Start Up No.1,129: hacking GDPR, US voting systems left online, Google boosts maps, Note10 under the spotlight, moderating Hacker News, and more

How will AOL get by now without its digital prophet? Yes, Shingy is leaving. CC-licensed photo by Jarle Naustvik on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 9 links for you. Use them wisely. I’m @charlesarthur on Twitter. Observations and links welcome.

Black Hat: GDPR privacy law exploited to reveal personal data • BBC News

Dave Lee:


About one in four companies revealed personal information to a woman’s partner, who had made a bogus demand for the data by citing an EU privacy law.
The security expert contacted dozens of UK and US-based firms to test how they would handle a “right of access” request made in someone else’s name.

In each case, he asked for all the data that they held on his fiancée…

He declined to identify the organisations that had mishandled the requests, but said they had included:
• a UK hotel chain that shared a complete record of his partner’s overnight stays
• two UK rail companies that provided records of all the journeys she had taken with them over several years
• a US-based educational company that handed over her high school grades, mother’s maiden name and the results of a criminal background check survey

[University of Oxford-based researcher James] Pavur has, however, named some of the companies that he said had performed well. He said they included:
• the supermarket Tesco, which had demanded a photo ID
• the domestic retail chain Bed Bath and Beyond, which had insisted on a telephone interview
• American Airlines, which had spotted that he had uploaded a blank image to the passport field of its online form.


Social engineering: still one of the best kinds of hacking.
unique link to this extract

Critical US election systems have been left exposed online despite official denials • VICE

Kim Zetter:


For years, US election officials and voting machine vendors have insisted that critical election systems are never connected to the internet and therefore can’t be hacked.

But a group of election security experts have found what they believe to be nearly three dozen backend election systems in 10 states connected to the internet over the last year, including some in critical swing states. These include systems in nine Wisconsin counties, in four Michigan counties, and in seven Florida counties—all states that are perennial battlegrounds in presidential elections.

Some of the systems have been online for a year and possibly longer. Some of them disappeared from the internet after the researchers notified an information-sharing group for election officials last year. But at least 19 of the systems, including one in Florida’s Miami-Dade County, were still connected to the internet this week, the researchers told Motherboard…

…The systems the researchers found are made by Election Systems & Software, the top voting machine company in the country. They are used to receive encrypted vote totals transmitted via modem from ES&S voting machines on election night, in order to get rapid results that media use to call races, even though the results aren’t final.


unique link to this extract

Google wants Travel and Maps to be the place you plan trips from start to finish • The Verge

Natt Garun:


An update coming to Google Flights will now show travellers guides on popular destinations based on their country and the time of year. You can also specify exact travel dates and destinations to get historical data on flight prices and find the best time to book. Google says it’s so confident in this price prediction that it will offer a refund on select flights if a fare drops after you’ve booked. (It’s not automatic and you still have to file a claim, but it’s a nice deal if you’re planning to get away ahead of the Labor Day holiday.) The offer starts next Tuesday August 13th until September 2nd, and is limited to travellers flying out of the US.

Flights will also begin to show the fare class differences on Alaska and Delta airlines so travelers can differentiate between various economy seats. Google says because so many airlines have their own verbiage on what an economy seat may entail, it’s hoping to standardize the language by showing people what type of ticket they’re getting before they book. The company also says it will continue to work to add other airlines in the future.


That’s really useful. Also offering augmented reality when you’re trying to find your way around in a location.
unique link to this extract

Galaxy Note10 hands-on: Samsung falls behind the competition • Ars Technica

Ron Amadeo:


It’s hard to see how the Galaxy Note10 is supposed to excite me. Samsung is supposed to be the “speeds and feeds” company, but the device doesn’t have the fastest Qualcomm SoC out there. Qualcomm recently took the wraps off the upclocked Snapdragon 855+ and is already shipping the part in some phones. The Note10 only has a regular old Snapdragon 855, with no extra clocks added.

I can’t say the Note10 has the best screen, since faster, high-refresh-rate displays are hitting the market now, and they make a world of difference in the feel of a smartphone. You can get a 90Hz OLED display on the excellent OnePlus 7 Pro, and or a 120Hz OLED on the Asus ROG Phone 2. How Samsung, the smartphone industry’s leading display manufacturer, missed the faster refresh rate trend is beyond me. Heck, the OnePlus 7 Pro’s 90Hz display is made by Samsung. It’s not like the company doesn’t have the technology—just reach into the parts bin and put the better screen in your phones!

The Note line isn’t the “everything” phone anymore, either—not with the removal of the headphone jack and the waffling over an SD card slot (the larger Note10+ has one, but the still-large Note10 does not). Samsung even killed the rear-mounted heart rate sensor this year, if anyone cares. Power users looking for the smartphone version of a Swiss Army Knife should look elsewhere. The Asus ROG phone actually feels more Samsung-y than this Samsung phone, launching as it has with new display tech, a new SoC, a headphone jack, two USB ports, and a million crazy accessories.

When I reviewed the OnePlus 7 Pro, I said that the pop-up camera, all-screen design, and high refresh rate display made it feel like something manufacturers will spend the next year chasing. After the Note10 launch, I still feel that way.


I like the fact that Samsung has deleted the videos of its ads where it mocked Apple for getting rid of the headphone jack.
unique link to this extract

After 12 years as a digital prophet, David Shing is moving on from Verizon Media • AdWeek

Josh Sternberg:


The Australian-born executive, who has held several top-tier marketing roles at Verizon Media through the telco-owned agency’s various corporate evolutionary stages since 2007, confirmed his exit by way of a LinkedIn parting note entitled “Today marks new adventures.” His exit from Verizon Media is of his own volition and not part of a wider overhaul of senior-level executives there, according to a source.

A Verizon spokesperson declined to comment further about the resignation.

While the exact directives of his role as a self-proclaimed “digital prophet” have always been somewhat vague, they’re best described as looking around corners for all areas of the business. The self-penned post did not outline the specifics of his future ventures, although Shing did note he would be “working autonomously with brands to help them achieve optimal presence in the marketplace.”

He also credited fatherhood—Shing became a parent in 2017—as a “transformational experience” that “highlighted the passion I have for helping things grow and seeing them thrive.”

He continues, “We inhabit a pivotal time at which much is at stake in how we practice media and marketing. I’ve had a rare privilege of speaking into the soul of our industry (as a futurist) … and I believe it’s a critical time to preserve the tenants [sic] of human dignity, creativity and compassion as we engage the thrilling opportunities at hand.”


“Digital prophet”, huh? His farewell on LinkedIn wasn’t even text – it was an image of a Notes page. He wrote four articles for AdWeek. They’re utter surface-skimming fluff. How he kept his job so long is surely the story for a book. (Meantime, here’s the skewering 2014 New Yorker profile of him.)
unique link to this extract

The end of the world: a history of how a silent cosmos led humans to fear the worst • The Conversation

Thomas Moynihan:


Nestled within the university’s medieval spires, Nick Bostrom’s institute [Oxford’s Future of Humanity Institute] scrutinises the long-term fate of humanity and the perils we face at a truly cosmic scale, examining the risks of things such as climate, asteroids and AI. It also looks into less well-publicised issues. Universe destroying physics experiments, gamma-ray bursts, planet-consuming nanotechnology and exploding supernovae have all come under its gaze.

So it would seem that humanity is becoming more and more concerned with portents of human extinction. As a global community, we are increasingly conversant with increasingly severe futures. Something is in the air.

But this tendency is not actually exclusive to the post-atomic age: our growing concern about extinction has a history. We have been becoming more and more worried for our future for quite some time now. My PhD research tells the story of how this began. No one has yet told this story, yet I feel it is an important one for our present moment.

I wanted to find out how current projects, such as the Future of Humanity Institute, emerge as offshoots and continuations of an ongoing project of “enlightenment” that we first set ourselves over two centuries ago. Recalling how we first came to care for our future helps reaffirm why we should continue to care today.


unique link to this extract

The lonely work of moderating Hacker News • The New Yorker

Anna Wiener:


The most ideologically motivated or extreme posts and comments on Hacker News—an interview piece from Quillette titled “Understanding Victimhood Culture”; a link to a video of James Damore and Jordan Peterson in conversation; one user telling another that all Jewish people should relocate to Israel—tend to get flagged by the community or the site’s anti-abuse systems, many of which Bell and Gackle have written themselves. (Flagged posts are removed from view, though they remain searchable by URL; flagged comments are rendered in pale gray text, and only visible to logged-in users who have chosen to see “dead” comments.) Still, as an occasional reader, I have noticed certain trends. When stories that focus on structural barriers faced by women in the workplace, or on diversity in tech, or on race or masculinity—stories, admittedly, that are more intriguing to me, a person interested in the humanities, than stories on technical topics—hit the front page, users often flag them, presumably for being off topic, so fast that hardly any comments accrue. When I shared these impressions with Gackle and Bell, they looked distressed. I asked if these were problems that they felt they could, or should, be controlling or trying to change on the site.

“From our perspective, the big surprise is how little control we actually have. We have to play our cards very carefully and very wisely, or even that control will sort of evaporate,” Gackle said. “There’s often a strong wish to solve these contentious problems by changing the software, and, to the extent that we’ve tried things like that, we haven’t found it to work. What does seem to work better is personal interaction, over and over and over again, with individual users. That, case by case by case, seems to move the needle. But it’s very slow.”


I bet this will shoot to the top of Hacker News (it’s in second place as I write, when it’s six hours old and the US west coast mostly isn’t awake; and predictably enough there are folk saying “things are getting worse”). A good, long insight both into the culture of the place, and the different culture of those behind it.
unique link to this extract

Is Ebola evolving into a more deadly virus? • The New Yorker

Richard Preston:


This July, the World Health Organization declared that an outbreak of Ebola in the provinces of Ituri and North-Kivu, in the eastern Democratic Republic of the Congo, was a “public health emergency of international concern.” This particular strain of the virus, which first appeared in the region in 2018 and hasn’t been given a formal name—I’ll call it Kivu Ebola—is a variant of a species known as the Zaire Ebola virus. As of last Saturday, 2,753 cases of Kivu Ebola have been reported, with 1,843 deaths. There appear to be many undiscovered cases in the region, too. Ella Watson-Stryker, a social scientist with Doctors Without Borders, who has been studying the outbreak, said that around half of all Ebola patients admitted to treatment centers in eastern Congo aren’t part of any known chain of transmission. In other words, the infected person has caught Ebola from somebody whom disease investigators haven’t yet identified. “A lot of transmission is not being seen, but nobody knows the exact amount,” Watson-Stryker told me…

…The Kivu Ebola outbreak area is in a conflict zone, beset by armed militias and ethnic violence. Local people often don’t trust the international medical organizations that run the Ebola treatment centers. There have been at least 194 attacks on local health workers, seven of whom have been killed. Watson-Stryker, the researcher, said that social media complicates containment and treatment efforts. Conspiracy theories about medical workers and false information about how the virus is spread are ricocheting around popular platforms like WhatsApp. “The problem is the post-factual reality that exists in social media,” she said…

…The Kivu Ebola, so far, has mutated into four lineages. Three of the four are active in the population. The swarm is exploring people’s immune systems and jumping from one victim to the next. So far, none of the three active varieties has become dominant. “The virus has been brewing in that area for a while,” [Pardis] Sabeti [a genomic scientist] said. “If you give Ebola enough time to transmit from human to human, then an unpredictable event can occur. How likely is it that Ebola could change suddenly? We don’t have a good answer to that question.”


Preston wrote “The Hot Zone”, and has been reporting on Ebola since 1992. If you’re wondering.
unique link to this extract

Apple is locking iPhone batteries to discourage repair • iFixit

Craig Lloyd:


If you replace the battery in the newest iPhones, a message indicating you need to service your battery appears in Settings > Battery, next to Battery Health. The “Service” message is normally an indication that the battery is degraded and needs to be replaced. The message still shows up when you put in a brand new battery, however. Here’s the bigger problem: our lab tests confirmed that even when you swap in a genuine Apple battery, the phone will still display the “Service” message.

It’s not a bug; it’s a feature Apple wants. Unless an Apple Genius or an Apple Authorized Service Provider authenticates a battery to the phone, that phone will never show its battery health and always report a vague, ominous problem.

We first saw this phenomenon in a damning video from Justin at The Art of Repair, and we were able to replicate it on an iPhone XS running both iOS 12 and the iOS 13 beta. Swapping in a new genuine Apple battery from another iPhone XS resulted in the “Service” message popping up in the Battery Health section, followed by an “Important Battery Message” telling us that it’s “unable to verify this iPhone has a genuine Apple battery.” Justin says this only affects the iPhone XR, XS, and XS Max for the time being.


The obvious reason Apple is doing this: it doesn’t want repairers swapping in shonky batteries from all over, which I know definitely happens (it happened to a family member). Those batteries can die early, or explode. Yes, it’s going to have a software button to confirm the work involves a real Apple battery. Authorised companies will get to do this.

You can view this as Apple Is Evil, or you can see it as Apple trying to protect its customers from potentially dangerous counterfeits (bad batteries can blow up in your face) and shoddy work.
unique link to this extract

Errata, corrigenda and ai no corrida: none notified

2 thoughts on “Start Up No.1,129: hacking GDPR, US voting systems left online, Google boosts maps, Note10 under the spotlight, moderating Hacker News, and more

  1. Re Note 10: Ron Amadeo dislikes Samsung for some reason, you should be able to keep using him for the negative headlines about Samsung gear you prefer.

    He manages to whittle down the screen to a refresh rate (because contrast, accuracy, reflectance, input lag, … don’t matter), write a whole thing about GN10 w/o a word about DeX, spend the largest part of his page on his dislike for the pinhole non-notch…
    A more balanced preview: the The Verge’s

    The disappearance of the jack and videos is funnily hypocritical. I’m sure you called out Apple about the “designed for your hands” thing too ?

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.