A selection of 10 links for you. Since you’re here. I’m @charlesarthur on Twitter. Observations and links welcome.
The cybersecurity world is debating WTF is going on with Bloomberg’s Chinese microchip stories • Motherboard
On Tuesday, Bloomberg doubled down on its bombshell report from last week, which alleged China had surreptitiously implanted tiny chips into the motherboards of servers to spy on US companies such as Apple and Amazon. If true, this would be one of the worst hacks in history.
In its new story, Bloomberg reports that a US telecom discovered and removed “manipulated hardware” in its servers. The article does not name the telecom and the key claims are all attributed to one source, Yossi Appleboum, co-CEO of security consultant Sepio Systems. Bloomberg reports Appleboum provided “documents, analysis, and other evidence,” but does not publish those or provide more information about what types of documents or evidence it has.
It is not clear in the article that Bloomberg knows which telecom is apparently affected; it notes that Appleboum is covered by an non-disclosure agreement. Motherboard has reached out to 10 major US telecom providers, and the four biggest telecoms in the US have denied to Motherboard that they were attacked: In an email, T-Mobile denied being the one mentioned in the Bloomberg story. Sprint said in an email that the company does not use SuperMicro equipment, and an AT&T spokesperson said in an email that “these devices are not a part of our network, and we are not affected.” A Verizon spokesperson said: “Verizon’s network is not affected.” A CenturyLink spokesperson also denied that the company is the subject of Bloomberg’s new story.
The trio who wrote this are Motherboard’s security writers – and they’re probably three of the top five in the business.
Also telling: a Twitter thread by ex-NSA staffer Robert Lee, who says (inter alia) that the writers of the Bloomberg seem keen, and honest, but also attracted to conspiracy theories from anonymous sources.
As time goes by, the Bloomberg China microchip story is looking flakier.
link to this extract
Exclusive: iPad Pro Face ID details, 4K HDR video over USB-C, AirPods-like Apple Pencil 2 pairing, more • 9to5Mac
Apple is widely expected to hold an event this month to introduce new 2018 iPad Pro models, new Macs, and more. Much of this has been confirmed by evidence within the iOS 12.1 beta, which includes references to an iPad2018Fall device.
Today, sources familiar with the development of the new 2018 iPad Pro have offered additional details about the device, its features, and more.
The model codes for the Wi-Fi models of the 2018 iPad Pro will be iPad8,1, iPad8,2, iPad8,5 and iPad8,6. Meanwhile, the cellular-capable models will be iPad8,3, iPad8,4 and iPad8,7 and iPad8,8.
This means there will be two Wi-Fi models in both size options, and two LTE models in both size options.
The new iPad Pros will have an edge-to-edge display and will not feature a Home button, much like the iPhone. Unlike the iPhone, however, the iPad Pro will not have a notch.
Even though the new 2018 iPad Pro models will sport thinner bezels, those bezels will still be wide enough to accommodate the TrueDepth camera system necessary for Face ID.
The 2018 iPad Pro will include Face ID with the same image signal processor as the iPhone XS, iPhone XS Max and iPhone XR. Further, we can confirm that Face ID on the new iPad Pro will work in both portrait and landscape orientations, though it won’t work upside down.
The Face ID setup process on the new iPad Pros will be very similar to the process introduced with the iPhone X. Notably, despite post-setup support for landscape Face ID, the setup process must be completed in portrait orientation.
It’s not clear if the new landscape support requires a special hardware feature, or if it can be made available to iPhones with a simple software update.
Including a thing called “iPad2018Fall” in your widely available beta is certainly a clever way to keep folk salivating. It does seem obvious that you’d be able to do FaceID in landscape: it’s just software correction.
link to this extract
[Ben] Gomes, [Google’s search engine chief] who joined Google in 1999 and is one of the key engineers behind the company’s search engine, said he hoped the censored Chinese version of the platform could be launched within six and nine months, but it could be sooner. “This is a world none of us have ever lived in before,” he said. “So I feel like we shouldn’t put too much definite into the timeline.”
It has been two months since The Intercept first revealed details about the censored search engine, code-named Dragonfly. Since then, the project has faced a wave of criticism from human rights groups, Google employees, U.S. senators, and even Vice President Mike Pence, who on Thursday last week called on Google to “immediately end development of the Dragonfly app that will strengthen the Communist Party’s censorship and compromise the privacy of Chinese customers.”
Google has refused to answer questions or concerns about Dragonfly. Earlier this month, a Google executive faced public questions on the censorship plan for the first time. Keith Enright told the Senate Commerce, Science and Transportation Committee that there “is a Project Dragonfly,” but said “we are not close to launching a product in China.” When pressed to give specific details, Enright refused, saying that he was “not clear on the contours of what is in scope or out of scope for that project.”
Google Call Screening, which will debut on the new Pixel 3 and Pixel 3 XL phones in the US, has been announced as an “on-device” feature (as opposed to something driven by Duplex) that phone users can turn on when a phone call arrives from an unrecognized number. This will pick up the call and have a Google Assistant voice speak a prompt:
“Hi, the person you’re calling is using a screening service from Google, and will get a copy of this conversation. Go ahead and say your name, and why you are calling.”
Whatever the caller says in response will appear as a voice-to-text translation on the phone screen. At that point, Pixel phone users can elect to pick up the call, offer a robo-spoken response like “who is this?” or “I’ll call you back,” or mark the caller’s number as spam. In the demo’s case, the caller describes a contest for an “all-expenses paid trip to Hawaii.” The demo didn’t appear to offer any context-sensitive responses to the spam in question.
Google’s demo also didn’t include any out-loud sample of how calls between your phone’s Google Assistant voice and a robo-caller’s automated voice might sound. For now, the service doesn’t appear to offer the option to listen to the robot-on-robot action in question—in case, for example, you wanted to turn on a muted speakerphone while Google Call Screening did its thing. (We may want to hear the “conversation” in question, just to make sure Google’s promise of giving users a copy doesn’t quite turn out and that this isn’t a ploy to have spam-bots and Goog-bots join forces in a robo-revolution behind our backs.)
People I know in the US are being slowly driven mad by robocalls, especially to their mobiles. This is a super-smart move.
More than one-third of global music listeners are still pirating music, according to a new report by the International Federation of the Phonographic Industry (IFPI). While the massive rise in legal streaming platforms such as Spotify, Apple Music and Tidal was thought to have stemmed illegal consumption, 38% of listeners continue to acquire music through illegal means.
The most popular form of copyright infringement is stream-ripping (32%): using easily available software to record the audio from sites like YouTube at a low-quality bit rate. Downloads through “cyberlocker” file hosting services or P2P software like BitTorrent came second (23%), with acquisition via search engines in third place (17%).
“Music piracy has disappeared from the media in the past few years but it certainly hasn’t gone away,” David Price, director of insight and analysis at IFPI, told the Guardian. “People still like free stuff, so it doesn’t surprise us that there are a lot of people engaged in this. And it’s relatively easy to pirate music, which is a difficult thing for us to say.”
I’m surprised by the size of this figure. The other day I was wondering whether anyone has had their internet access cut off under the UK’s Digital Economy Act, introduced in a rush in 2010, which has a “three strikes” rule. Maybe that’s worth looking into.
It’s mostly about “stream ripping” (to be able to listen to music offline, taken from a free streaming service), and search engines are still a culprit.
Also includes some interesting stuff about smart speaker listening.
link to this extract
It’s no secret the tablet market isn’t what it used to be. It’s hard to get excited about a tablet in 2018, but Google hopes to change that with its newly announced Google Pixel Slate.
The Google Pixel Slate is a Chrome OS-powered tablet that is also capable of transforming into a laptop using a keyboard dock. Essentially this is Google’s take on the Microsoft Surface.
There’s really only so many ways to design a tablet, and so there’s nothing particularly innovative to be seen here in terms of design. On the front sits a 12.3inch QHD LCD display with a 3:2 aspect ratio. You also get front-firing stereo speakers.
The Pixel Slate sports two 8 MP cameras, one above the display and the other in the top right corner of the tablet’s back. Using a tablet as a camera isn’t the most practical experience, though it’s certainly possible. Of course, the main purpose for the camera setup will be video calling.
At the top of the left edge, you will find a volume rocker, with a single USB-C port located near the bottom of the tablet. On the right edge of the Google Pixel Slate you’ll find a fingerprint scanner embedded into the power button. This is a first for Chrome OS devices.
Google makes a tablet. That’s brave. The thinking is more that it’s a ChromeOS thing, isn’t it.
link to this extract
Strategy Analytics: Mobile Advertising Spend Growth to Slow to 12% CAGR • Strategy Analytics Online Newsroom
After growing over 6-fold between 2013 and 2018, growth in mobile advertising revenue will fall to a 12% CAGR [compound annual growth rate] and the market value will reach $222bn in 2023. The mobile share of digital advertising will grow rapidly in less developed advertising markets but in advanced markets the share over mobile is reaching a plateau. Strategy Analytics expects mobile advertising to continue to suffer from headwinds including increased cautiousness following Facebook’s Cambridge Analytica scandal and the implementation of GDPR in 2018.
Mobile advertising will rise to 67% in 2023. In markets where multi-device use is high, like the U.S., mobile advertising will account for just 58% of all digital in 2023, while in mobile-centric markets like India it will reach 71%.
Asia-Pacific is leading the mobile transition, representing around 44% of global mobile ad spend across the period. At a country-level and in terms of absolute ad spend, the U.S., and mobile-first markets China and Japan will remain leaders although their positions will erode.
Search will remain the dominant mobile advertising format with 47% of ad spend across the period while mobile video ad spend will be the fastest growing (+16.5% CAGR over 2018-2023) driven by the adoption of 6-second mid-rolls, and vertical ad formats by industry leaders Snapchat, Facebook and more recently YouTube.
So it’s a sort of good-news-bad-news for Facebook (and properties) and Google (and properties).
link to this extract
Five years ago, Apple was forced to temporarily close what was then its only retail store in Shenzhen, China, after it was besieged by lines of hundreds of customers waiting to swap broken iPhones for new devices, according to two former Apple employees who were briefed about the matter. In May 2013, the Shenzhen store logged more than 2,000 warranty claims a week, more than any other Apple retail store in the world, one of those people said.
After some investigation, Apple discovered the skyrocketing requests for replacements was due to a highly sophisticated fraud scheme run by organized teams. Rings of thieves were buying or stealing iPhones and removing valuable components like CPUs, screens and logic boards, replacing them with fake components or even chewing gum wrappers, more than a half-dozen former employees familiar with the fraud said. The thieves would then return the iPhones, claiming they were broken, and receive replacements they could then resell, according to three of those people. The stolen components, meanwhile, were used in refurbished iPhones sold in smaller cities across China, two of the people said…
…A turning point came in 2013, when an Apple data scientist discovered a way to measure the fraud by counting the number of iPhones that switched to new Apple IDs after the devices were replaced under warranty, the person said. Typically, a legitimate customer who gets a replacement logs into the new phone with their original Apple ID, which should match the broken iPhone that they returned to Apple, the person said.
But in fraud cases, replacement phones were usually registered with different Apple IDs because the devices immediately changed hands, the person said. The data scientist discovered more than 60% of replaced iPhones in China were getting new IDs, the person said.
Apple adopted the fraud methodology, known internally as Mismatch, and eventually had as many as 300 employees tackling the problem, which soon became material to the company, the person said.
This cost Apple billions. That’s quite some fraud ring there.
link to this extract
Amazon’s ad business is booming. Some advertisers are moving more than half of the budget they normally spend with Google search to Amazon ads instead, amounting to hundreds of millions of dollars, according to execs at multiple media agencies. Some of these execs requested anonymity as they are not authorized to discuss their clients’ expenditures in public.
Amazon’s growing success could pose a rare threat to Google parent company Alphabet, which generated $95.4bn in ad revenues last year, 86% of its total revenue. Google is the dominant digital advertising platform in the U.S., and will take in an estimated 37% of digital ad budgets in 2018. Although Alphabet does not disclose the breakdown of its ad revenue, most estimates believe the vast majority comes from search ads — approximately 83% in the year to date, according to research from eMarketer.
Alphabet has remained somewhat insulated from the threat so far, and its overall ad revenue growth actually accelerated in the first half of 2018 compared with last year. Not all categories of brands are shifting money to Amazon — most of the movement is coming in consumer packaged goods, while huge and lucrative advertising categories such as automotive and travel are not yet moving to Amazon. Also, while Google search may be flattening, advertisers are moving parts of their ad spend from other media to different Google properties, particularly YouTube.
The more things change, the more they stay the same.
link to this extract
You might have followed a link from social media, email, a search engine, or even just typed in a web address, but now you’ve arrived at a site your computer or phone has sent a message to its server asking it to deliver you the content you’ve asked for.
For any site showing programmatic adverts – including this one – this sets off a lengthy chain reaction. The first thing the site does is the obvious one that’s visible to us: it starts sending you the editorial (non-advertising) content that you’ve asked for. So far so good.
What it also does is then send a message saying – more or less – “give me some adverts please!” to a Supply Side Platform, a company specialised in doing the mirror of what the demand ones do: get as much info as it can to go into the matchmaking lottery and get the best price possible.
That Supply Side Platform then sends – via the website you visited – a request for your computer to send it as much information as it’s willing to: it will send details of your browser and its ID, your IP address (which gives your rough location), and as much information from cookies as it can, which can include details of your browsing history and much else.
Once it’s received whatever information your computer was willing to hand over – the more the better, as it lets advertisers target better – it bundles it up, and it’s ready for the main event: the auction for your attention.
Useful guide to what happens far, far faster than humans can imagine. One to refer to for the future.
link to this extract
You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.
Errata, corrigenda and ai no corrida: none notified