Would you buy a dishwasher if you knew you had to connect to the company’s cloud account to run certain cleaning cycles? CC-licensed photo by Kevin Dooley on Flickr.
You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.
There’s another post coming this week at the Social Warming Substack on Friday at 0845 UK time. Free signup.
A selection of 9 links for you. Sparkling clean. I’m @charlesarthur on Twitter. On Threads: charles_arthur. On Mastodon: https://newsie.social/@charlesarthur. On Bluesky: @charlesarthur.bsky.social. Observations and links welcome.
The Trump administration accidentally texted me its war plans • The Atlantic
Jeffrey Goldberg:
»
On Tuesday, March 11, I received a connection request on Signal from a user identified as Michael Waltz. Signal is an open-source encrypted messaging service popular with journalists and others who seek more privacy than other text-messaging services are capable of delivering. I assumed that the Michael Waltz in question was President Donald Trump’s national security adviser.
I did not assume, however, that the request was from the actual Michael Waltz. I have met him in the past, and though I didn’t find it particularly strange that he might be reaching out to me, I did think it somewhat unusual, given the Trump administration’s contentious relationship with journalists—and Trump’s periodic fixation on me specifically. It immediately crossed my mind that someone could be masquerading as Waltz in order to somehow entrap me. It is not at all uncommon these days for nefarious actors to try to induce journalists to share information that could be used against them.
I accepted the connection request, hoping that this was the actual national security adviser, and that he wanted to chat about Ukraine, or Iran, or some other important matter.
Two days later—Thursday—at 4:28 p.m., I received a notice that I was to be included in a Signal chat group. It was called the “Houthi PC small group.”
A message to the group, from “Michael Waltz,” read as follows: “Team – establishing a principles [sic] group for coordination on Houthis, particularly for over the next 72 hours. My deputy Alex Wong is pulling together a tiger team at deputies/agency Chief of Staff level following up from the meeting in the Sit Room this morning for action items and will be sending that out later this evening.”
The message continued, “Pls provide the best staff POC from your team for us to coordinate with over the next couple days and over the weekend. Thx.”
The term principals committee generally refers to a group of the senior-most national-security officials, including the secretaries of defense, state, and the treasury, as well as the director of the CIA. It should go without saying—but I’ll say it anyway—that I have never been invited to a White House principals-committee meeting, and that, in my many years of reporting on national-security matters, I had never heard of one being convened over a commercial messaging app.
«
The creator of the group broke the law in multiple ways; the participants too. Why or how Goldberg was added – autocomplete? – may emerge in time, when someone is fired, as has to happen. But it also tells us how government, like private life, has shifted to messaging apps. (Using messaging apps break US government records rules. Maybe they should be updated, especially if the messages are set to disappear. But who can police that?)
unique link to this extract
I won’t connect my dishwasher to your stupid cloud • Jeff Geerling
Geerling’s old General Electric dishwasher died, so he bought a Bosch one:
»
So I turned it on, and immediately hated the new touch sensor stuff on it.
The old GE had buttons: you press them in, they click and you know that you pressed a button.
The touch sensor, you kind of touch it and the firmware—like this new dishwasher actually takes time to boot up! I had to reset it like three times and my wife meanwhile was like laughing at me like look at this guy who does tech stuff and he can’t even figure out how to change the cycle on it. That took about five minutes, sadly.
But eventually I pulled out the manual book because I was like… “this is actually confusing.” It should be like: I touch the button and it changes to that mode! But that was not how it was working.
I wanted to run just a rinse cycle to make sure the water would go in, the water would pump out through the sump, and everything worked post-install. But I couldn’t find a way to do a rinse cycle on the control panel.
So I looked in the manual and found a note: it says options with an asterisk—including Rinse, Machine Care (self-cleaning), HalfLoad, Eco, and Delay start, are “available through Home Connect app only and depending on your model.”
The 500 series model I bought isn’t premium enough to feature a seven-segment display like the $400-more-expensive 800 series, so these fancy modes are hidden behind an app and cloud service.
I was like, “Okay, I’ll look up this app and see if I can use it over Bluetooth or locally or whatever.”
Nope! To use the app, you have to connect your dishwasher to your Wi-Fi, which lets the dishwasher reach out on the internet to this Home Connect service. You have to set up an account on Home Connect, set up the Home Connect app on your phone, and then you can control your dishwasher through the Internet to run a rinse cycle.
That doesn’t make any sense to me.
An app? I mean, I can understand maybe adding some neat convenience features for those who want them. Like on my new fridge—which I chose not to connect to WiFI—it has an app that would allow me to monitor the inside temperature or look up service codes more easily. If I wanted those add-on features, which my old fridge didn’t have, I could get them.
But requiring an app to access features that used to be controllable via buttons on the dishwasher itself—or are still if you pay $400 more for the fancy “800” model? That’s no bueno.
«
I wouldn’t mind if my dishwasher could notify me in some way other than an annoying loud repetitive beeping that it had finished its cycle. But joining a cloud service? Sorry, that won’t wash.
unique link to this extract
UK on alert after H5N1 bird flu spills over to sheep in world-first • Ars Technica
Beth Mole:
»
The H5N1 bird flu has spilled over to a sheep for the first time, infecting a domesticated ruminant in the United Kingdom much like it has in US dairy cows, according to UK officials.
The single sheep—a ewe—in Yorkshire, England, was confirmed infected after captive birds on the same property had tested positive for the virus, according to an announcement Monday. The ewe’s milk was found to be positive for the virus through a PCR test, which detected genetic signatures of the virus. The ewe also had H5 antibodies in its blood. At the time of the confirmation, the ewe had symptoms of the infection in the way of mastitis, inflammation of the mammary glands.
This mirrors what US dairy farmers have been seeing in cows. An outbreak of H5N1 in dairy cows erupted a year ago, on March 25, 2024. Since then, at least 989 herds across 17 states have been infected with bird flu. In previous reports, farmers and researchers have noted that the virus appears to attack the animal’s mammary glands and their milk is teeming with the virus.
In the US, at least 70 people have been infected with the virus, 41 of whom were dairy workers. In some cases, workers reported having milk splashed on their faces before developing an infection. While nearly all of the cases have been relatively mild so far—some only with eye inflammation (conjunctivitis)—one person in the US has died from the infection after being exposed via wild or backyard birds.
In the UK, officials said further testing of the rest of the sheep’s flock has found no other infections. The one infected ewe has been humanely culled to mitigate further risk and to “enable extensive testing.”
“Strict biosecurity measures have been implemented to prevent the further spread of disease,” UK Chief Veterinary Officer Christine Middlemiss said in a statement. “While the risk to livestock remains low, I urge all animal owners to ensure scrupulous cleanliness is in place and to report any signs of infection to the Animal Plant Health Agency immediately.”
While UK officials believe that the spillover has been contained and there’s no onward transmission among sheep, the latest spillover to a new mammalian species is a reminder of the virus’s looming threat.
«
It’s not so much that it can infect sheep – we already know humans can catch it – but that if it goes to other species than birds, the virus could recombine with something else and become much more dangerous. (Watching brief, but slightly concerning for all our ovine readers.)
unique link to this extract
Understanding live facial recognition statistics • Big Brother Watch
»
The vast majority of matches recorded by the Metropolitan Police from its deployments of live facial recognition (LFR) over the years have been false.
• 85%, or six out of every seven matches, have been false
• 15%, one in seven alerts, were a correct match.
Not all of the matches the Met claims to be true have been confirmed as definite true matches, meaning the false match figure may be even higher. In Big Brother Watch’s observations of LFR deployments in London, we have seen a number of people trigger an alert who were not then stopped by officers, yet these matches have sometimes been recorded as true without additional verification.The 84.7% figure is the number of false matches, as a percentage of the total number of facial recognition matches obtained by the Met Police since its first deployment in 2016. There have been 175 matches in total, of which 150 have been false and 25 have been recorded as true.
False positive rate = 100 * number of false matches/ total number of matches.
Professor Peter Fussey, from the University of Essex, used similar methodology to calculate the accuracy rate of the Live Facial Recognition deployments he assessed in the Independent Report On The London Metropolitan Police Service’s Trial Of Live Facial Recognition.
The study, commissioned by the Met Police, found that in the limited number of deployments it observed, 63.64% of matches leading to a stop were inaccurate (14 of 22 total matches), and just 36.36% (8 of 22) were accurate. Similarly South Wales Police has returned false matches for 2,825 of its 3,140 LFR flags, giving it a false match rate of 89.9%.
The Metropolitan Police chooses to use different metrics which present Live Facial Recognition as much more accurate than it is.
The False Positive Identification Rate (FPIR) used by the Met Police is measured as the number of false matches against the total number of faces seen, with the figure quoted by the Met Police being 1 in 6,000 or 0.017%. This figure is reached independently of the number of true matches, allowing the Metropolitan Police to overstate the algorithm’s accuracy.
«
Tricky: what is the false negative rate? How many criminals walk past the cameras and don’t get spotted? Because if that’s zero, then we don’t really mind false positives as much, do we? But of course the false negative is impossible to know.
unique link to this extract
The LibGen data set: what authors can do • The Society of Authors
»
The Atlantic says that court documents show that staff at Meta discussed licensing books and research papers lawfully but instead chose to use stolen work because it was faster and cheaper. Given that Meta Platforms, Inc, the parent company of Facebook, Instagram and WhatsApp, has a market capitalisation of £1.147 trillion, this is appalling behaviour.
According to The Atlantic, Meta argued that it could then use the US’s ‘fair use exception’ defence if it was challenged legally.
It is not yet clear whether scraping from copyright works without permission is unlawful under the US fair use exception to copyright, but if that scraping is for commercial purposes (which what Meta is doing surely is) it cannot be fair use. Under the UK fair dealing exception to copyright, there is no question that scraping is unlawful without permission.
We wrote to Meta in August 2024 to assert our members’ rights around uses of their works by generative AI. As a matter of urgency, Meta needs to compensate the rightsholders of all the works it has been exploiting.
This is yet more evidence of the catastrophic impact generative AI is having on our creative industries worldwide. From development through to output, creators’ rights are being ignored, and governments need to intervene to protects authors’ rights.
In the UK, and globally, we need to see strong legislation from governments to uphold and strengthen copyright law, ensure transparency and fair payment, and to penalise big tech companies who ride roughshod over the law.
• We are continuing to explore all options available for collective action on behalf of our members
• We are continuing to raise this matter with Government through letters and briefings to MPs
• We are continuing our campaign work on AI and Copyright; working with policy makers on the issue of the unremunerated use of copyrighted works in large language model (LLM) training.«
The Atlantic making waves again.
unique link to this extract
23andMe files for bankruptcy protection – BBC News
Lily Jamali:
»
Popular DNA testing firm 23andMe has filed for bankruptcy protection, and announced that its co-founder and CEO, Anne Wojcicki, has resigned with immediate effect.
The company will now attempt to sell itself under the supervision of a court.
23andMe said in a press release that it plans to continue operating throughout the sale process and that there “are no changes to the way the company stores, manages, or protects customer data.”
The Information Commissioner’s Office (ICO), the UK’s data protection watchdog, said on Monday it had notified the company of its intent to hand down a £4.59m fine over a 2023 data breach.
The ICO, which launched a joint investigation with Canada’s data watchdog into the genetic testing company last June, said the findings were provisional. And deputy commissioner Stephen Bonner said the regulator was aware of the company’s bankruptcy filing in the US and “monitoring the situation closely”.
“As a matter of UK law, the protections and restrictions of the UK GDPR continue to apply and 23andMe remains under an obligation to protect the personal information of its customers,” he said.
The Attorney General in 23andMe’s home state of California issued a consumer alert on Friday advising customers to delete their data from the site given the company’s “reported financial distress.”
23andMe’s saliva-based test kits were once celebrated among customers and investors, who helped to push the company’s value as high as $6bn (£4.6bn). But it has been struggling for survival. Founded in 2006, the company went public in 2021 but has never turned a profit.
«
The value crashed in 2013 when the US FDA told the company it couldn’t use its tests for analysing “health conditions and traits” without authority and passing tests for accuracy. Even so, by February 2019 more than 26 million people had taken an “at-home ancestry test”, and 23andMe was one of the main suppliers.
It’s not clear that any company is going to meet the FDA’s requirements. But maybe it’s not a bad thing that we don’t know every prediction about our future? Would you want to know the day on which you’re going to die?
unique link to this extract
China unveils a powerful deep-sea cable cutter that could reset the world order • South China Morning Post
Stephen Chen:
»
A compact, deep-sea, cable-cutting device, capable of severing the world’s most fortified underwater communication or power lines, has been unveiled by China – and it could shake up global maritime power dynamics.
The revelation marks the first time any country has officially disclosed that it has such an asset, capable of disrupting critical undersea networks.
The tool, which is able to cut lines at depths of up to 4,000 metres (13,123 feet) – twice the maximum operational range of existing subsea communication infrastructure – has been designed specifically for integration with China’s advanced crewed and uncrewed submersibles like the Fendouzhe, or Striver, and the Haidou series.
Developed by the China Ship Scientific Research Centre (CSSRC) and its affiliated State Key Laboratory of Deep-sea Manned Vehicles, the device targets armoured cables – layered with steel, rubber and polymer sheaths – that underpin 95% of global data transmission.
While it was created as a tool for civilian salvage and seabed mining, the dual-use potential of the tool could send alarm bells ringing for other nations.
For example, cutting cables near strategic chokepoints such as Guam, which is a linchpin of the US military’s second island chain, a defence strategy used to contain China, the tool could essentially destabilise global communications during a geopolitical crisis.
«
Of course China says it’s for “repairs”, but the publicising of this is a statement in its own right – as overt as the USSR having a military parade of tanks rolling past the Kremlin.
unique link to this extract
CEO of AI ad-tech firm pledging “world free of fraud” sentenced for fraud • Ars Technica
Kevin Purdy:
»
In May 2024, the website of ad-tech firm Kubient touted that the company was “a perfect blend” of ad veterans and developers, “committed to solving the growing problem of fraud” in digital ads. Like many corporate sites, it also linked old blog posts from its home page, including a May 2022 post on “How to create a world free of fraud: Kubient’s secret sauce.”
These days, Kubient’s website cannot be reached, the team is no more, and CEO Paul Roberts is due to serve one year and one day in prison, having pled guilty Thursday to creating his own small world of fraud. Roberts, according to federal prosecutors, schemed to create $1.3m in fraudulent revenue statements to bolster Kubient’s initial public offering (IPO) and significantly oversold “KAI,” Kubient’s artificial intelligence tool.
The core of the case is an I-pay-you, you-pay-me gambit that Roberts initiated with an unnamed “Company-1,” according to prosecutors. Kubient and this firm would each bill the other for nearly identical amounts, with Kubient purportedly deploying KAI to find instances of ad fraud in the other company’s ad spend.
Roberts, prosecutors said, “directed Kubient employees to generate fake KAI reports based on made-up metrics and no underlying data at all.” These fake reports helped sell the story to independent auditors and book the synthetic revenue in financial statements, according to Roberts’ indictment.
Before Kubient’s IPO in August 2020, Kubient issued a prospectus noting research figures that suggested $42bn lost to ad fraud in 2019. Kubient’s technology was touted as fast enough to work in the 300-millisecond real-time ad auction window. It leveraged “machine learning powered [sic] pre-bid ad fraud prevention technology” and a “self-learning neural network always getting smarter.”
«
I suppose you could say that he has made the world a little bit more free of fraud by getting caught?
unique link to this extract
Plants can take up CWD-causing prions from soil in the lab. What happens if they are eaten? • CIDRAP
Mary Van Beusekom:
»
When Christopher Johnson, PhD, set out to study whether lab mice fed prion-contaminated plants developed neurodegenerative disease, he expected the plants to take up only small prion clusters, but they absorbed large clusters characteristic of prion diseases in deer and other animals.
Then again, “prions are constantly surprising,” Johnson, a study coauthor and deputy director of the Office of Science Quality and Integrity at the US Geological Survey in Reston, Virginia, told CIDRAP News. “But perhaps we shouldn’t ever be allowed to be surprised by them, because they are so resistant to degradation, and they are so resilient that finding prions in unusual settings is maybe something that we should all begin to just expect.”
Prions are infectious misfolded proteins that cause fatal neurodegenerative diseases such as chronic wasting disease (CWD) in cervids like deer and elk, scrapie in sheep and goats, bovine spongiform encephalopathy (BSE, or “mad cow” disease) in cattle, and Creutzfeldt-Jakob disease in humans.
In the case of CWD, once an animal is infected, it can spread the disease through direct contact, saliva, antler velvet, urine, feces, and carcasses, and the prions can persist in the environment for years. Once an animal is exposed, the incubation period in a host—the time before symptoms appear—is thought to be up to 2 years.
But given the rapid spread of CWD throughout North America and parts of Europe and Asia, scientists question whether it is also being transmitted through a different route, such as the ingestion of contaminated plants.
While researchers have been experimenting with protein uptake into plants since the 1970s, Johnson and colleagues’ laboratory study, published in iScience in December, takes those investigations a step further. They demonstrated that alfalfa, barley, and Arabidopsis thaliana, a small plant from the mustard family called thale cress and other names, all accumulated sufficient prions from contaminated soil in their above-ground tissues to cause mice that ingested the plant tissues to develop prion disease.
«
So it doesn’t have to be an intermediate host, though this doesn’t quite explain how CWD would spread across the US. Might it be in feed where farmed venison has been kept? Thanks to Natalie Bennett (ex-Guardian) for the link.
unique link to this extract
| • Why do social networks drive us a little mad? • Why does angry content seem to dominate what we see? • How much of a role do algorithms play in affecting what we see and do online? • What can we do about it? • Did Facebook have any inkling of what was coming in Myanmar in 2016? Read Social Warming, my latest book, and find answers – and more. |
Errata, corrigenda and ai no corrida: none notified
The Overspill: when there's more that I want to say 
No paper trail, no evidence: https://talkingpointsmemo.com/edblog/signalgate-is-bad-but-opsec-isnt-even-the-worst-part-of-it