Start Up No.1,159: the online review problem, Apple kills Hong Kong police app, the fake Tory fusion dream, DNS over HTTPS = bad, and more

Endangered species? Pedestrians in America are increasingly the victims of accidents involving cars. CC-licensed photo by gato-gato-gato on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 10 links for you. Friday already? I’m @charlesarthur on Twitter. Observations and links welcome.

Have online reviews lost all value? • WSJ

Rebecca Dolan:

» reviews came under scrutiny in 2018 when emails posted to Reddit revealed that some staffers at skin care brand Sunday Riley were sent instructions for posting positive product reviews, including tips to create multiple fake accounts. Sunday Riley acknowledged the emails at the time via its verified Instagram account stating, “Yes, the email was sent by a former employee” and defending its actions by adding that “competitors often post negative reviews of products to swing opinion.” Sunday Riley didn’t respond to emails requesting comment. Sephora responded by sending a link to its terms for posting reviews, which require registering with an email.

The quid pro quo nature of digital relationships on apps like Uber has created ratings inflation; riders and drivers rarely score each other below four stars for fear of retaliatory ratings—especially since a low score can get you locked out of hitching future rides.

Online influencers generate a different kind of biased review; many who post about brands on social media are compensated with money or free products. Often, influencers are vague at best about these connections, unlawfully misleading at worst. In 2017, the FTC sent a letter to 91 influencers outlining the need to “clearly and conspicuously” disclose material connections in captions. A simple “thanks” to a brand, the FTC said, doesn’t make a connection sufficiently transparent for shoppers.

The only reviews you can absolutely trust are those from people you know, so many sites battling review scams offer ways to share recommendations with actual friends. And if you’re still looking for toothpaste, you’re better off asking a dentist anyway.


The article is actually written in a “yes” and “no” form, and this is the “yes” (ie, online reviews have lost value). The “no” doesn’t come close.
unique link to this extract


Here’s that hippie, pro-privacy, pro-freedom Apple y’all so love: Hong Kong protest safety app banned from iOS store • The Register

Kieren McCarthy:


Apple has banned an app that allows people in Hong Kong to keep track of protests and police activity in the city state, claiming such information is illegal.

“Your app contains content – or facilitates, enables, and encourages an activity – that is not legal … specifically, the app allowed users to evade law enforcement,” the American tech giant told makers of the HKmap Live on Tuesday before pulling it.

The makers, and many others, have taken exception to that argument, by pointing out that the app only allows people to note locations – as many countless thousands of other apps do – and so under the same logic, apps such as driving app Waze should also be banned.

That argument is obtuse of course given that the sole purpose of HKmap Live is to track police activity on the streets of Hong Kong and not to help people navigate to other locations. For example, at the time of writing – 0300 Hong Kong time – there are only a few messages live but they are clearly intended to provide ongoing intelligence on police movements…

…Hong Kong citizens have highlighted a quirk of local laws that provide a strong counter-argument: under the law, the Hong Kong police are obliged to wave a blue flag at the spot in which they wish to declare that an illegal gathering is taking place.

The intent is to give citizens sufficient notice and time to move away from the area before any police action is taken. The HKmap Live app simply takes that official approach and extends it to citizens, allowing them to notify others of action that will be taken in specific locations.

It is far from clear whether Apple has undertaken that kind of legal review, or whether it is choosing to follow local law or US law in declaring the app illegal.


unique link to this extract


Collision course: why are cars killing more and more pedestrians? • The Guardian

Peter C Baker:


Here is what the frustrated safety experts will tell you: Americans are driving more than ever, more than residents of any other country. More of them than ever are living in cities and out in urban sprawl; a growing number of pedestrian fatalities occur on the fringes of cities, where high-volume, high-speed roads exist in close proximity to the places where people live, work, and shop.

Speed limits have increased across the [US] over the past 20 years, despite robust evidence that even slight increases in speed dramatically increase the likelihood of killing pedestrians (car passengers, too – but the increase is not as steep, thanks to improvements in the design of car frames, airbags and seatbelts). American road engineers tend to assume people will speed, and so design roads to accommodate speeding; this, in turn, facilitates more speeding, which soon enough makes higher speed limits feel reasonable.

And more Americans than ever are zipping around in SUVs and pickup trucks, which, thanks to their height, weight and shape are between two and three times more likely to kill people they hit. SUVs are also the most profitable cars on the market, for the simple reason buyers are willing to pay more for them. As with speeding, there appears to be a self-perpetuating cycle at work: the increased presence of large cars on the road makes them feel more dangerous, which makes owning a large car yourself feel more comforting.


So of course there are “pedestrian detection” solutions, but that’s a technology solution to a human problem. It’s a terrific article.
unique link to this extract


Attorney General Bill Barr will ask Zuckerberg to halt plans for end-to-end encryption across Facebook’s apps • Buzzfeed News

Ryan Mac and Joseph Bernstein:


Attorney General Bill Barr, along with officials from the United Kingdom and Australia, is set to publish an open letter to Facebook CEO Mark Zuckerberg asking the company to delay plans for end-to-end encryption across its messaging services until it can guarantee the added privacy does not reduce public safety.

A draft of the letter, dated Oct. 4, is set to be released alongside the announcement of a new data-sharing agreement between law enforcement in the US and the UK; it was obtained by BuzzFeed News ahead of its publication.

Signed by Barr, UK Home Secretary Priti Patel, acting US Homeland Security Secretary Kevin McAleenan, and Australian Minister for Home Affairs Peter Dutton, the letter raises concerns that Facebook’s plan to build end-to-end encryption into its messaging apps will prevent law enforcement agencies from finding illegal activity conducted through Facebook, including child sexual exploitation, terrorism, and election meddling.

“Security enhancements to the virtual world should not make us more vulnerable in the physical world,” the letter reads. “Companies should not deliberately design their systems to preclude any form of access to content, even for preventing or investigating the most serious crimes.”


China. Russia. Saudi Arabia. Turkey. You really want dissidents who live in those countries to be less secure? I think DNS-over-HTTPS (on which more later) goes too far in obfuscation, but encryption doesn’t. The police can catch criminals, and have done for decades before electronic surveillance. (Also, Barr and Patel are terrible, terrible people, though this won’t be their idea.) CNBC has the text of the letter.
unique link to this extract


Conservatives’ “nuclear fusion by 2040” pledge is wishful thinking • The Conversation

Thomas Nicholas is doing a PhD in plasma science and fusion at the University of York:


In 2018, the IPCC released their 1.5°C report, which explained that the world must reach net-zero greenhouse gas emissions by 2050 in order to limit future warming to 1.5°C. It’s unlikely that commercial fusion power plants will exist in time for that, and even once a first-of-its-kind DEMO [demonstration fusion] power plant is operational, hundreds would still need to be built to seriously dent global emissions. None of this sits well with the 2040 date the Conservatives have promised.

Even if a new green energy technology like fusion is realised before 2050, that’s far too late for the 1.5°C target anyway. “Net-zero by 2050” assumes that emissions have been constantly decreasing from now until 2050. As it’s the total amount of carbon dioxide in the atmosphere that sets the level of eventual global warming, it’s cumulative emissions that matter.

Even if we could snap our fingers on December 31, 2049 and replace all fossil fuel plants, the world would have already emitted twice as much carbon as the budget allows. Sound climate policy involves cutting emissions as soon as possible, and any further delay makes the task even harder.


The Conservatives have been throwing around pledges – more police, longer prison sentences, more hospitals, fibre broadband for all, and now moar fusion – like drunken sailors, because it’s all pre-election. The manifesto will doubtless pare that back.
unique link to this extract


Firefox and DNS-over-HTTPS • Cambridge University Information Services



Tunnelling DNS over HTTP(s) in this way is not a new idea. What is different is Firefox’s plan to deploy it as a mass-market default. This has caused widespread consternation.

The DNS is a very convenient point of control for network security.
• DNS telemetry can identify infected devices that are trying to contact malware command-and-control servers
• DNS blocks can help to protect against phishing and stop ads
• The big UK ISPs use the DNS as part of their system for blocking access to child pornography and other officially censored web pages.

The discussion around Firefox’s deployment of DoH has been remarkably bad-tempered. Part of the problem is that Firefox is removing a security mechanism without providing a replacement. Network providers and enterprises block malware and phishing on their DNS servers, and home users use software like Pi-Hole or custom hosts files to block malware and ads. Firefox’s DoH implementation will stop these blocks from working.

There is also an awkward question about consent. Until now, network providers have relied on the user’s sign-up agreement to give consent to the provider’s overall approach to managing their network (DNS and everything else) as a bundle. Don’t like it? Choose another provider. Firefox is using choice of software as implied consent to change the DNS configuration and bypass existing DNS-related security mechanisms.

More awkwardly, it isn’t reasonable to expect the vast majority of people to make an informed choice about their DNS configuration or give meaningful consent to any changes.


Essentially, the DNS-over-HTTPS is much more complicated than one might think.
unique link to this extract


Taboola buys Outbrain as digital ad networks consolidate • Vox

Peter Kafka:


If you’ve been on the internet in the last 10 years, you couldn’t have missed them: Rows of small, box-shaped ads at the bottom of articles on news sites, promising to take you to more articles — or to find an amazing credit card or a too-good-be-true solution for belly fat or to see what really happened to that teen TV star from a long time ago.

You may complain about them, and some publishers have stopped running them. But there are very good odds you’re going to see them all day, every day — like at the bottom of this very article.

Now the two companies that dominate that corner of the ad business are getting together. Taboola and Outbrain, two New York City-based companies run by Israeli CEOs, are combining. It’s a move their employees, investors, and everyone else in the digital ad business have been predicting for years.

The two companies are calling this a merger, but it certainly looks as though Taboola is buying Outbrain: The combined company will be called Taboola, and current Taboola leader Adam Singolda will stay as CEO; his longtime Outbrain counterpart Yaron Galai will leave. Outbrain shareholders will get 30% of the combined companies plus a $250m cash payout.


And since you’re wondering:


If you read articles on the internet, nothing is going to change for you


I long since adblocked them. That belly fat can figure things out for itself.
unique link to this extract


Google contractors reportedly targeted homeless people for Pixel 4 facial recognition • The Verge

Sean Hollister:


In July, Google admitted it has employees pounding the pavement in a variety of US cities, looking for people willing to sell their facial data for a $5 gift certificate to help improve the Pixel 4’s face unlock system. But the New York Daily News reports that a Google contractor may be using some questionable methods to get those facial scans, including targeting groups of homeless people and tricking college students who didn’t know they were being recorded.

According to several sources who allegedly worked on the project, a contracting agency named Randstad sent teams to Atlanta explicitly to target homeless people and those with dark skin, often without saying they were working for Google, and without letting on that they were actually recording people’s faces.

Google wasn’t necessarily aware that Randstad was going after homeless people, but a Google manager reportedly did instruct the group to target people with darker skin, one source told the Daily News.

There are too many eyebrow-raising passages in the full story to print them all here, but here’s a few:


“They said to target homeless people because they’re the least likely to say anything to the media,” the ex-staffer said. “The homeless people didn’t know what was going on at all.”


Some were told to gather the face data by characterizing the scan as a “selfie game” similar to Snapchat, they said. One said workers were told to say things like, “Just play with the phone for a couple minutes and get a gift card,” and, “We have a new app, try it and get $5.”



That’s embarrassing for Google. (I’d have gone directly to the NY Daily News story, but they haven’t figured out how to just serve ads without tracking, so it’s not available in GDPR countries.) Not really the sort of story that it wanted ahead of the Pixel 4 launch. Quite the contrast with all those “leaks”, in fact.
unique link to this extract


Exclusive: Pixel 4’s Motion Sense gestures in action [Video] • 9to5Google

Ben Schoon:


Motion Sense gestures on the Pixel 4 will have the ability to silence alarms and phone calls and also skip songs. Now, with this official promo video, we can show you exactly what that will look like.

For silencing alarms and phone calls, the gesture is as simple as you’d expect. The phone call option seems mindless enough to not even break a conversation as a quick wave over the phone turns off the ringer. As for the alarm, it seems like a swipe to either direction will snooze or turn off the alarm, although Google’s video only shows one of those actions.

As for skipping tracks, the promo video shows a husband and wife cooking while listening to YouTube Music on a Pixel 4. A swipe to the right skips the track forward.

Clearly, Google wants prospective Pixel 4 buyers to see how these gestures can be used in their daily lives. As we’ve seen in previous leaks, these various features will be completely optional and can be turned off in settings. We’ve also recently learned that Motion Sense won’t work in every country and might be restricted to only certain applications too.


I’d go with Motion Makes-No-Sense. Airy gestures are either going to be too easily misinterpreted, or else require such deliberate action that you might as well do it with your voice. And actually, what’s wrong with just using your voice?

My other bugbear: calling these carefully parcelled out bits of marketing “leaks”. A leak is done against the wishes or knowledge of the company. These aren’t that: Google’s marketing department is hard at work on these, parcelling them out to a carefully selected group who’ll then present them as W1LD L3AK$. The pretence is quite boring.
unique link to this extract


Samsung will pay $10 to Galaxy S4 owners for manipulating benchmarks • SamMobile



Back in 2013, Samsung and a few other Android manufacturers were caught cheating on smartphone benchmarks. They did this by including code that temporarily increased the speed of the chipset when a benchmark app was running. Samsung’s Galaxy S4 was one of the devices to have allegedly engaged in such behavior.

Unsurprisingly, a lawsuit was filed against Samsung in the US in 2014 for misleading the customers. Five years later, the Korean tech giant is settling the lawsuit by paying $13.4m in damages – of which, $2.8m will go towards settlement costs and $10.6m for injunction relief. Taking the total sales of the Galaxy S4 in the US into consideration, this will result in a payout of around $10 for each affected customer. The lawyers will reportedly get $1.5m, while the plaintiff, Daniel Norcia, will receive $7,500 for his efforts.

Details about how to apply for the payout are not yet clear, but it appears Samsung will be reaching eligible Galaxy S4 owners via email, informing them about the settlement along with a link to apply.


Seems like a fair payout, all said. Not bad for the lawyers, who look like the real winners here.
unique link to this extract


Errata, corrigenda and ai no corrida: none notified

7 thoughts on “Start Up No.1,159: the online review problem, Apple kills Hong Kong police app, the fake Tory fusion dream, DNS over HTTPS = bad, and more

  1. Someone needs to explain to me very slowly why the face-recog training is making such headlines
    There were articles a few weeks ago about AI being bad w/ non-whites. Obviously fixing that requires more training on hence more training data from non-whites.
    I have a slight issue with specifically targeting homeless people, both because it might slant the data, and because the juxtaposition of the 2 traits feels white-saviour, on the other hand I assume they’ve been paid fairly and that’s good.
    So, what’s the problem, apart from “Google” ?

  2. Fieefox’ DoH. Again not sure what the issue is.
    1- for Average Joes that have no previous way to secure their DNS requests, tthis is a net gain. This must be the vast majority of users.
    2- for corps/edu/nerdy Joes, this new default is well-documented and -advertised, and can be turned off so their previous DNS-handling setup remains involved.
    The one issue is if someone who does their own DNS massaging is unaware the latest Firefox will bypass that if left on default.
    Well, and the bigger issue is that it’s really the OS that should be providing the feature, same as the ecosystem should be providing the VPN.

    But Fiemrefox’ DoH ? A gain for most, off-switch for the rest. What’s the issue ?

    • I sometimes wonder if the issue is doing security/privacy stuff when you’re not Apple. Case in point: Apple disables technically and disallows contractually privacy/security add-ons and browsers and reverse firewalls: not a peep from most, including here. Firefox adds a nice, optional-but-default feature: how dare they ?

      This doesn’t feel fair.

      • Also, interesting that major coverage of the issue started when Google joined Firefox. Firefox deserved praise for leading the charge, and the (mostly fake) issues deserved handling right away. Google deserved a “oh, and now them too”, and Apple a “wait, why not them ?”

        PR battle machines are weird.

  3. Contender for most sensible phone, around 200€, at last TechTablets has woken up to Realme, here the 5 Pro.

    I’m getting pushback on those “pro” levels though. Most people are happy with the cheaper non-pro, I’m actually having to fight to get them away from the tad-cheaper, lot-worse lower end models (Redmi 8, 8A instead of sweet-spot Note 8 and Note 8 Pro)

    I kind of wish I could manufacture a reason to step out of my Xiaomi comfort zone and try Realme out. The mic sounds better for vids and Skyping, but the lack of a status LED hurts. 2xSIMs + 1xSD is great if you travel, instead of the usual 1xSIM + 1x mixed (SIM or SD).

    Hopefully Redmi or Realme will release something 7″-ish just for me next year.

Leave a Reply to stormyparis Cancel reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.