Start Up No.1525: Home Office plans encryption attack, India’s democratic decline, Facebook’s stony silence, the most 2021 thing ever, and more

There’s no shortage of most things, but the US is facing a shortage of ketchup. And, as it happens, routers. CC-licensed photo by Fred Inklaar on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 9 links for you. Unencrypted. I’m @charlesarthur on Twitter. Observations and links welcome.

The Home Office is preparing another attack on encryption • WIRED UK

Gian Volpicelli:


[UK Home Secretary Priti] Patel will headline an April 19 roundtable organised by the National Society for the Prevention of Cruelty to Children (NSPCC), according to a draft invitation seen by WIRED. The event is set to be deeply critical of the encryption standard, which makes it harder for investigators and technology companies to monitor communications between people and detect child grooming or illicit content, including terror or child abuse imagery.

…The Home Office’s move comes as Facebook plans to roll out end-to-end encryption across all its messaging platforms – including Messenger and Instagram – which has sparked a fierce debate in the UK and elsewhere over the supposed risks the technology poses to children.

During the event, the NSPCC will unveil a report on end-to-end encryption by PA Consulting, a UK firm that has advised the UK’s Department for Digital Culture Media and Sport (DCMS) on the forthcoming Online Safety regulation. An early draft of the report, seen by WIRED, says that increased usage of end-to-end encryption would protect adults’ privacy at the expense of children’s safety, and that any strategy adopted by technology companies to mitigate the effect of end-to-end encryption will “almost certainly be less effective than the current ability to scan for harmful content.”

…According to a person familiar with policy discussions, technology companies are now increasingly worried that the Home Office could issue a Technical Capability Notice (TCN) against Facebook – that is: an injunction forbidding the company from switching to end-to-end encryption.

A TCN would allow investigators with a warrant to keep obtaining decrypted conversations on Instagram and Facebook Messenger, the platforms of main concern because they potentially allow unsolicited messaging between adults and children. In December last year, Sky News reported, quoting Home Office policy advisors, that a TCN would have become an option if the Online Safety Bill did not demand that Facebook kept its ability to spot child abuse – a scenario that would arguably materialise if Facebook had its way with encryption.

Jim Killock, executive director at digital rights organisation Open Rights Group, says he is “worried that the Home Office will be considering using a secret order (TCN) to force Facebook to limit or circumvent their encryption.”


So this wouldn’t be a *reversal* of existing E2E encryption; it’s a block on introducing *new* E2E. The problem for the government if it introduces a TCN would be that people would say, when bad things happen, “but why haven’t you prevented Facebook using E2E, given the big speech you made?” At which point you’d be able to figure out, from the evasiveness of the government’s answer, if there was a TCN in place.

Though if that’s Patel, famous for her word salads, you might not be able to.
unique link to this extract

I thought my job was to report on tech in India. Instead, i’ve watched democracy decline • Buzzfeed News

Pranav Dixit:


To friends in the country who write about crime and politics from the frontlines, I sent WhatsApp texts of admiration and solidarity. But I told myself that I didn’t need to get mixed up. I was a tech reporter, I reasoned, and the biggest news in my industry each September was new iPhones.

Separating what I cover from the horrors unfolding around me became my coping mechanism. But unfortunately, it hasn’t worked for a while. For years, I tried to live in the comforting fiction that what was happening in India and what was happening in the world of tech were separate things — but that isn’t true anymore.

For more than a year, India’s government first cut off and then throttled internet access to Muslim-majority Jammu and Kashmir after unilaterally withdrawing the disputed region’s autonomy. Facebook executives reportedly shielded members of India’s ruling party from the platform’s hate speech rules to protect the company’s business interests. Right-wing trolls have used social media platforms to harass women who they say offended their religious sensibility.

Hindu nationalists have repeatedly taken offense to original shows that Netflix and Amazon have produced, claiming that the platforms were offending Hindu gods and promoting “love jihad,” a conspiracy theory that accuses Muslim men of converting Hindu women. In 2020, rioters used Facebook Live to incite violence in Delhi. Last month, India’s government threatened to jail Twitter executives for not complying with an order to block hundreds of accounts, many of which were critical of the government, and Delhi police briefly threw a young climate activist in jail after charging her with sedition for editing a Google Doc.

I love tech. But watching it intersect with a Hindu nationalist government trying to crush dissent, choke a free press, and destroy a nation’s secular ethos doesn’t feel like something I bought a ticket to. Writing about technology from India now feels like having a front-row seat to the country’s rapid slide into authoritarianism. “It’s like watching a train wreck while you’re inside the train,” I Slacked my boss in November.


unique link to this extract

Sixty-week delay on router orders shows scale of chip crisis • Bloomberg

Thomas Seal, Takashi Mochizuki and Debby Wu:


Broadband providers are seeing delays of more than a year when ordering internet routers, becoming yet another victim of chip shortages choking global supply chains and adding challenges for millions still working from home.

Carriers have been quoted order times as long as 60 weeks, more than doubling previous waits, according to people familiar with the matter, who asked not to be named because the discussions are private.

Running out of the right router would prevent a carrier from being able to add new subscribers to its network, risking lost sales in the ever-competitive broadband market. Their supply chains have become a headache because sharp coronavirus manufacturing shutdowns a year ago were exacerbated by a prolonged surge in demand for better home broadband equipment, said Karsten Gewecke, head of European regional business for Zyxel Communications Corp, a Taiwan-based router-maker.

Since January, it’s asked customers to order products a year in advance, he said, because the lead time for components like chips from Broadcom Inc. doubled to a year or more since then. Zyxel is a major supplier of routers, with customers including Norway’s Telenor ASA and Britain’s Zen Internet.


Alternative: ISPs hike prices because they know it will be tricky for customers to change provider. (Though that happens all the time anyway.)
unique link to this extract

The new shortage: ketchup can’t catch up • WSJ

Heather Haddon and Annie Gasparro:


Supply chain problems are reaching into a far corner of the business universe: ketchup packets.

After enduring a year of closures, employee safety fears and start-stop openings, many American restaurants are now facing a nationwide ketchup shortage. Restaurants are trying to secure the tabletop staple after Covid-19 upended the condiment world order. Managers are using generic versions, pouring out bulk ketchup into individual cups and hitting the aisles of Costco for substitutes.

“We’ve been hunting high and low,” said Chris Fuselier, owner of Denver-based Blake Street Tavern, who has struggled to keep ketchup in stock for much of this year.

The pandemic turned many sit-down restaurants into takeout specialists, making individual ketchup packets the primary condiment currency for both national chains and mom-and-pop restaurants. Packet prices are up 13% since January 2020, and their market share has exploded at the expense of tabletop bottles, according to restaurant-business platform Plate IQ.

Even fast-food giants are pleading for packets. Long John Silver’s LLC, a nearly 700-unit chain, had to seek ketchup from secondary suppliers because of the rush in demand. The industry’s pandemic shift to packets has pushed up prices, costing the Louisville, Ky.-based company an extra half-million dollars, executives said, since single-serve is pricier than bulk.

“Everyone out there is grabbing for ketchup,” chief marketing officer Stephanie Mattingly said.

The ketchup conundrum strikes at a cornerstone of American diets. The tomato spread is the most-consumed table sauce at US restaurants, with around 300,000 tons sold to food-service last year, according to research firm Euromonitor. Even more is eaten at home, and the pandemic helped push retail ketchup sales in the US over $1bn in 2020, around 15% higher than 2019, Euromonitor data showed.


One of the greatest articles about a subject you never realised you could be interested in: Malcolm Gladwell’s 2004 piece about why there’s only one sort of ketchup, yet there are tons of different mustards.
unique link to this extract

Facebook ran ads for a fake ‘Clubhouse for PC’ app planted with malware • TechCrunch

Zack Whittaker:


Cybercriminals have taken out a number of Facebook ads masquerading as a Clubhouse app for PC users in order to target unsuspecting victims with malware, TechCrunch has learned.

TechCrunch was alerted Wednesday to Facebook ads tied to several Facebook pages impersonating Clubhouse, the drop-in audio chat app only available on iPhones. Clicking on the ad would open a fake Clubhouse website, including a mocked-up screenshot of what the non-existent PC app looks like, with a download link to the malicious app.

When opened, the malicious app tries to communicate with a command and control server to obtain instructions on what to do next. One sandbox analysis of the malware showed the malicious app tried to infect the isolated machine with ransomware.

But overnight, the fake Clubhouse websites — which were hosted in Russia — went offline. In doing so, the malware also stopped working.


Ben Thompson made the very good point on a recent episode of the Dithering podcast that people sometimes give Apple (and to a lesser extent Google) a pass when bad things get onto the App Store, because it’s such a big job to monitor. But Facebook’s challenge trying to stop stuff like this among all the other adverts that get put on it is orders of magnitude bigger.

Also: Clubhouse achieves the status of being “worth faking to entrap people”.
unique link to this extract

Facebook hopes tiny labels on posts will stop users confusing satire with reality • The Verge

James Vincent:


Facebook is adding additional labels to posts from Pages that appear in users’ News Feeds in a bid to reduce confusion about their origin. These labels will include “public official,” “fan page,” and “satire page.” The company says it’s already started testing the deployment of these labels in the US, and will gradually add them to more posts.

Facebook hasn’t offered any explanation as to why it’s adding these labels, but identifying satire seems particularly important. Take a look at the social shares for any news articles written by well-known satirical sites like The Onion or The Babylon Bee and you’ll find plenty of people taking these stories at face value. In such a context these posts are essentially a type of misinformation, even if their creators did not intend this. Even high profile figures like former president Donald Trump have mistaken these stories for real reports.

This isn’t the first time the social network giant has tried to make the context of posts in the News Feed clearer. In June last year it began labeling media outlets which are “wholly or partially under the editorial control of their government.”


Because we know everyone takes lots of notice of little labels on Facebook Pages. (Though even fact-checking sites have been caught out by things like this. And Twitter is still a minefield, if you want to screw up.)
unique link to this extract

Another huge data breach, another stony silence from Facebook • The Guardian

Carole Cadwalladr:


The news of the latest breach, of 533 million people’s data, dropped over a holiday weekend; Facebook responded only by saying it was “old data” and the problem had been “found and fixed in August 2019” – an absurd statement given that the data had only just been dumped on the internet, and clearly that hadn’t been fixed at all.

These are the actions of a company that knows it can get away with it. And repeatedly does. On Tuesday morning I submitted a set of questions to its press office: when was the issue first discovered? Did Facebook inform the regulators (as it is required to under US, UK and EU law)? If so, when? Had it informed users? But Facebook didn’t respond. It still hasn’t responded. It uses silence to throttle reporting, a strategy that works. It passes “exclusive” scoops to favourite reporters, and stonewalls the rest. Not just me. At an impromptu event on the data breach, journalists from Wired, Politico and Business Insider revealed that it refused to answer their questions too.

Instead it published a blogpost, The Facts on News Reports About Facebook Data, saying it wasn’t hacked, the data was “scraped”. It later confirmed that it had no intention of informing users because it wasn’t “confident” who they were, users “could not fix the issue”, and anyway, “the data was publicly available”. What do you do when a trillion-dollar company with 2.8 billion users treats the public with brazen contempt? When it won’t answer basic journalistic inquiries? When it ignores even the regulator? Ireland’s Data Protection Commission – its lead regulator in Europe – released a pointed statement saying that it received “no proactive communication” from Facebook.

It’s this culture of impunity that makes Facebook such a dangerous company. Even where there are laws, it operates above them.


It turns out that it’s only the journalists who are holding Facebook to account, because it really has nothing to bargain with, whereas the politicians tend to be worried about its power. There’s nothing Facebook can hold over journalists; all it can do is block them.
unique link to this extract

Instagraft: Covid conspiracy theorists selling silver spray and $50 seawater • The Bureau of Investigative Journalism

Jasper Jackson and Alexandra Heal:


Despite claims from Instagram that it is taking more action on health misinformation, such as restricting the reach of videos like Baker’s, these channels are still growing. Over the first three months of this year the accounts gained almost a million followers between them, according to data from Facebook-owned service CrowdTangle.

Our investigation shows that Facebook, which owns Instagram, continues to be in breach of a commitment to the UK government last November to the principle that no one should profit from coronavirus vaccine misinformation online. The Bureau previously found hundreds of pages on Facebook itself using monetisation tools to profit from false claims about Covid-19 and vaccines. The Instagram accounts, many of which have received multiple flags from fact-checkers, are still posting two months after Facebook announced its latest tightening of rules.

Although neither Instagram nor Facebook profit directly from these money-making schemes, the company’s business model relies on keeping audiences engaged. Unfortunately, engaging with some of the content identified by the Bureau could potentially prove hazardous to people’s health.


SO much grifting going on. You’d have to hand-curate Instagram to wipe it out, though.
unique link to this extract

That Fyre Fest tweet with the sad sandwich will be auctioned as an NFT for medical expenses • The Verge

As Jeff Atwood observed of this headline, it’s as 2021 as it’s possible to get. (The layers of irony in paying for America’s mad health system using an even more mad system that doesn’t actually get you anything tangible would do an onion proud.)
unique link to this extract

Errata, corrigenda and ai no corrida: none notified

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.