Cranes like these, made by China ZPMC, are suspected of having backdoor modems for malicious use. CC-licensed photo by Jane Nearing on Flickr.
You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.
There’s another post coming this week at the Social Warming Substack on Friday at 0845 UK time. Free signup.
A selection of 10 links for you. Oh, just calling home. I’m @charlesarthur on Twitter. On Threads: charles_arthur. On Mastodon: https://newsie.social/@charlesarthur. Observations and links welcome.
TikTok’s fate now lies with the Senate • The Verge
Lauren Feiner:
»
The fate of TikTok in the US now lies with the Senate after House lawmakers voted overwhelmingly to pass a bill that would ban the app unless Chinese parent company ByteDance sells it.
President Joe Biden has already said he would sign the bill, the Protecting Americans from Foreign Adversary Controlled Applications Act, if both chambers advance it.
But even though the bill sailed through the House only about a week after it was first introduced, the Senate will present a whole different set of challenges.
To start, there’s no companion bill yet, so the legislation is barely at the start line in that chamber. And even if one is introduced, Senate rules could make it tricky to maintain enough support (60 out of 100 members) to clear it. Just one senator can put a hold on legislation to keep it from advancing quickly.
Sen. Rand Paul (R-KY) has indicated he could be willing to do just that. He told The Washington Post prior to the House vote that he would block any bill he believed to violate the Constitution and said Congress shouldn’t “be trying to take away the First Amendment rights of [170] million Americans.”
A long legal process could leave room for doubts — and lobbying money — to seep in. Consider the splashy introduction of the RESTRICT Act — another attempt to ban TikTok — in the Senate last year just before TikTok CEO Shou Chew testified in the House. Despite early excitement about the measure, it slowly fell off the radar as opponents lodged their critiques. Ultimately, it failed to move through the chamber.
«
As usual, America’s sclerotic political system inches towards action. It’s basically the same thing that Donald Trump wanted to do, except that was a complete mess which included favouring his mates. (And Trump now opposes it – perhaps because he’s been promised lots of foreign money.)
unique link to this extract
Espionage probe finds communications device on Chinese cranes at US ports • WSJ
Dustin Volz:
»
Over a dozen cellular modems were found on crane components in use at one US port, and another modem was found inside another port’s server room, according to a committee aide. Some of the modems had active connections to operational components to the cranes, the aide said.
While it isn’t unusual for modems to be installed on cranes to remotely monitor operations and track maintenance, it appears that at least some of the ports using the ZPMC-made equipment hadn’t asked for that capability, according to congressional investigators and documents seen by The Wall Street Journal. One port with modems told lawmakers in a December letter that it was aware of their existence on the cranes, but couldn’t explain why they were installed.
ZPMC, a Chinese state-owned company, didn’t respond to requests for comment. Liu Pengyu, a spokesman at the Chinese embassy in Washington, didn’t address specific questions about the modems but said claims that China-made cranes pose a national-security risk to the U.S. is “entirely paranoia” and amounted to “abusing national power to obstruct normal economic and trade cooperation.”
Concerns about ZPMC’s cranes have been building steadily in Washington for years. In 2021, the Federal Bureau of Investigation found intelligence-gathering equipment on board a ship that was transporting cranes into the Baltimore port, the Journal previously reported.
Last month, the Biden administration announced it would invest more than $20bn over the next five years to replace foreign-built cranes with U.S.-manufactured ones. The money will go toward supporting the building of cranes by a US subsidiary of Mitsui, a Japanese company…
«
‘Tis the season for suspicion about Chinese-originating communications systems.
unique link to this extract
EU votes to ban riskiest forms of AI and impose restrictions on others • Ars Technica
Jon Brodkin:
»
The European Parliament on Wednesday voted to approve the Artificial Intelligence Act, which will ban uses of AI “that pose unacceptable risks” and impose regulations on less risky types of AI.
“The new rules ban certain AI applications that threaten citizens’ rights, including biometric categorisation systems based on sensitive characteristics and untargeted scraping of facial images from the Internet or CCTV footage to create facial recognition databases,” a European Parliament announcement today said. “Emotion recognition in the workplace and schools, social scoring, predictive policing (when it is based solely on profiling a person or assessing their characteristics), and AI that manipulates human behavior or exploits people’s vulnerabilities will also be forbidden.”
The ban on certain AI applications provides for penalties of up to 35 million euros or 7% of a firm’s “total worldwide annual turnover for the preceding financial year, whichever is higher.” Violations of other provisions have lower penalties.
There are exemptions to allow law enforcement use of remote biometric identification systems in certain cases.
«
You can read the EP’s summary.
unique link to this extract
State of subscription apps 2024 • RevenueCat
RevenueCat provides in-app subscription SDKs and integrations for all sorts of apps, from tiny to giant. It’s been doing this annual report for quite a while:
»
Key insights
• 1.7% of downloads turned into paying subscribers in their first 30 days, which is slightly up from last report. The difference between lower quartile (.6%) and upper quartile (4.2%) remains striking.
• The top 5% of newly launched apps generate over 200x more revenue than the bottom quartile does, 12 months after launch.
• The average Realized LTV [lifetime value] per download in North America, 14 days in, is 4x the global average at $0.35 compared to $0.08. A multiple that exists both on the App Store, as well as on Google Play.
• Share of monthly subscribers retained after 12 months dropped by ~14% last year, across categories and impacting both the best and worst performers alike.
• Over 10% of churned monthly subscribers re-subscribe within 12 months, with categories like Media & Entertainment seeing even higher reactivation rates.
«
Lots of fascinating stuff about subscription apps, which feel like they’re everywhere. The suggestion is that they mostly don’t make money.
unique link to this extract
Nimby Watch: the Green Party’s solar problem • CapX
Jonn Elledge:
»
Take Rutland councillor Rick Wilson. When he narrowly won the Ryhall & Casterton by-election in March 2022, he credited his victory to his opposition to two things. One, inevitably, was a plan to build more homes (650 of them, but that sort of NIMBYism is barely worth even noting any more). The other was the Mallard Pass Solar Farm, which will cover 4.2km2 of agricultural land immediately next to the East Coast Mainline.
This, one might think, sounds like a pretty good place to put a facility which will generate clean and renewable energy, but Wilson – who is, let’s remember, a Green – told Lincolnshire Online that while ‘we do need renewable energy… there are other green initiatives we can pursue and there are more suitable locations’. The Mallard Pass Action Group, incidentally, has a brilliantly pithy slogan: ‘YES to solar, NO to Mallard Pass’. To put that another way: yes to building things, no to doing it in my backyard.
And this happens with unnerving frequency – so much so that last June the BBC did a whole piece looking at why.
In 2023, 25-year-old Frank Adlington-Stringer became the first Green to be elected to North East Derbyshire District Council. Two years earlier, he’d written an article explaining that, while he supports solar farms in principle, he objects to building them in his area in practice. His argument was that, “we shouldn’t be exchanging green energy for green spaces”, a stance which I’m sure will have global warming retreating in terror any day now.
In doing this, he was echoing the local Green Party’s recent campaign against solar panels in Hastings Country Park. This was not, as Julia Hilton, also later elected councillor, reassured us, a “Nimby argument” – it was merely that this particular site was “not compatible with a solar farm, which would industrialise this very precious landscape habitat”.
The precious landscape habitat being? Fields.
«
Don’t like nuclear, don’t like solar.. something’s rubbish in the Green Party.
unique link to this extract
Can AI shorten PC replacement cycles? Dell seems to think so • The Register
Paul Kunert:
»
AI could be the mechanism to shorten notebook replacement cycles, according to the chief financial officer at Dell.
Talking at the Morgan Stanley Technology, Media and Telecom 2024 conference last week, Dell exec Yvonne McGill pointed out that the PC industry has just emerged from eight straight quarters of shrinking shipments.
“We’ve been in the longest digestion cycle … in the history of PCs, and so we know it’s back-to-back years of double-digit decline, pretty amazing, never seen before results. But it’s time for a refresh, right?” she asked the interviewer and the audience.
The drivers for that refresh – which Dell, HP, and others are banking on beginning later this year – include Windows 10 going end-of-life in 19 months and on-device generative AI, though McGill admitted “that’s less of a driver right now.”
Cutting through some of the hype around the emerging class of client devices, Morgan Stanley’s interviewer mused: “When should we think about the real use cases to drive adoption [of AI PCs]? There’s some skepticism.”
The Dell exec responded by trying to define an AI PC as one with an neural processing unit (NPU) or a specialized GPU. Likewise, Intel said it thinks AI PCs are those with the company’s latest CPUs.
«
Suspect that an AI PC will quickly be defined as “whatever helps us put the price up”.
unique link to this extract
Boeing says overwriting video footage of airplane’s door plug standard • Axios
Andrew Childers:
»
Boeing overwrote security camera footage of repair work on the door plug of an Alaska Airlines 737-9 plane that failed during a flight in January, federal inspectors said Wednesday.
The National Transportation Safety Board said in a letter to the Senate Committee on Commerce, Science, and Transportation that the missing footage is hampering its investigation into the accident. “To date, we still do not know who performed the work to open, reinstall, and close the door plug on the accident aircraft,” the agency said.
NTSB said it has been unable to interview the door crew manager at the Renton, Washington facility because he is out on medical leave. The agency in the letter stressed that it is not seeking to interview the workers that did the repairs for any punitive means but instead to learn about Boeing’s quality assurance process.
Alaska Airlines Flight 1282 safely returned to Portland International Airport just minutes after takeoff in January after part of the fuselage flew off at 16,000 feet for yet-unclear reasons.
“We will continue supporting this investigation in the transparent and proactive fashion we have supported all regulatory inquiries into this accident,” Boeing said in an emailed statement.
…When asked about the overwritten footage, Boeing responded: “Consistent with standard practice, video recordings are maintained on a rolling 30 day basis.”
«
The work on the plane was done in September. Will the NTSB start requiring Boeing to store tapes for a year? But it’s a bit weird that it doesn’t know who was where on which days. That’s a surprisingly lax approach to factory work where lives depend on the result.
unique link to this extract
Algorithms hijacked my generation. I fear for Gen Alpha • After Babel
Freya India:
»
Let’s say you were born in the year 1999 so Instagram comes out when you are 12. Back then it was fairly benign: a platform to share pretty sunsets and candid pictures with friends. A few years in, the editing app FaceTune arrives (launched in 2014), and everyone on your feed starts to look perfect. You start editing yourself—smoothing your skin, reshaping your nose, restructuring your jaw. By the time you’re 16, your Instagram face is very different from your natural face, which you’ve come to despise.
And then the algorithms are introduced: your feed is no longer chronological but customized (launched in 2016 for IG). Instagram now serves you not just photos of the friends you follow but of influencers––beautiful women from all over the world, selecting the ones that make you feel the most insecure. You, with fuller lips! You, with a microscopic waist!! Soon you get ads to fix your flaws: Botox; fillers; Brazilian Butt Lifts! By the time TikTok comes out you’re 18, and your feed tracks you even faster. Hate your nose? Try this editing app. Not enough? Try this video editing app. Want it in real life? Nose jobs near you! Suddenly you’re in your 20s and you’ve transformed your style, your face, maybe even your body. And yet you are still insecure. You still hate how you look. And every day your feeds flash on with “This is your sign to get a nose job!” “The earlier you start Botox the better!” “Get ready with me for a Brazilian butt lift!”
In this way, for many girls, this rewiring of their self-image, this pressure to alter their appearance, happened without them realizing it. It was gradual. Subtle. Drip-fed.
And where have we ended up? With record rates of cosmetic surgeries, from buccal fat removal to lip fillers to liposuction, and younger clients than ever before. With young women asking plastic surgeons to make them look like Snapchat filters. With 14-year-olds obsessing over wrinkles and a surge in teenagers seeking Botox. Plus rising rates of facial dysmorphia, body dysmorphia and eating disorders.
Algorithms act like conveyor belts. Show even the slightest interest, fear, or insecurity about anything—hover over it for half a second—and you will be drawn in deeper. Little by little, the algorithm learns what keeps you watching.
«
Scary but accurate. “Instagram Face” is definitely a thing.
unique link to this extract
Massively popular safe locks have secret backdoor codes • 404 Media
Joseph Cox:
»
Two of the biggest manufacturers of locks used in commercial safes have been accused of essentially putting backdoors in at least some of their products in a new letter by Senator Ron Wyden. Wyden is urging the US government to explicitly warn the public about the vulnerabilities, which Wyden says could be exploited by foreign adversaries to steal what US businesses store in safes, such as trade secrets.
The little known “manufacturer” or “manager” reset codes could let third parties—such as spies or criminals—bypass locks without the owner’s consent and are sometimes not disclosed to customers. Wyden’s office also found that while the U.S. Department of Defense (DoD) bans such locks for sensitive and classified US government use in part due to the security vulnerability reset codes pose, the government has deliberately not warned the public about the existence of these backdoors.
The specific companies named in Wyden’s letter are China-based SECURAM and US-based Sargent and Greenleaf (S&G). Each produces keypad locks which are then implemented into safes by other manufacturers. The full list of locks that contain backdoor codes is unknown, but documentation available online points to multiple SECURAM products which do include them, and S&G confirmed to Wyden’s office that some of its own locks also have similar codes.
«
That’s “locks” as in “electronic locks”. I guess that such codes would be needed in, for example, hotels that offer guests in-room safes where you can set your own combination. What if a guest goes away having left the safe locked, or, equally, locks themself out of their safe? Backdoor code to the rescue.
Of course you might not feel like that if you have a big-ass safe that you don’t want people breaking in to. Such codes, inevitably, must leak once their existence is known. (Of course the question is how much this is like demanding backdoors for encryption.)
unique link to this extract
Man finds out migraines caused by brain tapeworms; undercooked bacon may be culprit • NBC News
Katherine Itoh:
»
A man was hospitalized with worsening migraines only to find out they were caused by parasitic tapeworm larvae in his brain — and researchers believe he was infected by eating undercooked bacon.
The unidentified 52-year-old American man consulted doctors about changes in his usual migraines over four months, according to a study in the American Journal of Case Reports published Thursday. The migraines became more frequent, severe and unresponsive to medication.
The patient was admitted to the hospital for testing. CT scans revealed numerous cystic foci, which are fluid-filled sacs in the brain. Cysticercosis cyst antibody tests returned positive, and the man was diagnosed with neurocysticercosis, the study said.
Neurocysticercosis is a form of the parasitic tissue infection caused by larval cysts of the pork tapeworm found in the brain, the Centers for Disease Control and Prevention says.
«
Oh, but that isn’t the best part of this nightmare. The actual paper, when you read it, suggests that the undercooked bacon would have led to tapeworm infection in his gut. But then poor handwashing would have led to a faecal-oral ingestion of the eggs which then led to the brain cysts.
So: cook your bacon and wash your hands.
unique link to this extract
| • Why do social networks drive us a little mad? • Why does angry content seem to dominate what we see? • How much of a role do algorithms play in affecting what we see and do online? • What can we do about it? • Did Facebook have any inkling of what was coming in Myanmar in 2016? Read Social Warming, my latest book, and find answers – and more. |
Errata, corrigenda and ai no corrida: none notified
The Overspill: when there's more that I want to say 