Start Up No.1727: inside a ransomware gang, how Casio revolutionised reggae, Denmark’s Covid forecast success, and more

The US transport safety agency is forcing Tesla to get its self-driving cars to obey the Stop sign – which you might think they would do already. CC-licensed photo by thecrazyfilmgirl on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 9 links for you. Not available on Clubhouse. I’m @charlesarthur on Twitter. Observations and links welcome.

Inside Trickbot, Russia’s notorious ransomware gang • WIRED

Matt Burgess:


when the phones and computer networks went down at Ridgeview Medical Center’s three hospitals on October 24, 2020, the medical group resorted to a Facebook post to warn its patients about the disruption. One local volunteer-run fire department said ambulances were being diverted to other hospitals; officials reported patients and staff were safe. The downtime at the Minnesota medical facilities was no technical glitch; reports quickly linked the activity to one of Russia’s most notorious ransomware gangs.

Thousands of miles away, just two days later members of the Trickbot cybercrime group privately gloated over what easy targets hospitals and health care providers make. “You see, how fast, hospitals and centers reply,” Target, a key member of the Russia-linked malware gang, boasted in messages to one of their colleagues. The exchange is included in previously unreported documents, seen by WIRED, that consist of hundreds of messages sent between Trickbot members and detail the inner workings of the notorious hacking group. “Answers from the rest, [take] days. And from the ridge immediately the answer flew in,” Target wrote.

As Target typed, members of Trickbot were in the middle of launching a huge wave of ransomware attacks against hospitals across the United States. Their aim: to force hospitals busy responding to the surging Covid-19 pandemic to quickly pay ransoms.


Remarkable work getting all the inside info, the structure and how it works. It’s both more organised and more skanky than you expect.
unique link to this extract

Okuda Hiroko: the Casio employee behind the “Sleng Teng” riddim that revolutionized reggae •

Hashino Yukinori:


“Under Mi Sleng Teng,” by Jamaican singer Wayne Smith, is one of the milestones in the history of Jamaican popular music. Written by Smith and his friend Noel Davy, the pioneering dancehall classic was made using a Casio electronic keyboard. The song immediately became a smash hit when it was released in 1985, and its optimistic digital sound and addictive beat soon took the world by storm.

The rhythm section has always formed the backbone of reggae music. In modern styles, the drums and bass provide the distinctive “riddims” or backing over which a DJ or singer overdubs a vocal. It is common for numerous artists to make their own “versions” (vocal interpretations) of popular riddims, building original songs around the same basic rhythmical pattern. The “Sleng Teng” riddim, named after the song in which it was first used, has now inspired as many as 450 different songs. The riddim played a key role in bringing Jamaican music into the digital era, and is known as one of the “monster riddims” that ushered in the golden age of the dancehall era.

Today, 35 years after the original song was released, the conventional version of reggae history holds that the “father” of the riddim was Wayne Smith and his producer at the Jammy’s label in Jamaica. In fact, the history of the riddim goes back further than Smith and his collaborators. It was originally a preset rhythm pattern programmed into the Casiotone MT-40, released in 1981. It was this preset that Smith and his friends used as the basic building block for their revolutionary song.

In other words, Casio, familiar to millions as the maker of the calculators used in classrooms and offices around the world, played midwife to Jamaican digital dancehall. Even more remarkably, the preset track that became the Sleng Teng riddim was the work of a young developer who was still in her first year with the company.

For years, her story has been the stuff of legend among aficionados of Jamaican music. But little has been known of Okuda’s background, and her face has never appeared in media interviews. Now, 40 years on from the original release of the MT-40, Okuda Hiroko has finally cast aside her veil of secrecy and consented to an interview.


OK, I’d never heard of it, but the crossover is too delicious to miss. (Listen on Apple Music, or if you prefer on Spotify.)
unique link to this extract

What does “trust in media” even mean? • Medium

Elizabeth Spiers on the large amount of anti-vaxx content on Substack, some of it on “Substack Pro” (which subsidises and promotes writers):


Substack takes a different position [on content moderation], and one that’s even more mind-boggling: that allowing for the publication of disinformation helps people trust the media more. Yes, more. Not less.

Their argument, as articulated in a post by the founders, is that deciding what can and can’t be said on their platform undermines trust in the media. This presumes gatekeeping is the problem, and conflates trust with satisfaction. It utterly misunderstands (in a self-serving way, in my opinion) what the trust problem is, and why it exists…

…Substack’s rationale is so bizarre and maybe even a little Orwellian. It’s probably true that giving people the lies they want makes them trust you more. But that is not the kind of trust that journalists are looking to build. It’s a trust that is indistinguishable from customer satisfaction and has nothing at all to do with truth. And for the news media at least, publishing truth is the entire mandate.

It’s also worth noting that good journalistic work does not inherently build trust, either. One theory for why trust in the media went down precipitously after Watergate is that overall trust in institutions went down. Watergate is perhaps the most well known journalistic success story of the 20th century, so by the logic that journalistic success enhances trust, it should have gone up.

In general, trust in the media often parallels trust in other institutions. Do people trust government? Their educational systems? Who do they believe is regularly lying to them? (Note that vaccine hesitancy is also driven in part by increased distrust of pharmaceutical companies, for example, which is not totally irrational given the opioid epidemic and increasing awareness of who’s responsible for it.)

The problem of how to rebuild trust in media organizations that cover news is multifaceted, and the answer is not just do better journalism, or publish more diverse viewpoints. Across the ecosystem there is access to better journalism on more topics and a more diverse array of opinions than there has been in any point in modern history simply because the barriers to entry for publication are so low.

But I have to hand it to Substack: this is definitely the first time I’ve ever seen anyone suggest, with whatever passes for a straight face in pixels, that the answer is tolerating the publication of lies.


unique link to this extract

Filippo Bernardini: the alleged book thief behind a bizarre publishing-industry mystery • The New Republic

Alex Shephard on the guy who (allegedly) phished authors and publishers to get advance copies of books:


Perhaps the most compelling thing about Bernardini’s plot is how plainly inexplicable it was. The project was an elaborate contraption that took zeal and organizational effort to construct; at the same time the scope of his ambitions was so comically modest that it hardly seemed a worthwhile undertaking. The fact that the pieces of the puzzle don’t quite come together to form a coherent whole has fueled an added layer of speculation from those who have seen the “How” of Bernardini’s machinations but can’t quite grasp the “Why.”

Some have speculated that Bernardini was attempting to use his collection of stolen manuscripts to somehow boost his career as a translator. He had been actively pitching his services to publishers in Italy—where he had previously published translations of works from Chinese and Korean—offering expertise in several languages. Translation can be a tough market to break into; it’s also not an especially lucrative one, to say the least. One of the strategies for advancing in this field is to attach yourself to a rising star. Bernardini, in this interpretation, was looking for such an author in his pile of obscurities, hoping it would provide him with the means to get a leg-up in a competitive field. 

“You don’t have to steal most of this stuff. You literally couldn’t pay people to give you books fast enough.”
If this theory bears out, it might provide an answer to one of this mystery’s biggest questions. Even though the FBI insisted in its statement that “publishers do all they can to protect … unpublished pieces because of their value,” anyone who has spent any time in proximity to the industry knows that this is absurd. Publishers are constantly sending unpublished works to reviewers, booksellers, and other industry figures; often shifting hundreds, or even thousands, of manuscripts in this fashion. In more than a decade of writing on and working in the publishing industry I can count on one hand the times I was told that I couldn’t receive a book that hadn’t yet been published.


I think all of this is overthinking it. Given how tiny some of the readerships are, I think the thief is simply someone who enjoyed the thrill of the chase and trophy. What he ended up with wasn’t that important; getting a buzz out of successful phishing was. Some people troll on social media; he cast his hook in the world where he worked.
unique link to this extract

The hidden drought in China’s subtropics • Sixth Tone

Yuan Ye:


Li Kuo, a researcher at the Chinese Academy of Agricultural Sciences, told Sixth Tone that successive months of drought in the East River basin should be seen as an extreme weather pattern influenced by climate change.

The wider Pearl River Delta region is an example of what happens when extreme economic growth comes up against limits imposed by climate change. Its cities have planned their futures assuming water supplies based on weather patterns that no longer hold.

Manufacturing hub Dongguan, for example, gets most of its water from reservoirs and streams fed by precipitation. But rising temperatures have left the watersheds of the rivers Dongguan relies on drier and less dependable, according to Lin Kairong, professor of water resources at Guangzhou’s Sun Yat-Sen University.

Its countless factories have left much of Dongguan’s water sources too polluted to use for tap water. As a result, the city’s 10 million residents have a per person water availability of just 217 cubic meters a year, according to government data — much less than 500 cubic meters, the amount considered by the United Nations to indicate “absolute scarcity.” Amid the drought, the city has rationed water for industrial users.

Provincial officials are looking for new water to tap by investing in infrastructure such as dams, water treatment plants, and water transfer projects. The biggest project on the books, costing an estimated 35.4 billion yuan ($5.56 billion), is a diversion of the West River to supply some of the thirstiest cities. The project is moving ahead despite objections from environmental groups, and, once complete in 2024, it is expected to alleviate water scarcity in Guangzhou, Dongguan, and Shenzhen, as well as provide backup supplies to Hong Kong.

Huang [Guoru, a hydraulic engineering professor in Guangdong in the south of China] told Sixth Tone that he had previously considered it unnecessary to spend so much money on the water transfer project. But droughts in recent years have changed his mind.


unique link to this extract

Why were Denmark’s Covid models better than England’s? • Unherd

Freddie Sayers:


what is the explanation for this huge difference [in projected hospitalisations from the Covid omicron variant] with the Danish modellers?

One idea might be that the Danes paid better attention to the real-world data coming out of South Africa at the time that Omicron was intrinsically much milder than Delta. On 17th December Neil Ferguson’s group at Imperial produced a meta-study that concluded that there was “no evidence of Omicron having lower severity than Delta.” Even at the time this felt like a bizarre finding, and evidence now seems to suggest something closer to 10%-20% of the severity of Delta. So that was overly cautious, we now can say for sure, bad information.

However, both the UK modelling groups and the Danish group produced a range of scenarios with different severities, and both used the 50% mid-point as most likely. So that doesn’t explain the difference.

Dr [Camilla] Holton-Møller [chair of the Expert Group for Mathematical Modelling at Denmark’s public health agency ‘Statens Serum Institut] suggested two other variables that might explain it.

The first was the attention the Danish groups paid to behavioural changes that weren’t mandated. In other words, from their observations over the course of the pandemic, people moderate their behaviour at times of high case numbers even if they are not forced to by the Government.

“In our country we had put in some assumptions about people also changing their behaviour, so when cases go up you actually see population behaviour change. That has been one of the key figures in our model… that put a lid at the top of our model. ”

The British scientists, even a year and a half after the pandemic began, seem unwilling to consider this crucial factor. The discussion paper for the Warwick model admits that, while unmandated behaviour change is “highly likely… such dynamic changes are beyond the current capacity of this model.”


It is indeed odd that the modellers haven’t managed to figure out how to do this, after three sets of measures.
unique link to this extract

BlackBerry sells mobile and messaging patents for $600m • Ars Technica

Ron Amadeo:


BlackBerry is adding another sad chapter to the downfall of its smartphone business. Today, the company announced a sale of its prized patent portfolio for $600m. The buyer is “Catapult IP Innovations Inc.,” a new company BlackBerry describes as “a special purpose vehicle formed to acquire the BlackBerry patent assets.”

BlackBerry says the patents are for “mobile devices, messaging and wireless networking.” These are the patents surrounding BlackBerry’s phones, QWERTY keyboards, and BlackBerry Messenger (BBM). BlackBerry most recently weaponized these patents (which covered ideas like muting a message thread and displaying notifications as a numeric icon badge) against Facebook Messenger in 2018. That was nothing new for BlackBerry, which is a veteran of the original smartphone patent wars. Back when BlackBerry was still called RIM, it went after companies like Handspring and Good Technology in the early 2000s.

If the name “Catapult IP Innovations” didn’t give it away, weaponizing BlackBerry patents is the most obvious outcome of this deal. According to the press release, Catapult’s funding for the $600m deal is just a $450m loan, which will immediately be given to BlackBerry in cash. The remaining $150m is a promissory note with the first payment due in three years. That means Catapult is now a new company with a huge amount of debt, no products, and no cash flow. Assuming the plan isn’t to instantly go bankrupt, Catapult needs to start monetizing BlackBerry’s patents somehow, which presumably means suing everyone it believes is in violation of its newly acquired assets.


How jolly, the patent wars have a new contender.
unique link to this extract

The battle for the world’s most powerful cyberweapon • The New York Times

Ronen Bergman and Mark Mazetti:


Ever since the 2013 revelations by Edward Snowden, a former National Security Agency contractor, about U.S. government surveillance of American citizens, few debates in this country have been more fraught than those over the proper scope of domestic spying. Questions about the balance between privacy and security took on new urgency with the parallel development of smartphones and spyware that could be used to scoop up the terabytes of information those phones generate every day. Israel, wary of angering Americans by abetting the efforts of other countries to spy on the United States, had required NSO to program Pegasus so it was incapable of targeting US numbers. This prevented its foreign clients from spying on Americans. But it also prevented Americans from spying on Americans.

NSO had recently offered the FBI a workaround. During a presentation to officials in Washington, the company demonstrated a new system, called Phantom, that could hack any number in the United States that the FBI decided to target. Israel had granted a special license to NSO, one that permitted its Phantom system to attack US numbers. The license allowed for only one type of client: US government agencies. A slick brochure put together for potential customers by NSO’s US subsidiary, first published by Vice, says that Phantom allows American law enforcement and spy agencies to get intelligence “by extracting and monitoring crucial data from mobile devices.” It is an “independent solution” that requires no cooperation from AT&T, Verizon, Apple or Google. The system, it says, will “turn your target’s smartphone into an intelligence gold mine.”

The Phantom presentation triggered a discussion among government lawyers at the Justice Department and the FBI that lasted two years, across two presidential administrations, centering on a basic question: could deploying Phantom inside the United States run afoul of long-established wiretapping laws? As the lawyers debated, the FBI renewed the contract for the Pegasus system and ran up fees to NSO of approximately $5m. During this time, NSO engineers were in frequent contact with FBI employees, asking about the various technological details that could change the legal implications of an attack.


This feels like a technology that becomes so valuable to “our” side that they ensure it will not fall into “enemy” hands. Rather like the German rocket scientists after the Second World War who were snapped up by the US and Russia.
unique link to this extract

Tesla to disable ‘rolling stop’ feature after NHTSA says it can ‘increase the risk of a crash’ • The Verge

James Vincent:


Tesla is disabling a self-driving feature in nearly 54,000 vehicles that can prompt cars to autonomously perform a “rolling stop” — a manoeuvre in which the vehicle moves slowly through a stop sign without coming to a full stop.

As per a safety recall notice issued by the US National Highway Traffic Safety Administration (NHTSA), the consequence of this feature is that “failing to stop at a stop sign can increase the risk of a crash.”

The change will be made as an over-the-air software update to Model S, X, 3, and Y vehicles using the beta version of Tesla’s “Full Self-Driving” driver-assist feature, release 2020.40.4.10 or newer. (Referring to such software as “self-driving” has become somewhat controversial in the car industry, with other firms distancing themselves from the term over fears it implies a greater degree of control on the part of the software.)

The NHTSA says Tesla introduced the rolling stop functionality last October “in the limited early access FSD Beta population.” As part of these limited updates, Tesla let drivers select different “profiles” for their cars’ self-driving features. Drivers could choose between “Chill,” “Average,” and “Assertive” modes. The last category was accompanied with a warning that the vehicle may “perform more frequent lane changes, will not exit passing lanes, and may perform rolling stops.” It’s not clear if these driver profiles will be completely removed, or if only the rolling stop feature in the “Assertive” mode will be disabled.


So in short “rolling stop at a Stop sign” is “not stopping at a Stop sign”. Good to get that clear. If only American drivers could be introduced to roundabouts.
unique link to this extract

Errata, corrigenda and ai no corrida: none notified

• Why do social networks drive us a little mad?
• Why does angry content seem to dominate what we see?
• How much of a role do algorithms play in affecting what we see and do online?
• What can we do about it?
• Did Facebook have any inkling of what was coming in Myanmar in 2016?

Social Warming, my latest book, and find answers – and more.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.