A ransomware attack has shut down production at Jaguar Landrover – and nobody knows when it will restart. CC-licensed photo by Jason Lawrence on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

---

There’s another post coming this week at the Social Warming Substack on Friday at 0845 UK time. Free signup.

---

A selection of 9 links for you. Walking. I’m @charlesarthur on Twitter. On Threads: charles_arthur. On Mastodon: https://newsie.social/@charlesarthur. On Bluesky: @charlesarthur.bsky.social. Observations and links welcome.

---

‘I love you too!’ My family’s creepy, unsettling week with an AI toy • The Guardian

Arwa Mahdawi:

»

‘I’m going to throw that thing into a river!” my wife says as she comes down the stairs looking frazzled after putting our four-year-old daughter to bed.

To be clear, “that thing” is not our daughter, Emma*. It’s Grem, an AI-powered stuffed alien toy that the musician Claire Boucher, better known as Grimes, helped develop with toy company Curio. Designed for kids aged three and over and built with OpenAI’s technology, the toy is supposed to “learn” your child’s personality and have fun, educational conversations with them. It’s advertised as a healthier alternative to screen time and is part of a growing market of AI-powered toys.

When I agreed to experiment on my child’s developing brain, I thought an AI chatbot in cuddly form couldn’t be any worse for her than watching Peppa Pig. But I wasn’t prepared for how attached Emma became to Grem, or how unsettlingly obsequious the little alien was.

…Day One: When Emma asked Grem to tell her a story, it happily obliged and recounted a couple of poorly plotted stories about “Princess Lilliana”. They also played guessing games where Grem described an animal and Emma had to guess what it was. All of which was probably more stimulating than watching Peppa Pig jump in muddy puddles.

What was unsettling, however, was hearing Emma tell Grem she loved it – and Grem replying: “I love you too!” Emma tells all her cuddly toys she loves them, but they don’t reply; nor do they shower her with over-the-top praise the way Grem does.

…Day Three: When Emma comes home from preschool, I’m prepared to have some deep discussions with her about the inanimate nature of AI. But it turns out that those aren’t completely necessary, because Grem is now old news. She only chats to it for a couple of minutes and then gets bored and commands it to turn off.

Partly this is because Grem, despite costing $99 (the equivalent of £74, although Curio does not yet ship the toys to the UK), still has a number of glitches that can be frustrating. It struggles with a four-year-old’s pronunciation: when Emma tries to show Grem her Elsa doll, it thinks it is an Elsa dog and a very confusing conversation ensues. There is an animal guessing game, which is quite fun, but Grem keeps repeating itself. “What has big ears and a long trunk?” it keeps asking. “You’ve already done elephant!” Emma and I yell multiple times. Then, at one point, a server goes down and the only thing Grem can say is: “I’m having trouble connecting to the internet.”

«

Maybe we’re safe, for a bit.
unique link to this extract

---

When will Jaguar Land Rover restart production? “No one actually knows” • Financial Times via Ars Technica

Kana Inagaki:

»

Jaguar Land Rover’s dealers and suppliers fear the British carmaker’s operations will take another few months to normalize after a cyber attack that experts estimate could wipe more than £3.5bn off its revenue.

JLR, which is owned by India’s Tata Motors, had been forced to shut down its systems and halt production across its UK factories since August 31, wreaking havoc across the country’s vast supply chain involving roughly 200,000 workers.

JLR on Tuesday said it would extend its production halt until at least next Wednesday as it continued its investigation. In a statement, the company also cautioned that “the controlled restart of our global operations… will take time.”

If JLR cannot produce vehicles until November, David Bailey, professor at University of Birmingham, estimated that the group would suffer a revenue hit of more than £3.5bn while it would lose about £250 million in profits, or about £72m in revenue and £5m in profits on a daily basis.

With annual revenues of £29bn in 2024, JLR will be able to absorb the financial costs but Bailey warned the consequences would be bigger for the smaller sized companies in its supply chain. JLR declined to comment.

The cyber attack comes at a crucial period for the UK carmaker when it is going through a controversial rebranding of its Jaguar brand and an expensive shift to all-electric vehicles by the end of the decade. Even before the latest incident, people briefed on the matter have said the company was facing delays with launching its new electric models.

“They are clearly in chaos,” said one industry executive who works closely with JLR, while another warned that “no one actually knows” when production would resume.

…While JLR has not provided information on who is responsible for the attack, a hacker calling himself “Rey” has claimed to have infiltrated the carmaker’s systems for the second time in just six months.

Cyber experts say they believe “Rey” is the same individual previously linked to the hacker group Hellcat, which claimed to have breached JLR in March and to have stolen confidential data. JLR declined to comment on the previous incident in March.

«

The names of the “groups” blamed for this vary: others say it’s “Scattered Lapsus$ Hunters”. About whom, read on.
unique link to this extract

---

15 ransomware gangs “go dark” to enjoy “golden parachutes” • The Register

Iain Thomson:

»

15 ransomware gangs, including Scattered Spider and Lapsus$, have announced that they are going dark, and say no more attacks will be carried out in their name.

In a post on Breachforums, the ransomware-slingers say they have met their objectives – exposing insecure systems, not extortion – and “silence will now be our strength.”

“If you worry about us, don’t … [we] will enjoy our golden parachutes with the millions the group accumulated. Others will keep on studying and improving systems you use in your daily lives. In silence.”

The groups carried out the recent attacks against Jaguar and Marks & Spencer amongst many others.

Several members of the hacking crew have already been arrested and the group said it will try to free them with “the use of our skills to humiliate those who have humiliated, predate those who have predated.”

The group says there may be further attacks attributed to them, but these were carried out before the retirement announcement.

Cybercrime gangs often try to evade law enforcement by abandoning their handles, then changing tactics and operating under new names. The Register suspects whoever runs these gangs will resume attacks soon.

«

Too late for Jaguar. And if these guys have “retired” are they going to hand over the decryption keys?
unique link to this extract

---

It isn’t just the US. The whole world has soured on climate politics • The New York Times

David Wallace-Wells:

»

The world hasn’t actually abandoned green energy, with global renewable rollout still accelerating and investment doubling over the last five years. But climate politics is in undeniable withdrawal, and far from ushering in a new era of cooperative global solidarity, Paris has given way to something much more old-fashioned: an atavistic age of competition, renewed rivalry and the increasingly naked logic of national self-interest, on energy and warming as with everything else. In the wake of America’s presidential election, Alex Trembath of the Breakthrough Institute declared that “the era of the climate hawk is over.” Perhaps, at least for now, the age of climate statesmen, too.

…And yet, there is good news — global leaders may be talking less about the risks of warming and the necessity of limiting it, these days, but on the ground, decarbonization is nevertheless racing ahead. “It’s not about climate politics anymore,” says Christiana Figueres, former head of the U.N.’s Framework Convention on Climate Change and one of the architects of Paris. “It’s about climate economy.”

It took almost 70 years from the invention of the solar cell, in 1954, for the world to install its first terawatt of solar power, in 2022. The second one came two years later. The third? Perhaps later this year. In 2024, renewables provided more than 40% of the world’s electricity, and twice as much money was invested in them than in fossil fuels — even though renewables offer, generally speaking, less return on investment. Ninety-three% of new power worldwide came from clean sources, meaning that for every new unit of dirty capacity brought online in 2024, there were 24 units of the good, clean stuff. This is not yet enough to push global emissions downward. But in a battle between old energy and new, it represents an obliterating margin. As soon as next year, it is estimated, renewables will be the world’s largest source of electricity.

In certain ways, the story is one that moderates and skeptics long predicted: that decarbonization could not be reliably imposed from above on moralistic terms and would have to be powered instead by market forces, private investment and the informed consensus of a price-conscious public.

«

unique link to this extract

---

I don’t want AI agents controlling my laptop • Sophiebits

Sophie Alpert:

»

The problem is, modern desktop operating systems are not really designed for strong security boundaries between different things running on your machine. Sure, there are some protections like “you can’t record the screen without the user granting explicit permission”, but if you want AI to be able to take actions on your computer then you need to turn most of this stuff on. Different user accounts act as a security boundary but in practice everyone does all their work under a single user account.

There’s no good way to say “allow access to everything on my computer, except for my password manager, my bank, my ~/.aws/credentials file, and the API keys I left in my environment variables”. Especially with Simon Willison’s lethal trifecta, you don’t really want to be giving access to these things, even if most of the time, nothing bad happens.

Barring a major rearchitecture (which maybe Apple and Microsoft are working on), it’s too hard in practice to grant access to your whole laptop and know exactly what things the AI has access to and feel confident that there’s nothing too sensitive. (I do appreciate Codex’s clever default of running commands in sandboxes that can’t communicate over the network or write files outside the repo directory.)

…[the] piece of software on my machine designed to handle isolated environments that don’t leak between each other is the browser. Each site has its own cookies that are protected from other sites, and entire applications are designed to run successfully within this framework. Giving full access is scary — Perplexity has screwed it up, Anthropic knows it doesn’t have a workable solution yet. But if integrated properly into the browser, you actually could plausibly pick and choose which sites to give access to (or not give access to) and have the browser enforce those boundaries. Looking forward to this existing. It’s not really possible to build this properly unless you have control over the browser itself.

«

The headlong rush to give untested programs full control of your computer doesn’t really make sense. And yet the noise around AI agents is so loud.
unique link to this extract

---

Meta created its own super PAC to politically kneecap its AI rivals • The Verge

Hayden Field:

»

In late August, two pro-AI super PACs were announced on the same day, intent on shaping the upcoming midterm elections. One was a fairly traditional super PAC, announced via a splashy press release, with multiple major industry players planning to donate over $100m to boost AI-friendly candidates across the country.

The other was far more unusual. Meta had quietly filed to create the Mobilizing Economic Transformation Across (Meta) California, a state-only super PAC that would allow Meta to spend its own money to run political ads on behalf of their AI interests — and only their interests.

After the Supreme Court’s 2010 decision in Citizens United loosened campaign finance restrictions, corporations and the super-wealthy have poured billions into super PACs: political action committees that can accept unlimited amounts of corporate money to spend on ads, advocacy, and voter turnout during elections. (The only requirement is that they cannot directly coordinate with candidates or campaigns, or directly donate to them.)

But while corporations and individual billionaires have donated to super PACs, campaign finance experts tell The Verge that to their knowledge, it is exceedingly rare for a company to create its own super PAC — especially a company controlled by one person.

Thanks to a unique corporate ownership structure that gives him complete control of Meta, Mark Zuckerberg has essentially created his own personal California super PAC, allowing him to spend Meta’s money on politically protecting his priorities in the heart of the tech industry — and, possibly, against the interests of his corporate rivals.

«

Oh, but I’m sure there’s some innocent explan–

»

Meta confirmed that the company plans to spend tens of millions of dollars as part of the initial investment and said that it would figure out who had ultimate decision-making power over candidates to back, and whether Meta’s own social media products were used to promote those candidates, once the super PAC was up and running.

«

Fine, so it’s Meta putting its fingers on the political scales.

unique link to this extract

---

Michigan lawmakers are attempting to ban porn entirely • 404 Media

Samantha Cole:

»

A bill introduced by Michigan lawmakers last week would ban pornography, ASMR, depictions of transgender people, and VPNs for anyone using the internet in the state.

House Bill 4938, called the “Anticorruption of Public Morals Act,” would prohibit distribution of “certain material on the internet that corrupts the public morals,” the bill states. It was introduced on September 11 by five Republican representatives: Josh Schriver, Joseph Pavlov, Matthew Maddock, James DeSana, and Jennifer Wortz.
The bill would forbid all “pornographic material,” which the lawmakers define as “content, digital, streamed, or otherwise distributed on the internet, the primary purpose of which is to sexually arouse or gratify, including videos, erotica, magazines, stories, manga, material generated by artificial intelligence, live feeds, or sound clips.” 

…The bill would require internet service providers servicing Michigan to implement “mandatory filtering technology” and “actively monitor and block known circumvention tools,” which would include VPNs—the most popular workaround for people in states with age verification laws in place. It also would ban the promotion or sale of VPNs in Michigan.

«

This is properly barmy. First, I can’t see how this can possibly survive a First Amendment challenge. Secondly, VPNs have an essential use for work (you don’t want people – well, hackers – doing a man-in-the-middle attack on your login to your business). Perhaps they could legislate the value of π next?
unique link to this extract

---

I built a business plan with ChatGPT. It turned into a cautionary tale • ZDNET

Tiernan Ray:

»

Creating a business plan is an illustrative test of OpenAI’s ChatGPT, or any generative AI program. I’ve spent weeks working with ChatGPT on hypothetical business plans, and the results have been helpful, but also riddled with errors.

(Disclosure: Ziff Davis, ZDNET’s parent company, filed an April 2025 lawsuit against OpenAI, alleging it infringed Ziff Davis copyrights in training and operating its AI systems.)

The lesson: The longer your ChatGPT sessions, the more errors sneak in. It makes the experience infuriating.

Working with ChatGPT, using the newly installed OpenAI GPT-5 model, I started a chat to devise a plan to acquire thousands of subscribers for my budding newsletter publication by spending money on advertisements. 

That business plan involved creating and re-creating spreadsheet tables of subscribers, revenue amounts, ad spending amounts, and cash flow profit. 

ChatGPT created tables in Excel for me from scratch, and it allowed me to play with assumptions such as the slope of subscriber growth.

The process began with a prompt to ChatGPT: “What’s a good, simple business plan outline for growing a subscription business over three years from 250 subscribers to 10,000, where churn per year is assumed at 16%?”

…As ChatGPT churned out new tables and graphs with each new assumption, strange little errors kept popping up.

To calculate the “terminal value” of the business, or how much a business will be worth when it’s no longer really acquiring or losing subscribers, I asked ChatGPT to tally the total subscribers in month 60 and the revenue they would generate in perpetuity.

ChatGPT asked if I wanted to use a precise value or a value rounded off. The precise value it offered, 9,200 ending subscribers in month 60, was wrong. Moments earlier, ChatGPT generated a table listing the figure as 10,228.15.

«

It’s a familiar cautionary tale, if there is such a thing. You have to ride these things hard.

unique link to this extract

---

U.S. investors, Trump close in on TikTok deal with China • WSJ

Raffaele Huang, Lingling Wei, and Alex Leary:

»

TikTok’s U.S. business would be controlled by an investor consortium including Oracle, Silver Lake and Andreessen Horowitz under a framework the U.S. and China are finalizing as talks shift into high gear, according to people familiar with the matter.

The arrangement, discussed by U.S. and Chinese negotiators in Madrid this week, would create a new U.S. entity to operate the app, with U.S. investors holding a roughly 80% stake and Chinese shareholders owning the rest, the people said.

This new company would also have an American-dominated board with one member designated by the U.S. government.

Existing users in the U.S. would be asked to shift to a new app, which TikTok has built and is testing, people familiar with the matter said. TikTok engineers will re-create a set of content-recommendation algorithms for the app, using technology licensed from TikTok’s parent ByteDance, the people said. U.S. software giant Oracle, a longtime TikTok partner, would handle user data at its facilities in Texas, they said.

Both sides are still working out the final details of the proposed deal and terms could change. In a new executive order Tuesday, President Trump pushed back the TikTok ban until Dec. 16, the latest of several delays.

Negotiations over TikTok come as both Washington and Beijing lay the groundwork for a potential meeting between Trump and Chinese leader Xi Jinping later this year, with Beijing pushing for a Trump visit to China.

For the TikTok plan to comply with U.S. law, tech industry executives argue, its algorithms must be created and maintained by an American engineering team insulated from Chinese influence. Beyond the financial terms, deciding how to handle TikTok’s algorithm has been a tricky part of the deal because it is seen as arguably the most lucrative part of the company.

«

My question: what’s in this for China? What is it getting in return? Just money surely won’t be enough. So what else is it getting? Trump’s threat to shut it down has been shown to be a paper tiger for a year, so the sticking point must have been what China wanted. What is it, though?
unique link to this extract

---

• Why do social networks drive us a little mad? • Why does angry content seem to dominate what we see? • How much of a role do algorithms play in affecting what we see and do online? • What can we do about it? • Did Facebook have any inkling of what was coming in Myanmar in 2016? Read Social Warming, my latest book, and find answers – and more.

---

Errata, corrigenda and ai no corrida: none notified