Start Up No.1867: KiwiFarms gone (again), Putin’s war chip shortage, US stymies China chip plans, fake science’s paper mills, and more

What can you hide in a pair of socks? What about controls for a chess computer, so you can cheat? CC-licensed photo by star athena on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 9 links for you. Unpaired. I’m @charlesarthur on Twitter. Observations and links welcome.

The chips are down: Putin scrambles for high-tech parts as his arsenal goes up in smoke • POLITICO

Zoya Sheftalovich and Laurens Cerulus:


Kyiv is acutely aware that the outcome of the war is likely to hinge on whether Russia finds a way to regain access to high-tech chips, and is out to ensure it doesn’t get them. In order to flag the danger, Ukraine is sending out international warnings that the Kremlin has drawn up shopping lists of semiconductors, transformers, connectors, casings, transistors, insulators and other components, most made by companies in the U.S., Germany, the Netherlands, the U.K., Taiwan and Japan, among others, which it needs to fuel its war effort.

The message is clear: Don’t let the Russians get their hands on this gadgetry.

POLITICO has seen one of the Russian lists, which is divided into three priority categories, from the most critical components to the least. It even includes the price per item that Moscow expects to pay, down to the last kopeck. While POLITICO could not independently verify the provenance of the list, two experts in military supply chains confirmed it was in line with other research findings about Russia’s military equipment and needs.

At first glance, Russia shouldn’t be able to acquire the most sensitive tech on the lists. With only very basic domestic technology, the Kremlin has relied on key players in the US, the EU and Japan for semiconductors as suppliers over the past years and these should be out of grasp thanks to sanctions. The difficulty would emerge in whether an intermediary country such as China were to buy technologies, then sell them on to Moscow. In extreme cases, Russians appear to be clawing chips out of household appliances like fridges.

Ukrainian Prime Minister Denys Shmyhal stressed the war had come to an inflection point where the technological edge was proving decisive. “According to our information, Russians have already spent almost half … of their weaponry arsenal,” he told POLITICO.

He added that Ukraine estimated that Russia was down to just “four dozen” hypersonic missiles. “These are the ones that have precision and accuracy due to the microchips that they have. But because of sanctions imposed on Russia, the deliveries of this high-tech microchip equipment … have stopped and they have no way of replenishing these stocks.”


unique link to this extract

As an ex-Uber executive heads to trial, the security community reels • The New York Times

Kashmir Hill and Kellen Browning:


it came as a shock to many in the community when [Joe] Sullivan was fired by Uber in 2017 [from his job as chief of computer security], accused of mishandling a security incident the year before. Despite the scandal, Mr. Sullivan got a new job as chief of security at Cloudflare, an internet infrastructure company.

But the investigation into the incident at Uber continued, and in 2020, the same prosecutor’s office where Mr. Sullivan had worked decades earlier charged him with two felonies, in what is believed to be the first time a company executive has faced potential criminal liability for an alleged data breach. Mr. Sullivan has pleaded not guilty to the charges.

…Chief information security officers, or CISOs, are responsible for ensuring that their companies’ data remains safe from hackers and fraudsters, a high-stakes job that has become increasingly tricky.
In the past year or so alone, T-Mobile, Planned Parenthood and the NFT marketplace OpenSea have been hacked. Perfect security is impossible, and now CISOs are wondering what happens if — or rather when — they fail. If Mr. Sullivan is convicted, they worry the outcome could set a precedent for who is at fault for a data breach. Could they be left holding the bag?

Mr. Sullivan learned that hackers had secured access to the personal data of about 600,000 Uber drivers and some personal information associated with 57 million riders and drivers. He’s accused of directing them to the company’s bug bounty program, handing out $100,000 in bitcoin and getting them to sign NDAs.

Ms. Guttmann, who is now an adviser to venture capital firms and startups, said Mr. Sullivan’s case had made her think more about the problem of ransomware, when hackers encrypt a company’s files and demand payment, usually in cryptocurrency, to release them. A 2021 survey indicated that many companies pay the ransom.

“Six years from now, will all of them be prosecuted?” she asked.


unique link to this extract

4.2 gigabytes, or: how to draw anything – ⌨️🤷🏻‍♂️📷

Andy Baio, concluding a demonstration of how to use the Stable Diffusion package to generate an AI illustration:


4.2 gigabytes.

That’s the size of the model that has made this recent explosion possible.

4.2 gigabytes of floating points that somehow encode so much of what we know.

Yes, I’m waxing poetic here. No, I am not heralding the arrival of AGI, or our AI overlords. I am simply admiring the beauty of it, while it is fresh and new.

Because it won’t be fresh and new for long. This thing I’m feeling is not much different from how I felt using email for the first time – “Grandma got my message already? In Florida? In seconds?” It was the nearest thing to magic my child-self had ever seen. Now email is the most boring and mundane part of my day.

There is already much talk about practical uses. Malicious uses. Downplaying. Up playing. Biases. Monetization. Democratization – which is really just monetization with a more marketable name.

I’m not trying to get into any of that here. I’m just thinking about those 4.2 gigabytes. How small it seems, in today’s terms. Such a little bundle that holds so much.

How many images, both real photos and fictional art, were crammed through the auto-encoder, that narrower and narrower funnel of information, until some sort of meaning was distilled from them? How many times must a model be taught to de-noise an image until it understands what makes a tiger different from a leopard? I guess now we know.


And there’s a generation growing up for whom this will be the most natural thing in the world. This coming term’s university entrants never knew a world without Facebook or Instagram, for example.
unique link to this extract

A website is a street corner • Garbage Day

Ryan Broderick on the doubletalk around KiwiFarms:


In another blog post from last week, [Cloudflare CEO Matthew] Prince said that Cloudflare’s security services, many of which are free and are used by an estimated 20% of the entire internet, should be thought of as a utility. “Just as the telephone company doesn’t terminate your line if you say awful, racist, bigoted things, we have concluded in consultation with politicians, policy makers, and experts that turning off security services because we think what you publish is despicable is the wrong policy,” Prince wrote.

Which is a good line. I’m sure people who are old enough to remember when telephones weren’t computers love it. But I’m not really sure it works here. Telephones are not publishing platforms, nor are they searchable public records. Comparing a message board that has around nine million visitors a month to someone saying something racist on the telephone is, actually, nuts.

…Websites are not similar to telephones. They are not even similar to books or magazines. They are street corners, they are billboards, they are parks, they are shopping malls, they are spaces where people congregate. Just because you cannot see the (hopefully) tens of thousands of other people reading this blog post right now doesn’t mean they’re not there. And that is doubly true for a user-generated content platform. And regardless of the right to free speech and the right to assemble guaranteed in America, if the crowd you bring together in a physical space starts to threaten people, even if they’re doing it in the periphery of your audience, the private security company you hired as crowd control no longer has to support you. To me, it’s honestly just that simple.


I always enjoy how Broderick cuts through the junk and fluff. His Garbage Day email is essential reading.
unique link to this extract

Latest US chip curbs deliver setback to China’s AI ambitions • WSJ

Liza Lin and Dan Strumpf:


US restrictions on sales of Nvidia Corp.’s high-end processors to China throw a wrench in Beijing’s ambitions to lead in artificial intelligence, as Chinese officials accused the US of monopolising advanced technologies.

The curbs cut off China’s biggest tech companies from some of the world’s most advanced chips. Nvidia’s affected customers include Alibaba Group, the internet giant that operates China’s largest cloud service business, and Tencent, the gaming and social media behemoth. Both sell cloud services powered by Nvidia chips that are capable of crunching huge amounts of data for advanced applications from autonomous factories to video processing.

“This is a big step by the US because it is targeting high performance processors that are mainly used for commercial applications,” said Handel Jones, chief executive of consulting firm International Business Strategies Inc.

Nvidia, the world’s largest chip maker by market value, said Wednesday that new US rules barring the sale without a license of the advanced chips to Chinese customers would cost it $400m in sales. It said it may have to transition some of its operations out of China.

Nvidia shares fell more than 11% midday Thursday. Other chip makers also retreated. Shares in Advanced Micro Devices Inc., which said it was also affected by the license requirement though didn’t expect a material impact, were down more than 6%.

The US Commerce Department, which handles export restrictions, has declined to comment on changes to its policy but said the action was aimed at preventing China from acquiring American technology to advance its military.


The US is clearly very, very worried about China getting sufficiently advanced chipmaking capability that it doesn’t need TSMC. As Ben Thompson points out in Stratechery, once that happens then China can attack, invade or blockade Taiwan with impunity. Then things get very concerning, because it puts China ahead of the rest of the world. That’s what the US is looking to forestall.
unique link to this extract

Cheating at chess with a computer for my shoes • Incoherency

James Stanley:


I have come up with a new way to win at chess: I have connected up a Raspberry Pi Zero in my pocket to some buttons and vibration motors in my shoes, so that I can surreptitiously communicate with a chess engine running on the Pi. The project is called “Sockfish” because it’s a way to operate Stockfish with your socks.

The feet are ideal for this sort of thing, because they’re the only part of your body that has any sensible degree of dexterity while still being invisible to casual observers.

There is prior art for phones taped to legs and some sort of TV remote control (?) and lots of cases of just going to the toilet and looking at chess positions on phones, but I think Sockfish may be the first hands-free method that does not require third-party assistance.

Each shoe insert has two force-sensing resistors and one vibration motor. The force-sensing resistors are used as buttons to allow me to input my opponent’s moves. The vibration motors are used for haptic feedback of accepted button presses, and to communicate the engine’s moves to me so that I can play them on the board.

On Tuesday evening I finally had a chance to deploy Sockfish in a real game against an unsuspecting opponent! Owen is quite a bit better at chess than I am. I talked him into playing a game with time control of 15 minutes per side, which is longer than the blitz & bullet that we normally play, but necessary to give me enough time to type the moves with my feet.

Owen was very confused about why it took me 20 seconds of intense concentration to decide on my very first move. He eventually surmised that I must have “revised” and was concentrating hard to make sure I remembered the theory. In actual fact I was concentrating very hard to make sure I understood Sockfish’s outputs correctly and gave my inputs correctly! I found that I concentrated much harder operating Sockfish than I do when I’m playing chess the hard way. Maybe I’d play better if I concentrated harder.

It was all going well until we reached a position where Sockfish was telling me to make an illegal move.


It’s quite weird (and clearly, difficult) but the fact that someone could cheat like this in a tournament is something to think about.
unique link to this extract

The fight against fake-paper factories that churn out sham science • Nature

Holly Else and Richard Van Noorden:


When Laura Fisher noticed striking similarities between research papers submitted to RSC Advances, she grew suspicious. None of the papers had authors or institutions in common, but their charts and titles looked alarmingly similar, says Fisher, the executive editor at the journal. “I was determined to try to get to the bottom of what was going on.”

A year later, in January 2021, Fisher retracted 68 papers from the journal, and editors at two other Royal Society of Chemistry (RSC) titles retracted one each over similar suspicions; 15 are still under investigation. Fisher had found what seemed to be the products of paper mills: companies that churn out fake scientific manuscripts to order. All the papers came from authors at Chinese hospitals. The journals’ publisher, the RSC in London, announced in a statement that it had been the victim of what it believed to be “the systemic production of falsified research”.

What was surprising about this was not the paper-mill activity itself: research-integrity sleuths have repeatedly warned that some scientists buy papers from third-party firms to help their careers. Rather, it was extraordinary that a publisher had publicly announced something that journals generally keep quiet about. “We believe that it is a paper mill, so we want to be open and transparent,” Fisher says.

The RSC wasn’t alone, its statement added: “We are one of a number of publishers to have been affected by such activity.” Since last January, journals have retracted at least 370 papers that have been publicly linked to paper mills, an analysis by Nature has found, and many more retractions are expected to follow.


China, Iran and Russia are fingered in this. Medical journals particularly, because getting published there is necessary for promotion, but physicians might not have the time to research or write the paper.
unique link to this extract

The quantum computing bubble • Financial Times

Nikita Gourianov is a physicist at Oxford university who works with computational quantum physics:


Billions of dollars have poured into the [quantum computing] field in recent years, culminating with the public market debuts of prominent quantum computing companies like IonQ, Rigetti and D-Wave through 2021’s favourite frothy market phenomenon, special purpose acquisition vehicles (Spacs).

These three jointly still have a market capitalisation of $3bn, but combined expected sales of about $32mn this year (and about $150mn of net losses), according to Refinitiv.

The reality is that none of these companies — or any other quantum computing firm, for that matter — are actually earning any real money. The little revenue they generate mostly comes from consulting missions aimed at teaching other companies about “how quantum computers will help their business”, as opposed to genuinely harnessing any advantages that quantum computers have over classical computers.

The simple reason for this is that despite years of effort nobody has yet come close to building a quantum machine that is actually capable of solving practical problems. The current devices are so error-prone that any information one tries to process with them will almost instantly degenerate into noise. The problem only grows worse if the computer is scaled up (ie, the number of “qubits” increased).

A convincing strategy for overcoming these errors has not yet been demonstrated, making it unclear as to when — if ever — it will become possible to build a large-scale, fault-tolerant quantum computer. Yet according to the evangelists, we are apparently in the middle of a Quantum Moore’s Law (aka “Rose’s Law”, after D-Wave founder Geordie Rose) analogous to the microchip revolution of the 1970s — 2010s.

Another fundamental issue is that it is unclear what commercially-useful problems can even be solved with quantum computers — if any.


Sure, you can try using them to factor large numbers (aka breaking cryptography), but, he points out, “the commonly forgotten caveat here is that there are many alternative cryptographic schemes that are not vulnerable to quantum computers.”

I’ve been following quantum computing for about 30 years. Like fusion, it’s one of those “big promise, little product” things.
unique link to this extract

The Endless Drum Beating • KiwiFarms

Null (who operates KiwiFarms), writing on 5 September:


DDoS Mitigation: DDoS-Guard will drop us dropped us while I was writing this post. This meme about Russia being a free country is a joke. The US is a free country, but with no stewards to protect it. Without the US, there is no second best. I did not expect Cloudflare to crumple so quickly and I don’t have a Plan C for DDoS mitigation.

Resource Allocation: I own IP addresses. Our IP allocation is from APNIC. APNIC is one of the 5 private companies which allocate Internet resources around the world. APNIC happens to be based out of Australia, which recently passed draconian censorship laws. There is an effort to get our RIR to revoke our allocation. This would be unprecedented in the history of the Internet, and considering China is in APNIC’s region, an absolutely horrific standard which will echo throughout the upcoming decades. There is a non-zero chance of this happening.

Hosting: We have one host and I am looking at two more. It is likely that the host will give up too. The two hosts confident they can handle the Kiwi Farms are probably wrong. DDoS-Guard was confident they could handle the Kiwi Farms and said “bring it on” for less than 24 hours.

This is an organized attack. There is a coalition of criminals trying to frame the forum for their behavior. These criminals provide opportunities for professional victims to amplify their message. Journalists canonize the crimes as the behavior of the forum itself, which becomes the effective truth for the general public.


Just rummaging around here for the world’s tiniest violin – seems to have slipped down between the cushions. You run a forum that doxes and encourages harassment, and whose denizens have an absolute sense of self-righteousness about what they’re doing, and when the consequences come home you’re surprised?

He ends with “I do not see a situation where the Kiwi Farms is simply allowed to operate. It will either become a fractured shell of itself, like 8chan, or jump between hosts and domain names like [Nazi site] Daily Stormer.”

I’d call that a win for civilisation and society. (It’s also been removed from the Internet Archive.)
unique link to this extract

• Why do social networks drive us a little mad?
• Why does angry content seem to dominate what we see?
• How much of a role do algorithms play in affecting what we see and do online?
• What can we do about it?
• Did Facebook have any inkling of what was coming in Myanmar in 2016?

Read Social Warming, my latest book, and find answers – and more.

Errata, corrigenda and ai no corrida: none notified

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.