Start Up No.1,049: Facebook in more hot water, a deep dive on passwords, Google’s ‘browser choice’ in Europe, and more


Like them? A killer disease could make them extinct unless scientists can get ahead of it. CC-licensed photo by Marvee-sama on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 11 links for you. Unredacted. (Easter eggs optional.) I’m @charlesarthur on Twitter. Observations and links welcome.

Unmasked: an analysis of 10 million passwords • WP Engine

:

»

We already knew a few fairly high-profile people were in the Gmail dump. For instance, Mashable noted a month after the list was released that one of its reporters was included (the password listed for him was his Gmail password, but several years old and no longer in use). But we didn’t think Full Contact would turn up so many more.

Within the 78,000 matches we found, there were hundreds of very high-profile people. We’ve selected about 40 of the most notable below. A few very important points:

1. We’ve deliberately not identified anyone by name.
2. The company logos represent those organizations the individuals work for now and not necessarily when they were using the password listed for them.
3. There’s no way of knowing where the passwords were originally used. They may have been personal Gmail passwords, but it’s more likely that they were used on other sites like File Dropper. It’s therefore possible that many of the weak passwords are not representative of the passwords the individuals currently use at work, or anywhere else for that matter.
4. Google confirmed that when the list was published, less than 2% (100,000) of the passwords might have worked with the Gmail addresses they were paired with. And all affected account holders were required to reset their passwords. In other words, the passwords below—while still educational—are no longer in use. Instead, they’ve been replaced by other, hopefully more secure, combinations.

If the passwords hadn’t been reset, however, the situation would be more of a concern. Several studies have shown that a number of us use the same passwords for multiple services. And given that the list below includes a few CEOs, many journalists, and someone very high up at the talent management company of Justin Bieber and Ariana Grande, this dump could have caused a lot of chaos. Thankfully it didn’t, and now can’t.

«

It’s really shocking how short the “crack time” is for some of these passwords: well under a second.
unique link to this extract


Amazon and Google settle feud, bring YouTube back to Fire TV devices • Ars Technica

Valentina Palladino:

»

After over a year of absence, the official YouTube app will return to Amazon Fire TV devices and Fire TV Edition smart TVs. Google pulled the video streaming app in early 2018 after it could not strike a deal with the online retail giant surrounding the availability of its products and services.

According to reports at the time, Google was unhappy with Amazon because the retailer didn’t sell a number of its products, including Chromecast and Google Home devices. The two companies couldn’t strike a business deal that pleased both parties, so Google removed the official YouTube app from Fire TV devices at the start of 2018. This came after Google also revoked YouTube access on Amazon’s Echo Show devices, citing a “broken user experience.”

In the time since YouTube left Fire TVs, users have been able to access the site using browsers. But that experience isn’t the most user-friendly, so the real losers in this situation were YouTube lovers that owned Fire TV devices.

Now, those users will soon have an official YouTube app sanctioned by Google on their streaming devices again. The new app will allow users to sign into their personal accounts and play 4K content at up to 60fps on supported devices. Coming later in the year will be dedicated apps for YouTube Kids and YouTube TV, the company’s live, TV-streaming subscription service. Users will also be able to use Alexa to search for content in the YouTube app.

«

It’s been quite the week for kissing and making up.
unique link to this extract


Presenting search app and browser options to Android users in Europe

Paul Gennai, product management director at Google:

»

Following the changes we made to comply with the European Commission’s ruling last year, we’ll start presenting new screens to Android users in Europe with an option to download search apps and browsers.  

These new screens will be displayed the first time a user opens Google Play after receiving an upcoming update. Two screens will surface: one for search apps and another for browsers, each containing a total of five apps, including any that are already installed. Apps that are not already installed on the device will be included based on their popularity and shown in a random order.


An illustration of how the screens will look. The apps shown will vary by country.

Users can tap to install as many apps as they want. If an additional search app or browser is installed, the user will be shown an additional screen with instructions on how to set up the new app (e.g., placing app icons and widgets or setting defaults). Where a user downloads a search app from the screen, we’ll also ask them whether they want to change Chrome’s default search engine the next time they open Chrome.

«

Do we really think this is going to make any difference? I suspect it will be about as (in)effective as the Microsoft Browser Choice screen was.
unique link to this extract


Amazon Music launches free streaming tier, through Alexa only (for now) • Variety

Jem Aswad:

»

Amazon Music today basically soft-launched its free streaming tier, in which U.S. customers of its Alexa voice assistant will have access to top Amazon Music playlists and thousands of stations, at no cost. The limited access that the new free service provides — it’s only available through Alexa, and when the listener requests a song, it leads to an Amazon playlist or station, rather than an album — is presumably the first phase of a full ad-supported (i.e. free, with ads) streaming tier that will launch at some point in the future…

…Over the past few years, Amazon has quietly become the third-largest streaming service in the world, behind Spotify and Apple Music — a fact that is obscured by its relatively small place in Amazon’s gargantuan business. However, led by VP of Music Steve Boom, over the past couple of years the company has been pushing harder into the music space, with exclusive features on big artists with new releases — such as its one-time-only “SoundBoard” specials with U2, Elton John and Justin Timberlake — and generally making more noise about its offerings.

«

Basically commercial radio, sans DJ. Everything old is new again.
unique link to this extract


The quest to save the banana from extinction • The Conversation

Stuart Thompson:

»

Panama disease, an infection that ravages banana plants, has been sweeping across Asia, Australia, the Middle East and Africa. The impact has been devastating. In the Philippines alone, losses have totalled US$400m. And the disease threatens not only the livelihoods of everyone in this US$44 billion industry but also the 400m people in developing countries who depend on bananas for a substantial proportion of their calorie intake.

However, there may be hope. In an attempt to save the banana and the industry that produces it, scientists are in a race to create a new plant resistant to Panama disease. But perhaps this crisis is a warning that we are growing our food in an unsustainable way and we will need to look to more radical changes for a permanent solution.

«

Long article, and you will end up knowing a lot more about bananas, and how they reproduce (or don’t) than you ever expected to.
unique link to this extract


Why did Intel kill off their modem program? • SemiAccurate

Charlie Demerjian:

»

[Intel] quite literally never delivered a modem that worked right. The most glaring example of this was the iPhone 7 which had both Intel and Qualcomm variants. On paper it was a 1Gb LTE device but Apple only delivered a 600Mbps iPhone.

That same 600Mbps Qualcomm modem in the iPhone ran at 1Gbps in Android devices. The Intel modem ran at 600Mbps max and there were no other customers to make a comparison to. Apple crippled their Qualcomm parts to match the delivered Intel specs. Worse yet those Intel parts were only 600Mbps on paper; in practice they had 30% lower throughput. On top of this the Intel modems consumed vastly more energy to do their slower work than Qualcomm, a trend that SemiAccurate has personally measured in the labs across multiple generations of Intel modems but is not at liberty to disclose exact figures on, sorry.

This is significant for several reasons. First, phones operate on batteries, and 30% lower throughput at 30% higher energy use means the Intel modem was about half as efficient as the Qualcomm one. Not only do customers with Intel iPhones get a second rate user experience, they get worse battery life as well.

And then there are the carriers whose product is effectively finite air time on a specific frequency. If a phone is 30% slower due to retries and packet failures it means it ties up 30% more of that time and costs carriers much more to support. They are keenly aware of this and hate Intel modems.

«

Just as well Intel isn’t going to be doing modems much longer.
unique link to this extract


Facebook building voice assistant to rival Amazon Alexa and Apple Siri • CNBC

Salvador Rodriguez:

»

The tech company has been working on this new initiative since early 2018. The effort is coming out of the company’s augmented reality and virtual reality group, a division that works on hardware, including the company’s virtual reality Oculus headsets.

A team based out of Redmond, Washington, has been spearheading the effort to build the new AI assistant, according to two former Facebook employees who left the company in recent months. The effort is being lead by Ira Snyder, director of AR/VR and Facebook Assistant. That team has been contacting vendors in the smart speaker supply chain, according to two people familiar.

It’s unclear how exactly Facebook envisions people using the assistant, but it could potentially be used on the company’s Portal video chat smart speakers, the Oculus headsets or other future projects.

The Facebook assistant faces stiff competition. Amazon and Google are far ahead in the smart speaker market with 67% and 30% shares in the U.S. in 2018, respectively, according to eMarketer.

«

Odd that the headline mentions Siri when it’s bringing up the rear with the 3%, then. But Google’s assistant doesn’t have a name, I suppose.

What’s the betting that in a year or two it’ll turn out that Facebook is accidentally recording everything you say and using it to target ads? Like people suspect happens already?
unique link to this extract


Facebook stored millions of passwords in plaintext—change yours now • WIRED

Lily Hay Newman:

»

By now, it’s difficult to summarize all of Facebook’s privacy, misuse, and security missteps in one neat description. It just got even harder: On Thursday, following a report by Krebs on Security, Facebook acknowledged a bug in its password management systems that caused hundreds of millions of user passwords for Facebook, Facebook Lite, and Instagram to be stored as plaintext in an internal platform. This means that thousands of Facebook employees could have searched for and found them. Krebs reports that the passwords stretched back to those created in 2012.

«

Brian Krebs’s report was on 21 March. This acknowledgement has come nearly a month later, at the end of the day before Easter Friday, after the release of the Mueller report which of course sucked up huge amounts of media attention.

Did it really take four weeks to acknowledge this?
unique link to this extract


Facebook bans far-right groups including BNP, EDL and Britain First • The Guardian

Alex Hern:

»

In a statement, the far-right group Knights Templar International said it was “horrified” by the ban, and that it was exploring legal options. “Facebook has deemed our Christian organisation as dangerous and de-platformed us despite never being charged, let alone found guilty of any crime whatsoever,” a spokesman said. “This is a development that would have made the Soviets blush.”

The company’s decision to ban five of Britain’s most prominent far-right organisations shows it has moved a long way from its previous position on the groups.

As early as 2016, concerns were raised about the scale of the far right’s activities on social media. Britain First, then a registered political party, had used a combination of canny tactics and sponsored posts on the social network to push anti-Islam posts to millions of users, drawing one of the largest social media followings of any British political party. When queried on whether this was desirable, Facebook told reporters the site “is used by parties and supporters of many political persuasions to campaign for issues they feel passionately about.

“Like individuals and all other organisations on Facebook, they must adhere to our community and advertising standards, which set out the limits for acceptable behaviour and content.” It would be another two years before Facebook banned Britain First from the site.

When Facebook initially banned the organisation in early 2018 it was for repeated breaches of the site’s posting policies, and did not reach the level of designating it as a dangerous organisation. That ban came a few months after the group had ceased to be a political party.

«

So basically Facebook is starting to follow the UK government’s classifications of “proscribed groups”. Start out as a private company, get big enough and effectively you’re a regulated utility.
unique link to this extract


Facebook uploaded 1.5 million users’ email contacts without permission • Business Insider

Rob Price:

»

Facebook harvested the email contacts of 1.5 million users without their knowledge or consent when they opened their accounts.

Business Insider has learned that since May 2016, the social networking company has collected the contact lists of 1.5 million users new to the social network. The Silicon Valley company says they were “unintentionally uploaded to Facebook,” and it is now deleting them. You can read Facebook’s full statement below.

The revelation comes after a security researcher noticed that Facebook was asking some users to enter their email passwords when they signed up for new accounts to verify their identities, in a move widely condemned by security experts. Business Insider then discovered that if you did enter your email password, a message popped up saying it was “importing” your contacts, without asking for permission first.

At the time, it wasn’t clear what was actually happening — but a Facebook spokesperson has now confirmed that 1.5 million people’s contacts were collected this way, and fed into Facebook’s systems, where they were used to build Facebook’s web of social connections and recommend friends to add. It’s not immediately clear if these contacts were also used for ad-targeting purposes. [Later: it did.]

Facebook says that prior to May 2016, it offered an option to verify a user’s account and voluntarily upload their contacts at the same time. However, Facebook says, it changed the feature, and the text informing users that their contacts would be uploaded was deleted — but the underlying functionality was not. Facebook didn’t access the content of users’ emails, the spokesperson added.

«

Notice how Facebook’s errors always fall in favour of it getting more information, and using it to target ads? Never getting less information and reducing ad loads? Though at this point it looks sociopathic.
unique link to this extract


Samsung Galaxy Fold is the Homer Simpson car • UX Collective

Patrick Thornton:

»

[Entering data] is becoming more and more common for healthcare, architecture, and some other professions. Having a small, foldable tablet might be more convenient than other existing small tablets. The quarter-assed phone on [the Galaxy Fold] might be good enough just for fielding work calls and other work activities.

If Samsung wanted to first start by targeting specific professional markets with this, they might get great feedback and begin to be able to refine this for consumer use. That does not appear to be their strategy here.

Also, with 79% of smartphone users using a protective case. How is that going to work for a device like this? It seems to me that either a mobile product like this needs to be very durable and impact resistant, or it needs to allow for use a case.

The last part of the Design Critique Rubric is to determine whether or not a user-centered design process was followed when building a product. A user-centered design process focuses product design and development on figuring out users’ problems and designing solutions to those.

At first glance, this does not appear a user-centered design process was followed (it’s hard to imagine the phone part of this being well received by users). I’m willing to put it through the full rubric once this device ships, but until then, I don’t see strong evidence of a user-centered design process.

«

Foldables already start to look like a technology solution in search of a problem. But that’s Samsung’s approach. It pioneered big screens because it made screens; that turned out to be a good idea. It pioneered foldables because it could make foldable screens. Well.. (Watch this if you’re not familiar with “Homer Simpson’s Car”.)
unique link to this extract


Errata, corrigenda and ai no corrida: none notified

5 thoughts on “Start Up No.1,049: Facebook in more hot water, a deep dive on passwords, Google’s ‘browser choice’ in Europe, and more

  1. Friday night contribution: the sad thing if we lose bananas, is that we’ll all so lose the inspiration for some artistic masterpieces:

    This clearly wouldn’t work quite as well with strawberries.

    (with apologies to the involved – and worthwhile- artists)

  2. Luddites or wise men ?

    Probably in-between. Implementation/execution details and teetotalism… Going all-in overnight seems doubly crazy, both the all-in part and the overnight part.

    Even as a grizzled veteran today, I know I can’t, or shoudln’t, be utterly focused on work for hours at a stretch with no breaks nor distractions. As a kid, I don’t think I could manage 30 minutes alone at home, maybe 10 in class.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.