Start Up No.989: surviving conspiracy theorists, supply chain hacking, Apple’s Titan-ic layoffs, ransomware v bitcoin, and more

DeepMind has conquered chess, shogi and Go; now also the real-time strategy game Starcraft II. CC-licensed photo by David Luong on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 12 links for you. Still human. I’m @charlesarthur on Twitter. Observations and links welcome.

AlphaStar: mastering the real-time strategy game StarCraft II • DeepMind


Games have been used for decades as an important way to test and evaluate the performance of artificial intelligence systems. As capabilities have increased, the research community has sought games with increasing complexity that capture different elements of intelligence required to solve scientific and real-world problems. In recent years, StarCraft, considered to be one of the most challenging Real-Time Strategy (RTS) games and one of the longest-played esports of all time, has emerged by consensus as a “grand challenge” for AI research.

Now, we introduce our StarCraft II program AlphaStar, the first Artificial Intelligence to defeat a top professional player. In a series of test matches held on 19 December, AlphaStar decisively beat Team Liquid’s Grzegorz “MaNa” Komincz, one of the world’s strongest professional StarCraft players, 5-0, following a successful benchmark match against his team-mate Dario “TLO” Wünsch. The matches took place under professional match conditions on a competitive ladder map and without any game restrictions…

…StarCraft II, created by Blizzard Entertainment, is set in a fictional sci-fi universe and features rich, multi-layered gameplay designed to challenge human intellect. Along with the original title, it is among the biggest and most successful games of all time, with players competing in esports tournaments for more than 20 years.


Tons of links and replays to watch here. I watched the latest Star Trek: Discovery series on Netflix and kept thinking, as people shouted orders during (stupid) space battles, “you’d have long since handed this stuff over to computers.” Well, here we go.
link to this extract

Trapped in a hoax: survivors of conspiracy theories speak out • The Guardian

Ed Pilkington:


A University of Chicago study estimated in 2014 that half of the American public consistently endorses at least one conspiracy theory. When they repeated the survey last November, the proportion had risen to 61%. The startling finding was echoed by a recent study from the University of Cambridge that found 60% of Britons are wedded to a false narrative.

The trend began on obscure online forums such as the alt-right playground 4chan. Soon, media entrepreneurs realized there was money to be made – most notoriously Alex Jones, whose site Infowars feeds its millions of readers a potent diet of lurid lies (9/11 was a government hit job; the feds manipulate the weather.)

Now the conspiracy theorist-in-chief sits in the White House. Donald Trump cut his political teeth on the “birther” lie that Barack Obama was born in Kenya, and went on to embrace climate change denial, rampant voter fraud and the discredited belief that childhood vaccines may cause autism.

Amid this explosive growth, one aspect has been underappreciated: the human cost. What is the toll paid by those caught up in these falsehoods? And how are they fighting back?

The Guardian talked to five people who can speak from bitter personal experience. We begin in a town we will not identify in Massachusetts where a young man, who tells his story here for the first time, was asleep in his bed.


The information plague of the modern age.
link to this extract

The messy truth about infiltrating computer supply chains • The Intercept

Micah Lee and Henrik Moltke:


while Bloomberg’s story [about a tiny chip on motherboards compromising Apple and Amazon systems] may well be completely (or partly) wrong, the danger of China compromising hardware supply chains is very real, judging from classified intelligence documents. US spy agencies were warned about the threat in stark terms nearly a decade ago and even assessed that China was adept at corrupting the software bundled closest to a computer’s hardware at the factory, threatening some of the US government’s most sensitive machines, according to documents provided by National Security Agency whistleblower Edward Snowden. The documents also detail how the US and its allies have themselves systematically targeted and subverted tech supply chains, with the NSA conducting its own such operations, including in China, in partnership with the CIA and other intelligence agencies. The documents also disclose supply chain operations by German and French intelligence.

What’s clear is that supply chain attacks are a well-established, if underappreciated, method of surveillance — and much work remains to be done to secure computing devices from this type of compromise.

“An increasing number of actors are seeking the capability to target … supply chains and other components of the US information infrastructure,” the intelligence community stated in a secret 2009 report. “Intelligence reporting provides only limited information on efforts to compromise supply chains, in large part because we do not have the access or technology in place necessary for reliable detection of such operations.”


The NSA compromised Cisco routers; that’s pretty well known.
link to this extract

Sonos plans headphones in move outside the home • Bloomberg

Mark Gurman and Debby Wu:


High-end pairs often cost $300 or more, and Sonos is expected to target a similar price range, the people added.

Sonos is focusing on audio quality and the ability to work with multiple music services and digital assistants, like its latest internet-connected speakers. The company is one of the few independent consumer hardware makers that has partnered with most of the leading technology companies, including Apple Inc., Google and Inc.

The Santa Barbara, California-based company has begun approaching overseas manufacturers about producing the headphones, one of the people said. Sonos spokeswoman Laura Morarity said the company doesn’t comment on future product plans.

The headphones represent a potential new growth area for Sonos. The company went public in August at $15 a share and the stock has dropped more than 25% since then. Still, the company beat analysts’ revenue estimates in the third quarter after its Beam sound bar sold well. Wall Street expects sales of more than $490m in the holiday quarter, according to data compiled by Bloomberg.

In its most recent letter to shareholders, Sonos said half of music listening occurs outside the home and suggested it will tackle this part of the market.


I’d say Sonos’s core market is people who like the convenience, sound quality and size of their speakers and app. Headphones are horrendously commoditised. And yet… it might work: get volume and profit if you can sell enough based on the brand power.
link to this extract

Advocacy groups urge FTC to pursue Facebook breakup • WSJ

John McKinnon:


Several advocacy groups are urging the Federal Trade Commission to seek a breakup of Facebook as it weighs possible penalties against the social media company for privacy violations.

Facebook has acknowledged that the data firm Cambridge Analytica improperly obtained personal data of millions of users. The FTC is nearing completion of an investigation into the matter and is weighing penalties, including a substantial fine.

Among other remedies, “the FTC should require Facebook to unwind the acquisition of both WhatsApp and Instagram” for its failure to protect the data of those apps’ users, according to a draft letter from the groups to the FTC. A copy of the letter, dated Jan. 24, was obtained by The Wall Street Journal.

“Facebook has operated for too long with too little accountability,” said Marc Rotenberg, president of the Electronic Privacy Information Center, one of the groups expected to sign the letter. Others include Color of Change, which advocates racial justice, and Open Markets Institute, which promotes business competition.


Certainly would make a huge difference if it didn’t have Instagram. It might – might – even be feasible to unwind the three companies from each other. Controlling social media aggregation is the next antitrust frontier; the problem is how to frame the legal battle that would justify it.

But as an ex-FTC law professor points out, it’s not in the FTC’s powers to order antitrust action like that.
link to this extract

Apple lays off over 200 from Project Titan autonomous vehicle group • CNBC

Lora Kolodny, Christina Farr and Paul Eisenstein:


Apple dismissed just over 200 employees this week from Project Titan, its stealthy autonomous vehicle group, people familiar with the matter told CNBC.

An Apple spokesperson acknowledged the layoffs and said the company still sees opportunity in the space:

“We have an incredibly talented team working on autonomous systems and associated technologies at Apple. As the team focuses their work on several key areas for 2019, some groups are being moved to projects in other parts of the company, where they will support machine learning and other initiatives, across all of Apple,” the spokesperson said.

“We continue to believe there is a huge opportunity with autonomous systems, that Apple has unique capabilities to contribute, and that this is the most ambitious machine learning project ever.”


As someone remarked (on Twitter of course), they should just add the abbreviation for “integrated car” to the end of the project name. Just can’t really see Apple doing cars.
link to this extract

New ransomware strain is locking up Bitcoin mining rigs in China • ZDNet

Catalin Cimpanu:


Most of the infected mining rigs are Antminer S9 and T9 devices, used for Bitcoin mining, but there have also been reports of hAnt infecting Antminer L3 rigs, used for mining Litecoin. In rare instances, Avalon Miner equipment (used for Bitcoin), were also reported as infected, but in much smaller numbers.

It is unclear how crooks first infect a mining farm’s data center or equipment, but some Chinese security experts suggest that hAnt comes hidden inside tainted versions of mining rig firmware that has been making the rounds online since last summer.

According to reports in Chinese media, once hAnt infects a mining rig, it immediately locks the device and prevents it from mining any new currency.

When equipment owners connect to devices remotely (via a CLI, command-line interface) or manually (using LCD screens) the first thing they see is a splash screen depicting an ant and two pickaxes in green ASCII characters, similar to the red skull splash screen displayed by the NotPetya ransomware…

…The ransom note is somewhat unique when compared to ransom demands seen on desktop ransomware variants because victims are given a choice.

They can either pay a 10 Bitcoin ($36,000) ransom to remove the ransomware from the mining rig, or they can download a malicious firmware update that they have to apply to other mining rigs to further spread the ransomware.

If victims fail to pay the ransom or infect at least 1,000 other devices, the ransom note threatens to turn off the mining rig’s fan and its overheat protection, leading to the device’s destruction.


Ransomware that benefits the environment. It’s a first.
link to this extract

BuzzFeed, HuffPost latest to feel pinch in faltering digital news economy • The Washington Post


Traditional media organizations, such as newspaper and TV stations, have been buffeted for years by the transition to a digital economy, with some of their readers and advertising base siphoned away by the likes of BuzzFeed, Vice and HuffPost.

But over the past several months, digital companies have faced some of the same issues, as profits have proved elusive in an advertising market dominated by two giants — Google and Facebook.

Vice has instituted a hiring freeze and is seeking to cut its workforce by about 10% to 15% this year, primarily through attrition. Verizon Media Group, the owner of HuffPost, AOL and Yahoo, announced its own round of layoffs of about 7% on Wednesday.

Other digital news outlets, such as Refinery29, Vox Media and Mic, have been pinched, too. Vox — the Washington-based publisher of Vox, SB Nation and other sites — cut about 50 staffers early last year. Refinery29, which is aimed at millennial women, dropped about 10% of its staff, or about 40 people, in October.

Mic, another site aimed at millennials, laid off its entire editorial staff in November.


Buzzfeed is laying off about 15% of its staff, following on from cuts last year; the UK will be affected. And this is during a good time. Wait for what a recession will do.
link to this extract

“She was a cartoon villain brought to life”: a former Trump aide recalls Conway’s leaking tactics in the West Wing viper’s nest • Vanity Fair

Cliff Sims, who has already entertained us with an extract from his book about how Trump promised Nasa unlimited funds if only it would land someone on Mars by 2020:


I had not brought my work laptop upstairs with me when she called, so Kellyanne [Conway, who has the role of… nobody quite knows what in the White House] pointed over to her personal MacBook sitting on the conference table on the other side of the room. “Just use that and type something up for me,” she said.

I sat down and started slowly pecking out a statement. While working in the White House, I found that I’d grown so accustomed to writing in Trump’s voice that writing for other people had become somewhat harder than it nor mally would have been. I was already getting off to a slow start, but I was also getting distracted by the nonstop stream of iMessages popping up on the screen. At that point, personal phones had not yet been banned in the West Wing, so Kellyanne was sitting at her desk texting away. And since her iMes sage account was tied to both her phone and her laptop, which she must not have even considered, I could inadvertently see every conversation she was having.

Over the course of 20 minutes or so, she was having simultaneous conversations with no fewer than a half -dozen reporters, most of them from outlets the White House frequently trashed for publishing “fake news.” Jour nalists from The New York Times, The Washington Post, CNN, Politico, and Bloomberg were all popping up on the screen. And these weren’t policy conversations, or attempts to fend off attacks on the president. As I sat there trying to type, she bashed Jared Kushner, Reince Priebus, Steve Bannon, and Sean Spicer, all by name.

(“The real leakers, past and present, get much more positive press than I do. While it’s rare, I prefer to knife people from the front, so they see it coming,” Conway said in a statement shortly after publication. According to a source familiar with the situation, the statement was drafted in consultation with her husband, George Conway.)


Isn’t it strange how both insiders and outsiders writing about the Trump admin describe utter chaos and backstabbing, again and again? Shakespeare would have a field day. The Medicis would tip their hats. Well, maybe not at the chaos bit.
link to this extract

Deliveroo users are getting defrauded – and it could be fined millions for it • New Statesman

Sarah Manavis found a big charge on her account one morning:


rather than seeing an overspend or a direct debit I’d forgotten about, I saw three enormous charges from the food delivery service Deliveroo from the night before. They weren’t mine.

I immediately called Deliveroo to say that it wasn’t, in fact, me who ordered £100 worth of food in the space of ten minutes in three separate orders; and told them that the fraudsters had changed my email address, so I couldn’t even get into my account to look at where it was sent. I was told that they would investigate, and I would be sent an email asking for more information immediately.

I was not. After an hour, I rang again, to find that actually the email had been sent to the new email address – the one the fraudsters plugged in – so that they had presumably been alerted to the investigation. I complained, got the email re-sent to me, and was then met by radio silence for the rest of the day. When I eventually rang again, the company said it couldn’t actually tell me whether or not I would get my money back, adding that I might not hear from them for nearly a week before they let me know either way.

By 5pm, I was getting fed up, so I did what any journalist with a modest Twitter following would do, and tweeted. What I thought would happen was that my case would be bumped on the list, and maybe I’d get my money back sooner (or, indeed, at all). What actually happened was that my replies, DMs and email were all immediately flooded with people who had been a victim of the same fraud, saying, yes, this had happened to them too and no, Deliveroo had never refunded them.


This has been going on for some time. And guess what? Deliveroo doesn’t offer 2FA security.
link to this extract

Amazon’s automated grocery store has some empty shelves thanks to sudden Munchery bankruptcy • Yahoo News

Paayal Zaveri:


Shoppers at Amazon ‘s cashier-less convenience stores in San Francisco faced some empty shelves Tuesday morning after one of its local suppliers, Munchery, suddenly went out of business on Monday.

Munchery was a San Francisco on-demand food-delivery business and supplied prepared food items to San Francisco’s Amazon Go stores. Employees at one Amazon Go location in San Francisco said it was not yet clear what would replace the Munchery items, but it would likely be another local supplier.

In an email to customers on Monday, Munchery said “Munchery is closing its doors and ending operations effective immediately,” and “any outstanding orders with Munchery will be canceled and refunded.”

Munchery was one of many on-demand meal kit companies that wanted to do it all: prepare meals and handle the delivery logistics for customers. Munchery raised $125.4 million in venture funding since it was founded in 2011, according to Crunchbase. Better-funded competitors like Blue Apron have also been struggling — Blue Apron priced its shares at $10/share when it went public in 2017, and it’s now trading below $2. Ironically, Amazon’s own movement into groceries with its 2017 acquisition of Whole Foods has put competitive pressure on these companies.


Winter is coming, folks.
link to this extract

Walmart mysteriously vanishes from Google Express • Android Police

Corbin Davenport:


When Google Express re-launched in 2017 as a free service, it had two major retail partners — Walmart and Target. Both companies have a massive amount of stores across the United States, so Express became a great shopping tool as a result. However, Walmart seems to have been quietly removed from Express.

Visiting the former Walmart store page now simply shows a “Walmart is outside your delivery area.” error message, even if you live in an area with a nearby Walmart store. The Twitter account for Express confirmed the removal, but did not provide further details.

The removal of Walmart definitely cripples Google Express, but it’s not a death blow. Target is still partnered with Express, and sells many of the same items that Walmart did, including groceries and other home goods. Costco also has groceries, if you have a membership.

It seems likely that Walmart left Google Express to draw customers to its own services.


Which means that soon there won’t be a Google Express.
link to this extract

Errata, corrigenda and ai no corrida: none notified

4 thoughts on “Start Up No.989: surviving conspiracy theorists, supply chain hacking, Apple’s Titan-ic layoffs, ransomware v bitcoin, and more

  1. Re the Deliveroo story: Sarah Manavis is billed as their “tech and digital culture writer” yet goes along with the suggestion that she might have reused a login/password pair on a site which can bill her and has no 2FA. How is anyone with that job title not using a password manager in 2019? Or at least a unique password for any site that might have access to a credit card?

  2. Re. Headphones. I don’t think they’re commodities in practice. In theory, cheap stuff from TaoTronics or Anker is Good Enough for most, but in practice, even my 12yo nephew wanted something with some logo on it, though he has no clue about features and performance

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.