Reports of a simple iPhone passcode hack turned out to be wrong. Photo by portal gda on Flickr.
You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.
A selection of 11 links for you. It’s not my fault. I’m @charlesarthur on Twitter. Observations and links welcome.
Thermostats, locks and lights: digital tools of domestic abuse • The New York Times
»
One woman had turned on her air-conditioner, but said it then switched off without her touching it. Another said the code numbers of the digital lock at her front door changed every day and she could not figure out why. Still another told an abuse help line that she kept hearing the doorbell ring, but no one was there.
Their stories are part of a new pattern of behavior in domestic abuse cases tied to the rise of smart home technology. Internet-connected locks, speakers, thermostats, lights and cameras that have been marketed as the newest conveniences are now also being used as a means for harassment, monitoring, revenge and control.
In more than 30 interviews with The New York Times, domestic abuse victims, their lawyers, shelter workers and emergency responders described how the technology was becoming an alarming new tool. Abusers — using apps on their smartphones, which are connected to the internet-enabled devices — would remotely control everyday objects in the home, sometimes to watch and listen, other times to scare or show power. Even after a partner had left the home, the devices often stayed and continued to be used to intimidate and confuse…
…Muneerah Budhwani, who takes calls at the National Domestic Violence Hotline, said she started hearing stories about smart homes in abuse situations last winter. “Callers have said the abusers were monitoring and controlling them remotely through the smart home appliances and the smart home system,” she said.
Graciela Rodriguez, who runs a 30-bed emergency shelter at the Center for Domestic Peace in San Rafael, Calif., said some people had recently come in with tales of “the crazy-making things” like thermostats suddenly kicking up to 100 degrees or smart speakers turning on blasting music.
«
Like something from a screenplay. No doubt this stuff will get incorporated into a screenplay very soon.
link to this extract
Non-invasive malaria test wins Africa engineering prize • Associated Press
»
Malaria is the biggest killer in Africa, and the sub-Saharan region accounts for about 80% of the world’s malaria cases and deaths. Cases rose to 216 million in 2016, up from 211 million cases in 2015, according to the latest World Malaria Report, released late last year. Malaria deaths fell by 1,000, to 445,000.
The mosquito-borne disease is a challenge to prevent, with increasing resistance reported to both drugs and insecticides.
The new malaria test kit works by shining a red beam of light onto a finger to detect changes in the shape, color and concentration of red blood cells, all of which are affected by malaria. The results are sent within a minute to a computer or mobile phone linked to the device.
A Portugal-based firm has been contracted to produce the components for Matibabu, the Swahili word for “treatment.”
“It’s a perfect example of how engineering can unlock development – in this case by improving health care,” Rebecca Enonchong, Africa Prize for Engineering Innovation judge, said in a statement. “Matibabu is simply a game changer.”
«
Won by a 25-year-old Ugandan computer scientist, Brian Gitta. Initial accuracy 80%; they’re working for 90%. The mobile phone makes it so much cheaper and flexible, too.
link to this extract
Inside a heist of American chip designs, as China bids for tech power • The New York Times
»
Micron’s accusations focus on efforts by Fujian Jinhua Integrated Circuit, a state-backed chip maker, to build a $5.7bn factory in China’s Fujian Province. Two years ago, Jinhua tapped UMC, a Taiwanese company, to help it develop technology for the factory. Instead of going through the lengthy steps required to design the technology, Micron said in its suit, UMC and Jinhua decided to steal it.
A UMC spokesman denied the allegations and declined to comment further. Jinhua did not respond to requests for comment.
First, UMC lured away engineers from Micron’s Taiwan operations with promises of raises and bonuses, according to the Taiwanese authorities. Then, it asked them to take some of Micron’s secrets with them, according to Micron’s court filings and the authorities. The engineers illegally took with them more than 900 files that contained key specifications and details about Micron’s advanced memory chips, the authorities said.
Micron grew suspicious, according to its court documents, after discovering that one of its departing engineers had turned to Google for instructions on how to wipe a company laptop. Later, at a recruiting event in the United States aimed at Micron employees, Jinhua and UMC showed PowerPoint slides that used Micron’s internal code names when discussing future chips it would make, according to the court documents.
Alerted by Micron, the Taiwanese police tapped the phone of one Micron engineer, Kenny Wang, who was being recruited by UMC. According to an indictment in Taiwan against Mr. Wang and others, UMC reached out to Mr. Wang in early 2016 using Line, the smartphone messaging app, while he was still working for Micron. UMC explained it was having problems developing its memory chip technology. Mr. Wang then grabbed the information it needed from Micron’s servers, and later used it to help UMC’s design. The police said Mr. Wang received a promotion at UMC.
«
Google’s endless app overlap: what’s going on? • Android Authority
Anthony Hayt starts off displeased with Google Tasks, but finds he’s frustrated overall with Google’s lack of discipline:
»
Tasks may be great at one small thing for some folks, but it doesn’t really need to exist. It only complicates and fragments Google’s world that much more. In this regard, Tasks reminds me a lot of Google’s current crop of messaging apps, including Hangouts, Hangouts Chat, Messages, and Allo. All of these apps have different functions for different people — none provide a single, cohesive solution for everyone.
Tasks seems like yet another app Google has debuted essentially as a placeholder for some future development. Or, looked at another way, it is yet another beta product from Google’s throw-everything-at-the-wall-and-see-what-sticks approach to product development.
Tasks seems designed solely to test out the integration of Gmail, Calendar, and a “Future Unnamed Keep-Tasks Hybrid” app (or something). No real thought seems to have gone into how productivity or enterprise users would actually want to effectively employ it. Indeed, for Google to really compete with apps like Asana or Trello, it will need to merge Hangouts Meet, Tasks, Keep, and Calendar in a way that integrates them all in one window. That is a lot to ask, but Tasks doesn’t really get us any closer to that goal.
«
This will sound weird, but I think Google’s big problem with apps is that it never had a desktop OS to keep it focussed. A mobile OS is a big undertaking, sure, but you can add apps to it endlessly. You can’t do that on a desktop OS: the opportunity cost is too high.
But what about ChromeOS? That’s more of a browser on top of Linux. Not the same thing.
link to this extract
Apple pushes back on hacker’s iPhone passcode bypass report • ZDNet
»
We reported Friday on [Matthew] Hickey’s findings, which claimed to be able to send all combinations of a user’s possible passcode in one go, by enumerating each code from 0000 to 9999, and concatenating the results in one string with no spaces. He explained that because this doesn’t give the software any breaks, the keyboard input routine takes priority over the device’s data-erasing feature.
But Hickey tweeted later, saying that not all tested passcodes are sent to a the device’s secure enclave, which protects the device from brute-force attacks.
“The [passcodes] don’t always go to the [secure enclave processor] in some instances – due to pocket dialing [or] overly fast inputs – so although it ‘looks’ like pins are being tested they aren’t always sent and so they don’t count, the devices register less counts than visible,” he tweeted.
Hickey credited Stefan Esser for his help.
“I went back to double check all code and testing,” said Hickey in a message Saturday. “When I sent codes to the phone, it appears that 20 or more are entered but in reality its only ever sending four or five pins to be checked.”
Apple is rolling out a new feature, called USB Restricted Mode, in its upcoming iOS 12 update, which is said to make it far more difficult for police or hackers to get access to a person’s device – and their data.
«
This would have been an amazing hack, if true. But it’s not. ZDNet left the URL for this updated story untouched rather than write a new one and redirect from the old; the old URL is “a-hacker-figured-out-how-to-brute-force-an-iphone-passcode”.
I don’t think Whittaker rushed to (virtual) print on this; the fault was the researcher’s, who didn’t test it thoroughly before going public. A little embarrassing.
link to this extract
Bitmain controls almost 51% of bitcoin mining hashrate • Bitcoin Newswire
The Bitmain group overtly controls 42% of mining power, and could marshal another 3% from power presently used mining other coins:
»
The BTC mining hash rate has tripled since December 2017, while the price of Bitcoin has dropped to approximately a third of its value within the same period.
With the drop in prices and the increasing hashrate, it is currently more difficult to mine Bitcoin than it was in December 2017. For smaller mining operations, the price drop is a significant problem that could render them unable to continue the business. If they close up shop and new miners don’t enter the market, there is the possibility of Bitmain grabbing control of a much larger share of the hashrate. Since Bitmain manufactures its hardware, it can most likely survive for much longer even in the face of increasing mining difficulty and reducing prices.
Bitcoin is currently down to its lowest level since the start of 2018. BTC prices fell below $6,000 for the first time in 2018 as the top-ranked crypto continues to struggle.
«
So bitcoin, the great decentralised project, is becoming centralised as hell – more so than fiat finance.
link to this extract
This is how many people we’d have to send to Proxima Centauri to make sure someone actually arrives • MIT Technology Review
»
The Parker Solar Probe, to be launched this year, will travel at more than 700,000km/h, about 0.067% the speed of light.
So Marin and Beluffi use this as the speed achievable with state-of-the-art space technology today. “At this speed, an interstellar journey would still take about 6,300 years to reach Proxima Centauri b,” they say.
Selecting a crew for such a multigenerational space journey would be no easy feat. Important parameters include the initial number of men and women in the crew, their age and life expectancy, infertility rates, the maximum capacity of the ship, and so on. It also requires rules about the age at which procreation is permitted, how closely related parents can be, how many children they can have, and so on.
Once these parameters are determined, they can be plugged into an algorithm called Heritage, which simulates a multigenerational mission. First, the algorithm creates a crew with the selected qualities. It then runs through the mission, allowing for natural and accidental deaths each year and checking to see which crew members are within the allowed procreational window.
Next, it randomly associates two crew members of different sexes and evaluates whether they can have a child based on infertility rates, pregnancy chances, and inbreeding limitations. If the pregnancy is deemed viable, the algorithm creates a new crew member and then repeats this loop until the crew either dies out or reaches Proxima Centauri after 6,300 years.
«
This is the setup of so many sci-fi films, where of course it all goes wrong. The surprising (to me) conclusion is you’d only need 25 “breeding pairs” for it all to go swimmingly. Though you’d have a civilisation, in effect, which would arrive somewhere after 6,300 years spent just travelling.
As a reminder, 6,300 years ago we were just seeing the discovery of copper, and the plough in Europe. Would a space civilisation keep evolving?
link to this extract
Young Trumpies hit D.C.…and D.C. hits them right back • POLITICO Magazine
Daniel Lippman on how young members of the Trump administration struggle to find their way in Washington:
»
One beleaguered 31-year-old female administration official described at length her “very, very frequent” scraps with her matches on dating apps. “You do the small talk thing, and you have a very good conversation, and then they might say, ‘You didn’t vote for Trump, right?’” she says. “As soon as I say, ‘Of course I did,’ it just devolves into all-caps ‘HOW COULD YOU BE SUCH A RACIST AND A BIGOT?’ And ‘You’re going to take away your own birth control.’” In one recent star-crossed exchange, the official told a match she worked for the federal government. When he pushed, she revealed she was in the administration. He asked her, “Do you rip babies from their mothers and then send them to Mexico?”
Evasive answers will get you only so far, though, since many dating apps provide enough information for inquisitive users to sleuth out their matches’ identities. “I literally got the other day, ‘Thanks but no thanks. Just Googled you and it said you were a mouthpiece for the Trump administration. Go fuck yourself,’” says the official. It’s all enough to drive her and some of her colleagues away from at least some of the apps. “I’m no longer on Bumble,” she says.
Young staffers have had to develop a keen sense of just when to have “The Talk” with romantic partners. “I’ve still been able to hook up with women,” says a male former White House staffer. “But I know that I need to be careful about broaching the Trump stuff.
«
Nike hit back at Quest in court case • The ITAM Review
“Rich” on a row between Quest Software, which says Nike owes $15.6m for use of its software since 2001, and Nike, which says it owes $0.34m. It’s only a 98% difference:
»
Nike state they have: “…not agreed, under the SLSA or otherwise, to pay for licenses for Quest Software for persons or systems who could theoretically access the Quest Software, but who do not actually use the software”
And go on to point out that “People legitimately need to access these servers, but have no need to run Quest software – for example “NIKE’s cyber security and forensics professionals.” A situation that will be common to many organisations worldwide.
Looking at section 12 of the SLSA, the audit clause between Nike & Quest states: “In the event that an audit conducted as set forth herein discloses that Licensee has caused or permitted access to or use of the System by persons or entities that are not authorized under the terms of this Agreement to such use or access, Licensee shall pay Quest the underpayment, in the amount of the negotiated fee applicable to the particular Software Product or Product to which unauthorized access was permitted, for all such unauthorized users”
It seems Quest are relying on the language that states: “permitted access to…the System by person…not authorized…to such use or access” to make their claim that Nike are liable for all potential users based on system access.
Nike, however, are arguing that the clause simply states they must pay for: “All unauthorized users”
«
On that (and some more) turns $15m, one way or another.
link to this extract
An invisible rating system at your favorite chain restaurant is costing your server • Buzzfeed
Caroline O’Donovan (where “server” means “waiter/waitress”):
»
Ziosk tablets sit atop dining tables at more than 4,500 restaurants across the United States — including most Chili’s and Olive Gardens, and many TGI Friday’s and Red Robins. Competitor E La Carte’s PrestoPrime tablets are in more than 1,800 restaurants, including most Applebee’s. Tens of thousands of servers are being evaluated based on a tech-driven, data-oriented customer feedback system many say is both inaccurate and unfair. And few of the customers holding the reins are even aware their responses have any impact on how much servers earn.
Ziosk and Presto sit at the nexus of two major consumer trends: the idea that every product, service, piece of content, and interaction, whether encountered online or in real life, should be rated on a scale of one to five, and that these ratings in aggregate become an invaluable dataset, helping managers achieve growth and make money.
“It makes very literal the idea that the customer is always right, to the complete disregard of the worker,” Ifeoma Ajunwa, an assistant professor at Cornell’s Industrial and Labor Relations School, told BuzzFeed News.
Technologies like Ziosk are attractive to the restaurant industry, which faces a rising minimum wage, because the tablets promise to make workers more efficient, and in turn, lower labor costs. But in interviews with BuzzFeed News, more than two dozen current and former servers described Ziosk as a source of financial and emotional anxiety, a vector of discrimination and harassment in the workplace, and an added layer to the economic and psychological precariousness that already defines restaurant work.
“When they introduced them, it seemed like a good deal for the customer. But as a server, it’s just the worst thing ever,” said Sam Ellis, who worked as a server at a Chili’s in Texas. “That’s all your job depends on, is those survey scores.”
«
CryptoKitties sales plummet in popularity months after raising $12m • Business Insider
»
Like Beanie Babies, CryptoKitties are considered collectibles. Their novelty lies in the fact that owners can prove that they possess sole ownership of the Crypto Kitty they’ve purchased. In December, it was reported that one particular Crypto Kitty sold for around $155,000.
People had already spent millions buying and trading CryptoKitties by the time top-tier investors including Andreessen Horowitz and Union Square Ventures decided to give the company $12 million. Before the deal went through, one investor in the company told Business Insider that the product embodied one of the most important and applicable use-cases of the blockchain: The ability to safely store digital collectibles online.
But it looks like CryptoKitties itself could be in danger of becoming a short-lived novelty.
According to data from blockchain analytics sites Bloxy and Diar, the number of CryptoKitties transactions has fallen drastically in the last 3 months.
The number of CryptoKitties transactions decreased in June by 98.4% compared to its peak of 80,500 transactions back in December 2017, according to data from Bloxy. The game is still among the most popular options for ethereum-related gaming, but public interest in buying and selling them seems to have waned significantly in recent months.
CryptoKitties cofounder Bryce Bladon told Business Insider in an email that the decrease in CryptoKitties transactions was to be expected, and there were a few factors, one of which was the skyrocketing costs of processing a transaction based on ethereum.
«
Ah yes, transaction costs. That almost-always-overlooked factor in blockchain “currency” things.
link to this extract
Errata, corrigenda and ai no corrida: none notified
The Overspill: when there's more that I want to say 
