Start Up No.954: the cyborg cockup, Google steps away from robots, quitting Instagram, hacking kids’ smartwatches, and more

Want to expense a visit here? An AI might be checking that. Photo by Joshua Ganderson on Flickr

»You can sign up to receive each day’s Start Up post by email (arriving at about 0700GMT each weekday). You’ll need to click a confirmation link, so no spam.«

A selection of 12 links for you. Use them wisely. I’m @charlesarthur on Twitter. Observations and links welcome.

How I lost and regained control of my microchip implant • Motherboard

Daniel Oberhaus:


The NFC chip I got injected in my hand was made by Dangerous Things, a biohacking company started by Amal Graafstra that has also pioneered DIY biometric guns. Graafstra has been selling these chips since he raised $30,000 in a crowdfunding campaign in 2014. The chip is encased in a small glass tube that’s a little under a half an inch in length and just two millimeters in diameter. This tube is injected into the soft flesh between your thumb and index finger just above the webbing. When you hold your hand in certain positions, the outline of the chip can just barely be seen pushing against the skin.

The actual process of getting the implant went off without a hitch, but things quickly devolved after that. The thing about NFC chips is that anyone with a reader can also write to the device if it is not protected. While this isn’t exactly a huge security threat, given that someone would have to get the reader within several centimeters of your hand to write to the chip, when you’re at the world’s largest hacker conference it’s better to play it safe.

So, at the urging of everyone at the implant station, the first thing I did with my implant was secure it with a four-digit pin. I hadn’t decided what sort of data I wanted to put on the chip, but I sure as hell didn’t want someone else to write to my chip first and potentially lock me out. I chose the same pin that I used for my phone so I wouldn’t forget it in the morning—or at least, I thought I did.

If I had a single piece of advice for anyone thinking about getting an NFC chip implant it would be to do it sober. For starters, the piercer probably won’t even give you the implant if they suspect you’re intoxicated for reasons involving consent and safety (alcohol thins your blood, which is also why you shouldn’t get a tattoo while drunk.) But more importantly, you won’t wake up the next morning with a splitting headache and absolutely no idea how to unlock your hand.


It’s basically like getting a hi-tech tattoo, isn’t it? Except you set off airport security systems forever.
link to this extract

Google parent to pull plug on bipedal robot development • Nikkei Asian Review


Google entered the robotics business in 2013 by buying Schaft, a tech startup founded by University of Tokyo researchers, and other companies. But the company scaled back the business, due in part to the departure of Andy Rubin in 2014, who has led the robotics business.

SoftBank Group in June 2017 announced that it had agreed with Alphabet to purchase Schaft, but one or more Schaft employees refused to be part of SoftBank, according to people familiar with the matter. SoftBank’s attempt to buy Schaft apparently broke down.

“Following Softbank’s decision not to move forward with the Schaft acquisition,” an Alphabet spokesperson told Nikkei, “we explored many options but ultimately decided to wind down Schaft. We’re working with employees to help them find jobs elsewhere within or outside of Alphabet.”

Yuto Nakanishi, assistant professor of the University of Tokyo, and others established Schaft in 2012. The startup has developed bipedal robots, which can be used to save human lives at disaster sites.


Does this mean the end of the quadripedal robots too?
link to this extract

Quitting Instagram: she’s one of the millions disillusioned with social media. But she also helped create it • Washington Post

Elizabeth Dwoskin:


“In the early days, you felt your post was seen by people who cared about you and that you cared about,” said [early Instagram employee Bailey] Richardson, who left Instagram in 2014 and later founded a start-up. “That feeling is completely gone for me now.”

The catalyst for Richardson’s decision to quit Instagram came when its co-founders, Kevin Systrom and Mike Krieger, unexpectedly announced that they were leaving the company. With their exit, Richardson and other former Instagram employees worried Facebook would squash whatever independent identity the company had managed to retain.

She sent her goodbye to Instagram the next day.

Even in Silicon Valley, where it’s common to hear start-up workers become frustrated with management after an acquisition, the disillusionment of the early Instagram employees is striking: People seldom swear off or criticize the product they built, particularly when it has enjoyed such remarkable success. Instagram reached 1 billion users this year.

The people who worked at social networks long saw the connection and free expression they facilitated as a powerful force for good and evidence of the contribution they were making to society. For them, the public questioning of the role social networks play in democracy and in individual lives, sparked by concerns over privacy and health, is deeply personal.

Three of the early Instagram employees, including Richardson, have deleted it — permanently or periodically, comparing it to a drug that produces a diminishing high. One of the people said he felt a little embarrassed to tell people that he worked there. Two of the other early employees said they used it far less than before.


link to this extract

The story behind the story that created a political nightmare for Facebook • Huffington Post

John Cook was the editor-in-chief at Gawker and helped write the headline about Facebook ‘interfering’ with right-wing stories in the Newsfeed:


For that system to work the way it was designed to, Facebook had to maintain a veneer of neutrality — i.e., non-complicity in the uses to which bad actors put Facebook’s engine — which is why you saw Zuckerberg recently trying to thread a needle on Holocaust denial. He wants to profit from its popularity on his platform without feeling bad about it.

The news curation story struck such a nerve both for the company and for its users because it put the lie to that posture of non-intervention. If people realized that Facebook did intervene in what stories it felt were worthy of a spot in the Trending Module, by using editors, then perhaps they might begin to interrogate the quieter interventions, too, the ones happening by way of the News Feed’s algorithm, which was privileging divisive, hateful and propagandistic content. The trending module was public, and as such, it needed to be handcrafted in order to reflect the values that the company wanted to project. The News Feed was a private flow, where Facebook’s actual values could be found in the sewage. Hiring editors to moderate that sewage in the trending module was the closest Facebook came in this whole mess to a noble act.

That’s the irony: This small, self-interested gesture at information hygiene alone rendered Facebook vulnerable to the right-wing outrage cycle. Not because Facebook sought to stifle conservative speech — it is by far the most extensive publisher and amplifier of Trumpist propaganda on the planet — but because the Fox News- and Breitbart-driven grievance brigades have been so successful that the mere imposition of value-based editorial standards is in itself an act of, ahem, suppression. Indeed, so successful that that vulnerability — the way that conservatives would inevitably seize on it, had already seized on it, within the organization — was part of what made the whole thing newsworthy to begin with. And so successful that a left-of-center tech site, in packaging its report, couldn’t resist trying to have it both ways by characterizing it as suppression in the headline and as editing in the story.


link to this extract

People who live in smart houses shouldn’t throw parties • Terence Eden’s Blog


I have friends. More than one! I also have a home full of smart-gadgets which are controlled by apps.

The two don’t mix.

This is yet another complaint about solipsistic app design.

Let’s take my Lifx bulbs. I have a friend staying for a few days, and he needs to be able to turn lights on and off. Lifx make this functionally impossible. The available options are…
• Give my full email address & password to him. This feels suboptimal.
• Allow him on to my main WiFi. Again, suboptimal.

This is why my ISP-provided router has a guest mode.

Bleugh. Neither is a good solution. Luckily I have an Amazon Alexa hooked up to the lights. But because Alexa’s “AI” is barely above the level of a speak-n-spell, that’s also unsatisfactory.

My guest tried to turn off the hall lights. Only he used the wrong invocation. “Alexa, turn off the landing light” just doesn’t cut it. Such AI, much recognition, big data mood.


As he points out, the answer is obvious: guest accounts. “I know it is a cliche – but Silicon Valley geeks who are too anti-social to have friends and family is a right pain in the arse for everyone else.” See also his advice to commenters.
link to this extract

MiSafes’ child-tracking smartwatches are ‘easy to hack’ • BBC News

Leo Kelion:


A location-tracking smartwatch worn by thousands of children has proven relatively easy to hack.

A security researcher found the devices neither encrypted the data they used nor secured each child’s account. As a result, he said, he could track children’s movements, surreptitiously listen in to their activities and make spoof calls to the watches that appeared to be from parents.

Experts say the issues are so severe that the product should be discarded.

Both the BBC and the researcher involved tried to contact the makers of the MiSafes Kid’s Watcher Plus to alert them to the problem but received no reply.

Likewise, a China-based company listed as the product’s supplier did not respond to requests…

Pen Test Partner’s Ken Munro and Alan Monie learned of the product’s existence when a friend bought one for his son earlier this year. Out of curiosity, they probed its security measures and found that easy-to-find PC software could be used to mimic the app’s communications. This software could be used to change the assigned ID number, which was all it took to get access to others’ accounts.
This made it possible to see personal information used to register the product, including: a photo of the child;
their name, gender and date of birth; their height and weight; the parents’ phone numbers; and the phone number assigned to the watch’s Sim card.

“It’s probably the simplest hack we have ever seen,” he told the BBC. “I wish it was more complicated. It isn’t.”


Securing the internet of things is all about business model. Security costs money.
link to this extract

American executives are becoming China sceptics • Financial Times

Jamil Anderlini:


Faced with worsening barriers to entry and pressure to hand over their prized technology in exchange for market access, western companies operating in China have become Mr Trump’s biggest cheerleaders in the trade war.

A speech last week in Singapore by former Goldman Sachs chief executive and the US Treasury Secretary Henry Paulson gives a sense of just how few American friends China has left.

“The American business community has turned from advocate to sceptic and even opponent of past US policies toward China,” Mr Paulson said. “How can it be that those who know China best . . . and have advocated for productive relations in the past, are among those now arguing for confrontation?”

Mr Paulson used to be one of the most ardent “old friends of China” — a group that includes people such as Henry Kissinger and Blackstone’s Stephen Schwarzman who see themselves as a bridge between Beijing and Washington. His uncharacteristically harsh words should serve as a wake-up call for Mr Xi.

Some people who know Mr Paulson believe his criticism was actually encouraged by senior members of Mr Xi’s own administration, who feel the Chinese president has over-reached but are too scared to say it to his face.

These remnants of the Communist party’s liberal, reform-minded faction are concerned that China’s teetering economy will not be able to withstand a full-blown trade war.

For all the hype surrounding companies like Alibaba and Tencent, China remains predominantly a low-margin, mass production economy that relies on imports for most high-tech components. Despite decades of effort and billions of dollars invested in developing homegrown semi-conductors, China still imports more than 95% of the high-end chips used in computers and servers. As a result, the world’s biggest energy importer spends more on buying foreign-made microchips than it does on imports of crude oil.


link to this extract

Mark Zuckerberg reportedly ordered all Facebook executives to use Android phones • The Verge

Shannon Liao, given the task of filleting the NYT’s blockbuster article about Facebook from yesterday:


Facebook CEO Mark Zuckerberg ordered his management team to only use Android phones, according to The New York Times. The decision reportedly occurred after Apple CEO Tim Cook criticized Facebook in an MSNBC interview for being a service that traffics “in your personal life.”

In those comments made back in March, Cook dismissed a question asking him what he would do if he were in Zuckerberg’s shoes dealing with the fallout from the Cambridge Analytica scandal by saying, “I wouldn’t be in this situation.” Cook’s comments “infuriated” Zuckerberg, according to the NYT. In an interview with Recode, Zuck said he found Cook’s comments to be “extremely glib,” and that “I think it’s important that we don’t all get Stockholm syndrome and let the companies that work hard to charge you more convince you that they actually care more about you. Because that sounds ridiculous to me.”

“We’ve long encouraged our employees and executives to use Android because it is the most popular operating system in the world,” said Facebook in response to the New York Times article.

While it’s not clear from the NYT’s reporting that Cook’s aggressive comments directly provoked Zuckerberg into issuing his Android-only order, it’s still a rational decision to make American executives use Android. Android is the dominant operating system in many regions outside of the US, including South America, Europe, Russia, South Asia, and parts of the Middle East.


Narrator’s voice: a number of Facebook executives ignored Zuckerberg’s order.
link to this extract

Tempted to expense that strip club as a business dinner? AI is watching • Bloomberg

Olivia Carville:


One employee traveling for work checked his dog into a kennel and billed it to his boss as a hotel expense. Another charged yoga classes to the corporate credit card as client entertainment. A third, after racking up a small fortune at a strip club, submitted the expense as a steakhouse business dinner.

These bogus expenses, which occurred recently at major U.S. companies, have one thing in common: All were exposed by artificial intelligence algorithms that can in a matter of seconds sniff out fraudulent claims and forged receipts that are often undetectable to human auditors—certainly not without hours of tedious labor.

AppZen, an 18-month-old AI accounting startup, has already signed up several big companies, including Inc., International Business Machine Corp., Inc. and Comcast Corp. and claims to have saved its clients $40 million in fraudulent expenses. AppZen and traditional firms like Oversight Systems say their technology isn’t erasing jobs—so far—but rather freeing up auditors to dig deeper into dubious claims and educate employees about travel and expense policies.

“People don’t have time to look at every expense item,” says AppZen Chief Executive Officer Anant Kale. “We wanted to get AI to do it for them and to find things the human eye might miss.”


link to this extract

Apple outgrew unit sales • Above Avalon

Neil Cybart:


Apple management’s decision to no longer disclose unit sales makes plenty of sense. In recent years, it was becoming increasingly clear that unit sales weren’t as useful of a metric for analyzing Apple’s business now as it had been in the past. The primary problem found with unit sales was how the data provided a limited look inside the Apple machine.

Consider the following items:

• Despite iPhone unit sales being mostly flat for the past three years, Apple expanded the iPhone installed base by nearly 300m users.

Despite annual iPad unit sales contracting by 40% from the sales peak in 2013, Apple was able to expand the iPad installed base by more than 120m users over the same time period.

Despite Mac unit sales trending flat, Apple has been able to add approximately 10m new people to the Mac installed base each year.

Unit sales became a crutch for financial analysts. The quarterly numbers were telling us less about Apple’s business and were instead providing a false sense of security to outsiders. As it turned out, unit sales were painting a less attractive picture of Apple’s business fundamentals.

The primary reason unit sales data lost much of its value is Apple’s significant growth over the years. With an iPhone installed base of more than 750m people, quarterly iPhone unit sales were providing less information about the iPhone business. Unit sales went from a measure of the market’s reception to iPhone to a financial data point more likely to be misinterpreted than anything else. The same can be said about the iPad and its installed base of 240m people. Years of unit sales declines gave many the impression that iPad was a dead-end. In reality, iPad fundamentals have been improving for years. Unit sales data was masking the improvement.


Those two links are paywalled; they go to Cybart’s own calculations about the user base. Certainly Apple doesn’t want Wall St to interpret a flat or falling unit sales figure as indicative of a shrinking base. The problem then is that you need some way to persuade people the base is expanding. The best way is to tell them the number. The second best is to point to an expanding Services business, ideally with ARPU (average revenue per user) data.
link to this extract

The IoT needs a new set of eyes • IEEE Spectrum

Stacey Higginbotham:


two challenges [are] driving the silicon shift. First, processing power: Many of these [IoT] cameras try to identify specific objects by using machine learning. For example, an oil company might want a drone that can identify leaks as it flies over remote oil pipelines. Typically, training these identification models is done in the cloud because of the enormous computing power required. Some of the more ambitious chip providers believe that in a few years, not only will edge-based chips be able to match images using these models, but they will also be able to train models directly on the device.

That’s not happening yet, due to the second challenge that silicon providers face. Comparing images with models requires not just computing power but actual power. Silicon providers are trying to build chips that sip power while still doing their job. Qualcomm has one such chip, called Glance, in its research labs. The chip combines a lens, an image processor, and a Bluetooth radio on a module smaller than a sugar cube.

Glance can manage only three or four simple models, such as identifying a shape as a person, but it can do it using fewer than 2 milliwatts of power. Qualcomm hasn’t commercialized this technology yet, but some of its latest computer-vision chips combine on-chip image processing with an emphasis on reducing power consumption.

But does a camera even need a lens? Researchers at the University of Utah suggest not, having invented a lensless camera that eliminates some of a traditional camera’s hardware and high data rates. Their camera is a photodetector against a pane of plexiglass that takes basic images and converts them into shapes a computer can be trained to recognize.

This won’t work for jobs where high levels of detail are important, but it could provide a cheaper, more power-efficient view of the world for computers fulfilling basic functions.


If you know the lens’s distortion, you can adjust for it in software.
link to this extract

Google Maps will let you chat with businesses • The Verge

Dieter Bohn:


shall we make the easy joke that Google can’t seem to stop launching new messaging platforms while its primary messaging platform strategy is still a mess? Yes, yes we shall. Hangouts is dead for consumers and Allo is “paused” and RCS Chat still hasn’t launched here in the US across all major carriers. Neither AT&T nor Verizon will commit to a launch date. (I asked them both this week.)

I bring up RCS not just for the cheap shot, but also because it’s a good example of how “business messaging” is quickly becoming big business. It’s part of the plan for RCS Chat, it exists inside Facebook Messenger and iMessage, and it’s a big part of the eventual business plan for WhatsApp. So it makes sense that Google would want to be in this space and, honestly, it makes some sense to put it inside Maps instead of in another messaging app. As Google notes, it keeps your business chat messages separate from your personal messages.

So let’s leave messaging aside and give Google this one. It can’t push harder on business messaging inside Android Messages, because it can’t leverage RCS, because it ceded control of its message platform to the whims of its carrier partners. Putting business messaging inside Google Maps is a good solution in that context. And anyway, this messaging feature already existed and the news here is simply that you can get to it inside Google Maps.

But that leads me to my third feeling: what the heck is going on with Google Maps? It is becoming overburdened with so many features and design changes that it’s becoming harder and harder to just get directions in it. There’s Group Planning, there’s a social-esque “follow” button for local businesses, you can share your ETA, there’s a redesigned “Explore” section, and there’s almost no way to get the damn thing to show you a cross street near your destination without three full minutes of desperate pinching and zooming and re-zooming.


Product hits maturity; revenue growth slows; team in charge still has old growth targets, plus needs to justify their existence. (To quote Ryan Ford, a product designer.)
link to this extract

Errata, corrigenda and ai no corrida: none notified.

Start Up No.953: Facebook’s internal fight, Tesla dinged on Autopilot, faking fingerprints, Deepmind Health into Google, and more

Want to know what women think of period-tracking apps? CC-licensed photo by calitexican on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 10 links for you. There you go. I’m @charlesarthur on Twitter. Observations and links welcome.

Delay, deny and deflect: how Facebook’s leaders fought through crisis • The New York Times

Sheera Frenkel, Nicholas Confessore, Cecilia Kang, Matthew Rosenberg and Jack Nicas:


When Facebook users learned last spring that the company had compromised their privacy in its rush to expand, allowing access to the personal information of tens of millions of people to a political data firm linked to President Trump, Facebook sought to deflect blame and mask the extent of the problem.

And when that failed — as the company’s stock price plummeted and sparked a consumer backlash — Facebook went on the attack.

While Mr. Zuckerberg conducted a public apology tour in the last year, Ms. Sandberg has overseen an aggressive lobbying campaign to combat Facebook’s critics, shift public anger toward rival companies and ward off damaging regulation. Facebook employed a Republican opposition-research firm to discredit activist protesters, in part by linking them to the liberal financier George Soros. It also tapped its business relationships, persuading a Jewish civil rights group to cast some criticism of the company as anti-Semitic.

In Washington, allies of Facebook, including Senator Chuck Schumer, the Democratic Senate leader, intervened on its behalf. And Ms. Sandberg wooed or cajoled hostile lawmakers, while trying to dispel Facebook’s reputation as a bastion of Bay Area liberalism.

This account of how Mr. Zuckerberg and Ms. Sandberg navigated Facebook’s cascading crises, much of which has not been previously reported, is based on interviews with more than 50 people. They include current and former Facebook executives and other employees, lawmakers and government officials, lobbyists and congressional staff members. Most spoke on the condition of anonymity because they had signed confidentiality agreements, were not authorized to speak to reporters or feared retaliation.


Charlie Warzel of Buzzfeed had some commentary on this story: “story nails down what i’ve always heard in vague whispers from fmr senior employees: sandberg helped install a DC establishment mentality inside the company — one that didn’t think globally/was afraid of its own shadow/wanted to operate like a think tank rather than a tech co”. Sandberg seems like the problem. Soros smears *and* alleging anti-Semitism? Geez.
link to this extract

Oi, Elon: you Musk sort out your Autopilot! Tesla loyalists tell of code crashes, near-misses • The Register

Thomas Claburn:


The car biz has plenty of ardent fans who love the idea of beta testing buggy code at high speeds and reflexively characterize critics as trolls or short sellers of Tesla stock. There are of course people who highlight Autopilot problems with an eye toward investment, as can be seen from this tweet.

But there are also customers who worry the technology isn’t ready and isn’t safe, without an ulterior motive.

Effusive reviews of the latest Autopilot update can be found, as can less positive ones, such as a detailed critique posted to the Tesla Motors Club forum earlier this month that notes Navigate on Autopilot “tries to kill you any time a lane ends.”

Twitter user @trumpery45, posting under the name Justin, gathered a collection of replies to the Tesla’s leader’s request for fix suggestions in his Twitter feed. The Register asked Justin whether we could attribute his observations to a full name but he expressed reticence, citing the potential for harassment by Tesla fanatics.


I wonder if the Tesla fanatics (there’s a ton of them on Twitter) actually own Tesla cars and use Autopilot, because you’d think their numbers would be getting thinned out. The tweets that follow in the story show there’s a significant problem.
link to this extract

California man pleads guilty in deadly Wichita Swatting case • Department of Justice


Tyler Barriss, 25, Los Angeles, Calif., pleaded guilty to causing a deadly swatting incident in Wichita on Dec. 28, 2017, as well as dozens of similar crimes in which no one was injured. In those cases, Barriss was charged in federal courts in California and the District of Columbia.

In the Wichita case, Barriss entered guilty pleas to count one (making a false report resulting in a death), count two (cyberstalking) and count 12 (conspiracy) of a superseding indictment.

“Without ever stepping foot in Wichita, the defendant created a chaotic situation that quickly turned from dangerous to deadly,” US Attorney Stephen McAllister said. “His reasons were trivial and his disregard for the safety of other people was staggering.”

In the Kansas case, Barriss admitted making hoax calls that resulted in Wichita police surrounding an old house at 1033 W. McCormick. When officers arrived, they believed there was a man inside who had killed his own father and was holding family members hostage. A man who came outside to face police, however, had done nothing wrong and did not know about the swatting call. As he stepped onto the porch, police told him to put up his hands. When he unexpectedly dropped his hands, he was shot and killed…

…In Barriss’ plea, he admitted he got involved with Viner and Gaskill after they had a falling out while playing the game Call of Duty online. As a result, Viner, who was in Ohio, asked Barriss, who was in California, to swat Gaskill, who was in Wichita. Gaskill found out Barriss was stalking him and in messages over the internet he dared Barriss to carry out the swat. Gaskill fooled Barriss, however, by claiming to live at 1033 W. McCormick. In fact, Gaskill no longer lived there.


The weird thing is that the danger that the police pose to the public is simply accepted. The police officer who fired the fatal shot will not face any disciplinary or other action.
link to this extract

Period-tracking apps are not for women • Vox

Kaitlyn Tiffany:


There have been free period-tracking apps ever since there have been apps, but they didn’t really boom until the rise of Glow — founded by PayPal’s Max Levchin and four other men — in 2013, which raised $23m in venture funding in its first year, and made it clear that the menstrual cycle was a big business opportunity.

By 2016, there were so many choices, surrounded by so little coherent information and virtually zero regulation, that researchers at Columbia University Medical Center buckled down to investigate the entire field. Looking at 108 free apps, they concluded, “Most free smartphone menstrual cycle tracking apps for patient use are inaccurate. Few cite medical literature or health professional involvement.” They also clarified that “most” meant 95 percent.

The Berlin-based, anti-fluff app Clue, founded by Ida Tin, would seem like an answer to this concern. It’s science-backed and science-obsessed, and offers a robust, doctor-sourced blog on women’s health topics. It arrived the same year as Glow but took several more to raise serious funding, provided mostly by Nokia in 2016. Today, Glow has around 15 million users and Clue has 10 million. There are still dozens of other options, but they’re undeniably the big two.

Still, they are not built for women.

“The design of these tools often doesn’t acknowledge the full range of women’s needs. There are strong assumptions built into their design that can marginalize a lot of women’s sexual health experiences,” Karen Levy, an assistant professor of information science at Cornell University, tells me in an email, after explaining that her period tracker couldn’t understand her pregnancy, “a several-hundred-day menstrual cycle.”

Levy coined the term “intimate surveillance” in an expansive paper on the topic in the Iowa Law Review in 2015. At the time, when she described intimate data collection as having passed from the state’s public health authorities to every citizen with a smartphone, she was mostly alone in her level of alarm.


link to this extract

DeepMasterPrints: generating MasterPrints for dictionary attacks via latent variable evolution • ArXiv

A team at New York University:


Recent research has demonstrated the vulnerability of fingerprint recognition systems to dictionary attacks based on MasterPrints. MasterPrints are real or synthetic fingerprints that can fortuitously match with a large number of fingerprints thereby undermining the security afforded by fingerprint systems. Previous work by Roy et al. generated synthetic MasterPrints at the feature-level. In this work we generate complete image-level MasterPrints known as DeepMasterPrints, whose attack accuracy is found to be much superior than that of previous methods. The proposed method, referred to as Latent Variable Evolution, is based on training a Generative Adversarial Network on a set of real fingerprint images.


Yes – machine learning to generate fake fingerprints. They don’t take the extra step to try it on actual phones, from my reading, but that’s the obvious next paper.
link to this extract

Google ‘betrays patient trust’ with DeepMind Health move • The Guardian

Alex Hern:


The restructure, critics argue, breaks a pledge DeepMind made when it started working with the NHS that “data will never be connected to Google accounts or services”. The change has also resulted in the dismantling of an independent review board, created to oversee the company’s work with the healthcare sector, with Google arguing that the board was too focused on Britain to provide effective oversight for a newly global body.

Google says the restructure is necessary to allow DeepMind’s flagship health app, Streams, to scale up globally. The app, which was created to help doctors and nurses monitor patients for AKI, a severe form of kidney injury, has since grown to offer a full digital dashboard for patient records.

“Our vision is for Streams to now become an AI-powered assistant for nurses and doctors everywhere – combining the best algorithms with intuitive design, all backed up by rigorous evidence,” DeepMind said, announcing the transfer. “The team working within Google, alongside brilliant colleagues from across the organisation, will help make this vision a reality.”

DeepMind Health was previously part of the AI-focused research group DeepMind, which is officially a sibling to Google, with both divisions being owned by the organisation’s holding company Alphabet.

But the transfer and vision for Streams looks hard to reconcile with DeepMind’s previous comments about the app. In July 2016, following criticism that the company’s data-sharing agreement with the NHS was overly broad, co-founder Mustafa Suleyman wrote: “We’ve been clear from the outset that at no stage will patient data ever be linked or associated with Google accounts, products or services.”

Now that Streams is a Google product itself, that promise appears to have been broken, says privacy researcher Julia Powles: “Making this about semantics is a sleight of hand. DeepMind said it would never connect Streams with Google. The whole Streams app is now a Google product. That is an atrocious breach of trust, for an already beleaguered product.”

A DeepMind spokesperson emphasised that the core of the promise remains intact: “All patient data remains under our partners’ strict control, and all decisions about its use lie with them. This data remains subject to strict audit and access controls and its processing remains subject to both our contracts and data protection legislation. The move to Google does not affect this.”


Strict audit and access controls.. but there’s no independent review board any more? Google, like Facebook, can’t deny its nature. It always wants the data.

link to this extract

The Asus Eee: how close did the world come to a Linux desktop? • Linux Journal

Jeff Siegel:


How did Asus get the price so low? Cutting the weight helped. Using cheaper materials for the body, keyboard and screen made a difference too, as did the less expensive processor and memory. But one of the most important factors was substituting Linux for Windows.

An Asus spokesman did not respond to several requests for information for this story, but those with knowledge of the company’s thinking said choice of operating system was crucial in lowering the Eee’s price. A Microsoft license, depending on who you talk to, could have cost almost as much as the netbook’s suggested retail price. Even if Asus had absorbed some of the license fee, it would have been almost impossible to hit $199, then considered the sweet spot for pricing.

Enter Xandros, the operating system that Asus used on the Linux-powered versions of the Eee. It was perhaps the machine’s greatest asset and its biggest weakness. Since it was Linux, there was no Microsoft licensing fee, making it easier for Asus to hit $199. But Xandros was not quite open-source Linux—it was a commercial product from the same-named British company whose revenue came from “partnering” with OEMs. Which, of course, is what Microsoft did.

And, as anyone who knows anything about the Linux community will tell you, any open-source company with a Microsoft-like business plan can’t really be open-source or true to the spirit of Linux. In this, Asus alienated the people who should have been the Eee’s biggest supporters. Look on bulletin board and Reddit posts, and you’ll still see some of the resentment at the choice of Xandros.

Xandros’ other problem? It was just a little too Linux for the millions of people who bought it and who were used to Windows…

…It’s almost impossible to believe, a decade later, how popular netbooks were in the wake of the Eee. Way past popular, actually: the netbook was the best-selling computer in the world in 2009, with seven-fold growth from 2008 and some 20 million sold. That accounted for almost 10% of the entire computer market at a time when the recession saw desktop computer sales fall 12%, the worst decline in its history.


Arguably the Eee and netbooks propped up the PC market for a while. Then they didn’t.
link to this extract

Backlash from locals, politicians erupts over Amazon’s HQ2 split • The Washington Post

Taylor Telford:


While Amazon has touted the prosperity the headquarters would bring — pledging to make $5bn in capital investments and create 50,000 jobs between the two headquarters — politicians voiced concerns that the influx of tech workers would fuel inequality and hurt lower-income populations. Others slammed the company for settling on obvious cities after a lengthy search that drew 238 bids, including many from smaller cities in need of the “transformation” Amazon promised.

While New York Gov. Andrew Cuomo implored Amazon to come to New York City, reportedly saying he’d “change his name to Amazon Cuomo if that’s what it takes”, local politicians were wary about the deal. Prior to the announcement, New York City council member Jimmy Van Bramer and state senator Michael Gianaris published a joint statement in the Yonkers Tribune criticizing the use of “scarce public resources” as “massive corporate welfare. Now, Van Bramer and Gianaris are teaming up with local activist groups to protest Amazon’s plans on Wednesday.

“Say no to the richest company in the world robbing over $1bn from state funding for our schools, transit and housing,” the ad for the protest reads.

Democratic Rep.-elect Alexandria Ocasio-Cortez tweeted Monday that her office had been flooded with calls from residents who were outraged by the pending Amazon deal. She also questioned who would truly benefit from — and who would pay for — the transformation the company touted.

“Amazon is a billion-dollar company. The idea that it will receive hundreds of millions of dollars in tax breaks at a time when our subway is crumbling and our communities need MORE investment, not less, is extremely concerning to residents here,” Ocasio-Cortez tweeted Monday.


Hmm. Think Amazon and/or New York will be dialling back on the subsidies over the course of the next few.. time periods.
link to this extract

Astronomers discover super-Earth around Barnard’s star •


Astronomers have discovered a planet in orbit around one of the closest stars to the Sun, Barnard’s star.

The study was co-led by researchers from Queen Mary University of London, and from the Institut d’Estudis Espacials de Catalunya and the Institute of Space Sciences/CSIC in Spain.
The potentially rocky planet, known as Barnard’s star b, is a ‘super-Earth’ with a mass of at least 3.2 times that of the Earth, and it orbits around its host star once every 233 days.

The results, published in the journal Nature, show the planet lies at a distant region from the star known as the ‘snow line’. This is well beyond the habitable zone in which liquid water, and possibly life, could exist.

The planet’s surface temperature is estimated to be around -170 degrees Celsius meaning it is likely to be a frozen world which is uninviting to Earth-like life.

However, if the planet has a substantial atmosphere the temperature could be higher and conditions potentially more hospitable.


It’s only six lightyears away. Look, we should go – perhaps they could lend us money. Or we could sell them bitcoin. Same thing.
link to this extract

How podcasts became a seductive—and sometimes slippery—mode of storytelling • The New Yorker

Rebecca Mead looks at Serial and the millions of other podcasts, and their sometimes unreliable narration, with this sidetrack on monetisation:


Podcasting has offered advertisers a new means of reaching demographically targeted consumers. Many podcasts feature extended endorsements, read by the host, that often include a discount code for a product or service. For listeners accustomed to a separation between advertising and editorial, the blurring of lines can be disconcerting (or embarrassing, such as when podcast hosts like Joe Rogan and Tim Ferriss expound on how much they enjoy wearing Me Undies). For advertisers that have spent heavily on podcasts, like the omnipresent Casper and Blue Apron, the effectiveness of such campaigns can be measured in increased sales. A representative for Blue Apron, which has launched its own branded podcast, “Why We Eat What We Eat,” in addition to advertising on hundreds of shows, told me, “We view podcasts less as an advertising channel and more as a content channel to win new customers and engage existing customers.”

Podcast advertising remains a relatively new science. Producers and advertisers can instantly tabulate how many times a show has been downloaded, but it’s harder to ascertain how many people have listened to the whole thing. A commercial marketplace puts pressure on podcasters to create content that can attract millions of listeners, which does not necessarily make for the strongest, or most subtle, content. Linsky, with some frustration, noted that it doesn’t matter much to an advertiser if a podcast takes an hour to record or months to report; all that matters is whether it attracts a lot of listeners. New ways of monetizing podcasts are being explored, including a paid-subscription model; apps such as Stitcher Premium offer ad-free listening and bonus episodes.


link to this extract

Errata, corrigenda and ai no corrida: none notified

Start Up No.952: jigsaw melding, Russia jamming GPS?, the faked heavy metal fans, YouTube v Article 13, and more

Editing: please can we not have it for tweets? Photo by Wesley Fryer on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 10 links for you. Formatted correctly this time. I’m @charlesarthur on Twitter. Observations and links welcome.

This artist uses jigsaw puzzles, with the same die cut pattern, to make these terrific mashups • Boing Boing

Rusty Blazenhoff:


Oh boy, I think I have a new hobby. I’ve just learned that you can combine puzzles, that have the same die cut, to make really awesome pieces of art. It had never occurred to me that manufacturers of mass-produced puzzles cut different puzzles of theirs in the same way, making the pieces interchangeable. It makes complete sense, of course, but my mind is still blown!

I learned about the art of “puzzle montage” from one of the readers of my inbox zine, Marcia Wiley (she’s the gal in Seattle who’s fixing up that cool old Checker Cab). She was visiting the Bay Area and we met up for the first time this past Friday. That’s when she told me about her friend Tim Klein, who makes incredible puzzle montages. I’m excited to share his work with you.

In an email exchange, Tim told me that he learned about puzzle montages from the man who first made them, art professor Mel Andringa of Cedar Rapids, Iowa, “As far as I know, he and I are the only artists ever to pursue it seriously. And I think he’s moved on to other things nowadays, so I may be the sole surviving practitioner.”


They’re absolutely amazing. I think the below one is my favourite. More at Puzzle Montages.

link to this extract

Dorsey says Twitter is thinking about an edit button to fix typos in tweets • The Next Web

Ivan Mehta:


For the first time since the end of 2016, Twitter CEO Jack Dorsey shed some light on the company’s thoughts about building an edit button for tweets. Speaking at an event in India’s capital of New Delhi, he said that the company has to carefully consider use cases for the edit button before making it a reality – and it could potentially be tooled to help fix typos.

“You have to pay attention to what are the use cases for the edit button. A lot of people want the edit button because they want to quickly fix a mistake they made. Like a misspelling or tweeting the wrong URL. That’s a lot more achievable than allowing people to edit any tweet all the way back in time,” Dorsey said.

He added that Twitter will ideally prevent unlimited editing, because then anyone could abuse the feature to alter their controversial or damning statements later on. Dorsey noted that the company wants to implement a solution that solves a problem and removes what “people see as friction in the service.”

“We have been considering this for a while and we have to do in the right way. We can’t just rush it out. We can’t make something which is distracting or takes anything away from the public record,” said the Twitter CEO.


I wish Dorsey just had the courage to say that an edit button is a bad idea because it will be abused, and leave it at that. You know it will be: trolls will change tweets to alter their meaning, not for typos. Accept that we make mistakes and leave it at that and focus on making the network better – for example, by preventing verified accounts being taken over and used for bitcoin scams.
link to this extract

Russia suspected of jamming GPS signal in Finland • BBC News


“It is difficult to say what the reasons could be but there are reasons to believe it could be related to military exercise activities outside Norway’s borders,” Wenche Olsen, director of the Civil Aviation Authority of Norway, told the Barents Observer earlier this month.

Russia is also suspected of jamming the GPS signal in Norway’s border area last year when it held its own war games.

Relations between Nato and Russia have been strained since Russia annexed Crimea from Ukraine in 2014.

The Finnish region of Lapland and northern parts of Norway close to the Russian border were affected, with the Norwegian regional airline Widerøe confirming its pilots had experienced GPS disruption, Germany’s DW news site reports.

However, the airline pointed out that pilots aboard civilian aircraft had other options when a GPS signal failed. “This is not a joke, it threatened the air security of ordinary people,” said Mr Sipila, who is himself an experienced pilot. “It is possible that Russia has been the disrupting party in this. Russia is known to possess such capabilities.”

GPS is a global navigation system originally devised by the US military which works by sending signals from satellites above the Earth back down to receivers. “Technology-wise, it’s relatively easy to disturb a radio signal, and it’s possible that Russia was behind it,” Mr Sipila was quoted as saying.


At ground level, GPS signals are incredibly weak, essentially lost in background noise; it’s only by knowing how the signal varies that it can be picked out. In turn, that means you can jam them.
link to this extract

LA band Threatin faked a fanbase to land a European tour no one attended • MetalSucks

Vince Neilstein:


Talking up your own band a little bit to make it appear that you’re more popular than you are is a rite of passage for young acts. We’ve heard of plenty of bands that’ve exaggerated sales or live show numbers to land a gig or two, or talked themselves up to national media for some press attention. It comes with the territory, and it’s usually harmless.

But the Los Angeles band Threatin have taken that idea to a level previously thought unimaginable: the band was able to book an entire tour of Europe despite having no fanbase whatsoever, and it’s all in the process of crashing down around them.

¶ To do it, the band’s frontman and leader, Jered Threatin, posed as a nonexistent booking agent / promoter to land the gigs, used faked live footage of allegedly packed shows in L.A., bought Facebook likes, event RSVPs and YouTube views and lied about ticket sales numbers to swindle venue owners and talent buyers into taking on the shows.

Posts started making the rounds on social media when the tour kicked off on November 1st in London. A post by the venue The Underworld, which hosted the show, alleged that the band’s agent claimed the band had sold 291 tickets in advance but only three people turned up:

Things didn’t get any better from there. The Exchange in Bristol realized they’d had a similar hoax pulled on them a few days later, with the “promoter” saying 180 tickets had been sold in advance only to have no one show up but a few people from the opening band’s guest list.


There’s cocky, and then there’s this. Seems they also created a fake record label, phony press outlet, nonexistent award “and more”. Seems there’s also live footage. Oo.
link to this extract

The potential unintended consequences of Article 13 • YouTube Creator Blog

Susan Wojcicki is CEO of YouTube:


We have worked hard to ensure creators and artists are fairly compensated for their work. In the last year, YouTube paid content owners across the EU €800m. We have also paid the global music industry more than €1.5bn from advert-generated revenue alone.

However, this creator economy is under threat from a section of the EU’s efforts to revise its copyright directive, known as article 13, which holds internet companies directly responsible for any copyright infringement in the content shared on their platform.

While we support the goals of article 13, the European Parliament’s current proposal will create unintended consequences that will have a profound impact on the livelihoods of hundreds of thousands of people.

The parliament’s approach is unrealistic in many cases because copyright owners often disagree over who owns what rights. If the owners cannot agree, it is impossible to expect the open platforms that host this content to make the correct rights decisions.

Take the global music hit “Despacito”. This video contains multiple copyrights, ranging from sound recording to publishing rights. Although YouTube has agreements with multiple entities to license and pay for the video, some of the rights holders remain unknown. That uncertainty means we might have to block videos like this to avoid liability under article 13.


One suspects there’s a teensy bit of dissembling going on here. An FT article from September says


One of the most contentious elements of the draft legislation, known as article 13, would require the use of “upload filters” to pre-scan user uploaded content to ensure it did not breach copyright rules. Critics say this would hamper internet freedom and kill off content such as social media memes.


Come on, Google. Despacito is a piece of licensed music. Where rightsholders are unknown, money gets paid into account for when they turn up. The filter stuff is going to hurt YouTube.
link to this extract

Facebook failed to police how its partners handled user data • The New York Times

Nicholas Confessore, Michael LaForgia and Gabriel J.X. Dance:


When a team from PricewaterhouseCoopers conducted the initial F.T.C.-mandated assessment in 2013, it tested Facebook’s partnerships with Microsoft and Research in Motion, maker of the BlackBerry handset. In both cases, PricewaterhouseCoopers found only “limited evidence” that Facebook had monitored or checked its partners’ compliance with its data use policies. That finding was redacted from a public version of PricewaterhouseCoopers’s report released by the F.T.C. in June.

“Facebook claimed that its data-sharing partnerships with smartphone manufacturers were on the up and up,” [Oregon Democratic senator Ron] Wyden said. “But Facebook’s own, handpicked auditors said the company wasn’t monitoring what smartphone manufacturers did with Americans’ personal information, or making sure these manufacturers were following Facebook’s own policies.” He added, “It’s not good enough to just take the word of Facebook — or any major corporation — that they’re safeguarding our personal information.”

In a statement, a Facebook spokeswoman said, “We take the F.T.C. consent order incredibly seriously and have for years submitted to extensive assessments of our systems.” She added, “We remain strongly committed to the consent order and to protecting people’s information.”

Facebook, like other companies under F.T.C. consent decree, largely dictates the scope of each assessment. In two subsequent assessments, Facebook’s October letter suggests, the company was graded on a seemingly less stringent policy with data partners. On those two, Facebook had to show that its partners had agreed to its data use policies.

A Wyden aide who reviewed the unredacted assessments said they contained no evidence that Facebook had ever addressed the original problem. The Facebook spokeswoman did not directly address the 2013 test failure, or the company’s apparent decision to change the test in question.


The FTC hit Facebook with a privacy consent decree in 2010. Except Facebook gets to decide the scope of the assessment? That’s ludicrous. And then PWC redacts important content?
link to this extract

Amazon’s HQ2 spectacle isn’t just shameful—it should be illegal • The Atlantic

Derek Thompson:


there are three major problems with America’s system of corporate giveaways.

First, they’re redundant. One recent study by Nathan Jensen, then an economist at George Washington University, found that these incentives “have no discernible impact on firm expansion, measured by job creation.” Companies often decide where they want to go and then find ways to get their dream city, or hometown, to pay them to do what they were going to do anyway. For example, Amazon is a multinational company with large media and advertising divisions. The drama of the past 13 months probably wasn’t crucial to its (probable) decision to expand to New York City, the unambiguous capital of media and advertising.

Second, companies don’t always hold up their end of the deal. Consider the saga of Wisconsin and the Chinese manufacturing giant Foxconn. Several years ago, Wisconsin Governor Scott Walker lured Foxconn with a subsidy plan totaling more than $3bn. (For the same amount, you could give every household in Wisconsin about $1,700.) Foxconn said it would build a large manufacturing plant that would create about 13,000 jobs near Racine. Now it seems the company is building a much smaller factory with just one quarter of its initial promised investment, and much of the assembly work may be done by robots. Meanwhile, the expected value of Wisconsin’s subsidy has grown to more than $4bn. Thus a state with declining wages for many public-school teachers could wind up paying more than $500,000 per net new Foxconn job—about 10 times the average salary of a Wisconsin teacher.

Third, even when the incentives aren’t redundant, and even when companies do hold up their end of the bargain, it’s still ludicrous for Americans to collectively pay tens of billions of dollars for huge corporations to relocate within the United States.


His suggestion: federal legislation which claws back 100% of any state subsidy.
link to this extract

Amazon selects New York City and northern Virginia for new headquarters • About Amazon official blog

Day One Staff:


• As part of Amazon’s new headquarters, New York and Long Island City will benefit from more than 25,000 full-time high-paying jobs; approximately $2.5bn in Amazon investment; 4m square feet of energy-efficient office space with an opportunity to expand to 8m square feet; and an estimated incremental tax revenue of more than $10bn over the next 20 years as a result of Amazon’s investment and job creation.

• Amazon will receive performance-based direct incentives of $1.525bn based on the company creating 25,000 jobs in Long Island City. This includes a refundable tax credit through New York State’s Excelsior Program of up to $1.2bn calculated as a percentage of the salaries Amazon expects to pay employees over the next 10 years, which equates to $48,000 per job for 25,000 jobs with an average wage of over $150,000; and a cash grant from Empire State Development of $325m based on the square footage of buildings occupied in the next 10 years. Amazon will receive these incentives over the next decade based on the incremental jobs it creates each year and as it reaches building occupancy targets. The company will separately apply for as-of-right incentives including New York City’s Industrial & Commercial Abatement Program (ICAP) and New York City’s Relocation and Employment Assistance Program (REAP).

• The community will benefit from New York City providing funding through a Payment In Lieu Of Tax (PILOT) program based on Amazon’s property taxes on a portion of the development site to fund community infrastructure improvements developed through input from residents during the planning process. Amazon has agreed to donate space on its campus for a tech startup incubator and for use by artists and industrial businesses, and Amazon will donate a site for a new primary or intermediary public school. The company will also invest in infrastructure improvements and new green spaces.


Struggling startup Amazon getting a billion-dollar helping hand there from NYC. So kind.

A reminder that the kickback to Foxconn helped get Scott Walker kicked out in Wisconsin. I wonder how it’s going to play for the politicians who were behind this? The ones who aren’t – notably new electee Alexandra Ocasio-Cortez – are making a lot of noise about it.
link to this extract

This is all Donald Trump has left • Deadspin

David Roth:


All Trump wants, all he has ever wanted, is to be able to keep doing and taking and saying whatever he wants whenever he wants. He ran for president for this reason and this reason only.

His politics, to the extent that they’ve ever been legible, have always been off-the-rack big city tabloid bullshit—crudely racist exterminate the brutes/back the blue authoritarianism in the background and ruthless petty rich person squabbling in the front. His actions since becoming president have been those of a dim, cruel child playacting at being a powerful—giving orders without quite knowing what they mean or how they might be carried out, taunting enemies, beating up the people he can afford to beat up without having to be called to account for it, lying as needed or just for yuks. He hasn’t changed a thing since graduating from punchline to president. It’s been clear for decades that Trump was both an asshole and a dummy; this is now a problem not just for the odd unlucky cocktail waitress and his staff of cheesy apparatchiks but literally every person on earth.

Presidents exert a kind of ambient influence on the culture, but as Trump is different than previous presidents his influence necessarily feels different. Barack Obama wanted to be a cosmopolitan leader who brought people together and into a deeper empathy through a mastery of reason and rules; the country he governed doesn’t work like that, though, and the tension between that cool vision and this seething reality grew and grew. By the end, his presidency had the feeling of a prestige television show in its fifth season—handsomely produced and reliably well-performed but ultimately not really as sure what it was about as it first appeared to be. Trump has no such pretense or noble aspiration, and has only made the country more like himself; living in his America feels like being trapped in a garish casino that is filling with seawater, because that is what it is.


It’s a tour de force, and should be obligatory reading from the top. This is Trump’s obituary; nothing more true can be said about him.
link to this extract

Amazon asked to share Echo data in US murder case • BBC News


A judge in the US has asked Amazon to hand over audio recordings from an Amazon Echo which was in a house where two women died.
Their bodies were found under the porch of a home in New Hampshire with multiple stab wounds.

The man accused of their murder has pleaded not guilty and is due to stand trial next year.

Amazon said it would not hand over any data about the device without a legally-binding instruction.

The judge had also requested any additional data, such as which devices were paired with it at the time the women were attacked in January 2017.

Amazon told the Associated Press it would not hand over anything “without a valid and binding legal demand properly served on us”.

Last year the tech giant did agree to hand over data from an Echo that may have been operating at the time of a murder in Arkansas – but only after the defendant consented.


This is going to become standard operating procedure for police forces very quickly. And that’s before you get to Nest devices, proximity sensors and so on.
link to this extract

Errata, corrigenda and ai no corrida: the email for Start Up 951 had a formatting glitch – this happened because Flickr allows PNG format as well as JPG, and my composition script only expects JPG, so it pulled in a ton of extra stuff, and after the edit I overlooked a size setting on the main image, so the email tried to be super-wide like the image. But let’s talk about how HTML is too easy.

Start Up No.951: Xiaomi under fire, Apple shares drop, Wear OS’s missing link, the smart speaker revolution, and more

Guess what pursuit the music company BMG gave up as a waste of time and money? Photo by Ashley Richards on Flickr

A selection of 9 links for you. It’s what they’re meant to do. I’m @charlesarthur on Twitter. Observations and links welcome.

Xiaomi criticised for UK smartphone £1 flash sale • BBC

Leo Kelion:


Xiaomi’s business model is based on selling its hardware at low profit margins and it has regularly held flash sales in other markets as a relatively cheap way to attract attention and gauge demand.

It typically offers thousands of devices at a more realistic prices when doing so. But even when it held a similar €1 (88p) event in Spain last year, it provided 50 units.

By contrast, the first two UK flash sales involved only three phones apiece, while two follow-ups were limited to two units.

This fact was not mentioned on the main sales page. Instead, users had to click on a link to its terms and conditions, found at the foot of the site, and then scroll halfway through them.

Dozens of users complained on Xiaomi’s Facebook page after failing to obtain a phone.

“For a company worth around $50bn launching in a brand new country and making a big deal about it they could have done 50 easily. They didn’t. They’ll lose potential customers over this,” wrote Simon Hodge.

Another user, James Bowen, said: “What a joke, as soon as the timer hit zero, it was out of stock – just clickbait to get people to visit the website.”

One user subsequently analysed the webpage’s code and pointed out it had been set to say: “Sold out,” as soon as the sale had opened – without even checking to see if the allocated stock had indeed been purchased.


A single phone? Hard to know if Xiaomi thought it wouldn’t get caught, or it wouldn’t matter, but this has left a bad taste with a number of people. And it will live forever in its history, meaning it’s starting below the bottom of the PR ladder.
link to this extract

Apple shares drop after iPhone supplier Lumentum cuts forecast • Reuters

Vibhuti Sharma:


Stoking fears among investors that demand for iPhones is waning, Lumentum said in its statement the customer was “one of our largest… for laser diodes for 3D sensing”, which analysts said could only be Apple.

Shares in the iPhone maker dropped 4%, wiping $40bn off its market value. Those in Lumentum, which gave its original forecast just two weeks ago, fell 27%, dragging down shares of other Apple suppliers.

That also followed a separate warning from another Apple supplier, screen maker Japan Display, on Monday.

“Many suppliers have lowered numbers because of their unnamed ‘largest customer,’ which is Apple. Apple got cautious in their guidance and it’s hitting their suppliers,” Elazar Capital analyst Chaim Siegel said.

JP Morgan analysts weighed in by cutting their price target for Apple by $4 to $270 pointing to poor orders for the new iPhone XR.

Lumentum now expects net revenue of $335m to $355m, compared with its prior range of $405m to $430m, and earnings per share of $1.15 to $1.34, down from $1.60 to $1.75 estimated previously.

Three analysts told Reuters that Lumentum’s forecast points to a reduction of 18m to 20m iPhones on earlier estimates, based on the average selling price of 3D sensing parts. Apple accounted for 30% of the company’s revenue as of June 30.

“Apple could have accumulated too much Lumentum inventory, and needs to work it off, in which case the unit shortfall is less, although it is still indicative of weak iPhone sales.” D.A. Davidson analyst Mark Kelleher said.


Feels like we get this same story every single year. In the past, Apple’s sales have then shown that sales kept up. This time, we won’t know.
link to this extract

Voice tech like Alexa and Siri hasn’t found its true calling yet: inside the voice assistant ‘revolution’ • Recode

Rani Molla:


As the holiday shopping season approaches, voice-powered smart speakers are again expected to be big sellers, adding to the approximately one-quarter to one-third of the U.S. population that already owns a smart speaker and uses a voice assistant at least once a month.

Voice interfaces have been adopted faster than nearly any other technology in history. And with big sales has come big hype, thanks in part to breathless prognostications about our voice-driven future:

The global number of installed smart speakers is going to more than double to 225m units in two years, says Canalys.
• Voice shopping on Alexa alone could generate more than $5bn per year in revenue by 2020, according to RBC Capital Markets.
• Global ad spending on voice assistants — currently nonexistent — will reach $19bn by 2022, nearly the size of the current magazine ad business, per Juniper Research.

While some of this will likely come to pass, the hype might be disguising where we really are with voice technology: earlier than we think.

About a third of smart speaker owners end up using them less after the first month, according to an NPR and Edison Research report earlier this year. Just a little more than half said they wouldn’t want to go back to life without a smart speaker.

While people are certainly enthusiastic about the new technology, it’s not exactly life-changing yet.

Today, voice assistants and smart speakers have proven to be popular ways to turn on the radio or dim the lights or get weather information. But to be revolutionary, they will need to find a greater calling — a new, breakout application.


Turns out that “radio” is a big new category here: podcasts or radio stations. And that’s where adverts come in: people don’t bother to ask their device to skip forward 30 seconds past an ad. Easier to let it play. “Smart speaker listeners are much more passive,” in the words of one analyst.

A good, thorough piece with lots of insights.
link to this extract

Fixing Wear OS: how Google could fight back against the Apple Watch • Wareable

David Nield:


Both our developers were adamant: Wear OS needs a flagship wearable to compete with the Apple Watch. “When people buy an Apple watch, they buy the Apple Watch,” says Jason. “When people buy an Wear OS device, they buy… what? The release of a Google Pixel Watch could change that as it would give users one device to focus on.”

“The platform really needs a flagship watch,” agrees Kris. “No Wear OS watch comes close to the Apple or even Samsung Galaxy watches. Google is clear it wants its partners to focus on the hardware while they focus on the software but neither is doing a good job. Maybe the problem is fashion companies aren’t good at building tech hardware.”

While we’d say there are in fact some very good Wear OS smartwatches on the market, we can see the point – while earlier models had their flaws, the Apple Watch Series 4 really brings hardware and software together impressively well. It’s particularly adept at health and fitness tracking, something Wear OS is still struggling to excel at.

The Wear OS users we spoke to had different ideas about how to push Wear OS forward. Aaron Gumbs wants to see more user customisation options and less of a reliance on Google’s apps and services, while Iwan van Ee would like tighter and more useful integrations with the apps already on his phone.

For Juhani Lehtimäki though, less is more. He points to the Google Chromecast and the Google Home smart speaker as devices that are brilliant in their simplicity.

“Google needs to bring Wear back to being extension of our phones,” says Juhani. “The amount of standalone apps available for a watch doesn’t matter… how well it extends my Google Fit, Android notification system and others is what matters. Take out the Play Store, take out the keyboard support, and focus on being helpful.”


That “keyboard support” even exists tells you exactly who Wear OS’s audience tends to be: geeks who want to noodle. Nobody sensible tries to type anything harder than a passcode on a watch. (Wear OS is apparently 7% of smartwatch sales.) The point about too much choice is a good one too.
link to this extract

Police: woman remotely wipes phone in evidence after shooting • Schenectady NY Daily Gazette

Steven Cook:


A cellphone seized by police as part of an investigation into a drive-by shooting last month was remotely wiped by its owner, authorities said this week.

Police believe Juelle L. Grant, 24, of Willow Avenue, may have been the driver of a vehicle involved in an Oct. 23 drive-by shooting on Van Vranken Avenue, near Lang Street, so they obtained her phone, according to police allegations filed in court. No one was injured in the shooting.

After police took her iPhone X, telling her it was considered evidence, “she did remotely wipe” the device, according to police.

“The defendant was aware of the intentions of the police department at the conclusion of the interview with her,” according to court documents.

Police arrested Grant on Nov. 2 and charged her with three felonies – two counts of tampering with physical evidence and one count of hindering prosecution.

One of the tampering counts relates to the phone. The other, as well as the hindering count, relate to her alleged actions the day of the shooting.


New ways to commit crime! In the only episode of Breaking Bad I’ve ever watched, they used a giant magnet. But that wouldn’t work against a phone. Hm.
link to this extract

AI is not “magic dust” for your company, says Google’s cloud AI boss • Technology Review

Will Knight interviews Andrew Knight, ex-Carnegie-Mellon University:


Q: Like you, lots of AI researchers are being sucked into big companies. Isn’t that bad for AI?

AK: It’s healthy for the world to have people who are thinking about 25 years into the future—and people who are saying “What can we do right now?”

There’s one project at Carnegie Mellon that involves a 70-foot-tall robot designed to pick up huge slabs of concrete and rapidly create levees against major flooding. It’s really important for the world that there are places that are doing that—but it’s kind of pointless if that’s all that’s going on in artificial intelligence.

While I’ve been at Carnegie Mellon, I’ve had hundreds of meetings with principals in large organizations and companies who are saying, “I am worried my business will be completely replaced by some Silicon Valley startup. How can I build something to counter that?”

I can’t think of anything more exciting than being at a place that is not just doing AI for its own sake anymore, but is determined to bring it out to all these other stakeholders who need it.

Q: How big of a technology shift is this for businesses?

AK: It’s like electrification. And it took about two or three decades for electrification to pretty much change the way the world was. Sometimes I meet very senior people with big responsibilities who have been led to believe that artificial intelligence is some kind of “magic dust” that you sprinkle on an organization and it just gets smarter. In fact, implementing artificial intelligence successfully is a slog.

When people come in and say “How do I actually implement this artificial-intelligence project?” we immediately start breaking the problems down in our brains into the traditional components of AI—perception, decision making, action (and this decision-making component is a critical part of it now; you can use machine learning to make decisions much more effectively)—and we map those onto different parts of the business. One of the things Google Cloud has in place is these building blocks that you can slot together.

Solving artificial-intelligence problems involves a lot of tough engineering and math and linear algebra and all that stuff. It very much isn’t the magic-dust type of solution.


But tell me more about the 70-foot robot that moves paving slabs.
link to this extract

Global tablet shipments to decline 4.3% in 2018; Huawei to become 3rd largest manufacturer, surpassing Amazon • TrendForce


“With the launch of new devices in the coming era of 5G, the tablet category will still help the brands build a strategic future, retaining their customer bases and becoming more influential in the global IoT network,” says Kou-Han Tseng, TrendForce notebook analyst. Therefore, major brands will not give up their tablet product lines, even at the expense of downsizing their entry-level product ranges. Particularly, Google continues the ambitions about its tablet business and Huawei expands fast in this segment, whose growth momentum jointly remains key to the overall performance of the tablet market. For 2019, TrendForce forecasts the global tablet shipments at 139.6m units, a YoY decline of 4%.

Amid the overall decline of tablet sales worldwide, brands tend to offer lower prices to retain customers and invest less in new tablet development. In contrast, Huawei appears to be rather positive in developing new mobile devices, including both smartphones and tablets. Huawei’s shipments of tablets for 2018 are expected to rise by over 30% to more than 14m units, with a market share of 9.8%, 2.6 percentage points up from last year. The impressive shipments will also enable Huawei to become the 3rd largest tablet manufacturer this year, surpassing Amazon.

Amazon’s growth momentum for tablet grows conservative as the brand shifts some focus to its smart speaker business. The company expects a fall in its annual tablet shipments for 2018, although it has been adjusting its product portfolio faster and increasing the share of its 8in and larger products. After three years of strong growth, Amazon is expected to record a more conservative shipment of 13.4m units this year, a YoY decline of 1%.

The leading tablet maker Apple has revealed its new 11in and 12.9in iPad Pro models ahead of the coming holiday sales in Europe and the US. However, its launch not long after new iPhones and the premium price tags, 25% higher than its ancestors, may prevent the new iPad series from achieving mass market success. As the result, TrendForce expects the iPad shipment to fall by 2% YoY, recording 43m units for 2018.


The Pro tablets aren’t intended to get “mass market success”; the clue is in the name. TrendForce excludes 2-in-1 PCs (such as the Surface genus?).
link to this extract

Was this the biggest mistake in the history of the music business? • Music Business Worldwide

Tim Ingham:


Back in 1990, London-born Sam Houser, aged 19, landed a dream first job – working in the post-room at BMG’s UK HQ. Houser then supplemented his university studies by continuing to work at BMG for the next four years, focusing on pop music videos and VHS releases.

By 1994, he’d graduated, and took a full-time role within BMG’s new interactive entertainment division.

Houser, it turned out, had a natural talent for ‘A&R’ing’ video games – spotting titles that would sell big and signing them up as a label would an artist – and, by 1996, he was named Head of Development at BMG Interactive in the UK.

Got your palm located somewhere roughly near your forehead? Good. Prepare for the two to forcibly meet.

In late 1997, BMG Interactive released Grand Theft Auto, a 2D action-adventure game, which saw players fulfilling the objectives of criminal overlords across three cities.

The title was a commercial smash in the US and Europe – yet it emerged amid serious corporate turbulence.

In March 1998, convinced that its foray into video games had been a waste of time and money, BMG – under the instruction of owner Bertelsmann – agreed to sell off BMG Interactive.

According to Sam Houser, BMG let the company go, to New York-based Take Two Interactive, for a total consideration of $9m.

This deal included the BMG Interactive staff, plus all rights to the Grand Theft Auto franchise.

(For those who can see where this narrative is going: Red Dead Redemption 2 generated that $9m back within an hour of going on sale last month.)


Yes, Houser is one of the team behind Red Dead Redemption (1 2), which smashed records the other week. It’s a fascinating tale of “bad fit”: the music business just couldn’t work in the way the video games business does. So it dumped it.
link to this extract

This banking malware just added password and browser history stealing to its playbook • ZDNet

Danny Palmer:


The Trickbot banking malware has added yet another tool to its arsenal, allowing crooks to steal passwords as well as steal browser data including web history and usernames.

The malware first appeared in 2016, initially focused on stealing banking credentials – but Trickbot is highly customisable and has undergone a series of updates since then. The latest trick – picked up by researchers at both Trend Micro and Fortinet – is the addition of a new module designed to steal passwords.

This new Trickbot variant first emerged in October and is delivered to victims via a malicious Excel document.

Like many forms of malware, the malicious package is spread via macros: the user is told their document was created in an older version of Excel and that they must ‘enable content’ to view the file. This allows macros to run and executes malicious VBS code which kicks off the process of the malware download.


Social engineering is still one of the most reliable ways to hack people.
link to this extract

Errata, corrigenda and ai no corrida: none notified.

»You can sign up to receive each day’s Start Up post by email (arriving at about 0700GMT each weekday). You’ll need to click a confirmation link, so no spam.«

Start Up No.950: Pakistan’s banks hacked?, smartphones in Africa v China, the human bot problem, unzip for iPhone!, and more

Americans are paying more for the components of self-build PCs. Yup, tariffs. Photo by GokuPhoto on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 14 links for you. OK, but some are short. I’m @charlesarthur on Twitter. Observations and links welcome.

Data from ‘almost all’ Pakistani banks stolen, says FIA cyber-crime chief in Pakistan •

Azaz Syed:


The Federal Investigation Agency’s (FIA) cyber-crime chief set off alarm bells on Tuesday when he revealed that customers’ data from “almost all major Pakistani banks” was stolen in a recent security breach.

“Almost all [Pakistani] banks’ data has been breached. According to the reports that we have, most of the banks have been affected,” Director of FIA Cyber-Crimes wing Captain (retd) Mohammad Shoaib told Geo News.

The FIA official’s comments follow a recent report from Group-IB, a global cyber security firm, that hackers had released a new dump of Pakistani credit and debit cards on dark web forums.

By the end of last week, at least six Pakistani banks had suspended usage of their debit cards outside the country and blocked all international transactions on their cards.

Concerns about a breach of credit and debit card data spread in the banking circles, after a cyber attack on Bank Islami last week that siphoned off at least Rs2.6 million from its accounts.

The cyber-crime chief did not reveal exactly when the security breach took place that had affected most Pakistani banks.

“More than 100 cases [of cyber-attack] have been registered with the FIA and are under investigation. We have made several arrests in the case, including that of an international gang [last month],” Capt (retd) Shoaib said.


link to this extract

Android security auditing (investigating unauthorized screenshots) • Michael Altfield’s Tech Blog


About six months ago, I discovered something on my smartphone that horrified me: I went to undelete a file in DiskDigger, and I stumbled upon a plethora of unexpected jpegs: screenshots of my activity. Screenshots that I didn’t take. Screenshots of my conversations within my encrypted-messaging-app-of-choice. Screenshots of my news feed. Screenshots showing my GPS position in my open source map app. And screnshots of my bitcoin wallet.

I was perplexed. I was astonished. And, to be honest, I was scared. How did this happen? Was it a vulnerability shipped with LineageOS? Could it be some malicious binary embedded into AOSP? Or is it some exploit in one of those damned closed-source apps that I was forced to install through social pressure (*cough* whatsapp).

This week I was honored to be accepted into a 1-week mini batch at the Recurse Center (formerly “Hacker School”) in Brooklyn, NY. And, finally, I decided to roll-up my sleeves and dig into Android Security Auditing with the ultimate goal of finding out what was responsible for creating (and then deleting) all these screenshots. Well, with no thanks to Google, I did find the source. And the codebase is integrated into AOSP. But (spoiler), it’s not something to sweat about. Though it is a fun journey.


The answer – as he says, nothing to sweat about – is surprising.
link to this extract

Africa’s biggest markets drive strong growth in continent’s smartphone shipments • IDC


A total of 22.4m smartphones were shipped in Africa during the second quarter of this year (Q2 2018), according to the latest insights from International Data Corporation (IDC). The global technology research and consulting firm’s Quarterly Mobile Phone Tracker shows that Africa’s smartphone shipments increased 9.8% quarter on quarter (QoQ) and 6.0% year on year (YoY) in Q2 2018.

The market’s buoyant performance was spurred by the growing popularity of low-end to mid-range devices. Transsion brands continued to lead the continent’s smartphone space in Q2 2018, accounting 35.4% of shipments. Samsung followed in second place with 23.2% share.

By contrast, the feature phone market was down 1.1% QoQ and 5.8% YoY in Q2 2018, but – with shipments totaling 31.4m units – these devices still constitute a 58.3% share of Africa’s overall mobile phone market as they cater to the needs of the continent’s huge low-income population (mainly in rural areas) by providing basic mobile communications that are priced very competitively.


That’s just to give you the contrast of the size of the market. Africa’s total population is about 1.3bn; China, with about 1bn population, the Q3 figure was 305m, or about 13x bigger.
link to this extract

Cesar Sayoc and others on Twitter are behaving like bots • Slate

Charles Seife:


If you plot the time of the account’s tweets on a 24-hour clock (midnight at top, noon at bottom), you see that it never seems to sleep, and its predilection for posting on the half-hour makes a sunburst pattern. I’m very comfortable saying this is a bot. (I tweeted to ask but have received no response, even as the account continued to post right-wing news.)

Compare that to a typical humanoid—such as me. Below, you can see a seven-to eight-hour period when I stop my online activity, and you can tell that my sleep pattern is pretty normal.

Sayoc’s sleep pattern was apparently not ordinary; the carve-out in his daily clock is quite short and in the wrong place. It looks like Sayoc wasn’t getting much sleep, and when he did, it was in the middle of the day.

And, on the other hand, a bot can pretend to sleep, and a lot of bots, in fact, have a diurnal pattern. In many cases, they seem more natural than Sayoc’s.


I like the polar plot – a clever way to visualise it. He also looks at “time between tweets” – another element you’d think would be a giveaway. Not so.
link to this extract

An unzipping shortcut • All this

Dr Drang (who works in engineering, usually calculating how to stop bridges falling down, etc) likes noodling with scripts; here he tackles a problem many people face: how do you handle ZIP files on iOS?


Apple provides the product images as zipped archives, so when I clicked on the link in the press release, I was confronted with this “what do I do?” screen in Safari.

The efficient thing would have been to walk ten feet over to my iMac and download the zip files there, where they can be expanded with almost no thought. But I took the procrastinator’s way out, deciding to solve the problem of dealing with zip files on iOS once and for all.

In the past, I’ve tried out a few zipping/unzipping apps, and they’ve all sucked, with user interfaces that are clumsy to navigate and look like something out of Windows 3.1. What I wanted was a clean, one-click solution similar to what we have on a Mac. A shortcut, if you will…

I went to the Shortcuts Gallery and searched on “zip,” “unzip,” and “archive.” There was a shortcut for zipping up a bunch of files and putting them into an email message, but nothing for unzipping and saving. I also couldn’t find anything by Googling. So I made my own.


It will take you 30 seconds to write this Shortcut, perhaps less to download it from him. Anyway, that’s another obstacle to “real work” solved.
link to this extract

The US is in a state of perpetual minority rule • The Washington Post

Daniel Markovits and Ian Ayres (who teach law, economics and politics at Yale Law School) on the inbuilt bias of the state-oriented, first-past-the-post system in the US:


The electoral college system extends these biases into presidential elections. Donald Trump himself also lost the popular vote — by 2 percentage points, or nearly 3 million votes — in 2016. This difference represents the greatest popular-vote loss suffered by any winning president in history.

President Trump and the Republican senators have used their offices to remake the judiciary in their own image. Justices Neil M. Gorsuch and Brett M. Kavanaugh entrench a reliable conservative majority at the Supreme Court, in spite of being nominated by a popular-vote-losing president and confirmed by senators who, our research shows, collectively won (in each case) about 24 million fewer votes than the senators who voted against the nominations.

All in all, then, a Democratic Party that has dominated the popular vote across all federal offices enjoys only a narrow elective majority in one half of one branch of the federal government. And Trump and Republican senators are using their control of the rest of the government to promote policies that will extend and entrench the Republican skew in elections. The Supreme Court will likely soon hear a series of cases in election law that review the very practices that underwrite Republican power.

Finally, these patterns follow a dark demographic logic. White men — roughly one-quarter of the total US population — constitute Trumpism’s core constituency. Exit polls showed they favoured Trump over Hillary Clinton by 62% to 31% and favoured Republicans over Democrats in this year’s midterms by 60% to 39%. No other major demographic group supports the Trump agenda with anything approaching this enthusiasm. We’ve estimated that if white men voted like the rest of America, Democrats would have won the 2016 presidential election by 19% and would, following the midterms, control a majority of the Senate with at least 20 more seats.


The urban-rural divide in the US is going to create increasing rifts unless the US revises its representation system. That Wyoming, with fewer than 600,000 inhabitants, sends as many senators as California, with 37m, is crazy. Reform might even allow a third party to emerge and influence change.
link to this extract

Getting the iPad to Pro • Craig Mod


Let’s assume — as all the marketing seems to imply — that Apple wants us to treat these machines as primary computers. And assume we’re professional computer folk, who do complicated computer things. [Footnote: I would not be surprised to see iPads run both iOS and macOS, and switch between OSes when plugged into external monitors, thus fixing the weird UX snafu of touchscreen on a screen without touch.]

Having used the heck out of iPads these past few years, I believe there are two big software flaws that both make iOS great, and keep it from succeeding as a “pro” device: [Footnote: Contrary to a lot of complaints I see about iPads, I don’t find the lack of a track pad / pointer to be an issue. Touch / Pencil and a Smart Keyboard have worked really well for me.]

1. iOS is primarily designed for — and overly dependent on — single-context computing
2. Access to a lower level (i.e., a file-like system) components is necessary for professional edge-tasks

And one big general flaw that keeps it from being superb:

1. Many software companies still don’t treat the iPad as a first class computing platform [Footnote: Including Apple! I asked for (the quite excellent) archive of all the data Apple has collected about me (fascinating, well-structured, illuminating, worth retrieving) and, when my archive was ready, upon visiting the archive download page on an iPad was told: This device is not supported.]

Let’s dig into real-world examples of where these issues present problems…


Excellent piece.

link to this extract

CNN headlines, according to a neural net • Letting neural networks be weird

The wonderful Janelle Shane:


After much more training (about 30 min total on a fast GPU), it grew confident enough to use actual words more often. It had learned something about business as well.

Why the Stock Market is Trying to Get a Lot of Money
The US China Trade War is so Middle Class
Bank of the Stock Market is Now Now the Biggest Ever
The Best Way to Avoid Your Money
How Much You Need to Know About the New York City
How to Make a New Tax Law for Your Boss
The Stock Market Market is the Most Powerful Money
Goldman Sachs is a New Super Bowl
Facebook is Buying a Big Big Deal
Why Apps in the Country
5 Ways to Trump on Chipotle Industry is the Random Wedding
Premarket Stocks Surge on Report of Philadelphia Starbucks Starbucks Starbucks

One curious pattern that emerged: companies behaving badly.

Walmart Grilled With a New Leader in Murder Tech
Coca-Cola is Scanning Your Messages for Big Chinese Tech
Amazon Wants to Make Money Broadcasting from Your Phone
Should I Pay My Workers
Amazon is Recalling 1 Trillion Jobs

My favorite headlines, though, were the most surreal.

Star Wars Episode IX Has New Lime Blazer
Mister Rogers in Washington
Black Panther Crushes the iPhone XS and XS Max Max
How to Build a Flying Car Car
You Make Doom Stocks
The Fly Species Came Back to Life
India Gets a Bad Mocktail Non Alcoholic Spirit
How to Buy a Nightmare


I think “Star Wars Episode IX Has New Lime Blazer” is my favourite because I feel pretty sure I’ve read it somewhere. Next train it on clickbait? Speaking of which…
link to this extract

Meeting Kosovo’s clickbait merchants • BBC News

Carl Miller spoke to Kosovan fake news generators a year ago; now he has gone back to see how the crackdown by Facebook et al is going:


although less profitable, the practice was still widespread. “Forty% of Kosovan youth are doing this,” one merchant told me. “Thousands upon thousands,” said another.

And it’s little wonder. 100 euros a day is still life-changing for someone, like him, who’d earned seven euros a day as a waiter before he started. The “why” was clear. In the face of Facebook’s reforms, the bigger surprise was “how”.

There is another side to this fake news and clickbait industry that isn’t visible to us. I learned that a network of closed groups exist, with memberships that can number from a few hundred to several thousand. To be part of such a closed group, you have to be invited.

But inside, it was clear that Facebook wasn’t just the place where they harvested audiences. It was also where the fake news merchants themselves traded with each other.

I saw Facebook pages with hundreds of thousands of likes traded for thousands of dollars. Others sold fake likes, or fake accounts, or offered advice on how to get around Facebook’s enforcement.

We even found a “fake news starter pack” for a beginner, complete with a collection of Facebook pages to gather an audience, along with websites to monetise your activity. This was a service sector economy for misinformation.

It wasn’t just Facebook that was innovating, the misinformation merchants were too. Some were specialised in growing pages and selling them on. Others would sell content, and more still concentrated on getting around Facebook’s enforcement.

Even within small groups, this was happening routinely and dozens of times a day. It was industrial-scale gaming of Facebook’s policies and systems.

Around the world, there are thousands of people like those I spoke to. Usually young, male and digitally savvy, they are willing to share any content for the clicks. And in the chase for clicks online, the horrifying, shocking, exaggerated, or divisive wins out again and again.


link to this extract

Why PC builders should stock up on components now • PCMag UK

Michael Kan:


NZXT is a popular PC desktop case vendor, but the California-based company recently had to raise its prices.

The reason? The new US tariffs on Chinese imports includes PC cases. In September, the Trump administration imposed the 10% duty, which also cover motherboards, graphics cards, and CPU coolers from the country. As a result, NZXT had to introduce a 10% price increase on PC cases to deal with the added costs, VP Jim Carlton told PCMag in an interview.

And building a PC could get even more expensive in 2019; US tariffs on Chinese-made goods will rise from 10% to 25% in January.

“If I needed to build a system in the next six months, I’d definitely build it before the end of the year,” Carlton told us.

For PC builders, the tariffs risk adding a few hundred dollars to the total cost of components for a custom desktop. “If it’s a $2,000 purchase on 25% tariffs, it’s going to be a $2,500 purchase,” Carlton said. “So we are very concerned with the direction of where this is going.”

“I don’t have a 10% [profit] margin I can just throw away and absorb the tariffs,” he added. “And certainly no one has a margin for 25%.”

But retail consumers won’t be the only buyers affected by the tariffs. MBX Systems is another US provider of hardware systems, which focuses on enterprise customers. The Illinois-based company specializes in assembling servers, which are then resold by its clients, such as cybersecurity firms.

Last month, the company told its customers the bad news; more than 30 component suppliers—including Intel, Samsung, and Seagate—had been affected by the tariffs, forcing server component costs to go up.

“We’ve seen anywhere from reluctant acceptance by the customer—where they’re not going to increase the cost to the end user—to others that will push back heavily,” MBX Systems president Chris Tucker told PCMag.


Looking outside China doesn’t help: manufacturing prices are higher.. by at least the tariff amount. Trade wars: not so easy to win.
link to this extract

Researchers claim to have permanently neutralized ad-blocking’s most promising weapons • Boing Boing

Cory Doctorow:


Last year, Princeton researchers revealed a powerful new ad-blocking technique: perceptual ad-blocking uses a machine-learning model trained on images of pages with the ads identified to make predictions about which page elements are ads to block and which parts are not.

However, a new paper from a group of Stanford and CISPA Helmholtz Center researchers reveals a powerful machine learning countermeasure that, they say, will permanently tilt the advantage toward advertisers and away from ad-blockers.

The team revealed a set of eight techniques to generate adversarial examples of slightly modified ads that completely flummoxed the perceptual ad-blocker’s model: from overlaying a transparent image to modifying a few pixels in the logo used to demarcate an ad.

What’s more, the team showed that they could cause the perceptual blocker’s model to erroneously identify a page’s actual content as an ad and block it, while leaving the ads unblocked.

The team says that these techniques will always outrace the ability of perceptual blocking models to detect them, suggesting that perceptual blocking may be a dead letter.


Dead letter? Dead end maybe. Please now view this advert for “arms race”.
link to this extract

Facebook Portal non-review: why I didn’t put Facebook’s camera in my home • WSJ

Joanna Stern refused to review the Portal in her house, citing privacy concerns, though she did use it in the office:


When I asked about the popular Facebook mic conspiracy, Mr. Bosworth assured me that “it is not true, it will continue to not be true.” On the Portals, specifically, he made a number of privacy and security assurances:

• You can disable the camera and microphone by pressing the button on top of the device. This physically disconnects them so even if the Portal were hacked, they wouldn’t be accessible.
• As an added measure, you can block the camera lens with an included plastic camera cover.
• All the smart-camera technology—the person detection, etc.—happens locally on Portal, not on Facebook servers. Portal’s camera doesn’t use facial recognition to identify people on the call.
• Like all Messenger calls and messages, all communications are encrypted.
• Like Amazon Echo or Google Home, Portal only sends voice commands to Facebook servers after you say, “Hey Portal.” You can delete Portal’s voice history in your Facebook Activity Log.

However, because this is using Facebook Messenger, the data that is typically collected from a call is still collected. That includes your call history, how long you spent talking to certain contacts, etc. Also, the sheer use of the device indicates to Facebook you’re interested in video calling, so you may be targeted for that. Speaking of ads, Facebook said there are no ads on the Portal’s screen, and the company doesn’t have plans to show ads there.

Facebook’s Promise: The Portal was designed so you’re always in control of your privacy and security.

My Assessment: It’s hard to believe we really have any control of our Facebook data and privacy given the last year.


Facebook execs are clearly sincere about their desire to make the Portal private. But it’s the scorpion riding on the frog’s back: it’ll sting you somehow eventually. That’s just its nature. At the same time, the technology is smart. But will the people who can afford it be the ones prepared to let go of their privacy?
link to this extract

Apple pumps up its Amazon listings with iPhones, iPads and more • CNET

Ben Fox Rubin:


Amazon has signed a deal to expand the selection of Apple products on its sites worldwide.

The world’s largest e-commerce company said Friday it’ll soon start selling more Apple products directly and have access to Apple’s latest devices, including the new iPad Pro, iPhone XR, iPhone XS, and Apple Watch Series 4, as well as Apple’s lineup of Beats headphones. The Amazon-Apple deal encompasses the US, UK, France, Germany, Italy, Spain, Japan and India, with the new products hitting Amazon sites in the coming weeks.

Only Apple-authorized resellers will now be allowed to sell Apple and Beats products on Amazon’s marketplace.

Currently, many of these Apple products are either unavailable on Amazon or are on sale only through its third-party marketplace at varied prices and conditions. Amazon does already directly sell some Apple devices, such as MacBook laptops and Beats headphones.


Pull in those marginal sales at a time when things might be getting tough.
link to this extract

Creation and consumption • Benedict Evans

Benedict Evans:


It seems to me that when people talk about what you ‘can’t’ do on a device, there are actually two different meanings of ‘can’t’ in computing. There is ‘can’t’ as meaning the feature doesn’t exist, and there is ‘can’t’ as meaning you don’t know how to do it. If you don’t know how to do it, the feature might as well not be there. So, there is what an expert can’t do on a smartphone or tablet that they could do on a PC. But then there are all of the things that a normal person (the other 90% or 95%) can’t do on a PC but can do on a smartphone, because the step change in user interface abstraction and simplicity means that they know how to do it on a phone and didn’t know how to do it on a PC. That is, the step change in user interface models that comes with the shift from Windows and Mac to iOS and Android is really a shift in the accessibility of capability. A small proportion of people might temporarily go from can to can’t, but vastly more go from can’t to can. 

Meanwhile, while there are 1.5bn PCs, many of them shared, there are today around 3bn smartphones, and this will rise to 5bn or more in the next few years, out of 5.5bn people on Earth aged over 14… the price and distribution of smartphones means that billions more people will use smartphones for something than ever used a PC for anything at all. 

So, 100m or so people are doing things on PCs now that can’t be done on tablets or smartphones. Some portion of those tasks will change and become possible on mobile, and some portion of them will remain restricted to PCs for a long time. But there are another 3bn people who were using PCs (but mostly sharing them) but who weren’t doing any of those things with them, and are now doing on mobile almost all of the stuff that they actually did do on PCs, plus a lot more. And, there’s another 2bn or so people whose first computer of any kind is or will be a smartphone. ‘Creation on PC, consumption on mobile’ seems like a singularly bad way to describe this: vastly more is being created on mobile now by vastly more people than was ever created on PCs.


link to this extract

Errata, corrigenda and ai no corrida: none notified

Start Up No.949: AI finds missing voters, US cordcutters keep cutting, Creative Commons photos safe, White House goes deepfake, and more

YouTube’s algorithms can lead us down a rabbit hole – and they’re getting better at it. Photo by Kevin Dooley on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 8 links for you. Use them wisely. I’m @charlesarthur on Twitter. Observations and links welcome.

How YouTube’s recommendation algorithm really works • The Atlantic

Alexis Madrigal:


YouTube wants to recommend things people will like, and the clearest signal of that is whether other people liked them. Pew found that 64% of recommendations went to videos with more than a million views. The 50 videos that YouTube recommended most often had been viewed an average of 456 million times each. Popularity begets popularity, at least in the case of users (or bots, as here) that YouTube doesn’t know much about.

On the other hand, YouTube has said in previous work describing its algorithm that users like fresher content, all else being equal. But it takes time for a post to build huge numbers of views and signal to the algorithm that it’s worth promoting. So, the challenge becomes how to recommend “new videos that users want to watch” when those videos are new to the system and low in views. (Finding fresh, potentially hot videos is important, YouTube researchers have written, for “propagating viral content.”)

Pew’s research reflects this: About 5% of the recommendations went to videos with fewer than 50,000 views. The system learns from a video’s early performance, and if it does well, views can grow rapidly. In one case, a highly recommended kids’ video went from 34,000 views when Pew first encountered it in July to 30 million in August.

The behavior of the system was explicable in a few other ways, too, especially as it adapted to making more clicks inside YouTube’s system. First, as Pew’s software made choices, the system selected longer videos. It’s as if the software recognizes that the user is going to be around for a while, and starts to serve up longer fare. Second, it also began to recommend more popular videos regardless of how popular the starting video was.

These conditions were almost certainly not hard coded into the algorithmic decision making. Like most of the Google sister companies, YouTube uses deep-learning neural networks, a kind of software that retunes its outputs based on the data fed into it. It’s not that a YouTube engineer said, “Show people kids’ videos that are progressively longer and more popular,” but rather that the system statistically deduced that this would optimize along all the dimensions YouTube desires.


The idea that YouTube’s algorithm is now going beyond simple understanding – why this video and not that? – and entering the point where it’s just trying to suck people in is quite unsettling when you consider that similar algorithms can beat the world’s best Go players.

At some point does it find a video sequence that nobody will be able to tear themselves away from?
link to this extract

Pay TV just lost one million subscribers in biggest quarterly loss ever • Exstreamist

Rob Toledo:


An executive at a major cable company said a few years ago that cutting the cord was a fad, and would not impact business in the long term.

This conversation was over two years ago, and almost every quarter since then, we have written the same article: that a record number of people are cutting the cord, ditching their expensive cable packages for more more flexible streaming services.

BTIG media analyst Rich Greenfield tweeted this week that cable and satellite companies lost over one million subscribers in the last quarter. This is the biggest loss of subscribers in one quarter seen by the pay TV industry ever.

Let that sink in. Over one million (now former) subscribers ditched their cable in a three month period.

This is not an anomaly, as each quarter for at least the past three years has seen quarterly falloff of cable and satellite customers.

In 2016, there were an estimated 99 million pay TV subscribers in the United States, with each year seeing a big decline, with estimates expecting this number to keep dropping.

While it used to be fairly simple in that a consumer several years ago would cancel their subscription and simply sign up for Netflix, the number of streaming services is on a rapid rise as well, which analysts believe has accelerated the cancellation of cable.


I wonder if Americans actively like the lack of adverts on services such as Netflix. This trend looks set to continue.
link to this extract

The Free Music Archive is closing this month • The Verge

Bijan Stephen:


The Free Music Archive was founded in 2009, the same year Barack Obama was inaugurated as this country’s first black president. As a project directed by the legendary Jersey City radio station WFMU, it was to be a “library of high-quality, legal audio downloads,” a place where artists could share their music and listeners could enjoy it for free. Now, following a funding shortage, the FMA plans to close sometime this month.

“The future is uncertain, has been my mantra lately,” says Cheyenne Hohman, who’s been the director of the Free Music Archive since 2014. The shutdown date was initially November 9th, but it has since been pushed back to November 16th because the FMA is in early talks with four different organizations that are interested in taking the project over. “The site may stay up a little bit longer to ensure, at the very least, that our collections are backed up on and the Wayback Machine.”

Even so, it’s not a perfect solution. “If it just goes into, it’s going to be there in perpetuity, but it’s not going to be changing at all,” Hohman says. “It’s not going to be the same thing, that sort of community and project that it was for … almost 10 years.”


link to this extract

Another use for AI: finding millions of unregistered voters • The New York Times

Steve Lohr:


For the last four years, Mr. Jonas has used his software for a multistate project known as Electronic Registration Information Center that identifies eligible voters and cleans up voter rolls. Since its founding in 2012, the nonprofit center has identified 26 million people who are eligible but unregistered to vote, as well as 10 million registered voters who have moved, appear on more than one list or have died.

“I have no doubt that more people are voting as a result of ERIC,” said John Lindback, a former senior election administrator in Oregon and Alaska who was the center’s first executive director.
Voter rolls, like nearly every aspect of elections, are a politically charged issue. ERIC, brought together by the Pew Charitable Trusts, is meant to play it down the middle. It was started largely with professional election administrators, from both red and blue states.

But the election officials recognized that their headaches often boiled down to a data-handling challenge. Then Mr. Jonas added his technology, which has been developed and refined for decades. It is artificial intelligence software fine-tuned for spotting and resolving identities, whether people or things.

“Every time you get two pieces of junk mail from the same place, that’s an entity resolution problem,” Mr. Jonas said. “They’re missed, but entity resolution problems are everywhere.”

Shortly after the election administrators tapped him, Mr. Jonas sketched out how his technology might be applied to their challenges. And they needed to take a very different path than another data-matching initiative, the Interstate Voter Registration Crosscheck System, which was already underway.

Crosscheck was begun in 2005, led by Ron Thornburgh, then the Republican secretary of state in Kansas, and later championed by Kris Kobach, the Republican secretary of state who is running for governor of Kansas.


I’m sure this will shock you, but Crosscheck produced lots of false positives which disenfranchised people wrongly, whereas ERIC is intended to both improve voter access and clean voter rolls so they’re more accurate.
link to this extract

2018 iPad Pro review: “What’s a computer?” • Ars Technica

Samuel Axon:


iOS is excellent software for phones, but it is not up to the task of driving creative professionals’ power user ambitions on a tablet—not even close. Copying, pasting, and editing text is an enormous hassle if you’re doing anything other than scribbling a couple of notes or shooting off an email. The multitasking features expanded upon in iOS 11 are still neat, and the iPhone X-like gesture for swiping quickly between apps like you’d swipe between Spaces on a Mac is powerful. But using this machine, you’ll be laboriously swiping between apps constantly to do the smallest things.

I already talked about the iPad Pro’s frustrating limitations of the USB-C connection and the lack of OS-wide support for external drives. This stuff is essential for power users, and iOS just doesn’t deliver. If you’ve ever used an iPad for productivity before, you know what I’m talking about. It’s infuriatingly close, and it gets marginally closer with each passing year, yet it never quite seems to arrive.

The problems here are surprising in part because they are very un-Apple. The company’s pitch to consumers and professionals alike has always been about the advantages of end-to-end integration, and that includes software and hardware built to work well together. But iOS feels like it is built for a completely different device, given that the new iPad Pro’s ambitions are much greater than those of prior iPads, or of the iPhone.

Then there’s app support. The OS’s limitations would be more tolerable if third-party (and first-party) apps picked up the slack, and the development tools are there to make it happen. Unfortunately, too many of the “pro” apps for the iPad Pro are deliberately stripped down for the tablet. And there are numerous tools that creatives and professionals would love to see on the iPad that just aren’t there.


I don’t agree. I’ve written and edited most of a book on an iPad Pro; I’ve produced and edited and given presentations from one. His criticism of the music element – that there’s no 3.5mm jack, and you need a wired connection for good audio editing – is strong on its face, but they you buy a $80 7-in-1 USB-C dongle from Hypershop which provides multiple USB-A, HDMI, SD, USB-C… and a 3.5mm jack.

Sure, dongles are an annoyance. But it’s there.
link to this extract

The Commons: the past is 100% part of our future • Flickr Blog

Don MacAskill is CEO of SmugMug (and now Flickr too):


The Big Three at Yalta

Photos from NASA, The Smithsonian, The National Archives UK, and The British Library, for example, have been shared in The Flickr Commons. As part of The Flickr Commons, all these organizations already were Pro or have received a free Pro account from us, so they have unlimited storage.

The Creative Commons (CC) organization has developed a suite of licenses that give individual photographers or groups great tools for licensing their photography for others to freely use. The photographer keeps their copyright and gives the public an easy way to use their images as long as the license terms are followed.

The Flickr Commons and Creative Commons are different, thus our storage changes affect each differently (or not at all).

Are Commons Photos Being Deleted?

No. And once more for good measure: no, Commons photos are not being deleted.

The Flickr Commons photos (those uploaded by the archival, governmental, etc. institutions we are working with) are safe. We are extremely proud of these partnerships. These photos won’t be deleted as a result of any of our announced changes. The only reason they’d disappear is if the organization that uploaded them decided to delete them.

Photos that were Creative Commons licensed before our announcement are also safe. We won’t be deleting anything that was uploaded with a CC license before November 1, 2018. Even if you had more than 1,000 photos or videos with a CC license. However, if you do have more than 1,000 photos or videos uploaded, you’ll be unable to upload additional photos after January 8, 2019, unless you upgrade to a Pro account.


Phew. (All the photos used to illustrate The Overspil are CC-licensed.)
link to this extract

New auto safety technologies push repair bills up • IEEE Spectrum

Robert Charette:


There is little debate over whether advanced driver assistance systems (ADAS) could reduce both the number and severity of vehicle crashes. A 2015 study [PDF] by the Motor & Equipment Manufacturers Association and Boston Consulting Group says equipping new vehicles with technologies including blind-spot warning, lane-departure warning, and collision-mitigation braking systems could eventually save 10,000 lives and eliminate or reduce the severity of millions of nonfatal injuries from motor vehicle accidents.

The additional cost of these advanced driver-assistance systems has slowed their adoption, however. A collision-mitigation system alone can increase the cost of a new vehicle by US $1,500 or more. Further, new research by the American Automobile Association (AAA) shows a significant increase in the cost of repairing these systems after even a minor accident. This finding could put off auto buyers even more.

According to AAA research, vehicles equipped with advanced safety features “can cost twice as much to repair following a collision due to expensive sensors and their calibration requirements.” For instance, a windshield repair for vehicles equipped with automatic emergency braking, adaptive cruise control, and lane departure warning systems could run as high as $1,650, the AAA found. This is in comparison to a typical windshield replacement cost which runs $210 to $230, although it is not uncommon to see it go as high as $500, according to Glass America.


Would it make you drive more carefully, perhaps?
link to this extract

White House shares doctored video to support punishment of journalist Jim Acosta • The Washington Post

Drew Harwell:


Critics said that video — which sped up the movement of Acosta’s arms in a way that dramatically changed the journalist’s response — was deceptively edited to score political points. That edited video was first shared by Paul Joseph Watson, known for his conspiracy-theory videos on the far-right website Infowars.

Watson said he did not change the speed of the video and that claims he had altered it were a “brazen lie.” Watson, who did not immediately respond to requests for comment, told BuzzFeed he created the video by downloading an animated image from conservative news site Daily Wire, zooming in and saving it as a video — a conversion he says could have made it “look a tiny bit different.”

Side-by-side comparisons support claims from fact-checkers and experts such as Jonathan Albright, research director of the Tow Center for Digital Journalism at Columbia University, who argued that crucial parts of the video appear to have been altered so as to distort the action.

A frame-by-frame breakdown by Storyful, a social-media intelligence firm that verifies media content, found that the edited video included repeated frames that did not appear in the original footage. The repeated frames were shown only at the moment of contact and made Acosta’s arm movement look more exaggerated, said Shane Raymond, a journalist at Storyful.

The video has quickly become a flashpoint in the battle over viral misinformation, turning a live interaction watched by thousands in real time into just another ideological tug-of-war. But it has also highlighted how video content — long seen as an unassailable verification tool for truth and confirmation — has become as vulnerable to political distortion as anything else.


First: how pathetic that the White House can’t use its own video. Second: utterly pathetic that it uses something from a conspiracy site; have they no pride? Third: didn’t expect that we’d be talking about doctored videos literally the day after I linked to a New Yorker article on it. Fourth: that the US can’t have any topic at all without it descending into partisan fury is a sad indictment of its political immaturity. It’s actually going backwards.
link to this extract

Errata, corrigenda and ai no corrida: none notified

How to find out if you’re paying an App Store subscription without realising it – and what Apple needs to do

There have been a number of articles recently with horror stories of unscrupulous developers who essentially con people into signing up for subscriptions to apps on the App Store; these can rake in huge amounts of money.

Of course you’re thinking: I don’t do that! I’d never fall for it. (Postscript: see my update at the end.)

But you can. As Sarah Perez writes,

They do this by intentionally confusing users with their app’s design and flow, by making promises of “free trials” that convert after only a matter of days, and other misleading tactics.

You think you won’t fall for it, but a lot of people do: the No.69 top grossing app gets $14.3m per year, and it’s a document scanner. Huh?

So because it’s important to know how to find out whether you’re on a subscription, here’s how to find it in iOS. (Here’s Apple’s page explaining how, but mine has nice pictures.)

First, go to Settings. There’s your account at the top: press on that. This takes you to the Apple ID area.

You want to press on the “iTunes and App Store” one:

This will take you through to a screen where the top link – though it doesn’t necessarily look like a link – is your Apple ID. (It’s in blue, so that tells you it is a link.) Press it.

OK, we’re nearly there! Now you want to choose “View Apple ID” from the menu below:

And now there’s yet another page: you want to go to the bottom of this, where it says “Subscriptions”. Press that.


Congratulations! You’ve beaten the boss level and your prize is to see what you’re subscribed to.

Hmm, looks like I don’t have any dodgy subscriptions that I ought to be worried about. But if there is something there you don’t like or don’t recognise, then press on that and it will take you to a page which will allow you to cancel the subscription immediately. It won’t tell you when you signed up, nor how much you’ve spent on it – both pieces of data that arguably would help in tracking back on scams – but at least you can stop it.

Now, this will probably strike you as pretty complex. Nobody’s going to come across that screen by accident; it’s quite possible that you wouldn’t come across it even if you were searching for “Subscriptions”, because a search in the Settings doesn’t show it up. Nor do my subscriptions to Apple Music and iTunes Match show up in the settings for Music. Your subscriptions are really hard to find.

This is bad in all sorts of ways, but it’s indicative of how subscriptions have sneaked up on Apple almost without it realising – even though adding subscriptions to apps was A Big Thing, back in 2011, and then again in 2016 when Apple revised the terms to make it easier to make money from them.

There are already good ideas about how this should be tackled. I liked this suggestion on Twitter from Trevor Phillippi (who is a product designer at Facebook):

His comment was “I’d love it if iOS did something like this. I just checked my subscriptions and wow, I’ve been passively wasting a bunch of money.”

He’s absolutely right: it wouldn’t be that hard to institute a monthly check of what you do and don’t use (that information is onboard the device) and what you’re signed up to (that info isn’t onboard; you can confirm this by putting your phone or iPad on Airplane mode and trying to access the “View Apple ID” info).

One obvious objection to this is that you might not be accessing the app you’re subscribed to on one device, but you are on another – a classic example would be Netflix: you don’t watch it on your phone but you do on your iPad. This is another reason why it’s Apple which has to institute this procedure, since (again) it will be able to see usage data. (We can get into the thickets of “you don’t use this app on your devices but someone else in your Family group does, so is that OK?” But first let’s fix this.)

There’s one small wrinkle, though truly for Apple it shouldn’t be. With hardware sales slowing, Apple has been pushing the narrative of its growing Services business with Wall St and hence investors. Subscription revenues, and Apple’s 30%-15% (in the second year and onwards) cut, feed into that Services chunk, which is now the second-largest source of revenue after iPhones. (It’s a long way behind, but growing quite fast.

Telling people that they’re not using subscriptions which they’ve signed up to would surely lead to more discontinuations, which means less money for developers and for Apple’s Services business. But where that churn is caused by fakes, this is a net positive for Apple. Users will feel reassured that Apple is looking after their interests, and discouraging scammy apps. Apple would also be able quite easily to spot apps which suddenly have above-average numbers of subscription discontinuations, and investigate them. Less money, but more trust; Apple isn’t going to miss $14.3m per year, but the people who didn’t realise they were signed up to a document scanning subscription service will be happy for it.

All that starts, though, with making it easier in the first place to find what the hell you’re subscribed to. Apple needs to create a “Subscriptions” tab in Settings that isn’t buried multiple layers down.

We’ve been here before: in-app purchases (IAPs) quickly gained a terrible reputation, and it took multiple pieces of bad publicity before Apple, and Google, and Amazon acted to make it harder for kids to run up four-figure charges on their parents’ credit cards. Subscriptions are just the new front in the forever war against bad actors on the app stores. But as with all the previous ones – non-functional apps at ridiculous prices, ripoff apps at ridiculous prices, spyware apps at rock-bottom prices, IAPs – it’s a battle that Apple needs to win in order to keep the confidence of its customers.

Postscript: after this was written and published, two people got in touch to point out that I don’t need both iTunes Match and Apple Music subscriptions: Apple Music will now do the things that iTunes Match used to. (It didn’t previously – I’ve had iTunes Match for years – but as this iMore article points out, since 2016 it does.) As pictured.

Apple Music/iTunes Match: now the same

Apple Music, iTunes Match: now basically the same thing.

So not only has this post (I hope) saved some people some money, it has saved me some money. I’d call that a success.

Start Up No.948: the deep fakes problem, Wisconsin dumps Foxconn fave, folding screens ahoy!, Bristol’s spying phoneboxes, and more

What if we said… it’s a spaceship? Artist’s impression via European Southern Observatory on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 13 links for you. Use them wisely. I’m @charlesarthur on Twitter. Observations and links welcome.

In the age of A.I., is seeing still believing? • The New Yorker

Joshua Rothman on the rise of “deep fakes”:


As alarming as synthetic media may be, it may be more alarming that we arrived at our current crises of misinformation—Russian election hacking; genocidal propaganda in Myanmar; instant-message-driven mob violence in India—without it. Social media was enough to do the job, by turning ordinary people into media manipulators who will say (or share) anything to win an argument. The main effect of synthetic media may be to close off an escape route from the social-media bubble. In 2014, video of the deaths of Michael Brown and Eric Garner helped start the Black Lives Matter movement; footage of the football player Ray Rice assaulting his fiancée catalyzed a reckoning with domestic violence in the National Football League. It seemed as though video evidence, by turning us all into eyewitnesses, might provide a path out of polarization and toward reality. With the advent of synthetic media, all that changes. Body cameras may still capture what really happened, but the aesthetic of the body camera—its claim to authenticity—is also a vector for misinformation. “Eyewitness video” becomes an oxymoron. The path toward reality begins to wash away.

In the early days of photography, its practitioners had to argue for its objectivity. In courtrooms, experts debated whether photos were reflections of reality or artistic products; legal scholars wondered whether photographs needed to be corroborated by witnesses. It took decades for a consensus to emerge about what made a photograph trustworthy. Some technologists wonder if that consensus could be reëstablished on different terms. Perhaps, using modern tools, photography might be rebooted…

…Citron and Chesney indulge in a bit of sci-fi speculation. They imagine the “worst-case scenario,” in which deepfakes prove ineradicable and are used for electioneering, blackmail, and other nefarious purposes. In such a world, we might record ourselves constantly, so as to debunk synthetic media when it emerges. “The vendor supplying such a service and maintaining the resulting data would be in an extraordinary position of power,” they write; its database would be a tempting resource for law-enforcement agencies. Still, if it’s a choice between surveillance and synthesis, many people may prefer to be surveilled. Truepic, McGregor told me, had already had discussions with a few political campaigns. “They say, ‘We would use this to just document everything for ourselves, as an insurance policy.’ ”


link to this extract

Murphy’s law: 33 Wisconsin election winners and losers • Urban Milwaukee

Bruce Murphy has 33 lessons from Tuesday’s election in Wisconsin, which threw out Trump-backed Foxconn-backing incumbent governor Scott Walker:


Loser: Foxconn. The company was all in for its generous benefactor Scott Walker, announcing three suspicious satellite innovation centers in Milwaukee, Eau Claire and Green Bay, in order to convince voters their massive $4.1 billion subsidy would benefit the whole state, but polls show it didn’t work. Now they will face a Democratically-appointed DNR secretary, who may have different ideas about how much air and water pollution — and how much withdrawal of Lake Michigan water — is allowed. 


This is going to be one to keep an eye on. In other news, Wisconsin approved marijuana use, so that’s an alternative use for those fields, perhaps.
link to this extract

Google is adding native foldable device support to Android • Neowin

Rich Woods:


Google today announced that it will be adding native support for “foldables” into Android. These are devices with foldable displays, the first of which will come from companies like LG and Samsung.

The way it works is that when devices are folded, they look like regular smartphones, but when you open them up, there’s a larger screen. The idea is to seamlessly transfer the contents of the smaller screen onto the larger one.

The good news is that most Android apps are already optimized for different screen sizes, resolutions, and aspect ratios. After all, Android is a very diverse ecosystem that ranges from low-end phones with low screen resolutions to flagship phones that are QHD. There are aspect ratios from 4:3 to 19.5:9, and screen sizes that go from a few inches to the size of a desktop PC.

But native support is something that’s meant to prevent fragmentation. If this doesn’t happen, then OEMs will have to create their own implementations, which could result in different experiences across the board. We’ve seen this before, with fingerprint sensors and screen notches, both of which started appearing before there was native support in the OS.


link to this extract

Pokemon Go earned $73m in October •

Rebekah Valentine:


Pokemon GO has once again seen a relatively successful month, though it’s coming down slightly after a summer surge. Niantic’s location-based AR adventure brought in $73m in revenue for October, a 67% year-over-year increase.

This is still a bit of a dip from the game’s summer high, but given the game is in many regards a seasonal one, the slight drop is unsurprising and in line with what Niantic has seen in past years as the weather grows colder.

What’s more interesting about the numbers from Sensor Tower is both that the game seems to be doing better this year than last, cold weather aside, and that it also narrowly edged out Fortnite (on mobile) for total revenue last month.


You’d forgotten all about Pokemon Go, hadn’t you.
link to this extract

Data from millions of smartphone journeys proves cyclists faster in cities than cars and motorbikes • Forbes

Carlton Reid:


That bicyclists are faster in cities will come as no surprise to bicycle advocates who have staged so-called “commuter races” for many years. However, these races – organized to highlight the swiftness of urban cycling – are usually staged in locations and at hours skewed towards bicycle riders. The Deliveroo stats are significant because they have been extracted from millions of actual journeys.

And it’s all thanks to Frank.

Frank is the name Deliveroo gives its routing algorithm (the name was chosen for the Danny DeVito character in the TV series It’s Always Sunny in Philadelphia.)

Delivering millions of simultaneous orders from thousands of restaurants to hungry consumers within 30 minutes using roving self-employed couriers equipped with smartphones is a complex vehicle routing problem: consumers want piping hot food; restaurants want meals picked up when cooked; riders – paid per drop – want multiple deliveries per hour, and Deliveroo needs to make money.


Good in-depth article about Deliveroo; and cyclists have repeatedly proven to be faster through cities than any other form of transport.
link to this extract

Oumuamua: cigar-shaped UFO might have been an alien probe • NY Mag

Eric Levitz:


In October of last year, a mysterious, cigar-shaped interstellar object fell through our solar system at an extraordinary speed. When the Pan-STARRS 1 telescope in Hawaii first discovered “Oumuamua” — the object’s official nickname, meaning “a messenger who reaches out from the distant past” in Hawaiian — researchers assumed that it was an ordinary comet or asteroid. But the longer they observed Oumuamua, the more improbable that hypothesis appeared: After all, what kind of asteroid is ten times longer than it is wide, and suddenly accelerates in speed, for no discernible astrophysical reason?

A new paper from scientists at the Harvard-Smithsonian Center for Astrophysics offers an answer: the kind of asteroid that is actually a solar-powered component of an alien spacecraft that broke off its mothership while investigating Earth’s solar system.

Specifically, the paper postulates that Oumuamua is a “solar sail” — an object that propels itself through space by channeling solar energy, which is a technology that intelligent life-forms (such as they are) on Earth have already developed. This hypothesis would explain why Oumuamua suddenly accelerated while traveling through our solar system.


You look at it and you think: actually, could be. Though plenty of scientists really don’t think so.
link to this extract

Opinion: Bristol’s new phoneboxes could end up spying on you • The Bristol Cable

Adrian Short on a plan to replace 25 BT phoneboxes with “BT InLinkUK” ones offering free calls and Wifi – with ads, and tracking:


When Transport for London (TfL) trialled a similar system on the Tube in 2016, their promises of “de-personalised” data collection fell apart when someone made a Freedom of Information Act request for the data. TfL decided that releasing it would be likely to breach people’s privacy.

“No city should grant anyone blanket permission to run a surveillance system on their streets”
There are also concerns around advertising. AdBlock Bristol have objected to the plans to flood the city with more screens, saying: “People in Bristol are increasingly concerned about the ongoing commercialisation of our public spaces, particularly through digital advertising.

“The council should be listening to those concerns, not blindly allowing dozens more digital advertising screens into our city.”

Bristol needs to decide whether a proliferation of advertising screens and enabling companies like Google to track people and vehicles around the city is a price worth paying for free phone calls and wifi.

But Bristolians won’t get that chance because there is no high-level process for making that decision or blocking the system if residents don’t want it. The process we have is simply to decide 25 minor planning applications, something normally so low-level that it doesn’t even get referred to the city’s councillors.

I’ve been working with AdBlock and the design technologist Ross Atkin to persuade councillors to take responsibility for the InLink system by making these decisions themselves rather than delegating to planning officers.

Councillors should be looking at the overall effect of the network, not just the individual kiosks.


link to this extract

Large hydropower dams ‘not sustainable’ in the developing world • BBC News

Matt McGrath:


Hydropower is the source of 71% of renewable energy throughout the world and has played a major role in the development of many countries.

But researchers say the building of dams in Europe and the US reached a peak in the 1960s and has been in decline since then, with more now being dismantled than installed. Hydropower only supplies approximately 6% of US electricity.

Dams are now being removed at a rate of more than one a week on both sides of the Atlantic.
The problem, say the authors of this new paper, is that governments were blindsided by the prospect of cheap electricity without taking into account the full environmental and social costs of these installations.

More than 90% of dams built since the 1930s were more expensive than anticipated. They have damaged river ecology, displaced millions of people and have contributed to climate change by releasing greenhouse gases from the decomposition of flooded lands and forests.

“They make a rosy picture of the benefits, which are not fulfilled and the costs are ignored and passed on to society much later,” lead author Prof Emilio Moran, from Michigan State University, told BBC News.

His report cites the example of two dams on the Madeira river in Brazil, which were finished only five years ago, and are predicted to produce only a fraction of the power expected because of climate change.


link to this extract

Apple walks Ars through the iPad Pro’s A12X system on a chip • Ars Technica

Samuel Axon:


Apple is pushing up against high-end laptop and even desktop performance here, depending on what you’re using for comparison. Granted, comparing architectures can be Apples (ahem) and oranges. Apple’s CPU efforts are industry-leading on the mobile side of things, but they’re not perfect. While Apple focuses on performance, Qualcomm, well, doesn’t—partly because it essentially has a monopoly in the Android world and may not feel it even needs to, but partly because it focuses on connectivity. (Qualcomm’s modems are industry-leading, even if its CPUs are not.)

There’s one intriguing bit of context for all of this that Apple won’t acknowledge in its discussions with Ars or anyone else: Macs are still on Intel chips. It’s obvious to those who follow the company closely why that status quo isn’t providing what Apple needs to move forward in its strategies. Further, a Bloomberg report citing sources close to the company claimed that Apple plans to launch a Mac with custom silicon—and we’re talking CPU here, not just the T2 chip—are in the works.

Apple has come to dominate in mobile SoCs. In a lot of ways, though, Qualcomm has been an easy dragon to slay. Should Apple choose to go custom silicon route on the Mac platform, Intel will not be quite as easy to beat. But the rapid iteration that has led to the iPad Pro’s A12X makes a compelling case that it’s possible.

Apple won’t talk about its future plans, of course. You could say that’s all in the future, but when you have a 7nm tablet chip that rivals the CPU and graphics performance of most laptops and beats two out of five of the modern gaming consoles on the market with no fan at barely over a pound and less than a quarter-inch thick… it feels a bit like at least some particular future is now.

Now, if only there were iOS versions of Final Cut, Xcode, and Logic.


Axon also brings up one other point: Apple has implemented machine learning chips in its phones and, now, tablets. When are they going to come to the Mac? What particular role would they play there? Do they need ARM Macs? You’d have to think that it would be a whole lot easier to implement on a desktop than a phone.
link to this extract

Ford buys electric scooter startup Spin • TechCrunch

Megan Rose Dickey:


Spin was one of the three companies that initially deployed its scooters in San Francisco back in March. Along with Bird and Lime, Spin was forced to remove its electric scooters from the city until the city determined a permitting process. Since failing to receive a permit to operate, Spin has been one of the more quiet scooter startups in the industry. Though, next week, Spin is meeting with the city of San Francisco to appeal the denial of its permit to operate electric scooters in the city.

As of June, Spin had a contract with electric scooter manufacturer Ninebot, owned by Segway, to purchase 30,000 scooters a month through the end of this year, according to a source. It’s not completely clear why Ford feels the need to acquire Spin — let alone any electric scooter company — instead of just forming partnerships with scooter manufacturers to launch its own service.

That same month, Spin was in the process of finalizing a $125m security token. The idea with Spin’s security token offering is to raise money from accredited investors, who will then be entitled to a portion of the revenue from Spin’s electric scooter operations, according to a source close to Spin. With STOs, investors can buy tokens that are linked to real-world financial instruments. In the case of Spin’s offering, the tokens are linked to its revenue. Spin had previously raised $8m in traditional venture funding.


The story was broken by Axios, but the context here is far more worthwhile. “A mercy killing”, according to one observer. Spin has been struggling for finance.

Interesting move by Ford, though.
link to this extract

Samsung Infinity Flex display: folding phone concept revealed • Gearbrain

Alistair Charlton:


After months of rumors, teasers and anticipation, Samsung has finally revealed its first folding smartphone — but there’s a catch.

Shown off by CEO and president DJ Koh during the opening keynote of the annual Samsung Developer Conference in San Francisco, the Infinity Flex Display is only a prototype for now, and won’t be ready to buy until 2019.

The concept comes just days after Royole announced the FlexPai, which the company claims is the world’s first smartphone to feature a folding display, and early adopters should receive in late-December.

Unlike the production-ready FlexPai, Samsung is not ready to reveal its finished product just yet. The device shown on stage was bulky — especially when viewed in the closed position — but Samsung reassured the audience that “there’s a device inside here and it is stunning.”

Regarding durability, Samsung says the display can be folded “hundreds of thousands of times” without being damaged. The company also said the display is the thinnest it has ever made. Mass production, Samsung says vaguely, will begin “in the coming months.”


Vague. Very vague. Meanwhile…
link to this extract

Hands-on with the world’s first foldable smartphone – Android Authority

Bailey Stein:


In its extended position, the FlexPai is more similar to a tablet than a smartphone. It features a 7.8-inch 1440p AMOLED display. The display itself is bright and offers saturated colors; I didn’t notice any difference in quality compared to standard AMOLED panels in traditional smartphones on the market today.

As you may have noticed, the display is sized at a 4:3 aspect ratio, presumably so the device can better function like a traditional phone when folded.

The folding mechanism is supported by a hinge composed of over 100 unique components. The hinge seems very sturdy, but obviously the real technical achievement comes in the form of the flexible display. In addition to the underlying flexible display panel, Royole is using a type of flexible plastic material instead of the familiar cover glass.

While the plastic does not feel nearly as premium as glass, it’s probably the best material available for the task. As an added benefit, it effectively makes the FlexPai shatterproof.

Taking the Royole FlexPai from tablet to phone mode is pretty straightforward. It’s just a matter of taking both sides and folding it down the middle. The hinge supports pretty much every angle, so you can fold and use it in any position you wish. Royole claims the FlexPai can be folded at least 200,000 times, which should be enough for several years of normal use.


Gimmick? Or wave of the future?
link to this extract

Police crack encrypted chat service IronChat and read 258,000 messages from suspected criminals • Hot For Security

Graham Cluley:


Police haven’t described how they made the breakthrough of managing to crack the IronChat system, and snoop upon encrypted messages, but the suspicion will be that the encrypted chat app had a weakness – such as its reliance on a central server.

In a statement, police in the Netherlands explained that as a result of their surveillance, law enforcement agencies have seized automatic weapons, large quantities of hard drugs (MDMA and cocaine), 90,000 Euros in cash, and dismantled a drugs lab.

In addition, a number of suspects are also said to have already been arrested, with multiple searches taking place in various locations around the country.

“This operation has given us a unique insight into the criminal world in which people communicated openly about crimes,” said Aart Garssen, Head of the Regional Crime investigation Unit in the east of the Netherlands.

Police only decided to shut down the service after they became aware that criminals were beginning to suspect each other of leaking information to the police, introducing a very real risk that there could be a threat to individuals’ safety. For this same reason, Dutch authorities decided to go public about their access to the chat system at a press conference.


link to this extract

Errata, corrigenda and ai no corrida: none notified

Start Up No.947: InfoWars sneaks back onto Facebook, don’t blockchain the vote, the end of mobile apps?, why passwords survive, and more

Say hello to the fastest single-core Mac you can buy. Yup, the Mac mini. Photo by tua ulamac on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 10 links for you. Demand a recount if you want. I’m @charlesarthur on Twitter. Observations and links welcome.

Blockchain-based elections would be a disaster for democracy • Ars Technica

Timothy Lee:


“Mobile voting is a horrific idea,” said election security expert Joe Hall when I asked him about a West Virginia experiment with blockchain-based mobile voting back in August.

But on Tuesday, The New York Times published an opinion piece claiming the opposite.

“Building a workable, scalable, and inclusive online voting system is now possible, thanks to blockchain technologies,” writes Alex Tapscott, whom the Times describes as co-founder of the Blockchain Research Institute.

Tapscott is wrong—and dangerously so. Online voting would be a huge threat to the integrity of our elections—and to public faith in election outcomes.

Tapscott focuses on the idea that blockchain technology would allow people to vote anonymously while still being able to verify that their vote was included in the final total. Even assuming this is mathematically possible—and I think it probably is—this idea ignores the many, many ways that foreign governments could compromise an online vote without breaking the core cryptographic algorithms.

For example, foreign governments could hack into the computer systems that governments use to generate and distribute cryptographic credentials to voters. They could bribe election officials to supply them with copies of voters’ credentials. They could hack into the PCs or smartphones voters use to cast their votes. They could send voters phishing emails to trick them into revealing their voting credentials—or simply trick them into thinking they’ve cast a vote when they haven’t.

Tapscott says these concerns are no big deal because voters can always check later to see if their vote was recorded properly.

“Because of the clear chain of custody, citizens could prove that their voting tokens had been stolen,” he writes.

But let’s think about how this would play out in practice. Suppose it’s mid-November 2020 and Donald Trump has narrowly won reelection. A few thousand voters in key swing states come forward to say that they intended to vote for Trump’s opponent but their vote was recorded for Trump instead. Thousands of others say they tried to vote for Trump—or against him—but their votes weren’t counted.

Was that due to hackers meddling with the vote, technical snafus, or user error? Were some of them just misremembering how they had cast their ballots? There would be no way to know for sure.


Why replace something that everyone understands with something that doesn’t? Paper ballots are simple, really hard to forge, checkable.
link to this extract

Where trolls reigned free: a new history of reddit • The New York Times

David Streitfeld reviews a new book about reddit:


The title “We Are the Nerds” doesn’t really fit the tale. “We Are the Trolls” would have made much more sense. “I was always kind of an [expletive],” [co-founder Steve] Huffman explains early on. [The author, Christine] Lagorio-Chafkin bluntly calls him “a total troll.” He was also a genius programmer. The great achievement of the social internet was to unleash jerkdom for many while monetizing it for a few.

The Reddit tale is an indictment of Silicon Valley, something Lagorio-Chafkin seems to sense but never confronts head-on, perhaps because she is so grateful for access to Huffman and [co-founder Alexis] Ohanian. “Two nice guys who made it, by crafting something incredible and yet ridiculously unwieldy, with no lack of turbulence along the way,” Lagorio-Chafkin writes in an author’s note. A more accurate summation might be: “Two inexperienced young guys created something they didn’t understand and couldn’t control.”

It’s all here anyway: the lack of adult oversight; the suck-up press; the growth-at-any-cost mentality; the loyal employees, by turns abused and abusive (memo from management: “You do realize you were talking about penises for 90 minutes, right?”); the defense of horrendous behavior as “free speech”; the jettisoning of “free speech” when it served corporate purposes; the way no one seeks permission but all expect forgiveness…

…Reddit became so offensive it was difficult to work there. A community manager who had a brief tenure in 2015 told Lagorio-Chafkin some of the reasons: “Child molesters, child porn, vicious stalking, rape threats, serious harassment, people taking the harassment offline and people filing police reports on each other.” One chief executive, stressed beyond endurance, simply stopped showing up for work. His replacement, Ellen Pao, tried to impose order in the office and on the site. The backlash led to her abrupt departure. Huffman returned and purged most of the staff.


Right, because purging the staff would accomplish..? At least we’re getting a history of this period of the internet.
link to this extract

The end is near for mobile apps • Medium

Lance Ng:


When smartphones first appeared, major corporations rushed to make apps. Then they realized it was a real headache to maintain them. Every time you update information on your website or promote a product, you have to do the same on your app. And every time a handset manufacturer updates its operating system, you have to debug your app to make sure it keeps working — plus there are the pains of managing bugs on different brands, models, and screen sizes. If you’ve ever been involved in mobile app development, you know what I’m talking about.

The truth is, unless you are a major retailer or content publisher that needs to sell or deliver to customers frequently, all you really need is a mobile-friendly website. If information is all people want, they’re going to Google it in a browser.

Given the first two points, this third is a logical evolution and is already happening in some parts of the world. It’s what the industry calls “building an ecosystem.” The strategy involves binding users’ daily behaviors and spending into their mobile apps.

A good example is how restaurants and cafes are integrating into food delivery apps instead of maintaining their own online order and delivery systems. In turn, these food delivery apps are consolidating with mobile wallet or ride-share apps to provide synergy and convenience to users. Consider Go-Jek, the biggest motorcycle ride-share app in Indonesia. To many people, it’s an all-in-one mobile wallet, ride-hailing, food delivery, and lifestyle services app.

Go-Jek took its inspiration from China’s WeChat, the biggest instant messaging app in that country, which has integrated just about every lifestyle service you can think of into their mobile wallet section.


The “platform rolling up apps” might apply in China, and possibly some parts of Asia, but I don’t see it happening in Europe. And for mobile apps: you do the updates to the web page and the app simultaneously via an API.
link to this extract

Getafix: how Facebook tools learn to fix bugs automatically • Facebook Code

Johannes Bader, Satish Chandra, Eric Lippert and Andrew Scott:


Modern production codebases are extremely complex and are updated constantly. To create a system that can automatically find fixes for bugs — without help from engineers — we built a tool that learns from engineers’ previous changes to the codebase. It finds hidden patterns and uses them to identify the most likely remediations for new bugs.

This tool, called Getafix, has been deployed to production at Facebook, where it now contributes to the stability of apps that billions of people use. Getafix works in conjunction with two other Facebook tools, though the technology can be used to address code issues from any source. It currently suggests fixes for bugs found by Infer, our static analysis tool that identifies issues such as null pointer exceptions in Android and Java code. It also suggests fixes — via SapFix — for bugs detected by Sapienz, our intelligent automated testing system for our apps. Having previously given an overview of SapFix and Sapienz, we are now offering a deep dive into how Getafix learns how to fix bugs (using the term broadly to refer to any code issues, not just those that will cause an app to crash).

The goal of Getafix is to let computers take care of the routine work, albeit under the watchful eye of a human, who must decide when a bug requires a complex, nonroutine remediation. The tool works by applying a new method of hierarchical clustering to many thousands of past code changes that human engineers made, looking at both the change itself and also the context around the code change. This method allows it to detect the underlying patterns in bugs and the corresponding fixes that previous auto-fix tools couldn’t.


This is amazing.
link to this extract

Here’s why [insert thing here] is not a password killer • Troy Hunt


Despite their respective merits, every one of these [proposed] solutions [to “replace the password”] has a massive shortcoming that severely limits their viability and it’s something they simply can’t compete with:

Despite its many flaws, the one thing that the humble password has going for it over technically superior alternatives is that everyone understands how to use it. Everyone.

This is where we need to recognise that decisions around things like auth schemes go well beyond technology merits alone. Arguably, the same could be said about any security control and I’ve made the point many times before that these things need to be looked at from a very balanced viewpoint. There are merits and there are deficiencies and unless you can recognise both (regardless of how much you agree with them), it’s going to be hard to arrive at the best outcome…

…Almost a year ago, I travelled to Washington DC and sat in front of a room full of congressmen and congresswomen and explained why knowledge-based authentication (KBA) was such a problem in the age of the data breach. I was asked to testify because of my experience in dealing with data breaches, many of which exposed personal data attributes such as people’s date of birth. You know, the thing companies ask you for in order to verify that you are who you say you are! We all recognise the flaws in using static KBA (knowledge of something that can’t be changed), but just in case the penny hasn’t yet dropped, do a find for “dates of birth” on the list of pwned websites in Have I Been Pwned. So why do we still use such a clearly fallible means of identity verification? For precisely the same reason we still use the humble password and that’s simply because every single person knows how to use it.

This is why passwords aren’t going anywhere in the foreseeable future and why [insert thing here] isn’t going to kill them. No amount of focusing on how bad passwords are or how many accounts have been breached or what it costs when people can’t access their accounts is going to change that.


Essentially, we’re stuck with what we started with, because it’s so widely used. Though biometrics on phones do offer even less friction, and are increasingly hard to fool.
link to this extract

Foxconn considers bringing Chinese workers to Wisconsin as US labour market tightens • WSJ

Yang Jie, Shayndi Raice and Eric Morath:


The company, the Taiwanese supplier to Apple, has been trying to tap Chinese engineers through internal transfers to supplement staffing for the Wisconsin plant, according to people familiar with the matter.

The state pledged $3 billion in tax and other “performance-based” incentives to help lure Foxconn, and local authorities added $764 million. Foxconn must meet hiring, wage and investment targets by various dates to receive most of those benefits.

The company promised the state it would invest $10bn and build a 22-million-square-foot liquid-crystal display panel plant, hiring 13,000 employees, primarily factory workers along with some engineers and business support positions.

Foxconn said its “Wisconsin first commitment remains unchanged,” in a written statement to The Wall Street Journal in response to questions about its hiring plans. In a separate statement it said it still plans to ultimately hire 13,000, and the majority “will work on high-value production and engineering assignments and in the research and development field.”


Foxconn says: nope nope nope. But Wisconsin’s unemployment rate is well below the national average.
link to this extract

The 2018 Facebook midterms, part 3: granular enforcement • Medium

Jonathan Albright has been investigating (right-wing) Facebook Pages which have absolutely colossal “engagement” – but is it real? There’s a lot of suspicious video views. But also something else:


Following the highly publicized “ban” in early August, Jones’ show and much of the removed InfoWars news content appears to have moved swiftly back onto the Facebook platform.

Here’s the deal: I was not tracking the InfoWars accounts that were inevitably going to reappear after the official accounts were banned on Facebook. In fact, when I encountered the Alex Jones’ livestream shown in the image below, I wasn’t looking for InfoWars. I was looking for Soros conspiracies.

And what did I get? The live high-definition stream of Jones’ show on Facebook — broadcast on one of the many InfoWars-branded Pages that is inconspicuously named “News Wars.”

Alex Jones’ program found me. To add more context, a couple weeks ago, I was looking for posts on Facebook related to the Soros-funded “caravan” rumor. For one of my searches, Jones’ live stream above, titled “A New Caravan of Invaders,” was one of the top twenty results returned on Facebook from the search.

What this unfortunate stoke of luck meant was that I found out Jones’ show has been broadcast nearly every day for the past three months on at least two Infowars-branded Facebook Pages. Nice ban.

News Wars, and a Page called “Infowars Stream” were being promoted by Facebook via its search and video recommendation algorithms for searches about conspiracies and politics — such as my query for “Soros caravan.”

Since the first day of August — the same week Jones’ and the largest of the InfoWars Pages were taken down — Jones’ InfoWars broadcasts — primarily the streams of Alex Jones’ daily “censored” talk show on InfoWars — have been viewed at least five million times. And over the same time period, these two Pages, with less than 30,000 followers combined, have reported almost 700,000 interactions.


Pages and Groups: real conduits for misinformation.

link to this extract

Security issues on ArtChain • Terence Eden’s blog

Eden found a trivial XSS hack which could be used on ArtChain, a site which “uses the blockchain to verify art” (or something):


It could be a lot worse. This simple demonstration is not malicious. An attacker could craft a script which phished for user credentials, tried to hijack the administrators’ cookies, or mined cryptocurrency. In short, a user or administrator could not trust the content on the page.
This was the site owner’s response to my investigation.

What Howard fails to realise is that it doesn’t matter that his platform is based on the BitCoin BlockChain. If an attacker can add malicious JavaScript to his site, then steal his credentials, it’s game over. The indelible nature of the BlockChain means that malicious or incorrect content stays there forever – losing control of your keys is a disaster.

There’s also the issue of trust in the website. If an attacker can rewrite the page – even temporarily – they could convince users to transfer money, ownership, or attention elsewhere.

When you view content on ArtChain, you have no way of knowing whether it is official or hacked. When the site displays a BitCoin address, it could be ArtChain’s – or it could be an attacker’s.


Blockchain can’t save you from hubris, ArtChain.
link to this extract

The 2018 Mac Mini •

Marco Arment uses a Mac mini at home as a home theatre mixer, Plex server, scanner server, photos backup and a host for his NAS (network attached storage); now he’s tested the new one, and really likes it:


It seemed for a while that Apple lacked any interest in making Macs anymore, especially desktops.

Last year, with the introduction of the absolutely stellar iMac Pro, Apple showed us a glimpse of a potential new direction. It was downright perfect — a love letter to the Mac and its pro desktop users, and a clear turnaround in the way the company views the Mac for the better.

We didn’t know until now whether the iMac Pro’s greatness was a fluke. But now we have another data point: the last two desktops out of Apple have been incredible. After this, I have faith that they’re going to do the new Mac Pro justice when it finally ships next year.

The new Mac Mini is a great update, out of nowhere, to a product we thought would never be updated again.

Of course, with Apple’s track record on the Mac Mini, it may never be updated after this. This is either the first in a series of regular updates with which Apple proves that they care about the Mac Mini again, or it’s the last Mac Mini that will ever exist and we’ll all be hoarding them in a few years. We can’t know yet.


The only negative is that it doesn’t have optical-out. But: four – count ’em – USB-C ports. It looks like a hell of a machine if you can find a static need for it.
link to this extract

New MacBook Air review: your next laptop has arrived (three years late) • WSJ

Joanna Stern:


This Thanksgiving let us all give thanks for the lack of a Touch Bar. The MacBook Pro’s touch-screen strip has proved to be nothing more than a novelty.

Absolutely not a novelty: Touch ID. The fingerprint sensor, embedded in the upper right corner of the new Air’s keyboard, beats typing in passwords. But why no Face ID, after two iPhone generations and a new iPad, not to mention Apple’s insistence that face recognition is more reliable and secure? Windows Hello, Microsoft ’s facial recognition for PCs, is quite good.

Performance should be the deciding factor between the MacBook Air and the MacBook Pro. If your days are filled with some combination of web browser tabs, email, documents, presentations, spreadsheets and light video or photo work, you won’t feel a performance difference between the Air and the Pro. In my tests, applications performed as snappily. But I saw a difference in more processor-intensive tasks—exporting or rendering video files, opening large batches of files, etc. For instance, the 2017 MacBook Pro exported a 4K video 45% faster than the new Air.

If you’re considering the small MacBook instead of the Air… just don’t. It costs more, runs slower and has shorter battery life.

The old Air’s battery life was once industry-leading: Thirteen hours—two cross country-flights—without needing a charge. The new Air delivers just around the same, depending on your usage and screen brightness. I made it through a full workday of intermittent use, plus more work after dinner, without needing to charge.

However, my tests indicate that the old Air still lasts longer.


She points out that the HP Spectre lasts even longer (15hr) and comes with more storage as standard (256GB); the 128GB of the base model here is “a blatant upsell”. And she’s not delighted by the new keyboard.

Apple’s PC line definitely doesn’t make sense now – the MacBook price is crazy – and Stern hits it right on the head: this upgrade is at least three years overdue.

Her video review is done in a hot air balloon (air, geddit?) and as always, deserving of your time.
link to this extract

Errata, corrigenda and ai no corrida: none notified

The iPad Pro: when software delays meet ‘real work’ reviewers

Illustration drawn on iPad Pro 2 with Sketchbook by Susan Murtaugh on Flickr. CC-BY licensed.

How long do you think it takes to redesign an iPad? Specifically, how long do you think Apple’s designers were working on the redesign of the iPad Pro that was unveiled in October 2018, three years after the first generation of iPad Pros?

I’d go for about two years. Probably not more, but probably not much less. Back in late 2016, the team doing the initial design specs for the 2018 hardware would have had a few targets in mind – particularly, USB-C for its connector port, an interface introduced on the Mac line in 2015. They’d have known it was going to be on more and more Macs by the time this hardware came out. They’d know that the iPhone wasn’t intended to have USB-C, but that was OK: the iPad they were working on was for the Pro line, and something big was coming up for that. Faster GPUs! Faster CPUs! And – get this – up to a terabyte of storage. That’s desktop-class – except this is SSD storage, so dramatically faster than most 1TB desktops. This was going to be a lean, mean, professional machine with minimal bezels, and a new generation of Face ID. The hardware trajectory was mapped out. (There was already a parallel effort on the summer 2017 update to the Pro line, but that didn’t change much apart from shaving a little weight and improving the screen characteristics.)

The software roadmap said the iPad OS would get a big feature upgrade befitting the new “Pro” devices. So iOS 12 would be shown off in mid-2018, and then in the autumn (“fall” to you Americans, “spring” to you lovely antipodeans) the software itself would arrive, and soon afterwards the devices – which would really flex their Pro muscles, because the designers knew that the CPU and GPU performance was going to blow standard PCs away.

It would all be so easy.

But then something happened. While the designers were working through 2017, it transpired that iOS 11 wasn’t quite as solid as had been thought. (As evidence: even in July 2018, websites could still run “11 most common iOS 11 problems and how to fix them” and expect serious traffic.)

Apple’s software teams must have seen very early after iOS 11’s release (that’s late 2017) that there were serious problems which needed deep attention. And so in January 2018 software vice-president Craig Federighi held an internal meeting where he said that plans for the big updates that had been scheduled for iOS 12 were being put off for a year. Instead, iOS 12 would be a “solidify and speed up” release – as happened with MacOS X with the “Snow Leopard” update in 2009.

Ah. So now the new iPad Pro design is steaming down the tracks – everything long ago locked in, factories booked, release dates figured out – but, the iPad Pro team mouths in silent frustration, you’re going to hang us out to dry with just these little tweaks rather than the full-fat thing that we were promised? That’s not the ‘Pro’ iPad we wanted to release.

This, I think, is the scenario that played out inside Apple. Ina Fried (author of the Axios story about Federighi breaking the news to the team) and Mark Gurman have filled in some detail; Gurman in particular tweeted in May that iOS 13

“will have a big iPad-focused feature upgrade as well, including an updated Files app. some other things in the works are tabs in apps like in MacOS, same app side by side”

“An updated Files app”, huh? I wonder if that, hmmmmm, might have been able to show the files on, oh, let’s hazard a guess, USB-attached drives? And the “same app side by side” feature (ie, you want to look at two copies of the same document, or two documents at once, in an app such as Pages) is something whose absence a lot of people have commented on lately. It’s faintly possible that these leaks about features reached Gurman from people who were on or near the iPad Pro team, and who were trying to send a signal – however faint – to the future about what the iPad Pros that were also yet to come would be able to do.

Delays: part of life

The new iPad Pro: pros use it too. Photo by AdamChandler86 on Flickr. CC-BY licensed.

This sort of thing has happened before, most recently with the Apple TV release of 2015, when Tim Cook stood on a stage and declared “we believe the future of TV is apps”, and showed off a device that had been delayed so long that some of its team had left up the company to a year earlier. Everyone’s reaction was “huh? What apps? Why apps?” The reason for the delay was that Apple had spent ages – literal years – trying to get US TV content producers to agree to turn their offerings into apps, but the producers wouldn’t budge, and wouldn’t budge, and finally Apple just decided to see if it could make the market happen by putting the hardware out there. (It’s happening, perhaps, but incredibly slowly. Meanwhile Netflix and Amazon are gathering all the cord cutters who are watching TV… through apps.)

In other words, the reason why the new iPad Pros aren’t “replacing your laptop” just yet is that iOS 11 fell short of what was planned. Rather than ignore that, Apple chose to sacrifice some peoples’ short-term satisfaction with the iPad Pro release in favour of pleasing the much larger population that would be using iOS 12. So iOS 12 is faster on old hardware than iOS 11, and it’s more stable. Both are boons for all iOS 12 users.

But this lack of key improvements to iOS 12 in turn meant that the new iPad Pros – introduced in October as “an uncompromising vision of computing for the modern world” – received what we could call a crouching ovation from reviewers.

Nilay Patel, at The Verge, wrote a review which is not so much excoriating as exhausted, saying that no matter how fast the hardware is, “it’s still an iPad”.

This is true, but I think we now have a clearer idea why it’s “still an iPad”: because the software got delayed.

That’s the sort of thing that happens when you’re running a big corporation. You have a product roadmap, but then some part of it – hardware, software, chip design – gets waylaid and you have to change your plans. Apple is fortunate in having an established product so that it could pretend that the software miss didn’t happen and could Carry On Regardless. (Such delays used to have much bigger effects. When Apple misread the market in 2000, and offered Macs with DVD-ROM drives instead of CD-burning drives, at a time when everyone was much more interested in burning MP3s to CD than watching films on their PCs, it crashed to a quarterly loss. But it wasn’t all bad: it forced the acquisition of SoundJam, later iTunes, and the program to create the iPod. You know the rest.)

Probably there are some people down there in the iPad team dreaming about What Might Have Been. But Apple’s in this for the long term. A delay of nine or 12 months isn’t relevant here. What’s the concern? PCs will make a comeback? Windows detachables or ChromeOS detachables will take over the world? Nope.

Down to work

Even so, I think people are still too down on the iPad Pro as a device on which to do lots of work. The most common argument is “I can’t throw away my laptop and just use an iPad because I have to do [task X] on my laptop.”

I think this slightly misses the point. Apple isn’t saying “never use your laptop again”. It’s saying “your old laptop’s fine. But when it comes time to buy some new equipment, why not get an iPad Pro instead?” It supplants and extends, not replaces, but the distinction can be hard to perceive. Matt Gemmell, who has shifted entirely to using an iPad, apart from when he needs to see what his site looks like on a different browser, makes this point pretty well in a piece about his new big iPad:

Also, be extremely skeptical of anyone who makes a judgement about switching to an iPad when they haven’t actually done it themselves (this goes for most judgements about most things throughout life). This group includes the apparent majority of tech journalists, most of whom seem to have an annual ritual of spending one week with the newest iPad, and then saying it’s not a laptop replacement yet in some general sense. How would you even know? I certainly didn’t until six months or so in.

I agree with this; I didn’t adjust to using an iPad fully until I had to, but then found the switch pretty comfortable, to the extent that I now pick up the iPad in preference to my (much heavier) MacBook Pro when going out because I know I can do all the things I need to do with it: between Scrivener for writing, and Pythonista and Workflow/Shortcuts for knocking together ad-hoc scripts, I can get done what I need on the hoof. Update: if you’re looking for more ways to Get Things Done on an iPad, I recommend Federico Viticci’s archive of Shortcuts over at MacStories, which have downloadable ways to do all sorts of things – 89 at present – which includes zipping and unzipping files, scheduling, reminders, etc.

OK, but. There have been some reasonable criticisms of the hardware. Patel points to the lack of a 3.5mm headphone jack – “a curious omission, since so many iPads are used essentially as televisions, and so many pro media workflows demand low-latency audio monitoring”. This is a good point, though I think the “used as a TV” one is slightly stronger than the latter.

Clearly, Apple is trying to drive people towards AirPods on the consumer side. For professionals, though, you can get a USB-C hub from places like Hypershop which will offer you a 7-port dongle for $80 which includes a 3.5mm headphone jack, USB-A and Thunderbolt. You’d hope that somewhere in there you’d be able to find a port you can hook into for professional production.

Patel also points out the files thing (you plug in a hard drive via USB, it doesn’t show up). Could it be this got pulled from iOS 12 in that January software reset? Does that mean the hard drive will show up in iOS 13? Well, never say “definitely”, but I’d think the chances were good.

So the reviews which are saying “well, it’s not there yet” have merit. It’s worth reading Craig Mod’s piece about feeling conflicted by his iPad Pro: he likes the fact that it’s lighter and more robust, but getting some things done feels like a struggle instead of a process. (John Gruber describes using the iPad to get stuff done as “like typing with mittens on – when I get to the Mac, it’s like taking them off.”)

The Work Thing

This isn’t my iPad. But look – emacs! Photo by Tatsuo Yamashita on Flickr. CC-BY licensed.

Except I have to say – I like working on the iPad Pro. I’ve been using it since the first generation. I tend to feel that these days if you have tasks which require putting physical plugs with hard drives into a computer, then they’re either quite antiquated tasks, or very specialised ones.

The hard drive non-appearance is clearly an obstacle to Getting Stuff Done. Although can I say.. I don’t miss external hard drives? There’s a gajillion places you can store stuff for free in the cloud (iCloud, Google Drive, Dropbox, OneDrive, I’ve barely begun) and you don’t have to wonder if today is the day the drive is going to die. From time to time I back up my Mac using SuperDuper!, and nowadays doing so feels like a strange chore transplanted from the past, like sweeping a chimney or shoeing a horse. My iPad’s files just back themselves up while I sleep.

So if you need a hard drive – really need it – then either your workflow hasn’t adapted to the fact that we’re in a multi-screen world, or you need the extra heft that desktop/laptop processors can offer. And that’s fine! Nobody is going to look down on you for having a job like that. Quite the opposite.

But equally, I’m going to discount the “use case” of watching a film or listening to music that’s stored on an external hard drive for pleasure (rather than work, ie video processing or other functions), because these days that’s a smaller and smaller use case, in the west at least. We have streaming video services and streaming audio services streaming out of our whatevers, and we can download those files to our devices when online to view while offline. Also, what sort of monster watches a film on their PC rather than on a TV?

As for plugging stuff in – printers? as Steve Sinofsky pointed out, “printers have been wireless for a decade”. It’s almost perverse to physically plug a computer in to a printer. I just don’t.

What Patel’s examples say to me is that the interface between the old world (PC form factor, saves to external hard drives) and the new world (phone and tablet form factor, saves to cloud) isn’t sorted out. It’s still too hard to get stuff from the old world to the new, like some interdimensional portal plot device in a sci-fi film.

Dog food afternoon

What’s needed to get the iPad taken seriously as a contender to replace the laptop? Sure, people need to adjust their workflows. But there are a couple of things Apple could do which would make it attractive to developers – because this thing is really fast. (How fast? I’m not exactly sure. But I timed the Python script which generates the 14 graphs in this post on my 2012 retina MacBook Pro, this 12.9in iPad, and the iPhone X. Results: MBP (core i7, Ivy Bridge): 23.6 seconds. iPad (A9X chip): 10.3 seconds. IPhone X (A11 chip): 3.3 seconds. If the new iPads have improved as one might expect, that’s going to take around 1.5 seconds, which is a huge improvement even over four years.)

So here’s what Apple could do to stop those “well, it’s an iPad, isn’t it?” reviews.

• First, the hard drive thing. But that might be coming anyway.
• Second, implement second screens – properly. At the moment, though you can plug in a second screen, it only mirrors the first rather than extending the desktop.
Update: of course as soon as I hit “publish” and walked away to do something more important, I realised what I’d overlooked: that second-screen support implies some way to control the cursor on the second screen, and that you can’t assume touch on that screen. So either you need some sort of trackpad, or you need a window on the iPad which acts as a cursor control for both screens. Not an insuperable problem, but a tricky one to do satisfactorily. However a second screen is an important part of the next, key step, which is…
• Xcode on iPad. If you want developers to adopt this thing wholesale, you need to enable them to write apps on and for it. The iPad Pro is definitely fast enough. I’d love to know what’s holding Apple back from doing this; rather as in the early 2000s it had MacOS X on PowerPC and also Intel, it’s sure to have versions of Xcode running on iOS and/or the ARM architecture. If there’s one thing developers keep asking for, it’s Xcode on iPad. But you need the other parts too: proper hard drive access, proper second screening.

The simple way to make this happen would be for Apple to dogfood it: force the iOS team to work on iPads. This however is a chicken-and-egg situation, with the added problem that you start with a chicken which can’t even lay an egg.

I think we have an inkling that Apple was going to have done this by now; except, for reasons we don’t know about, it didn’t. And though this is something we hear each year, perhaps Xcode is coming to the iPad – or the A-series chip – with the next release of iOS.

But even if it doesn’t, you know what? The iPad Pro is a pretty remarkable platform for a lot of work.