Start Up No.1524: Epic court papers sting App Store, Pfizer zaps Brazil’s P1 variant in study, YouTube Kids is ‘vapid wasteland’, and more

The worldwide squeeze on chip supply is affecting Apple’s Macbook and iPad production, a report in the Nikkei paper says. CC-licensed photo by Aaron Yoo on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 10 links for you. Mm, butter. I’m @charlesarthur on Twitter. Observations and links welcome.

Apple engineer likened App Store security to ‘butter knife in gunfight’ • Financial Times

Patrick McGee:


A senior Apple engineer compared the defences of its App Store against malicious actors to “bringing a plastic butter knife to a gunfight”, according to legal documents released on Thursday.

The anecdote, which was cited by Fortnite maker Epic Games ahead of a high-stakes antitrust trial in California next month, was based on internal Apple documents quoting Eric Friedman, head of the company’s Fraud Engineering Algorithms and Risk (Fear) unit.

In the papers, Friedman also likened Apple’s process of reviewing new apps for the App Store to “more like the pretty lady who greets you . . . at the Hawaiian airport than the drug-sniffing dog”. He added that Apple was ill-equipped to “deflect sophisticated attackers”.

The revelation could be a significant blow to Apple’s defence, which rests on its insistence that the contentious 30% “tax” it levies on digital purchases within apps downloaded from the App Store is necessary to fund curation of the store and protect consumers from malware.

The two companies have for months been locked in a feud over the fee, with Epic suing Apple last August after Fortnite was thrown out of the App Store for launching its own in-app payment mechanism, a workaround that deprived Apple of its commission.

Apple rejects any third-party payment tools for in-app purchases, arguing they could undermine the security of the iPhone.

In hundreds of pages of newly released arguments, for which each company has been allowed access to the other’s internal documents, Epic launched a stinging attack on Apple’s promise of App Store security. It argued that the Silicon Valley giant has “no evidence” that its app review process “screens for security issues better than other methods of app distribution”.


unique link to this extract

Pfizer/BioNTech COVID-19 vaccine neutralizes Brazil variant in lab study • Reuters

Michael Erman:


The COVID-19 vaccine from Pfizer/BioNTech was able to neutralize a new variant of the coronavirus spreading rapidly in Brazil, according to a laboratory study published in the New England Journal of Medicine on Monday.

Blood taken from people who had been given the vaccine neutralized an engineered version of the virus that contained the same mutations carried on the spike portion of the highly contagious P.1 variant first identified in Brazil, the study conducted by scientists from the companies and the University of Texas Medical Branch found.

The scientists said the neutralizing ability was roughly equivalent the vaccine’s effect on a previous less contagious version of the virus from last year.

The spike, used by the virus to enter human cells, is the primary target of many COVID-19 vaccines.

In previously published studies, Pfizer had found that its vaccine neutralized other more contagious variants first identified in the United Kingdom and South Africa, although the South African variant may reduce protective antibodies elicited by the vaccine.

Pfizer has said it believes its current vaccine is highly likely to still protect against the South African variant.


The Pfizer/BioNTech vaccine is really turning out to be the gold medal winner: minimal side effects and beats the variants we’ve seen (so far). If only Brazil actually had an effective strategy for beating the P1 variant. But it doesn’t. Deaths are spiking there, and coming from a younger age group than before.
unique link to this extract

YouTube Kids ‘a vapid wasteland’, say US lawmakers • BBC News


A US government committee has described YouTube Kids as a “wasteland of vapid, consumerist content”.

In a letter to YouTube chief executive Susan Wojcicki, the US sub-committee on economic and consumer policy said the platform was full of “inappropriate… highly commercial content”.

Google launched YouTube Kids in 2015 as a safe place for children to view appropriate content. YouTube said it had worked hard to provide “enriching content for kids”.

In a statement, a YouTube spokesperson said: “Over the last few years, we’ve worked hard to provide kids and families with protections and controls that enable them to view age-appropriate content.
“We’ve made significant investments in the YouTube Kids app to make it safer, and to serve more educational and enriching content for kids, based on principles developed with experts and parents.”

…According to the letter, some videos appeared to be “smuggling in hidden marketing and advertising with product placements by children’s influencers”.

The letter claimed that one research team, which it did not name, found only about 4% of videos had a high educational value. Much of the rest was low quality content such as toy unboxing and videos of people playing video games.

It also said that one mother had reported a video that contained advice on how to commit suicide. After the video was reported, the letter alleges YouTube failed to remove it for eight months.


Hidden marketing and advertising with product placements? Sounds like they’re describing American network TV.
unique link to this extract

Writing tools I learned from The Economist • Built By Words

Ahmed Soliman:


I learned writing from The Economist. Back home, it wasn’t easy to learn English. No one in my social circle was fluent in the language and I couldn’t afford a private tutor. The best I could do was to create my own syllabus. The kiosk near my house had, to my surprise, the newspaper[1]. I’d save my allowance to buy whatever issue was on the stand. I’d divide each issue into two units: New Vocabulary and Writing Tools. I’d then memorize the novel words and apply the newly-discovered sentence structures to my essays. I kept doing this for three years.

I like the writing style of The Economist for many reasons: the most important is that it’s easy to understand their point. Writing to be understood might be an obvious requirement of a readable article, but often I find myself occupied with deciphering form instead of digesting content. Not so with the British newspaper: its writers understand that form exists only to serve content. It’s okay to internally admire one’s word choices and sentence structures, but writers should be a little less selfish in their writing, especially nonfiction.

These are six writing tools I learned from The Economist. As you’ll see, they exist to serve, not confuse, the reader.


To professional journalists these will look pretty obvious, honed by years of work. But they’re excellent to learn from for all the people who don’t write for a living.
unique link to this extract

How we found hints of new particles or forces of nature – and why it could change physics • The Conversation

Mark Lancaster:


The muon’s behaviour is influenced by “virtual particles” that pop in and out of existence from the vacuum. These exist fleetingly, but for long enough to affect how the muon interacts with the magnetic field and change the measured magnetic moment, albeit by a tiny amount.

The standard model predicts very precisely, to better than one part in a million, what this effect is. As long as we know what particles are bubbling in and out of the vacuum, experiment and theory should match. But, if experiment and theory don’t match, our understanding of the soup of virtual particles may be incomplete.

The possibility of new particles existing is not idle speculation. Such particles might help in explaining several of the big problems in physics. Why, for example, does the universe have so much dark matter – causing the galaxies to rotate faster than we’d expect – and why has nearly all the anti-matter created in the Big Bang disappeared?

The problem to date has been that nobody has seen any of these proposed new particles. It was hoped the LHC at Cern would produce them in collisions between high energy protons, but they’ve not yet been observed.

…The Brookhaven experiment measured a discrepancy with the standard model that had a one in 5,000 chance of being a statistical fluke. This is approximately the same probability as throwing a coin 12 times in a row, all heads up.

This was tantalising, but way below the threshold for discovery, which is generally required to be better than one in 1.7 million – or 21 coin throws in a row. To determine whether new physics was in play, scientists would have to increase the sensitivity of the experiment by a factor of four.

…The new results, from the first year of data at Fermilab, are in line with the measurement from the Brookhaven experiment. Combining results reinforces the case for a disagreement between experimental measurement and the standard model. The chances now lie at about one in 40,000 of the discrepancy being a fluke – still shy of the gold standard discovery threshold.


More experimentation! Though remember a while back that they thought they’d found faster-than-light neutrinos. Took nine months to correct. So there’s cautious optimism about this.
unique link to this extract

App Tracking Transparency lets users opt out of all ad targeted tracking • AppleInsider

Mike Peterson:


Apple’s new privacy mechanisms in its App Tracking Transparency feature will allow users to opt out of other types of tracking beyond the company’s IDFA tag.

The App Tracking Transparency (ATT) feature, slated to launch in iOS 14.5 in early spring, will require apps to obtain permission from users before tracking them across other websites and apps. If a user opts out of tracking, developers are required to comply.

However, the ATT feature doesn’t just apply to a user’s Identifier for Advertisers (IDFA) tracking tag. If a user opts out of tracking, Apple will expect developers to stop using any identifiers for ad targeting, including hashed email addresses or phone numbers, the company said Wednesday.

Asking an app not to track using other forms of identifiers differs slightly from the IDFA implementation. Since Apple controls the IDFA, it can stop an app from seeing the identifier using technical means. For other forms of tracking, it’s a policy. Apple will require developers to comply.


More and more radical. Apple’s declaring war on the adtech business.
unique link to this extract

MacBook and iPad production delayed as supply crunch hits Apple • Nikkei Asia

Cheng Ting-Fang and Lauly Li:


Production of some MacBooks and iPads has been postponed due to the global component shortage, Nikkei Asia has learned, in a sign that even Apple, with its massive procurement power, is not immune from the unprecedented supply crunch.

Chip shortages have caused delays in a key step in MacBook production — the mounting of components on printed circuit boards before final assembly — sources briefed on the matter told Nikkei Asia. Some iPad assembly, meanwhile, was postponed because of a shortage of displays and display components, sources said.

As a result of the delay, Apple has pushed back a portion of component orders for the two devices from the first half of this year to the second half, the people said. Industry sources and experts say the delays are a sign that the chip shortage is growing more serious and could impact smaller tech players even more heavily.

Apple is known for its expertise in managing one of the world’s most complicated supply chains, and for the speed with which it can mobilize suppliers. This has helped the company withstand a global component shortage that is already squeezing automakers and electronics makers alike.

Production plans for Apple’s iconic iPhones have so far not been affected by the supply shortage, although the supply of some components for the devices is “quite tight,” according to two sources. Overall, the component shortage remains a supply chain issue for Apple and has not yet had an impact on product availability for consumers, Nikkei has learned.

Apple declined to comment for this story.

Apple rival Samsung Electronics, the world’s biggest smartphone maker, recently confirmed that the chip shortage could be problematic for the company in the April to June period, adding that it has teams of employees working around the clock to resolve the issue.


The hysteresis from the supply chain delay is going to screw up a lot of companies, just when they thought they could make hay as everyone comes out of lockdown.
unique link to this extract

A deep dive into the leaked data of 533 million Facebook users • Surfshark



Overall, the leak produced 2837793637 data points – meaning that the hackers, on average, exposed 5 types of data per user. “It includes their phone numbers, Facebook IDs, full names, locations, birthdates, bios, and — in some cases — email addresses,” said Vytautas Kaziukonis, CEO of Surfshark when talking about the breach. 

While the big worry online is about email addresses, this is not the part that should cause the most concern as a comparatively small 4,76% of the profiles had their email addresses exposed. However, 89.01% of affected users had their phone numbers leaked. 

Disclaimer: The data set for Facebook’s data breach was extremely large and complex to analyze; therefore, the probability of false positives and possible discrepancies should be taken into account.

All in all, 11 types of data points were exposed, with specifics varying from user to user. Below [in the post] is a chart that breaks it all down by type. Keep in mind that we’re counting the percentage of people affected by the breach.


First and/or last name in more than 90% of leaks.

Facebook, meanwhile, doesn’t intend to tell people if their data has been leaked: a spokesman said that


“the social media company was not confident it had full visibility on which users would need to be notified. He said it also took into account that users could not fix the issue and that the data was publicly available in deciding not to notify users.”


unique link to this extract

Google illegally tracking Android users, according to new complaint • Ars Technica

Javier Espinosa:


Austrian privacy activist Max Schrems has filed a complaint against Google in France alleging that the US tech giant is illegally tracking users on Android phones without their consent.

Android phones generate unique advertising codes, similar to Apple’s Identifier for Advertisers (IDFA), that allow Google and third parties to track users’ browsing behavior in order to better target them with advertising.

In a complaint filed on Wednesday, Schrems’ campaign group Noyb argued that in creating and storing these codes without first obtaining explicit permission from users, Google was engaging in “illegal operations” that violate EU privacy laws.

Noyb urged France’s data privacy regulator to launch a probe into Google’s tracking practices and to force the company to comply with privacy rules. It argued that fines should be imposed on the tech giant if the watchdog finds evidence of wrongdoing.

“Through these hidden identifiers on your phone, Google and third parties can track users without their consent,” said Stefano Rossetti, privacy lawyer at Noyb. “It is like having powder on your hands and feet, leaving a trace of everything you do on your phone—from whether you swiped right or left to the song you downloaded.”

Google did not immediately respond to a request for comment.

The complaint comes as Apple is set to bring in landmark changes to how it tracks users, asking them for the first time to opt in to the use of identifiers in its new iOS 14 operating system. The decision has stoked alarm among developers, who expect a majority of users to choose to block the use of IDFA.


Schrems has a pretty good record against big companies with the EU, so don’t write this off. Equally, it could take years to come through.
unique link to this extract

Road building is supposed to cut congestion and boost the economy – my research suggests otherwise • The Conversation

David Metz:


Highways England, a Department for Transport-owned company responsible for the country’s motorways, published detailed traffic monitoring reports for the first three years after opening a smart motorway scheme between Junctions 23 and 27 of the M25 London orbital route. [Metz then analysed it.]

The road was enlarged from three to four lanes in each direction. While traffic flowed faster one year after opening, this advantage was lost by year two thanks to the increase in traffic volume, up 16% compared with 7% for other motorways in the region.

Road investment is supposed to benefit the economy by shaving precious minutes off travel time. Traffic models are used to estimate how big time savings are likely to be in order to justify each investment. The model used in the M25 case projected substantial travel time savings worth over £400 million to those travelling for business reasons – both cars and good vehicles.

There were also smaller time savings for local road users, both commuters and those taking short trips. But these were almost entirely offset by increased fuel costs. That’s because these local drivers rerouted to the motorway where there was less traffic to save a few minutes on their journey. Ultimately though, they ended up travelling a greater distance by departing from more direct routes.

The M25 traffic model used to justify the smart motorway investment substantially underestimated this increase in traffic volume, while overestimating the average increase in speed for most drivers, put at about 10 km per hour. The benefit-cost ratio was estimated to be 2.9, that is, £2.90 of economic benefit for every £1 invested. Since the travel time savings didn’t last beyond the first year after opening, the actual benefit-cost ratio was much lower.


I think it’s been known for a long time that building more roads leads to more traffic. Good to have it confirmed so clearly, though.
unique link to this extract

Errata, corrigenda and ai no corrida: none notified

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.