Start Up No.1864: US police’s surveillance via ads, edit your tweets (at a price), Alexa’s money for poo, DALL•E albums, and more

Floppy disks are still mandatory for some processes in Japan’s government – a fact that is going to change, finally. CC-licensed photo by frankieleonfrankieleon on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 9 links for you. Of limited capacity. I’m @charlesarthur on Twitter. Observations and links welcome.

Tech tool offers police ‘mass surveillance on a budget’ • AP News

Garance Burke and Jason Dearen:


Local law enforcement agencies from suburban Southern California to rural North Carolina have been using an obscure cellphone tracking tool, at times without search warrants, that gives them the power to follow people’s movements months back in time, according to public records and internal emails obtained by The Associated Press.

Police have used “Fog Reveal” to search hundreds of billions of records from 250 million mobile devices, and harnessed the data to create location analyses known among law enforcement as “patterns of life,” according to thousands of pages of records about the company.

Sold by Virginia-based Fog Data Science LLC, Fog Reveal has been used since at least 2018 in criminal investigations ranging from the murder of a nurse in Arkansas to tracing the movements of a potential participant in the Jan. 6 insurrection at the Capitol. The tool is rarely, if ever, mentioned in court records, something that defense attorneys say makes it harder for them to properly defend their clients in cases in which the technology was used.

The company was developed by two former high-ranking Department of Homeland Security officials under former President George W. Bush. It relies on advertising identification numbers, which Fog officials say are culled from popular cellphone apps such as Waze, Starbucks and hundreds of others that target ads based on a person’s movements and interests, according to police emails. That information is then sold to companies like Fog.

“It’s sort of a mass surveillance program on a budget,” said Bennett Cyphers, a special adviser at the Electronic Frontier Foundation, a digital privacy rights advocacy group.

…Because of the secrecy surrounding Fog, however, there are scant details about its use and most law enforcement agencies won’t discuss it, raising concerns among privacy advocates that it violates the Fourth Amendment to the U.S. Constitution, which protects against unreasonable search and seizure.


This is using advertising IDs – which in theory means that Apple’s ATT will stop it. More on Fog at the EFF’s site.
unique link to this extract

Twitter unveils an Edit button, finally • The New York Times

Kate Conger:


On Thursday, after countless pleas from many of its more than 237 million users, some people will start being able to click a button on the social media service to edit a tweet after they have posted it. It has been only about 15 years, nine months and 22 days since they started asking for that ability.

Since Twitter was unveiled in 2006, the basics of using it have been simple and constant: You wrote a tweet, you posted it — and then you dealt with the consequences. There were no take-backs on the timeline.

That makes the edit button perhaps the biggest shift at the social media service since 2017, when Twitter increased the character limit for messages to 280 characters from 140.

Twitter’s commitment to first drafts made it a destination for online brawls and hot takes. But people have often regretted their choice of words, or noticed a misspelling just after posting a tweet.

As Twitter grew from a niche service to a global platform, more users began demanding a way to edit their posts. They complained. They begged. They raged. Some made typos in their tweets asking for an edit button to correct their typos.

Even Elon Musk, the billionaire who has been locked in a battle over whether to stick with a $44 billion deal to buy Twitter, has seemed to favor an edit button.

Twitter didn’t budge.

The company argued that there was something noble in leaving mistakes on display. A nefarious user could change a tweet after it had already been shared widely, swapping a benign message for a misleading one. Someone who had retweeted a statement might miss the update, inadvertently broadcasting a tweet that the person no longer agreed with.

But more recently, Twitter began reconsidering an edit button as it tried to expand its service by attracting people who might be more careful with their words.


All sorts of questions about the implementation (which is only for Twitter Blue subscribers) – is each edit a new tweet (so the edit trail is like a thread)? Why isn’t the fact of the edit more prominent? How easy is it to read back through the edits?

And can I get an Edit button for my life? That’s the logical next step, I think.
unique link to this extract

With NAFO, the North Atlantic Fellas Organization, Ukraine turns the trolls on Russia • The Washington Post

Adam Taylor:


More than six months in, the war in Ukraine has become a little surreal. This past weekend, Ukraine’s Defense Ministry shared a doctored photograph of a Shiba Inu dog wearing a military uniform, apparently gushing over the site of a missile launch.
“Today we want to give a shout-out to a unique entity,” the tweet read, before pointing to an unusually named group — the North Atlantic Fellas Organization.

If you are the sort of person who gets your news from, say, a newspaper website, you may have little idea what NAFO is. But if you’re the sort of person who has spent the last six months scouring Twitter for news about the war in Ukraine, signing up for obscure Telegram accounts and reading accounts of the latest Ukrainian strikes on Russia on blogs devoted to open-source intelligence (OSINT) … well, it’s quite likely you’re already a fella yourself.

For the former, let’s explain. Over recent months, Ukraine-sympathetic internet users have come together to support Kyiv’s war effort. The Shiba Inu is a distinctive dog breed from Japan, which for over a decade, has been a recurrent motif in internet culture. You may recognize it as a “doge,” beloved of Elon Musk and millions of other internet users.

Vice’s Motherboard dates the use of Shiba Inu as a “fella” fighting the war in Ukraine to May, when an artist named Kama began creating custom images of the “fellas” for those who donated money to the Georgian Legion — a volunteer military unit in Ukraine that took on board many foreigners. “Out of boredom, I started making other Fellas and imprinting them on random images from Ukraine,” Kama told Motherboard earlier this summer.

The movement went on to have a landmark moment in June, when Russian diplomat Mikhail Ulyanov got into an argument with a “fella” over threats to civilians. Ulyanov, Russia’s ambassador to international organizations in Vienna and a vocal advocate for Russia’s position on social media, made the mistake of responding to a NAFO member.


I mean.. OK? Won’t change the direction of a single bullet, a single bomb, and yet some folk feel it’s worth doing. Better than not supporting Ukraine, I suppose.
unique link to this extract

How one-time passcodes became a corporate liability • Krebs on Security

Brian Krebs:


In mid-June 2022, a flood of SMS phishing messages began targeting employees at commercial staffing firms that provide customer support and outsourcing to thousands of companies. The missives asked users to click a link and log in at a phishing page that mimicked their employer’s Okta authentication page. Those who submitted credentials were then prompted to provide the one-time password needed for multi-factor authentication.

The phishers behind this scheme used newly-registered domains that often included the name of the target company, and sent text messages urging employees to click on links to these domains to view information about a pending change in their work schedule.

The phishing sites leveraged a Telegram instant message bot to forward any submitted credentials in real-time, allowing the attackers to use the phished username, password and one-time code to log in as that employee at the real employer website. But because of the way the bot was configured, it was possible for security researchers to capture the information being sent by victims to the public Telegram server.

This data trove was first reported by security researchers at Singapore-based Group-IB, which dubbed the campaign “0ktapus” for the attackers targeting organizations using identity management tools from

“This case is of interest because despite using low-skill methods it was able to compromise a large number of well-known organizations,” Group-IB wrote. “Furthermore, once the attackers compromised an organization they were quickly able to pivot and launch subsequent supply chain attacks, indicating that the attack was planned carefully in advance.”

It’s not clear how many of these phishing text messages were sent out, but the Telegram bot data reviewed by KrebsOnSecurity shows they generated nearly 10,000 replies over approximately two months of sporadic SMS phishing attacks targeting more than a hundred companies.


Yubikeys and/or on-phone authentication apps. How hard is it to tell people about this? Perhaps if there are thousands of them it’s a question of scale. (Thanks tbw for the link.)
unique link to this extract

When kids yell “poop” at Alexa, these people profit • Buzzfeed News

Katie Notopoulos:


There are many topics that my 5-year-old and I don’t see eye to eye on: how many popsicles per day is reasonable or the virtues of sleeping past 7:30 a.m. on a Sunday. But there is one area where we are in philosophical lockstep: “Poop” is a funny word. So when my son commanded our Amazon Echo Dot, “Alexa…play poopy diaper,” I shot him a faux-stern look that indicated this isn’t appropriate, but I’ll allow it.

And when Alexa replied, “OK, playing ‘Poopy Diaper’ from Spotify,” I was intrigued. When the voice robot creation of one of the richest men on the planet started playing a thumping techno banger with a soaring chorus of a woman vocalist signing, “I’ve got a poopy diaper, a poopy diaper, that’s me,” I descended into hyperventilating eye-watering laughter.

As it turns out, there are quite a few songs that will fill Alexa requests for the whole gamut of things a kindergartener might dream up: poop, diapers, dog poop, stinky butt, farts.

It’s not surprising that there are songs about the most basic of human functions — what is the point of art if not to unite us through shared feeling? But connecting these songs with their ideal audience (children who can’t yet spell) took a technological leap: voice-enabled smart speakers like Alexa. Several of the songs’ creators told BuzzFeed News that their biggest source of revenue by a landslide is Amazon Music — the default music player for Alexa. When it comes to these novelty artists, the evidence is clear: The word “poop” translates to streaming gold.


There is really no end to peoples’ ingenuity. Millions of streams, tens of thousands of dollars in streaming revenue!
unique link to this extract

Japan to change laws that require use of floppy disks • The Register

Simon Sharwood:


Japan’s digital minister Taro Kono has pledged to rip up laws that require floppy disks and CD-ROMs to be used when sending data to the nation’s government.

The news emerged on Tuesday at Japan’s 5th Digital Society Concept Conference, where a strategy for future digital government services was outlined. Japan appears set to go down the well-worn road of issuing a national ID – called MyNumber in this instance – to its people so that they can access various government services.

But because such services by their nature involve uploading data to government agencies, the minister initiated a review of laws governing that process of submitting information. That effort found more than 1,900 regulations that stipulate how data can be shared with government – and many require the use of floppy disks or CD-ROMs. Newfangled techniques such as uploading info via the internet are not described, so are technically not permitted.

Kono pledged to rewrite those regulations, ASAP, so that Japan’s digital plan can proceed unhindered.

He’s not the first to try give Japan a dose of digital transformation. In 2021 former prime minister Yoshihide Suga promised to reduce reliance on the use of seals and fax machines. But Suga’s time in the top job was short and his digital agenda was not delivered.


This is terrible news for the floppy disk manufacturers in the world (which I suspect are all Japanese).
unique link to this extract

Mississippi crisis highlights climate threat to drinking water nationwide • The New York Times

Christopher Flavelle, Rick Rojas, Jim Tankersley and Jack Healy:


In cities like Jackson [in the state of Mississippi], those problems [of ageing infrastructure] are further compounded by demographic and economic changes. A shrinking population means the costs of maintenance are spread across fewer ratepayers, increasing the pressure on officials to delay upgrades. And those residents who remain may have lower incomes, making it even harder to raise rates, Dr. Stillwell said.

Then, on top of all that, comes climate change, bringing more intense storms — weather catastrophes on a scale that drinking water infrastructure, along with every other part of a city’s infrastructure, was never designed to cope with, even if those water systems had been properly maintained.

In eastern Kentucky, 5,000 customers are still being asked to boil their water a month after flash floods tore through their towns. While water connections have been almost fully restored, about 80 customers still do not have water turned back on.

One of those houses in the community of River Caney belongs to Justina Salyers’s parents, whose living room and kitchen were gutted when floodwaters swamped their first floor. Her parents and their neighbors are using 275-gallon portable tanks to store water, and some are even trying to revive moldering old wells that have sat untouched for decades.

“They can’t flush the toilets. They can’t bathe. They’re working in dirt and mud, and they have no water,” Ms. Salyers said.

In the 90-person city of Buckhorn, Ky., Mayor Thomas Burns Jr. is among the residents still under a boil-water advisory, but he said people are just glad to have the taps back on. He said the floods did an estimated $1 million in damage to the water systems — far more than Buckhorn could shoulder without state or federal help.

“We’ve ignored our infrastructure,” he said. “It’s scary. We take this thing about fresh water for granted.”


unique link to this extract

I recreated famous album covers with DALL-E • Lucy Talks Data


With the newly acquired access I set out to scratch my own itch.
I wanted to know whether DALL-E would be able to recreate famous album covers.

Before we dive into the results, I’ll list the albums that I sought to recreate:

• The Velvet Underground & Nico – The Velvet Underground & Nico
• Pink Floyd – The Dark Side of the Moon
• Pink Floyd – Wish You Were Here
• Nirvana – Nevermind
• The Rolling Stones – Sticky Fingers (inside sleeve cover)
• The Beatles – Abbey Road


Quite an insight into the difficulty of finding just the right text prompt to generate a specific picture. But very often when you’re working with Dall-E you aren’t aiming to recreate, you’re aiming to create, so this is a slightly unusual approach.
unique link to this extract

Wind farm contract delay diverts £1bn in savings from consumers • The Times

Emily Gosden:


Consumers could miss out on more than a billion pounds of energy bill savings from the world’s biggest offshore wind farm after its owner delayed a contract to provide cheap power from the project.

The Hornsea Two wind farm, capable of supplying 1.4 million homes, is fully operational, Orsted said yesterday. The Danish energy group said that the project 55 miles off the coast of Yorkshire would “provide low-cost, clean energy for millions of homes”.

However, households will not see any benefit from its promised low-cost power until April next year and will not get the full benefit until April 2024 because of Orsted’s decision to delay the contract.

Orsted said the delay was so that it could guarantee its revenues further into the future and that it would not benefit financially from high prices in the meantime because of its hedging arrangements. However, traders or other companies potentially could profit.

The company won its contract from the government in 2017 to provide power from the farm to households and businesses for 15 years at what was then a record low price, today worth £73.71 per megawatt-hour. Under the contract, when wholesale prices are higher than this, Orsted would pay the difference back to consumers. This would entail big savings at present wholesale power prices, which have increased to more than £400/MWh.

The contract was due to begin for the first phase of the project in April this year and for the remaining two phases in April next year. However, Orsted opted last summer to delay all the contract start dates by a year.

…Orsted does not know who bought its power. Experts say it is possible it was bought by big business consumers locking in cheap prices or by suppliers offering cheap fixed-price deals; it also may have been bought by traders or other energy companies that could now sell it on to consumers at much higher prices.


Seems that the government was sloppy in not having a more enforceable contract? The implication is that Orsted was sneaky or unfaithful. But business is business.
unique link to this extract

• Why do social networks drive us a little mad?
• Why does angry content seem to dominate what we see?
• How much of a role do algorithms play in affecting what we see and do online?
• What can we do about it?
• Did Facebook have any inkling of what was coming in Myanmar in 2016?

Read Social Warming, my latest book, and find answers – and more.

Errata, corrigenda and ai no corrida: none notified

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.