Start Up No.874: Twitter slaughters the fakes, how cybercrime feeds ad fraud, Sonos’s S-1 examined, and more

Best thing you could do to thwart thieves? Wrap it in aluminium foil. Photo by Yahya S. on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 11 links for you. Contains no football. I’m @charlesarthur on Twitter. Observations and links welcome.

Why you should wrap your car fob in foil • Detroit Free Press

Phoebe Wall Howard:


Given that the best way to store your car keys at night is by putting them in a coffee can, what’s an ex-FBI agent’s advice to protect cars from theft during the day?

Wrap car fobs in aluminum foil.

“Although it’s not ideal, it is the most inexpensive way,” said Holly Hubert, a cybersecurity expert who retired in 2017 from the FBI in Buffalo, New York. “The cyber threat is so dynamic and ever changing, it’s hard for consumers to keep up.”

Now, as CEO of GlobalSecurityIQ, she suggests clients go online and spend a few dollars and buy what’s called a Faraday bag to shield the fob signal from potential theft. Imagine a traditional sandwich bag made of foil instead of plastic.

Thing is, the car is always waiting for the fob signal. Thieves can buy legitimate devices that amplify the fob signal sitting unprotected in a purse, a pocket, on a counter at home or even just copy the code to access the vehicle.

Copying code from key fobs isn’t difficult. And this is something the auto industry and insurance companies are monitoring closely.

The cheap (or homemade) metal protection covers, named for the scientist who figured out how to block an electromagnetic field, can prevent thieves from having access to vehicles with a wireless fob. Currently, thieves can capture fob signals from outside a home, office or hotel room.


This has been an undercurrent for quite a few years; it seems like it might be getting worse.
link to this extract

US opposition to breast-feeding resolution stuns world health officials • The New York Times

Andrew Jacobs:


A resolution to encourage breastfeeding was expected to be approved quickly and easily by the hundreds of government delegates who gathered this spring in Geneva for the United Nations-affiliated World Health Assembly.

Based on decades of research, the resolution says that mother’s milk is healthiest for children and countries should strive to limit the inaccurate or misleading marketing of breast milk substitutes.

Then the United States delegation, embracing the interests of infant formula manufacturers, upended the deliberations.

American officials sought to water down the resolution by removing language that called on governments to “protect, promote and support breastfeeding” and another passage that called on policymakers to restrict the promotion of food products that many experts say can have deleterious effects on young children.

When that failed, they turned to threats, according to diplomats and government officials who took part in the discussions. Ecuador, which had planned to introduce the measure, was the first to find itself in the crosshairs.

The Americans were blunt: If Ecuador refused to drop the resolution, Washington would unleash punishing trade measures and withdraw crucial military aid. The Ecuadorean government quickly acquiesced…

…In the end, the Americans’ efforts were mostly unsuccessful. It was the Russians who ultimately stepped in to introduce the measure — and the Americans did not threaten them.


Very strange. Strong suspicion: lobbying by the US baby food industry.
link to this extract

Exclusive: Twitter is suspending millions of bots and fake accounts every day to fight disinformation • The Washington Post


The extent of account suspensions [70m across May and June], which has not previously been reported, is one of several recent moves by Twitter to limit the influence of people it says are abusing its platform. The changes, which were the subject of internal debate, reflect a philosophical shift for Twitter. Its executives long resisted policing misbehavior more aggressively, for a time even referring to themselves as “the free speech wing of the free speech party.”

Twitter’s Vice President for Trust and Safety Del Harvey said in an interview this week the company is changing the calculus between promoting public discourse and preserving safety. She added that Twitter only recently was able to dedicate the resources and develop the technical capabilities to target malicious behavior in this way.

“One of the biggest shifts is in how we think about balancing free expression versus the potential for free expression to chill someone else’s speech,” Harvey said. “Free expression doesn’t really mean much if people don’t feel safe.”

But Twitter’s increased suspensions also throw into question its estimate that fewer than 5% of its active users are fake or involved in spam, and that fewer than 8.5% use automation tools that characterize the accounts as bots. (A fake account can also be one that engages in malicious behavior and is operated by a real person. Many legitimate accounts are bots, such as to report weather or seismic activity.)


Here’s an interesting point: Harvey recently returned from maternity leave. And: things are changing there. I’d say she’s making the change. (Recall that odd Vanity Fair piece from February which seemed to imply that Harvey was somehow at fault for the bot problems.)
link to this extract

The link between digital ad fraud and cybercrime • Marketing Science Consulting Group

Augustine Fou:


Most of the general public has heard of the numerous major data breaches over the years where millions of consumers’ personal details are stolen. Many have also experienced malware, pop-ups, malicious redirects, and ransomware on their computers or mobile devices. But few understand how hackers “cash out” of these criminal activities.

It is documented that lists of stolen identities, passwords, credit card numbers, etc. are sold on the dark web. But it is far more lucrative to combine the aforementioned criminal activities to steal dollars from massive digital advertising budgets – over $100 billion in the U.S. in 2018, $300 billion worldwide. This pool of dollars gets larger and is replenished year after year after year.

How do criminals do this? Though digital ad fraud.

They set up fake websites and fake mobile apps to generate trillions of digital ad impressions that marketers eagerly buy, attempting to reach more customers online — except, these are not humans seeing ads. These are fake ads shown to fake users – bots – designed to create ad impressions and avoid detection.

Bots can also mimic humans by browsing various sites and combining bits of data from stolen identities to create fake audiences and segments that marketers pay extra to target.


You can read the full report.
link to this extract

Intel says 5G plans for iPhone are unchanged • VentureBeat

Jeremy Horwitz:


Following yesterday’s report from Israeli publication CTech that Apple has decided not to use an Intel 5G modem called “Sunny Peak” in future iPhones, Intel has denied part of the report — and the publication has updated its story to remove its central claim.

“Intel’s 5G customer engagements and roadmap have not changed for 2018 through 2020,” a spokesperson told VentureBeat. “We remain committed to our 5G plans and projects.” When asked whether this meant that Apple is a customer for an Intel 5G modem, the spokesperson said only that “the Intel 5G modem part of the story is inaccurate.”


So there’s an update on the CTech article itself, which now says:


Intel will not provide Wi-Fi and Bluetooth components for Apple’s 2020 mobile devices, according to internal company communications reviewed by Calcalist, and people familiar with the matter. Apple has notified Intel it would not use a mobile communication component developed by the chipmaker in its next-generation mobile device, Intel executives said. Further development of the component internally called “Sunny Peak” has been halted and the Intel team that’s working on the product will be redirected to other efforts, the executives said.

A previous version of this article incorrectly stated that the Sunny Peak component also included 5G connectivity.


Note that this does not mean that Intel *will* provide a 5G modem. Only that the component it now isn’t providing doesn’t have 5G.
link to this extract

Replacing Instapaper •

Sam Smith, annoyed at Instapaper’s decision to abandon European users over GDPR, switched away:


The major choices to replace it are pocket and Pinboard – pocket is an instapaper clone with the same business model.

I went with Pinboard. Pinboard is different. Very different.

How’d it go?

• The apps/bookmarklets work fine for adding, but it’s sometimes less slick than the instapaper iOS app
• There are various readers
• I’ll not switch back

There is the core service of pinboard – keeping a list of web addresses (bookmarks) with a ‘to read’ flag – and the apps that rely on pinboard as the backing store and add functionality. Pinboard is a one time fee of $11 to create an account, with some additional services costing per-year fees (archiving of content being one).

On iOS, Pinboard has a bookmarklet for adding links, plus options from a bunch of plugin apps which both read and write in various ways. ReadPaperback is also nice for reading. On the desktop the pinboard bookmarklet and readpaperback do the job more than adequately.


Instapaper’s complete indifference to its European users is an indicator of how freemium services don’t work when there are regional costs imposed.
link to this extract

Sonos S-1 filing • Securities and Exchange Commission

Sonos has filed its S-1, essentially laying out how its business runs. This might be a thing we see in more S-1s:


If significant tariffs or other restrictions are placed on Chinese imports or any related counter-measures are taken by China, our revenue and results of operations may be materially harmed. The Trump Administration has signaled that it may alter trade agreements and terms between China and the United States, including limiting trade with China and/or imposing a tariff on imports from China. In March 2018, President Trump imposed a 25% tariff on steel imports and a 10% tariff on aluminum imports and announced additional tariffs on goods imported from China specifically, as well as certain other countries. The materials subject to these tariffs to date do not impact our raw material costs. However, if further tariffs are imposed on a broader range of imports, or if further retaliatory trade measures are taken by China or other countries in response to additional tariffs, we may be required to raise our prices, which may result in the loss of customers and harm our reputation and operating performance.


Turns out that Sonos is very much a “Christmas gift to oneself” company: it typically generates half of all its revenues (and half its product sales) in the October-December quarter, and 61% of the 6.9m households with a Sonos product have more than one.

Key markets: US, UK, Germany; the Americas are (only) half of its $1bn annual revenues, in which it is looking to sell about 5m devices, average price around $250.
link to this extract

How Likes went bad • Medium

Matt Locke:


Facebook’s growth over the past few years has been so fast, and so complex, that it’s almost impossible to comprehend. Right now, although the problems caused by this rapid growth are plain to see, Facebook’s potential decline is equally hard to predict.
It’s easy to blame Mark Zuckerberg for having too simplistic a vision of his creation, but as we’ve seen through this series, methods of measuring attention are palimpsests, built not in one blindingly clear moment of intent, but changing and adapting over time. The global industries that are built around these metrics are not created by one person, but by the competing needs of content creators, advertisers, investors — and audiences.
If we want to point to where Facebook went wrong, the first accusation would be that it didn’t — and probably couldn’t — have predicted the consequences of adding something so seemingly simple as a like button to a platform that already combined two exponentially powerful ideas — the social graph and the news feed.

And having built this, Facebook assumed that algorithms alone would be good enough to manage and control a platform that would end up with billions of users. Unlike Rob Manuel [at b3ta in 2005], who wanted a Like button to make his job of curating content from his community a bit easier, Facebook has continued to insist that the company can exist only as an algorithmically curated technical platform without human curators…

…We could create new public institutions to responsibly manage personal data, and we could create limits on any single company’s control and monetization of our attention. Perhaps we could even insist that no single platform should be allowed to scale beyond the point where human curation is no longer economically or logistically possible.

But even then, we wouldn’t be able to spot the next idea — the next like button — that has the potential to create a future attention monopoly. The ideas that shape our world never start big, but are created by people, like Rob Manuel, with a smaller, specific, problem. Monopolies are created through the combination of these smaller ideas, and that’s a much harder process to predict, let alone regulate.


link to this extract

The dream of driverless cars is dying • The Spectator

Christian Wolmar went to a giant “Self-driving vehicle” exhibition in Germany, but found them in short supply:


Surprisingly, I met more doomsayers than purveyors of the autonomous driving dream. The starkest warning came from Tim Mackey, who styles himself ‘senior technical evangelist’ for Black Duck Software, a company that specialises in security issues around autonomous vehicles. He believes there will be a seminal event that will stop all the players in the industry in their tracks. ‘We have had it in other areas of computing, such as the big data hacks and security lapses,’ he said, ‘and it will happen in relation to autonomous cars. At the moment, none of the big players are thinking properly about security aspects and then they will be forced to.’ He pointed to a video showing on another stand in which a man was calling up a car from a garage using a phone app: ‘That sort of thing is just too easy to hack. There’s all sorts of software put into cars that is old and easy to access. We just have to hope that the wake-up call will be minor and not kill anyone.’ Indeed, in a test a few years ago, hackers were able to get hold of a car’s steering and braking systems and Mackey is convinced that criminals will one day use the same method.

More widely, there was a general expectation these suppliers were riding the crest of a wave that will hit the rocks soon. While there is no doubting the scale of this industry, with billions being invested every year, none of the OEMs has yet made a penny from selling a driverless car. This money, benefiting these exhibitors, is therefore a punt, a high-stakes bet there is a pot of gold at the end of the rainbow. One, Johannes, told me: ‘I see a pattern like the dotcom boom. At some point, people are going to realise that the day when they start to get returns for their investment is far off, if ever. Then they will start pulling out and who knows how bad it will get. But the clever money will move somewhere else.’ The bad publicity caused by a couple of deaths in Tesla cars while its autopilot was engaged and by the Uber fatality may be seen as the start of public disenchantment with the concept.


The Spectator is a fairly right-wing magazine, so you might expect it to be down on new tech; but I worked with Wolmar at The Independent, and he’s fair but firm on topics like this.
link to this extract

The rise of ‘pseudo-AI’: how tech firms quietly use humans to do bots’ work • The Guardian

Olivia Solon:


In 2016, Bloomberg highlighted the plight of the humans spending 12 hours a day pretending to be chatbots for calendar scheduling services such as and Clara. The job was so mind-numbing that human employees said they were looking forward to being replaced by bots.

In 2017, the business expense management app Expensify admitted that it had been using humans to transcribe at least some of the receipts it claimed to process using its “smartscan technology”. Scans of the receipts were being posted to Amazon’s Mechanical Turk crowdsourced labour tool, where low-paid workers were reading and transcribing them.

“I wonder if Expensify SmartScan users know MTurk workers enter their receipts,” said Rochelle LaPlante, a “Turker” and advocate for gig economy workers on Twitter. “I’m looking at someone’s Uber receipt with their full name, pick-up and drop-off addresses.”

Even Facebook, which has invested heavily in AI, relied on humans for its virtual assistant for Messenger, M.

In some cases, humans are used to train the AI system and improve its accuracy. A company called Scale offers a bank of human workers to provide training data for self-driving cars and other AI-powered systems. “Scalers” will, for example, look at camera or sensor feeds and label cars, pedestrians and cyclists in the frame. With enough of this human calibration, the AI will learn to recognise these objects itself.

In other cases, companies fake it until they make it, telling investors and users they have developed a scalable AI technology while secretly relying on human intelligence.


link to this extract

Guild Wars studio fires two employees after clash with streamer • The Verge

Megan Farokhmanesh on the firing of Jessica Price, and a coworker who defended her:


Price’s suggestion that [YouTube game streamer] Deroir was mansplaining game development — an area where he does not have the same knowledge or experience — sparked anger among the ArenaNet community. She subsequently responded to those criticizing her on Twitter that “I’m not on the clock here. I’m not your emotional courtesan just because I’m a dev. Don’t expect me to pretend to like you here.” Price was fired shortly after.

Although many fans are comparing this to something like working in a restaurant — be polite to the customer, or get fired — Price says it’s impossible to talk about this incident without larger context about systematic online harassment, particularly the sometimes abusive relationship between fans and game developers and the failure of game companies to address it. “Game companies are generally unwilling to be honest with themselves about how they’re complicit in creating and sustaining that environment,” she tells The Verge.

Many companies expect developers to have frequent contact with players, and “since creatives are perceived as being responsible for the way the game is more than customer support, companies are basically tying up their employees and setting them on the railroad tracks for angry people to run over,” says Price. This toxic relationship is one of the biggest factors in burnout among developers — and particularly for female developers, who experience more abuse and are “expected to perform more of this emotional labor and to do it with a smile on our faces (the sort of stuff that, from a male dev, gets dismissed as him being a bit prickly, or even lauded as him not suffering fools gladly, is a mortal sin coming from a female dev).”


That point about being “tied to the railroad tracks” rings true about the experience many female writers have on news sites: they’re often instructed to go and “engage” in the comments. It’s not usually good. Price was outspoken, but it hardly looked like a firing matter.

Now, though, ArenaNet belongs to reddit and its mob. Good luck with that, as they say.
link to this extract

Errata, corrigenda and ai no corrida: none notified

2 thoughts on “Start Up No.874: Twitter slaughters the fakes, how cybercrime feeds ad fraud, Sonos’s S-1 examined, and more

  1. Re. Instapaper: I rolled out my own, with a “to read” folder in Google Drive, and then various “Reference” folders or large docs I copy/paste into for stuff I want to keep after that 1st read (tech hacks, recipes, life hacks…). That might not work for all, but why go proprietary and for-pay when you can stay free and generic ? My setup works for all OSes and all browsers.

    Re. Self-driving security: that’s a security executive drumming up business for his company. Nothing he says his particularly true or unsolvable, nor needs his outfit, but getting customers worried certainly helps his business. Reminds me of the incessant noise about Android malware (*) from antivirus companies.

    (*) with a discreet footnote hiding the requirement for root and/or sideloading, so is of no concern to 99.9% of Western users.

  2. My difficulty with pinboard is that firewalls defeat it, so I end up with a list of bookmarks that then have to be opened in a browser to read. Evernote will, with most things, scrape the content successfully, so that there is only one place I need to go to get the cuttings I may need and to read them

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.