Start Up No.1546: the ransomed pipeline, Apple hires ex-Facebook ad manager, Windows 10X is nixed, US ISPs astroturfing exposed, and more

You might think you’re good at Tetris – but how about playing a version which makes each move the hardest it can? CC-licensed photo by Sally Mahoney on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 10 links for you. An L-shape for an S-shaped space. I’m @charlesarthur on Twitter. Observations and links welcome.

Hackers who shut down pipeline: we don’t want to cause “problems for society” • Ars Technica

Jim Salter:


On Friday, Colonial Pipeline took many of its systems offline in the wake of a ransomware attack. With systems offline to contain the threat, the company’s pipeline system is inoperative. The system delivers approximately 45% of the East Coast’s petroleum products, including gasoline, diesel fuel, and jet fuel.

…Colonial Pipeline has not publicly said what was demanded of it or how the demand was made. Meanwhile, the hackers have issued a statement saying that they’re just in it for the money.

Colonial Pipeline issued a statement Sunday saying that the US Department of Energy is leading the US federal government response to the attack. “[L]eading, third-party cybersecurity experts” engaged by Colonial Pipeline itself are also on the case. The company’s four main pipelines are still down, but it has begun restoring service to smaller lateral lines between terminals and delivery points as it determines how to safely restart its systems and restore full functionality.

…London-based security firm Digital Shadows said in September that DarkSide [the Eastern European group behind the attack] operates like a business and described its business model as “RaaC”—meaning Ransomware-as-a-Corporation.

…DarkSide claims to avoid targets in medical, education, nonprofit, or governmental sectors—and claims that it only attacks “companies that can pay the requested amount” after “carefully analyz[ing] accountancy” and determining a ransom amount based on a company’s net income. Digital Shadows believes these claims largely translate to “we looked you up on ZoomInfo first.”


Of course Darkside is going to express regret – they got noticed, and for such people that’s the worst possible situation. They don’t want federal agencies really digging into how they cash out (through dodgy bitcoin exchanges) and potentially putting a stop to it.
unique link to this extract

HATETRIS @ Things Of Interest


Play Hate Tetris.

This is bad Tetris. It’s hateful Tetris. It’s Tetris according to the evil AI from “I Have No Mouth And I Must Scream”.


There’s no “gravity” – you have to use the keyboard (it works) to make the piece come down – but it is guaranteed to frustrate you, because it has an AI which picks the next piece that appears:


The method by which the AI selects the worst possible piece is extremely simple to describe (test all possible locations of all possible pieces, see which of the pieces’ best-case scenarios is the worst, then spawn that worst piece), but quite time-consuming to execute, so please forgive me if your browser chugs a little after locking each piece. If you can figure out a way to accelerate the algorithm without diminishing its hate-filled efficiency, do let me know. The algorithm for “weighing” possibilities is to simply maximise the highest point of the “tower” after the piece is landed.


Yup. It’s hateful, horrible, it’ll ruin your day, and it’s just as addictive as the “real” thing.
unique link to this extract

Apple robbed the mob’s bank • Mobile Dev Memo

Eric Seufert:


With ATT [App Tracking Transparency, Apple’s anti-tracking option], Apple has robbed the mob’s bank. In bolstering its ads business while severely handicapping other advertising platforms — but especially Facebook — with the introduction of a privacy policy that effectively breaks the mechanic that those platforms use to target ads, Apple has taken money from a party that is so unsympathetic that it can’t appeal to a greater authority for redress. Apple has brazenly, in broad daylight, stormed into the Bank of Facebook, looted its most precious resource, and, camouflaged under the noble cause of giving privacy controls to the consumer, fled the scene.

And Facebook is left with little recourse. The company attempted to sway consumer sentiment to its side through an enormously wide-reaching PR campaign, but its efforts there were hobbled by the narrow messaging that was available to it. Facebook couldn’t explain in detail why ATT will harm consumers because, in doing so, it would need to reveal just how it personalizes ads — through observing conversions on third-party websites and apps. So Facebook was restricted to a fairly weak PR strategy, which was to highlight that small businesses would be harmed by ATT. This is true, of course, but it doesn’t invigorate a deep well of compassion from consumers. Does anyone want to acknowledge that their local florist or butcher is personalizing ads to them? Meanwhile, Apple simply had to mention “privacy” whenever objections to ATT were raised and mainstream media outlets rushed to defend it.

Apple’s exploitation of leverage in this situation has been breathtaking. It’s important to note here that ATT allows users to opt out of “tracking”, which is a peculiar term that is defined in a very specific way.


The specific thing about it is that Apple defines it in a way that doesn’t include the, err… tracing? that it does which allows it to serve targeted ads.

Related: Apple has hired Antonio García Martinez, formerly Facebook ads product manager who essentially got its targeted ad system to work.
unique link to this extract

New York Attorney General declares top ISPs committed net neutrality fraud • ZDNet

Steven J. Vaughan-Nichols:


When then-President Donald Trump’s Federal Communications Commission (FCC) tried to destroy net neutrality in 2017, everyone knew that millions of comments in favor of breaking net neutrality were bogus. 

As then-New York Attorney General Eric Schneiderman said at the time, two million net neutrality comments were fake. Schneiderman said: “Moving forward with this vote would make a mockery of our public comment process and reward those who perpetrated this fraud to advance their own hidden agenda.” Schneiderman was wrong. 

His successor, Letitia James, found after a multi-year investigation that there had been “18 million fake comments with the FCC,” including over 500,000 fake letters sent to Congress in support of the repeal.

Behind this vast majority of this astroturfing campaign was Broadband for America, a marketing group funded by the country’s top ISPs. In classic 1984 doublespeak, it claims to be in favor of net neutrality while, in reality, being a group of its greatest enemies. Its members include AT&T, CenturyLink, Charter, CTIA – The Wireless Association, Comcast, Cox, NCTA – The Internet & Television Association, Telecommunications Industry Association (TIA), and USTelecom-The Broadband Association.

James reported: “After a multi-year investigation, we found the nation’s largest broadband companies funded a secret campaign to influence the FCC’s repeal of net neutrality rules – resulting in millions of fake public comments impersonating Americans. These illegal schemes are unacceptable.”

Altogether, 80% of all public FCC comments filed on its net-neutrality proposal four years ago came from the scammers. There was never, as Ajit Pai, then-FCC chairman and a former Verizon attorney claimed at the time, any mass support for destroying net neutrality.


The ISPs paid marketing companies $4.2m to spam; those companies have been fined but “don’t have to admit wrongdoing”. The classic American failure to get justice. Though of course Ajit Pai, the most useless idiot, was happy to believe those comments were real, because it suited him.
unique link to this extract

Amazon and Apple built vast wireless networks using your devices. Here’s how they work • WSJ

Christopher Mims:


Apple and Amazon are transforming the devices we own into the equivalent of little cell towers or portable Wi-Fi hot spots that can connect other gadgets and sensors to the internet. They have already switched on hundreds of millions—with many more on the way. Instead of serving as wireless hubs solely for your own smartwatches, lights and sensors, your iPhones and Echo speakers can help other people’s gadgets stay connected as well—whether you know it or not.

On Friday, Amazon announced it’s expanding its Sidewalk network, which already includes certain Ring Floodlight Cam and Spotlight models, to include Echo devices released in 2018 and after. This includes Echo speakers and Echo Dots, as well as all Echo Show, Echo Plus and Echo Spot devices. It will also use recent Ring Video Doorbell Pro models to communicate on the Sidewalk network via Bluetooth. Sidewalk was designed to allow smart devices to send very small bits of data securely from any available wireless connection, to supplement Wi-Fi networks and reduce wireless communication breakdowns.

This announcement comes on the heels of Apple’s AirTag introduction. These coin-size trackers can help locate lost items almost anywhere, because they use the company’s Find My network. Each AirTag sends out a low-powered wireless signal, which can be received by the iPhones, iPads and Macs in a given area.

Yes, perfect strangers are using slivers of our bandwidth, as our devices send out and listen to little chirrups of radio chatter that don’t pertain to us. And you’re now able to leverage the radios and internet connection of countless devices owned by other people, too.

Users can opt out of these systems, but the tech giants are betting that for the most part we won’t, because of the benefits that these new networks will provide—from finding our lost possessions, pets and loved ones to remotely controlling our smart locks, security systems and lights.

“What we’re seeing now is the battle of the mesh networks,” says Ben Wood, chief analyst at CCS Insight, a tech industry consultancy. “The use cases of these networks are limited only by customers’ imaginations.”


I’ll be honest, I still can’t think of anything to do with an Airtag. Maybe get two, and label one “Memory” and the other “Sense of humour”? Meanwhile, just after this article was written Amazon announced partnerships with Tile – the tagging company which is deeply annoyed with Apple – and Level, which makes smart locks.

Who’s missing from this lineup? Google, of course. Question: why?
unique link to this extract

Tesla’s Autopilot may not have been available at the time of the ‘driverless’ Texas crash • The Verge

Andrew Hawkins:


Using Autopilot requires both the Traffic-Aware Cruise Control (Tesla’s brand name for its adaptive cruise control function) and Autosteer (which assists in lane departure and centering) to work. According to NTSB, Traffic-Aware Cruise Control could be engaged [on the road leading to the crash] but not Autosteer.

Tesla claims that its own data suggests local officials were mistaken when they reported that the car crashed without someone in the driver’s seat. The company’s executives have stated that the steering wheel was “deformed” and the seatbelts were buckled, leading them to conclude that someone was behind the wheel.

There was some limited data recovered from the crash. NTSB said the fire destroyed the onboard storage device located in the vehicle’s infotainment console. The restraint control module, which records data associated with vehicle speed, belt status, acceleration, and airbag deployment, was recovered but was also damaged by the fire.

The board likely will not issue its final report on the crash this year. By comparison, the NTSB’s investigation into a California man’s death while using Autopilot in his Tesla Model X took two years to complete.

The crash took place on Saturday, April 17th, in Spring, Texas. According to KHOU in Houston, investigators at the scene were “100% certain” that no one was in the driver’s seat at the time of the crash. Minutes before the crash, the wives of the men were said to overhear them talking about the Autopilot feature of the vehicle, which was a 2019 Tesla Model S. The two victims were identified as Everette Talbot, 69, and William Varner, 59, a prominent local anaesthesiologist.


I had assumed that the men who died would be in their 20s – that it was some sort of overconfident drunken kid thing. Instead it looks more like an overconfident drunken boomer thing.
unique link to this extract

Microsoft shelves Windows 10X – not shipping in 2021 • Petri

Brad Sams:


Back in the fall of 2019, Microsoft held a Surface event that will likely go down in history as one of the most ambitious announcements from the company. At the keynote, Microsoft unveiled three new products that were not only completely new for the company but also pushed them in a bold new direction.

The Surface Duo, Surface Neo, and Windows 10X grabbed all the headlines; Microsoft was shoved into the limelight with a folding phone, a folding PC, and a new OS. But as time moved forward, the reality of these ambitious projects turned sour.

Of the three projects, the Surface Duo did arrive in all of its Android glory. Running a Google-created OS, the Surface Duo delivered on its promise to create a foldable device made of the same premium-lineage of the Surface brand but the highlights were short-lived.

Not long after shipping, Microsoft stopped promoting the device, updates were slow to arrive, and the future of significant software updates (moving to newer versions of Android) is unknown.

But the Surface Neo was met with a different fate. The device that was going to run Microsoft’s new 10X operating system was delayed and the OS was pushed down a different path. Instead of initially be designed for dual-screened devices, Microsoft would develop 10X for single-screened experiences first and that was the end of the Surface Neo shipping anytime soon.

As we head into the spring of 2021, the plans are changing again for the OS. According to people familiar with the company’s plans, Microsoft will not be shipping Windows 10X this year and the OS as you know it today, will likely never arrive. The company has shifted resources to Windows 10 and 10X is on the back burner, for now.

…The reality is that if Microsoft is going to invest heavily in a modern version of Windows 10, it should be to run Windows 10 on ARM.


Also worth reading: Extremetech’s Joel Hruska on why a lightweight Windows is a no-go and is why Apple almost surely will never “united” macOS and iOS.
unique link to this extract

Chinese TV maker Skyworth under fire for excessive data collection that users call spying • South China Morning Post

Xinmei Shen:


Chinese television maker Skyworth has issued an apology after a consumer found that his set was quietly collecting a wide range of private data and sending it to a Beijing-based analytics company without his consent.

A network traffic analysis revealed that a Skyworth smart TV scanned for other devices connected to the same local network every 10 minutes and gathered data that included device names, IP addresses, network latency and even the names of other Wi-Fi networks within range, according to a post last week on the Chinese developer forum V2EX.

The data was sent to the Beijing-based firm Gozen Data, the forum user said. Gozen is a data analytics company that specialises in targeted advertising on smart TVs, and it calls itself China‘s first “home marketing company empowered by big data centred on family data”.

…The Shenzhen-based TV and set-top box maker issued a statement on April 27, saying it had ended its “cooperation” with Gozen and demanded the firm delete all its “illegally” collected data. Skyworth also said it had stopped using the Gozen app on its televisions and was looking into the issue.

Gozen issued a statement on its website on the same day, saying its Gozen Data Android app could be disabled on Skyworth TVs, but it did not address the likelihood that users would be aware of this functionality. The company also apologised for “causing user concerns about privacy and security”.


However, the two companies had been working together since 2014, so there might be a little bit of data here and there which has already been swallowed into some huge maw.
unique link to this extract

Ohio lawmaker was driving while attending a government meeting via Zoom • Columbus Dispatch

Laura Bischoff:


On the same day a distracted driving bill was introduced, state Sen. Andrew Brenner, R-Delaware, participated in a government video meeting while driving.

“I wasn’t distracted. I was paying attention to the driving and listening to it (the meeting,)” Brenner said. “I had two meetings that were back to back that were in separate locations. And I’ve actually been on other calls, numerous calls, while driving. Phone calls for the most part but on video calls, I’m not paying attention to the video. To me, it’s like a phone call.”

He added that he was parked during most of the video meeting of the Ohio Controlling Board. “I was wearing a seat belt and paying attention to the road.”

House Bill 283, introduced Monday, calls for a ban on writing, sending or reading texts, viewing videos or taking photos, live streaming and using applications while driving.

It would also make holding or using an electronic device while driving a primary offense, which would permit police to pull the driver over. Currently, texting while driving is a secondary offense for drivers over 18, which means police must witness another moving violation before pulling the driver over.


The video clip shows him looking left and right, clearly about to pull out from a junction – not “parked”. But he didn’t have the honesty to not use a fake background. For reference if you ever need to define “hypocrisy”. And we now have this week’s “things not to do on Zoom”, to go with …that, and “getting out of the bath”.
unique link to this extract

Trump abused the system. Facebook created it • WIRED

Virginia Heffernan:


About the American president as author of the posts, the [Facebook Oversight Board] statement says, “As president, Mr. Trump had a high level of influence. The reach of his posts was large, with 35 million followers on Facebook and 24 million on Instagram.” The board went on: “It is not always useful to draw a firm distinction between political leaders and other influential users, recognizing that other users with large audiences can also contribute to serious risks of harm.”

Though put in a matter-of-fact way, this point was the one surprise—even shock—in the oversight board’s statement. To Facebook, the American president is clearly not a public servant or even a commander-in-chief. He’s an influencer. And he gets his power not from the people but from Facebook and its business model of influencers and followers.

Power established on Facebook is not “legitimate” in sociological terms; it’s not power, like that of a schoolteacher or elected official, that’s regarded as just and appropriate by those over whom it is exercised. Far from it. “Influence” on Facebook is based on nothing but a (cheatable) point system in Facebook’s highly stylized massively multiplayer role-playing game. But that does not get mentioned by anyone on this committee, which has been blinded, in the McLuhan sense, to the game’s contrivances. Influence on Facebook is closer to influence in World of Warcraft than it is to legitimate power. But instead of calling out Facebook for creating a system that confers unregulated and dangerous “influence” on people, they speak of the abuse of that system by a designated bad actor.

Shoshana Zuboff, a professor at the Harvard Business School and a member of something called the Real Facebook Oversight Board, which was formed by Facebook skeptics determined to oversee the overseers the corporation had appointed, says that over two decades, internet-users have turned over responsibility for the common good to a “for-profit surveillance society”—the big tech companies. It’s Facebook’s business model and no one bad actor who put Facebook on what Zuboff calls “a collision course with democracy.”


Meta-note: there is a lot of good content on Wired. It’s got a lot of sharp takes on social impacts of technology.
unique link to this extract

You got this far – why not preorder Social Warming, coming out next month.

Errata, corrigenda and ai no corrida: none notified

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.