Start Up No.1500: explaining Google’s cookie-free future, why Square bought Tidal, Microsoft Exchange users suffer huge hack, and more

People are going to be sharing narrow pavements with a lot more fast-moving, heavy delivery robots. Will humans always get right of way? CC-licensed photo by Eric Fischer on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 9 links for you. Fifteen hundred! I’m @charlesarthur on Twitter. Observations and links welcome.

Google’s ‘privacy-first web’ is really a Google-first web • OneZero

Will Oremus:


Google will still track users’ behavior on its own services — and, as you might have noticed, it happens to have rather a lot of services. In general, making it harder for websites to track users across the web will place more emphasis on “first-party data,” which is the data that companies collect while users are on their own sites or apps. Between Android, Google Search, Gmail, YouTube, Google Home, etc., it’s hard to think of a company with more first-party data than Google. And as the Platform Law Blog’s Dimitrios Katsifis points out: “By operating Google Search, Google is effectively able to follow users’ browsing activity beyond its properties; it knows what the user is looking for, and has full visibility into the search result the user clicks on.

And then there are the alternative tracking frameworks that Google is developing. My OneZero colleague Owen Williams has a very good, plain-language explainer on those approaches, which revolve around the idea of putting users into groups based on their browsing rather than tying their individual website histories to their identity. Some versions seek to preserve the infamous (yet relatively effective) practice of “retargeting,” in which users are targeted repeatedly with ads for an item they once viewed on a shopping site; other versions would dispense with it.

The possible approach that Google specifically mentioned in its blog post is called Federated Learning of Cohorts, or FLoC, which the company claims can be 95% as effective as cookies. (Google has a white paper explaining it in detail if you’re into that kind of thing.) FLoC has some supporters but also some vehement detractors: The Electronic Frontier Foundation’s Bennett Cyphers called it a terrible idea, arguing that it will replace old privacy flaws with new ones and “exacerbate many of the worst non-privacy problems with behavioral ads, including discrimination and predatory targeting.”

Merits aside, it’s clear that Google is positioning itself for a more privacy-conscious future in ways that seek to preserve its dominance — likely at the expense of a slew of smaller rivals.


There’s more on this in the EFF’s writeup. Your profile will vanish into the machine learning morass: your profile might be ever-shifting. Cookies will go, but your privacy won’t come back.
unique link to this extract

Why did Jack Dorsey’s Square buy Tidal, Jay-Z’s failed music service? • Vox

Peter Kafka:


It doesn’t take much imagination to come up with Square + Tidal rollouts in the future: A Square-enabled way for artists to sell T-shirts on tour, or even when they’re not on tour, for instance.

More intriguingly, given Dorsey’s love of All Things Blockchain, and the current mania over NFTs, it won’t be surprising to see Square + Tidal work on their own NFT scheme. NFTs (non-fungible tokens) are blockchain-enabled digital pieces of … anything that investors and speculators and collectors are hoovering up at a crazy rate. Even if none of this makes sense to you, you may have heard about people paying real money — a lot of money — for digital ephemera like cartoon cat GIFs or animated trading cards of NBA players dunking or blocking. It’s a thing, for now.

So you can picture the Jay-Zs of the world selling songs, or snippets of songs, or the digital version of a lyric scribbled on a napkin, as NFTs, in deals that let Square and the artist get part of the deal.

If they get it out fast enough — while NFT mania booms — it’s easy to imagine many more headlines like these, except you’ll replace “Grimes” with “Beyonce” or whomever: “Grimes sold $6 million worth of digital art as NFTs”

As long as you’re okay with the purely speculative hype around these kinds of sales and stories — and the understanding that some investors, including people who don’t fully understand what they’re doing, are going to make a lot of money, and some will get burned badly (see: GameStop, and also Cryptokitties, an early NFT gambit/gimmick that was kind of hot in 2018 and then cooled off but may be hot again) — then this all seems … okay? Maybe … good?


As someone pointed out on Twitter, if your response to NFTs is “this is great, we can make things scarce again rather than being uncountably easy to reproduce and spread” then maybe you need to rethink your worldview. Though you can think that it makes digital art easier to validate. (Bitcoins, strictly speaking, are not NFTs because they are divisible.)
unique link to this extract

At least 30,000 US organizations newly hacked via holes in Microsoft’s email software • Krebs on Security

Brian Krebs:


At least 30,000 organizations across the United States — including a significant number of small businesses, towns, cities and local governments — have over the past few days been hacked by an unusually aggressive Chinese cyber espionage unit that’s focused on stealing email from victim organizations, multiple sources tell KrebsOnSecurity. The espionage group is exploiting four newly-discovered flaws in Microsoft Exchange Server email software, and has seeded hundreds of thousands of victim organizations worldwide with tools that give the attackers total, remote control over affected systems.

On March 2, Microsoft released emergency security updates to plug four security holes in Exchange Server versions 2013 through 2019 that hackers were actively using to siphon email communications from Internet-facing systems running Exchange.

In the three days since then, security experts say the same Chinese cyber espionage group has dramatically stepped up attacks on any vulnerable, unpatched Exchange servers worldwide.

In each incident, the intruders have left behind a “web shell,” an easy-to-use, password-protected hacking tool that can be accessed over the Internet from any browser. The web shell gives the attackers administrative access to the victim’s computer servers.

…Microsoft’s initial advisory about the Exchange flaws credited Reston, Va. based Volexity for reporting the vulnerabilities. Volexity President Steven Adair said the company first saw attackers quietly exploiting the Exchange bugs on Jan. 6, 2021, a day when most of the world was glued to television coverage of the riot at the US Capitol..


With email, you might as well assume that everything is open and hacked already. It’s become once again the equivalent of writing on a postcard. If you want to send something securely, Signal, WhatsApp, Telegram and in a different way Slack can all fill the gap. Seriously, why email?
unique link to this extract

What the coronavirus variants mean for the end of the pandemic • The New Yorker

Dhruv Khullar:


Like all viruses, Sars-CoV-2 will continue to evolve. But [Jason] McLellan [a structural biologist at the University of Texas at Austin] believes that it has a limited number of moves available. “There’s just not a lot of space for the spike to continue to change in ways that allow it to evade antibodies but still bind to its receptor,” he said. “Substitutions that allow the virus to resist antibodies will probably also decrease its affinity for ace-2”—the receptor that the virus uses to enter cells. Recently, researchers have mapped the universe of useful mutations available to the spike’s receptor-binding area. They’ve found that most of the changes that would weaken the binding ability of our antibodies occur at just a few sites; the E484K substitution seems to be the most important. “The fact that different variants have independently hit on the same mutations suggests we’re already seeing the limits of where the virus can go,” McLellan told me. “It has a finite number of options.”

Over time, Sars-CoV-2 is likely to become less lethal, not more. When people are exposed to a virus, they often develop “cross-reactive” immunity that protects them against future infection, not just for that virus, but also for related strains; with time, the virus also exhausts the mutational possibilities that might allow it to infect cells while eluding the immune system’s memory. “This is what we think happened to viruses that cause the common cold,” McLellan said. “It probably caused a major illness in the past. Then it evolved to a place where it’s less deadly. But, of course, it’s still with us.” It’s possible that a coronavirus that now causes the common cold, OC43, was responsible for the “Russian flu” of 1889, which killed a million people. But OC43, like other coronaviruses, became less dangerous with time. Today, most of us are exposed to OC43 and other endemic coronaviruses as children, and we experience only mild symptoms. For Sars-CoV-2, such a future could be years or decades away.


unique link to this extract

Call for a Full and Unrestricted International Forensic Investigation into the Origins of COVID-19


Based on our analysis, and as confirmed by the global study convened by the World Health Organization (WHO) and Chinese authorities, there is as yet no evidence demonstrating a fully natural origin of this virus. The zoonosis hypothesis, largely based on patterns of previous zoonosis events, is only one of a number of possible SARS-CoV-2 origins, alongside the research-related accident hypothesis.

Although the “collaborative” process of discovery mandated by the World Health Assembly in May 2020 was meant to enable a full examination of the origins of the pandemic, we believe that structural limitations built into this endeavor make it all but impossible for the WHO-convened mission to realize this aspiration.

In particular, we wish to raise public awareness of the fact that half of the joint team convened under that process is made of Chinese citizens whose scientific independence may be limited, that international members of the joint team had to rely on information the Chinese authorities chose to share with them, and that any joint team report must be approved by both the Chinese and international members of the joint team.


This is signed by 26 scientists unsatisfied with the WHO’s inquiry into the possibility that the original SARS-Cov-2 virus escaped from one of two labs dealing with dangerous pathogens. Pretty much everyone isn’t happy about the WHO’s investigation, because there wasn’t really one.

My own position is that every other zoonosis that we have ever identified is the result of random contact between humans and animals in the natural world. That means the null hypothesis is that it happened in the natural world, by chance. The “lab leak” hypothesis has to overturn that by showing evidence of a leak. I feel that the people who have been so certain it must be a lab leak are jumping the gun.

A full investigation? I’m all for it. But you’d need to show a lot of steps – specifically, the presence of the virus itself ahead of any identification of any case in the outside world – to confirm it.
unique link to this extract

Walker ‘stunned’ to see ship hovering high above sea off Cornwall • The Guardian

Ian Sample:


There are only so many polite words that come to mind when one spots a ship apparently hovering above the ocean during a stroll along the English coastline.

David Morris, who captured the extraordinary sight on camera, declared himself “stunned” when he noticed a giant tanker floating above the water as he looked out to sea from a hamlet near Falmouth in Cornwall.

The effect is an example of an optical illusion known as a superior mirage. Such illusions are reasonably common in the Arctic but can also happen in UK winters when the atmospheric conditions are right, though they are very rare.

The illusion is caused by a meteorological phenomenon called a temperature inversion. Normally, the air temperature drops with increasing altitude, making mountaintops colder than the foothills. But in a temperature inversion, warm air sits on top of a band of colder air, playing havoc with our visual perception. The inversion in Cornwall was caused by chilly air lying over the relatively cold sea with warmer air above.


In case you haven’t seen it, the picture – truly outstanding, not faked – tells a thousand words about the inversion of light rays by temperature:

unique link to this extract

Sidewalk [pavement – Ed.] robots get legal rights as “pedestrians” • Axios

Jennifer Kingson:


Fears of a dystopian urban world where people dodge heavy, fast-moving droids are colliding with the aims of robot developers large and small — including Amazon and FedEx — to deploy delivery fleets.

“The sidewalk is the new hot debated space that the aerial drones were maybe three or five years ago,” says Greg Lynn, CEO of Piaggio Fast Forward, which makes a suitcase-sized $3,250 robot called gita that follows its owner around.

“There’s also a lot of people trying to deploy robots on bike lanes” where the bots can go faster than on sidewalks, he said.

States like Pennsylvania, Virginia, Idaho, Florida and Wisconsin have passed what are considered to be liberal rules permitting robots to operate on sidewalks — prompting pushback from cities like Pittsburgh that fear mishaps.

In Pennsylvania, robot “pedestrians” can weigh up to 550 pounds and drive up to 12 mph. “Opposition has largely come from pedestrian and accessibility advocates, as well as labor unions like the Teamsters,” says the Pittsburgh City Paper. The laws are a boon to Amazon’s Scout delivery robot and FedEx’s Roxo, which are being tested in urban and suburban settings.

“Backers say the laws will usher in a future where household items show up in a matter of hours, with fewer idling delivery vans blocking traffic and spewing emissions,” says Wired.

Some technology evangelists think these laws are a spectacularly bad idea. The National Association of City Transportation Officials — NACTO — says the robots “should be severely restricted if not banned outright.”


It’s only going to take a few cases of old folks being bumped by these things and everyone’s going to be all riled up. “Pedestrian and accessibility advocates” indeed.
unique link to this extract

Inside the ‘Covid Triangle’: a catastrophe years in the making • Financial Times

Anjli Raval:


Manish Shah knew it was only a matter of time before he was struck by coronavirus.

When the pandemic first hit the UK, the pharmacy where he works in Dagenham, east London, put in strict protocols on mask-wearing and physical distancing. But as the more aggressive variant of the virus raged through this part of the capital over the winter, more and more sick people turned to Shah for help.

“A lot of minicab and Uber drivers came to see me. They showed classic symptoms of the virus, but they kept saying things like: ‘Just give me something for the sore throat, cough syrup or something,’” he says. “I told them time and again to get a Covid test, but they just did not want to get a test or go to the doctor because they knew they could not afford to isolate.”

The pharmacy’s NHS contract meant that staff had to provide clinical services in partnership with local primary care networks. “We could not refuse anyone, even those not wearing a mask,” says Shah. “This is how I got the virus.”

…While coronavirus has inflicted extraordinary suffering across the country, the corner of east London in which Shah lives and works has been so pummelled that it has become known as the “Covid Triangle”. At one point during the peak of the second wave, the three boroughs that made up this triangle — Barking and Dagenham, Redbridge and Newham — were competing for the highest rate of infections in the whole country. In Barking and Dagenham, one in 16 people was reported to be infected.

Within this area, a high proportion of the workforce are either essential staff who cannot stay at home — like Shah — or those forced out to work by job insecurity. “Others that worked in takeaway restaurants told me: ‘I have to go into work, otherwise they will find someone else and I won’t have a job,’” he says. “These people had to keep going because of their financial circumstances.”


Not paywalled. Terrific in-depth reporting about how the seeds of this problem were sown long, long ago.
unique link to this extract

Saudi Arabia’s plan to rule $700bn hydrogen market • Bloomberg

Verity Ratcliffe:


the world’s biggest crude exporter doesn’t want to cede the burgeoning hydrogen business to China, Europe or Australia and lose a potentially massive source of income. So it’s building a $5 billion plant powered entirely by sun and wind that will be among the world’s biggest green hydrogen makers when it opens in the planned megacity of Neom in 2025.

The task of turning a patch of desert the size of Belgium into a metropolis powered by renewable energy falls to Peter Terium, the former chief executive officer of RWE AG, Germany’s biggest utility, and clean-energy spinoff Innogy SE. His performance will help determine whether a country dependent on petrodollars can transition into a supplier of non-polluting fuels.

“There’s nothing I’ve ever seen or heard of this dimension or challenge,” Terium said. “I’ve been spending the last two years wrapping my mind around ‘from scratch,’ and now we’re very much in execution mode.”

Hydrogen is morphing from a niche power source — used in zeppelins, rockets and nuclear weapons — into big business, with the European Union alone committing $500 billion to scale up its infrastructure. Huge obstacles remain to the gas becoming a major part of the energy transition, and skeptics point to Saudi Arabia’s weak track record so far capitalizing on what should be a competitive edge in the renewables business, especially solar, where there are many plans but few operational projects.

But countries are jostling for position in a future global market, and hydrogen experts list the kingdom as one to watch.

…Saudi Arabia possesses a competitive advantage in its perpetual sunshine and wind, and vast tracts of unused land. Helios’s costs likely will be among the lowest globally and could reach $1.50 per kilogram by 2030, according to BNEF. That’s cheaper than some hydrogen made from non-renewable sources today.


How ironic that the country (and region) which happened to have the best natural resources for the petrochemical era also has the best natural resources for the solar era.
unique link to this extract

Errata, corrigenda and ai no corrida: none notified

1 thought on “Start Up No.1500: explaining Google’s cookie-free future, why Square bought Tidal, Microsoft Exchange users suffer huge hack, and more

  1. The Germany Physical Society issued a report on the behalf of the government in the mid-90s stating that Saudi Arabia was the most logical place for hydrogen production, so what is old is new again.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.