Start Up: Apple Watch getting touchy?, crypto heists top $1bn, the NYC taxi price crash, why ringtones bug you, how China’s bugging Trump, and more


Photo by Jan Persiel on Flickr

»You can sign up to receive each day’s Start Up post by email (arriving at about 0800GMT each weekday). You’ll need to click a confirmation link, so no spam.«

A selection of 9 links for you. Not approved at a summit. I’m @charlesarthur on Twitter. Observations and links welcome.

US officials prepare to thwart Chinese spying at Singapore summit • NBC News

Courtney Kube, Carol E. Lee, Ken Dilanian and Andrea Mitchell:

»

According to three US officials, in one recent case a top US official working in China repeatedly had trouble with his hotel key card. He had to replace it several times at the front desk because it wouldn’t open his door.

He brought one of the key cards back to the US, where security officials found a microphone embedded inside, according to the US officials.

The Chinese have placed listening and tracking devices in chips embedded in credit cards, key chains, jewelry, and even event credentials, the officials said, often with the intent of capturing secret conversations among American officials.

In advance of Chinese President Xi Jinping’s 2017 meeting with Trump at Mar-a-Lago, Trump’s south Florida estate, White House officials received detailed briefings on how the Chinese would try to spy on them during the visit “in every possible way,” said an official who was part of the visit.

And US officials “swept all of our phones afterward” to check if they were infiltrated by the Chinese, the official added.

Seven months later when Trump traveled to Beijing, White House officials were given more extensive briefings, according to officials who were on the trip, in which they were told to assume the Chinese would be tracking, taping and watching them the entire time they were in the country.

During the visit, the officials say the Chinese gave the US delegation pins that the Americans called their friendship pins. But members of the delegation were not allowed to wear the pins into a secure area because security officials warned they likely had embedded listening devices.

The officials said their belongings were rifled through while they were not in their hotel rooms, as happened to US officials during previous presidential trips to China.

«

Not surprising. The friendship surveillance pins are a nice touch. And of course we’re not mentioning what the Americans do.
link to this extract


Your phone is listening and it’s not paranoia • Vice

Sam Nichols:

»

For your smartphone to actually pay attention and record your conversation, there needs to be a trigger, such as when you say “hey Siri” or “okay Google.” In the absence of these triggers, any data you provide is only processed within your own phone. This might not seem a cause for alarm, but any third party applications you have on your phone—like Facebook for example—still have access to this “non-triggered” data. And whether or not they use this data is really up to them.

“From time to time, snippets of audio do go back to [other apps like Facebook’s] servers but there’s no official understanding what the triggers for that are,” explains [senior cybersecurity consultant for Asterix, Dr Peter] Henway. “Whether it’s timing or location-based or usage of certain functions, [apps] are certainly pulling those microphone permissions and using those periodically. All the internals of the applications send this data in encrypted form, so it’s very difficult to define the exact trigger.”

He goes on to explain that apps like Facebook or Instagram could have thousands of triggers. An ordinary conversation with a friend about needing a new pair of jeans could be enough to activate it. Although, the key word here is “could,” because although the technology is there, companies like Facebook vehemently deny listening to our conversations.

“Seeing Google are open about it, I would personally assume the other companies are doing the same.” Henway tells me. “Really, there’s no reason they wouldn’t be. It makes good sense from a marketing standpoint, and their end-use agreements and the law both allow it, so I would assume they’re doing it, but there’s no way to be sure.”

With this in mind, I decided to try an experiment. Twice a day for five days, I tried saying a bunch of phrases that could theoretically be used as triggers. Phrases like I’m thinking about going back to uni and I need some cheap shirts for work. Then I carefully monitored the sponsored posts on Facebook for any changes.

«

Guess what happened? This topic – are our phones listening to us? – has been hotly discussed on my Twitter feed recently. This is quite an eye-opener.
link to this extract


Android Messages integration with Chrome OS is one step closer to reality • Android Police

Corbin Davenport:

»

Almost a year ago, evidence first appeared of an ‘SMS connect’ feature on Chrome OS. It would allow users to see text messages from your phone on your Chromebook, similar to Pushbullet and similar software. We haven’t heard much about it since then, but Google has also been working on a web client for Android Messages. Thankfully for Chrome OS users, a new commit reveals SMS Connect is one step closer to going live.

A commit on the Chromium Gerrit repository, as spotted by XDA, simply adds a feature flag for “CrOS Android Messages integration.” In other words, SMS Connect will become a feature you an easily turn on from the chrome://flags page, meaning users will finally be able to try it out.

«

Apple users who have wanted it have had this functionality for years, if they use an iPhone and a Mac: the Messages app handles SMS too, which can then appear on the desktop. Perhaps it’s Apple’s legacy with the desktop which meant it made this a priority (of sorts). But it’s also a sign of Google’s haphazard approach to messaging: as much as anything, the problem would be deciding which of its many, many messaging apps should get the privilege of receiving texts on ChromeOS.
link to this extract


No, iPhone ringtones aren’t bad. They’re musically sophisticated • The Washington Post

Alyssa Barna:

»

Two of the most instantly recognizable iOS ringtones are “Marimba” and “Xylophone,” sounds that have become comfortable and familiar. But as music theory demonstrates, subtle details in the composition of these tunes all but demand that we cut them off by picking up the phone. That’s partly because they are fundamentally disruptive, intrusively insisting on our attention. Ultimately, the effect may be key to Apple’s cultural impact. With the possible exception of Nokia and its now-historical ringtone, no other company has managed to make the sounds of its devices quite so central to its brand identity.

Consider the ringtone “Xylophone,” which consists of two lines — a cutesy melody on top supported by a constant pulsing layer underneath that sustains your attention. “Xylophone” is composed around the concept of syncopation — accentuating weaker beats to mess with a rhythm a bit and make it more complex. Think: “Buh-buh-bummm, buh-buh-b-b-b-buh” in the upper line, and “bum-bum-bum-bum-bum-bum-bum-bum” consistently in the lower line. These two lines may not seem to match up at first, but the melody fits awkwardly with the supporting tones underneath. The lower line features annoying pulsing beats, while the melody articulates beats that the second line doesn’t hit. In theoretical terms, we would say one line has isochronous rhythms — that is, they are evenly spaced and patterned. By contrast, the line with the syncopated melody uses non-isochronous rhythms. Together, these two patterns create a barrage that aims to unsettle the listener. This is a tune that Apple has stuck with precisely because we don’t want to listen to it.

«

Before you ask, Barna has a Masters in music theory. The idea that ringtones work because we don’t want to listen to them is rather clever. It’s like the near-impossibility of ignoring a ringing telephone while you’re trying to have a face-to-face conversation.
link to this extract


139 NY taxi medallions will be offered at bankruptcy auction • New York Post

John Aidan Byrne:

»

A record 139 taxi medallions will be offered for sale in bankruptcy auction this month — the latest sign that a deluge of ride-sharing apps like Uber are squeezing cabbies out of business and deeper into debt, as well as pinching the incomes of for-hire drivers, according to analysts.

The medallions will be auctioned for a fraction of their original value — some likely having cost their owners as much as $1m or more apiece.

A minimum of 20 will be sold, the auctioneers say. The collection is part of the 13,587 licensed medallions required to operate New York City’s fleet of iconic yellow cabs. Back in 2013, a medallion fetched a whopping $1.3m.

Today, prices have plunged to between $160,000 to $250,000 each, as a wave of ride-sharing vehicles floods the market.

Last year, 46 medallions were reportedly sold at an auction in Queens for an average price of $186,000, snatched up by Connecticut-based MGPE, a hedge fund presumably seeking yield on a distressed asset.

For-hire vehicles on New York’s congested streets have surged from 50,000 in 2011, when Uber entered the New York market, to about 130,000 today.

Not surprisingly, earnings for yellow cabbies have fallen off the cliff — full-time average annual earnings, before taxes, are down from $45,000 as recently as 2013, to as low as $29,000 today, according to some estimates.

«

Which leads to the obvious question: is Uber bad? Here it has pretty much bankrupted thousands of people (or, perhaps, groups who bought a medallion together).

But: look at the number of vehicles on the streets. It’s easier to get a cab to go where you want to.

The convenience of many has been acquired through the pain of a few. That doesn’t make their pain any less, but this was inevitable one way or another.
link to this extract


Cryptocurrency theft tops $1bn in past six months • Security Week

Kevin Townsend:

»

$1.1bn has been stolen in cryptocurrency thefts over the past six months. This is the visible effect of an illicit dark web market economy which is reportedly worth $6.7m. That market fuels cryptocurrency thefts from exchanges, businesses, and individuals; and the growing incidence of cryptojacking.

The basic problem is that cryptocurrencies are increasingly popular, which drives up their value. This makes investment popular for both individuals and businesses; and this in turn attracts the criminals. The three most common attacks involve currency-stealing malware (designed to quietly steal the users’ wallet content and send it to the attacker); illicit mining (designed to use business infrastructures to mine cryptocurrency for the attacker); and cryptojacking (which is illicit mining targeted at individuals).

A six-month study (PDF) by Carbon Black into how cryptocurrency malware is bought and sold in the dark web has shown an estimated 12,000 dark web marketplaces selling approximately 34,000 offerings related to cryptocurrency theft. Malware offerings range from as little as $1.04 to as much as $1,000, with an average price of $224.

Bitcoin remains the primary cryptocurrency used for legitimate cyber transactions — but cybercriminals are moving to alternative and more profitable currencies, such as Monero — which is now used in 44% of all attacks.

«

I’d guess that North Korea has been behind a fair number of those attacks, because it needs the foreign currency. Crypto hacks are effectively free currency, so it doesn’t mind getting a “poor” exchange rate on them.
link to this extract


The Apple Watch will get touch-sensitive, solid-state buttons • Fast Company

Mark Sullivan:

»

The Apple Watch will be getting solid state buttons that don’t move up and down but rather sense the touch of a finger, a source with direct knowledge of Apple’s plans tells Fast Company.

Apple will stick with the Watch’s current button configuration, with a button and a digital crown situated on one side of the device, but neither will physically click as before. Rather than reacting to the user’s touch by physically moving back and forth, the new buttons will vibrate slightly under the fingertip, using the haptic effect Apple calls the Taptic Engine. (The digital crown will still physically rotate to navigate through content.)

The switch to solid state buttons in the Watch is similar to the conversion of the iPhone’s home button to a solid-state design in 2016’s iPhone 7. In past years, other Apple components such as MacBook trackpads and iPod control wheels have also gone from moving parts to solid-state technology.

The new buttons could be part of the new Apple Watch the company will announce this fall, or, if not, will be included in the 2019 Watch, the source said.

Solid-state buttons will make the Watch more water resistant because the opening needed for a physical button is eliminated. The solid-state controls also take up less space in the design, freeing up room for a bigger battery, the source said.

«

I’d expect this to come this year – there have been four iterations of the current design, and Apple has had the Taptic Engine for at least four years. Enough time to design it into a watch button or two.
link to this extract


Copyright law could put end to net memes • BBC News

»

Memes, remixes and other user-generated content could disappear online if the EU’s proposed rules on copyright become law, warn experts.

Digital rights groups are campaigning against the Copyright Directive, which the European Parliament will vote on later this month. The legislation aims to protect rights-holders in the internet age. But critics say it misunderstands the way people engage with web content and risks excessive censorship.

The Copyright Directive is an attempt to reshape copyright for the internet, in particular rebalancing the relationship between copyright holders and online platforms. Article 13 states that platform providers should “take measures to ensure the functioning of agreements concluded with rights-holders for the use of their works”.

Critics say this will, in effect, require all internet platforms to filter all content put online by users, which many believe would be an excessive restriction on free speech. There is also concern that the proposals will rely on algorithms that will be programmed to “play safe” and delete anything that creates a risk for the platform.

A campaign against Article 13 – Copyright 4 Creativity – said that the proposals could “destroy the internet as we know it”. “Should Article 13 of the Copyright Directive be adopted, it will impose widespread censorship of all the content you share online,” it said.

«

This is clearly going to fail to recognise the “fair dealing” (US phrase: “fair use”) exceptions that abound for copyright law. It’s going to be honoured more in the breach than the observance if it’s voted in.
link to this extract


Carbon engineering and Harvard find way to convert CO2 to gasoline • CNBC

Chloe Aiello:

»

A team of scientists claims to have discovered a cheaper way to extract carbon dioxide from the atmosphere and turn it into gasoline or other fuels, which could arm humanity with a new tool in the fight against climate change.

Published in the scientific journal Joule on Thursday, the research demonstrates a new technique that pulls carbon dioxide out of the atmosphere, and converts it into liquid gasoline, diesel or jet fuel.

Canadian clean energy company Carbon Engineering, in partnership with researchers from Harvard, used little more than limestone, hydrogen and air for the process, which can remove one metric ton of CO2 for as little as $94, the scientists say. It cleans up the environment, and produces eco-friendly liquid fuel at the same time.

“Until now, research suggested it would cost $600 per ton to remove CO2 from the atmosphere using DAC technology, making it too expensive to be a feasible solution to removing legacy carbon at scale,” David Keith, Harvard Professor and founder of Carbon Energy said in a statement. “We now have the data and engineering to prove that DAC can achieve costs below $100 per ton.”

«

All this stuff is still small-scale, though. And it’s odd to talk about capturing it and turning it into fuel.
link to this extract


Errata, corrigenda and ai no corrida: none notified.

3 thoughts on “Start Up: Apple Watch getting touchy?, crypto heists top $1bn, the NYC taxi price crash, why ringtones bug you, how China’s bugging Trump, and more

  1. re: Texts on ChromeOS and “Apple users who have wanted it have had this functionality for years, if they use an iPhone and a Mac”.

    So have Android users, way before iOS users, via the Pushbullet app (I’m sure there are others, I use that one) which handles notifications, texts, device-to-device file sending, and device-to-all file sending (a shared clipboard, really). And no need to use an iPhone and a Mac, any it works on any device with Chrome (tough probably not iOS, Apple forbids it).

    Earlier, richer, and more open. Again. Probably not as cute though, and obviously not as well-known.

  2. That phone-listening article is extremely weird. Roughly: “Yes, I believe that this device is spying on every word you say, but that’s OK, because it’s only being done for big business (good), not The Government (bad).”. Anyway, from the technical point of view, what’s the proposed mechanism? Is speech recognition being done on the phone itself? (Hmm … it has to listen for triggers, is the idea that it’s listening for a whole dictionary?) Is audio data being sent back for remote analysis? That would be a lot of data. A hybrid somehow?

    I’m skeptical. It strikes me as easy to report coincidences, and not count all the times nothing happened.

    • Agreed – the opening bit about talking to each other in a bar with iPhones in pocket resulting in adverts based on the conversation really doesn’t make much sense. If he claimed they were on the bar or table I’d be a tiny bit less skeptical.

      In addition, while I might somewhat believe the concept was possible on Android (though not the declared mechanism) due to its less strict security model, I don’t believe it for iPhone.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.