Start Up No.1,051: India’s fake news deluge, China’s hacking onslaught, who owns Huawei?, and more

This is as much as you’ll see of it for a few weeks – perhaps longer. CC-licensed photo by Twitter Trends 2019 on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 10 links for you. Use them wisely. I’m @charlesarthur on Twitter. Observations and links welcome.

Samsung’s Galaxy Fold smartphone release delayed • WSJ

Timothy W. Martin:


Samsung Electronics is delaying the rollout of its Galaxy Fold smartphone until at least next month after some tech reviewers said their test devices had malfunctioned.

The Galaxy Fold, the industry’s first mainstream foldable-screen device, was slated to start selling in the US on Friday, with a price tag of nearly $2,000. But Samsung, citing the problems reported by reviewers, said Monday it plans to announce a new release date for the phone in the coming weeks.

“Initial findings from the inspection of reported issues on the display showed that they could be associated with impact on the top and bottom exposed areas of the hinge,” the company said. “There was also an instance where substances found inside the device affected the display performance.”

The Wall Street Journal earlier reported Samsung’s plans to delay the phone’s release, with people familiar with the matter pointing to problems affecting the handset’s hinge and its main screen.


Huawei’s isn’t due until the autumn. I don’t think it’s going to make a lot of noise about it. I highly recommend Joanna Stern’s video non-review of the Fold.
unique link to this extract

How eleven people try to stop fake news in the world’s largest election • Bloomberg

Saritha Raj:


“In a country largely driven by local and community news, we knew it was critical to have fact-checking partners who could review content across regions and languages,” Ajit Mohan, Facebook’s managing director and vice president in India, wrote in a recent company blog post.

Facebook’s third-party fact-checkers in India analyze news in 10 of India’s 23 official languages, more than any other country, according to a spokesperson.

“Fact-checking is part of a broader strategy to fight false news that includes extensive work to remove fake accounts; cut off incentives to the financially-motivated actors that spread misinformation; promote news literacy; and give more context about the posts they see,” the company said in a statement.

Facebook has said that fighting misinformation is a top priority, and that it hands such critical responsibilities over to contractors to help it keep a better-informed watch around the world at all hours. Contractors also work for much less than the typical Facebook employee, can appear more objective than the company’s own employees, and can make for easier scapegoats if needed.

A visit to Boom’s offices makes clear that the scale of Facebook’s response in India so far isn’t enough. The small team appears capable and hardworking almost to a fault, but given the scale of the problem, they might as well be sifting grains of sand from a toxic beach. “What can eleven people do,” says Boom Deputy Editor Karen Rebelo, “when hundreds of millions of first-time smartphone-internet users avidly share every suspect video and fake tidbit that comes their way?”


You can start to wonder now whether it wouldn’t be better just to turn this stuff off. Speaking of which…
unique link to this extract

Sri Lanka shut down social media. My first thought was ‘good’ • The New York Times

Kara Swisher:


when the Sri Lankan government temporarily shut down access to American social media services like Facebook and Google’s YouTube after the bombings there on Easter morning, my first thought was “good.”

Good, because it could save lives. Good, because the companies that run these platforms seem incapable of controlling the powerful global tools they have built. Good, because the toxic digital waste of misinformation that floods these platforms has overwhelmed what was once so very good about them. And indeed, by Sunday morning so many false reports about the carnage were already circulating online that the Sri Lankan government worried more violence would follow.

It pains me as a journalist, and someone who once believed that a worldwide communications medium would herald more tolerance, to admit this — to say that my first instinct was to turn it all off. But it has become clear to me with every incident that the greatest experiment in human interaction in the history of the world continues to fail in ever more dangerous ways.

In short: Stop the Facebook/YouTube/Twitter world — we want to get off.


I feel there’s a strengthening undercurrent that agrees this is true: social media isn’t actually helping us solve our problems.
unique link to this extract

2018: “We had to stop Facebook”: when anti-Muslim violence goes viral • Buzzfeed News

Aisha Nazim, in mid-2018:


Government officials, researchers, and local NGOs say they have pleaded with Facebook representatives from as far back as 2013 to better enforce the company’s own rules against using the platform to call for violence or to target people for their ethnicity or religious affiliation. They repeatedly raised the issue with Facebook representatives in private meetings, by sharing in-depth research, and in public forums. The company, they say, did next to nothing in response.

Ethnic tensions run deep in Sri Lanka, particularly between the majority Sinhala Buddhists and minority groups, and the country has seen a troubling rise in anti-Muslim hate groups and violence since the end of its decades-long civil war in 2009. Many of those hate groups spread their messages on Facebook. The problem came to a head in March when Buddhist mobs in central Sri Lanka burned down dozens of Muslim shops, homes, and places of worship. In response, the government blocked social media platforms including Facebook, Instagram, and WhatsApp, in a decision it says was made to prevent the violence from spiraling further out of control. Facebook, officials said, couldn’t be relied on to respond to posts and videos inciting violence quickly enough.

“[Facebook] would go three or four months before making a response,” Harin Fernando, minister of telecommunications and digital infrastructure, told BuzzFeed News. “We were upset. In this incident, we had no alternative — we had to stop Facebook.”


And at Easter weekend there was a wave of attacks on churches and hotels; extremist Muslim groups are blamed. Again and again it feels as though Facebook really isn’t helping things, even if it isn’t directly involved in them.
unique link to this extract

Chinese hacking steals billions; US businesses turn a blind eye • PBS

Laura Sullivan and Cat Schuknecht:


for its part, the Chinese government officially denied to NPR and FRONTLINE that it has been involved in such practices.

But that’s not what former U.S. Attorney David Hickton found. When he took over in the Western District of Pennsylvania in 2010, he says, he was inundated with calls from companies saying they suspected China might be inside their computer systems.

“I literally received an avalanche of concern and complaints from companies and organizations who said, ‘We are losing our technology — drip, drip, drip,’ ” he says.

Hickton opened an investigation and quickly set his sights on a special unit of the Chinese military — a secretive group known as Unit 61398. Investigators were able to watch as the unit’s officers, sitting in an office building in Shanghai, broke into the computer systems of American companies at night, stopped for an hour break at China’s lunchtime and then continued in the Chinese afternoon.

“They were really using a large rake — think of a rake [like] you rake leaves in the fall,” he says. “They were taking everything … personal information, strategic plans, organizational charts. Then they just figured out later how they were going to use it.”

But when Hickton went to the companies, eager for them to become plaintiffs, he ran into a problem. None of the companies wanted any part of it. Hickton says they had too much money on the line in China.


Greed, or fear. But it’s been going on for absolutely years. Now it seems companies might feel it’s time to act, or at least speak up.
unique link to this extract

A cartoon intro to DNS over HTTPS • Mozilla Hacks

Lin Clark:


On-path routers can track and spoof DNS because they can see the contents of the DNS requests and responses. But the Internet already has technology for ensuring that on-path routers can’t eavesdrop like this. It’s the encryption that I talked about before.

By using HTTPS to exchange the DNS packets, we ensure that no one can spy on the DNS requests that our users are making.

In addition to providing a trusted resolver which communicates using the DoH protocol, Cloudflare is working with us to make this even more secure… Cloudflare will make the request from one of their own IP addresses near the user. This provides geolocation without tying it to a particular user. In addition to this, we’re looking into how we can enable even better, very fine-grained load balancing in a privacy-sensitive way.

Doing this — removing the irrelevant parts of the domain name and not including your IP address — means that DNS servers have much less data that they can collect about you.


Thanks to Seth Finkelstein, we have the answer to the puzzle of what yesterday’s Sunday Times link was about: DNS over HTTPS. It’s not clear what Google’s timetable is for making this the default in Chrome, but BT is worried enough about it to have highlighted it in a discussion paper written earlier in April, which explains it pretty well.

Would have been nice if the Times writeup had explained this. But the journalists didn’t seem to understand it themselves.
unique link to this extract

How the Boeing 737 Max disaster looks to a software developer • IEEE Spectrum

Gregory Travis:


Long ago there was a joke that in the future planes would fly themselves, and the only thing in the cockpit would be a pilot and a dog. The pilot’s job was to make the passengers comfortable that someone was up front. The dog’s job was to bite the pilot if he tried to touch anything.

On the 737, Boeing not only included the requisite redundancy in instrumentation and sensors, it also included redundant flight computers—one on the pilot’s side, the other on the copilot’s side. The flight computers do a lot of things, but their main job is to fly the plane when commanded to do so and to make sure the human pilots don’t do anything wrong when they’re flying it. The latter is called “envelope protection.”

Let’s just call it what it is: the bitey dog.

Let’s review what the MCAS does: It pushes the nose of the plane down when the system thinks the plane might exceed its angle-of-attack limits; it does so to avoid an aerodynamic stall. Boeing put MCAS into the 737 Max because the larger engines and their placement make a stall more likely in a 737 Max than in previous 737 models.

When MCAS senses that the angle of attack is too high, it commands the aircraft’s trim system (the system that makes the plane go up or down) to lower the nose. It also does something else: Indirectly, via something Boeing calls the “Elevator Feel Computer,” it pushes the pilot’s control columns (the things the pilots pull or push on to raise or lower the aircraft’s nose) downward.


Related to yesterday’s link about Boeing, I received this email from Drew, one of our readers:

My cousin is a long term Boeing employee in Seattle and I wanted to share his insight: Boeing moved the Dreamliner production out of Seattle after a failed attempt to completely break the Washington Machinists Union contract in 2016 (even though most employees lost their pensions and other long-term benefits anyway). As part of the move Boeing eliminated the previously standard two-mechanic or two-machinist QA inspections. Now only one set of human eyes examines the work of robots. Increasingly automation is checking the work of automation.

This is the big failure on the Dreamliner- the robotic QA will verify a wire is soldered and carries a current, but is not programmed to notice metallic debris dangerously close to the solder joint. It’s the kind of issue any 19 year old would notice, but QA AI doesn’t include in their model or training data. Boeing has humans spot checking automated QA but doesn’t share those results with the team. But hey, they’re saving so much money!

unique link to this extract

A hotspot finder app exposed two million Wi-Fi network passwords • TechCrunch



A popular hotspot finder app for Android exposed the Wi-Fi network passwords for more than two million networks.

The app, downloaded by thousands of users, allowed anyone to search for Wi-Fi networks in their nearby area. The app allows the user to upload Wi-Fi network passwords from their devices to its database for others to use.

That database of more than two million network passwords, however, was left exposed and unprotected, allowing anyone to access and download the contents in bulk.

Sanyam Jain, a security researcher and a member of the GDI Foundation, found the database and reported the findings to TechCrunch.

We spent more than two weeks trying to contact the developer, believed to be based in China, to no avail. Eventually we contacted the host, DigitalOcean, which took down the database within a day of reaching out.


Crazy app: you can upload the SSID and password for any Wi-Fi network. And then it’s sitting there on its database, which turns out to be not that secure (predictably enough). Why would you trust some random app from the Play Store, except that it says “free Wi-Fi!!!!” It’s greed blinding people to security.
unique link to this extract

Another warning sign • National Review

Yuval Levin:


On January 15 of 2017, a few days before Trump’s inauguration, the President-Elect was interviewed by the Washington Post, and when asked about health care he said his team would soon propose its own health-care reform—that it was worked out, and that it would not reduce coverage numbers but would cost less than Obamacare. The statement sent the little conservative health policy world into a frenzy: What was this plan? Who was working on it? What kinds of ideas was it based on? The barrage of group emails was soon ended, however, by a note from a member of Trump’s little policy circle, who would soon become a senior administration official. The message was simple: Trump had no idea what he was talking about, the proposal he mentioned was a figment of his imagination, and don’t worry about it—everything was under control.

This was simultaneously reassuring and alarming in the way that Mueller’s window into the administration is. It was evidence that there were people around the president who were doing the work required to govern and make decisions, but it was also evidence that the president was not at the center of that process, and that a significant amount of their work involved deciding when to ignore him. That pattern has of course repeated over and over in the two years that have followed.

As Mueller’s report demonstrates, the willingness of his subordinates to be insubordinate has generally served Trump well, because his own judgement is often so shockingly bad that almost anyone else’s judgment (including that of some very shady characters) would be better.


Levin’s concern is that Trump has been lucky so far: there hasn’t been an emergency that has required coordinated time-sensitive action by the administration, directed from the top. (Although: Puerto Rico?)
unique link to this extract

Who Owns Huawei? • SSRN

Christopher Balding and Donald C. Clarke in an open-access paper:


A number of pertinent facts about Huawei’s structure and ownership are in fact well known and have been outlined many times in the Chinese media, but the myth of Huawei’s employee ownership seems to persist outside of China. This article, drawing on publicly available sources such as media reports, corporate databases, and court cases, aims to refute this myth once and for all.

In summary, we find the following:

• The Huawei operating company is 100% owned by a holding company, which is in turn approximately 1% owned by Huawei founder Ren Zhengfei and 99% owned by an entity called a “trade union committee” for the holding company.

• We know nothing about the internal governance procedures of the trade union committee. We do not know who the committee members or other trade union leaders are, or how they are selected.

• Trade union members have no right to assets held by a trade union.

• What have been called “employee shares” in “Huawei” are in fact at most contractual interests in a profit-sharing scheme.

• Given the public nature of trade unions in China, if the ownership stake of the trade union committee is genuine, and if the trade union and its committee function as trade unions generally function in China, then Huawei may be deemed effectively state-owned.

• Regardless of who, in a practical sense, owns and controls Huawei, it is clear that the employees do not.


The spotlight is really being turned on Huawei now that its global ambitions are so widely known (and the west has fallen behind in 5G). The next year or two could be crucial as more comes out.
unique link to this extract

Errata, corrigenda and ai no corrida: none notified

1 thought on “Start Up No.1,051: India’s fake news deluge, China’s hacking onslaught, who owns Huawei?, and more

  1. “it’s been going on for absolutely years”. Is absolutely the new literally ? ;-p

    In a funny move, BBK (Oppo/Vivo/OnePlus) is strengthening its 4th brand to counter Xiaomi’s runaway success Redmi. The brand ? Realme. I’m unsure if it’s objectionable copycat naming or intelligent brand signaling. If they ever clean up the French version, I anticipate a few theater-level elocution lessons. The price and hardware are OK, the translations are partial and bad, even in English I’m told. Their $200 3 Pro is the cheapest device to run Fortnite on, AFAIK.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.