Start Up No.1595: NSO Group blamed for hacking of activist phones, Facebook hits back over vaccination, climate change hits, and more

As USB-C cables come in eight different types, wouldn’t it be great if there was an easy way to know which one you’ve got?CC-licensed photo by Aaron Yoo on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 11 links for you. Let it rip! I’m @charlesarthur on Twitter. Observations and links welcome.

Private spy software sold by NSO Group found on cellphones worldwide • Washington Post

Dana Priest, Craig Timberg and Souad Mekhennet:


Military-grade spyware licensed by an Israeli firm to governments for tracking terrorists and criminals was used in attempted and successful hacks of 37 smartphones belonging to journalists, human rights activists, business executives and two women close to murdered Saudi journalist Jamal Khashoggi, according to an investigation by The Washington Post and 16 media partners.

The phones appeared on a list of more than 50,000 numbers that are concentrated in countries known to engage in surveillance of their citizens and also known to have been clients of the Israeli firm, NSO Group, a worldwide leader in the growing and largely unregulated private spyware industry, the investigation found.

The list does not identify who put the numbers on it, or why, and it is unknown how many of the phones were targeted or surveilled. But forensic analysis of the 37 smartphones shows that many display a tight correlation between time stamps associated with a number on the list and the initiation of surveillance, in some cases as brief as a few seconds.

Forbidden Stories, a Paris-based journalism nonprofit, and Amnesty International, a human rights group, had access to the list and shared it with the news organizations, which did further research and analysis. Amnesty’s Security Lab did the forensic analyses on the smartphones.


The Guardian also received the list, and found that the editor of the FT is on it.



NSO has long insisted that the governments to whom it licenses Pegasus are contractually bound to only use the powerful spying tool to fight “serious crime and terrorism”.


Uh-huh, sure Jen. The question in the light of this is what action, if any, will be taken against NSO Group. Or, equally, what liability it might have. (Probably none.)
unique link to this extract

Facebook to Biden: ‘we aren’t the reason vaccination goal was missed’ • The New York Times

Cecilia Kang:


Facebook and the Biden administration engaged in an increasingly rancorous back and forth over the weekend after the administration denounced the social media giant for spreading misinformation about the Covid-19 vaccines.

On Sunday, the surgeon general, Vivek Murthy, reiterated warnings that false stories about the vaccines had become a dangerous health hazard. “These platforms have to recognize they’ve played a major role in the increase in speed and scale with which misinformation is spreading,” Mr. Murthy said Sunday on CNN.

In a blog post on Saturday, Facebook called on the administration to stop “finger-pointing” and laid out what it had done to encourage users to get vaccinated. The social network also detailed how it had clamped down on lies about the vaccines, which officials have said led people to refuse to be vaccinated.

“The Biden administration has chosen to blame a handful of American social media companies,” Guy Rosen, Facebook’s vice president of integrity, said in the post. “The fact is that vaccine acceptance among Facebook users in the US has increased.”

Mr. Rosen added that the company’s data showed that 85% of its users in the United States had been or wanted to be vaccinated against the coronavirus. While President Biden had set a goal of getting 70% of Americans vaccinated by July 4, which the White House fell short of, “Facebook is not the reason this goal was missed,” Mr. Rosen said.

Facebook’s response followed a forceful condemnation of the company by Mr. Biden. When asked on Friday about the role of social media in influencing vaccinations, Mr. Biden declared in unusually strong language that the platforms were “killing people.”

“Look,” he added, “the only pandemic we have is among the unvaccinated, and that — and they’re killing people.”


The White House line that a dozen people are responsible for 65% of vaccine disinformation seems a stronger one. Facebook hasn’t responded at all on that one.
unique link to this extract

If you’re not a climate reporter yet, you will be: Covid-19 coverage offers lessons for reporting on the climate crisis • Nieman Journalism Lab

Wolfgang Blau:


“The last 18 months have been a step change for our newsroom,” said Sven Stockrahm, science editor of German news organization Zeit Online. “Of course, our workload has been staggering, but we are delighted to see how normal it has become for all teams in our newsroom to first consult with the science desk before publishing a story that deals with aspects of Covid-19.” The degree of interdisciplinary collaboration with the science desk is new, and it could prove a model for how news organizations cover the climate crisis.

Today, news reports about the climate crisis primarily come from a newsroom’s science, politics or economics desk. A few news organizations already understand, though, that the climate crisis is more than a beat or a topic — it poses urgent questions that affect all sectors of society. Based on this understanding, journalistic coverage of climate change needs to involve all teams of a newsroom, including its culture, finance, real estate, lifestyle, fashion, health, and sports journalists.

When sports journalism mentions the financial aspects of a team, a transfer, or a tournament, nobody would be surprised to see “business journalism in the sports section.” Climate journalism needs to become just as integrated in every vertical.


This is underappreciated. But as we have more and more natural disasters to contend with, journalists are at the very least going to find themselves writing about the effects of climate.
unique link to this extract

Coronavirus vaccine resisters: convincing the skeptics • National Review

Michael Brendan Dougherty:


Some subset of vaccine hesitancy is conspiratorial. Some of it is just an understandable anxiety in people who have had bad experiences with conventional medicine or have dealt with chronic and unexplained conditions. An even smaller amount is from people who, for instance, are trying to get pregnant and note that there’s been considerably less testing on pregnant women for well-established legal reasons. Some are hesitant to take it because they believe the natural immunity they acquired is sufficient.

But most vaccine skepticism, if by that we mean reluctance, is not based on conspiracy theorizing — it’s based on risk-benefit calculations. You may think it’s an innumerate calculation. But when you look at patterns of uptake in the United States, two factors stand out, factors that are larger in their effect than partisanship: age and density. The older you are and the denser your community, the more likely you are to be vaccinated. The younger you are, and the more rural your community, the less likely you are to have gotten it. This reflects the real facts about the risk of death from COVID. People may be wildly overestimating their risk from the vaccine and underestimating their risks from COVID — but they have the directional thinking correct. Those who are in less danger, act like it.

These risk-benefit calculations are not entirely defined by health outcomes either but involve psychology and politics. Some people, having read or seen that rates to achieve suitable herd immunity may be substantially lower than 80% or 90%, conclude that they don’t have to overcome their fears and can free-ride on the immunity achieved by others. The risk-benefit calculation is also complicated by other factors. People find acts of God easier to accept than mistakes of their own volition. So they may find it easier to accept the risks of facing COVID in nature, which they did not choose to get, than the unknown risks of a vaccine that they did consciously choose to take.


I found this a useful article, because it starts from the assumption that vaccine hesitants (and possibly even deniers) start from a rational state, even if they end up at an irrational one.
unique link to this extract

Classified Challenger tank specs leaked online for videogame • UK Defence Journal

George Allison:


A gamer identifying as Challenger 2 commander has posted a classified document online in order to improve the accuracy of the design of the tank in the game ‘War Thunder’.

War Thunder is a vehicular combat multiplayer video game developed and published by Gaijin Entertainment. Despite the fact that Gaijin Entertainment lists itself as a Cyprus-based studio, it was originally founded in Moscow, Russia, where it still has offices today.

It also has branches in Germany, Hungary, and Latvia.

A user identifying as a Challenger 2 commander posted specific excerpts from a Challenger 2 AESP (Army Equipment Support Publication, sort of like a user manual) to show game developers that they “didn’t model it correctly”.

The user identifies as a make in Tidworth with a history of “Tanks & AFV’s, CR2 Tank Commander, AFV Instr, D&M Instr, Gunnery Instr, Former ATDU”. It should be noted that Tidworth is home to the Royal Tank Regiment who operate Challenger 2 tanks.

It is understood that the excerpts from the document had their ‘UK RESTRICTED’ label crossed out and a stamp of ‘UNCLASSIFIED’ added, as well as having various parts fully blanked. One forum user remarked that “the cover for instance had basically everything except CHALLENGER 2 blacked out”.


I did not have “accidental espionage by video gamers” on the bingo card.
unique link to this extract

Amazon asked Apple to remove an app that spots fake reviews, and Apple agreed • CNBC

Annie Palmer:


Apple has removed Fakespot, a well-known app for detecting fake product reviews, from its App Store after Amazon complained the app provided misleading information and potential security risks.

Fakespot’s app works by analyzing the credibility of an Amazon listing’s reviews and gives it a grade of A through F. It then provides shoppers with recommendations for products with high customer satisfaction.

Amazon said it reported Fakespot to Apple for investigation after it grew concerned that a redesigned version of the app confused consumers by displaying Amazon’s website in the app with Fakespot code and content overlaid on top of it. Amazon said it doesn’t allow applications to do this. An Amazon spokesperson claimed, “The app in question provides customers with misleading information about our sellers and their products, harms our sellers’ businesses, and creates potential security risks.”

By Friday afternoon, following a review from Apple, the app was no longer available on the App Store.

Misleading or fake user reviews have proven to be a major problem for online retailers, including Amazon. The company has recently ramped up its efforts to detect and cull fake reviews. Its third-party marketplace, made up of millions of sellers, has grown to account for more than half of the company’s overall sales, but it has become fertile ground for fake reviews, counterfeits and unsafe products.

…Apple said in a statement that Amazon on June 8 initiated a dispute with the Fakespot app over intellectual property rights.


unique link to this extract

USB-C cable colour codes •



USB-C was supposed to be the answer to the chaos that is charge and data cable compatibility. And to an extent it was. It unified ports and reduced the amount of cables and chargers I need to travel with. The cables themselves, however, turned out to be a mess. They come in many varieties with obtuse names, confusing markers, and unclear compatibility rules. Yet they all look exactly the same.

Here is a colour coding scheme for USB-C to USB-C cables to distinguish them by their use.

There are currently 8 types of USB-C cables defined. Benson Leung’s post lists them and explains how they relate to power and data transfer rates. Drawing from that we can observe that cables differ in two dimensions. The first is the kind of data signalling a cable supports, and the second is the amount of current it can carry. Based on this we can give data signalling colours.

  • #E69F00 “orange” for USB 2.0
  • #56B4E9 “sky blue” for USB 3.2 Gen 1
  • #009E73 “blueish green” for USB 3.2 Gen 2
  • #F0E442 “yellow” for Thunderbolt 3

And give current ratings numbers of stripes.

  • One black stripe for 3A
  • Two black stripes for 5A

Putting them together we get the full matrix of the 8 possible USB-C to USB-C cable types today.

USB 2.0 USB 3.2 Gen 1 USB 3.2 Gen 2 Thunderbolt 3
3A CC2-3 CC3G1-3 CC3G2-3 CC3G3-3
5A CC2-5 CC3G1-5 CC3G2-5 CC3G3-5


The author used nail polish to colour the cables. Wouldn’t it be great if you could identify them more easily.
unique link to this extract

Social Warming by Charles Arthur review: a coolly prosecutorial look at social media • The Guardian

Steven Poole reviewed my book, concluding:


I was left unsure by the titular phrase to describe the havoc that social media is wreaking upon our lives. Warmth, after all, has long been a social metaphor for something desirable: as when people speak warmly, or enjoy a warm friendship. (Indeed, according to some psychological research, loneliness makes you feel cold, and being cold makes you more lonely.) Perhaps, just as some now prefer to use “global heating” or “climate crisis” in the atmospheric context, we should think of social overheating or social boiling. In the mean time, feel free to share this article on Twitter.


Though calling it “Social Heating” might have made people think it was about getting together with your neighbours to keep the house warm. Balancing act.
unique link to this extract

Miami condo collapse raises new fears about Florida’s insurance market • The New York Times

Christopher Flavelle, Patricia Mazzei and Giulia Heyward:


Days after the collapse, insurance companies sent letters threatening to cut off coverage to older buildings that did not pass mandatory safety inspections. In California, insurers have begun fleeing fire-prone areas; in other parts of the West, officials say they are seeing similar reports of insurers refusing to renew policies.

And it is not just private insurers: In April, the federal government outlined changes to the heavily indebted National Flood Insurance Program that will eventually cause some people’s premiums to rise fivefold or more.

“Coastal areas all across the Gulf and up along the East Coast could start to see very similar dynamics” to what is happening in Florida, said Carolyn Kousky, executive director of the Wharton Risk Center at the University of Pennsylvania.

It is too soon to say whether climate change contributed to the collapse of the building in Surfside. But the effects of global warming, which include extreme heat and more moisture in the air, cause structures to deteriorate more quickly, according to Jesse Keenan, a professor at Tulane University who specializes in the consequences of climate change for the built environment.

“Climate change is actually accelerating the degradation of buildings,” Dr. Keenan said.


Premiums could quintuple, or simply stop. It’s going to be brutal.
unique link to this extract

Out of control: the moment Boris Johnson let Covid run rampant • The Sunday Times

Jeremy Farrar is director of the Wellcome Trust, and a member of Sage; he wrote his latest book with Anjana Ahuja:


While things were moving frantically on the international front in the summer of 2020, with hopes building for several successful vaccines, the situation in the UK was deteriorating swiftly. The autumn of last year was, without doubt, the lowest point for me during the pandemic. I seriously considered resigning from Sage, the Scientific Advisory Group for Emergencies.

The newly opened economy, buoyed by such schemes as Eat Out to Help Out, was slowly feeding the virus. Taxpayers effectively subsidised its spread.

From July last year onwards, the infection rates began creeping up week by week. During those holiday months of summer 2020 I felt very strongly that not enough had been done, particularly in terms of test, trace and isolate programmes (TTI), to prepare for the winter.

Then, on August 16, news leaked that Public Health England was going to be abolished. Even worse, Dido Harding, who had failed to establish the world-beating TTI system promised over the summer, was appointed interim executive chairwoman of PHE’s replacement, the National Institute for Health Protection. Public Health England was being thrown under the bus in the middle of a pandemic while the figurehead responsible for the TTI system was being promoted.

Weeks later the government announced it was considering “Operation Moonshot”, a plan for rapid mass testing nationwide to try to keep the economy open. It would reportedly cost about £100 billion. The British Medical Journal noted that the enormous sum was within touching distance of the entire annual budget for the NHS in England. Professors of public health, meanwhile, were telling the government that the tests under consideration were nowhere near foolproof, with substantial risks of both false negatives and false positives.


He is very, very unimpressed with Boris Johnson. As it pretty much everyone these days.
unique link to this extract

Europe floods: Rescuers race to find survivors as hundreds remain missing • BBC News


At least 143 people are now known to have died in the floods in Germany, including four firefighters.

Rescue teams were hampered by difficult conditions on Friday, leaving relatives of the missing waiting anxiously for news.

But by Saturday the authorities said numbers of people unaccounted for had been steadily decreasing.
The states of North Rhine-Westphalia, Rhineland-Palatinate and Saarland have been the worst affected by the rainfall. Though the risk of further flooding is diminishing there is growing concern about the Steinbachtal dam in North Rhine-Westphalia, south-west of the city of Bonn.

Inspectors say large parts of the structure have come away leaving it extremely unstable, and more people may be asked to leave their homes. Meanwhile emergency workers have been searching abandoned cars on the still-flooded B265 road, but fire service spokesman Elmar Mettke said no bodies had yet been found.

“It seems like in the cars we have checked so far the occupants have all reached dry land unscathed. But we will continue to look and it will be a while until we are done here,” he told Reuters news agency.

A resident of Schuld in the Rhineland-Palatinate district of Ahrweiler told AFP news agency that cars had been washed away and houses knocked down in scenes he likened to a “war zone”.

In the nearby spa town of Bad Neuenahr-Ahrweiler residents were determined to begin the huge clean-up operation, scraping mud from the streets and clearing piles of debris.

But many businesses and livelihoods in the town have been swept away. Nearly 100 people in Ahrweiler are believed to have died.


Worth visiting the page for the shocking Before/After with slider of the post-flood sinkhole in Erftstadt-Blessem.
unique link to this extract

You’ve read the review. Why not order Social Warming, my latest book?

Errata, corrigenda and ai no corrida: none notified

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.