Start Up No.999: Facebook’s German data hiccup, ads and robot anxiety, Twitter’s user truth, webcam insecurity, and more

The US has a lot of crumbling infrastructure. (This was a Minneapolis bridge collapse in 2007.) CC-licensed photo by Tony Webster on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam. And then you’ll start at No.1,000.

A selection of 11 links for you. Which service do you require? I’m @charlesarthur on Twitter. Observations and links welcome.

The infrastructural humiliation of America • TechCrunch

Jon Evans:


The USA is nine times wealthier than Thailand, per capita, but I’d far rather ride Bangkok’s SkyTrain than deal with NYC’s subway nowadays. I’d much prefer to fly into Don Muang, Bangkok’s ancient second-tier airport — which was actually closed for years, before being reopened to handle domestic flights and low-cost airlines — than the hostile nightmare that is LAX. And those are America’s two primary gateway cities!

So imagine what it’s like coming to America from wealthy Asian nations, and their gleaming, polished, metronomically reliable subways, trains, and airports. I don’t think Americans understand just how that comparison has become a quiet ongoing national humiliation. If they did, sheer national (and civic) pride would make them want to do something about it. Instead there’s a learned helplessness about most American infrastructure nowadays, a wrong but certain belief that it’s unrealistic to dream of anything better.

It’s not just those two cities. Compare Boston’s T to, say, Taipei, or San Francisco’s mishmash of messed-up systems — Muni, where I have waited 45 minutes for a T-Third; CalTrain, which only runs every 90 minutes on weekends; BART, which squandered millions on its useless white-elephant Millbrae station — to Shenzhen. And it’s not just age; Paris’s metro was inaugurated in 1900, but its well-maintained system continues to run excellently and expand continuously.


Can’t he just get a ride on the tax cuts?
link to this extract

Germany blocks Facebook from pooling user data without consent • Financial Times

Olaf Storbeck, Madhumita Murgia and Rochelle Toplensky:


Germany’s antitrust watchdog on Thursday blocked Facebook from pooling data collected from Instagram, its other subsidiaries and third-party websites without user consent in a landmark decision on internet privacy rights and competition.

The Federal Cartel Office said it was tackling what it described as the Silicon Valley company’s “practically unrestricted collection and assigning of non-Facebook data” to user accounts.

In a press conference in Bonn, the German authorities said that Facebook needed the “voluntary consent” of users to pool data from other services with its own Facebook user data.

The FCO also said that Facebook needed consent to collect data from third-party websites outside its own ecosystem. “If consent is not given . . . Facebook will have to substantially restrict its collection and combination of data,” the cartel office said.


Note that it’s the antitrust office, not the privacy commissioner doing this. Though one suspects that Facebook will get round it with a dialog box.
link to this extract

Over 40 smartphone brands exit India market owing to hyper-competition • ET Telecom

Tina Gurnaney:


As many as 41 smartphone brands exited the India smartphone market in 2018 owing to hyper-competition, while 15 brands entered the market eyeing growth prospects that India has to offer, according to data shared by Cybermedia Research.

Mirroring the same pattern, more exits than entry of smartphone players is expected in 2019 as major brands like Xiaomi, Samsung, Vivo, Oppo continue to consolidate their share by eating into those of the smaller brands, analysts say. Counterpoint Research predicts the exit of 15 smartphone players in 2019 versus entry of five players. CMR sees nine new entrants versus 10 exits in 2019.

As per CMR estimates, India currently has around 200 smartphone players operating in the market. At its peak in 2014-15, the mobile phone market had over 300 smartphone players.


That was the peak? Yet it’s still the fastest growing (big) market.
link to this extract

Why so many Super Bowl ads were about robots • Slate

Will Oremus:


It’s possible that Madison Avenue is just out of touch. But if the ads they cooked up for companies ranging from Michelin to TurboTax to Sprint provide a window into America’s anxieties, it sure seems like we’re struggling to figure out our place alongside machine intelligence. And we’re already resorting to gallows humor in the face of our own obsolescence.

The robot reckoning began with an ad from SimpliSafe, called “Fear Is Everywhere,” that played tech’s dark side for some wry chuckles. “In five years, robots will be able to do your job, your job, and your job” a man tells his friends at a ballgame. The camera pans up to show a robot in a baseball cap on the top bleacher eating a hot dog, who gives a slightly menacing dude-nod. Cut to an electronics store where a woman asks her phone-distracted husband if he’s listening. The reply comes instead from an Amazon Echo–like device on the store shelf: “Always, Denise.”

The spot works because it cloaks real fears in satire. It’s at once a sendup of the “scare people into buying a security system” genre and an exemplar of it.

That spooky-funny duality may help to explain why robots are fast becoming a trope in TV advertising. Humor is a way of dealing with topics that make us uncomfortable while maintaining some emotional distance from them. A.I. taking our jobs and listening in on our conversations really is frightening, but it isn’t quite so frightening that we can’t joke about it—like, say, climate change or terrorism. At least, not yet.


link to this extract

Twitter finally shared how big its daily user base is — and it’s a lot smaller than Snapchat’s • Recode

Kurt Wagner:


How big is Twitter’s daily user base? A lot smaller than Snapchat’s, it turns out.

For years, Twitter has been asking investors to judge the company by looking at user growth for its daily active users. But Twitter never shared how many daily active users it actually had, which made the year-over-year growth hard to appreciate.

That changed on Thursday when Twitter shared its daily user total for the first time: Twitter has 126 million daily users, which is 60 million fewer users than Snapchat (and a lot fewer users than the core apps owned by Facebook). That means roughly 39% of Twitter’s monthly active users are on the app every day.

The new metric matters to Twitter because it paints a picture that Twitter is growing. Twitter’s monthly active user base — the user metric it has shared quarterly since its IPO in 2013 — is shrinking, and has been for some time. So focusing on DAU instead of MAU lets Twitter show that it’s growing, which is a much happier story to tell. In fact, Twitter said it will stop sharing the MAU total altogether beginning this year.

The DAU metric also helps put Twitter’s user growth, which it’s been touting for years, into perspective. And it helps us compare Twitter’s audience to competitors like Snapchat, which it competes with for advertising dollars.


Facebook just ticking over on 1,520 million DAUs. And yet: none of the three looks likely to go away.
link to this extract

What I learned from the hacker who spied on me • WSJ

Joanna Stern:


We’re putting cameras in more and more places, yet more and more people are putting tape over their computer webcams because they fear who may be looking.

How secure are these tiny eyes into our private lives? The bad news is, it was possible for Mr. Heid to get into my Windows 10 laptop’s webcam and, from there, my entire home network. He also eventually cracked my MacBook Air. The good news is that both operating systems were initially able to thwart the hacker. It took me performing some intentionally careless things for him to “succeed.”

If you’re on guard and aware that people are out there trying to trick you to let down your defenses, and you follow some basic practices, you can make it much more difficult for the bad guys to get to you…

…When connected to the Windows laptop, Mr. Heid was able to scan for other devices on my home Wi-Fi network. He quickly found two cameras: a Nest Camera and a Wansview 1080p connected baby monitor that I bought for this column along with the laptops.

From this point on, getting into the baby monitor didn’t even require hacking. He went to its IP address, searched Google for the default username and password and typed it in to the camera’s web portal. He had a nice stream of my son’s playroom—my son included.


Windows 10: hard-ish to hack. MacBook Air: harder to hack. Android: harder to hack. iPhone: don’t bother. (Yeah yeah FaceTime. Isn’t the same.) Random webcams: cinch, especially if you don’t change the default password – and lots of people don’t.
link to this extract

Another demonstration of CRS/GDS insecurity • The Practical Nomad blog

Edward Hasbrouck:


Zack Whittaker had a report yesterday for Techcrunch on the latest rediscovery of a continuing vulnerability affecting sensitive personal data in airline reservations that I first reported, both publicly and to the responsible companies, more than 15 years ago: computerized reservations systems and systems that rely on them for data storage and retrieval, including airline check-in Web sites, use a short, insecure, unchangeable, system-assigned, and fundamentally insecure “record locator” as though it were a secure password to control access to passenger name record (PNR) data.

I wrote about these vulnerabilities and reported them to each of the major CRS/GDS companies in 2001, 2002, and 2003, specifically noting their applicability to airline check-in Web sites (among many other Web services). I pointed these vulnerabilities out in a submission to the US Federal Trade Commission in 2009 which was co-signed by several consumer and privacy organizations, in my 2013 testimony as an invited expert witness before the Advisory Committee on Aviation Consumer Protection of the U.S. Department of Transportation, in a complaint which was which finally accepted and docketed by the European Commission in 2017, and in my comments to the European Commission in December 2018 with respect to its current review of the European Union’s regulations governing protection of personal data by CRSs.


Ah, so it’s not a new thing by any means. That makes it a lot worse. (Thanks, Wendy Grossman.)

link to this extract

The proposed Green New Deal

Put forward by Alexandria Ocasio-Cortez, among others; its aims aren’t modest:


National mobilization of our economy through 14 infrastructure and industrial projects. Every project strives to remove greenhouse gas emissions and pollution from every sector of our economy:

o Build infrastructure to create resiliency against climate change-related disasters
o Repair and upgrade U.S. infrastructure. ASCE estimates this is $4.6 trillion at minimum.
o Meet 100% of power demand through clean and renewable energy sources
o Build energy-efficient, distributed smart grids and ensure affordable access to electricity
o Upgrade or replace every building in US for state-of-the-art energy efficiency
o Massively expand clean manufacturing (like solar panel factories, wind turbine factories, battery and storage manufacturing, energy efficient manufacturing components) and remove pollution and greenhouse gas emissions from manufacturing
o Work with farmers and ranchers to create a sustainable, pollution and greenhouse gas free, food system that ensures universal access to healthy food and expands independent family farming
o Totally overhaul transportation by massively expanding electric vehicle manufacturing, build charging stations everywhere, build out high-speed rail at a scale where air travel stops becoming necessary, create affordable public transit available to all, with goal to replace every combustion-engine vehicle
o Mitigate long-term health effects of climate change and pollution
o Remove greenhouse gases from our atmosphere and pollution through afforestation, preservation, and other methods of restoring our natural ecosystems
o Restore all our damaged and threatened ecosystems
o Clean up all the existing hazardous waste sites and abandoned sites o Identify new emission sources and create solutions to eliminate those emissions
o Make the US the leader in addressing climate change and share our technology, expertise and products with the rest of the world to bring about a global Green New Deal


Yes, that does say “Upgrade or replace every building in US for state-of-the-art energy efficiency”. It’s a ten-year plan “to mobilise every aspect of American society at a scale not seen since World War 2.” No exaggeration, that.
link to this extract

Apple SVPs • All this

Dr Drang:


Putting the App Store under Phil Schiller [rather than Eddy Cue], which on paper makes no sense for the SVP of marketing, was the solution, for which both Schiller and Tim Cook deserve credit.

I would argue that broadening Jony Ive’s design oversight to include software in addition to hardware was a mistake as big as putting Cue in charge of the App Store. The software side of Apple’s user interfaces—especially on iOS, which isn’t as hardened by long tradition as on the Mac—has become steadily more cryptic under Ive’s control. Some of this is due to Apple’s need to squeeze more functionality into the OS, but Ive hasn’t been up to the task of melding the new functions into the UI in a consistent and discoverable way.

To me, [Angela] Ahrendts’s five years in charge of Retail has been similar to Ive’s time as Chief Design Officer. The Apple Stores look better than ever, but they don’t work as well as they used to. No one I know looks forward to going to an Apple Store, even when it’s for the fun task of buying a new toy. No doubt a lot of this is due to Apple’s success and the mobs of people milling about, but Ahrendts didn’t solve the problem of efficiently handling the increased customer load.

I hope [Ahrendt’s replacement, Deirdre] O’Brien’s background in operations will lead to improvements in the flow of people through the Stores.


I hadn’t thought about Ive and software; that happened before the release of iOS 7, which he really influenced, and whose minimalism has been dialled back towards, if not maximalism, then sufficientism, over the intervening six years.
link to this extract

Attacking a paywall that hides public court filings • The New York Times

Adam Liptak:


By one estimate, the actual cost of retrieving court documents, including secure storage, is about one half of one ten-thousandth of a penny per page. But the federal judiciary charges a dime a page to use its service, called Pacer (for Public Access to Court Electronic Records).

The National Veterans Legal Services Program and two other nonprofit groups filed a class action in 2016 seeking to recover what they said were systemic overcharges. “Excessive Pacer fees inhibit public understanding of the courts and thwart equal access to justice, erecting a financial barrier that many ordinary citizens are unable to clear,” they wrote.

The suit accuses the judicial system of using the fees it charges as a kind of slush fund, spending the money to buy flat-screen televisions for jurors, to finance a study of the Mississippi court system and to send notices in bankruptcy proceedings.

A 2002 law allows — but does not require — the judicial system to charge for access to the records, but “only to the extent necessary” to pay for “services rendered.” The judicial system says the law allows it to charge the current fees and to spend the proceeds on a variety of programs. People seeking free access, the judicial system’s brief said, can visit the courthouse.

Last year, Judge Ellen S. Huvelle of the Federal District Court in Washington accepted the challengers’ basic theory and said the judicial system had misused some of the money.


There’s a samizdat effort to put any Pacer documents acquired into cloud services such as DocumentCloud so that people don’t have to re-pay to view them. In February 2017, the Internet Archive offered to host the data as Congress’s subcommittee on courts and IP met to discuss Pacer, for the first time in a decade. The US’s behaviour here is out of line with its normal approach to data held by governments, which are paid by the people.
link to this extract

Amazing illustrations that use negative space brilliantly • Digital Synopsis


In art, negative space is the background space around the main object of an image. In a two-tone image (eg. black and white), the object is usually depicted in a darker color (black) than the background (white), thereby forming a silhouette. Sometimes, the tones are reversed and white is used to fill the silhouette (refer Coke examples below). When an artist carves out a shape in the silhouette, in a way that the background creates a visual of its own, that’s when the magic happens.


Very Mad Men, but that doesn’t mean they’re not magical.
link to this extract

Errata, corrigenda and ai no corrida: none notified

5 thoughts on “Start Up No.999: Facebook’s German data hiccup, ads and robot anxiety, Twitter’s user truth, webcam insecurity, and more

  1. re. US infrastructure. I remember in the early 90s when I went to the US, discovering what potholes were. I’d seen them before in my home France, but and the endy-end of streets in residential neighbourhoods, not smack in the middle of town streets or country roads. And not so many.
    Also, that was back when dad was building a house with 20cm thick steel-reinforced walls. Took 30yrs, he liked to DIY stuff. Right next to my cheap student rental, they put up a… house ? by sticking stakes in the ground and bolting pre-made wood panels in-between. Took them less than 30 days though.
    First trip to NY I remembered Léopold Sédar Senghor’s “NY, at first I was seduced by your beauty, girls of gold with long legs…”. But nope, just a whole lot of people running very fast, potholes (in NY ??!!??), and buildings that looked worse than the worker’s district in my home (company-) town.

  2. Just discovered CVE has a nice overview screen of vulns/os. Truncating the links since (again !) one of my posts didn’t go trough yesterday because links:

    Most important column is probably the rightmost one: actual exploits that happened. None since 2015. I haven’t dug into what’s covered exactly (base OS, 1st-party preinstalled apps, 1st-party popular apps…). Salient facts:
    – similar totals
    – very sharp fall in Apple’s vulns over the past 2 years
    I’m unclear if Apple software quality has dramatically improved, or if the combined closed-sourciness + lack of an open bug bounty program have just impacted public reports of bugs in favor of private use/sales. Lots of the bugs reported on the Android side seem to be from inspecting the source code (“missing bounds checks…”).

    • The rightmost column is “public exploits”, which I think – CVSS can be vague – means “things which were demonstrated and then everyone played catchup”.
      Those might show similar totals, but the CVE figure for iOS v Android is scarily different. Organise by severity and by year, and you get this contrast:
      Android vulnerabilities by year and severityiOS vulnerabilities by year and severity

      Gigantic difference in absolute number. We don’t know what “public exploits” means in this context, but it doesn’t look reassuring for Android.

      Apple has had a bug bounty scheme since mid-2016, though it’s invite-only, which probably limits its usefulness. (There’s another bug in Mojave which is public today.)

      • The “which limits its usefulness” is debatable. Let’s assume Apple is a smart company. Why would they have only a limited, low-payout bug bounty program ? What does paying very little to only a hadful of pre-selected suppliers achieve ? Fewer bug reports, hence good PR.
        1- Like for the almost-widgets, it allows Apple to say it has them, while not actually going to the effort and expense of having them. That’s good PR, especially since it’s eagerly regurgitated in the iBubble.
        2- Since several private companies are paying more for iOS bugs, and then keeping them secret, it makes for a nice-looking list with very few bugs on it.

        I think most behaviours are rational, and Arkham’s razor usually works. I’m open to any other suggestion as to why a cheap closed bounty program has been chosen over a regularly-funded, open one.

  3. To put the roads in perspective 92% of Washington DC roads are rated “poor” There isn’t a single road rated higher than D if I remember right. A lot of it is to do with building construction. Its always ongoing and the weight of the trucks damage the roads, which never appear to be fixed properly. I had to fit new shocks last year due to pothole damage.

    I’ve always thought it was insane that so many metro stations are outside. For example, so save money, you have to walk something like 600 yards from Dulles airport entrance to get to the Silver Line station which will be open air (so -12 C in the winter, 40 C + in the summer). That’s really going to encourage people to use it.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.