There’s a move away from touchscreens as a general user interface for specific tasks in cars and even phones. CC-licensed photo by JC on Flickr.
You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.
There’s another post coming this week at the Social Warming Substack on Friday at 0845 UK time. Free signup.
A selection of 9 links for you. Untouchable. I’m @charlesarthur on Twitter. On Threads: charles_arthur. On Mastodon: https://newsie.social/@charlesarthur. Observations and links welcome.
A network of AI ‘Nudify’ sites are a front for notorious Russian hackers • 404 Media
Joseph Cox:
»
Multiple sites which promise to use AI to ‘nudify’ any photos uploaded are actually designed to infect users with powerful credential stealing malware, according to new findings from a cybersecurity company which has analyzed the sites. The researchers also believe the sites are run by Fin7, a notorious Russian cybercrime group that has previously even set up fake penetration testing services to trick people into hacking real victims on their behalf.
The news indicates that services for producing AI-generated nonconsensual intimate content are becoming enticing enough that hackers feel it is worth the time and effort to build fake versions they can then use to hack people. The news also shows that Fin7 is alive despite the U.S. Department of Justice saying last year that “Fin7 as an entity is no more.”
Hostinger, the domain registrar for most of the fake nudify sites, blocked the domains after 404 Media sent it a list of questions earlier this week. 404 Media also found that one of the Fin7-run sites was included one of the web’s biggest porn site aggregators, potentially putting many people who stumbled across the site at risk.
“The deepfake AI software may have an audience of mostly men with a decent amount who use other AI software or have crypto accounts,” Zach Edwards, senior threat analyst at cybersecurity firm Silent Push, told 404 Media in an online chat.
«
Honeytraps: old ploy, modern method.
unique link to this extract
Staying a step ahead: mitigating the DPRK IT worker threat • Google Cloud Blog
Codi Starks, Michael Barnhart, Taylor Long, Mike Lombardi, Joseph Pisano, and Alice Revelli:
»
UNC5267 is not a traditional, centralized threat group. IT workers consist of individuals sent by the North Korean government to live primarily in China and Russia, with smaller numbers in Africa and Southeast Asia. Their mission is to secure lucrative jobs within Western companies, especially those in the US tech sector.
UNC5267 gains initial access through the use of stolen identities to apply for various positions or are brought in as a contractor. UNC5267 operators have primarily applied for positions that offer 100% remote work. Mandiant observed the operators engaging in work of varying complexity and difficulty spanning disparate fields and sectors. It is not uncommon for a DPRK IT worker to be working multiple jobs at once, pulling in multiple salaries on a monthly basis. One American facilitator working with the IT workers compromised more than 60 identities of US persons, impacted more than 300 US companies, and resulted in at least $6.8m of revenue to be generated for the overseas IT workers from in or around October 2020 until October 2023.
…Mandiant has identified a substantial number of DPRK IT worker resumes used to apply for remote positions. In one resume from a suspected IT worker, the email address—previously observed in IT worker-related activities—was also linked to a fabricated software engineer profile hosted on Netlify, a platform often used for quickly creating and deploying websites. The profile claimed proficiency in multiple programming languages and included fake testimonials with stolen images from high-ranking professionals, likely stolen from CEOs, directors, and other software engineers’ LinkedIn profiles.
…To accomplish their duties, UNC5267 often remotely accesses victim company laptops situated within a laptop farm. These laptop farms are typically staffed with a single facilitator who is paid monthly to host numerous devices in one location. Mandiant has identified evidence that these laptops are often connected to an IP-based Keyboard Video Mouse (KVM) device, although a recurring theme across these incidents is the installation of multiple remote management tools on victim corporate laptops immediately following shipment to the farm. These indicate that the individual is connecting to their corporate system remotely via the internet, and may not be geographically located in the city, state, or even country in which they report to reside.
«
They’re also not very good at the programming jobs. Which shouldn’t surprise you. But able to work multiple jobs at once? Impressive!
unique link to this extract
Touch screens are over. Even Apple is bringing back buttons • WSJ
Christopher Mims:
»
The tyranny of touch screens may be coming to an end.
Companies have spent nearly two decades cramming ever more functions onto tappable, swipeable displays. Now buttons, knobs, sliders and other physical controls are making a comeback in vehicles, appliances and personal electronics.
In cars, the widely emulated ultra-minimalism of Tesla’s touch-screen-centric control panels is giving way to actual buttons, knobs and toggles in new models from Kia, BMW’s Mini, and Volkswagen, among others. This trend is delighting reviewers and making the display-focused interiors of Tesla and its imitators feel passé.
Similar re-buttonization is occurring in everything from e-readers to induction stoves.
Perhaps the most prominent exponent of this button boom is the company that set us lurching toward touch screens in the first place. Apple added a third button it calls the “action button” to its full slate of new iPhone 16s unveiled this month, after introducing the feature on its upscale Apple Watch Ultra and Pro-model iPhones over the past couple of years. It also added a button-like “camera control” input on the iPhone’s side.
As Apple shows, companies aren’t just rediscovering buttons, they’re reconceiving them. The camera control includes touch features, and the company has also developed the “force sensor” that enables its AirPods to respond when you squeeze their stems.
«
Pendulum swings are probably more common in technology than we realise. Unbundle! Then: bundle again! Make things modular! Then… make things integrated! Replace buttons with touchscreens! Then.. actually, buttons work better while we still have fingers.
unique link to this extract
BBC confronts neo-Nazi who gave UK rioters arson tips • BBC News
Ed Thomas:
»
The BBC has confronted a neo-Nazi in Finland who shared online instructions on how to commit arson with UK rioters during the summer.
The 20-year-old was an administrator in the Southport Wake Up group on the Telegram messaging app, where he was known as “Mr AG”. He posted the arson manual, which was pinned to the top of the group chat.
In late July and early August, the group was key in helping to organise and provoke protests that turned to violence in England and Northern Ireland.
We tracked Mr AG – whose real name is Charles-Emmanuel Mikko Rasanen – to an apartment on the outskirts of the Finnish capital, Helsinki. It was from here, more than 1,000 miles away from Southport, that the neo-Nazi took a prominent online role during the UK riots.
On 29 July, within hours of the killings of three young girls at a Taylor Swift-themed dance class in Southport, the Southport Wake Up group was created. Within days it had grown to more than 14,000 members. Mr Rasanen – or Mr AG as he was known online – helped to run the group chat.
The group organised the very first protest in the UK, on St Luke’s Road in Southport, the day after the killings. That protest later turned into a riot. Before the group was taken down by Telegram, a series of other protest locations were advertised, as well as a list of dozens of refugee centres, suggested as potential targets.
…The BBC travelled to Finland to confront Mr Rasanen – we had previously emailed him. He refused to answer any of our questions, but did not deny sending the posts or being an administrator of the Southport Wake Up group.
Before we left him, he also accused the BBC of harassment and rang the police.
«
Totally weird: he’s a mixed-race Finn who celebrates Hitler. Neat work tracking him down, which seems to have been done by Finnish investigative journalists: very Girl With The Dragon Tattoo of them.
unique link to this extract
More than 9,000 scam Facebook pages deleted after Australians lose $43.4m to celebrity deepfakes • The Guardian
Josh Taylor:
»
Australians could see fewer deepfake images of celebrities being hauled off in handcuffs, or promoting a fraudulent cryptocurrency investment on Facebook, after Meta launched a new one-stop shop for banks to share information on scams that has blocked 8,000 pages and 9,000 celebrity scams in its first six months of operation.
From January to August 2024, Australians reported $43.4m in losses from scams on social media to Scamwatch, with close to $30m relating to fake investment scams.
Meta, the parent company of Facebook and Instagram, has faced pressure from politicians and regulators in the past few years to tackle the plague of scams featuring deepfake images of public figures such as David Koch, Gina Rinehart, Anthony Albanese, Larry Emdur, Guy Sebastian and others which are used to promote investment scams.
The company is being sued by the mining magnate Andrew Forrest over the company’s alleged failure to tackle scams using his image.
Meta announced on Wednesday it had partnered with the Australian Financial Crimes Exchange (AFCX) to launch the Fraud Intelligence Reciprocal Exchange (Fire) that provides a dedicated reporting channel for scams between Meta and financial providers of the victims of the scams.
…Since launching a pilot in April, there have been 102 reports, resulting in Meta removing more than 9,000 scam pages, and 8,000 AI-generated celebrity investment scams on Facebook and Instagram.
«
Those celebrity fake ads are all over Twitter, but I doubt that they’re going to be taken down with anything like the same alacrity. It’s hardly worth celebrities suing Twitter, since it will just tie them up in court, and Musk has more money than they do. No obvious solution if the platform doesn’t see it as important.
unique link to this extract
The coolest thing about smart glasses is not the AR. It’s the AI • MIT Technology Review
Mat Honan:
»
when I tried Snap’s new Spectacles a couple of weeks ago, I was less taken by the ability to simulate a golf green in the living room than I was with the way I could look out on the horizon, ask Snap’s AI agent about the tall ship I saw in the distance, and have it not only identify it but give me a brief description of it. Similarly, in The Verge Alex Heath notes that the most impressive part of Meta’s Orion demo was when he looked at a set of ingredients and the glasses told him what they were and how to make a smoothie out of them.
The killer feature of Orion or other glasses won’t be AR Ping-Pong games—batting an invisible ball around with the palm of your hand is just goofy. But the ability to use multimodal AI to better understand, interact with, and just get more out of the world around you without getting sucked into a screen? That’s amazing.
And really, that’s always been the appeal. At least to me. Back in 2013, when I was writing about Google Glass, what was most revolutionary about that extremely nascent face computer was its ability to offer up relevant, contextual information using Google Now (at the time the company’s answer to Apple’s Siri) in a way that bypassed my phone.
While I had mixed feelings about Glass overall, I argued, “You are so going to love Google Now for your face.” I still think that’s true.
Assistants that help you accomplish things in the world, without having to be given complicated instructions or making you interface with a screen at all, are going to usher in a new wave of computing. While Google’s Project Astra demo, a still unreleased AI agent that it showed off this summer, was wild on a phone, it was not until Astra ran on a pair of smart glasses that things really fired up.
«
That’s always been the obvious use of smart glasses. Especially now we have AI to integrate to it.
unique link to this extract
How Hurricane Helene became a monster storm – The Verge
Justine Calma:
»
It made landfall with winds reaching 140 miles per hour, making it a major storm and a Category 4 out of 5 on the Saffir-Simpson hurricane scale.
Helene packed a punch with water, too. When it hit Florida’s Big Bend region, it brought a massive storm surge, inundating the coastline with up to 15 feet of seawater. The underwater topography off Florida’s west coast, with a more gradual incline, acted like a ramp, making it easier for the storm to bring a taller wall of water with it. The sheer size of the hurricane also meant that the storm surge flooded a wider area.
Heavy rainfall dropped more water onto communities, leading to historic flooding in western North Carolina. Close to 14 inches of rain were recorded at the Asheville airport over three days between September 25th and 27th. The highest preliminary total was more than 31 inches of rain, recorded in Busick, North Carolina.
…Climate change is altering the calculus for storms like Helene. Rising global temperatures create conditions conducive to more intense storms that can gain strength quickly and stay more powerful onshore. Helene developed amid soaring sea surface temperatures in the Caribbean Sea and the Gulf of Mexico. Waters along the storm’s early path got as high as 31ºC (87.8ºf), providing ample fuel. The atmosphere’s ability to hold moisture is increasing because of greenhouse gas emissions from fossil fuels, allowing for more severe downpours.
To know how big of a role climate change played with Helene specifically, scientists will have to conduct more research. But Balaguru likens the effect of climate change to the world having a weakened immune system. “It doesn’t mean that you will become sick. It just increases your tendency to become sick,” Balaguru says.
Altogether, the pieces were in place for the perfect storm with Helene. “The storm started big, which was bad, it went over hot water, which was bad, it hit a place that is prone to high storm surge, and then it accelerated and went into populated areas and took wind and rainwater to those populated areas,” Knox says. “You don’t want to see much worse.”
«
Oura nears $500m in annual revenue and readies new ring • Bloomberg via MSN
Mark Gurman and Evan Gorelick:
»
Oura Health Oy, a Finnish health technology company known for its fitness-tracking rings, will see annual sales double this year to roughly $500m and expects “healthy” growth in 2025.
Chief executive officer Tom Hale, speaking in an interview, said that Oura is building a loyal following after selling more than 2.5 million rings. Still, the company isn’t yet at the stage of planning an initial public offering, he said.
The 11-year-old business, which pioneered the concept of finger-worn activity trackers, makes its money by selling rings for $299 and subscriptions priced at $6 a month. It’s more of a niche market than smartwatches or earbuds, but the field is getting more crowded. Samsung Electronics Co. recently launched a $400 product called the Galaxy Ring.
Hale is upbeat about expanding the business. The company’s profit margins are closer to that of a software company than a hardware maker, he said, and Oura’s subscribers have been sticking with the product.
“Retention is better than any other subscription model I’ve seen,” Hale said. “To double this business, we don’t have to do that much.” He said that the company’s roughly half a billion dollars in revenue for calendar 2024 would be twice what it recorded in 2023.
Though Oura declined to discuss future products, people with knowledge of its plans say the company is introducing a fourth-generation ring in October. The device will have a thinner design and better battery life, as well as more accurate activity tracking, they said. It’s set to be the company’s biggest product overhaul in three years.
In addition to tracking fitness, Oura rings assess the quality of a user’s sleep and provide a “readiness score.” About 80% of Oura’s revenue comes from hardware, with the rest provided by software subscriptions, Hale said
«
Neil Cybart (via whom this comes) reckons half of those 2.5 million rings will be sold this year. I just can’t imagine it as a mass market thing.
unique link to this extract
Windows MR headsets no longer work in Windows 11 24H2 • UploadVR
David Heaney:
»
Microsoft has removed Windows Mixed Reality from Windows 11.
With Windows 11 24H2, the latest major version of Microsoft’s PC operating system, you can no longer use a Windows MR headset in any way – not even on Steam.
This includes all the Windows MR headsets from Acer, Asus, Dell, HP, Lenovo, and Samsung, including HP’s Reverb G2, released in 2020.
UploadVR tested Windows 11 24H2 with a Reverb G2 and found the above notice. Microsoft confirmed to UploadVR that this is an intentional removal when it originally announced the move back in December.
In August 3.49% of SteamVR users were using a Windows MR headset, roughly 80,000 people. If they install Windows 11 24H2, their VR headset will effectively become a paperweight.
Steam said: “Existing Windows Mixed Reality devices will continue to work with Steam through November 2026, if users remain on their current released version of Windows 11 (version 23H2) and do not upgrade to this year’s annual feature update for Windows 11 (version 24H2).”
The death of Windows MR headsets comes on the same week Microsoft revealed that HoloLens 2 production has ended, and that software support for the AR headset will end after 2027.
«
I think that’s what’s known as a signal. HoloLens going is significant: it seems that Microsoft has decided that VR, at least its form, isn’t the thing.
unique link to this extract
| • Why do social networks drive us a little mad? • Why does angry content seem to dominate what we see? • How much of a role do algorithms play in affecting what we see and do online? • What can we do about it? • Did Facebook have any inkling of what was coming in Myanmar in 2016?Read Social Warming, my latest book, and find answers – and more. |
Errata, corrigenda and ai no corrida: none notified
The Overspill: when there's more that I want to say 