Start Up No.1668: Facebook knew of political ad risk, adtech’s new watchers, phones leaked GPS after opt-out, SpaceX’s leaky toilet, and more

Now for the bad news: some carbon offset projects don’t offset carbon at all, because they go into projects that would be built anyway. CC-licensed photo by Land Rover Our Planet on Flickr.

A selection of 10 links for you. Recharged. I’m @charlesarthur on Twitter. Observations and links welcome.

Facebook knew ads, microtargeting could be exploited by politicians. It accepted the risk • The Washington Post

Cristiano Lima:


Facebook has long resisted calls to scrap political advertising on the platform and limit targeted messaging amid fears the tools might be used to sow discord. The company defends those policies as a way to safeguard free expression and online organizing efforts.

But internally, staffers acknowledged the cost of the services is that politicians will likely exploit them to spread misinformation and target vulnerable users, according to documents reviewed by The Technology 202 as part of the Facebook Papers investigation. 

“We will definitely see misinfo from political parties and candidates that we will not fact-check, which will hurt public trust,” read a slide deck from early 2020 assessing product risks, including misinformation in ads. “We also expect custom audiences for political and social issue ads to be used to narrowcast misinfo to vulnerable communities.” 

The documents, disclosed to the U.S. Securities and Exchange Commission by Facebook whistleblower Frances Haugen and provided to Congress in redacted form by Haugen’s legal counsel, were reviewed by a consortium of news organizations, including The Washington Post. Together they provide an unparalleled look into how the tech giant weighs trade-offs between safety and profit.

…Internal documents show Facebook staffers determined its hands-off approach to political ads and to targeting ads and other political content to users posed significant risks. 

A Feb. 25, 2020, slide deck titled “US 2020 Product Risk Assessment — Update” rated the “residual risk” posed by misinformation in Facebook ads as “high,” even if the company managed to “execute perfectly” the interventions it was weighing to mitigate the threat, such as increasing fact-checking by its third-party partners.


Notable that Zuckerberg looked most uncomfortable in front of Congress in October 2019 when Alexandria Ocasio-Cortez grilled him about lying in political ads.

This is where the danger of Facebook’s approach is biggest. This is how it undermines democracy.
unique link to this extract

Facebook’s next billion-dollar idea? Clothing in the metaverse • Protocol

Hirsh Chitkara:


Facebook has gone through the wringer in recent weeks. Luckily Mark Zuckerberg sees a billion-dollar opportunity at the end of the tunnel: digital clothes in the metaverse.

Zuckerberg said in the Q3 2021 earnings call Monday: “If you’re in the metaverse every day, then you’ll need digital clothes, digital tools, and different experiences. Our goal is to help the metaverse reach a billion people and hundreds of billions of dollars of digital commerce this decade.”

He also referred to the metaverse as the “holy grail of online social experiences” and said it’s something he’s “wanted to build since even before I started Facebook.”

The idea of making billions of dollars from virtual outfits isn’t without precedent. Epic Games, for instance, has generated more than $9bn in annual revenue from Fortnite, a free-to-play game that makes money in part by selling character “skins” to players for virtual tokens. Roblox employs a similar business model and generated $454m in revenue for Q2 2021, up 127% year-over-year.

But both Fortnite and Roblox target younger audiences who have already become accustomed to the idea of paying money (often from their parents) for virtual outfits. Facebook wants to target a much larger segment of the population. Zuckerberg referred to the metaverse in the earnings call as “the next computing platform.” He said it could help Facebook reduce its “dependence on delivering our services through competitors,” which suggests it would be more akin to a mobile operating system than a video game.


Second Life, for the second time. Though with tech, it’s always about timing.
unique link to this extract

For more:

• Why do social networks drive us a little mad?
• Why does angry content seem to dominate what we see?
• How much of a role do algorithms play in affecting what we see and do online?
• What can we do about it?
• Did Facebook have any inkling of what was coming in Myanmar in 2016?

Buy Social Warming, my latest book, and find answers – and more.

Do carbon offsets offset carbon? • Cesifo Network

Raphael Calel, Jonathan Colmer, Antoince Dechezleprêtre and Matthieu Glachant:


We develop and implement a new method for identifying wasted subsidies, and use it to provide systematic evidence on the misallocation of carbon offsets in the Clean Development Mechanism—the world’s largest carbon offset program.

Using newly constructed data on the locations and characteristics of 1,350 wind farms in India—a context where it was believed, ex ante, that the Clean Development Mechanism could significantly increase development above baseline projections—we estimate that at least 52% of approved carbon offsets were allocated to projects that would very likely have been built anyway.

In addition to wasting scarce resources, we estimate that the sale of these offsets to regulated polluters has substantially increased global carbon dioxide emissions.


*buries head in hands* The paper does introduce the neat idea of BLIMPs – Blatantly Infra-marginal Projects. They’re projects which are no more profitable than others, but get subsidies they don’t actually need. The problem comes when “offsets” are applied to BLIMPs, ie projects that were going to get built anyway.

Without effective offsets, though, a lot of “net zero” plans crumble to nothing. Because offsets are the “net” in “net zero”.
unique link to this extract

We’re ready to rip out the beating heart of the disinformation economy • Check My Ads Institute

Nandini Jammi and Claire Atkin:


It’s almost Halloween, so here’s a spooky riddle: What’s scarier than Facebook fueling a global disinformation crisis? Answer: The hundreds of obscure adtech companies hanging out behind the scenes piping billions of dollars to everyone with a computer and a conspiracy theory.

All eyes are on Facebook this week, but let’s put a pin in that as we discuss the other half of the horror story. While Facebook pushes users towards the most inflammatory content on the web, there’s an entire ecosystem of advertising platforms you’ve likely never heard of that converts all that traffic into a virtually unlimited supply of ad dollars.

We call it the disinformation economy, and it looks roughly like this:

A Lumascape of the disinformation economy

Q: But Claire and Nandini, this is a boring and unintelligible map of the adtech landscape. Did you maybe download the wrong image?

Nope. We’re saying that this right here — the advertising supply chain — is the ATM of the disinformation economy. And it’s a world that is just as sinister as Facebook, if not more.

…This industry directly finances the spiraling production of misleading and inflammatory online content across the open web, funnelling anywhere between $250m to $2.6bn to disinformation efforts every year.

In other words, they print money for the bad guys.


Notice how hard it is to be precise about how much money goes to the bad guys: adtech is fiendishly hard to follow. But this matters.
unique link to this extract

Location data firm got GPS data from apps even when people opted out • Motherboard

Joseph Cox:


Huq, an established data vendor that obtains granular location information from ordinary apps installed on people’s phones and then sells that data, has been receiving GPS coordinates even when people explicitly opted-out of such collection inside individual Android apps, researchers and Motherboard have found.

The news highlights a stark problem for smartphone users: that they can’t actually be sure if some apps are respecting their explicit preferences around data sharing. The data transfer also presents an issue for the location data companies themselves. Many claim to be collecting data with consent, and by extension, in line with privacy regulations. But Huq was seemingly not aware of the issue when contacted by Motherboard for comment, showing that location data firms harvesting and selling his data may not even know whether they are actually getting this data with consent or not.

…In recent years, both Apple and Google have given users more control over which permissions they give to specific apps. In the case of Huq, the Android-level permissions to allow or block Huq-affiliated apps access to GPS data are working as expected, but settings within the apps include options for opting-out of that location data then being shared with others. These app-level data sharing opt-outs are being ignored, according to the AppCensus’ and Motherboard’s tests.

Huq is based in the UK and claims to collect and process over one billion mobility events every day, and says it sources that data from 161 different countries, according to the company’s website. Like many other firms in the location industry, Huq sells access to or products based upon that harvested location data to a range of different sectors, including local governments, financial investors, retail, and real-estate, its website adds. An article from the Financial Times published earlier this month about UK drivers flocking to petrol stations used data from Huq.

Huq obtains this data by paying app developers to include its software development kit (SDK) in apps, a bundle of code that transfers location data to Huq. Huq sources data from both iOS and Android devices.


Frameworks and SDKs are a terrible source of infiltration. It’s where the web is at its least trustworthy.
unique link to this extract

Police arrest 150 suspects after closure of dark web’s largest illegal marketplace • The Verge

James Vincent:


A 10-month investigation following the closure of the dark web’s largest illegal marketplace, DarkMarket, has resulted in the arrest of 150 suspected drug vendors and buyers.

DarkMarket was taken offline earlier this year as part of an international operation. The site boasted some 500,000 users and facilitated around 320,000 transactions, reports the EU’s law enforcement agency, Europol, with clientele buying and selling everything from malware and stolen credit card information, to weapons and drugs. When German authorities arrested the site’s alleged operator in January this year, they also seized valuable evidence of transactions which led to this week’s arrest of key players.

According to the US Department of Justice and Europol, Operation Dark HunTor saw law enforcement make numerous arrests in the United States (65), Germany (47), the United Kingdom (24), Italy (4), the Netherlands (4), France, (3), Switzerland (2), and Bulgaria (1). More than $31.6m in cash and cryptocurrencies were seized during the arrests, as well 45 firearms and roughly 234kg of drugs including cocaine, opioids, amphetamine, MDMA, and fentanyl. According to the DoJ: “A number of investigations are still ongoing.”

As part of the operation, Italian authorities also shut down two other dark web marketplaces — DeepSea and Berlusconi — arresting four alleged administrators and seizing €3.6m ($4.17m) in cryptocurrency.


unique link to this extract

Photoshop’s journey to the web •

Thomas Nattestad and Nabeel Al-Shamma:


Adobe previously brought Spark and Lightroom to the web and had been interested in bringing Photoshop to the web for many years. However, they were blocked by the performance limitations of JavaScript, the absence of a good compile target for their code, and the lack of web capabilities. Read on to learn what Chrome built in the browser to solve these problems.

WebAssembly and its C++ toolchain Emscripten have been the key to unlocking Photoshop’s ability to come to the web, as it meant that Adobe would not have to start from scratch, but could leverage their existing Photoshop codebase. WebAssembly is a portable binary instruction set shipping in all browsers that was designed as a compilation target for programming languages. This means that applications such as Photoshop that are written in C++ can be ported directly to the web without requiring a rewrite in JavaScript. To get started porting yourself, check out the full Emscripten documentation, or follow this guided example of how to port a library.

Emscripten is a fully-featured toolchain that not only helps you compile your C++ to Wasm, but provides a translation layer that turns POSIX API calls into web API calls and even converts OpenGL into WebGL. For example, you can port applications that reference the local filesystem and Emscripten will provide an emulated file system to maintain functionality.


It quickly gets complicated, as you see, but the TL;DR is that Google, through Chrome, has worked very hard to make it possible to run Photoshop on Chrome. Only Chrome (and clones) so far, and probably for a while; would Apple have much interest in not having Photoshop as an installable app on the Mac? Google, meanwhile, would love Photoshop to run on Chromebooks.
unique link to this extract

SpaceX’s latest engineering challenge: a leaky toilet • The New York Times

Joey Roulette:


[SpaceX’s] Crew Dragon has more interior space than a minivan, but less than a studio apartment, and there is no proper bathroom. Instead, it has a device on its ceiling that astronauts use to relieve themselves — remember, there’s no up or down in microgravity. The device creates suction using an internal fan, crucial to ensuring human waste goes in the right direction in the weightlessness of space. Some officials vaguely said the toilet problem involved the fan, prompting even more questions.

A closely held secret no more.

A tube that funnels urine into a tank broke loose during the Inspiration4 mission and leaked into the fan, which sprayed the urine in an enclosed area beneath Crew Dragon’s floor, Bill Gerstenmaier, a SpaceX official who once oversaw human spaceflight for NASA, told reporters on Monday night. He said the four passengers didn’t notice anything was wrong during the mission.

“We didn’t really even notice it, the crew didn’t even notice it, until we got back,” Mr. Gerstenmaier said. “When we got the vehicle back, we looked under the floor and saw the fact that there was contamination underneath the floor of Inspiration4.”

SpaceX completed a fix for the toilet aboard the capsule being used for Sunday’s launch. The redesign means there are no tubes that could come “unglued” as they did during the Inspiration4 flight, Mr. Gerstenmaier said. NASA is expected to sign off on the new design on Friday.
But the toilet predicaments haven’t stopped there. Another Crew Dragon capsule that docked to the space station in April with four astronauts aboard has the same plumbing system as the Inspiration4 capsule. SpaceX engineers feared the same “contamination” might have occurred on that spacecraft.

The engineers’ suspicions were correct.

NASA astronauts living on the station snaked a borescope device — a cable with a tiny camera at the end — underneath the capsule’s floor and discovered traces of urine in places it shouldn’t be, Mr. Gerstenmaier said.


Grim. But also the sort of thing that will kill you on a longer journey – say, to Mars. Or even the Moon. The followup to hubris can be pretty horrible.
unique link to this extract

Possible leak of private keys · Issue #103 · ehn-dcc-development/hcert-spec • GitHub

Emanuel Elaface:


On various groups (Telegram mainly) are circulating several forged Green Pass with valid signature, I attach two here.

— image redacted – available from the security team —

— image redacted – available from the security team —

I verified with my application and found that these two certificates are signed with the keys corresponding to these two public keys…

…There is the possibility that a database of private keys is compromised and this may ends up in a break of the chain of trust in the Green Pass architecture. I am not sure to who this should be reported, so I write this here.


These would be the private keys required to create Covid passports valid Europe-wide. Looks like that’s stuffed then.
unique link to this extract

Why it could be a good idea to ditch your running watch • CNN

Lauren Kent:


recent studies show that obsessively tracking fitness metrics can lead to negative mindsets and outcomes.

“There is certainly evidence out there that people are becoming obsessed by it – people who used to have an interest in their sport and got enjoyment out of the sport, but now that’s switching to the data,” said Eoin Whelan, a senior lecturer in business information systems at the National University of Ireland. His research explores the psychology behind engagement with social media and fitness tracking apps.

“People are getting more enjoyment out of gathering the data and analyzing that and sharing it with other people,” Whelan told CNN, adding that there is a big element of social comparison for those who use fitness tracking apps. “People will compare themselves to people who are better than them, who are running faster or running longer. And ultimately we know that makes them feel bad.”

Whelan also noted that people who are very reliant on smartwatches, fitness trackers or fitness apps are more likely to skip their workout if the batteries on their tracking device are dead.

“It’s like we can’t interpret our own body signals. We are becoming very dependent on the technology to actually do that for us,” Whelan said. “Some of the athletes that I coach, you can ask them a simple question like ‘how did you sleep last night?’ and they can’t answer unless they look at the data.”

It’s not all negative, though. Whelan’s research also shows there are many upsides to using fitness trackers. In fact, some runners gain motivation by comparing themselves to others, or they build online communities that help them reach their goals. So ditching the data might not be best for everyone.


We’re compelled to rank ourselves in things that matter to us; this is just another example. And, numbers!
unique link to this extract

Errata, corrigenda and ai no corrida: none notified

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

1 thought on “Start Up No.1668: Facebook knew of political ad risk, adtech’s new watchers, phones leaked GPS after opt-out, SpaceX’s leaky toilet, and more

  1. Regarding photoshop and chrome books. You’re completely correct that it’s considered an important win for google as in our kids photography class (in Middle School in which they use chrome books a lot), Photoshop is considered the standard tool for the class, much to my surprise. I thought they would use a cheaper, less complex tool (and don’t get me started on the UX/UI of Google Classroom. It’s a nightmare.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.