Start Up No.1380: Apple zaps Epic’s dev account, WFH in… Barbados?, TikTok sale gets more complicated, Facebook’s moderator indifference, and more


What looks tasty? “Menu engineers” can steer you to dishes that make more money. CC-licensed photo by StreetsofWashington on Flickr

»You can sign up to receive each day’s Start Up post by email (arriving at about 0700GMT each weekday). You’ll need to click a confirmation link, so no spam.«

A selection of 11 links for you. No, you’re working on a holiday. I’m @charlesarthur on Twitter. Observations and links welcome.

Meet the “menu engineers” helping restaurants retool in the pandemic • The Hustle

Michael Waters:

»

You’d be hard-pressed to find many people who have thought more about restaurant menus than Michele Benesch.

In 1968, her grandfather, Walter Baker, started Menu Men, Inc., a creative consultancy that specializes in infusing menus with fanciful designs.

At the time, says Benesch, the art of the menu was largely neglected. Sensing some room for disruption, Baker convinced restaurateurs to invest in fully customized designs.

Benesch never expected to enter the family business. But she couldn’t fully escape it, either. When she went out to dinner as a kid in Miami, her father, who ran the company at the time, always pointed out little menu tricks. He’d ask her about the materials used (“Why did this client choose a parchment?”), the fonts, the placement of each item. 

“My whole life, I was being an apprentice for the job I never realized I wanted,” Benesch says. 

By the time Benesch took over the business in 2006, the menu engineering trade had begun to gain wider recognition, with a growing number of hospitality schools funding research into the psychology of menus. 

Consultants like Benesch realized they could use this research to get customers to spend more money.

Today, Benesch blends design, psychology research, and general food knowledge to build a more scientific menu. With a bit of tinkering, she can increase the odds of, say, a diner picking the highest-margin meal on the menu.

Considering how small restaurant profits are (typically 3% to 5%), the right menu can mean the difference between success and failure. 

When a Las Vegas restaurant recently hired Benesch to revamp its menu, she cut their 4-page layout down to a simple 2-page panel, upped the font size, did some dish repositioning, and cut loose some of the dishes that weren’t selling well.

The new menu led to a spending bump equivalent to $9 more per customer.

«

unique link to this extract


Barbados introduces plan to allow visitors to stay for a year to “work from home” • Yahoo Money

»

Barbados’ Prime Minister Mia Amor Mottley announced the “12-month Barbados Welcome Stamp” earlier this month that would allow “persons to come and work from here overseas, digitally so, so that persons don’t need to remain in the countries in which they are,” Mottley said in a press conference.

Mottley noted that working remotely doesn’t mean you have to physically work near your office, making the case that living elsewhere — or even abroad — is possible for some occupations that simply require a reliable internet connection to accomplish work.

She continued: “The government is committed to working with you on the promotion of new concepts like the 12-month Barbados Welcome Stamp, being able to open our borders to persons traveling and making it as hospitable as ever for all of us, and making it available for Barbadians from every walk of life to believe that for special occasions, or just for so, that they can come out and be a part of this wonderful exercise.”

«

I think she meant “wonderful money-generating exercise”. Getting people from higher-income countries to come and spend their money in Barbados is a great way to help your tourist-dependent economy while there aren’t any tourists.
unique link to this extract


Apple terminates Epic Games’ developer account • Mac Rumors

Juli Clover:

»

Searching for Epic Games in the ‌App Store‌ brings up no apps and on the web, the Epic Games developer account is blank. Though the Epic Games developer account is no longer available, Fortnite continues to work.

Those who have downloaded Fortnite on an iPhone or iPad can continue to play the game, but there’s a catch – none of the new Marvel-themed Season 4 content is available because Fortnite is unable to be updated.

Fortnite has been in violation of the ‌App Store‌ rules since August 13, when it introduced a direct payment option that skirted Apple’s in-app purchase system by allowing payments directly to Epic Games. Shortly after Epic blatantly disregarded ‌App Store‌ policies, Apple pulled the app from the ‌App Store‌, leading to a lawsuit from Epic and a quickly escalating legal fight between the two companies.

Since Epic initiated the dispute with Apple, it has refused to back down from the direct purchase option added to Fortnite, and Apple has refused to allow the app in the ‌App Store‌ while the direct payment option remains. Apple told Epic that it was ready to “welcome Fortnite back onto iOS” if Epic removed the direct payment option and returned to the status quo while the legal battle plays out in court, but Epic has refused.

Last night, Epic sent out emails to Fortnite players blaming the unavailability of the new season on Apple and claming that Apple is “blocking Fortnite” in order to prevent Epic Games from “passing on the savings from direct payments to players.” Apple in turn has taken to featuring Fortnite competitor PUBG in its ‌App Store‌.

Apple originally wanted to terminate the developer accounts of both Epic Games and Epic International, a separate account linked to Epic’s Unreal Engine used by third-party app developers, but a judge issued a temporary restraining order preventing Apple from doing so. The judge declined to stop Apple from terminating the Epic Games account, however, telling Epic that it “created the situation” and made a “strategically and calculated move to breach” ‌App Store‌ terms.

«

The judge’s reasoning was solid. Now we find out how much Epic needs the cash versus how much Apple needs Epic. I think both can survive without each other pretty well; this could turn into a long standoff.
unique link to this extract


Tiktok assets can’t be sold without China’s approval • Bloomberg News

»

ByteDance Ltd. will be required to seek Chinese government approval to sell the US operations of its short-video TikTok app under new restrictions Beijing imposed on the export of artificial intelligence technologies, according to a person familiar with the matter.

AI interface technologies such as speech and text recognition, and those that analyze data to make personalized content recommendations, were added to a revised list of export-control products published on the Ministry of Commerce’s website late Friday. Government permits will be required for overseas transfers to “safeguard national economic security,” it said.

The new restrictions cover technologies ByteDance uses in TikTok and will require the company to seek government approval for any deal, according to the person, asking not to be identified because the details aren’t public. The new rule is aimed at delaying the sale and is not an outright ban, the person said.

President Donald Trump’s administration has said ByteDance must sell the US operations of its popular video-sharing app because of alleged national security risks. Microsoft and Oracle have submitted rival bids to ByteDance to acquire TikTok’s US business, while Centricus Asset Management and Triller were said to have made a last-minute pitch on Friday to buy TikTok’s operations in several countries for $20bn.

«

So it must be sold, but it can’t be sold. That’s going to be fun.
unique link to this extract


Slack fixes ‘critical’ vulnerability that left desktop app users open to attack • Mashable

Jack Morse:

»

the exploit allowed for something known as “remote code execution,” which is just as bad as it sounds. Before Slack fixed it, an attacker using the exploit could have done some pretty wild stuff, such as gaining “access to private files, private keys, passwords, secrets, internal network access etc.,” and “access to private conversations, files etc. within Slack.”

What’s more, according to the disclosure, maliciously inclined hackers could have made their attack “wormable.” In other words, if one person in your team got infected, their account would automatically re-share that dangerous payload to all their colleagues. 

It’s worth emphasizing that the security researcher who discovered this vulnerability — a process that takes untold hours of work and is a literal job — decided to do what many would consider the right thing and report it to Slack via HackerOne. For the security researcher, whose HackerOne handle is oskars, this resulted in a bug bounty payment of $1,750. 

Of course, had that person wanted, they could have likely gotten much, much more money by selling it to a third-party exploit broker.

«

Slack might want to think about the amount it offers. Other hackers will have seen that and decided they could do better selling them. Suddenly, Slack looks like a security risk compared to, say, Microsoft Teams.
unique link to this extract


A Kenosha militia facebook event asking attendees to bring weapons was reported 455 times. Moderators said it didn’t violate any rules • Buzzfeed News

Ryan Mac:

»

During Facebook’s Thursday all-hands meeting, Zuckerberg said that the images from Wisconsin were “painful and really discouraging,” before acknowledging that the company had made a mistake in not taking the Kenosha Guard page and event down sooner. The page had violated Facebook’s new rules introduced last week that labeled militia and QAnon groups as “Dangerous Individuals and Organizations” for their celebrations of violence.

The company did not catch the page despite user reports, Zuckerberg said, because the complaints had been sent to content moderation contractors who were not versed in “how certain militias” operate. “On second review, doing it more sensitively, the team that was responsible for dangerous organizations recognized that this violated the policies and we took it down.”

During the talk, Facebook employees hammered Zuckerberg for continuing to allow the spread of hatred on the platform.

“At what point do we take responsibility for enabling hate filled bile to spread across our services?” wrote one employee. “[A]nti semitism, conspiracy, and white supremacy reeks across our services.”

The internal report seen by BuzzFeed News sheds more light on Facebook’s failure.

“Organizers… advocated for attendees to bring weapons to an event in the event description,” the internal report reads. “There are multiple news articles about our delay in taking down the event.”

«

At what point, one wonders, will Zuckerberg realise that his creation is utterly beyond his control – that Frankenstein has lost the ability to direct his monster?
unique link to this extract


Facebook executive supported india’s Modi and disparaged opposition in internal messages • WSJ

Jeff Horwitz and Newley Purnell:

»

A Facebook Inc. executive at the center of a political storm in India made internal postings over several years detailing her support for the now ruling Hindu nationalist party and disparaging its main rival, behavior some staff saw as conflicting with the company’s pledge to remain neutral in elections around the world.

In one of the messages, Ankhi Das, head of public policy in the country, posted the day before Narendra Modi swept to victory in India’s 2014 national elections: “We lit a fire to his social media campaign and the rest is of course history.”

“It’s taken thirty years of grassroots work to rid India of state socialism finally,” Ms. Das wrote in a separate post on the defeat of the Indian National Congress party, praising Mr. Modi as the “strongman” who had broken the former ruling party’s hold. Ms. Das called Facebook’s top global elections official, Katie Harbath, her “longest fellow traveler” in the company’s work with his campaign. In a photo, Ms. Das stood, smiling, between Mr. Modi and Ms. Harbath.

Ms. Das’s posts, which were viewed by The Wall Street Journal, haven’t been previously reported. Some Facebook employees said the sentiments and actions described by Ms. Das conflicted with the company’s longstanding neutrality pledge.

The posts cover the years 2012 to 2014 and were made to a Facebook group designed for employees in India, though it was open to anyone in the company globally who wanted to join.

«

I’m guessing this was leaked by disgruntled Facebook employees. The scale of silent revolt inside Facebook is only going to grow. I can’t see how she can keep her job.
unique link to this extract


Picking locks with audio technology • Communications of the ACM

Paul Marks on researchers who say they could recreate a copy of keys used for Yale or Schlage six-pin locks:

»

Their first task was to work out how to surreptitiously acquire the audio from a key insertion, and the researchers suggest no less than five ways of going about it. First, in a walk-by attack, a spy simply walks behind somebody just as they unlock a door or locker, holding their phone out to furtively record the sound of the key going into the lock. So far, though, they have only done this with the phone an unrealistic 10cm (nearly four inches) from the lock. “We are still working on making this attack realizable,” says Ramesh.

Their second method takes another tack entirely: install malware on a victim’s smartphone (or smartwatch) so it records and transmits key insertion audio via an Internet or 4G backchannel. Such viruses are already known in the wild.

Third, they believe an attacker might hack a product like a domestic Internet of Things (IoT) device that contains a microphone, like a video doorbell, which is next to the lock, and acquire audio over the air. Again, this is a known attack vector.

The fourth trick might involve long-distance microphones, the NUS team suggest, while a fifth might involve installing hidden microphones in a corridor of a set of target offices; over time, they suggest, attackers could quietly harvest door key audio for multiple offices.

Once they have a key-insertion audio file, SpiKey’s inference software gets to work filtering the signal to reveal the strong, metallic clicks as key ridges hit the lock’s pins…

«

I’ll go with “this is super-unlikely, but might make a neat subplot in a spy film.” (Thanks Steve for the link.)
unique link to this extract


Everybody hates digital calendars, so everybody’s trying to build a better one • Protocol

David Pierce:

»

ReclaimAI has the same long-term goal as that of Clockwise, Woven and others: to turn calendars from a block of hours into a more malleable, relentlessly optimizing thing. Programmers who need 15 hours of deep work each week shouldn’t have to schedule it in advance, these companies think; their calendar should make sure they have space for it. One-on-one meetings that need to happen once a week but not necessarily at a set time should shift to accommodate everyone’s schedule. Martin said Clockwise has 16 different categories of calendar entries, including everything from doctor’s appointments (personal, immovable) to general “catch up on email” holds (important, but easy to move around), each with its own unique characteristics. There are more categories to come. Over time, the more a calendar actually understands what’s on it, the better it can take care of a user’s time.

This kind of thinking has a second benefit: It turns corporate calendars into a powerful analytics tool. If you want to know what your company values, look at how people spend their time. Or, just as often, how their time gets wasted.

«

The trouble with AI-organised and re-organised calendars is the potential for screwing up your life by surprising you with appointments you’re not prepared for but the machine has given you, surely? It’s a pain, but I wonder whether it’s trying to solve an insoluble problem – a sort of non-travelling salesman’s four-colour theorem.
unique link to this extract


Blockchain, the amazing solution for almost nothing • The Correspondent

Jesse Frederik:

»

It seems that blockchain sounds best in a PowerPoint slide. Most blockchain projects don’t make it past a press release, an inventory by Bloomberg showed. The Honduran land registry was going to use blockchain. That plan has been shelved. The Nasdaq was also going to do something with blockchain. Not happening. The Dutch Central Bank then? Nope. Out of over 86,000 blockchain projects that had been launched, 92% had been abandoned by the end of 2017, according to consultancy firm Deloitte.

Why are they deciding to stop? Enlightened – and thus former – blockchain developer Mark van Cuijk explained: “You could also use a forklift to put a six-pack of beer on your kitchen counter. But it’s just not very efficient.” 

…[But] This is the market for magic, and that market is big.

«

Blockchain is heading solidly towards the trough of despond in the Hype Cycle (if it wasn’t there already). Bitcoin chunters on as a speculative toy for people with more money than sense (or more sense than other people with money).
unique link to this extract


Israeli phone hacking company faces court fight over sales to Hong Kong • MIT Technology Review

Patrick Howell O’Neill:

»

Human rights advocates filed a new court petition against the Israeli phone hacking company Cellebrite, urging Israel’s ministry of defense to halt the firm’s exports to Hong Kong, where security forces have been using the technology in crackdowns against dissidents as China takes greater control.

Hong Kong police documents show the use of Cellebrite to hack and unlock phones of demonstrators. Former police officers have confirmed that Cellebrite has long been used by Hong Kong.

In July, police court filings revealed that Cellebrite’s phone hacking technology has been used to break into 4,000 phones of Hong Kong citizens, including prominent pro-democracy politician and activist Joshua Wong. He subsequently launched an online petition to end Cellebrite’s sales to Hong Kong, which gained 35,000 signatures.

“Defense Ministry officials must immediately stop the export of the Cellebrite system which is used for infringement on privacy, deprivation of liberty and freedom of expression, and political incrimination of Hong Kong citizens under the new National Security Law,” Wong wrote in a Facebook post urging Israel to stop Cellebrite’s exports to Hong Kong.

«

I’ve looked in vain for any statement by the Israeli government on what it thinks about China’s effective legislative annexation of Hong Kong. That would tell us how its ministry of defence would respond to this lawsuit.
unique link to this extract


Errata, corrigenda and ai no corrida: none notified.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.