Google’s $2.1bn acquisition of Fitbit is being held up by by regulators. Perhaps forever CC-licensed photo by Mike Mozart on Flickr.
You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.
A selection of 10 links for you. Another one down. I’m @charlesarthur on Twitter. Observations and links welcome.
The rabbit outbreak • The New Yorker
Susan Orlean:
»
One of the lagoviruses of the family Caliciviridae causes a highly contagious illness called rabbit hemorrhagic disease. RHD is vexingly hard to diagnose. An infected rabbit might experience vague lethargy, or a high fever and difficulty breathing, or it might exhibit no symptoms at all. Regardless of the symptoms, though, the mortality rate for RHD can reach a gloomy hundred%. There is no treatment for it. The virus’s ability to survive and spread is uncanny. It can persist on dry cloth with no host for more than a hundred days; it can withstand freezing and thawing; it can thrive in a dead rabbit for months, and on rabbit pelts, and in the wool made from Angora-rabbit fur, and in the rare rabbit that gets infected but survives. It can travel on birds’ claws and flies’ feet and coyotes’ fur. Its spread has been so merciless and so devastating that some pet owners have begun referring to it as “rabbit Ebola.”
…In the universe of human-animal relations, rabbits occupy a liminal space. They are the only creatures we regularly keep as pets in our homes that we also, just as regularly, eat or wear. Fitting into both the companion-animal category and the livestock category means that rabbits are not entirely claimed by either. A number of animal statutes—particularly, felony-cruelty provisions—are specific to dogs and cats, but not to rabbits. Laws protecting livestock, such as the Humane Methods of Slaughter Act, don’t apply to rabbits, either, even rabbits being raised for meat, because the U.S.D.A. does not officially recognize them as livestock. There is probably no other animal that is viewed as diversely, and valued as differently, by its various partisans. Simply being a rabbit person doesn’t mean that you look at rabbits the same way as another self-identified rabbit person. Any of the almost twenty thousand members of the American Rabbit Breeders Association are just as likely to be raising a prized Jersey Wooly that sleeps in their bed and is primped for rabbit shows as they are to have hundreds of caged rabbits that will end up as stew.
A few years ago, a lawyer named Natalie Reeves, who volunteers at a rabbit shelter and has lectured on rabbit law at the New York City Bar Association, was having trouble untangling the hair of her pet long-haired rabbit, Mopsy McGillicuddy. She found an Internet group for long-haired-rabbit owners, and posted about Mopsy’s hair troubles, expecting tips on conditioners and brushes. On the site, she noticed that a common response to similar problems was to kill the rabbit and start fresh with another.
«
This is an amazing tale. Give it your time.
unique link to this extract
Facebook says the good it does outweighs the bad. But how many Likes make up for the hate? • The Guardian
Julia Carrie Wong, with a really powerful piece questioning the calculus of Likes:
»
I’m not saying that Facebook is solely responsible for the actions of every hate-addled individual who harassed me, let alone for the decisions made by [Heather] Heyer’s murderer [at the far-right rally in Charlottesville] or Myanmar’s military.
But I do think that Facebook played a role in creating the conditions necessary for those things to happen. I think that not because I am a bitter and cynical reporter who is chasing clicks with outrage, but because over and over and over again reporters, researchers and activists have documented the real and devastating costs of Facebook’s algorithmic negligence and record of accommodating hate.
So when I hear Facebook touting all the good it has supposedly done for the world, I want to know just how it’s making that accounting, because I’m not prepared to say that it’s enough.
Hate is an existential threat to the people it targets, but it’s no threat at all to Facebook. The only existential threat to a $650bn multinational corporation is a threat to its revenues. That’s where the real calculations are taking place right now at Facebook. When hate hurt people, Facebook did nothing. Now that it’s hurting Facebook, we’ll see what it really values.
«
Facebook to shut down experimental apps Hobbi, Lasso • CNET
Alexandra Garrett:
»
Facebook is shutting down experimental apps Hobbi and Lasso. Users reportedly received notifications that each app will be closing up shop as of July 10.
Hobbi, developed by Facebook’s New Product Experimentation team, launched in February for iOS as a Pinterest-like app for organizing and saving photos of personal projects such as baking, ceramics, gardening, arts & crafts and more. From these photos, users could share videos of their projects with friends and family.
Facebook confirmed that the NPE team will be shutting down its hobby focused app.
“Many of NPE’s products start small,” said a Facebook spokesperson on Wednesday. “We expect to have to shut down apps when they’re not catching on, but we also hope to learn from these experiments so that we can build better, more interesting apps in the future.”
Lasso was released over a year and a half ago, before the launch of the NPE team in 2019. The app lets users record 15-second long videos to share with friends. Lasso also includes video-editing tools to help users add music and text to their videos, similar to the social app TikTok. Facebook has since added a similar short-form video feature to Instagram, called Reels.
«
Quite a thing if Facebook has realised that it can’t compete with TikTok.
unique link to this extract
Facebook, Mark Zuckerberg should change amid ad boycott pressure • Bloomberg
Tae Kim and Alex Webb:
»
antitrust is far more of an existential threat to Facebook than is regulation. That’s not simply because it could, in the most extreme circumstances, result in a breakup of the company. It’s because antitrust by definition seeks to tackle its business practices.
Just last week, Germany’s highest civil court ruled that Facebook must stop logging browsing activity outside of its platforms without users’ explicit permission, and that such permission couldn’t be a condition of using its other services. Crucially, though, the decision was based not on data protection but antitrust laws. It said Facebook was abusing its market power to force users to accept the terms because it is the dominant social network. And the ruling fundamentally attacked the company’s business model, which is built on using such data to target ads effectively. An effort by Britain’s Competition and Markets Authority is even less ambiguous: it’s carrying out a study into online platforms and digital advertising.
While the UK is no longer a member of the European Union, the bloc’s regulators are following the findings of the study closely. After years of tackling Google, Facebook is now high on the European agenda. The two firms’ dominance of digital advertising is fueled by their low incremental costs. Tackle their business models, and you might resolve the harmful content problem, runs the argument. The EU plans new rules by the end of the year on content regulation and platform liability, while Margrethe Vestager, the EU’s antitrust and tech chief, is seeking new powers to break companies up.
«
(Style note: Bloomberg calls the United Kingdom “U.K.” but the European Union “EU”. I removed the full stops. But why is the EU just EU to Bloomberg yet the UK is U.K.?)
unique link to this extract
EU signals deeper investigation of Google Fitbit deal • Financial Times
Javier Espinoza:
»
EU regulators have sent two questionnaires, adding up to around 60 pages, asking Google and Fitbit’s rivals whether the deal will damage competition, disadvantage other fitness tracking apps in Google’s Play Store, or give Google more profiling data to improve its online search and advertising businesses.
The questionnaires also ask rivals to assess the impact of the deal on Google’s growing digital healthcare business.
Separately, 20 consumer groups, including Europe’s umbrella consumer organisation BEUC and the Consumer Federation of America, issued a warning about the deal on Thursday.
“Regulators must assume that Google will in practice utilise the entirety of Fitbit’s currently independent unique, highly sensitive data set in combination with its own, particularly as this could increase its profits, or they must impose strict and enforceable limitations on data use,” they said, in a joint statement.
The detail of the questions posed by the EU suggests that Brussels is gearing up for an extended investigation and may block the transaction, according to people with direct knowledge of the situation.
«
This acquisition is crawling along. It was announced in November 2019; still hasn’t happened. Australia’s competition commission is looking at this too. They’re concerned that it’s a one-way street for data, and that Google will get too much of it.
unique link to this extract
UK regulators take aim at Apple’s search engine deal with Google • Reuters
Stephen Nellis:
»
The payments by Alphabet Inc’s Google to Apple Inc to be the default search engine on Apple’s Safari web browser create “a significant barrier to entry and expansion” for Google’s rivals in the search engine market, the UK markets regulator said in a report released on Wednesday.
Apple received the “substantial majority” of the £1.2bn ($1.5bn) that Google paid to be the default search engine on a variety of devices in the United Kingdom in 2019, according to the report.
The UK Competition and Markets Authority, in its final report investigating online platforms and digital advertising, said the arrangements between Apple and Google create “a significant barrier to entry and expansion” for Google’s rivals in the search engine market. Those rivals include Microsoft Corp’s Bing, Verizon Communications Inc-owned Yahoo and independent search engine DuckDuckGo, all of which also make payments to Apple in exchange for being search engine options on its devices, the report said.
«
The full report is really very interesting. Lots of data, plenty of graphs. Not short, though. Tantalising detail – such as how much Google’s search share would drop if it was forced to give up the iPhone default – are missing though.
unique link to this extract
ThiefQuest Mac malware includes ransomware, data theft capabilities • SecurityWeek.Com
Eduard Kovacs:
»
at the time of writing it is detected by over a dozen engines.
Malwarebytes has seen the malware being distributed as trojanized installers for popular macOS applications, including the Little Snitch firewall, the Mixed In Key and Ableton DJ apps, and a Google software update.
Patrick Wardle, a researcher who specializes in the security of Apple products, pointed out that since these installers are not signed, macOS alerts users before opening them, but people who download pirated software are likely to ignore the warning and install the malware on their device.
Wardle has published a detailed analysis of how ThiefQuest is installed, how it achieves persistence and its capabilities. Once the malware has been deployed, it starts encrypting certain types of files found on the system, including archives, images, audio and video files, documents, spreadsheets, presentations, databases and web files.
It then drops a text file informing users that their files have been encrypted and instructs them to pay $50 in bitcoin to recover them. A summary of the ransom note is also displayed in a modal window and its content is read out using the speech feature in macOS.
«
Basically, people think they’re getting a pirated (free!) version of paid software, and get more than they expected. Life advice: don’t look into the egg when it opens for you.
unique link to this extract
FakeSpy masquerades as postal service apps around the world • Cybereason
Ofir Almkias:
»
The Cybereason Nocturnus team is investigating a new campaign involving FakeSpy, an Android mobile malware that emerged around October 2017. FakeSpy is an information stealer used to steal SMS messages, send SMS messages, steal financial data, read account information and contact lists, steal application data, and do much more.
FakeSpy first targeted South Korean and Japanese speakers. However, it has begun to target users all around the world, especially users in countries like China, Taiwan, France, Switzerland, Germany, United Kingdom, United States, and others.
FakeSpy masquerades as legitimate postal service apps and transportation services in order to gain the users’ trust. Once installed, the application requests permissions so that it may control SMS messages and steal sensitive data on the device, as well as proliferate to other devices in the target device’s contact list.
Cybereason’s investigation shows that the threat actor behind the FakeSpy campaign is a Chinese-speaking group dubbed “Roaming Mantis”, a group that has led similar campaigns.
«
By “postal service”, they literally mean the services that deliver your post – this group has made fake apps pretending to be Royal Mail, Swiss Post, Deutsche Post, French La Poste, US Postal Service, and more. It’s kicked off by an SMS to your phone telling you there’s a package, and that you need to download an app – which it directs you to. The app is real, but fake, if you see what I mean. And then you have a real problem.
It asks for a million permissions, of course, but Android users have been inculcated into ignoring those and just saying yes, of course. (Thanks Jim for the link.)
unique link to this extract
Uncovered: 1,000 phrases that incorrectly trigger Alexa, Siri, and Google Assistant • Ars Technica
Dan Goodin:
»
As Alexa, Google Home, Siri, and other voice assistants have become fixtures in millions of homes, privacy advocates have grown concerned that their near-constant listening to nearby conversations could pose more risk than benefit to users. New research suggests the privacy threat may be greater than previously thought.
The findings demonstrate how common it is for dialog in TV shows and other sources to produce false triggers that cause the devices to turn on, sometimes sending nearby sounds to Amazon, Apple, Google, or other manufacturers. In all, researchers uncovered more than 1,000 word sequences—including those from Game of Thrones, Modern Family, House of Cards, and news broadcasts—that incorrectly trigger the devices.
“The devices are intentionally programmed in a somewhat forgiving manner, because they are supposed to be able to understand their humans,” one of the researchers, Dorothea Kolossa, said. “Therefore, they are more likely to start up once too often rather than not at all.”
Examples of words or word sequences that provide false triggers include
• Alexa: “unacceptable,” “election,” and “a letter”
• Google Home: “OK, cool,” and “Okay, who is reading”
• Siri: “a city” and “hey jerry”
• Microsoft Cortana: “Montana”«
So don’t watch Seinfeld with a Homepod or similar in the room. Got it. (Have never watched Seinfeld.)
unique link to this extract
Google pushing scam ads on Americans searching for how to vote • Tech Transparency Project
»
Google is allowing scammers to prey on Americans seeking information about how to vote in the upcoming election, according to a Tech Transparency Project (TTP) analysis, undercutting the company’s claims that it’s helping people navigate the process of registering to vote, securing a mail-in ballot or finding their polling place.
The ongoing coronavirus pandemic is changing the way millions of Americans vote, and that makes access to accurate information about elections more important than ever. But citizens who turn to Google for answers could be discouraged or misled by scam ads that pop up as they search for how and where to vote in 2020.
TTP found that search terms like “register to vote,” “vote by mail,” and “where is my polling place” generated ads linking to websites that charge bogus fees for voter registration, harvest user data, or plant unwanted software on people’s browsers.
Such ads could have a suppressive effect on voters. Users searching for guidance about elections who instead find themselves on manipulative or confusing sites may eventually give up on finding the information they need. That’s a far cry from Google’s commitment to “protect our users from harm and abuse, especially during elections.”
The ads identified by TTP appear to violate Google’s policies that prohibit misrepresentation, collecting user data for unclear purposes, and unwanted software. They may also run afoul of Federal Trade Commission regulations banning “unfair or deceptive advertising.”
«
OK, there are lots of ads to police, but you’d think if it’s important then Google would police it more closely.
unique link to this extract
Errata, corrigenda and ai no corrida: none notified
The Overspill: when there's more that I want to say 
https://www.npr.org/2020/07/04/887239225/china-suppression-of-uighur-minorities-meets-u-n-definition-of-genocide-report-s