Start Up No.1316: the coronavirus conspiracists, how the NSA mapped Americans’ social networks, eBay’s odd port scanning, what makes Catalina slow, and more

Ever wondered why yellow skies in films so often denotes ‘somewhere Asian’? CC-licensed photo by Håkan Dahlström on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 9 links for you. Use them wisely. I’m @charlesarthur on Twitter. Observations and links welcome.

New Yahoo News/YouGov poll shows coronavirus conspiracy theories spreading on the right may hamper vaccine efforts • Yahoo News

Andrew Romano:


According to a new Yahoo News/YouGov poll, 44% of Republicans believe that Bill Gates is plotting to use a mass COVID-19 vaccination campaign as a pretext to implant microchips in billions of people and monitor their movements — a widely debunked conspiracy theory with no basis in fact.

The survey, which was conducted May 20 and 21, found that only 26% of Republicans correctly identify the story as false. [44% think it is true; 31% are “not sure”.]

In contrast, just 19% of Democrats believe the same spurious narrative about the Microsoft founder and public-health philanthropist [52% say false, 29% “not sure]. A majority of Democrats recognize that it’s not true. [For independent voters, 24% think it’s true, 45% that it’s false, 31% “not sure” – so they align more closely on that with Democrats.]

As states relax their lockdown restrictions and responsibility for containing the coronavirus shifts, in part, to the American people, the vast gap between the right and the left over Gates reflects a growing problem: the dangerous, destabilizing tendency to ignore fundamental facts about the deadly pathogen in favor of misinformation peddled by partisans, including President Trump, and spread on social media. 

That tendency is more widespread on the right, although liberals also believe some false narratives (including that COVID-19 deaths have already surged in states that were quick to reopen).


As someone remarked, wait until those fretting about the “microchip” nonsense hear about smartphone location tracking.
unique link to this extract

Inside the NSA’s secret tool for mapping your social network • WIRED

Barton Gellman:


Stellarwind was designated as ECI, “exceptionally controlled information,” the most closely held classification of all. From his West Wing office, Cheney ordered that Stellarwind be concealed from the judges of the FISA Court and from members of the intelligence committees in Congress.

According to my sources and the documents I worked through in the fall of 2013, Mainway soon became the NSA’s most important tool for mapping social networks—an anchor of what the agency called Large Access Exploitation. “Large” is not an adjective in casual use at Fort Meade. Mainway was built for operations at stupendous scale. Other systems parsed the contents of intercepted communications: voice, video, email and chat text, attachments, pager messages, and so on. Mainway was queen of metadata, foreign and domestic, designed to find patterns that content did not reveal. Beyond that, Mainway was a prototype for still more ambitious plans.

Next-generation systems, their planners wrote, could amplify the power of surveillance by moving “from the more traditional analysis of what is collected to the analysis of what to collect.” Patterns gleaned from call records would identify targets in email or location databases, and vice versa. Metadata was the key to the NSA’s plan to “identify, track, store, manipulate and update relationships” across all forms of intercepted content. An integrated map, presented graphically, would eventually allow the NSA to display nearly anyone’s movements and communications on a global scale. In their first mission statement, planners gave the project the unironic name “the Big Awesome Graph.” Inevitably it acquired a breezy acronym, “the BAG.”

The crucial discovery on this subject turned up at the bottom right corner of a large network diagram prepared in 2012. A little box in that corner, reproduced below, finally answered my question about where the NSA stashed the telephone records that Blair and I talked about. The records lived in Mainway. The implications were startling.


Also, China is very bad for surveilling its citizens without their informed consent.
unique link to this extract

eBay port scans visitors’ computers for remote access programs • Bleeping Computer

Lawrence Abrams:


As the port scan is only looking for Windows remote access programs, it is most likely being done to check for compromised computers used to make fraudulent eBay purchases.

In 2016, reports were flooding in that people’s computers were being taken over through TeamViewer and used to make fraudulent purchases on eBay.

As many eBay users use cookies to automatically login to the site, the attackers were able to remote control the computer and access eBay to make purchases.

It got so bad that one person created a spreadsheet to keep track of all the reported attacks. As you can see, many of them reference eBay.

The script being used for fraud detection is further confirmed by Dan Nemec’s great write-up, where he traced it to a fraud detection product owned by LexisNexis called ThreatMetrix.


There’s also a writeup by Dan Nemec which suggests a more nefarious intent:


It’s not just eBay scanning your ports, there is allegedly a network of 30,000 websites out there all working for the common aim of harvesting open ports, collecting IP addresses, and User Agents in an attempt to track users all across the web. And this isn’t some rogue team within eBay setting out to skirt the law, you can bet that LexisNexis lawyers have thoroughly covered their bases when extending this service to their customers (at least in the U.S.).


unique link to this extract

Here’s how long coronavirus patients are contagious, according to multiple studies • BGR

Chris Smith:


A new study from Singapore’s National Centre for Infectious Diseases and the Academy of Medicine says that the virus could not be isolated or cultured after day 11 of illness. The researchers analyzed parameters from 73 COVID-19 patients in the region, concluding that “viral RNA detection may persist in some patients, such persistent RNA detection represent non-viable virus and such patients are non-infectious.”

The new respiratory disease is quite unusual when it comes to recovery. Some people need several weeks to get better and many people keep testing positive even after the symptoms go away, making a discharge impossible. These new studies might change the way hospitals manage COVID-19 patients.

The study references similar studies from other countries, including research from Hong Kong that showed an infected person could be contagious as early as 2.3 days before the onset of symptoms, peaking just before the onset of symptoms and declining within 7 days. A different study from Taiwan that looked at COVID-19 patients and contact concluded that the secondary cases they observed originated from contact with an infected patient within 5 days of that person’s onset of symptoms. None of the contacts were infected after that.

The Singaporean paper also references a study from Germany that supports its findings, research we highlighted back in early April. The German researchers found that patients were highly infectious in the first week of symptoms. “Infectious virus was cultured from throat and lung specimens in the first week of symptoms, but none after day 8 in spite of high viral loads detected by regular PCR,” the researchers note.

The Singapore study seems to contradict a study from China from late March, which suggested that COVID-19 patients might be contagious even after the symptoms disappear. That study said the average duration of symptoms was 8 days, but the patients tested positive for 8 days after the symptoms were gone. However, what the Singapore study says is that patients will not be infectious 11 days after the onset of symptoms, even if they still test positive. That’s actually in line with the study from China.


unique link to this extract

Netflix’s ‘Extraction’ is being called out for its Bangladesh yellow filter • Matador

Elisabeth Sherman:


On April 19, Netflix shared a new trailer for its recently released Chris Hemsworth film Extraction, which takes place in Bangladesh. The trailer depicts the high-octane methods used to film the movie (a cameraman attached to the front of a car moving at high speed, for instance). But the trailer had an unexpected consequence: Viewers quickly noticed that the footage of the movie being filmed looked normal while the final cut of the film has a distinct, and off-putting, yellowish tint.

There’s a phrase for this distinct color palette: It’s called yellow filter, and it’s almost always used in movies that take place in India, Mexico, or Southeast Asia. Oversaturated yellow tones are supposed to depict warm, tropical, dry climates. But it makes the landscape in question look jaundiced and unhealthy, adding an almost dirty or grimy sheen to the scene. Yellow filter seems to intentionally make places the West has deemed dangerous or even primitive uglier than is necessary or even appropriate, especially when all these countries are filled with natural wonders that don’t make it to our screens quite as often as depictions of violence and poverty.

“It’s upsetting. It goes hand in hand with how racist Westerners perceive these places and people, especially when you think about how vibrant and colorful these countries’ cultures actually are. Applying these filters plays into stereotypes about these places and the people who live there,” Sulymon, a business analyst from California, whose family is from India, Pakistan, and Afghanistan, tells me.


Now you’ve had it pointed out, you’ll start seeing it all over the place. Well, non-western places, mainly. (Offers of colour tropes for other countries/nationalities/races welcomed.)
unique link to this extract

macOS Catalina 10.15: slow by design • Sigpipe 13

Allan Odgaard:


Apple has introduced notarization, setting aside the inconvenience this brings to us developers, it also results in a degraded user experience, as the first time a user runs a new executable, Apple delays execution while waiting for a reply from their server. This check for me takes close to a second.

This is not just for files downloaded from the internet, nor is it only when you launch them via Finder, this is everything. So even if you write a one line shell script and run it in a terminal, you will get a delay!

You can test this by running the following two lines in a terminal:
echo $'#!/bin/sh\necho Hello' > /tmp/ && chmod a+x /tmp/
time /tmp/ && time /tmp/

Update 2020-05-23: Some users have a Developer Tools category in the Security & Privacy preferences pane (I don’t). If your terminal is added to this category, you will not be able to reproduce this delay. Though there have been enough confirmations to establish that the delay is real. One user in China reports a delay of 5.7 seconds when using their VPN.

Honestly, this is downright baffling. Are Apple sending the source of all my custom scripts to their server? With their stance on privacy, I wouldn’t think so, so they are likely just sending a checksum, but what are they doing with that checksum that the system couldn’t do locally?

As for the notarization check, the result is cached, so second invocation should be fast, but if you are a developer, you may update your scripts and binaries regularly, which trigger new checks (it appears caching is based on inode, so an update-in-place save may avoid triggering a new check), or you may have workflows that involve dynamically creating and executing scripts, which performance now hinges upon the responsiveness of Apple’s servers.

The worst delay I have seen for this particular issue is around 7 seconds, and I have had a few episodes where it seemed to not cache the result, so repeated launches would still have the delay.

This issue has been reported to Apple and assigned FB7674490. Apple has however responded that it is “by design” (hence the title of this post).


People have been complaining for ages that Catalina is slow. (I haven’t upgraded; all the reports make it sound like a nightmare.) Seems like it needs the Snow Leopard treatment: “no new features”.
unique link to this extract

Zoom product updates: restricted screen sharing by default, consent for unmuting and audio alert for the waiting room • Zoom Blog

Deepthi Jayarajan:


Temporarily removing GIPHY: To ensure strong privacy protection for users, we’ve temporarily removed the GIPHY integration in Zoom Chat. Once additional technical and security measures have been deployed, we will re-enable the feature. 


Slightly cautious about Facebook now, eh.
unique link to this extract

Moderna execs dumped nearly $30m of stock after coronavirus vaccine news • CNN

Matt Egan and Chris Isidore:


Moderna’s stock price skyrocketed as much as 30% on Monday after the biotech company announced promising early results for its coronavirus vaccine. As ordinary investors piled in, two insiders were quietly heading for the exits.

Moderna’s chief financial officer and chief medical officer executed options and sold nearly $30m of shares combined on Monday and Tuesday, SEC filings reviewed by CNN Business show.

The sales occurred after Moderna (MRNA) excited Wall Street before markets opened Monday by announcing encouraging vaccine trial results. Moderna’s market value swelled to $29bn – even though the company has no marketed products.

After spiking to as high as $87 on Monday, Moderna’s stock price has since retreated below $70 as medical experts have debated the importance of the early findings.

The securities transactions were done through automated insider trading plans, known as 10b5-1 plans, that lay out future stock trades at set prices or on set dates.

Lorence Kim, Moderna’s chief financial officer, exercised 241,000 options for $3m on Monday, filings show. He then immediately sold them for $19.8m, creating a profit of $16.8m. The next day, Tal Zaks, Moderna’s chief medical officer, spent $1.5m to exercise options. He immediately sold the shares for $9.77m, triggering a profit of $8.2m.

Moderna said the sales were executed under 10b5-1 trading plans that were established in advance.


Moderna didn’t have any peer-reviewed publication for the announcement. But it did have a press release that doesn’t need to stand up to scientific scrutiny, yet did goose the stock price.
unique link to this extract

How Sweden wasted a ‘rare opportunity’ to study coronavirus in schools • Science

Gretchen Vogel:


There’s nearly universal agreement that widespread, long-lasting school closures harm children. Not only do children fall behind in learning, but isolation harms their mental health and leaves some vulnerable to abuse and neglect. But during this pandemic, does that harm outweigh the risk—to children, school staff, families, and the community at large—of keeping schools open and giving the coronavirus more chances to spread?

The one country that could have definitively answered that question has apparently failed to collect any data. Bucking a global trend, Sweden has kept day care centers and schools through ninth grade open since COVID-19 emerged, without any major adjustments to class size, lunch policies, or recess rules. That made the country a perfect natural experiment about schools’ role in viral spread that many others could have learned from as they reopen schools or ponder when to do so. Yet Swedish officials have not tracked infections among school children—even when large outbreaks led to the closure of individual schools or staff members died of the disease.

“It’s really frustrating that we haven’t been able to answer some relatively basic questions on transmission and the role of different interventions,” says Carina King, an infectious disease epidemiologist at the Karolinska Institute (KI), Sweden’s flagship medical research center. King says she and several colleagues have developed a protocol to study school outbreaks, “but the lack of funding, time, and previous experience of conducting this sort of research in Sweden has hampered our progress.”


Sweden has gone from “yay! Sweden!” to “honestly, Sweden!” in the course of a few weeks. And that would have been data that could have been useful to the entire world.
unique link to this extract

Errata, corrigenda and ai no corrida: none notified

1 thought on “Start Up No.1316: the coronavirus conspiracists, how the NSA mapped Americans’ social networks, eBay’s odd port scanning, what makes Catalina slow, and more

  1. I do have that “Developer Tools” category in Security & Privacy. My guess is it turns up when you install XCode or, in my case, XCode Command Line Utilities, which I did in order to use Homebrew. Terminal is in there but disabled by default… which wouldn’t have helped as I use iTerm2. I also never noticed these delays, though I probably will now! (In other words, I don’t doubt it happens, but for me at least, never to an annoying enough degree for me to want to find out why.)

    Also some of us are still sore about the Middle Earth “green filter” on the blu-ray of Fellowship of the Ring 😉

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.