Whisper the app didn’t secure an online database. Not so magical, eh. CC-licensed photo by Aimee Ray on Flickr.
You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.
A selection of 10 links for you. We told you, Dorries. I’m @charlesarthur on Twitter. Observations and links welcome.
Whisper, the secret-sharing app that called itself the “safest place on the Internet,” left years of users’ most intimate confessions exposed on the Web tied to their age, location and other details, raising alarm among cybersecurity researchers that users could have been unmasked or blackmailed.
The data exposure, discovered by independent researchers and shown to The Washington Post, allowed anyone to access all of the location data and other information tied to anonymous “whispers” posted to the popular social app, which has claimed hundreds of millions of users.
The records were viewable on a non-password-protected database open to the public Web. A Post reporter was able to freely browse and search through the records, many of which involved children: A search of users who had listed their age as 15 returned 1.3 million results.
The cybersecurity consultants Matthew Porter and Dan Ehrlich, who lead the advisory group Twelve Security, said they were able to access nearly 900 million user records from the app’s release in 2012 to the present day…
…The exposed records did not include real names but did include a user’s stated age, ethnicity, gender, hometown, nickname and any membership in groups, many of which are devoted to sexual confessions and discussion of sexual orientation and desires.
The data also included the location coordinates of the users’ last submitted post, many of which pointed back to specific schools, workplaces and residential neighborhoods.
My best guess: an Amazon Web Services (AWS) data bucket. Data exposures like this are now almost always because someone forgetting to password-protect a bucket.
Also, whatever happened to Whisper? Is it dead? Or just in the Big App Sleep?
unique link to this extract
[US tech firm] Gaggle claims to have prevented more than 700 suicides among the 5m students it monitors in the school year 2018-2019. Its rival Securly claims to have prevented more than 800 suicides across 15,000 schools, based on the screening of 5bn online activities.
But some experts are challenging this approach, which they warn is normalising intrusion into students’ lives and overriding concerns about privacy, freedom and the reliability of such technology.
Teachers, students and their parents are rarely kept informed about what data are collected and for what purposes, warns Emmeline Taylor, an academic at City University of London in the UK.
Cameras were initially introduced to safeguard against external intruders. Since then, they have been used to spot misbehaviour, and then on teachers to monitor their performance, she says. More recently, body-worn cameras on teachers have been trialled to document student behaviour in case of disciplinary disputes.
The repurposing of monitoring technology beyond its original use case is so common that there is a term for it: surveillance creep.
“The window of opportunity to define our cultural values about acceptable levels of scrutiny in schools is closing quite rapidly,” she says. “The next generation of students will already be normalised to surveillance.”
A coronavirus pandemic would test the resilience of a number of institutions: hospitals, transit systems, global supply chains. We can add the mainstream media to that list. Objective news reporting is built on two bedrock principles: report the truth, and don’t pick sides. Trump’s unprecedented commitment to saying what is plainly untrue makes it hard to honor both principles at once. This puts news organizations into a terrible bind, especially when many conservatives—and the president himself—are ready to pounce at even the slightest whiff of liberal bias. That has always been true, but the stakes are suddenly higher. The coronavirus response is the first time Trump has been personally in charge of managing a crisis that is likely to cause a large number of American deaths. There’s no way around the fact that this is a political story as well as a public health one. If the mainstream press is ever going to figure out how to provide responsible reporting on Trump’s job performance, now’s the time.
The first pitfall to avoid is stenography: uncritically relaying what the president said without giving readers the relevant context. As the media blogger Dan Froomkin wrote over the weekend, an egregious example came after Trump blamed the shortage of tests on a rule adopted by the Obama administration that Trump has since overturned. You’ll be shocked to learn that there was no such rule. That didn’t stop headlines like “Criticized for Coronavirus Response, Trump Points to Obama Administration” (NYT) and “Trump Blames Obama Decision for Coronavirus Test Kit Shortage” (Bloomberg). Each story took several paragraphs to push back on Trump’s claim, and then only mildly. (“Experts on lab testing said they were unaware of any Obama-era rule that would have hindered the administration from authorizing lab-developed tests for the coronavirus in an emergency,” murmured the Bloomberg piece, nearly 500 words in.) Froomkin recommends pulling political reporters off the coronavirus story altogether, since they are the ones most trained to not pick sides.
Adam Rogers, also at Wired, did a masterfully restrained takedown of Trump’s nonsense at the CDC. It would be a cosmic irony if Trump, the germophobe, were to contract Covid-19 through his incompetence; a long-game payback of his administration’s pile of errors.
unique link to this extract
Wash Your Lyrics
Generate hand washing infographics based on your favourite song lyrics 🎶
All you need is the song title and artist. Type it in below and press Generate to instantly generate your poster.
Made by William (@neoncloth). This website wouldn’t be possible without
• Twinhelix for identifying bottlenecks and scaling the app (they’re awesome)
• Cloudflare for upgrading the site to a ‘Pro’ plan at no charge mid-virality
• Font Awesome for creating the glyphs used in the Wash Your Lyrics logo
• National Health Service (NHS) for the base poster that lyrics are written on
• Genius for providing a robust API for song information
Terrific fun. Bonus points for the most appropriate song. (I thought “Hand in Pocket” by Alanis Morrisette might work. “Brass in Pocket” by the Pretenders is pretty good. And if you want to try “The Mincer” by King Crimson for a bleak effect, you’re welcome.)
Renée DiResta notes how in 2016, it took Russian effort to push people into wild partisan allegations online:
In 2020, though, the vitriol, conspiracies, and incessant allegations of rigging aren’t coming from outsiders. They’re being driven by real influencers in the United States—by verified users, many from within the media, and by passionate hyper-partisan fan groups that band together to drive the public conversation.
The bungled vote count at the Iowa caucus last month revealed the blazing incompetence of that state’s Democratic Party and Shadow Inc., the contractor it hired to design a vote-counting app. But it also revealed something far more troubling: deep suspicion and pervasive anger. Almost immediately after the announcement that results would be delayed, unfounded allegations proliferated on Twitter. Even blue-check Twitter users—people with verified identities and, often, affiliations with credible media institutions—quickly resorted to conspiratorial speculation about nefarious plots. Several high-profile Sanders surrogates claimed that the party was stalling because it was unhappy that results showed Bernie Sanders winning; others went a step further, suggesting that local party apparatchiks were outright rigging results for Pete Buttigieg. Some of these insinuations were retweeted by high-profile social-media accounts, including that of a sitting member of Congress.
Iowa wasn’t a one-off: After Joe Biden’s surprisingly strong performance in Tuesday’s primary, the hashtags #RiggedPrimary and #RiggedElection began trending on Twitter.
As she also points out, in 2016 only about 10% of Russian trolls’ content was political about candidates; most of it was just about exacerbating tribalism.
unique link to this extract
High-rises made from engineered wood would replace weed lots and underused warehouses along streets. Bike paths would melt snow. Giant awnings would shelter pedestrians from rain or blazing summer sun. Sensors would track residents’ every movement to optimize everything from traffic signals to underground armies of robots delivering parcels and discarding trash.
And all of it would meet ambitious environmental standards.
Critics pounced. How would [Google-owned] Sidewalk use the data it gathered from the streets, washrooms and even the garbage bins, they asked. Who would own the data? How would it be stored?
Several people, including Mr. Balsillie, rejected Sidewalk’s fundamental premise that algorithms, rather than politics, are the best way to design and run a city. And some argued that the project appeared to be a means of promoting concepts such as self-driving cars and other interests of Google, which, like Sidewalk, is a subsidiary of Alphabet.
“This is about corporate capture of governance and privatizing governments,” said Bianca Wylie, who has long pushed for citizen access to data and who co-founded Block Sidewalk, the largest group opposing the plan.
Sidewalk, she said, has “wonderfully intelligent people working there, and they care about cities.”
But, Ms. Wylie added, “The problem is that nobody gets to buy democracy and governance.”
Sidewalk is essentially a busted flush now: InLink, the company that was doing it in the UK has gone bust, owing about £35m, with the IP sold to British Telecom.
unique link to this extract
Fans of remote work often cite studies showing that people who work from home are more productive, like a 2014 study led by the Stanford professor Nicholas Bloom. The study examined remote workers at a Chinese travel agency and found that they were 13% more efficient than their office-based peers.
But research also shows that what remote workers gain in productivity, they often miss in harder-to-measure benefits like creativity and innovative thinking. Studies have found that people working together in the same room tend to solve problems more quickly than remote collaborators, and that team cohesion suffers in remote work arrangements.
Remote workers also tend to take shorter breaks and fewer sick days than office-based ones, and in studies, many report finding it hard to separate their work from their home lives. That’s a good thing if you’re a boss looking to squeeze extra efficiency out of your employees, but less ideal if you’re someone trying to achieve some work-life balance.
Working in isolation can be lonely, which explains the popularity of co-working spaces like WeWork and The Wing. Even in Silicon Valley, where the tools that allow for remote work are being built, many companies are strict about requiring their workers to come into the office.
David Heinemeier Hansson:
Not because there aren’t people who actually enjoy working in an open office, there are. Quite a few, actually. But they’re in the distinct minority. The vast majority of people either dislike the open office or downright hate it. So how is that going to work, exactly?
By force, of course! Open offices are more appealing to people in management because they needn’t protect their own time and attention as much. Few managers have a schedule that allows, or even requires, long hours of uninterrupted time dedicated to a single creative pursuit.
And it’s these managers who are in charge of designing office layouts and signing leases. It’s also these managers who are responsible for booking photo shots of the FUN-FUN office, giving tours to investors, and fielding interviews with journalists. The open office is an excellent backdrop for all those activities.
What it isn’t, though, is conducive to better collaboration. A new study shows that the number one argument for the open office, increased collaboration, is bullshit. Converting traditional offices with walls and doors and separation into open-plan offices causes face-to-face interaction to plummet, not rise. People try to shield their attention (and sanity!) by retreating into headphone-clad cocoons, and instead rely on instant messaging or email to interact. D’oh!
I’d love to see a comparative study of how well open-plan offices work for different jobs. In journalism, it can be quite effective. But in coding, maybe not. Of course now we’ve found a very, very different solution.
unique link to this extract
China placed curbs on travel and asked residents to avoid public places in late January, just ahead of the Lunar New Year festival, a major gift-giving holiday. Those restrictions stayed largely in place through most of February.
In total, mobile phone brands sold a total of 6.34 million devices in February in China, down 54.7% from 14 million in the same month last year, data from the China Academy of Information and Communications Technology showed (CAICT).
It was also the lowest level for February since at least 2012, when CAICT started publishing data.
So Apple was at the top of the story, right? Now let’s go a little further down:
Android brands, which include devices made by Huawei Technologies and Xiaomi, accounted for most of the drop, as they collectively saw shipments decline from 12.72m units in February 2019 to 5.85m, the data showed.
Shipments of Apple devices slumped to 494,000, from 1.27 million in February 2019. In January, its shipments had held steady at just over 2 million.
Proportionately, Apple had the bigger drop, but it’s the Android OEMs that will be feeling it. When China sneezes, they all catch cold, so to speak.
unique link to this extract
Leaked iOS 14 code obtained by 9to5Mac corroborates many details about what to expect from Apple’s upcoming hardware refreshes, including the new iPad Pro, iPhone 9, and AirTags. Apple is also developing a new Apple TV remote, the code indicates.
According to the iOS 14 code, the upcoming iPad Pro refresh will include a new triple-lens camera array like previous supply chain reporting has suggested. This camera setup will include a time-of-flight 3D sensor, a wide-angle lens, an ultra-wide lens, and a telephoto lens. This is a major update from the current iPad Pro.
The time-of-flight sensor will likely lend itself to new augmented reality features. 9to5Mac reported earlier today that Apple is developing a new augmented reality application for iOS 14. The app will allow users to get more information about world around them via AR.
iOS 14 code also includes details about the upcoming iPhone 9, again corroborating past supply chain reporting. The iPhone 9 will support Touch ID as well as Express Transit capabilities. Apple is hoping to push iPhone 6 users — which does not feature support for Express Transit — to upgrade to the iPhone 9.
The new iPhone 9 or iPhone SE 2 is expected to be released this spring, likely alongside the release of iOS 13.4 (barring any major delays due to coronavirus.) The device will, of course, be supported by iOS 14, hence why details about it are included in the operating system details.
The iOS 14 code seen by 9to5Mac also includes new details about changes to the Apple TV. Prior versions of tvOS 13 code have revealed that Apple is working on a new Apple TV box, but iOS 14 also includes the tidbit that there will also be a new Apple TV remote.
New Apple remote that is sympathetic to the human hand 🙏
Errata, corrigenda and ai no corrida: none notified