Start Up No.1550: the lifesaving tracing app, the antivax superspreaders, ransomware gangs go dark, Twitter plans subscriptions, and more

Is Roblox a game, or an “experience”? According to Apple, it’s the latter – conveniently for its lawsuit with Epic Games. CC-licensed photo by Jay Cross on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 10 links for you. Traceable. I’m @charlesarthur on Twitter. Observations and links welcome.

NHS tracing app ‘prevented thousands of deaths’ • BBC News


“On average, each confirmed case who consented to notification of their contacts through the app prevented one new case,” the paper claims.

The research has been accepted for publication by the journal Nature.

Some of the researchers were themselves involved in the creation of the NHS contact-tracing app, and had previously released some of the estimates.

But the inclusion in Nature means the paper has now been peer-reviewed by other academics. It has been made available as a preview of papers due for publication.

The paper covers the time between the app’s launch on 24 September last year until the end of 2020. It was “used regularly” by 16.5 million people – about 28% of the UK population, the research says.

It works by using a smartphone’s sensors to measure how close a user is – and for how long – to other app users. If one of those people tests positive for coronavirus, the app can issue an alert telling those who have been in close contact to self-isolate. It sent about 1.7 million “exposure notifications” after 560,000 app users tested positive, the research paper said.


The app is separate from (but parallel to) Test and Trace, which tries to find people who have been in contact with people who definitely test positive. The researchers reckoned that on average, for both systems, only about 6% of people who were alerted then tested positive; and on average each person who consented to receive alerts stopped one case. Averages, though: there will have been a lot of variation in those numbers.
unique link to this extract

Just 12 people are behind most vaccine hoaxes on social media, research shows • NPR

Shannon Bond:


Researchers have found just 12 people are responsible for the bulk of the misleading claims and outright lies about COVID-19 vaccines that proliferate on Facebook, Instagram and Twitter.

“The ‘Disinformation Dozen’ produce 65% of the shares of anti-vaccine misinformation on social media platforms,” said Imran Ahmed, chief executive officer of the Center for Countering Digital Hate, which identified the accounts.

Now the vaccine rollout is reaching a critical stage in which most adults who want the vaccine have gotten it, but many others are holding out, these 12 influential social media users stand to have an outsize impact on the outcome.

After this story published on Thursday, Facebook said it had taken down more of the accounts run by these 12 individuals.

These figures are well-known to both researchers and the social networks. They include anti-vaccine activists, alternative health entrepreneurs and physicians. Some of them run multiple accounts across the different platforms. They often promote “natural health.” Some even sell supplements and books.


The CCDH also did a followup on the “dozen”. It’s taken Facebook quite a while to get around to taking accounts down: the first report dates back to March, and the sequel to April.
unique link to this extract

Confronting disinformation spreaders on Twitter only makes it worse, MIT scientists say • Vice

Matthew Gault:


Of all the reply guy species, the most pernicious is the correction guy. You’ve seen him before, perhaps you’ve even been him. When someone (often a celebrity or politician) tweets bad science or a provable political lie, the correction guy is there to respond with the correct information. According to a new study conducted by researchers at MIT, being corrected online just makes the original posters more toxic and obnoxious.

Basically, the new thinking is that correcting fake news, disinformation, and horrible tweets at all is bad and makes everything worse. This is a “perverse downstream consequence for debunking,” and is the exact title of MIT research published in the ‘2021 CHI Conference on Human Factors in Computing Systems.’ The core takeaway is that “being corrected by another user for posting false political news increases subsequent sharing of low quality, partisan, and toxic content.”

The MIT researchers’ work is actually a continuation of their study into the effects of social media. This recent experiment started because the team had previously discovered something interesting about how people behave online. “In a recent paper published in Nature, we found that a simple accuracy nudge—asking people to judge the accuracy of a random headline—improved the quality of the news they shared afterward (by shifting their attention towards the concept of accuracy),” David Rand, an MIT researcher and co-author of the paper told Motherboard in an email.


This doesn’t seem to offer many ways to get correct information to places where it would be useful. Add it to the previous link, and our only hope is for the platforms to take them off.
unique link to this extract

Google says everything at Stadia is fine, as the water reaches their noses • Kotaku

Zack Zwiezen:


according to Google, a company famous for shutting down services, everything is fine. They added a search bar and Resident Evil 7 to the service. Nothing to worry about!

This reassurance that Google Stadia is “alive and well” comes from an interview with Stadia’s Developer Marketing Lead Nate Ahearn on During the interview, as he assured us that all was well, I got the distinct feeling that all at Google Stadia isn’t well at all, and that the company is mostly rearranging chairs on a sinking Titanic, while pointing towards anything to distract folks from the rapidly rising water levels. And the fact that this ship doesn’t have many people on it.

When asked what Google Stadia was doing that proves it’s actually “alive and well” Ahearn pointed to all the games being added to the service. “We’re well on our way to over 100 new games launching on Stadia in 2021,” explained Ahearn, “And we’re continuing to make Stadia a great place to play games on devices you already own.” When pushed by GI.Biz to give a real answer, Ahearn offered more jargon and gibberish instead, saying Google is, “focused on delivering value for our partners and on behalf of our players.”


Though Google has been careful not to say how many players there are. Or whether the number is going up or down. A report in February suggested that it has missed its user target by hundreds of thousands of users (ouch), with the implication that was a significant compared to the target.
unique link to this extract

Ransomware gangs disrupted by response to Colonial Pipeline hack • Reuters

Joseph Menn:


Multiple ransomware groups claimed they were shutting down or scaling back operations on Friday as the US government ramped up pressure while tech companies, cryptocurrency exchanges and others worried about getting caught in the crossfire.

DarkSide, the Russian-speaking gang blamed by the FBI for a hacking attack that led to a six-day fuel pipeline shutdown, said it was going out of business after losing access to some of its servers.

Another major criminal gang said it would forbid encryption attacks on critical infrastructure, and forums where such gangs recruit partners said they were banning ads related to ransomware, analysts said.

US President Joe Biden repeatedly warned the gangs and major host country Russia about consequences for a ransomware attack that prompted Colonial Pipeline to shut down the main supply line to the East Coast. That line was resuming full operation, but many pumps remain empty at stations in some states after days of panic buying.

Investigators said DarkSide provided the encryption software that a criminal affiliate used to render Colonial’s internal files inaccessible. It planned to split any ransom to recover that data with the affiliate, who the investigators have identified as another Russian criminal.

DarkSide claimed that some of its money had been transferred to new electronic wallets, though rivals and some US experts warned the group could be using the uproar as an excuse to cash out. Ransomware gangs commonly change names and membership.


I suspect that all that will happen is that, as he suggests, the gang will find a new name. The security company Elliptic looked at where the money paid as a ransom by Colonial went, and reckons it has received $17.5m since March. At that sort of pay rate, you’re either going to cash out forever, or just keep going.
unique link to this extract

Apple said Roblox developers don’t make games, and now Roblox agrees • The Verge

Adi Robertson:


Roblox has used the term “experience” in place of “game” before, and CEO David Baszucki called Roblox a “metaverse” rather than a gaming platform last year. But this change happened days after a legal fight over whether Roblox experiences are games — and by extension, whether Roblox itself should be allowed on the iOS App Store.

The Epic v. Apple antitrust trial has produced a weeks-long, frequently hilarious debate over the definition of a video game. Epic wants to prove that its shooter Fortnite is a “metaverse” rather than a game, pushing the trial’s scope to cover Apple’s entire App Store instead of just games. Apple wants to prove that Epic is an almost purely game-related company and that the App Store maintains consistent, user-friendly policies distinguishing “apps” from “games.” It also wants to defend a ban on “stores within a store” on iOS.

Roblox blurs the line between a large social game and a game engine or sales platform. Users don’t enter a single virtual world like Second Life; they launch individual experiences created by users. Developers can sell items within those experiences, and there are full-fledged game studios that build with Roblox instead of, say, the Unity or Unreal engines. But all of this activity happens within a single Roblox app, instead of as a series of separately packaged games.

Apple has apparently worried about this fuzziness. In a 2017 email, Apple marketing head Trystan Kosmynka said he was “surprised” that Roblox (which he referred to as “Roboblox”) had been approved for the App Store. The email chain indicates that App Store reviewers raised concerns in 2014, but Roblox was approved without ever resolving the issues. Epic brought the decision up again in court, hoping to cast doubt on Apple’s App Store review process.


This is heading for angels-on-a-pin territory, which of course is exactly where Epic wants to leave Apple: with a legacy of annoyed developers and a hairsplitting approach to what is and what, precisely, isn’t, a “game”. Epic’s going to lose, but wants to leave Apple with a Pyrrhic victory.
unique link to this extract

‘Twitter Blue’ is the company’s upcoming subscription service – 9to5Mac

José Adorno:


Twitter has been working on its subscription service for a while now. Today, researcher Jane Manchun Wong said the service is going to be called Twitter Blue and, as for now, is priced at $2.99/month.

Twitter Blue will feature a new function called ‘Collections’ which will let users save and organize their favorite tweets into collections to easily find them later. Alongside this feature, Twitter will also bundle the ‘Undo Tweet’ function to its premium service.

This feature looks a lot like Gmail’s “undo send” button. The app just waits a few seconds before actually sending the message, so this could be what Twitter is planning to launch. As Wong shows, the company is working on the ability to adjust the duration of the undo Tweet timer from 5 seconds to up to 30 seconds.

Alongside these two features, Twitter could bundle Scroll with Twitter Blue. Last week, the company announced it acquired the subscription platform for users who don’t want to read content with ads but still support publishers to bring in more revenue than with traditional ads on a page.

Another paid-function from Twitter Blue could come from Revue, another service the company bough in January that helps people to publish newsletters on social media.


This has to be the limpest subscription offering ever. You can get zero ads by using a third-party app, which also has the benefit of offering reverse chronological rather than algorithmic ordering. You can “undo tweet” by two methods: 1) pause and have a think before you hit send *and* 2) delete your tweet after sending it. As for newsletters, well, it’s not as though they’ve got that market to themselves.
unique link to this extract

On the hypocrites at Apple who fired Antonio Garcia-Martinez • TK News

Matt Taibbi:


I’m biased, because I know Antonio Garcia-Martinez and something like the same thing once happened to me, but the decision by Apple to bend to a posse of internal complainers and fire him over a passage in a five-year-old book is ridiculous hypocrisy. Hypocrisy by the complainers, and defamatory cowardice by the bosses — about right for the Invasion of the Body Snatchers-style era of timorous conformity and duncecap monoculture the woke mobs at these places are trying to build as their new Jerusalem.

…After trying the writer’s life, Antonio went back to work for Apple. A few crucial points. One, he was recruited. Apple reached out to him, not the other way around. He sold his house in Washington State for the job and terminated his media work as part of what he expected would be a long-term commitment to Apple. In the hiring process they asked a slew of questions and checked with numerous references, including about Chaos Monkeys. The company was fully aware of the book and its contents. It was a bestseller for a month, and an NPR book of the year.

…I’m a fan of Dr. Dre’s music and have been since the N.W.A. days. It’s not any of my business if he wants to make $3bn selling Beats by Dre to Apple, earning himself a place on the board [he’s not on the board – CA] in the process. But if 2,000 Apple employees are going to insist that they feel literally unsafe working alongside a man who wrote a love letter to a woman who towers over him in heels, I’d like to hear their take on serving under, and massively profiting from a partnership with, the author of such classics as “Bitches Ain’t Shit” and “Lyrical Gangbang,” who is also the subject of such articles as “Here’s What’s Missing from Straight Outta Compton: Me and the Other Women Dr. Dre Beat Up.”

…Maybe the signatories to the Apple letter can have a Chaos Monkeys book-burning outside the Chinese facility where iPhone glass is made — keep those Uighur workers warm! Or they can have one in Dublin, to celebrate the €13bn tax bill a court recently ruled Apple didn’t have to pay.


Martinez tweeted about this on Friday. He’s pretty angry. As to Taibbi’s question of why the staff don’t complain about Dr Dre or Irish tax bills or the Uighurs: they don’t affect internal working conditions.
unique link to this extract

Disinformation in the UK May elections • Valent Newsletter



Our monitoring of the May 6 local elections in the UK uncovered what is likely to be the first time a US-style, social media powered, alt right campaign has unseated an elected official from a major British political party. Our investigation found content behind this campaign getting attention from far-right groups across the country. 

Sean Fielding was council leader in Oldham and accused by a network of social media pages of covering up sexual abuse and a conspiracy to undermine the white communities of Oldham. His primary accuser is Raja Miah MBE, a former CEO of two now closed Oldham schools who runs a website called Recusant Nine detailing these accusations against Fielding and the wider Labour establishment in Oldham. Miah’s pages link to the Proud of Oldham and Saddleworth (POS) party and vice versa, and it was Mark Wilkinson, affiliated to POS who unseated Fielding last week by 200 votes. 

At first glance this may not feel new; Oldham has seen successful independent council candidates before, and Labour lost ground in many Brexit supporting places like this. But what is striking about Fielding’s defeat is the interplay of tech platforms, race-fuelled accusations of child abuse, and crowd-sourced funding.


There’s also a version of this story in the Sunday Times (subscription). Nobody seems quite able to pin down whether Fielding’s loss was specifically caused by misinformation on Facebook – the vote totals involved are really quite low, around 1,500 – or just random pertubations in how people voted. This is the other problem with figuring out what the effects are: it’s really hard to get voters to tell you.
unique link to this extract

Nuclear reactions at Chernobyl are spiking in an inaccessible chamber • New Scientist

Matthew Sparkes:


Scientists monitoring the ruins of the Chernobyl nuclear power plant in Ukraine have seen a surge in fission reactions in an inaccessible chamber within the complex. They are now investigating whether the problem will stabilise or require a dangerous and difficult intervention to prevent a runaway nuclear reaction.

The explosion at Chernobyl in 1986 brought down walls and sealed off many rooms and corridors. Tonnes of fissile material from the interior of a reactor were strewn throughout the facility and the heat it generated melted sand from the reactor walls with concrete and steel to form lava-like and intensely radioactive substances that oozed into lower floors.

One chamber, known as subreactor room 305/2, is thought to contain large amounts of this material, but it is inaccessible and hasn’t been seen by human or robotic eyes since the disaster.

Now, researchers have seen a spike in neutron emissions from the room, with levels increasing around 40% since the start of 2016. This points to a growing nuclear fission reaction, so researchers are trying to determine if this surge will fizzle out, as previous spikes in other parts of the ruins have done, or whether they will need to find a way to access the room and intervene.

Neil Hyatt at the University of Sheffield, UK, who studies nuclear waste disposal, likens the situation to “embers in a barbecue pit” and says “it’s a reminder to us that it’s not a problem solved, it’s a problem stabilised”.


One suggestion is that a new cover is drying the plant – removing the water that absorbs neutrons and slows down fission. Let’s hope Ukraine’s disaster plans are up to date.
unique link to this extract

Errata, corrigenda and ai no corrida: none notified

Don’t worry, still time to preorder Social Warming, out on June 24 (August in the US).

Start Up No.1549: Apple unhires controversial ad man, seeking truth in India, beat that inbox!, Robinhood’s lottery design, and more

Why can’t phone networks stamp out spoofing? Because it would reveal which lines are subject to government tapping. CC-licensed photo by garann on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 9 links for you. Lights on! I’m @charlesarthur on Twitter. Observations and links welcome.

The voice in your head could be mine if you buy the audiobook; or just have your own inner monologue. Preorder Social Warming, out June 24.

‘Misogynistic’ Apple hire is out hours after employees call for investigation • The Verge

Zoe Schiffer:


Antonio García Martínez is no longer working at Apple hours after employees circulated a petition calling for an investigation into his hiring. Martínez, a former Facebook product manager on the ad targeting team, authored a controversial book about Silicon Valley where he expressed misogynistic views on women.

“We are deeply concerned about the recent hiring of Antonio García Martínez,” employees wrote in the petition. “His misogynistic statements in his autobiography — such as ‘Most women in the Bay Area are soft and weak, cosseted and naive despite their claims of worldliness, and generally full of shit’ (further quoted below this letter) — directly oppose Apple’s commitment to Inclusion & Diversity.”

More than 2,000 employees signed the petition before it was published by The Verge.

Shortly after the petition began circulating internally at Apple, Martínez’s Slack account was deactivated. The ad platforms team was called into an emergency meeting where it was confirmed Martínez would no longer be working at the company.


Well, that escalated quickly. Martinez was hardly anyone’s idea of a gladhander, but he did get results. Perhaps it says something about the companies involved that he lasted two years at Facebook and roughly as many days (ok, maybe weeks) at Apple. Or maybe it’s because he wrote the book in the middle which made his views clear.

That’s not quite all, though. Jean-Louis Gassée, Que Dieu Préserve, asks how he got hired when the coming culture clash was out there for everyone to see. “How come he got hired, vetted? You know the one cockroach theory. How many such bad hiring decisions?”

The “one cockroach” theory, if you didn’t know it (I didn’t), is that when you see one cockroach you should realise there are a ton more of them too, just out of sight. So how many people who aren’t actually a good cultural fit have been hired at Apple, over what period? And what effect will that have, in time?
unique link to this extract

Fact-checking Modi’s post-truth India • Rest of World

Sonia Faleiro:


Misinformation is a challenge globally, but in India, it’s practically baked into the ruling party’s communications. And while the platforms that are host to this misinformation, like Facebook and Twitter, have made attempts to curtail it, it hasn’t been enough to stem the tide. The average Indian media consumer is inundated with misinformation from the time they open the day’s paper to when they lie in bed scrolling on their smartphones at night, so much so that if they don’t make the effort to seek out facts for themselves, they risk responding to a fictional reality. 

It’s why two engineers, Zubair, 38, and his colleague Pratik Sinha, 39, banded together in 2016 to form Alt News, which debunks false information with meticulous documentation. But while their profile has risen in recent years, they still find themselves playing whack-a-mole in a country increasingly hostile to the truth.

Alt News is based in Ahmedabad, the largest city in Gujarat. Before the pandemic forced its team to stay home, 12 full-time staffers worked out of its office, located in a quiet residential lane. Now, back home in the southern city of Bangalore, Zubair, a charismatic extrovert, manages fact-checking assignments as well, in part, Alt News’s massive social media following — more than 1.3 million across its multiple platforms, including Zubair and Sinha’s own followings. 

Every day, Zubair pores over his smartphone, scanning social media accounts that he knows exist only to pump out misinformation. He also monitors Alt News’s WhatsApp number, where people are encouraged to send images and videos. Usually, there will be requests to verify gossip about Indian movie stars, and now, as the country reels from the impact of a second Covid wave, bogus home remedies are doing the rounds. 

But what makes the Indian media ecosystem unique, Zubair told me, is that much of the misinformation is focused on religious minorities, particularly Muslims, India’s largest such minority. “Typically,” he said, “it’s a Muslim doing something”: images from Egypt misrepresented as Ramadan gatherings in India at the height of the pandemic, scenes from Bangladesh misleadingly shared as anti-Hindu violence.


unique link to this extract

An economist’s tips on making email work for you • Tim Harford

He’s sorted data, now he’s sorting your inbox:


First: use the tools that many email programs offer. If you want to send an email to a large group while ensuring that only you receive the replies, don’t type “PLEASE DO NOT REPLY ALL”. Make it impossible to do so by putting the group in BCC. If someone else fails to follow this rule and your inbox fills up with witty but irrelevant banter from colleagues, try “mute”. Use “schedule send” to ensure your email arrives during office hours, no matter when you send it. This is a kindness, but also trains your colleagues not to expect instant responses.

Second: be the change you want to see in the world. Try announcing that you are “moving Julia to BCC” as a way of politely excusing her from further duties in a group email. Dabble with changing the subject line: “Arrangements for AGM 8 July” ceases to be a good subject if the AGM has been moved to July 7. If your entire email is that the 4pm meeting has been postponed by 15 minutes, then I recommend a subject line “The 4pm meeting has been postponed by 15 minutes //” rather than “URGENT PLEASE READ”.

Why act like this? Because it makes you a more pleasant person to work with. Because people will notice, and they may learn. Just as people acquire appalling habits from each other, such as sending repeated invitations to the same Zoom URL (or is it the same?), they also follow good examples.
My third piece of advice is the most fundamental: clarify and decide. A hundred emails a day is a lot if you leave half of them sitting in your inbox. Keep that up and in a month you’ll have 1,500. Give it a year and you’ll be begging to be allowed to declare email bankruptcy, post the keys through the letterbox and walk away. The solution is to be sharper about your decisions. If no action is needed then delete or archive. Most archived email is easy to find again.

If action is needed, and it is brief and obvious, do it immediately. Otherwise, archive the email and note the project in a task manager such as Trello, Remember the Milk or even a simple text file.


Next in this series should be “how to choose a task manager” followed by “why the best way to empty your task manager is to email the tasks to yourself”.
unique link to this extract

Emotion recognition: can AI detect human feelings from a face? • Financial Times

Madhumita Murgia:


For most of the past year, students at True Light College, a secondary school for girls in Kowloon, Hong Kong, have been attending classes from home. But unlike most children around the world forced into home-schooling during the pandemic, the students at True Light are being watched as they sit at their desks. Unblinking eyes scrutinise each child’s facial expressions through their computer’s cameras.

The “eyes” belong to a piece of software called 4 Little Trees, an artificial intelligence program that claims it can read the children’s emotions as they learn. The program’s goal is to help teachers make distance learning more interactive and personalised, by responding to an individual student’s reactions in real time.

The 4 Little Trees algorithm works by measuring micro-movements of muscles on the girls’ faces, and attempts to identify emotions such as happiness, sadness, anger, surprise and fear. The company says the algorithms generate detailed reports regarding each student’s emotional state for teachers, and can also gauge motivation and focus. It alerts students to “get their attention back when they are off track”.

Its founder, a former teacher, Vicky Lim, says it reads the children’s feelings correctly about 85% of the time. The popularity of the software has exploded during the pandemic, with the number of schools using 4 Little Trees in Hong Kong growing from 34 to 83 over the past year, according to Lim.

4 Little Trees uses one of a family of new algorithms that its creators claim can recognise human emotion and state of mind, such as tiredness, stress and anxiety, through the analysis of facial expression, micro-gestures, eye tracking and voice tones.

The technology is a natural evolution of facial recognition systems, which identify individuals but is far more invasive — it claims not just to understand how someone is feeling in the moment, but also to decode their intentions and predict their personality, based on fleeting expressions.


You can also try out a version the FT knocked up for you. (Requires camera access for Turns out I’m quite the poker face.)
unique link to this extract

The problem with legal intercept and backdoors • Baby is 60

Tim Panton:


There’s a thing that seems to be missed in the debate about encryption. We know exactly what happens if you enforce government sanctioned access to mass communications. We have watched it in the stagnation of the telcos.

You might think I’m exaggerating, but the Legal Intercept (LI) requirements stifle innovation. I can’t tell you how many meetings I’ve been in where I’ve been told that a proposed network topology change or customer experience improvement wasn’t possible because of LI. Having the government as a big and legally mandated cash cow slowed innovation to a crawl and hugely reduced the incentives for doing what is best for your other customers.

There is an even more insidious impact. LI enables and facilitates telephone fraud.

The problem is that the telephone system has to be constructed in such a way that legal interception isn’t detectable by the customers who are intercepted. This means that as a telco you can never, by law, offer your customers accurate callerID. If you did, they would be able to tell the difference between a normal call and one with the infamous ‘Man in the Middle’.

So next time you get a call from ‘windows support desk’ trying to defraud you, remember that this could have been engineered out of our phone system years ago but for legal intercept. This is a real societal and economic cost to LI that is often ignored in this debate.


This is from 2016, but you can bet that it’s still completely the case today. On Thursday I listened to a telephone executive swallow his way through a grilling on a consumer radio program where he repeatedly dodged explaining why spoofing hasn’t been designed out of the phone system. This is why. But of course he couldn’t explain that LI is why, because the phone networks can’t admit that LI happens. I do wonder how the US networks are doing this, given that LI happens there too (I think).
unique link to this extract

Michael Lewis: ‘We were incentivised to have a bad pandemic response’ • The Guardian

Andrew Anthony reviews Michael Lewis’s new book The Premonition, and talks to him as well:


If Dean and Mecher are the good guys, there are no shortage of baddies. Chief among these, perhaps surprisingly, is the Centers for Disease Control and Prevention, better known as the CDC. It’s an American federal institution with an international reputation. As Lewis himself admits, he’d always thought of the CDC as “one of the places in the government that America can be proud of”. This, he adds, is because he didn’t know what they were doing.

In the book, they are mostly not doing very much and a lot of their energy seems to go into preventing others from doing anything either. Back in the 1970s, the then head of the CDC, David Sencer, called for nationwide vaccination after a swine flu outbreak. Two hundred million doses of vaccine were ordered and 45m administered, only for the outbreak not to materialise. Sencer was blamed for overreacting and sacked. Henceforth, the CDC tended to err on the side of cautious inaction. “I think the CDC had virtues but it was not battlefield command. It had become a place where the generals had no experience fighting a war,” says Lewis.

He is impressed by what the Biden administration has achieved in a short time. “I feel like there’s an intelligent entity all of a sudden,” he says. Nor is he in any doubt how ill-suited Trump was to being the man in charge during a pandemic.


I think Michael Lewis’s next book should investigate how Michael Lewis is able to write so many amazing books that capture the zeitgeist. I would read that one too. (I’m currently reading The Premonition.)
unique link to this extract

Robinhood’s big gamble • The New Yorker

Sheelah Kolhatkar:


The app features whimsical illustrations, swipe navigation, and a St. Patrick’s Day color scheme; all were developed by the company’s creative director, Zane Bevan, one of Robinhood’s earliest employees. Like many of his colleagues, Bevan knew little about finance when he joined Robinhood. He told me that a year and a half ago the design team had updated the app to a primary-green shade from a teal color. “We wanted it to feel kind of honest and true,” he said. He and the rest of the team found the interfaces of other financial-services companies dense and intimidating. They instead took inspiration from weather, news, and fitness apps that required no prior knowledge to operate.

Natasha Dow Schüll, the author of “Addiction by Design: Machine Gambling in Las Vegas” and a professor in the media, culture, and communication department at N.Y.U., told me that little about Robinhood, or about many other popular mobile-phone applications, is novel. Clever engineers simply repurposed many of the design features of slot machines, which were developed over decades. Green, the color of luck and of money, is found throughout Las Vegas, and Schüll said that the physical design of casinos is also mirrored in Robinhood’s pursuit of a “frictionless” user experience. Even the ability to trade partial shares seemed to Schüll to fit into a trend of “nano monetization,” which also includes multiline video slot machines that run on pennies, and online-poker Web sites that offer players the option of betting a dollar or less on multiple tables simultaneously. One of Robinhood’s most popular features is the “free stock,” which is offered when a new user signs up. Until April, the stock appeared as an onscreen lottery ticket that you scratched off, revealing a share of a company you had likely never heard of.

Adam Alter is a professor of marketing at N.Y.U.’s Stern School of Business, and the author of “Irresistible: The Rise of Addictive Technology and the Business of Keeping Us Hooked.” He told me, “In a case of a company like Robinhood, it’s not enough for them to have users on the site. You actually have to get them to hit the Buy or Sell button.” He went on, “You’ve got to make that feel like it’s inconsequential. You’ve got to lower all the barriers resistant people might have to making financial decisions, so that you don’t even think about the money at all.”


Most of the first half of the article is about the history of Robinhood, but it gets a lot more forensic from this point onward.
unique link to this extract

Colonial Pipeline paid hackers nearly $5m in ransom • Bloomberg

William Turton , Michael Riley , and Jennifer Jacobs:


Colonial Pipeline Co. paid nearly $5m to Eastern European hackers on Friday, contradicting reports earlier this week that the company had no intention of paying an extortion fee to help restore the country’s largest fuel pipeline, according to two people familiar with the transaction.

The company paid the hefty ransom in difficult-to-trace cryptocurrency within hours after the attack, underscoring the immense pressure faced by the Georgia-based operator to get gasoline and jet fuel flowing again to major cities along the Eastern Seaboard, those people said. A third person familiar with the situation said U.S. government officials are aware that Colonial made the payment.

Once they received the payment, the hackers provided the operator with a decrypting tool to restore its disabled computer network. The tool was so slow that the company continued using its own backups to help restore the system, one of the people familiar with the company’s efforts said.

…[CEO of digital forensics firm LIFARS, Ondrej] Krehel said a $5m ransom for a pipeline was “very low.” “Ransom is usually around $25 million to $35 million for such a company. I think the threat actor realized they stepped on the wrong company and triggered a massive government response,” he said.


unique link to this extract

After Musk bitcoin U-turn, which coins are more climate friendly? • Al Jazeera

Ben Piven:


After months of cheerleading for Bitcoin, Tesla CEO Elon Musk told his 54.3 million Twitter followers on Wednesday that the electric vehicle maker is hitting the brakes on allowing customers to use Bitcoin as payment.

“We are concerned about rapidly increasing use of fossil fuels for Bitcoin mining and transactions, especially coal, which has the worst emissions of any fuel,” Musk wrote on Wednesday.

Yet Bitcoin is far from the only environmental villain in the crypto space. There are plenty of other tokens that also rely on energy-sucking proof of work (PoW) consensus mechanisms to validate transactions and mint new coins.

PoW requires a decentralised network of mining rigs – sometimes made up of thousands of computers labouring in unison – to solve complex math problems in a race to verify transactions to win new Bitcoins.

Not all virtual coins use PoW, but all of the most energy-consumptive do.

Many experts say proof of stake can offer the crypto sector a dramatically greener future. The biggest coins using that consensus mechanism — which relies on larger coin owners to validate blockchain transactions — are Binance Coin, Cardano, Polkadot, Stellar and Solana.

Others hope a third consensus mechanism, proof of space, could be greener still. It relies on hard-drive storage rather than processing power. Chia coin is marketed as a cryptocurrency with an ecological “farming” method, though environmentalists say the e-waste issue is a problem.

Al Jazeera asked Alex de Vries, a Dutch crypto sustainability expert who runs the site Digiconomist, for his best estimates using the annual carbon footprint of PoW coins measured in terawatt-hours (TWh) of electricity consumption.


TL;DR: they’re all pretty rubbish: using the equivalent energy to country A, or country B, or country C. It’s all a boondoggle, and I still wonder what is needed to make the house of cards collapse, Big Short-style.
unique link to this extract

Errata, corrigenda and ai no corrida: none notified

Start Up No.1548: new ad man riles Apple staff, how Covid wrecked medical trials, the real price of bitcoin, Musk the Martian, and more

The Peloton brand has huge customer loyalty, but it’s priced beyond most peoples’ reach. Is technology exacerbating economic splits? CC-licensed photo by Tony Webster on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 10 links for you. Not suspected. I’m @charlesarthur on Twitter. Observations and links welcome.

Here’s the news: I’ll be narrating the audio version of Social Warming, my forthcoming book, published in the UK on 24 June (August in the US). Also available in print.

Living in the future is a class issue • Ed Zitron’s Where’s Your Ed At

Ed Z:


Peloton and Tonal are both sold out for months, meaning that anyone putting down these thousands of dollars must be able to part with that money, but also be able to part with it for several months with no value add, or take on the debt necessary to complete the purchase. And if they don’t use it after taking on that debt, selling it on is both burdensome and difficult in and of itself, especially with Tonal. The common defense of these products is that they are cheaper than a gym membership, which makes sense until you recognize the upfront cost and the total lack of utility of these connected devices without a subscription. There is the opportunity to get more value out of them if you spent a similar amount on going to the gym (if you use them as such, they are significantly cheaper than a personal trainer), but with a significantly higher up front financial burden and a mandatory monthly fee.

This isn’t new – it’s always been the case that early adopters are privileged, because they can afford more things and can also afford for said things to not be as good, and thus upgrade to better things when they come along. New, exciting and futuristic tech is always expensive, then over time becomes cheaper as companies begin to work out ways to strip out features or use cheaper materials, or said materials somehow become cheaper. Then again, there’re also companies like Peloton that raised prices so that people would think the bike was better.

Hero – while significantly cheaper – still requires a $50-100 downpayment on the device and a $30-a-month subscription to physically organize and dispense your pills. Hero (or something like Hero) should be in the hands of every senior, as approximately 125,000 deaths and 10% of hospitalizations are caused by a lack of nonadherence to medicine (this article is from 2017, but I can’t imagine things have improved). But it isn’t – it’s a tech-enabled, WiFi-powered $30-a-month per person device (as you can’t use one device for two people’s medicines). While yes, you could use reminders and other things, having taken care of two elderly people and their litany of medicines, it is both extremely taxing and a matter of life and death to get medicines right.


As he points out, the feeling is that the current trajectory of technology (or at least, the technology we’re seeing come out of Silicon Valley) is towards things that satisfy people with plenty of money. Which means the gap in quality of living widens all the time. Where’s the democratising force?
unique link to this extract

Apple employees circulate petition demanding investigation into ‘misogynistic’ new hire • The Verge

Zoe Schiffer, Casey Newton and Elizabeth Lopatto:


A group of Apple employees has written a petition asking for an investigation into the hiring of Antonio García Martínez — a former Facebook product manager and author of the book Chaos Monkeys.

In the petition, the employees expressed concern about García Martínez’s views on women and people of color. His hiring “calls into question parts of our system of inclusion at Apple, including hiring panels, background checks, and our process to ensure our existing culture of inclusion is strong enough to withstand individuals who don’t share our inclusive values,” they write.

García Martínez, who has also written for Wired, was the product manager for Facebook’s ad targeting team from 2011 to 2013. Most of the things the Apple employees have expressed concern about come from Chaos Monkeys itself. (The book is dedicated to “all my enemies.”) The autobiography traces García Martínez going from Wall Street to Silicon Valley. García Martínez has described the book as “total Hunter S. Thompson/Gonzo mode.” The employees, in the petition, view it differently: they say it’s racist and sexist.


This has the potential to go abruptly very badly for Apple. Martinez has never been shy about expressing his opinions, or his opinion of other people’s opinions. He may be a terrific hire in terms of what he can do for the company’s advertising push, but he’s probably not even had his orientation day and things are blowing up. And Apple, like Google, is discovering the levels of dissent in its ranks.
unique link to this extract

App Store stopped over $1.5bn in suspect transactions in 2020 • Apple Newsroom


In 2020 alone, Apple’s combination of sophisticated technology and human expertise protected customers from more than $1.5 billion in potentially fraudulent transactions, preventing the attempted theft of their money, information, and time — and kept nearly a million risky and vulnerable new apps out of their hands.

…In 2020, nearly 1 million problematic new apps, and an additional nearly 1 million app updates, were rejected or removed for a range of reasons like those.

A smaller but significant set of these rejections was for egregious violations that could harm users or deeply diminish their experience. In 2020 alone, the App Review team rejected more than 48,000 apps for containing hidden or undocumented features, and more than 150,000 apps were rejected because they were found to be spam, copycats, or misleading to users in ways such as manipulating them into making a purchase.

Some developers perform a bait and switch: fundamentally changing how the app works after review to evade guidelines and commit forbidden and even criminal actions. When such apps are discovered, they’re rejected or removed immediately from the store, and developers are notified of a 14-day appeals process before their accounts are permanently terminated. In 2020, about 95,000 apps were removed from the App Store for fraudulent violations, predominantly for these kind of bait-and-switch maneuvers.


Transparently trying to reset the discussion; at least the numbers are useful. As John Gruber says, Apple’s essentially saying that it has a “five nines” success on this; but why not aim for “nine nines”?
unique link to this extract

Gold is now a green Bitcoin, and both are disastrous • Crypto Lucid

Franck Leroy:


Fewer and fewer Bitcoin proponents still claim that this crypto can be used as a daily currency. Bitcoin is now considered a purely speculative asset, like gold.

So how does bitcoin mining compare to gold mining from an environmental perspective?

For energy usage, nothing can beat Bitcoin. Mining 1$ of bitcoin consumes 2 to 7 times more energy than mining gold.

…We estimate that, each year, around 12 000 tons of specific electronic devices are produced and destroyed. More that 80% of the weight is metal (iron, aluminum, copper, …).

This means than around 10 000 tons of metal is extracted and transformed each year only for the bitcoin mining industry. This is 4 times more than the amount of gold extracted each year (around 2500 tons).

Also, the value of bitcoin production is 1/6 of gold production (17 B$ vs 100 B$). Hence, overall, 1$ of Bitcoin requires 24 times more mining of metal than 1$ of gold.


These numbers go up and down, of course, with the “price” of bitcoin (and gold), nut never in bitcoin’s favour. Trouble is, it’s now become a barnacle on the world’s energy supply, and there’s no obvious way to get it off. Closing exchanges might help, but would probably only mean the exchanges shifted to countries uninterested in closing them – which encouraged them, in fact.

unique link to this extract

How COVID broke the evidence pipeline • Nature

Helen Pearson:


[Emergency medicine specialist Simon] Carley compares the time before and after COVID-19 to a choice of meals. Before the pandemic, physicians wanted their evidence like a gourmet plate from a Michelin-starred restaurant: of exceptional quality, beautifully presented and with the provenance of all the ingredients — the clinical trials — perfectly clear. But after COVID-19 hit, standards slipped. It was, he says, as if doctors were staggering home from a club after ten pints of lager and would swallow any old evidence from the dodgy burger van on the street. “They didn’t know where it came from or what the ingredients were, they weren’t entirely sure whether it was meat or vegetarian, they would just eat anything,” he says. “And it just felt like you’ve gone from one to the other overnight.”

Kari Tikkinen, a urologist at the University of Helsinki who had run clinical trials in the past, was equally shocked early last year to talk to physicians who were so confident that untested therapies such as hydroxychloroquine were effective that they questioned the need to test them in clinical trials. It was “hype-based medicine”, he says — fuelled by former US president Donald Trump, who announced last May that he had started taking the drug himself. “It very quickly got ahead of us, where people were prescribing any variety of crazy choices for COVID,” says Reed Siemieniuk, a doctor and methodologist at McMaster University.

Many doctors and researchers did race to launch clinical trials — but most were too small to produce statistically meaningful results, says Tikkinen, who leads the Finnish arm of SOLIDARITY, an international clinical trial of COVID-19 treatments coordinated by the World Health Organization (WHO). Hydroxychloroquine was the most-tested drug according to a database of 2,900 COVID-19 clinical trials called COVID-NMA: it was tested in 250 studies involving nearly 89,000 people (see ‘Too many trials?’). Many are still under way, despite convincing evidence that the drug doesn’t help: the RECOVERY trial concluded that hydroxychloroquine should not be recommended to treat COVID-19 in June last year.


unique link to this extract

China’s population grows at slowest rate in decades • Financial Times

Sun Yu, Tom Mitchell and Thomas Hale:


China’s population grew at its slowest rate in decades in the 10 years to 2020, according to census data released on Tuesday, which also showed that births declined sharply last year.

The nation’s once-in-a-decade census, which was completed in December, showed its population increased to 1.41bn in 2020 compared with 1.4bn a year earlier, the National Bureau of Statistics said.

The Financial Times reported last month that the Chinese government would reveal the first year-on-year population decline in 60 years in the census data. People close to the NBS said the initial population figure came in at less than 1.4bn, but was revised up.

The official figures released on Tuesday showed the population grew just 5.4% from 1.34bn in 2010 — the lowest rate of increase between censuses since the People’s Republic of China began collecting data in 1953.


China is facing the demographic timebomb that the developed world is up against – but a key problem is that its population is (comparatively) poor as well as ageing. Plus there’s the suspicion, raised last week, that it is fiddling the census numbers and that the figure is actually shrinking. Though when you’re trying to count more than a billion people, any semblance of accuracy past a couple of significant figures is a monstrous feat in itself.
unique link to this extract

WhatsApp to restrict features if you refuse Facebook data sharing • Bleeping Computer

Sergiu Gatlan:


WhatsApp published a new FAQ on its website, reinforcing the May 15th deadline to accept the new privacy changes and saying that “no one will have their accounts deleted or lose functionality” because of the policy update.

“We’ve spent the last several months providing more information about our update to users around the world,” WhatsApp said in a statement. 

“In that time, the majority of people who have received it have accepted the update and WhatsApp continues to grow.”

Users will keep receiving reminders to accept sharing their data with Facebook for the next several weeks, reminders that will ultimately become persistent.

“At that time, you’ll encounter limited functionality on WhatsApp until you accept the updates,” the company added.

As WhatsApp’s statement details, users who will not accept the privacy updates will gradually see their accounts’ functionality restricted:

• You won’t be able to access your chat list, but you can still answer incoming phone and video calls. If you have notifications enabled, you can tap on them to read or respond to a message or call back a missed phone or video call.
• After a few weeks of limited functionality, you won’t be able to receive incoming calls or notifications, and WhatsApp will stop sending messages and calls to your phone.


So this has rolled around again. However, the counter is this Bloomberg story: “Facebook ordered to stop collecting German WhatsApp data“:


a regulator in the nation said the company’s attempt to make users agree to the practice in its updated terms isn’t legal.

Johannes Caspar, who heads Hamburg’s privacy authority, issued a three-month emergency ban, prohibiting Facebook from continuing with the data collection. He also asked a panel of European Union data regulators to take action and issue a ruling across the 27-nation bloc. The new WhatsApp terms enabling the data scoop are invalid because they are intransparent, inconsistent and overly broad, he said



Might not be quite over in Germany, and by extension the EU. Everywhere else, though, gets to like it or lump it.
unique link to this extract

The Martian • No Mercy / No Malice

Scott Galloway:


Is Mr. [Elon] Musk a net positive for society? 100% yes. It’s the word “net” that is the problem. We do basic math on a person/firm, issue a thumbs up/down, and decide (if thumbs up) to ignore the externalities. This is tantamount to deciding pesticides are a net good (they are), so we should disband the EPA.

Naked examples of Musk’s influence/externality: the tweeted endorsements of his favored assets. Bitcoin is a trillion-dollar cryptocurrency that could reshape the world economic order … and Musk can manipulate it with (many) fewer than 280 characters.

Researcher Lennart Ante found “significantly abnormal returns of up to 18.99%” after Musk tweeted about bitcoin. “I believe that cryptocurrency traders are looking for role models and validation,” Ante told us when we asked him about his research. But, “we are facing a moral dilemma” he pointed out, between free speech and the protection of investors. When Musk changed the bio of his Twitter account to “#bitcoin” on January 29, the cryptocurrency rose from $32,000 to more than $38,000. Is it free speech? Yes. Does that mean it won’t destabilize the markets and end badly?

I. Don’t. Know.

…The theory of relativity dictates that massive objects distort the space-time continuum, and light and matter slide toward it. Musk has become a similar celestial force in our markets — but in this case, the graviton particles are genius, attention, id, and capital.

…If there is a glitch in the matrix, it’s us. One in five U.S. households with children is food insecure, and we have a man telling his 53 million acolytes to purchase a digital currency so he can sell it at a profit to pad the earnings of a company that’s worth more than automakers producing 60 times the vehicles. And why wouldn’t he? When you tell an innovator he’s Jesus Christ, he’s inclined to believe you.

Once we idolized astronauts and civil rights leaders who inspired hope and empathy. Now we worship tech innovators that create billions and move financial markets. We get the heroes we deserve.


unique link to this extract

How to keep your Android device immune to malicious vaccine themed apps • HOTforSecurity

Cristina Popov:


Attackers are exploiting the COVID-19 vaccine apps to deploy malware to Android devices. Since the outburst of the pandemic, they haven’t missed any opportunity to spread malware via Covid19-themed emails, apps, websites and social media.

But now, Bitdefender researchers have found multiple apps taking advantage of mobile users looking for information about the vaccines or seeking an appointment to get the jab.

Sometimes disguised in or invisibly attached to legit digital products, these fake applications are ready to take over the device after just a few taps. Google has been trying to vet all vaccination-related applications properly, but some fell through the cracks.


So they need.. antivirus? (Thanks G for the link.)
unique link to this extract

“Running Orders” by Lena Khalaf Tuffaha • Poetry Foundation


They call us now,
before they drop the bombs.
The phone rings
and someone who knows my first name
calls and says in perfect Arabic
“This is David.”
And in my stupor of sonic booms and glass-shattering symphonies
still smashing around in my head
I think, Do I know any Davids in Gaza?
They call us now to say
You have 58 seconds from the end of this message.
Your house is next.


This isn’t the whole of the poem. I recommend the whole highly.
unique link to this extract

Errata, corrigenda and ai no corrida: none notified

Start Up No.1547: ‘dark pattern’ regulation?, IEA raises renewables forecast, DarkSide under scrutiny, Trump’s blog flops, and more

What happens if you post an Apple AirTag? Turns out you can track its progress. CC-licensed photo by Spixey on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 10 links for you. Toot toot! I’m @charlesarthur on Twitter. Observations and links welcome.

The internet’s ‘dark patterns’ need to be regulated • The New York Times

Greg Bensinger is a member of the NYT’s editorial board:


Some things are difficult by design.

Consider Amazon. The company perfected the one-click checkout. But canceling a $119 Prime subscription is a labyrinthine process that requires multiple screens and clicks.

Or Ticketmaster. Online customers are bombarded with options for ticket insurance, subscription services for razors and other items and, when users navigate through those, they can expect to receive a battery of text messages from the company with no clear option to stop them.

These are examples of “dark patterns,” the techniques that companies use online to get consumers to sign up for things, keep subscriptions they might otherwise cancel or turn over more personal data. They come in countless variations: giant blinking sign-up buttons, hidden unsubscribe links, red X’s that actually open new pages, countdown timers and pre-checked options for marketing spam. Think of them as the digital equivalent of trying to cancel a gym membership.

There are plans in both the House and Senate to tackle dark patterns. And there’s movement at the state level, too. California strengthened its data privacy laws to include certain dark patterns and, in Washington State, lawmakers included similar language in a failed privacy bill of its own.

The phrase was coined over a decade ago by a British user experience designer — who maintains an online “hall of shame” — and since then dark patterns have become only more effective and pernicious. Because of the scale of the internet, if even a small percentage of these ploys work, many thousands or even millions of people may be affected.


Have you subscribed to the NYT online? To unsubscribe, you need to phone them during (their) work hours and persuade them to unsubscribe you. Editorialiser, edit thyself. Legislation is a good idea: make it obligatory that you can unsubscribe by the same method. Simple. (Via Benedict Evans’s newsletter.)
unique link to this extract

‘Exceptional new normal’: IEA raises growth forecast for wind and solar by another 25% • Carbon Brief

Simon Evans:


The International Energy Agency (IEA) has raised its forecast for the global growth of wind and solar by another 25% compared to figures it published just six months ago.

Furthermore, the IEA’s “renewable energy market update” forecasts nearly 40% higher growth in 2021 than it expected a year ago, putting wind and solar on track to match global gas capacity by 2022.

The Paris-based agency says a “huge” 280 gigawatts (GW) of renewable capacity – primarily wind and solar – was installed globally last year, some 45% higher than the level in 2019, after the largest annual increase in more than 20 years.

This “exceptional” level of annual additions will become the “new normal” in 2021 and 2022, the IEA says, with the potential for further acceleration in the years that follow.

Overall, the IEA says that renewables accounted for 90% of new electricity generating capacity added globally last year and that they will meet the same share in each of the next two years.


What’s really notable about this is that for years, the IEA’s forecast for renewables has been miles below what actually happened. Finally, though, it seems to have noticed.
unique link to this extract

Coal is losing the price war to wind and solar faster than anticipated • Electrek

Michelle Lewis:


No wonder Senator Joe Manchin (D-WV) and Cecil Roberts, president of US coal’s largest union, the United Mine Workers of America, finally (begrudgingly, on Manchin’s part) acknowledged the need for a transition from coal to renewables in Appalachia on April 19. Coal can no longer be justified in the US, not only for environmental and societal reasons but now also for economic reasons.

As demonstrated in many social media comments on my stories about green energy, particularly when it comes to Texas, the general public is still buying the fossil fuel industry’s lies, as well as the lies of their political supporters. But once the higher costs for fossil fuels hit consumers’ pockets, the lying won’t be able to continue.

Coal may be worryingly rebounding in Asia, according to a recent report from the International Energy Agency. Energy and environmental groups expected that fossil-fuel use would get worse before it got better.

There are issues that need to be urgently addressed in renewable growth, such as the demand for, possible shortage of, and ethical procurement of minerals and the urgent need for a big boost in renewable manufacturing in the US. But bottom line, coal is now the worst possible choice for energy on all fronts.


The link is to the US think tank Energy Innovation, which says that local wind and solar could replace 80% of the US coal fleet and save people money. That’s a lot.
unique link to this extract

A closer look at the DarkSide ransomware gang • Krebs on Security

Brian Krebs:


In late March, DarkSide introduced a “call service” innovation that was integrated into the affiliate’s management panel, which enabled the affiliates to arrange calls pressuring victims into paying ransoms directly from the management panel.

In mid-April the ransomware program announced new capability for affiliates to launch distributed denial-of-service (DDoS) attacks against targets whenever added pressure is needed during ransom negotiations.

DarkSide also has advertised a willingness to sell information about upcoming victims before their stolen information is published on the DarkSide victim shaming blog, so that enterprising investment scammers can short the company’s stock in advance of the news.

“Now our team and partners encrypt many companies that are trading on NASDAQ and other stock exchanges,” DarkSide explains. “If the company refuses to pay, we are ready to provide information before the publication, so that it would be possible to earn in the reduction price of shares. Write to us in ‘Contact Us’ and we will provide you with detailed information.”

DarkSide also started recruiting new affiliates again last month — mainly seeking network penetration testers who can help turn a single compromised computer into a full-on data breach and ransomware incident.

“We have grown significantly in terms of the client base and in comparison to other projects (judging by the analysis of publicly available information), so we are ready to grow our team and a number of our affiliates in two fields,” DarkSide explained.

…DarkSide has shown itself to be fairly ruthless with victim companies that have deep pockets, but they can be reasoned with. Cybersecurity intelligence firm Intel 471 observed a negotiation between the DarkSide crew and a $15bn US victim company that was hit with a $30m ransom demand in January 2021, and in this incident the victim’s efforts at negotiating a lower payment ultimately reduce the ransom demand by almost two-thirds.


unique link to this extract

Namecheap hosted 25%+ of fake UK govt phishing sites last year – NCSC report • The Register

Gareth Corfield:


Domains’n’hosting outfit Namecheap harboured more than a quarter of all known phishing sites that falsely posed as UK government web presences during 2020, according to the National Cyber Security Centre today.

This stat can be found in the centre’s fourth annual Active Cyber Defence report, which boasts how much digital filth it cleansed from the internet. These included 700,000 scam sites stretching across 1.4 million URLs, or so the NCSC tells us.

It also encountered the usual COVID-themed ones we’ve all become familiar with over the last year – fake copies of the NHS Test and Trace app laced with malware – plus sites impersonating Capita TV Licensing, the outsourced subscription sales arm of the BBC. Email scams were also popular, with 26,000 being shut down after netizens flooded the NCSC’s email reporting portal with complaints of four million suspicious messages.

…One area where the NCSC hopes to make an immediate and positive difference is by killing off scam texts that appear to be sent from alphanumeric names such as UK_Gov. These are possible by design; UK mobile networks support the use of alpha tags in place of phone numbers but until very recently, there wasn’t much in the way of security for those tags.

Alpha tag scamming is easy if you know how, as infosec bod Jake Davis showed The Register last year by sending SMSes appearing to be from the Irish government saying “it looks like you’ve got the old cheeky corona.” The NCSC is now beginning to crack down on and register British Government-themed tags (plus the telly tax agency, unusually) to prevent their reuse by scammers and ne’er-do-wells through a relatively new thing: the SMS SenderID Protection Registry.


“There wasn’t much in the way of security”. Just calamitous. Who sets up this sort of stuff without thinking of the potential for scams?
unique link to this extract

The oncoming ransomware storm • Stephen Diehl

Diehl is a software engineer based in London:


The scary part, is there is almost nothing that can be done from an information security standpoint. Software is not going to magically become more secure any faster, even the most capitalised companies in the United States aren’t able to stave off the new generation of software exploits that are dropping every other day. There are too many exploits in the wild and there’s no stopping a massive increase in discovery, especially when billions of dollars are stake for their immediate use in ransomware. Our entire field is bad at what we do and if you rely on us to fix this, we’re doomed.

This battle cannot and will not be won on the technology side alone. The tech industry can’t solve this. It requires legislation and intervention in the financial system at only the level nation states can act.

Cryptocurrency is the channel by which all the illicit funds in this epidemic flow. And it is the one channel that the US government has complete power to reign in and regulate. The free flow of money from US banks to cryptocurrency exchanges is the root cause and needs to halt. Cryptocurrencies are almost entirely used for illicit activity and investment frauds, and on the whole have no upside for society at large while also having unbounded downside and massive negative externalities.

I fear we are at a critical point where there is not much time left before this new cyberpandemic reaches critical mass. And that looks like a very scary future indeed. I imagine some very dark things become part of the public discourse.

Imagine a hundred new Stuxnet-level exploits every day, for every piece of a equipment in public works and health care. Where every day your check your phone for the level of ransomware in the wild just like you do the weather. Entire cities randomly have their metro systems, water, power grids and internet shut off and on like a sudden onset of bad cybersecurity “weather”.


Possibly a bit hyperbolic, but it’s always worth considering the worst-case scenario. I’m not that sure the US government can actually stop bitcoin transactions. Even if US banks don’t allow it, there are plenty of other countries that would. He’s right that cryptocurrency is the real critical point here.
unique link to this extract

Twitter was Trump’s megaphone. His new blog isn’t as powerful • CNBC

Brandy Zadrozny:


Trump’s new blog has attracted a little over 212,000 engagements, defined as backlinks and social interactions — including likes, shares and comments — received across Facebook, Twitter, Pinterest and Reddit. Before the ban, a single Trump tweet was typically liked and retweeted hundreds of thousands of times.

The blog posts come in the form of statements that are also sent to supporters via email. In the multiple daily notes, Trump has attacked his political enemies and endorsed faithful supporters, continued to push false claims and conspiracy theories, and opined on news of the day.

Trump’s bans cost him the ability to communicate with millions of people: 88 million followers on Twitter, 32 million on Facebook, and 24 million on Instagram. Trump had just around 3 million YouTube subscribers, but his videos regularly racked up millions of views.

A CNBC analysis of Trump’s tweets in January found his most-liked tweets spread disinformation. But the conspiracy theories and name-calling that the former president has spread via his blog don’t seem to move the way they did when Trump benefited from the dual platforms of the White House and traditional social media. Trump has called his statements a “more elegant” alternative to tweeting, telling Newsmax’s Greg Kelly in March, “I like this better than Twitter. Actually they did us a favor.”


Less of a megaphone, more of a kazoo. Stick a fork in it: he’s done.
unique link to this extract

I posted an AirTag and tracked its progress; here’s what happened • The Mac Security Blog

Kirk McElhearn:


I live near Stratford-upon-Avon, in the UK, and I sent the AirTag to a friend south of London. I mailed this AirTag on Friday afternoon, and, with first-class postage, I expected the envelope to be delivered the next day.

The AirTag weighs a mere 11g, so I put one taped to a card, then in a small bubble envelope for protection. I dropped it in the postbox in my village, just down the road from my home. I made sure to open the Find My app on my iPhone when I was next to the postbox; it showed the correct location.

Post is picked up around 5 pm, and a bit later than that, I checked the Find My app on my iPad. At 5:28, I found that my AirTag had reached the local sorting station.

This means that someone, either the postal worker who picked up the post and delivered it to the sorting station, or another employee at the sorting station, had an iPhone which spotted the AirTag. Apple touts their network of nearly a billion devices capable of spotting AirTags, and if there are that many, it should be easy to track this envelope across the country.

It didn’t take long for my AirTag to start its journey. At 5:49, it had started moving, going into Stratford-upon-Avon, presumably to be loaded on to a truck to go to the next location. At around 6:40, it had left the town, heading north.

…I don’t know if any of the truck drivers carrying the mail had iPhones. Even if they didn’t, it’s possible that if someone in a car driving next to the truck has an iPhone, then it would be spotted. Since AirTags use Bluetooth 5, the range is around 100m, but that depends on such things as interference, walls, and other obstacles, and testing would need to be done to find how efficient they are in motion.


Terrific idea, though the reality is a little disappointing: he tracked it. Concept proven. Next step is to try an international posting, I guess. (I’ve translated this from the American: McElhearn calls it “mail” and thinks it was collected by a “mailman”. Women can and do perform the job, Kirk.)
unique link to this extract

Apple brass discussed disclosing 128-million iPhone hack, then decided not to • Ars Technica

Dan Goodin:


In September 2015, Apple managers had a dilemma on their hands: should, or should they not notify 128 million iPhone users of what remains the worst mass iOS compromise on record? Ultimately, all evidence shows, they chose to keep quiet.

The mass hack first came to light when researchers uncovered 40 malicious App Store apps, a number that mushroomed to 4,000 as more researchers poked around. The apps contained code that made iPhones and iPads part of a botnet that stole potentially sensitive user information.

An email entered into court this week in Epic Games’ lawsuit against Apple shows that, on the afternoon of September 21, 2015, Apple managers had uncovered 2,500 malicious apps that had been downloaded a total of 203 million times by 128 million users, 18 million of whom were in the US.

“Joz, Tom and Christine—due to the large number of customers potentially affected, do we want to send an email to all of them?” App Store VP Matthew Fischer wrote, referring to Apple Senior Vice President of Worldwide Marketing Greg Joswiak and Apple PR people Tom Neumayr and Christine Monaghan.


This was the XcodeGhost hack, where a man-in-the-middle app that posed as a “better Xcode” to developers, mostly in China injected malicious code into apps compiled with it. (Quite an ambitious project in its own right.) There was also a “Jekyll and Hyde” app in 2013 which, foreshadowing Epic’s method, sneaked past App Store review and then became malicious through remote command.
unique link to this extract

Anti-maskers ready to start masking—to protect themselves from the vaccinated • Vice

Mack Lamoureux:


The conspiracy—which comes in several shapes and sizes—more or less says the vaccinated will “shed” certain proteins onto the unvaccinated who will then suffer adverse effects. The main worry is the “shedding” will cause irregular menstruation, infertility, and miscarriages. The entirely baseless idea is a key cog in a larger conspiracy that COVID-19 was a ploy to depopulate the world, and the vaccine is what will cull the masses. 

Experts say the conspiracy is born from a fundamental misunderstanding of how vaccines work. It has been widely debunked and you can read about it here, here, and here, among other places.  

Anti-vax influencers are instructing their fellow anti-vaxxers as well as anti-maskers (at this point the two communities overlap to a huge degree) that one of the best ways to defend themselves from this blight is to co-opt…social distancing, the very strategy they have long decried. 

Sherri Tenpenny, an anti-vaxxer who was found to be key in spreading COVID-19 conspiracy theories, suggested on a recent anti-vax livestream that you may have to “stay away from somebody who’s had these shots…forever.” 


Oh, really? Suits me fine.
unique link to this extract

Hey you! Preorder Social Warming, my forthcoming book.

Errata, corrigenda and ai no corrida: none notified

Start Up No.1546: the ransomed pipeline, Apple hires ex-Facebook ad manager, Windows 10X is nixed, US ISPs astroturfing exposed, and more

You might think you’re good at Tetris – but how about playing a version which makes each move the hardest it can? CC-licensed photo by Sally Mahoney on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 10 links for you. An L-shape for an S-shaped space. I’m @charlesarthur on Twitter. Observations and links welcome.

Hackers who shut down pipeline: we don’t want to cause “problems for society” • Ars Technica

Jim Salter:


On Friday, Colonial Pipeline took many of its systems offline in the wake of a ransomware attack. With systems offline to contain the threat, the company’s pipeline system is inoperative. The system delivers approximately 45% of the East Coast’s petroleum products, including gasoline, diesel fuel, and jet fuel.

…Colonial Pipeline has not publicly said what was demanded of it or how the demand was made. Meanwhile, the hackers have issued a statement saying that they’re just in it for the money.

Colonial Pipeline issued a statement Sunday saying that the US Department of Energy is leading the US federal government response to the attack. “[L]eading, third-party cybersecurity experts” engaged by Colonial Pipeline itself are also on the case. The company’s four main pipelines are still down, but it has begun restoring service to smaller lateral lines between terminals and delivery points as it determines how to safely restart its systems and restore full functionality.

…London-based security firm Digital Shadows said in September that DarkSide [the Eastern European group behind the attack] operates like a business and described its business model as “RaaC”—meaning Ransomware-as-a-Corporation.

…DarkSide claims to avoid targets in medical, education, nonprofit, or governmental sectors—and claims that it only attacks “companies that can pay the requested amount” after “carefully analyz[ing] accountancy” and determining a ransom amount based on a company’s net income. Digital Shadows believes these claims largely translate to “we looked you up on ZoomInfo first.”


Of course Darkside is going to express regret – they got noticed, and for such people that’s the worst possible situation. They don’t want federal agencies really digging into how they cash out (through dodgy bitcoin exchanges) and potentially putting a stop to it.
unique link to this extract

HATETRIS @ Things Of Interest


Play Hate Tetris.

This is bad Tetris. It’s hateful Tetris. It’s Tetris according to the evil AI from “I Have No Mouth And I Must Scream”.


There’s no “gravity” – you have to use the keyboard (it works) to make the piece come down – but it is guaranteed to frustrate you, because it has an AI which picks the next piece that appears:


The method by which the AI selects the worst possible piece is extremely simple to describe (test all possible locations of all possible pieces, see which of the pieces’ best-case scenarios is the worst, then spawn that worst piece), but quite time-consuming to execute, so please forgive me if your browser chugs a little after locking each piece. If you can figure out a way to accelerate the algorithm without diminishing its hate-filled efficiency, do let me know. The algorithm for “weighing” possibilities is to simply maximise the highest point of the “tower” after the piece is landed.


Yup. It’s hateful, horrible, it’ll ruin your day, and it’s just as addictive as the “real” thing.
unique link to this extract

Apple robbed the mob’s bank • Mobile Dev Memo

Eric Seufert:


With ATT [App Tracking Transparency, Apple’s anti-tracking option], Apple has robbed the mob’s bank. In bolstering its ads business while severely handicapping other advertising platforms — but especially Facebook — with the introduction of a privacy policy that effectively breaks the mechanic that those platforms use to target ads, Apple has taken money from a party that is so unsympathetic that it can’t appeal to a greater authority for redress. Apple has brazenly, in broad daylight, stormed into the Bank of Facebook, looted its most precious resource, and, camouflaged under the noble cause of giving privacy controls to the consumer, fled the scene.

And Facebook is left with little recourse. The company attempted to sway consumer sentiment to its side through an enormously wide-reaching PR campaign, but its efforts there were hobbled by the narrow messaging that was available to it. Facebook couldn’t explain in detail why ATT will harm consumers because, in doing so, it would need to reveal just how it personalizes ads — through observing conversions on third-party websites and apps. So Facebook was restricted to a fairly weak PR strategy, which was to highlight that small businesses would be harmed by ATT. This is true, of course, but it doesn’t invigorate a deep well of compassion from consumers. Does anyone want to acknowledge that their local florist or butcher is personalizing ads to them? Meanwhile, Apple simply had to mention “privacy” whenever objections to ATT were raised and mainstream media outlets rushed to defend it.

Apple’s exploitation of leverage in this situation has been breathtaking. It’s important to note here that ATT allows users to opt out of “tracking”, which is a peculiar term that is defined in a very specific way.


The specific thing about it is that Apple defines it in a way that doesn’t include the, err… tracing? that it does which allows it to serve targeted ads.

Related: Apple has hired Antonio García Martinez, formerly Facebook ads product manager who essentially got its targeted ad system to work.
unique link to this extract

New York Attorney General declares top ISPs committed net neutrality fraud • ZDNet

Steven J. Vaughan-Nichols:


When then-President Donald Trump’s Federal Communications Commission (FCC) tried to destroy net neutrality in 2017, everyone knew that millions of comments in favor of breaking net neutrality were bogus. 

As then-New York Attorney General Eric Schneiderman said at the time, two million net neutrality comments were fake. Schneiderman said: “Moving forward with this vote would make a mockery of our public comment process and reward those who perpetrated this fraud to advance their own hidden agenda.” Schneiderman was wrong. 

His successor, Letitia James, found after a multi-year investigation that there had been “18 million fake comments with the FCC,” including over 500,000 fake letters sent to Congress in support of the repeal.

Behind this vast majority of this astroturfing campaign was Broadband for America, a marketing group funded by the country’s top ISPs. In classic 1984 doublespeak, it claims to be in favor of net neutrality while, in reality, being a group of its greatest enemies. Its members include AT&T, CenturyLink, Charter, CTIA – The Wireless Association, Comcast, Cox, NCTA – The Internet & Television Association, Telecommunications Industry Association (TIA), and USTelecom-The Broadband Association.

James reported: “After a multi-year investigation, we found the nation’s largest broadband companies funded a secret campaign to influence the FCC’s repeal of net neutrality rules – resulting in millions of fake public comments impersonating Americans. These illegal schemes are unacceptable.”

Altogether, 80% of all public FCC comments filed on its net-neutrality proposal four years ago came from the scammers. There was never, as Ajit Pai, then-FCC chairman and a former Verizon attorney claimed at the time, any mass support for destroying net neutrality.


The ISPs paid marketing companies $4.2m to spam; those companies have been fined but “don’t have to admit wrongdoing”. The classic American failure to get justice. Though of course Ajit Pai, the most useless idiot, was happy to believe those comments were real, because it suited him.
unique link to this extract

Amazon and Apple built vast wireless networks using your devices. Here’s how they work • WSJ

Christopher Mims:


Apple and Amazon are transforming the devices we own into the equivalent of little cell towers or portable Wi-Fi hot spots that can connect other gadgets and sensors to the internet. They have already switched on hundreds of millions—with many more on the way. Instead of serving as wireless hubs solely for your own smartwatches, lights and sensors, your iPhones and Echo speakers can help other people’s gadgets stay connected as well—whether you know it or not.

On Friday, Amazon announced it’s expanding its Sidewalk network, which already includes certain Ring Floodlight Cam and Spotlight models, to include Echo devices released in 2018 and after. This includes Echo speakers and Echo Dots, as well as all Echo Show, Echo Plus and Echo Spot devices. It will also use recent Ring Video Doorbell Pro models to communicate on the Sidewalk network via Bluetooth. Sidewalk was designed to allow smart devices to send very small bits of data securely from any available wireless connection, to supplement Wi-Fi networks and reduce wireless communication breakdowns.

This announcement comes on the heels of Apple’s AirTag introduction. These coin-size trackers can help locate lost items almost anywhere, because they use the company’s Find My network. Each AirTag sends out a low-powered wireless signal, which can be received by the iPhones, iPads and Macs in a given area.

Yes, perfect strangers are using slivers of our bandwidth, as our devices send out and listen to little chirrups of radio chatter that don’t pertain to us. And you’re now able to leverage the radios and internet connection of countless devices owned by other people, too.

Users can opt out of these systems, but the tech giants are betting that for the most part we won’t, because of the benefits that these new networks will provide—from finding our lost possessions, pets and loved ones to remotely controlling our smart locks, security systems and lights.

“What we’re seeing now is the battle of the mesh networks,” says Ben Wood, chief analyst at CCS Insight, a tech industry consultancy. “The use cases of these networks are limited only by customers’ imaginations.”


I’ll be honest, I still can’t think of anything to do with an Airtag. Maybe get two, and label one “Memory” and the other “Sense of humour”? Meanwhile, just after this article was written Amazon announced partnerships with Tile – the tagging company which is deeply annoyed with Apple – and Level, which makes smart locks.

Who’s missing from this lineup? Google, of course. Question: why?
unique link to this extract

Tesla’s Autopilot may not have been available at the time of the ‘driverless’ Texas crash • The Verge

Andrew Hawkins:


Using Autopilot requires both the Traffic-Aware Cruise Control (Tesla’s brand name for its adaptive cruise control function) and Autosteer (which assists in lane departure and centering) to work. According to NTSB, Traffic-Aware Cruise Control could be engaged [on the road leading to the crash] but not Autosteer.

Tesla claims that its own data suggests local officials were mistaken when they reported that the car crashed without someone in the driver’s seat. The company’s executives have stated that the steering wheel was “deformed” and the seatbelts were buckled, leading them to conclude that someone was behind the wheel.

There was some limited data recovered from the crash. NTSB said the fire destroyed the onboard storage device located in the vehicle’s infotainment console. The restraint control module, which records data associated with vehicle speed, belt status, acceleration, and airbag deployment, was recovered but was also damaged by the fire.

The board likely will not issue its final report on the crash this year. By comparison, the NTSB’s investigation into a California man’s death while using Autopilot in his Tesla Model X took two years to complete.

The crash took place on Saturday, April 17th, in Spring, Texas. According to KHOU in Houston, investigators at the scene were “100% certain” that no one was in the driver’s seat at the time of the crash. Minutes before the crash, the wives of the men were said to overhear them talking about the Autopilot feature of the vehicle, which was a 2019 Tesla Model S. The two victims were identified as Everette Talbot, 69, and William Varner, 59, a prominent local anaesthesiologist.


I had assumed that the men who died would be in their 20s – that it was some sort of overconfident drunken kid thing. Instead it looks more like an overconfident drunken boomer thing.
unique link to this extract

Microsoft shelves Windows 10X – not shipping in 2021 • Petri

Brad Sams:


Back in the fall of 2019, Microsoft held a Surface event that will likely go down in history as one of the most ambitious announcements from the company. At the keynote, Microsoft unveiled three new products that were not only completely new for the company but also pushed them in a bold new direction.

The Surface Duo, Surface Neo, and Windows 10X grabbed all the headlines; Microsoft was shoved into the limelight with a folding phone, a folding PC, and a new OS. But as time moved forward, the reality of these ambitious projects turned sour.

Of the three projects, the Surface Duo did arrive in all of its Android glory. Running a Google-created OS, the Surface Duo delivered on its promise to create a foldable device made of the same premium-lineage of the Surface brand but the highlights were short-lived.

Not long after shipping, Microsoft stopped promoting the device, updates were slow to arrive, and the future of significant software updates (moving to newer versions of Android) is unknown.

But the Surface Neo was met with a different fate. The device that was going to run Microsoft’s new 10X operating system was delayed and the OS was pushed down a different path. Instead of initially be designed for dual-screened devices, Microsoft would develop 10X for single-screened experiences first and that was the end of the Surface Neo shipping anytime soon.

As we head into the spring of 2021, the plans are changing again for the OS. According to people familiar with the company’s plans, Microsoft will not be shipping Windows 10X this year and the OS as you know it today, will likely never arrive. The company has shifted resources to Windows 10 and 10X is on the back burner, for now.

…The reality is that if Microsoft is going to invest heavily in a modern version of Windows 10, it should be to run Windows 10 on ARM.


Also worth reading: Extremetech’s Joel Hruska on why a lightweight Windows is a no-go and is why Apple almost surely will never “united” macOS and iOS.
unique link to this extract

Chinese TV maker Skyworth under fire for excessive data collection that users call spying • South China Morning Post

Xinmei Shen:


Chinese television maker Skyworth has issued an apology after a consumer found that his set was quietly collecting a wide range of private data and sending it to a Beijing-based analytics company without his consent.

A network traffic analysis revealed that a Skyworth smart TV scanned for other devices connected to the same local network every 10 minutes and gathered data that included device names, IP addresses, network latency and even the names of other Wi-Fi networks within range, according to a post last week on the Chinese developer forum V2EX.

The data was sent to the Beijing-based firm Gozen Data, the forum user said. Gozen is a data analytics company that specialises in targeted advertising on smart TVs, and it calls itself China‘s first “home marketing company empowered by big data centred on family data”.

…The Shenzhen-based TV and set-top box maker issued a statement on April 27, saying it had ended its “cooperation” with Gozen and demanded the firm delete all its “illegally” collected data. Skyworth also said it had stopped using the Gozen app on its televisions and was looking into the issue.

Gozen issued a statement on its website on the same day, saying its Gozen Data Android app could be disabled on Skyworth TVs, but it did not address the likelihood that users would be aware of this functionality. The company also apologised for “causing user concerns about privacy and security”.


However, the two companies had been working together since 2014, so there might be a little bit of data here and there which has already been swallowed into some huge maw.
unique link to this extract

Ohio lawmaker was driving while attending a government meeting via Zoom • Columbus Dispatch

Laura Bischoff:


On the same day a distracted driving bill was introduced, state Sen. Andrew Brenner, R-Delaware, participated in a government video meeting while driving.

“I wasn’t distracted. I was paying attention to the driving and listening to it (the meeting,)” Brenner said. “I had two meetings that were back to back that were in separate locations. And I’ve actually been on other calls, numerous calls, while driving. Phone calls for the most part but on video calls, I’m not paying attention to the video. To me, it’s like a phone call.”

He added that he was parked during most of the video meeting of the Ohio Controlling Board. “I was wearing a seat belt and paying attention to the road.”

House Bill 283, introduced Monday, calls for a ban on writing, sending or reading texts, viewing videos or taking photos, live streaming and using applications while driving.

It would also make holding or using an electronic device while driving a primary offense, which would permit police to pull the driver over. Currently, texting while driving is a secondary offense for drivers over 18, which means police must witness another moving violation before pulling the driver over.


The video clip shows him looking left and right, clearly about to pull out from a junction – not “parked”. But he didn’t have the honesty to not use a fake background. For reference if you ever need to define “hypocrisy”. And we now have this week’s “things not to do on Zoom”, to go with …that, and “getting out of the bath”.
unique link to this extract

Trump abused the system. Facebook created it • WIRED

Virginia Heffernan:


About the American president as author of the posts, the [Facebook Oversight Board] statement says, “As president, Mr. Trump had a high level of influence. The reach of his posts was large, with 35 million followers on Facebook and 24 million on Instagram.” The board went on: “It is not always useful to draw a firm distinction between political leaders and other influential users, recognizing that other users with large audiences can also contribute to serious risks of harm.”

Though put in a matter-of-fact way, this point was the one surprise—even shock—in the oversight board’s statement. To Facebook, the American president is clearly not a public servant or even a commander-in-chief. He’s an influencer. And he gets his power not from the people but from Facebook and its business model of influencers and followers.

Power established on Facebook is not “legitimate” in sociological terms; it’s not power, like that of a schoolteacher or elected official, that’s regarded as just and appropriate by those over whom it is exercised. Far from it. “Influence” on Facebook is based on nothing but a (cheatable) point system in Facebook’s highly stylized massively multiplayer role-playing game. But that does not get mentioned by anyone on this committee, which has been blinded, in the McLuhan sense, to the game’s contrivances. Influence on Facebook is closer to influence in World of Warcraft than it is to legitimate power. But instead of calling out Facebook for creating a system that confers unregulated and dangerous “influence” on people, they speak of the abuse of that system by a designated bad actor.

Shoshana Zuboff, a professor at the Harvard Business School and a member of something called the Real Facebook Oversight Board, which was formed by Facebook skeptics determined to oversee the overseers the corporation had appointed, says that over two decades, internet-users have turned over responsibility for the common good to a “for-profit surveillance society”—the big tech companies. It’s Facebook’s business model and no one bad actor who put Facebook on what Zuboff calls “a collision course with democracy.”


Meta-note: there is a lot of good content on Wired. It’s got a lot of sharp takes on social impacts of technology.
unique link to this extract

You got this far – why not preorder Social Warming, coming out next month.

Errata, corrigenda and ai no corrida: none notified

Start Up No.1545: Covid vs climate change, China used iPhone contest hack against Uyghurs, Clubhouse hits Android, and more

Is it real or fake? What look like satellite photos could turn out to be deepfakes. CC-licensed photo by pinboke_planet on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 10 links for you. Warming up. I’m @charlesarthur on Twitter. Observations and links welcome.

What does Covid teach us about climate change? • Tim Harford


Climate change because of greenhouse gas emissions is well under way, but at a speed measured in decades. As a result, it is almost impossible to cover climate change as a pure news story. Instead, we journalists write about parallel matters, such as the convening of global conferences or the publishing of portentous reports. The true story is enormous but never quite news.

Activists now use the phrase “climate emergency” in an effort to prompt a sense of urgency. I sympathise: we have delayed obvious policy responses such as carbon pricing for a quarter of a century, and every further delay makes the problem graver. But such delays will always be tempting.

For those of us concerned about a lack of action on the environment, this discouraging reality is a function of the very word “news”. It is not easy to cover something that happens in extreme slow motion, whether it is an existential threat such as climate change or an inspiring success story such as the availability of vaccines for childhood diseases.

Greta Thunberg complained to the Financial Times last week that “the climate crisis has never once been treated as a crisis”. She is right about that, and it never will be. We will never have a daily afternoon news conference in which the prime minister explains to the nation how the climate has changed over the past 24 hours.

That, then, is the disheartening difference between climate change and Covid-19. Now for the equally disheartening similarity: both are amenable to disinformation, polarisation and wishful thinking.


Don’t despair, though; he does have some good news.
unique link to this extract

Why did it take so long to accept the facts about Covid’s spread? • The New York Times

Zeynep Tufekci:


Linsey Marr, a professor of engineering at Virginia Tech who made important contributions to our understanding of airborne virus transmission before the pandemic, pointed to two key scientific errors — rooted in a lot of history — that explain the resistance, and also opened a fascinating sociological window into how science can get it wrong and why.

First, Dr. Marr said, the upper limit for particles to be able to float is actually 100 microns, not five microns, as generally thought. The incorrect five-micron claim may have come about because earlier scientists conflated the size at which respiratory particles could reach the lower respiratory tract (important for studying tuberculosis) with the size at which they remain suspended in the air.

Dr. Marr said that if you inhale a particle from the air, it’s an aerosol. She agreed that droplet transmission by a larger respiratory particle is possible, if it lands on the eye, for example, but biomechanically, she said, nasal transmission faces obstacles, since nostrils point downward and the physics of particles that large makes it difficult for them to move up the nose. And in lab measurements, people emit far more of the easier-to-inhale aerosols than the droplets, she said, and even the smallest particles can be virus laden, sometimes more so than the larger ones, seemingly because of how and where they are produced in the respiratory tract.

Second, she said, proximity is conducive to transmission of aerosols as well because aerosols are more concentrated near the person emitting them. In a twist of history, modern scientists have been acting like those who equated stinky air with disease [the 19th century miasma theory], by equating close contact, a measure of distance, only with the larger droplets, a mechanism of transmission, without examination.


Tufekci’s questions revolve around why the CDC and WHO, and those who took their guidance from them, were so slow (and remain so) to adjust their world view. I suspect that Michael Lewis’s new book Premonition (now published), which looks at those who realised how bad the problem could get well before others, will point this out: Lewis thinks the CDC simply isn’t set up to do what it seems to, which is to control disease.
unique link to this extract

$100 as incentive to get a shot? Experiment suggests it can pay off • The New York Times

Lynn Vavrek:


Reassuring public service announcements about the vaccine’s safety and effectiveness have proliferated. But increasingly, people are realizing that it will take more than just information to sway the hesitant.

In recent randomized survey experiments by the UCLA Covid-19 Health and Politics Project, two seemingly strong incentives have emerged.

Roughly a third of the unvaccinated population said a cash payment would make them more likely to get a shot. This suggests that some governors may be on the right track; West Virginia’s governor, Jim Justice, for example, recently announced the state would give young people $100 bonds if they got an inoculation.

Similarly large increases in willingness to take vaccines emerged for those who were asked about getting a vaccine if doing so meant they wouldn’t need to wear a mask or social-distance in public, compared with a group that was told it would still have to do those things.

The UCLA project, which is still going on, has interviewed more than 75,000 people over the last 10 months.


That’s a big group, so this feels like a robust result. Money turns out to be the most persuasive solution, apparently. Which is understandable – you get the benefit of the vaccine as well, after all. Another point: the gigantic leap in willingness suggests there isn’t really a deep rooted fear of the vaccines. If $100 convinces you (and smaller amounts did too, just fewer people) then you clearly don’t have a principled position.
unique link to this extract

“The internals of Apple’s App Review testing” • Thread Reader App

Steve Troughton-Smith is a very experienced Mac (and iOS, I think) developer, and has dug down into the emails and presentations from the Apple-Epic trial to pull out lots of relevant data. For instance: there are more than 900 rules used for app rejection, when apps are rejected the two most common reasons are “information needed” and “exhibit(s) bugs” (making 24% of rejections), watchOS has just 17,551 apps, tvOS has 10,009.

And consider this: two-thirds of new apps submitted to the App Store are rejected. (For updates, it’s about a quarter.)

There’s tons more. It’s a long thread (collated here off Twitter). But worthwhile.
unique link to this extract

Clubhouse launches Android app as downloads plummet • Reuters


Live audio app Clubhouse will begin introducing a test version of its app to Google’s Android users in the United States on Sunday, the company said, in a potentially big expansion of its market.

The app, which spiked in popularity early this year after celebrity billionaire Elon Musk and others appeared in audio chats, has sparked copy cats from startups and larger rivals including Facebook and Twitter.

It has been available only to users of Apple devices and by invitation. In some markets such as China, invitations were so sought after some were auctioned on online marketplaces.

But downloads of the app, one measure of popularity, have significantly fallen.

After peaking in February with 9.6 million downloads, that number fell to 2.7 million in March and then 900,000 downloads in April, according to Sensor Tower.

The drop has sparked questions about its long term viability and whether its success was owed in part to people spending more time at home during the pandemic.


That 10-to-1 collapse in downloads suggests to me at least that Clubhouse isn’t going to thrive. If a growing userbase doesn’t lead to a growing number of would-be users, your troubles are just beginning. As people emerge from lockdowns, as everything returns to some semblance of normality, we’ll find out just where not-a-podcast stuff fits in to our lives. Meanwhile, the people at Clubhouse are very positive about everything. Naturally. To me, though, it feels like the wave has passed.
unique link to this extract

How China turned a prize-winning iPhone hack against the Uyghurs • MIT Technology Review

Patrick Howell O’Neill:


In an unexpected statement [in 2017], the billionaire founder and CEO of the Chinese cybersecurity giant Qihoo 360—one of the most important technology firms in China—publicly criticized Chinese citizens who went overseas to take part in hacking competitions [such as Pwn2own].

In an interview with the Chinese news site Sina, Zhou Hongyi said that performing well in such events represented merely an “imaginary” success. Zhou warned that once Chinese hackers show off vulnerabilities at overseas competitions, they can “no longer be used.” Instead, he argued, the hackers and their knowledge should “stay in China” so that they could recognize the true importance and “strategic value” of the software vulnerabilities. 

Beijing agreed. Soon, the Chinese government banned cybersecurity researchers from attending overseas hacking competitions. Just months later, a new competition popped up inside China to take the place of the international contests. The Tianfu Cup, as it was called, offered prizes that added up to over a million dollars. 

The inaugural event was held in November 2018. The $200,000 top prize went to Qihoo 360 researcher Qixun Zhao, who showed off a remarkable chain of exploits that allowed him to easily and reliably take control of even the newest and most up-to-date iPhones. From a starting point within the Safari web browser, he found a weakness in the core of the iPhones operating system, its kernel. The result? A remote attacker could take over any iPhone that visited a web page containing Qixun’s malicious code. It’s the kind of hack that can potentially be sold for millions of dollars on the open market to give criminals or governments the ability to spy on large numbers of people. Qixun named it “Chaos.”

Two months later, in January 2019, Apple issued an update that fixed the flaw. There was little fanfare—just a quick note of thanks to those who discovered it.

But in August of that year, Google published an extraordinary analysis into a hacking campaign it said was “exploiting iPhones en masse.” Researchers dissected five distinct exploit chains they’d spotted “in the wild.” These included the exploit that won Qixun the top prize at Tianfu, which they said had also been discovered by an unnamed “attacker.” 


The attacks were against phones used by Uyghurs (or those in close contact with them), and happened between November 2018 and January 2019. Nationalist hacking. It’s quite a reminder of how China treats its own citizens (hackers and Uyghurs) and views the outside world. (Thanks Chris R for the link.)
unique link to this extract

Apple IOS 14.5 privacy changes spark low opt-in rates, falling ad prices • Business Insider

Lara O’Reilly:


About 96% of iOS 14.5 users in the US who have been presented with the privacy pop-ups opted out of ad tracking, according to the mobile-analytics service Flurry’s daily tracker on May 7. Worldwide, that figure was a little lower, at 88%. Social apps have seen the lowest opt-in rates, with utilities, weather, and gaming apps having some of the highest, Ben Holmes, the senior vice president of performance and exchange at the mobile-ad firm AdColony, said during a panel on the Clubhouse app Thursday. (Some users’ settings prevent them from being served the pop-ups at all.)

It’s early days, but ad prices for iPhone users are also dropping, which could reflect a diminished trackable audience, though ad prices can often fluctuate over any given day or week. The location-focused adtech company Blis said the cost to reach 1,000 iOS 14.5 users — CPMs, in ad industry parlance — were 14% lower than the rates to reach users on the earlier version of iOS over the past week. Verve, a fellow location-focused mobile-ad platform, said CPMs [ad prices per thousand viewings] across all versions of iOS had fallen 3% on average between the App Tracking Transparency rollout and May 6.

That’s bad news for developers who monetize their apps through advertising. The mobile-game publisher Tilting Point told Digiday earlier this week it had a 30% drop in CPMs between users with the IDFA and those without.

One of the biggest frustrations advertisers have expressed around the changes is the hampering of their ability to analyze which of their ad campaigns are working. Apple’s privacy-focused measurement solution, SKAdNetwork, lacks many of the real-time reporting bells and whistles that sophisticated mobile marketers are used to.


So it’s beginning to have an effect. Does this mean people will have to spend more money advertising on Facebook in order to get the same effect? Or will they find some other technique? Or give up?
unique link to this extract

Google goes nuclear against Roku by adding YouTube TV to the main YouTube app • The Verge

Chris Welch:


A week after their broken-down negotiations spilled into the public, Google and Roku still haven’t been able to reach a deal to renew YouTube TV’s presence on the huge streaming platform. But Google has come up with something of a workaround in the meantime: it’s going to let people access YouTube TV directly from the main YouTube app.

YouTube users will start seeing a “Go to YouTube TV” option in the main YouTube app over the next few days. When they select that, they’ll then be switched over to the standard YouTube TV user experience. This option is coming to Roku devices first — where it’s currently most needed — but will also come to YouTube on other platforms as well.

In essence, Google has basically stuffed the YouTube TV app into YouTube itself, a solution that seems unlikely to make Roku very happy. Google says it’s “still working to come to an agreement with Roku to ensure continued access to YouTube TV for our mutual customers,” and it notes the YouTube TV app remains usable for those who already have it installed.

But in the event that things totally fall apart, Google says it’s “in discussions with other partners to secure free streaming devices in case YouTube TV members face any access issues on Roku.” A Google spokesperson told The Verge that this workaround is only for consumption of YouTube TV; customers cannot sign up for new subscriptions through the YouTube app at this time.

On Friday afternoon, Roku responded to Google’s latest move by calling the company “an unchecked monopolist.”


“…will also come to YouTube on other platforms as well” suggests that Google has been planning to do this for a while, since that isn’t a trivial effort (is it?). More important than whether it leaves Roku happy – though that does count – is whether it leaves customers happy. Also, Google’s missing out on those marginal signups.
unique link to this extract

A growing problem of ‘deepfake geography’: how AI falsifies satellite images • UW News

Kim Eckhart:


A fire in Central Park seems to appear as a smoke plume and a line of flames in a satellite image. Colorful lights on Diwali night in India, seen from space, seem to show widespread fireworks activity.

Both images exemplify what a new University of Washington-led study calls “location spoofing.” The photos — created by different people, for different purposes — are fake but look like genuine images of real places. And with the more sophisticated AI technologies available today, researchers warn that such “deepfake geography” could become a growing problem.

So, using satellite photos of three cities and drawing upon methods used to manipulate video and audio files, a team of researchers set out to identify new ways of detecting fake satellite photos, warn of the dangers of falsified geospatial data and call for a system of geographic fact-checking.

“This isn’t just Photoshopping things. It’s making data look uncannily realistic,” said Bo Zhao, assistant professor of geography at the UW and lead author of the study, published on April 21 in the journal Cartography and Geographic Information Science. “The techniques are already there. We’re just trying to expose the possibility of using the same techniques, and of the need to develop a coping strategy for it.”


After all, you can create fake humans and animals – why not faked locations?
unique link to this extract

The autonomous vehicle world is shrinking — it’s overdue • The Verge

Andrew Hawkins:


For years, Missy Cummings, director of the Humans and Autonomy Lab at Duke University, has been criticizing rosy predictions about our driverless future. She’s consistently warned that the technology is much further away and harder to get right than anyone in the industry cares to admit.

The recent trend in consolidation is vindication for her position, she says.

“It’s kind of like the elephant in the room,” she said of the shrinking of the AV world. “People will mention that and then they’ll stop themselves from making the Socratic connection to what this means about the viability of this industry.”

But Cummings doesn’t think people in the industry will be able to ignore the truth for much longer. “There is an embarrassingly large sum of money that’s been invested in this, so people feel like they have to keep going down that path because surely all these people who invested all this money can’t be wrong,” she says. “Not everyone is delusional,” she added. “Just most people in this business.”

That said, Toyota and Aurora weren’t delusional when they decided to buy the automated driving teams at Lyft and Uber, respectively. They likely saw the value in the code produced by those teams, as well as the talent accrued by the ride-hailing companies over the years. When you can’t hire the people you’d like to staff your own projects, then you have to acquihire them, the distinctive Silicon Valley practice of buying a smaller company for the express purpose of acquiring their team of software engineers. Also, Uber and Lyft were very motivated to sell as recently public companies under pressure to staunch the bleeding and become profitable.

…“The buying up of these companies represents companies being able to buy skill sets that they would not otherwise be able to recruit,” Cummings said. “And I think that’s very valuable.”


unique link to this extract

Errata, corrigenda and ai no corrida: none notified

No getting away from the plugs: preorder Social Warming, my forthcoming book.

Start Up No.1544: do AirTags really aid stalkers?, fixing Section 230, the heat pump hassle, Facebook blocks Signal ads, and more

A “tip jar” scheme is coming to Twitter – which feels like it could lead to some desperate behaviour. CC-licensed photo by MTSOfan on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 9 links for you. It’s behind you. I’m @charlesarthur on Twitter. Observations and links welcome.

It’s Friday! (Depending on location.) Shouldn’t you preorder Social Warming, my forthcoming book, just in case?

Introducing Tip Jar • Twitter Blog

Esther Crawford is Twitter’s senior product manager:


We $ee you – sharing your PayPal link after your Tweet goes viral, adding your $Cashtag to your profile so people can support your work, dropping your Venmo handle on your birthday or if you just need some extra help. You drive the conversation on Twitter and we want to make it easier for you to support each other beyond Follows, Retweets, and Likes. Today, we’re introducing Tip Jar – a new way for people to send and receive tips.

You’ll know an account’s Tip Jar is enabled if you see a Tip Jar icon next to the Follow button on their profile page. Tap the icon, and you’ll see a list of payment services or platforms that the account has enabled. Select whichever payment service or platform you prefer and you’ll be taken off Twitter to the selected app where you can show your support in the amount you choose. The services* you can add today include Bandcamp, Cash App, Patreon, PayPal and Venmo. Twitter takes no cut. On Android, tips can also be sent within Spaces.


Twitter is about to take a very weird turn, I think. Let’s call it the Era of Thirst.
unique link to this extract

Apple AirTags only partly stop stalking • The Washington Post

Geoffrey Fowler:


Clip a button-sized AirTag onto your keys, and it’ll help you find where you accidentally dropped them in the park. But if someone else slips an AirTag into your bag or car without your knowledge, it could also be used to covertly track everywhere you go. Along with helping you find lost items, AirTags are a new means of inexpensive, effective stalking.

I know because I tested AirTags by letting a Washington Post colleague pretend to stalk me. And Apple’s efforts to stop the misuse of its trackers just aren’t sufficient.

To discourage what it calls “unwanted tracking,” Apple built technology into AirTags to warn potential victims, including audible alarms and messages about suspicious AirTags that pop up on iPhones. To put Apple’s personal security protections to the test, my colleague Jonathan Baran paired an AirTag with his iPhone, slipped his tag in my backpack (with my permission), and then tracked me for a week from across San Francisco Bay.

I got multiple alerts: from the hidden AirTag and on my iPhone. But it wasn’t hard to find ways an abusive partner could circumvent Apple’s systems. To name one: The audible alarm only rang after three days — and then it turned out to be just 15 seconds of light chirping. And another: while an iPhone alerted me that an unknown AirTag was moving with me, similar warnings aren’t available for the roughly half of Americans who use Android phones.


The argument I hear is that this would enable stalking in “mixed” relationships where the stalky partner has an iPhone and the stalked person has an Android. Well, OK, though is that a common setup? It must be a fraction of a fraction. More to the point, would-be stalkers can just buy GPS tracking devices quite cheaply on Amazon (one readers suggests you try a search on “hidden GPS tracking device” – they’re cheaper than an AirTag). No worries about an iPhone-carrying stalking target being warned either.

So yes, AirTags *can* in theory be used to stalk people. But more effective ways already exist, and have done for a while. Meanwhile, AirTags owners: there’s a groovy hidden interface that’s more like a submarine sonar.
unique link to this extract

Everything you’ve heard about Section 230 is wrong • WIRED

Gilad Edelman:


it’s hard to prove Section 230 is the reason for the success of American social media giants. The internet was invented in the US, which gave its tech sector an enormous head start. America’s biggest tech successes include corporate titans whose core businesses don’t depend on user- generated content: Microsoft, Apple, Amazon. Tesla didn’t become the world’s most valuable car company because of Section 230.

Another response is that even if Facebook does owe its wild success to Section 230, perhaps that’s not a reason to pop champagne. The reason we’re talking about reforming tech laws in the first place is that “the internet as we know it” often seems optimized less for users than for the shareholders of the largest corporations. Section 230’s defenders may be right that without it, Facebook and Google would not be the world-devouring behemoths they are today. If the law had developed slowly, if they faced potential liability for user behavior, the impossibility of careful moderation at scale might have kept them from growing as quickly as they did and spreading as far. What would we have gotten in their place? Perhaps smaller, more differentiated platforms, an ecosystem in which more conversations took place within intentional communities rather than in a public square full of billions of people, many of them behaving like lunatics.

As I said, that’s an alternate timeline. From the vantage point of 2021, it’s probably too late to ditch Section 230 and let the courts figure it all out from scratch. Only Congress can scrape away the decades of judicial interpretations that have attached like barnacles to the original legislation. The question is how to change the law to address its worst side effects without placing internet companies under impossible legal burdens.

There are a number of ideas on the table, ranging in concreteness from op-eds to white papers to proposed, sometimes even bipartisan, legislation. And they vary according to what problem the authors are most interested in solving.


A better headline for this (long) article would be “How Section 230 can and should be changed to improve things”. Even if you already understand S230 (though most people don’t), it gives some thorough history. The suggestions for how to improve it, by paring away unneeded protections, are definitely worth reading. The catch: it’s subscriber-only, so you might need to see if it has been syndicated elsewhere. (Try a search on the headline.)
unique link to this extract

£10,000 to increase your energy bill: making the economics of heat pumps stack up • Institute for Global Change

Tim Lord:


perhaps the most important enabling technology for net zero in the UK is the humble heat pump – a box about one metre cubed on the side of our houses which has the potential to decarbonise our home heating.

While there are debates about the right way of decarbonising UK heating, there is no doubt that heat pumps will need to play a big role.  And the government has acknowledged that. We currently install heat pumps at a rate of around 30,000 per year.  The government’s target is to install 600,000 a year by 2028.  That figure is likely to need to rise to 1.5 million a year by 2035.

It’s hard to overstate the scale of ramp-up that’s required to hit those targets.

To illustrate: if you stood on Whitehall and faced north, a chain of all the heat pumps installed last year would stretch to the M25. 

By 2028, we’ll need that line of heat pumps to stretch to Edinburgh. By 2035, it would need to stretch all the way to John O’Groats… and back again.

To get that level of take-up, we need a proposition for consumers that is desirable. But at the moment, the basic consumer proposition is: pay £10,000 for a device which you don’t understand, and which will increase your energy bill.   And that’s if you can find an installer to fit it.

Addressing that problem is a multi-faceted issue, which I will return to in future. But there is one key element which has to work, and which we can do something about relatively quickly: the running costs need to be lower than for a gas boiler.


You may not have heard of the IGC (I hadn’t). Its full title is the Tony Blair Institute for Global Change. (No lowballing there.) I wonder what David Cameron’s and Theresa May’s institutes will aim to do.
unique link to this extract

The Instagram ads Facebook won’t show you • Signal Blog


Facebook’s own tools have the potential to divulge what is otherwise unseen. It’s already possible to catch fragments of these truths in the ads you’re shown; they are glimmers that reflect the world of a surveilling stranger who knows you. We wanted to use those same tools to directly highlight how most technology works. We wanted to buy some Instagram ads.

We created a multi-variant targeted ad designed to show you the personal data that Facebook collects about you and sells access to. The ad would simply display some of the information collected about the viewer which the advertising platform uses. Facebook was not into that idea.

Facebook is more than willing to sell visibility into people’s lives, unless it’s to tell people about how their data is being used. Being transparent about how ads use people’s data is apparently enough to get banned; in Facebook’s world, the only acceptable usage is to hide what you’re doing from your audience.


In its way, this is just like Apple blocking apps on the App Store from saying that Apple takes 30% of digital transactions, or advertising other places to subscribe. The only real crime in Silicon Valley is to reveal what’s behind the curtain.
unique link to this extract

Nick Clegg steers Facebook’s Trump decision • The New York Times

Adam Satariano and Cecilia Kang:


Inside Facebook, where Mr. Zuckerberg leans on a group of friends and early employees for counsel, Mr. Clegg earned the trust of his new boss. At the company’s headquarters, where proximity to Mr. Zuckerberg is power, Mr. Clegg’s desk was placed nearby. He orchestrated a trip through Europe with Mr. Zuckerberg, meeting with European Union leaders in Brussels and President Emmanuel Macron of France in Paris.

Since Mr. Clegg’s arrival, Facebook has shifted some of its policy positions. It now appears more accepting of regulation and higher taxes. He overcame reluctance from Mr. Zuckerberg and others in the company to ban political ads in the weeks before Election Day last year. And he was the main internal supporter for recently announced product changes that give users more control over what posts they see in their Facebook feeds.

“He has a track record of knowing what it’s like to work inside a cabinet that needs to make decisions quickly and move at the speed of a country, or in this case a platform,” said Chris Cox, Facebook’s chief product officer, who worked with Mr. Clegg on the user-control changes.

Critics say Mr. Clegg’s role is an attempt by Facebook to use a respected global political figure to soften its image. Despite pledges to accept new government regulation, the company continues to fight strong oversight, policymakers said. Others said changes made by Mr. Clegg did not address core problems with the company’s privacy-invading business model, which is optimized to keep people scrolling their Facebook feeds, amplifying divisive and inflammatory content and exaggerating political divisions in society.

“‘Are you sure you’re on the right side here?’ That is the question that will get thrown back at Clegg,” said Damian Collins, a Conservative member of the British Parliament who led an investigation of social media in politics. “He’s taken a lot of money to go work for a company that doesn’t meet the highest ethical standards.”

Nowhere has Mr. Clegg’s influence been felt more than in the creation of the oversight board, an idea that had been kicked around internally but gained momentum after he joined.


The profile notes, ever-so-cattily, that Clegg wouldn’t speak to the writers but did provide a list of people who’d give positive opinions of him. However: dislike him if you wish, but he’s evidently a very smart operator.
unique link to this extract

A simpler and safer future — without passwords • Google Blog

Mark Risher is Google’s director of product management, identity and user security:


One of the best ways to protect your account from a breached or bad password is by having a second form of verification in place – another way for your account to confirm it is really you logging in. Google has been doing this for years, ensuring that your Google Account is protected by multiple layers of verification.

Today we ask people who have enrolled in two-step verification (2SV) to confirm it’s really them with a simple tap via a Google prompt on their phone whenever they sign in. Soon we’ll start automatically enrolling users in 2SV if their accounts are appropriately configured. (You can check the status of your account in our Security Checkup). Using their mobile device to sign in gives people a safer and more secure authentication experience than passwords alone.

We are also building advanced security technologies into devices to make this multi-factor authentication seamless and even more secure than a password. For example, we’ve built our security keys directly into Android devices, and launched our Google Smart Lock app for iOS, so now people can use their phones as their secondary form of authentication. 


Essentially, this means not using passwords (or at least not relying solely on them) and obliging people to start using 2-factor authentication for logins.
unique link to this extract

The occasional terror and utter confusion of dating in the digital age • Vanity Fair

Nancy Jo Sales, in an extract from her forthcoming book “Nothing Personal: My Secret Life in the Dating App Inferno”:


I got my first dick pic from a Houston tech millionaire. He didn’t look much like a millionaire; he looked like the Dude from The Big Lebowski. He was sitting on the back patio of a Houston bar where I’d gone because somebody told me there would be tech millionaires there who liked to invest in movies. There were Lamborghinis and Ferraris parked out front—not really my scene, but if I was going to get a movie made, I was going to need some money, and I had heard that schmoozing rich guys was one way you could get it.

The tech dude was spread out on a piece of lawn furniture, drinking a cocktail and scratching his balls—foreshadowing, in a way, for the dick pic. Everybody was treating him like he was a king, although he was clearly high and quite greasy-looking. Somebody introduced me to him, and, after some pleasantries, I launched into a pitch for my film (then envisioned as a companion piece to my book American Girls: Social Media and the Secret Lives of Teenagers). I told him about the girls I’d been interviewing at the Miss Teen USA beauty pageant in Houston, and how they’d told me they had lost their self-esteem through cyberbullying and having their nudes shared nonconsensually online. And now, they said, they were seeking “empowerment” through being in this beauty pageant. I told him how complicated it all was and how it made me feel sad.

The tech dude sat back, listening with a slit-eyed expression, and said it all sounded very interesting, and how much did I think I would need to make this film?

“I don’t know,” I said, “maybe half a million?”

“How about a million?” he said. He gave me his number. I was elated.

I let about a week pass, which I thought was a good amount of time to wait to contact the tech dude again. He’d told me to text him when I got back to New York, and so, early one evening on a weekday, I texted him, reminding him of who I was and of our conversation.

“When would be a good time to call to talk?” I asked.

And he sent me a dick pic. With a text that said: “How about we talk about this?”


It seems to be worth pointing out that she’d done well not to be a recipient sooner than that. But why so many wayward wangs winging about? She examines that.
unique link to this extract

June 2019: How Apple’s app review process for the App Store works • CNBC

Kif Leswing, in April 2019:


People familiar with the matter told CNBC that an executive board led by Apple marketing Senior Vice President Phil Schiller meets every week to discuss controversial apps or other iPhone software programs that may infringe Apple’s App Store guidelines.

The “executive review board,” or ERB, sets policy for Apple’s Worldwide Developer Relations department, which is often called App Review. ERB is also the body that makes the final call on whether an app can stay on the store or is banned.

For example, last year, the ERB and Schiller made the decision to ban the Infowars app from the App Store for violating content policies after publishing threats to a reporter, a person familiar with the matter said.

Inside the app review team, Apple employees manually screen every single iPhone app before they become available to download on Apple’s platforms, the people said. Apple recently opened new App Review offices in Cork, Ireland, and Shanghai, China, according to a person familiar with the matter. The department has added significant headcount in recent years, they added.

Last month, Apple published a new webpage that explains the principles that govern the App Store as well as the most common reasons for rejection to show an increased level of transparency over previous years.

“We’re proud of the store we’ve built and the way we’ve built it,” Apple said on the page.


Mentioned because it was brought up in the Epic v Apple case this week. Seems relevant somehow.
unique link to this extract

Errata, corrigenda and ai no corrida: none notified

Start Up No.1543: Facebook Oversight indecision, Peleton recalls treadmills, Antarctic ice melt worsens, Dell security hole, and more

Don’t stick your head into a photon beam in a particle accelerator. One man did, and lived – but with strange aftereffects. CC-licensed photo by Oak Ridge National Laboratory on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 10 links for you. Don’t look now. I’m @charlesarthur on Twitter. Observations and links welcome.

Good riddance, Donald Trump? • The New York Times

Kara Swisher:


In general, I have considered the case of Mr. Trump to be much less complex than people seem to think. And it has been made to appear highly complicated by big tech companies like Facebook because they want to exhaust us all in a noisy and intractable debate.

Mr. Trump should be seen as an outlier — a lone, longtime rule breaker who was coddled and protected on social media platforms until he wandered into seditious territory. He’s an unrepentant gamer of Facebook’s badly enforced rules who will never change. He got away with it for years and spread myriad self-serving lies far and wide.

So why should Mr. Trump stop now?

One way to answer that would be to ask why so many Republicans believe the Big Lie that President Biden was not elected fairly. Or why do so many of the same people resist Covid-19 vaccinations?

It’s all because of the inexhaustible Trump digital army, which is both organized and scattered, and has been enabled by social media companies.

The Reddit chief executive Steve Huffman called the behavior of these pro-Trump forces “malicious compliance” — which means totally noncompliant — in an interview with me earlier this year. And that’s the reason he finally and correctly threw some Trumpets off his platform.

For a long time, Reddit was one of the most vehement defenders of any and all speech on tech platforms. That is, until it was clear that Reddit was being played for idiots by trolls.

And Facebook has been played, too.

Mr. Trump (and his acolytes) spent years crossing lines in the digital sand. He’s good at it — and now he’s paying the price for his social media success by being rendered silent (at least as silent as a loudmouth can be).


I found the decision hilarious: the FOB punted the decision back to Facebook, telling it to come up with a proper policy for why it banned Trump so there can be a complaint about it which can be referred to the FOB which will dither about it for a while. But the truth of it is that Trump doesn’t care about Facebook – he wants to be back on Twitter. But Twitter will never let him back on.
unique link to this extract

Twitter begins to show prompts before people send ‘mean’ replies • NBC News

David Ingram:


Nasty replies on Twitter will require a little more thought to send.

The tech company said Wednesday it was releasing a feature that automatically detects “mean” replies on its service and prompts people to review the replies before sending them.

“Want to review this before Tweeting?” the prompt asks in a sample provided by the San Francisco-based company.

Twitter users will have three options in response: tweet as is, edit or delete.

The prompts are part of wider efforts at Twitter and other social media companies to rethink how their products are designed and what incentives they may have built in to encourage anger, harassment, jealousy or other bad behavior. Facebook-owned Instagram is testing ways to hide like counts on its service.


Now, you might say that the existence of the “tweet as is” option makes this redundant, but adding just that bit of friction makes it more difficult, a bit slower for people who want to incite trouble.

The question though is how good this will be at detecting actual “mean” content, and how much it will mistake sarcastic or ironic content for actual harassment. Though you could argue that sarcasm and irony fall into the category.
unique link to this extract

The man struck by a particle accelerator beam • Predict

Ella Alderson:


[In the late 1970s Soviet Union] Anatoli Bugorski was checking up on some malfunctioning equipment on the accelerator when the accident took place. Operators in the control room did not remove the beam despite knowing that Anatoli was going to be entering the chamber to perform his inspection. Neither was the door to the chamber locked nor a warning sign illuminated to alert Anatoli that there was still an active beam inside. So it was that he entered the room, leaned down in the space where the beam passes from one section of the accelerator tube to the next, and was promptly struck by a beam of protons traveling at nearly the speed of light. The moment of impact brought a flash of light that Anatoli later described as “brighter than a thousand suns”.

As it was entering the cavern of Anatoli’s head the particle beam was around 200,000 rads. Because of collisions that took place between the particles and Anatoli’s matter, the beam measured 300,000 rads upon exiting his skull. At a level of 400 rads, radiation can kill half the people it touches. At 1,000 rads and above, the radiation will kill almost anyone. Anatoli had received a dose of radiation 300 times the fatal amount. Despite this, there was no pain. As a particle physicist Anatoli understood what had happened even if he couldn’t be sure of the exact gravity of the situation. He collected himself, finished his work in the chamber, and went home without telling anyone what had happened.

It wasn’t until the next day when he began to show worrying symptoms that he was taken to the hospital. The left side of his face was swollen and unrecognizable, with the skin beginning to blister and his hair falling out where the beam had struck. These effects were temporary and inconsequential compared to what would follow. Everyone involved expected Anatoli to die. The doctors and nurses carefully oversaw his treatment, though it’s likely no one expected him to survive past three weeks at most. And that’s exactly the most bizarre part of the entire incident: Anatoli did not die.


Though to the regret of comic book authors, nor did he acquire the ability to fly, pass through walls, manipulate objects at a distance or transmute elements. But there was one peculiar, if limited, effect which in its way would make most people envious.

unique link to this extract

Peloton treadmills recalled after Tread+ child death: what owners do next • SlashGear

Chris Davies:


Peloton will recall all of its treadmill models, after concerns about child safety around the fitness equipment and at least one reported death. The voluntary recall impacts both the Tread+ and Tread models, with Peloton and the US Consumer Product Safety Commission (CPSC) advising owners to cease using them immediately.

It’s an unexpected turnaround from the popular fitness equipment company, which had strongly pushed back against calls for a recall earlier in the year. As recently as April 17, Peloton refuted the CPSC claims, branding them “inaccurate and misleading,” and arguing that “there is no reason to stop using the Tread+, as long as all warnings and safety instructions are followed,”

In a stark change of approach today, Peloton CEO John Foley apologized for that attitude, and for delaying the recall.

“The decision to recall both products was the right thing to do for Peloton’s Members and their families,” Foley said in a statement. “I want to be clear, Peloton made a mistake in our initial response to the Consumer Product Safety Commission’s request that we recall the Tread+. We should have engaged more productively with them from the outset. For that, I apologize. Today’s announcement reflects our recognition that, by working closely with the CPSC, we can increase safety awareness for our Members”.


This was completely predicted by Ed Zitron, a PR of some experience, who explained on April 20 why this was inevitable.

The next thing it has to deal with: “Peloton’s leaky API let anyone grab riders’ private account data“. Reported to the company on January 20, and which fixed it right… no, it didn’t.

Related: “This is your brain on Peloton“, an NYT piece about how absorbing the Peloton experience is. (I haven’t tried it. Apple’s Fitness+ is inclusive, but not real-time interactive in that way.)
unique link to this extract

Global heating pace risks ‘unstoppable’ sea level rise as Antarctic ice sheet melts • The Guardian

Oliver Milman:


The current pace of global heating risks unleashing “rapid and unstoppable” sea level rise from the melting of Antarctica’s vast ice sheet, a new research paper has warned.

Unless planet-heating emissions are swiftly reduced to meet the goals of the Paris climate agreement, the world faces a situation where there is an “abrupt jump” in the pace of Antarctic ice loss around 2060, the study states, fueling sea level rise and placing coastal cities in greater peril.

“If the world warms up at a rate dictated by current policies we will see the Antarctic system start to get away from us around 2060,” said Robert DeConto, an expert in polar climate change at the University of Massachusetts and lead author of the study. “Once you put enough heat into the climate system, you are going to lose those ice shelves, and once that is set in motion you can’t reverse it.”

DeConto added: “The oceans would have to cool back down before the ice sheet could heal, which would take a very long time. On a societal timescale it would essentially be a permanent change.”

This tipping point for Antarctica could be triggered by a global temperature rise of 3C (5.4F) above the preindustrial era, which many researchers say is feasible by 2100 under governments’ current policies.

The new research, published in Nature, finds that ice loss from Antarctica would be “irreversible on multi-century timescales” should this happen, helping raise the world’s oceans by 17cm to 21cm (6.69in to 8.27in) by the end of the century.


There is no good news on this.
unique link to this extract

Clean energy demand for critical minerals set to soar as the world pursues net zero goals • International Energy Agency


The special report, part of the IEA’s flagship World Energy Outlook series, underscores that the mineral requirements of an energy system powered by clean energy technologies differ profoundly from one that runs on fossil fuels. A typical electric car requires six times the mineral inputs of a conventional car, and an onshore wind plant requires nine times more mineral resources than a similarly sized gas-fired power plant.

Demand outlooks and supply vulnerabilities vary widely by mineral, but the energy sector’s overall needs for critical minerals could increase by as much as six times by 2040, depending on how rapidly governments act to reduce emissions. Not only is this a massive increase in absolute terms, but as the costs of technologies fall, mineral inputs will account for an increasingly important part of the value of key components, making their overall costs more vulnerable to potential mineral price swings.

The commercial importance of these minerals also grow rapidly: today’s revenue from coal production is ten times larger than from energy transition minerals. However, in climate-driven scenarios, these positions are reversed well before 2040.


This feels like a lot of wars in the offing.
unique link to this extract

Does Amazon know what it sells? • Benedict Evans


Of Amazon’s top 50 best-sellers in “Children’s Vaccination & Immunisation”, close to 20 are by anti-vaccine polemicists, and 5 are novels about fictional pandemics. This poses two questions. First, how much content moderation should a universal bookshop do? Second, does Amazon really know what it sells?

The content moderation questions here are closely related to those that applied when Facebook and Twitter banned the US president. A single newspaper or a bookshop has no obligation to give you a platform, but there are other newspapers and other bookshops – what does it mean if there are only three newspapers (or only three with significant reach) and they all ban you? Should they allow you to be on the platform, but not ‘amplify’ you either with an ‘algorithm’ or something as mechanical as a best-seller list (and of course being in the list will increase your sales, so that’s also a moderation choice). What books, exactly, do we want Amazon to ban, or to ‘down-rank’? Who decides? What if Amazon put those books in ‘conspiracy theories’ instead? I don’t think we have a settled consensus.

More interesting to me in this case, though, is the fact that five of the top 50 are not about “Children’s Vaccination & Immunisation” at all – they’re novels! This is a much more general problem, that I think that reflects a pretty fundamental aspect of Amazon as a retailer – it does not, in important ways, actually know what it sells, and that has always been inherent to the model.

There’s an old cliché that ecommerce has infinite shelf space, but that’s not quite true for Amazon. It would be more useful to say that it has one shelf that’s infinitely long. Everything it sells has to fit on the same shelf and be treated in the same way – it has to fit into the same retailing model and the same logistics model.


It is a huge problem: it requires Amazon to understand what’s inside the book, not just what the metadata attached to it says.
unique link to this extract

If you have a Dell computer, there’s a big security flaw you need to patch now • Yahoo

Jacob Siegal:


On Tuesday, security research firm SentinelLabs reported on a vulnerability in Dell’s firmware update driver impacting hundreds of the brand’s devices, from desktops to laptops to tablets. As the firm explains, the flaw can be exploited to allow anyone using the computer to escalate their privileges and run code in kernel mode.

Dell has since issued a security advisory on its website for the vulnerability with a list of nearly 400 devices that have been impacted. The list includes dozens of Inspiron and Latitude laptops, as well as recent XPS 13, XPS 15, and XPS 17 models. There is a separate list of older devices that no longer receive service but are also impacted. If you spot a device that you own on the list, here are the steps that you need to take.

First and foremost, you need to remove the vulnerable dbutil_2_3.sys driver from your system.


Oh, the hours of fun you’ll have. Slightly embarrassing for Dell, whose founder Michael Dell was celebrating the company’s (first) 37 years on the precise day that the security advisory was issued.
unique link to this extract

A comparison of reverse image searching platforms • Security Research


Sometimes when trying to conduct a reverse image search, it can be useful to alter the original image in some way in order to find the best results. For example, sometimes an image may be posted and claim to be an original, but is actually just a flipped/reversed version of an existing photo. By flipping the photo and then searching for it, you may be able to find additional results that might not have been returned from searching only one photo. Careful cropping may also yield much better results, as other objects in photos may cause the search engine to focus on the wrong subject.


This dates from September 2019, but still useful.
unique link to this extract

“This is definitely the most bizarre question I have ever seen on a job application” • Boing Boing

Mark Frauenfelder:


Twitter user @beeta was asked this unusual question on a job application: “You’ve been given an elephant. You can’t give it away or sell it. What would you do with the elephant?”

Employers ask this kind of question because they want to see how you think.

Here are some of the replies to @beeta’s tweet:

• I took a class on how to respond to job interview questions once and they used this exact one as an example. The answer they’re looking for is “Open a business where you hire the elephant out for events like birthday parties.”


There are plenty of others, but that’s the one that’s obviously best. (Taking it to a zoo or wildlife refuge surely counts as “giving it away”, unless you then also take a job at the zoo/refuge.)

Anyway, food for thought for anyone who might be hiring people at the moment.
unique link to this extract

Errata, corrigenda and ai no corrida: none notified

You could probably do worse than to
preorder Social Warming, my forthcoming book – out June 24.

Start Up No.1542: inside Basecamp’s Friday fallout, a subscription for life, monitoring blood bloodlessly, Trump starts blog, and more

A drought in Taiwan is drying up reservoirs – and if it continues, could hit chip manufacture by summer. CC-licensed photo by on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 9 links for you. Safe journey. I’m @charlesarthur on Twitter. Observations and links welcome.

Too much time thinking about Trump? Preorder Social Warming, my forthcoming book, and distract yourself.

🚨 How Basecamp blew up • Platformer

Casey Newton, following up on his piece last week about how Basecamp got into a tangle. This feels explosive because of the implications around Ryan Singer, who was the CTO, and who has deleted a ton of tweets – and apparently kept posting Breitbart content approvingly in the company Slack:


On Friday, employees had their chance to address these issues directly with Fried and his co-founder. What followed was a wrenching discussion that left several employees I spoke with in tears. Thirty minutes after the meeting ended, Fried announced that Basecamp’s longtime head of strategy, Ryan Singer, had been suspended and placed under investigation after he questioned the existence of white supremacy at the company. Over the weekend, Singer — who worked for the company for nearly 18 years, and authored a book about product management for Basecamp called Shape Up: Stop Running in Circles and Ship Work that Matters — resigned.

Within a few hours of the meeting, at least 20 people — more than one-third of Basecamp’s 57 employees — had announced their intention to accept buyouts from the company. And while many of them had been leaning toward resigning in the aftermath of Fried’s original post, the meeting itself pushed several to accelerate their decisions, employees said. The response overwhelmed the founders, who extended the deadline to accept buyouts indefinitely amid an unexpected surge of interest.

This account is based on interviews with six Basecamp employees who were present at the meeting, along with a partial transcript created by employees.


Newton is doing terrific work; one of the best around in terms of the contacts and context.
unique link to this extract

This motorcycle airbag vest will stop working if you miss a payment • Vice

Aaron Gordon:


Airbag vests are pretty much exactly what they sound like, garments worn by people who undertake exceedingly dangerous personal hobbies in order to slightly reduce the risk of severe bodily harm or death. For example, in 2018 the motorcycle racing circuit MotoGP made airbag vests mandatory.

Since then airbag vests have become steadily cheaper and therefore more popular among recreational riders. One motorcycle apparel company named Klim, for example, sells an airbag vest called the Ai-1 for $400. In the promotional video launching the product, product line manager Jayson Plummer called the vest “a whole new era of a platform where analog meets digital and results in a superior protection story.” Which is an interesting way of framing the fact that the vest includes an additional subscription-based payment option that will block the vest from inflating if the payments don’t go through.

This is possible because the vest includes two components: the vest itself made by Klim and the airbag system including a small black box made by a French company called In&Motion called the “In&Box detection module.” The module has the sensors and computer components that detect a crash and make the bags inflate.

The customer buys the vest for $400 which comes with the module, but then they must download an app and choose how to unlock the module so the vest actually works: either plonk down another $400 to own the whole shebang outright—bringing the total vest cost to $800—or, as Plummer put it in the video, opt for the “subscription-based model” of $12 per month or $120 per year.


I guess it figures out when you start your ride whether you’re paid up or not. Not clear whether it tells you, though.

Quite a method for extracting money from people. The always-connected, always-paying economy.
unique link to this extract

Timepieces that tell you how you are • Gazettabyte

Roy Rubenstein with some info about how the glucose monitoring from Rockley Photonics (mentioned yesterday) might work:


The technique underpinning smartwatch monitoring has the long title of non-invasive diffuse reflective spectroscopy.

Light at different wavelengths penetrates the skin and is scattered by blood vessels and cells and the interstitial fluid in between. The reflected light is analysed using spectroscopy to glean medical insights.

The smartwatch uses a green LED since blood haemoglobin has a good light absorption at that wavelength. “Effectively, what is being measured is the expansion and contraction of the blood vessels,” says [Rockley Photonics CEO Andrew] Rickman. “It is measuring the amount of light that is absorbed by the change of the volume of blood.”

It doesn’t stop there. Using a red LED and extending it into the infrared range, the blood oxygenation level is measured using the ratio of oxygenated (bright red) and unoxygenated (darker red) haemoglobin. “The ratio of the two wavelengths that you get back is proportional to the blood oxygen level,” says Rickman.

The visible range can also detect bilirubin, a yellow-orange bile pigment associated with jaundice. “But that is pretty much it,” says Rickman. “All the other thousands of constituents, if they have absorption peaks, are swamped in the visual range by haemoglobin.”

What Rockley has done is extend the light’s spectral to measure absorption peaks that otherwise are dwarfed by water and haemoglobin. “We are addressing the visible range and extending it into the infrared range, getting much more accuracy using laser technology compared to LEDs which opens up a whole range of things,” says Rickman.

To do this, Rockley has used its silicon photonics expertise to shrink a benchtop spectrometer to the size of a chip.


Related: magistrates can now get people to wear “alcohol tags” in sentencing for offenders whose crimes were “influenced by alcohol”. (Thanks Adewale Adetugbo for the Rockley link, Joel D for the tagging link.)
unique link to this extract

Taiwan drought may worsen global component shortage • Counterpoint Research

Brady Wang:


A stable and quality source of water is essential for semiconductor production. However, Taiwan is currently suffering from its worst drought in 56 years due to less than usual rainfall during the past year. The main sources of water in Taiwan are (1) the plum rains that occur in spring and summer when hot and cold air meet, (2) the heavy rainfall from typhoons in summer, and (3) the light rainfall in the mountains from the northeast monsoon in fall and winter. The proportions here are about 12%, 39% and 6% respectively.

Taiwan usually receives 7-9 typhoons every year. However, only one typhoon landed in Taiwan in 2020. To make matters worse, last winter and spring’s rainfall was heavily deficient, causing a shortage of water in Taiwan. The country is topographically divided by the 3,000-metre-high Central Mountain Range, which separates Taiwan’s eastern and western parts. The rains brought by the northeast monsoon in autumn and winter are mostly concentrated in the eastern and northern catchment areas, which means abundant rainfall for Draco, though it is of limited help to the Central and Tainan science parks. Therefore, water shortage becomes a serious problem for Taiwan’s technology industry in 2021. It may also have a serious impact on the global supply chain.

The Taiwanese government has taken many measures to address the water shortage problem, including transferring water between reservoirs, stopping water supply for agriculture, reducing water supply for households, drilling groundwater wells, and desalinating seawater. Besides, industrial users, including semiconductor manufacturers, have been asked to reduce their water consumption. TSMC, for example, has significantly increased the water recycling rate. The water level in the northern reservoirs has reached a multi-year low, though still sufficient for the continued use by Hsinchu Science Park (HSP).

However, the average effective water storage of the reservoirs supplying the Central Taiwan Science Park (CTSP) and Southern Taiwan Science Park (STSP) on April 30 was only 8.9% and 14.3% respectively (Exhibit 2). According to Counterpoint estimates, if there is no heavy rainfall or the rainfall does not fall in the catchment area, CTSP will face a water outage in July and STSP around August.


unique link to this extract

Apple is holding the web back with ‘uniquely underpowered’ iOS browsers, says Google engineer • WCCFTech

Furqan Shahid:


In a blog post, [Google Chrome engineer] Alex [Russel] talks about how the WebKit and iOS browsers are “Uniquely Underpowered” compared to the other modern browsers. He claims that Apple “consistently” delays new features for its browsers that “hold the key to unlocking whole categories of experiences on the web.”


Apple’s iOS browser (Safari) and engine (WebKit) are uniquely under-powered. Consistent delays in the delivery of important features ensure the web can never be a credible alternative to its proprietary tools and App Store.


Alex has cited an example of this by mentioning Stadia along with other cloud gaming services. Apple did not allow those services to be available on the App Store and pushed them to use the web instead, which required Apple to allow gamepad APIs so controllers can be used with these new web apps. That is a function that other browsers have offered for a long time except on iOS. But Apple still held back:


Suppose Apple had implemented WebRTC and the Gamepad API in a timely way. Who can say if the game streaming revolution now taking place might have happened sooner? It’s possible that Amazon Luna, NVIDIA GeForce NOW, Google Stadia, and Microsoft xCloud could have been built years earlier.

It’s also possible that APIs delivered on every other platform, but not yet available on any iOS browser (because Apple), may hold the key to unlocking whole categories of experiences on the web.



Russel’s post is quite complicated, and does accept that there’s little to choose between the browsers that have any significant share. He also allows that Chrome lacks some of the things that Safari has.
unique link to this extract

Don’t buy into Facebook’s ad-tracking pressure on iOS 14.5 • WIRED

Brian Barrett on why you can ignore Facebook’s weepy popups suggesting that letting it track you keeps the site “free of charge”:


“There are some types of ads, mostly retargeting, that will be harder to display, since now Facebook wouldn’t know who visited an app, put an item in the shopping cart, etc.,” says Ron Berman, a marketing professor at University of Pennsylvania’s Wharton School. He notes that Facebook will also have a harder time demonstrating that product sales were tied to specific ads, given the limitations on what information can now flow across sites and apps.

But you need not look much further than Facebook’s most recent quarterly earnings report, released last week, to see that iOS 14.5 seems unlikely to push the company toward any kind of precipice. The company took in over $26bn of revenue in the first three months of 2021, and its net income of $9.5bn nearly doubled that of the same period a year ago. It has over $64bn of cash and equivalents on hand. It’s doing just fine. Even if every single iOS 14.5 user opts out of tracking, Facebook will still have Android devices aplenty from which to squeeze profits.

It’s also not as if tracking prevention makes ads go away entirely. It arguably makes them less relevant. People may not click on them as often, which makes them less valuable, and outside analysts have predicted that Apple’s new policy will show up in Facebook’s bottom line. “We’ve seen estimates ranging from about a 2% to a 7% impairment of Facebook’s ad revenues this year and that range seems plausible to us, especially at the low end,” says Nicole Perrin, a principal analyst at eMarketer.

However, she adds, the company is expected to increase its ad revenue overall despite App Tracking Transparency. As WIRED’s Gilad Edelman has noted before, when third-party data disappears, companies that hold more first-party data have an edge. That’s Google, and that’s Facebook.


unique link to this extract

Trump launches new communications platform months after Twitter, Facebook ban • Fox News

Brooke Singman:


Former President Trump on Tuesday launched a communications platform, which will eventually give him the ability to communicate directly with his followers, after months of being banned from sites like Twitter and Facebook.

The platform, “From the Desk of Donald J. Trump” appears on


2003 called, and would like to point out that the “new communications platform” is known as a “blog”. (Meanwhile, at 1030 EST/ 1530 BST, the Facebook Oversight Board will announce its decision on whether Trump should be allowed back on Facebook. The broad expectation I’m seeing is that the FOB will say he should be. Divisive and polarising, algorithmically fuelled: social warming in action.)
unique link to this extract

Teens, tech and mental health: Oxford study finds no link – BBC News

Zoe Kleinman:


There remains “little association” between technology use and mental-health problems, a study of more than 430,000 10 to 15-year-olds suggests.

The Oxford Internet Institute compared TV viewing, social-media and device use with feelings of depression, suicidal tendencies and behavioural problems. It found a small drop in association between depression and social-media use and TV viewing, from 1991 to 2019. There was a small rise in that between emotional issues and social-media use.

“We couldn’t tell the difference between social-media impact and mental health in 2010 and 2019,” study co-author Prof Andrew Przybylski. said. “We’re not saying that fewer happy people use more social media.
“We’re saying that the connection is not getting stronger.”

And this was a warning to regulators and lawmakers focusing on commonly held beliefs about the harmful effects of technology on young people’s mental health. Participants, in the US and UK, graded their own feelings using set questions with sliding scale responses. And they were asked about the duration of social-media or device activity but not more specifically how they had spent that time.

The paper is published in the journal Clinical Psychological Science.


I read a lot of these sorts of papers in preparing my book, and they’re very contradictory. I also spoke to Przybylski, who is generally dubious about studies that have suggested these links – there have been quite a few, and some books, strongly pushing the idea. One common problem these studies run up against is that kids use different devices: boys usually play video games (which makes them happy) while girls use social networks (and don’t seem to be happier).
unique link to this extract

The loneliness of the modern office team member • Financial Times

Pilita Clark:


Every other week or so, a number emerges somewhere in the world that I find both understandable and troubling.

It is the percentage of people who consistently say they don’t want to go back to working full-time in the office. Nearly 60% of British workers said this was how they felt back in September last year and also in March this year, even though more than a third of the UK population had had at least one Covid jab by then.

In the US, the share of workers who would prefer to keep working remotely as much as possible went from 35% in September to 44% in January. More recent European research found 97% of people who have been at home would prefer to stay there for at least part of the week once their offices reopen.

Since I am one of the millions thrilled to be liberated from a rushed commute and the tedium of presenteeism, these findings seem utterly rational. But they are also worrying because there is a gloomier reason that even well-paid, valued people in lofty jobs may be in no rush to go back to the office: long before the outbreak, they were lonely.

Their relationships with people in the office felt shallow. Worse, their sense of isolation may have had less to do with their personal lives than the way their work in teams was organised.


The heavy implication of course being that you’re doing a job that can be done from home. What about delivery drivers? Warehouse workers? People who answer telephones on switchboards? Perhaps I haven’t looked, but I’d like to know what proportion of jobs can and cannot be done remotely. It seems relevant.
unique link to this extract

Errata, corrigenda and ai no corrida: none notified

Start Up No.1541: Apple v Epic opens, Sweden’s failed Covid strategy, ripoff ads still plague Google, Trump’s Facebook day nears, and more

You’ll probably not be surprised to learn that Yahoo(!) has been sold again, this time to a private equity company. CC-licensed photo by Ippei Ogiwara on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 10 links for you. Just breathe into your watch. I’m @charlesarthur on Twitter. Observations and links welcome.

At a loose end? Why not preorder Social Warming, my forthcoming book?

Here are Apple’s and Epic’s full slideshows arguing why they should win at trial • The Verge

Mitchell Clark:


Both Apple and Epic have released their opening presentations on why they feel they should win this week’s trial, which is set to determine the future of the App Store. In the documents, which you can look through below, each company lays out its case.

The lawsuit started when Apple removed Epic Games’ Fortnite from the App Store after Epic bypassed Apple’s system for in-app purchases. But it’s turned into a much deeper examination of Apple’s walled-garden approach to technology, and whether some of the walls the company puts up might violate antitrust law.

We took a deeper look at the companies’ legal strategies in advance of the trial, but you can see the same arguments play out in these presentations. Epic uses metaphors of brick walls and gas stations to argue that Apple’s control over what can and cannot be installed on the iPhone is unfair, and that allowing other methods of installing apps wouldn’t harm iOS’s security. Apple’s pushes back saying that Epic getting the openness that it wants would harm not just the App Store but other stores from Sony and Nintendo.


There’s a Zoom link so you can watch proceedings (Pacific Time 0830-1330, or 1130-1630 Mon-Thu). Password: 715 550. According to Gizmodo, the remote court experience has been pretty terrible already.

Plenty of tasty emails emerging, such as Phil Schiller in 2011 suggesting that once the App Store hit $1bn in annual profit they could look at reducing the 70-30 split in case rival methods (web apps!) become more attractive.
unique link to this extract

Did Sweden get Covid wrong? • UnHerd

Freddie Sayers speaks to Johan Giesecke, who was very against lockdowns in Sweden:


When I remind him of his prediction that countries would end up with similar results after a year, he readily concedes he was mistaken. “One of the things I got wrong a year ago is the rate of spread of this disease. I thought it would spread quicker. And I also thought it would be more similar in different countries. We can see now that there are big differences in the rates of spread in between countries. It may have to do with lockdown, it may have to do with cultural things in these countries. But there is a big difference between countries.”

The difference that is most commonly cited in the ‘case for the prosecution’ against the Swedish strategy is the following chart showing Sweden’s deaths per million dramatically exceeding its neighbouring Scandinavian countries. This is generally considered solid proof that the Swedish strategy failed.

Johan Giesecke disagrees: “The differences between Sweden and its neighbours are much bigger than people realise from the outside — different systems, different cultural traditions…If you compare Sweden to other European countries [such as the UK, France, Spain, Italy, Belgium] it’s the other way round. On the ranking of excess mortality, Sweden is somewhere in the middle or below the middle of European countries. So I think it’s really Norway and Finland that are the outliers more than Sweden.”

Explaining what he means by cultural differences, he mentions among other factors that “they’re more sparsely populated. There are less people per square kilometre in these two countries. There are also much fewer people who were born outside Europe living in these two countries.”

So, crucially, if Sweden had instituted a hard lockdown and shut the border earlier, would its death rate have been closer to its Nordic neighbours? “Maybe not,” he says, “I think we would still have more deaths than they have.”

He is also fairly dismissive of charts currently showing that Sweden has the highest level of infection in Europe:

“I don’t think you should compare countries now, while we are still in the pandemic. You should wait until the pandemic has receded before we start comparing countries. If you did that chart a month ago it would be very different. And a month from now? I don’t know but it would be very different. These snapshots may not show the whole truth.”


Quite what Giesecke is implying is important about “people who were born outside Europe living in these two countries” isn’t followed up, which seems a gigantic lacuna. And aside from the point about children not going to school (which I think we’ll realise was a big error), Giesecke just seems to be Mr Wrong About It All – from levels of prevalence to IFR.
unique link to this extract

The hardest puzzle you’ll ever see—and the secret you need to solve it • Nautilus

Brian Gallagher:


Over his near century of life, [Raymond] Smullyan, 96, became an accomplished pianist and magician, made fundamental contributions to modern logic, and wrote about Taoist philosophy and chess. “He is the undisputed master of logical puzzles,” Bruce Horowitz, one of his former Ph.D. students, has said.

One mark of Smullyan’s legacy is the interest philosophers and logicians still have in his most difficult puzzle, known as the Hardest Logic Puzzle Ever. The title was given by a philosopher of logic at the Massachusetts Institute of Technology, a colleague of Smullyan’s named George Boolos, who—no slouch himself—adored logical challenges of any sort. He once tested himself by giving a lecture on Gödel’s second incompleteness theorem, “one of the most important results in modern logic,” using only single syllable words.

The Hardest Logic Puzzle Ever goes like this:


Three gods A, B, and C are called, in some order, True, False, and Random. True always speaks truly, False always speaks falsely, but whether Random speaks truly or falsely is a completely random matter. Your task is to determine the identities of A, B, and C by asking three yes-no questions; each question must be put to exactly one god. The gods understand English, but will answer all questions in their own language, in which the words for “yes” and “no” are “da” and “ja,” in some order. You do not know which word means which.


Always up for a challenge, I sat down on my couch, pen and paper in hand, confident I could conquer the puzzle in two hours tops.


Nope. The answer takes you through some mindbending logic (lots of reliance on “if and only if”), but the explanation is done well.
unique link to this extract

Why can’t Google get a grip on ripoff ads? • BBC News

Chris Fox:


In October 2018, the BBC brought several adverts to Google’s attention that broke its rules. A month later, Google told the BBC it had developed a machine learning system that could prevent the adverts appearing again.

At the time, it only banned adverts for third-party services that charged more than the official government website. However, in May 2020 it changed its policy to ban “adverts for documents and/or services that can be obtained directly from a government or a delegated provider” including “offers of assistance to obtain these products or services”.

Since that change, the BBC has repeated the same set of Google searches on seven separate occasions over a 12-month period. Every time, there were adverts for expensive third-party services when searching for:

Esta; US Esta; apply for Esta; US visa; Canada ETA (a travel document for Canada); apply for Canada ETA; apply for Canada visa; apply for Australia visa; apply driving licence; renew driving licence; driving licence change address.

Some of the websites continued to appear in the adverts even after they were flagged to Google with its reporting tools.


unique link to this extract

Verizon sells Yahoo and AOL businesses to Apollo for $5bn • CNBC

Steve Kovach:


Verizon will sell its media group to private equity firm Apollo Global Management for $5bn, the companies announced Monday. The sale allows Verizon to offload properties from the former internet empires of AOL and Yahoo.

Verizon will keep a 10% stake in the company and it will be rebranded to just Yahoo.

The sale will see online media brands under the former Yahoo and AOL umbrellas like TechCrunch, Yahoo Finance and Engadget go to Apollo at much lower valuations than they commanded just a few years ago. Verizon bought AOL for $4.4bn in 2015 and Yahoo two years later for $4.5bn.

Verizon will get $4.25bn in cash from the sale along with its 10% stake in the company. Verizon and Apollo said they expect the transaction to close in the second half of 2021.


Amazing decline in the perceived value of those properties. Remember February 2008, when Microsoft bid $44.6bn for Yahoo? (And the exchange rate: then, $44.6bn = £22.4bn. Now it would be £32.2bn: a 43% decline.) The list of companies that Yahoo acquired and, for the most part, ruined, is long and includes names like Flickr, Delicious, Geocities and Tumblr. At least that’s (probably) over.
unique link to this extract

Whatever the ruling, Facebook’s Oversight Board is a smokescreen • The Real Facebook Oversight Board


Facebook’s Oversight Board will announce on Wednesday [at 1530 BST, 1030 EST] its decision on a permanent ban of Donald Trump. Obviously Donald Trump has violated Facebook’s terms of service repeatedly, incited hate, spread disinformation, fomented violence and been used as a model for other authoritarian leaders to abuse Facebook. He should be banned forever.

But do not let Facebook’s Oversight Board distract from the need to ensure real accountability for hate speech, election lies, disinformation and other harmful content.


Anyhow, set your calendars.
unique link to this extract

Facebook and the normalisation of deviance • The New Yorker

Sue Halpern (where “normalisation of deviance” refers to just accepting and ignoring how your system allows bad outcomes; it was what led to the Challenger explosion):


On April 19th, Monika Bickert, Facebook’s vice-president of content policy, announced that, in anticipation of a verdict in the trial of Derek Chauvin, the company would remove hate speech, calls to violence, and misinformation relating to that trial. That accommodation was a tacit acknowledgement of the power that users of the platform have to incite violence and spread dangerous information, and it was reminiscent of the company’s decision, after the November election, to tweak its newsfeed algorithm in order to suppress partisan outlets, such as Breitbart.

By mid-December, the original algorithm was restored, prompting several employees to tell the Times’ Kevin Roose that Facebook executives had reduced or vetoed past efforts to combat misinformation and hate speech on the platform, “either because they hurt Facebook’s usage numbers or because executives feared they would disproportionately harm right-wing publishers.” According to the Tech Transparency Project, right-wing extremists spent months on Facebook organizing their storming of the Capitol, on January 6th. Last week, an internal Facebook report obtained by Buzzfeed News confirmed the company’s failure to stop coördinated “Stop the Steal” efforts on the platform. Soon afterward, Facebook removed the report from its employee message board.

…[The Trump reinstatement/permaban] decision will not be a referendum on Trump’s disastrous presidency, or on his promotion of Stop the Steal. Rather, it will answer a single, discrete question: Did Trump violate Facebook’s policies about what is allowed on its platform? This narrow brief is codified in the Oversight Board’s charter, which says that “the board will review content enforcement decisions and determine whether they were consistent with Facebook’s content policies and values.”

As events of the past few months have again demonstrated, Facebook’s policies and values have normalized the kind of deviance that enables a disregard for regions and populations who are not “big on people’s minds.” They are not democratic or humanistic but, rather, corporate. Whichever way the Trump decision—or any decision made by the Oversight Board—goes, this will still be true.


unique link to this extract

Twitter expands Spaces to anyone with 600+ followers, details plans for tickets, reminders and more • TechCrunch

Sarah Perez:


Twitter Spaces, the company’s new live audio rooms feature, is opening up more broadly. The company announced on Monday it’s making Twitter Spaces available to any account with 600 followers or more, including both iOS and Android users. It also officially unveiled some of the features it’s preparing to launch, like Ticketed Spaces, scheduling features, reminders, support for co-hosting, accessibility improvements and more.

Along with the expansion, Twitter is making Spaces more visible on its platform, too. The company notes it has begun testing the ability to find and join a Space from a purple bubble around someone’s profile picture right from the Home timeline.

Twitter says it decided on the 600 follower figure as being the minimum to gain access to Twitter Spaces based on its earlier testing. Accounts with 600 or more followers tend to have “a good experience” hosting live conversations because they have a larger existing audience who can tune in. However, Twitter says it’s still planning to bring Spaces to all users in the future.

In the meantime, it’s speeding ahead with new features and developments. Twitter has been building Spaces in public, taking into consideration user feedback as it prioritizes features and updates. Already, it has built out an expanded set of audience management controls, as users requested, introduced a way for hosts to mute all speakers at once and added the laughing emoji to its set of reactions, after users requested it.

…Twitter Spaces’ rival, Clubhouse, also just announced a reminders feature during its townhall event on Sunday as well at the start of its external Android testing. The two platforms, it seems, could soon be neck-and-neck in terms of feature set.


Can’t see Clubhouse surviving, then. I’d love to see the usage figures now that lockdown is easing.
unique link to this extract

Google’s foldable Pixel phone was just confirmed by a top leaker • BGR

Chris Smith:


A report about Samsung Display providing foldable OLED panels to various smartphone vendors casually mentioned Google a few days ago. Sources from Korea detailed the various foldable handsets in the works at Oppo and Xiaomi, revealing that these two Chinese smartphone vendors are working on new form factors that resemble Samsung’s foldable phones. The report didn’t say which design the foldable Pixel might employ, but it did reveal that the handset will have a 7.6-inch inward-folding panel from Samsung. All these devices are expected to launch sometime this year.

Google has already been working on adapting the Android experience for foldable devices, so making its own “Pixel Fold” handset makes plenty of sense. The best way to demo new features intended for foldable phones is by using its own hardware. And it looks like the Pixel Fold, or whatever Google ends up calling the handset, is real.


The Pixel range is already a minority sport; the proportion of Pixel buyers who would want a foldable one might be higher than the general market, but I can’t see it turning the range into top sellers. Again, one has to ask what Google’s purpose is with this. It can’t be making any money from it, and it’s hard to see that the lessons from manufacturing have any applicability elsewhere in the company.
unique link to this extract

Apple Watch could add blood sugar and alcohol readings after deal with UK tech company • Daily Telegraph

James Titcomb:


Apple is exploring advanced smartwatch technology that monitors wearers’ blood pressure, glucose and alcohol levels under a deal with a British electronics start-up.

The US tech giant has been revealed as the largest customer of Rockley Photonics, which says its next-generation sensors could be in gadgets next year.

The British company has developed ultra-accurate sensors that read multiple blood signals that are typically only detectable using medical equipment, by beaming infrared light through skin from a module on the back of a smartwatch.

The more limited modules in today’s devices are able to detect measures such as heart rate but the ability to track variables such as blood glucose, which could detect diabetes, has been a long-term goal for wearable technology makers.

Rockley, which has offices in Oxford, Wales and Silicon Valley, revealed its relationship with Apple in listing documents as it prepares to go public in New York. 

The filings said that Apple accounted for the majority of its revenue in the last two years and that it has an ongoing “supply and development agreement” with the company under which it expects to continue to rely on Apple for most of its income.


It seems surprising that you could capture sufficient data to record that sort of data at all accurately. But if it can measure glucose at all accurately, that will make it an automatic purchase for diabetics. And alcohol level, well, useful for drivers…
unique link to this extract

Errata, corrigenda and ai no corrida: none notified