Start Up No.1596: US says China harbours ransomware gangs, the Solarpunk manifesto, Amazon stops NSO on AWS, and more

Finally, Peppa Pig is teaching American children how to talk proper – using English words such as “biscuits”.CC-licensed photo by Eldriva on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 10 links for you. OK, don’t rip it quite so much. I’m @charlesarthur on Twitter. Observations and links welcome.

Exclusive: Chinese hackers behind US ransomware attacks, say security firms • Reuters

Joseph Menn:


Hackers using tactics and tools previously associated with Chinese government-supported computer network intrusions have joined the booming cyber crime industry of ransomware, four security firms that investigated attacks on U.S. companies said.

Ransomware, which involves encrypting a target’s computer files and then demanding payment to unlock them, has generally been considered the domain of run-of-the-mill cyber criminals.

But executives of the security firms have seen a level of sophistication in at least a half dozen cases over the last three months akin to those used in state-sponsored attacks, including techniques to gain entry and move around the networks, as well as the software used to manage intrusions.

“It is obviously a group of skilled of operators that have some amount of experience conducting intrusions,” said Phil Burdette, who heads an incident response team at Dell SecureWorks.

Burdette said his team was called in on three cases in as many months where hackers spread ransomware after exploiting known vulnerabilities in application servers. From there, the hackers tricked more than 100 computers in each of the companies into installing the malicious programs.

The victims included a transportation company and a technology firm that had 30% of its machines captured.

Security firms Attack Research, InGuardians and G-C Partners, said they had separately investigated three other similar ransomware attacks since December.

Although they cannot be positive, the companies concluded that all were the work of a known advanced threat group from China, Attack Research Chief Executive Val Smith told Reuters.


Wonder if the Russians will get upset about these people muscling in on their territory.
unique link to this extract

Amazon shuts down NSO Group infrastructure • Vice

Joseph Cox:


Amazon Web Services (AWS) has shut down infrastructure and accounts linked to Israeli surveillance vendor NSO Group, Amazon said in a statement.

The move comes as a group of media outlets and activist organizations published new research into NSO’s malware and phone numbers potentially selected for targeting by NSO’s government clients.

“When we learned of this activity, we acted quickly to shut down the relevant infrastructure and accounts,” an AWS spokesperson told Motherboard in an email.

Amnesty International published a forensic investigation on Sunday that, among other things, determined that NSO customers have had access to zero-day attacks in Apple’s iMessage as recently as this year. As part of that research, Amnesty wrote that a phone infected with NSO’s Pegasus malware sent information “to a service fronted by Amazon CloudFront, suggesting NSO Group has switched to using AWS services in recent months.” The Amnesty report included part of the same statement from Amazon, showing Amnesty contacted the company before publication.

Citizen Lab, in a peer review of Amnesty’s findings, said in its own post that the group “independently observed NSO Group begin to make extensive use of Amazon services including CloudFront in 2021.”

CloudFront is a content delivery network (CDN) that allows customers, in this case NSO, to more quickly and reliably deliver content to users.


Retribution of a sort, quickly implemented. I’m going to guess that NSO doesn’t actually need something with the heft of AWS, and that it will (for a somewhat higher price) be able to find a CDN and other services from smaller companies not so worried about what NSO Group does.
unique link to this extract

What it feels like to lose your favourite season • Culture Study

Anne Helen Petersen:


The preciousness of summer is one of many reasons that the wildfire smoke, which sinks into the Missoula Valley and struggles to leave, feels so threatening — and so deeply, deeply sad. As anyone from the West who understands forest fires knows, fire itself is not, per se, the problem; Indigenous people have long used fire to stave off more fire. The problem is unbridled fire, facilitated by extreme drought brought on by climate change, which transforms the season of summer into the season of smoke.

Here in the West, we knew it was coming. The drought forecasts were alarming and dismal. I bought a big air purifier that promises to blend in with the decor of your household, and the aesthetics of it all, the move to blend with our daily lives, is infuriating. I first tasted the smoke in the air last week. It lifted, briefly, but has now settled in for what the local smoke forecaster says will almost certainly last until the Fall rains arrive. It’s a month early, people say. But it’s here. Over the last decade, the West had slowly ceded August to smoke. But July, too?

Smoke is life-threatening to people with respiratory issues. For everyone else, it’s shitty in ways we don’t yet understanding. And then there are the secondary effects: it makes you cranky. It makes your hair greasy, your acne flare, and, by messing with your sinuses, it can make your teeth ache. It makes me feel alienated from my body. I’ve spent the last week bumping up against a general ennui and sadness, trying to name it, but its name is just fucking smoke. It’s devoured my summer and, in so doing, my sense of self. Who am I without the restoration of my favorite season? What is my axis, if not this time? How do I feel like myself when the windows are always closed, when the air inside feels tinny and canned, when all of this feels like our future?


unique link to this extract

A Solarpunk Manifesto • ReDes – Regenerative Design


Solarpunk is a movement in speculative fiction, art, fashion, and activism that seeks to answer and embody the question “what does a sustainable civilization look like, and how can we get there?” 

The aesthetics of solarpunk merge the practical with the beautiful, the well-designed with the green and lush, the bright and colorful with the earthy and solid. 

Solarpunk can be utopian, just optimistic, or concerned with the struggles en route to a better world ,  but never dystopian. As our world roils with calamity, we need solutions, not only warnings.

Solutions to thrive without fossil fuels, to equitably manage real scarcity and share in abundance instead of supporting false scarcity and false abundance, to be kinder to each other and to the planet we share.

Solarpunk is at once a vision of the future, a thoughtful provocation, a way of living and a set of achievable proposals to get there.

• We are solarpunks because optimism has been taken away from us and we are trying to take it back.
• We are solarpunks because the only other options are denial or despair.
• At its core, Solarpunk is a vision of a future that embodies the best of what humanity can achieve: a post-scarcity, post-hierarchy, post-capitalistic world where humanity sees itself as part of nature and clean energy replaces fossil fuels.
• The “punk” in Solarpunk is about rebellion, counterculture, post-capitalism, decolonialism and enthusiasm. It is about going in a different direction than the mainstream, which is increasingly going in a scary direction.
• Solarpunk is a movement as much as it is a genre: it is not just about the stories, it is also about how we can get there.


It’s a 22-point manifesto, some with subheads. But interesting: this is the sort of manifesto that people can coalesce around.
unique link to this extract

Peppa Pig, a pandemic favourite, has American children acting British • WSJ

Preetika Rana and Meghan Bobrowsky:


California kindergartner Dani stunned her parents in May when she addressed her mom, who said she was going to the eye doctor, in a polished British accent: “Mummy, are you going to the optician?”

“And we were like, ‘the what?’ ” says Dani’s father, Matias Cavallin. “That’s like a college-level word,” he says. “At least, I wasn’t using it.”

The culprit? A wildly popular English cartoon about a preschooler pig named Peppa.

Like 5-year-old Dani, children across the U.S. have binge-watched “Peppa Pig” over the past year. They are emerging from the pandemic with an unusual vocabulary and a British accent just like the show’s namesake character.

The Peppa Effect, as some parents call it, already had some children snorting like pigs and using cheeky Britishisms before the pandemic. Then lockdowns sent screen-time limits out the door, and children gorged on the cartoon in a silo away from their usual social interactions, amplifying the effect.

Mr. Cavallin, a public-relations manager in El Cerrito, Calif., stumbled upon the cartoon at the start of the pandemic. He concluded that it was a sweet family show that would keep Dani busy as his wife went to the office and he juggled working from home.

“It was almost like a happy accident at a time when I was trying to find a pseudo babysitter during Zoom meetings,” he says. “It was either Peppa Pig or no work.”

As a result, Mr. Cavallin says, he went from papa to “Daddy,” said in the British way. His daughter calls the gas station the “petrol station” and cookies “biscuits,” and when he’s holding a cup of coffee, Dani asks him, “Are you having tea now?” He says that Dani’s grandparents—immigrants from Argentina who mostly speak Spanish—quip, “We don’t understand her to begin with, and now she’s speaking British?”


So all the years of Doctor Who had no effect? I guess they were too old by then.
unique link to this extract

Robotaxis: have Google and Amazon backed the wrong technology? • Financial Times

Patrick McGee:


suppliers of advanced driver-assistance systems, or ADAS — a bottom-up approach to building autonomous technology — are making massive strides. They already have a great business case, generating profits as they sell their tech to carmakers, constantly upgrade their systems and save lives along the way.

Several experts say this is a better pathway to scaling driverless tech. If they are right, then the central risk for the robotaxi hopefuls is not whether full autonomy can succeed, but whether an entirely different approach to the problem will get there first.

“There’s no more dispute around whether robotaxis are real: they are real today,” says Karl Iagnemma, chief executive of Motional, the autonomous driving unit of Hyundai and Aptiv. “The question is whether the other guy can come along and do the same service, the same product, but at half the price. If you’ve got a competitor who’s in that position, you’re in big trouble.”

Driverless groups such as Waymo, Microsoft-backed Cruise, Amazon-owned Zoox and Aurora, which announced plans for a public listing last week, are betting on a “moonshot” solution with no plan B. They plan to offer full autonomy — albeit ringfenced to certain locations — or nothing at all. In regulatory jargon, this is called Level 4, in which a robot driver requires no input from passengers. Level 5, the highest step, would allow the vehicle to go anywhere.

This “go big or go home” approach stands in direct opposition to the step-by-step path of the ADAS players led by suppliers Mobileye, Aptiv, Magna and Bosch, which work with all the major carmakers. Their advances mean most new vehicles already have partial automation — Levels 1 and 2, including cruise control and automated braking. Tesla’s AutoPilot System is the best-known Level 2 system.


One thinks of the tortoise and the hare. ADAS can get there from the bottom up.
unique link to this extract

‘Anti-sex’ beds in the Olympic Village? A social media theory is soon debunked • The New York Times

Austin Ramzy:


The plan for the 18,000 beds and mattresses — 8,000 will also be used for the Paralympics starting next month — was announced before the pandemic started and social distancing restrictions were first put in place, and they’re sturdier than they look.

“Cardboard beds are actually stronger than the one made of wood or steel,” Airweave said in a statement on Monday.

The modular mattresses are customizable to suit athletes of all body types, and the beds can sustain up to 440 pounds, enough for even the most imposing Olympians.

But Olympic officials still prefer that athletes sleep alone while in Tokyo, and stay away from each other everywhere else as well. A playbook outlining safety measures advises Olympic participants to “avoid unnecessary forms of physical contact such as hugs, high-fives and handshakes.”

To further discourage carousing, alcohol sales will be banned. Condoms, which have been distributed at the Olympics since the Seoul Games in 1988, will be provided to encourage safe sex, but only about one-third as many as the record 450,000 handed out at the Rio Games in 2016. And Olympic officials have made it clear that they are intended for athletes to use only once they’re back in their home countries.


People are often surprised that Olympic athletes have SO much sex. It’s probably thanks to the condoms that there aren’t more superbabies whose athletic prowess would astonish us all.
unique link to this extract

Digital identity and attributes consultation • GOV.UK

Matt Warman is the minister for digital infrastructure at DCMS:


We promised to follow up on other aspects of our Digital Identity Call for Evidence at pace, and this consultation does that now, seeking views on three key issues.

Firstly, to support the trust framework there will need to be a responsible and trusted governance system in place which can oversee digital identity and attribute use and make sure organisations comply with the rules contained within the trust framework. We are using this consultation to solicit views on the exact scope and remit of this governing body. As the consultation makes clear, it will be vital to ensure that this body works closely with other regulators that have oversight of digital services, and supports our wider goals of establishing a coherent regulatory landscape that unlocks innovation and growth.

Secondly, to unlock the benefits digital identities can bring, we need to make it possible to digitally check authoritative government-held data. We need the digital equivalent of checking data sources such as a passport. That’s why we are also consulting on how to allow trusted organisations to make these checks.

Finally, we want to firmly establish the legal validity of digital identities and attributes, to build confidence that they can be as good as the physical proofs of identity with which we are familiar.


The UK government wants robust ID without ID cards. Quite a circle to square. (Warman, by the way, used to be a technology journalist at the Daily Telegraph – a contemporary to me at the Guardian. So he at least slightly has the knowledge for this topic. He’s been quietly in charge of crucial stuff for a number of years – this, broadband rollout – and hasn’t done a single interview about them.)
unique link to this extract

Google product, or not? • Comics at Google


Play with your friends and colleagues! Spot the official Google product logos while avoiding deprecated apps, non-official logos and other traps!


You have to go there to realise how many Google products there are, or are not. The page has 64 logos. I spotted the Android logo, and a Windows logo in the Google colours. (Then there are lots more panels. Thanks Paulie for the link.)
unique link to this extract

Gurman: MacBook Pro with miniLED display coming between September-November • 9to5Mac

José Adorno:


In today’s Power On newsletter, Bloomberg Mark Gurman discusses the availability of the new MacBook Pro with miniLED display, expected to be announced from September to November. Head below for the full details.

Reiterating what reliable Apple analyst Ming-Chi Kuo said a couple of weeks ago, the new MacBook Pro is expected to go into production in the third quarter, which means an announcement is expected around September to November, according to Gurman as well.

In his newsletter, Mark Gurman says “these new MacBooks were supposed to launch earlier, but complications around the new miniLED display have held up production.”

The miniLED display, which Apple calls Liquid Retina XDR, is already available on the new 12.9-inch M1 iPad Pro. This panel uses 10,000 mini-LEDs, which provide much greater control of localized backlighting, allowing higher brightness and deeper blacks. The combination boosts the contrast ratio, as well as using less power.

According to the company, the Liquid Retina XDR display delivers “true-to-life” detail with a 1,000,000:1 contrast ratio. It also features 1000 nits of full-screen brightness and 1600 nits of peak brightness.

Although the new MacBook Pro is expected to feature the M1X chip and more slots, Gurman doesn’t talk about that in today’s newsletter. Instead, he gives a tip about choosing between the MacBook Pro and MacBook Air.

MacBook Pro for those who necessitate more speed and RAM with app development, Photoshop, and heavy video editing, while the Air is ideal for web browsing, email, and light photo editing.


MacBook Pro also for those who like the space of a 15in screen, which they can’t get on any other Apple laptop. 13.3in MacBook Air screen area: 79.5 sq in (10:6 length/height ratio). 16in MacBook Pro screen area: 115 sq in (same ratio). DIfference: 44%.

But if it doesn’t go into production until September, it’s hard to imagine it’ll be ready then. October seems like the earliest.
unique link to this extract

• Why do social networks drive us a little mad?
• Why does angry content seem to dominate what we see?
• How much of a role do algorithms play in affecting what we see and do online?
• What can we do about it?
• Did Facebook have any inkling of what was coming in Myanmar in 2016?

Preorder Social Warming, my forthcoming book, and find answers – and more.

Errata, corrigenda and ai no corrida: none notified

1 thought on “Start Up No.1596: US says China harbours ransomware gangs, the Solarpunk manifesto, Amazon stops NSO on AWS, and more

  1. Matt Warman did do one interview (about 5G) with a trade magazine before the pandemic. I know because I conducted it. It was a strangely disorienting experience to talk to a minister who actually knew their subject and was interested in it.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.