94, the scientists say. It cleans up the environment, and produces eco-friendly liquid fuel at the same time.

“Until now, research suggested it would cost $600 per ton to remove CO2 from the atmosphere using DAC technology, making it too expensive to be a feasible solution to removing legacy carbon at scale,” David Keith, Harvard Professor and founder of Carbon Energy said in a statement. “We now have the data and engineering to prove that DAC can achieve costs below $100 per ton.”

«

All this stuff is still small-scale, though. And it’s odd to talk about capturing it and turning it into fuel.
link to this extract


Errata, corrigenda and ai no corrida: none notified.

Start Up: iPhone X Plus sized up (via logs), Nasa rover finds Martian.. stuff, conference seating woes, and more


ZTE has been reprieved. What, if anything, did the US get in return? Photo by Kārlis Dambrāns on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 13 links for you. For the weekend. I’m @charlesarthur on Twitter. Observations and links welcome.

Nasa Mars rover finds organic matter in ancient lake bed • The Guardian

Ian Sample:

»

Nasa’s veteran Curiosity rover has found complex organic matter buried and preserved in ancient sediments that formed a vast lake bed on Mars more than 3bn years ago.

The discovery is the most compelling evidence yet that long before the planet became the parched world it is today, Martian lakes were a rich soup of carbon-based compounds that are necessary for life, at least as we know it.

Researchers cannot tell how the organic material formed and so leave open the crucial question: are the compounds remnants of past organisms; the product of chemical reactions with rocks; or were they brought to Mars in comets or other falling debris that slammed into the surface? All look the same in the tests performed.

But whatever the ultimate source of the material, if microbial life did find a foothold on Mars, the presence of organics meant it would not have gone hungry. “We know that on Earth microorganisms eat all sorts of organics. It’s a valuable food source for them,” said Jennifer Eigenbrode, a biogeochemist at Nasa’s Goddard Space Flight Center in Maryland.

“While we don’t know the source of the material, the amazing consistency of the results makes me think we have a slam-dunk signal for organics on Mars,” Eigenbrode added. “It is not telling us that life was there, but it is saying that everything organisms really needed to live in that kind of environment, all of that was there.”

«

When I worked at The Independent in 1995, the then science editor Tom Wilkie declared that in news, the same stories come around again and again, and that by the third time you’re pretty sick of them. He was already bored with “life on Mars” stories, so I did the one about the meteorite with the odd shapes. And now here we go again.
link to this extract


AI at Google: our principles • Google blog

Sundar Pichai:

»

We will assess AI applications in view of the following objectives. We believe that AI should:
– be socially beneficial
– avoid creating or reinforcing bias
– be built and tested for safety
– be accountable to people
– incorporate privacy design principles
– uphold high standards of scientific excellence
– be made available for uses that accord with these principles

«

There’s plenty more – each point is expanded, but those are the bullets. He also sets out the applications that Google won’t pursue.
link to this extract


iOS 12 tells us exactly how big the iPhone X Plus will be • BGR

Chris Smith:

»

Apple started testing iOS 12 builds in the wild as recently as late February, when Google Analytics first picked up visits to BGR from devices running iOS 12. The number of visits increased as we approached June. It’s likely that Apple engineers tested early iOS 12 builds on various devices well ahead of the WWDC event. And while you can safely test iOS 12 out in the wild if you’re an Apple engineer since regular users will not immediately spot it, you can’t always fool analytics programs.

As such, between late February and late May, BGR received hundreds of visits from devices running iOS 12.

Even if some of those were fake iOS 12 devices, plenty of those visits still came from devices that you can quickly identify as iPhones and iPads checking in from Apple. Looking at screen resolution alone, one could easily identify visits from iPhone X, iPhone 8/7/6sPlus/6s/6Plus/6, iPhone 8Plus/7Plus, 12.9-inch iPad Pro, 10.5-inch iPad Pro, iPhone SE, and — finally — iPhone X Plus


Image Source: Chris Smith, BGR

How do we know an iPhone X Plus was used to read BGR posts? Well, this device that Google identifies as an Apple iPhone running iOS 12, had a screen resolution like no other iPhone or iPad: 496 x 896.

Don’t be fooled, that’s not the resolution in pixels, but in points.

«

Multiply by 2.608 or 3 – it’s not known yet – to get the pixels: 1242×2688, or 1080×2336. This means it’s going to be the same width as the present iPhone X, but 15% taller.
link to this extract


Here’s the tiny drone the US Army just purchased for soldiers • CNET

Abrar Al-Heeti:

»

The US Army is getting tiny personal surveillance drones as part of a $2.6m contract with Flir, a thermal imaging and technology company. 

The Black Hornet Personal Reconnaissance System is the world’s smallest combat-proven nano-drone, according to the company. The US Army has ordered the next-generation Black Hornet 3, which weighs 32 grams and packs navigation capabilities for use in areas outside of GPS coverage. The drone, which has advanced image processing from earlier versions, and can fly a distance of two kilometers at more than 21 kilometers an hour and carries a thermal microcamera.    

The order marks the US Army’s first for the Soldier Borne Sensors program, which aims to provide military personnel with more awareness of their surroundings using drones. 

«

That’s a pretty cheap contract. The drones are about the size of three fingers, which would make them hard to shoot down. Good for reconaissance. Consumer electronics leading war electronics, which is the opposite of what usually happens.
link to this extract


Dear conference organizers: you’re doing chairs wrong • Motherboard

Rose Eveleth:

»

Next time you’re at a conference, pay attention to the chairs and the folks in skirts and dresses trying to navigate them. If you do, a frustratingly common problem will become clear. Nearly every femme-identifying person I know has wrestled with tall bar stools, directors chairs, deep arm chairs, and more. Recently at a podcasting conference I watched as a woman perched herself awkwardly at the edge of an armchair that was elevated so her crotch was exactly at eye level for the audience. At another conference I saw two women convene before their panel purely to scope out the seating situation. One of them decided to change into pants.

“Once I wore a dress to a panel I was on that was quite appropriate in length but slightly above the knees and they had these super tall stools for speakers,” Megan Berry, VP of product at Octane AI, an automated messenger marketing platform, told me. “I had to be strategic about how to sit down with the whole audience there so I didn’t flash anyone and sat very carefully for the whole panel.”

Emily Finke has a similar story.

Finke, a science educator, once wore a knee-length pencil skirt to a panel where she and the other speakers sat on barstool-height chairs, not behind a table. “That skirt is fine for normal chair heights and for standing,” Finke said, “but I knew in the angle of the tall chairs that it would mean the skirt vent would have the audience looking directly up my skirt.” Rather than sitting in the chair, she spent the entire panel leaning awkwardly against it with her hand over the backrest, “in the worst Riker in Ten Forward pose ever.”

«

Ditto with clip-on mics, which don’t work well with dresses. (Every woman I’ve been on a panel with has complained about this, and Evereth brings it up too. Also: “femme-identifying” is a terrible phrase.) A magnetically clipped mic still has the wire, but not the assumption that there will be a lapel to attach it to.
link to this extract


Home beats phone: smart home device sales to exceed smartphones by 2023 • Strategy Analytics

»

The increasing popularity of the smart home is confirmed today by new research from Strategy Analytics showing that global demand for smart home devices will exceed sales of smartphones by 2023. Consumers worldwide bought 663 million smart home devices in 2017, and this will increase to 1.94 billion in 2023, when sales of smartphones will be 1.86 billion. The research, “2018 Global Smart Home Device Forecast”, includes various categories of smart home device, including smart speakers, security cameras, smart light bulbs, smart door locks, digital thermostats, gateways and sensor devices. Demand is being driven by lower device prices, compelling user applications and services, improved user experience and rapid technology development.

The fastest growing category in 2018 will be smart speakers, such as Amazon Alexa and Google Home, with a growth rate of 109%. Other fast growing segments include smart light bulbs (such as the Philips Hue), connected smoke detectors, smart door locks (such as Amazon’s August Smart Lock), gateways and hubs and security cameras (such as Google’s Nest Cam).

«

Well, OK, if you’re just talking about number, rather than value. Cheap things tend to sell in greater numbers than expensive things. Unclear how big the penetration will be by that stage – though one could end up with many more than one IoT object per person, unlike the smartphone.
link to this extract


NTSB: Autopilot steered Tesla car toward traffic barrier before deadly crash • Ars Technica

Timothy Lee:

»

The preliminary report confirms that Autopilot was engaged ahead of the crash, and it appears to confirm that a navigation mistake by Autopilot contributed to Huang’s death.

Huang’s Model X was driving south on US highway 101 just ahead of a point where a left-hand exit split off from the main road. Logs recovered by the NTSB show that eight seconds before the crash, the vehicle was following behind another car, traveling at 65mph.

Then, seven seconds before the crash, “the Tesla began a left steering movement while following a lead vehicle.” That “left steering movement” carried the vehicle into the “gore area”—a triangular area of paved road that separated the highway’s main travel lanes from the diverging exit lane.

At four seconds before the crash, the Tesla vehicle was no longer following the car ahead of it. The car’s cruise control was set to 75mph, so it began to accelerate, reaching a speed of 70.8mph just before the crash. There was “no precrash braking or evasive steering movement detected,” the NTSB says.

Huang’s hands were detected on the steering wheel for 34 seconds out of the final minute of his trip. His hands were not detected on the steering wheel for the final six seconds prior to the crash.

«

As had been suggested: it diverted into the white lines of the gore. Now the question is whether this was caused by a Tesla software update, since the car had been along the same stretch of road a number of times. I suspect Tesla won’t like the answer. Software updates that kill: now a feature in cars.
link to this extract


Google will pause election ads in Washington state in unprecedented response to new law – GeekWire

Todd Bishop:

»

Google says it will stop running state and local election ads in Washington state, citing new rules that require what amounts to real-time disclosure of detailed information about election ads in response to public records requests.

The company has never before paused election ads in a U.S. state. Google says it wants to comply with the law, but its systems aren’t prepared for the rules as implemented. Starting Thursday, Google AdWords won’t accept ads for candidates or ballot measures in the state.

Google’s decision was announced Wednesday evening in an AdWords policy update. The new state rules go into effect Thursday, less than a month after they were approved by the state Public Disclosure Commission as part of implementing HB 2938. The law, signed by Gov. Jay Inslee in March, is meant to bring more speed and transparency to campaign ad disclosures.

“We take transparency and disclosure of political ads very seriously which is why we have decided to pause state and local election ads in Washington, starting June 7, while we assess the amended campaign disclosure law and ensure that our systems are built to comply with the new requirements,” said Alex Krasov, a Google spokesperson, in a statement to GeekWire.

The company did not provide a timeline for resuming political ads in the state.

«

Interesting: first Ireland (with the abortion referendum), now this. Politicians – and the companies themselves – are waking up to the problem they have with dark money here.
link to this extract


VPNFilter malware may be even more dangerous than we thought • ExtremeTech

Ryan Whitwam:

»

Security researchers have traced VPNFilter back to Fancy Bear, a hacking team backed by Russian intelligence. Fancy Bear is most famous for carrying out the spear phishing attack on Clinton advisor John Podesta that yielded thousands of private emails. The team’s current operation is much less focused, though. We already knew VPNFilter affected routers from Cisco/Linksys, MikroTik, NETGEAR, and TP-Link. The new wrinkle is there are even more models and manufacturers vulnerable to VPNFilter.  

According to the latest report from Cisco Talos, additional models from Linksys, MicroTik, Netgear, and TP-Link are vulnerable to VPNFilter. Plus, devices from Asus, D-Link, Upvel, Huawei, and ZTE are on the list now. There are now dozens of models and as many as 500,000 individual routers infected with VPNFilter. You can restart them to clear the actively malicious packages, but they could just come back.

US law enforcement previously warned everyone to restart their routers to clear the malware, but that only cleared the second and third stages of VPNFilter. The first stage remained active, and that’s the piece that gives the hackers access to install the active second and third stages. Routers vulnerable to VPNFilter usually run older firmware with known security holes, and many of them don’t have updates available.

The only sure fix is a firmware update, and most routers don’t do that automatically even if patched firmware is available. You’ll definitely want to look into that, too. An active VPNFilter infection is even more dangerous than we thought. Researchers have discovered that VPNFilter can run a man-in-the-middle attack. That allows the hackers to intercept web traffic before it gets to you and change what you see or steal sensitive data like passwords.

«

The Talos blog has a list of affected routers; I was quite glad to find my home one not on it. But this does feel like a counsel of despair: your router’s screwed, so throw it away. And software was going to replace all that tedious hardware? Instead we get the opposite.
link to this extract


Adobe patches zero-day Flash flaw • Krebs on Security

Brian Krebs:

»

Adobe credits Chinese security firm Qihoo 360 with reporting the zero-day Flash flaw. Qihoo said in a blog post that the exploit was seen being used to target individuals and companies in Doha, Qatar, and is believed to be related to a nation-state backed cyber-espionage campaign that uses booby-trapped Office documents to deploy malware.

In February 2018, Adobe patched another zero-day Flash flaw that was tied to cyber espionage attacks launched by North Korean hackers.

Hopefully, most readers here have taken my longstanding advice to disable or at least hobble Flash, a buggy and insecure component that nonetheless ships by default with Google Chrome and Internet Explorer. More on that approach (as well as slightly less radical solutions) can be found in A Month Without Adobe Flash Player. The short version is that you can probably get by without Flash installed and not miss it at all.

For readers still unwilling to cut the Flash cord, there are half-measures that work almost as well. Fortunately, disabling Flash in Chrome is simple enough. Paste “chrome://settings/content” into a Chrome browser bar and then select “Flash” from the list of items. By default it should be set to “Ask first” before running Flash, although users also can disable Flash entirely here or whitelist/blacklist specific sites.

«

Any rational cost-benefit analysis of Flash would conclude that there’s no point having it: it requires too many updates to be safe, compared to the minimal benefit that it brings. Corporate systems which rely on it shouldn’t: they’re opening their systems up to hackers.

Uninstall Flash. Quite apart from anything, you’ll save yourself the annoyance of the (often more than) weekly updates.
link to this extract


Dreamworld launches $399 augmented reality glasses that connect to your smartphone • Silicon Angle

Kyt Dotson:

»

With the DreamGlass, DreamWorld hopes to make AR more accessible to developers and consumers with a price tag of only $399. Although this list price is quite affordable, it is an early-bird discount and may go up in the future.

“There is so much potential in augmented reality,” said DreamWorld founder and Chief Executive Kevin Zhong, “but the hardware limitations and steep price points of headsets available today have not made it easy for developers to fully contribute to the ecosystem.”

Using AR, developers can augment what users see and hear by overlaying 3-D objects onto human vision. This is done with mobile devices that act as “windows” or “filters” by using their cameras or glasses such as the HoloLens from Microsoft Corp.

The DreamGlass supports a 90-degree FOV, which broadly covers most of what people can see directly in front of them – compared with 35-degrees currently available for a HoloLens, although Microsoft is working on a 70-degree version. The device is also capable of driving 2.5K high-definition graphics with a 60-hertz refresh rate to make certain overlaid graphics is as high fidelity as possible.

Key features of the DreamGlass include three-degree head tracking, hand gesture recognition and the ability to tether to a PC or mobile device via a Universal Serial Bus type-C connector. When tethered, the DreamGlass is able to be used as a secondary display for compatible smartphones, which will allow the use of a smartphone as a touchscreen for interface control.

«

The first of many, for sure; and it isn’t pretending to be “just normal glasses”. This really looks like a lightweight headset. Still unsure whether the big opportunity is in the consumer space or professional work like medicine and mechanical work.
link to this extract


Chinese phone maker ZTE saved from brink after deal with US • Reuters

Karen Freifeld:

»

The agreement comes as US President Donald Trump seeks trade concessions from China and negotiations continue to avoid a trade war between the world’s two largest economies.

Shares of US companies that do business with ZTE rose on Thursday.

US lawmakers immediately attacked the agreement, citing intelligence warnings that ZTE poses a national security threat.

ZTE pleaded guilty last year to conspiring to evade US embargoes by selling US equipment to Iran. The ban on buying US parts was imposed in April after the company lied about disciplining some executives responsible for the violations. ZTE then ceased major operations.

Under the deal, ZTE will change its board and management within 30 days, pay a $1bn fine and put an additional $400m in escrow. The deal also includes a new 10-year ban that is suspended unless there are future violations.

«

So one has to think that the US trade delegation squeezed some substantial compromise from China to bring ZTE back from the dead like this. A billion dollars isn’t material in the broader scheme of things; the US Treasury can print that any time it likes.

All Trump’s tweets about ZTE and his apparent refusal to listen to Congress over this has been an act while the broader deal – of which ZTE is just an element – gets hammered out.
link to this extract


Global solar forecasts lowered as China cuts support policies • Reuters

Nichola Groom:

»

China’s unexpected move to slash incentives for solar power has sent stocks into a free fall and prompted analysts to lower forecasts for global installations this year amid expectations that a glut of excess panels would send prices tumbling.

China announced on June 1 changes to the subsidies that has underpinned its rise to become the world’s largest solar market in recent years.

IHS Markit, a market research firm, was preparing to lower its global solar installation forecast for this year by between 5 and 10 gigawatts, or up to 9%, analyst Camron Barati said. The impact in China, which accounts for half the global market, could be up to 17 GW, the firm said.

Another market research firm, Wood Mackenzie, said on Wednesday that China’s capacity additions would likely be about 20 GW lower than it had expected.

An oversupply of cheap Chinese-made panels that had been destined for domestic projects will help boost demand for solar in other countries and sop up some of the demand lost in China, IHS said.

«

What’s bad for China’s domestic business turns out to be good for the rest of the world. That’s how important it has become geopolitically.
link to this extract


Errata, corrigenda and ai no corrida: none notified