With renewables and microgeneration on the rise, Google reckons power grids need a “moonshot” to inject machine learning and more for future systems. Can it succeed? CC-licensed photo by sagesolar on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 9 links for you. Friend or foe? I’m @charlesarthur on Twitter. Observations and links welcome.

How Mark Zuckerberg and Apple’s CEO became foes • The New York Times

Mike Isaac and Jack Nicas:

»

At the center of the fight are the two C.E.O.s. Their differences have long been evident. Mr. Cook, 60, is a polished executive who rose through Apple’s ranks by constructing efficient supply chains. Mr. Zuckerberg, 36, is a Harvard dropout who built a social-media empire with an anything-goes stance toward free speech.

Those contrasts have widened with their deeply divergent visions for the digital future. Mr. Cook wants people to pay a premium — often to Apple — for a safer, more private version of the internet. It is a strategy that keeps Apple firmly in control. But Mr. Zuckerberg champions an “open” internet where services like Facebook are effectively free. In that scenario, advertisers foot the bill.

The relationship between the chief executives has become increasingly chilly, people familiar with the men said. While Mr. Zuckerberg once took walks and dined with Steve Jobs, Apple’s late co-founder, he does not do so with Mr. Cook. Mr. Cook regularly met with Larry Page, Google’s co-founder, but he and Mr. Zuckerberg see each other infrequently at events like the Allen & Company conference, these people said.

The executives have also jabbed at each other. In 2017, a Washington political firm funded by Facebook and other Apple rivals published anonymous articles criticizing Mr. Cook and created a false campaign to draft him as a presidential candidate, presumably to upend his relationship with former President Donald J. Trump. And when Mr. Cook was asked by MSNBC in 2018 how he would deal with Facebook’s privacy issues if he was in Mr. Zuckerberg’s shoes, he replied, “I wouldn’t be in this situation.”

«

Very much the Irish saying of “I wouldn’t start from here”. Notable how the headline assumes everyone knows who Zuckerberg is, but not Cook. (That is, the title on the web page; the headline on the page does say Cook.)
unique link to this extract

Update your iPhone so you can tell apps to stop tracking you • Vice

Lorenzo Franceschi-Bicchierai:

»

Apple started rolling out the latest version of iOS (14.5) on Monday, which could become a watershed moment in the history of privacy on the internet. The new version of iOS makes tracking an opt-in feature. In other words, when you install an app on your iPhone, you will have to allow it to track you across other apps, and if you want, you can stop it from tracking you entirely.

This is the most aggressive pro-privacy step Apple has taken in years. Facebook hates it so much that it has launched a full-on PR campaign claiming this change will hurt small businesses.

For many people on the internet, however, this is actually good news. Ashkan Soltani, an independent privacy and security researcher, told Motherboard that this is “a great step, particularly the global option to block tracking via one step.”

“It’s in line with the Global Privacy Control project that I’ve been working on, and is required under the California Law,” he said in an online chat. “In addition to technical mitigations, I’m looking forward to Apple supporting the legal right for consumers to opt-out so simply.”

“Apple today is turning on enhanced privacy/transparency in apps. This is a great day for European policy ideas for cookie pop-up boxes, now deployed to millions of smartphones all around the world,” Lukasz Olejnik, a security and privacy researcher, wrote on Twitter.

The feature is called App Tracking Transparency and in practice, it means that when you open apps you will be greeted with a new pop-up: “Allow [App Name] to track your activity across other companies’ apps and websites?” The first choice is “Ask App Not to Track” and the second one is “Allow.”

Choosing “Ask App not to Track” makes Apple disable the app from using our Apple device identifier, “a random string of letters and numbers assigned to our iPhones and that is used to track our activities across apps and websites,” and lets the app developer know that you don’t want them to track you in any way

«

So, let’s see if the sky does indeed fall as Facebook predicted. (Here’s a list of everything that’s new.)
unique link to this extract

Why the electric grid needs a moonshot • Google X

Astro Teller runs Google X, the “moonshot factory”:

»

Grid operators ensure that the supply of electricity to the grid stays in balance with the amount being used every moment of every day. One of the biggest challenges they face is that they have to manage and make decisions without full visibility into all the new and intermittent power sources coming onto the grid, like wind turbines or solar panels. And they don’t have visibility into how energy is flowing in real time: there is no global map or end-to-end aggregated view that gives every operator a consistent, full view of what’s happening on the grid from power plants down to the solar panels on your roof.

What you see happening on the grid depends on who’s looking and from what vantage point. Everyone who manages, builds, regulates and provides electricity to our power system — from utilities to system operators — uses their own sets of tools and models of the system. And this is becoming a huge hindrance as operators are now orchestrating novel and unpredictable flows of power from billions of new devices both contributing to and drawing from the grid.

Finding a way to create a single view of this splintered system felt to us like a promising entry point for reimagining things. We think machine learning, artificial intelligence and advanced computing tools can help; in the last decade these technologies have powered the creation of virtual representations of real-world environments that act as super-efficient simulated testing grounds for new ideas and software.

«

“Moonshot factory” is quite the boast, and not really supported by the facts. Google X has tried lots of things and you’d be pushing it to say any has even achieved orbit. This is a big idea, but DeepMind has effectively pulled out of this space already. That’s not encouraging.
unique link to this extract

Fuels from thin air: Prometheus joins the chase to make captured CO2 into net zero hydrocarbon fuels • Biofuels Digest

Jim Lane:

»

What is it? Prometheus removes CO2 from the air and turns it into zero-net carbon gasoline and jet fuel at a price that will compete with conventional fossil fuels used in transportation today. Because only renewable energy sources are used in its production, you get net zero carbon fuels.

How does it work? BMW reports that the process uses a solution of liquid water and CO2 that is exposed to an electrified copper plate. This catalyzes a reaction and produces fuel alcohols (mostly ethanol). Closely packed filters made from cylindrical carbon nanotubes embedded in plastic allow ethanol through while blocking water molecules. From there, the more concentrated solution of approximately 95% ethanol can be catalyzed with zeolite to join into more complex hydrocarbons, including gasoline, diesel, or jet fuel. This technique works at room temperature, while traditional methods of extraction require heat to distill it from a solution.

Founder Rob McGinnis speculated that even though the theoretical efficiency of Prometheus’ system was only 50–60%, their less energy-intensive process could nevertheless considerably lower overall cost and be competitive with fossil fuels.

Why is it a big deal? As BMW notes, “The modularity of the approach will enable micro-cells of gasoline production where there is a surplus of renewable energy available.”

What’s difficult here? For one, the CO2 processing — it’s aiming to use atmospheric CO2 not point source. That’s tougher. So, the company has pioneered a DAC technology, that’s short for Direct Air Capture. You have to process about 1600 pounds of air to capture a pound of CO2, so having a very passive process is a must.

As BMW noted that the “salvaged CO2 encounters renewable electricity in an electrochemical stack called the Faraday Reactor. The electricity “charges” the carbon with hydrogen molecules from the water to create long-chain alcohols, releasing pure oxygen.

«

Petrol contains around 2.3-2.6 kilos of carbon (dioxide? Perhaps) per litre. So this thing has to process 1600 x 2.4 kg = 3.8 tonnes of air to capture the equivalent amount of carbon for a single litre of petrol. Air weighs 1.29kg per cubic metre, so there’s about 3.8kg in 3 cubic metres, hence 3.8 tonnes of air is 3,000 cubic metres. An Olympic swimming pool (50m, 25m wide, 2-3m deep) is 2,500 cubic metres. 120% of that to produce one litre of not-yet petrol.

Let’s say it: that’s insane. Even if it were completely passive, it would still make more sense just to capture the carbon and sequester it, and use the power for electric cars. They’re actually more energy-efficient. (New working hypothesis: things called “Prometheus” are junk.)
unique link to this extract

Is an activist’s pricey house news? Facebook alone decides • The New York Times

Ben Smith on how the NY Post is aggrieved that Facebook is blocking sharing of a post because it mentions a house, on which basis Facebook has a policy that the person mentioned can block it:

»

What Facebook’s clash with The Post really revealed — and what surprised me — is that the platform does not defer, at all, to news organizations on questions of news judgment. A decision by The Post, or The New York Times, that someone’s personal wealth is newsworthy carries no weight in the company’s opaque enforcement mechanisms. Nor, Facebook’s lawyer said, does a more nebulous and reasonable human judgment that the country has felt on edge for the last year and that a Black activist’s concern for her own safety was justified. (The activist didn’t respond to my inquiry but, in an Instagram post, called the reporting on her personal finances “doxxing” and a “tactic of terror.”)

The point of Facebook’s bureaucracy is to replace human judgment with a kind of strict corporate law. “The policy in this case prioritizes safety and privacy, and this enforcement shows how difficult these trade-offs can be,” the company’s vice president for communications, Tucker Bounds, said. “To help us understand if our policies are in the right place, we are referring the policy to the Oversight Board.”

The board is a promising kind of supercourt that has yet to set much meaningful policy. So this rule could eventually change. (Get your stories deleted while you can!)

For now, though, the deletion seems to be an instance of how the company finds itself constantly debating the literal interpretation of its own, made-up rules rather than exercising any form of actual judgment. That came up again this spring in an internal report finding that Facebook hadn’t cracked down on “Stop the Steal” splinter groups because they were all hovering below its “violation threshold.”

I should note that when it comes to the article about the activist’s house, Facebook waded into one of the trickiest areas of online speech, and one of the hardest calls for news organizations today.

«

Poor Facebook, forced to make decisions over policies that it dreamt up itself. Reddit has a similar policy (see No.3), which it enforces effectively: people who doxx someone (give out their personal details) get banned. Facebook could do that, of course.

unique link to this extract

Some publishers rejet FLoC while others are open to testing it

Kate Kaye:

»

Privacy concerns, potential discriminatory categorization of people and data control have some publishers including The Guardian joining web browsers in blocking Google’s cookieless tracking and ad targeting method, FLoC. Meanwhile, The New York Times is among publishers open to testing FLoC, or Federated Learning of Cohorts, a method that categorizes groups of people based on their website visits and enables ad targeting and measurement in aggregate, rather than at an individual level. But as contributors to WordPress, which operates the foundation for millions of websites, also have mulled disabling FLoC, and as European regulators delay trials there, the anti-FLoC chorus grows louder.

“We’ve decided to opt-out of the FLOC trial, for the moment, as we assess the commercial and privacy implications of the technology,” a Guardian News and Media spokesperson told Digiday. “As we learn more about the technology, we may seek to move to trial in the future, but we are also testing a range of other privacy-respecting identity solutions, as we seek to build out our future advertising strategy.”

Google declined to comment on the record for this story.

…headwinds billow against the increasingly controversial FLoC technique. Facing concerns regarding compliance with data use and privacy restrictions in Europe, Google revealed in March that it will not make FLoC available for testing in countries where the General Data Protection Regulation and ePrivacy Directive are in place.

«

Privacy is suddenly quite a thing this year, isn’t it? Almost as if some sort of tipping point had been reached.
unique link to this extract

Apple AirTags are about so much more than finding your keys • WIRED UK

Andrew Williams:

»

Car keys are just one implementation of the Apple U1 chip’s UWB [ultrawideband wireless]. Apple offered us plenty more in a series of patents it filed towards the end of 2019, as reported by Patently Apple.

Diagrams in these filings show a series of Apple U1 trackers used to model the articulation of someone’s body in front of a TV hooked up to some future version of the Apple TV box. Exercise platform Apple Fitness+ is already here, so how about using UWB to tell when you are performing yoga moves correctly in a virtual class, using a virtual on-screen avatar?

Another suggested application is to use UWB to find the fire extinguisher, fire exit or defibrillator in a building, presumably a hospital. Apple has already made major in-roads into healthcare organisations with Apple Health — particularly in the US — so why wouldn’t it work its way deeper into their infrastructure?

The patent filing also details the use of multiple UWB sensors for posture analysis, with Apple U1 sensors dotted across the spine, arms, legs and head.

The contents of patents can never be taken as a guarantee something is going to be released, or is even actively being seriously developed. Some of these sound like a headache, and we don’t fancy clipping a half-dozen sensors on for a yoga class, but the idea Apple U1 is not really for finding things is not our own. And these patents do lay out AirTag use more-or-less exactly as Apple announced at its launch event.

There are more obvious applications that may have already come to mind as you read this, too. Apple U1 devices could be used as objects or play pieces in an augmented reality game or app you play using Apple AR Glasses.

Take that idea further. An Apple U1 chip could sit in every shop shelf, identifying the products that sit on them. Ask Siri where to find the carrots, or a Hermès AirTag holder, and your Apple Glasses highlight them in your view, appearing to see through walls, showing stock levels and the price.

They could be used to map out the play field for virtual reality, AirTags marking out its limits at the corners of the room. HTC Vive uses dedicated laser-tracking boxes to similar effect, at far greater expense.

Your robot vacuum cleaner need never lose track of its home base again with the help of an Apple U1 chip. It could allow for ultimate energy saving home automation, turning off all appliances in rooms in which there are no beating hearts — assuming everyone in your family is Apple-obsessed enough to own an Apple Watch.

«

It’s nice to dream, but Apple isn’t in to “every shop shelf”. It’s into “let the shops stick UWB chips on their shelves and we’ll leverage what they do”. It’s hard to see it making a robovac either – not computer-y enough, and too crowded a market. It hasn’t even put the U1 chip in its new TV remote. Change is slow.
unique link to this extract

“Newsworthiness,” Trump, and the Facebook Oversight Board • Columbia Journalism Review

Renee DiResta and Matt DeButts:

»

If Facebook’s algorithms didn’t relentlessly promote Trump’s messages, they might not have gone viral, or at least not with the same alacrity. Just look at the past few months: by blocking Trump from their platforms, Facebook, Twitter, and other social media giants appear to have significantly reduced the media coverage about him. If social media made Trump newsworthy, we now know, too, that it can make him less so.

To escape from Facebook’s circular logic of “newsworthiness,” we have two choices: we can either redefine the term, or we can rethink how it is deployed as a justification in content moderation. The first option is tricky. Redefining a widely used term is hard, and would likely encounter resistance. Free speech advocates are understandably reluctant to enable platforms (or Facebook’s Oversight Board, for that matter) to determine what is in “the public interest”—a phrase that often appears alongside “newsworthy.” Many are quick to argue that the public interest is highly subjective or, alternately, that a large profit-seeking corporation may not be appropriately positioned to evaluate it. When the courts have been asked to define “legitimate public interest” in the context of libel cases, they have largely demurred, preferring to rely on editors’ judgments and individual context. Unfortunately, that leaves us where we started. The second option—rethinking newsworthiness in content moderation—is more intriguing.

One possibility is to reverse Facebook’s current position. Consider the following thought experiment: A Facebook user writes something to his audience of ten million. What he says is borderline harmful, though it’s not a clear-cut case. Still, the speech is likely to be newsworthy—in our viral age, when ten million people begin talking about something it will probably become “news”—so the potential damage is high. Furthermore, once this speech has reached ten million accounts, it will become increasingly difficult to remove the message should it prove dangerous in the end. If another Facebook user, this person with an audience of ten, writes the same sentence, the speech is no different, but the potential harm is limited. If the message were to incite violence, the scale would be much more restricted, and Facebook would have an opportunity to intervene before it goes viral. In the latter case, someone’s lack of newsworthiness should make the content more permissible, but in the current enforcement structure, paradoxically, the ordinary person with the small audience is more likely to be moderated and removed.

«

Which is the point: exceptions are made for the big accounts. Because they create “engagement” and hence revenue.
unique link to this extract

Roku says it may lose YouTube TV app after Google made anti-competitive demands • Axios

Sara Fischer:

»

Roku says Google is threatening the removal of YouTube TV to force Roku to grant preferential access to its consumer data moving forward.

It says Google has asked Roku to do things that it does not see replicated on other streaming competitors’ platforms, like creating a dedicated search results row for YouTube within the Roku smart TV interface and giving YouTube search results more prominent placement.

Roku says Google has also required it to block search results from other streaming content providers while users are using the YouTube app on Roku’s system. Roku alleges Google has asked it to favor YouTube music results from voice commands made on the Roku remote while the YouTube app is open, even if the user’s music preference is set to default to another music app, like Pandora.

Roku says Google has threatened to require Roku to use certain chip sets or memory cards that would force Roku to increase the price of its hardware product, which competes directly with Google’s Chromecast.

In response to the allegations, a YouTube TV spokesperson says, “We have been working with Roku in good faith to reach an agreement that benefits our viewers and their customers.”

“Unfortunately, Roku often engages in these types of tactics in their negotiations. We’re disappointed that they chose to make baseless claims while we continue our ongoing negotiations.”

«

Those Google denials aren’t very denial-y. I haven’t seen Roku making claims like that in the past, either. Who gets hurt more if there’s no YouTube on Roku? Roku isn’t bigger than all the other smart TVs. But Roku users are unlikely to abandon their investment in it, which could include paid channels. So Google loses out. A bit. As does Roku.
unique link to this extract

Errata, corrigenda and ai no corrida: Me, on the iTunes “Buy doesn’t mean you own it” row: “amazing concept that ‘buying’ something doesn’t mean you have possession of it.

Alex Barredo: “NFTs :-P”

Remember Fortnite? Its court case against Apple over whether it can run its own store on iOS without paying tithes begins on Monday. CC-licensed photo by Sergey Galyonkin on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 11 links for you. May the odds be ever with you. I’m @charlesarthur on Twitter. Observations and links welcome.

39 Post Office convictions quashed after Fujitsu evidence about Horizon IT platform called into question • The Register

Gareth Corfield:

»

Lord Justice Holroyde said that the one-time state monopoly had, by representing Horizon as reliable, “effectively sought to reverse the burden of proof,” leading to criminal defendants having to prove their innocence instead of the Post Office showing they were guilty. Its lawyers compounded this by withholding evidence from courts and defence lawyers alike – evidence which clearly showed the Post Office and Fujitsu knew Horizon wasn’t generating accurate accounting records.

Each prosecution challenged in the Court of Appeal over the past year relied on data from the Horizon business management platform supplied by Fujitsu. This data, called “ARQ data” by the court, was a “complete and accurate record of all keystrokes made” on Horizon by sub-postmasters and their branch office staff.

Yet ARQ data was not often made available in the Post Office’s Crown Court prosecutions, leading to unjustifiable convictions and coerced guilty pleas.

Wrongly deprived of evidence needed to show that the Post Office’s cases against them were flawed, many sub-postmasters pleaded guilty in the hope of getting reduced sentences rather than maintaining their innocence at court. Many also wanted to avoid the wrath of judges who had been told they were unrepentant thieves and false accounters.

Holroyde, giving the Court of Appeal’s judgment today, referred to an earlier civil High Court judgment from Mr Justice Fraser, who savaged the Post Office’s claims that Horizon was sound.

“Fraser J referred to two particular bugs, known as the Callendar Square bug and the Receipts and Payments Mismatch (‘RPM’) bug,” said Lord Justice Holroyde. “In his ‘Common Issues’ judgment at [541], he had described the RPM bug as one of the bugs in respect of which contemporaneous internal documents showed ‘at least to some degree, an awareness of Horizon problems within the Post Office itself over a number of years’.”

«

This was the worst, biggest, longest miscarriage of justice ever in the UK. It’s not just dozens; hundreds of people were almost surely wrongly prosecuted for errors in the system. Horizon connected by phone line to central servers, but some transactions were missed. That created mismatches which looked as though the people running the offices were stealing money.

The Post Office’s refusal to accept this went beyond any reasonable behaviour. Really, someone should call in AC-12.
unique link to this extract

Fortnite’s mastermind goes to battle with Apple • WSJ

Tim Higgins and Sarah E. Needleman:

»

By early 2020, “Fortnite” was showing signs of aging, although popularity for online games can sometimes ebb and flow due to new seasons or features. The privately held company doesn’t disclose financial records but app-analytics firm Sensor Tower estimates global consumer spending within “Fortnite” on Apple devices had fallen in the first quarter of last year to $70m from a peak of almost $180m in the third quarter of 2018. Epic Chief Financial Officer Joe Babcock, who departed the company in early 2020, said it expected the trend to continue, according to a deposition he gave cited by Apple. Mr. Babock couldn’t be reached for comment.

Epic disputes the notion that “Fortnite” was waning in popularity, as the company in May 2020 said it had reached 350 million registered accounts.

Epic hatched a plan, according to court records citing a board presentation, to revive interest in “Fortnite” beyond its seasonal updates and occasional music performances and movie screenings that people experience together in a virtual setting. Epic would turn to third-party developers to create new content for “Fortnite,” essentially turning it into an open platform unto itself.

But for this new plan to work, the company needed to find a way it could afford to compensate its would-be partners. Apple’s 30% share, the presentation concluded, was an “existential issue” for its plan and needed to be cut so Epic could share a majority of the profit with creators.

«

The court case, with Epic suing Apple on antitrust and anti-competition, begins today (Monday).
unique link to this extract

Twitter censors tweets from MP, MLA, editor criticising pandemic handling • Medianama

Aroon Deep and Aditya Chunduru:

»

Twitter has complied with government requests to censor 52 tweets that mostly criticised India’s handling of the second surge of the COVID-19 pandemic. These tweets, which are now inaccessible to Indian users of the social media website, include posts by Revanth Reddy, a sitting Member of Parliament; Moloy Ghatak, a West Bengal state minister; actor Vineet Kumar Singh; and two filmmakers, Vinod Kapri and Avinash Das. 

MediaNama has seen public disclosures of the orders made available by Twitter to the Lumen Database. Lumen Database receives and publishes disclosures from private entities, including social media companies, of legal takedown notices they get from governments and private entities all over the world. MediaNama has previously reported the withholding of Rajya Sabha Member of Parliament Sukhram Singh Yadav’s Twitter account based on a Lumen Database disclosure. Such orders are typically sent by the Ministry of Electronics & Information Technology (MEITY).

«

Twitter says that it geoblocks content if “illegal in a particular jurisdiction, but not in violation of the Twitter rules”. So the tweets are still on the network, but just not visible in Modi’s India, where Covid cases and deaths are skyrocketing.
unique link to this extract

Gravity-based batteries try to beat their chemical cousins with winches, weights, and mine shafts • Science

Cathleen O’Grady:

»

Alongside the chilly, steel-gray water of the docks here stands what looks like a naked, four-story elevator shaft—except in place of the elevator is a green, 50-ton iron weight, suspended by steel cables. Little by little, electric motors hoist the weight halfway up the shaft; it is now a giant, gravity-powered battery, storing potential energy that can be released when needed. And that moment is now: With a metallic moan, the weight inches back down the shaft. Reversing direction, the motors become electric generators, sending up to 250 kilowatts of power back to the grid. For peak power, the weight can descend in 11 seconds—but for testing purposes, it moves just a few meters at “creep speed,” says Douglas Hitchcock, project engineer at Scottish startup Gravitricity.  

The company announced this week that its small-scale demonstrator is now operational, capable of switching between drawing energy from the grid and sending it back in a matter of seconds. The design offers an alternative to the chemical batteries that dominate the global energy storage market—a market that is growing hand in hand with renewable power, which needs to bank energy when the Sun shines or the wind blows, and release it when the grid faces high demand.

Gravitricity is one of a handful of gravity-based energy storage companies attempting to improve on an old idea: pumped hydroelectric power storage. Engineers would dam up a reservoir on a hill, pump water to it at times of low demand (usually at night), and release it to generate electricity. But the systems require specific terrain, expensive infrastructure, and planning approval that is increasingly hard to come by. These days, banking energy usually means hooking up renewable power to giant batteries.

Gravity-based storage has some distinct advantages, says Oliver Schmidt, a clean energy consultant and visiting researcher at Imperial College London. Lithium-ion batteries, the technology of choice for utility-scale energy storage, can charge and discharge only so many times before losing capacity—usually within a few years. But the components of gravity storage—winches, steel cables, and heavy weights—can hold up well for decades. “It’s mechanical engineering stuff,” Schmidt says. “It’s relatively cheap.”

«

Perhaps not very efficient, but dead cheap to build.
unique link to this extract

We applied for a job with a ransomware gant online • CyberNews

“Cybernews Team”:

»

In June 2020, a user called ‘Unknown’ submitted a rather peculiar post on a popular Russian hacker forum, looking for people to join their ‘affiliate program.’ In the world of crimeware-as-a-service, an ‘affiliate’ is a person who uses malicious tools provided by another threat actor to commit cyberattacks against individuals or organizations of their choice – in return for a cut of the profits.

What made this particular posting stand out from your typical crimeware-as-a-service ads, was the fact that it seemed to be coming from REvil – also known as Sodinokibi – one of the most notorious ransomware groups in the world.

REvil is infamous for being the very first ransomware-as-a-service cartel to use the so-called “double extortion” tactic, whereby the group (or one of their ‘affiliates’) attacks and locks a company out of their own files, and then gives the owners an additional incentive to pay the ransom by threatening to sell or even auction the stolen data off to other cybercriminals.

Interestingly, it was sometime in June 2020 – the time when this story takes place – when REvil first used the double extortion tactic as it began auctioning off data stolen from a Canadian agricultural production company that refused to pay a ransom.

The potentially big name behind the posting wasn’t the only thing that piqued our interest. The terms of the offer seemed rather tempting as well. According to the ad, the affiliate, if accepted, would get up to 70-80% of any successfully paid ransom, while REvil themselves would keep the other 20-30%.

Clearly, the offer was good. Perhaps, even too good to be true. So how could potential partners in crime be sure that the ad was posted by an actual representative of the REvil cartel, and not by a scammer, a security researcher, or an undercover Interpol agent? Well, money talks, and it seems that the author of the post spoke it fluently. To prove that the job posting was legitimate, the recruiters publicly deposited $1 million worth of bitcoin into their forum wallet.

Prior to the massive deposit, the posting had our curiosity. Now, it had our attention.

«

unique link to this extract

City of Albuquerque refers Trump campaign bill to collection agency • KOB 4

Joy Wang:

»

The city is seeking approximately $200,000 following the president’s rally in Rio Rancho in 2019.

Albuquerque Mayor Tim Keller said the bill covers security costs that stem from the former president staying in a downtown Albuquerque hotel overnight. 

The security cost include blocking off parts of downtown, paying police officers overtime and covering the paid time off expenses of city workers who had to stay home.

“We actually treated it like any other debt, and so it goes through a somewhat process where you send a bunch of letters out,” Keller said. “We got no response from those letters. And then automatically, it does go to an agency that helps try and collect debts, and so that’s those annoying phone calls you get that say, you know, you owe money to so-and-so like now, Trump is getting those.”

Most of America found out about the debt when Keller appeared on the Daily Show to talk about the bill.

Despite the newfound attention to the bill, Keller doesn’t expect the collection agency to get money out of Trump.

“Given what else has happened, I mean in terms of, even his own campaign owing money to donors and lots of shady stuff there, so unfortunately I don’t really expect us to get paid,” he said. “But it’s important that we do, and you know, we would do it for anyone else, so he’s no different.”

«

You’d have thought that by then people would have learnt to get payment upfront.
unique link to this extract

Apple must face lawsuit over iTunes “Buy” button • Hollywood Reporter

Eriq Gardner:

»

If possession is nine-tenths of the law, what happens when possession gets slippery?

That’s a question for a federal courtroom in Sacramento, California, where Apple is facing a putative class action over the way consumers can “buy” or “rent” movies, TV shows and other content in the iTunes Store. David Andino, the lead plaintiff in this case, argues the distinction is deceptive. He alleges Apple reserves the right to terminate access to what consumers have “purchased,” and in fact, has done so on numerous occasions.

This week, US District Court Judge John Mendez made clear he isn’t ready to buy into Apple’s view of consumer expectations in the digital marketplace.

“Apple contends that ‘[n]o reasonable consumer would believe’ that purchased content would remain on the iTunes platform indefinitely,” writes Mendez. “But in common usage, the term ‘buy’ means to acquire possession over something. It seems plausible, at least at the motion to dismiss stage, that reasonable consumers would expect their access couldn’t be revoked.”

Apple tried other ways to slip away from claims of false advertising and unfair competition. For example, it tried the time-tested approach of challenging Andino’s “injury” to knock his potential standing as a plaintiff.

“Apple argues that Plaintiff’s alleged injury — which it describes as the possibility that the purchased content may one day disappear — is not concrete but rather speculative,” sums Mendez, responding, “[T]he injury Plaintiff alleges is not, as Apple contends, that he may someday lose access to his purchased content. Rather, the injury is that at the time of purchase, he paid either too much for the product or spent money he would not have but for the misrepresentation. This economic injury is concrete and actual, not speculative as Apple contends, satisfying the injury in fact requirement of Article III.”

«

Amazing concept: that “buying” something doesn’t mean you have possession of it.
unique link to this extract

Will quantum computing ever live up to its hype? • Scientific American

John Horgan:

»

Quantum-computing enthusiasts have declared that the technology will supercharge machine learning. It will revolutionize the simulation of complex phenomena in chemistry, neuroscience, medicine, economics and other fields. It will solve the traveling-salesman problem and other conundrums that resist solution by conventional computers. It’s still not clear whether quantum computing will achieve these goals, [computer scientist Scott] Aaronson says, adding that optimists might be “in for a rude awakening.”

Popular accounts often imply that quantum computers, because superposition and entanglement allow them to carry out multiple computations at the same time, are simply faster versions of conventional computers. Those accounts are misleading, Aaronson says. Compared to conventional computers, quantum computers are “unnatural” devices that might be best suited to a relatively narrow range of applications, notably simulating systems dominated by quantum effects.

The ability of a quantum computer to surpass the fastest conventional machine is known as “quantum supremacy,” a phrase coined by physicist John Preskill in 2012. Demonstrating quantum supremacy is extremely difficult. Even in conventional computing, proving that your algorithm beats mine isn’t straightforward. You must pick a task that represents a fair test and choose valid methods of measuring speed and accuracy. The outcomes of tests are also prone to misinterpretation and confirmation bias. Testing “creates an enormous space for mischief,” Aaronson says.

«

I’ve been writing about quantum computing for around 30 years, and it’s still really unclear what application it could have apart from cracking encryption. Horgan’s attempt (later in the article) to get clarity from a proponent of quantum computers leaves me as puzzled – and sceptical – as ever.
unique link to this extract

Why Minnesota faces $800m in extra gas bills from Texas’s freeze in February • The Washington Post

Will Englund:

»

When that big freeze hit Texas in February, the Lone Star State couldn’t help but share its pain.

With its ill-equipped natural gas systems clocked by the cold, Texas’s exports across the Rio Grande froze up and 4.7 million customers in northern Mexico went without electricity — more than in Texas itself. The spot price of gas jumped 30-fold as far west as Southern California. And all the way up by the Canadian border, gas utilities in Minnesota that turned to the daily spot market to meet demand say they had to pay about $800m more than planned over the course of just five days as the Texas freeze-up pinched off supplies.

“The ineptness and disregard for common-sense utility regulation in Texas makes my blood boil and keeps me up at night,” Katie Sieben, chairwoman of the Minnesota Public Utility Commission, said in an interview. “It is maddening and outrageous and completely inexcusable that Texas’s lack of sound utility regulation is having this impact on the rest of the country.”

The Texas market is so large — second only to California’s — and its natural gas industry is so predominant that when things go wrong there, the impacts can be felt across the country. And in a state that eschews regulation, driving energy producers to cut costs as deeply as they can to remain competitive, things went spectacularly wrong the week of Valentine’s Day.

Minnesota’s biggest gas companies are putting forward plans to recoup their expenses by adding a surcharge to customers’ bills, which the state utility commission would first have to approve. Normally, such adjustments to account for winter prices go into effect in September, but Minnesota’s biggest gas utility, Houston-based CenterPoint Energy, says the financial pinch is so great it wants to start billing customers next month — and charging them nearly 9% interest until the extraordinary costs are paid off.

«

unique link to this extract

Carbon Intensity

Lyndon Ruff and Alasdair Bruce:

»

National Grid ESO, in partnership with Environmental Defense Fund Europe, University of Oxford Department of Computer Science and WWF, have developed the world’s first Carbon Intensity forecast with a regional breakdown.

The Carbon Intensity API uses state-of-the-art machine learning and sophisticated power system modelling to forecast the carbon intensity and generation mix 96+ hours ahead for each region in Great Britain.

Our OpenAPI allows consumers and smart devices to schedule and minimise CO2 emissions at a local level.

«

Nice – and I particularly like the provision of an API. (Some people have built LED systems that change colour according to the “carbon intensity” of the grid at any moment.) Not clear quite whose ML systems they’re using, or if they just built their own.
unique link to this extract

The secret betting strategy that beats online bookmakers • MIT Technology Review

»

If you’ve ever been tempted by a flutter, you’ll know how bookmakers and casinos stack the odds against you. The clearest example is roulette, where there are 36 red and black numbers plus the green numbers 0 and (in the U.S.) 00. So that’s 38 possibilities in total. When betting on red or black, the odds of choosing correctly are 18/38, and a fair payout for a $1 stake is $2.111. However, the house pays only $2 and keeps the difference. In that way, it guarantees itself a profit.

A similar bias occurs in bookmakers’ odds on horse races, soccer, and every other sporting event. The bookies always ensure that the odds are in their favor. But setting these odds is harder than those for roulette because the calculations are trickier.

And that raises a tantalizing possibility. Is it possible to come up with a better way to calculate the odds, and thus beat the bookies?

Today we get an answer thanks to the work of Lisandro Kaunitz at the University of Tokyo and a few pals, who have found a way to consistently make money from the online betting market for soccer.

But their work comes with a serious caveat. Kaunitz and co say that as soon as the bookies became aware of this success, they prevented the researchers from betting further.

«

How they did it is fascinating – first mining historical data, then trying it with computers on real-world data (but not placing the bets), then actually placing real bets with a human. And then the bookies noticed. At least the consequences weren’t like being spotted in Casino.
unique link to this extract

Errata, corrigenda and ai no corrida: none notified

There’s lots of new information about Apple’s AirTags. Up to 16 per person, so your phone might look like a radar screen. CC-licensed photo by Antonio Zugaldia on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 9 links for you. Is that an AirTag in your pocket? I’m @charlesarthur on Twitter. Observations and links welcome.

• Why do social networks drive us a little mad?
• Why does angry content seem to dominate what we see?
• How much of a role do algorithms play in affecting what we see and do online?
• What can we do about it?
• Did Facebook have any inkling of what was coming in Myanmar in 2016?

Preorder Social Warming, my forthcoming book, and find answers – and more.

How Facebook failed to prevent “Stop The Steal” • Buzzfeed News

Craig Silverman, Ryan Mac and Jane Lytvynenko:

»

Employees were made aware of the original Stop the Steal Facebook group, which emerged on election night [Nov 3 2020], after it was “flagged for escalation because it contained high levels of hate and violence and incitement (VNI) in the comments.” By the time Facebook removed it, on Nov. 5, it had become a movement, amassing more than 300,000 members in a 24-hour span with more than a million people wanting to join. The group’s takedown and splintering into offshoot groups caused a major problem for Facebook, which took a “piecemeal” approach to enforcement and failed to see Stop the Steal as a wider, harmful movement, according to the internal report.

“Because we were looking at each entity individually, rather than as a cohesive movement, we were only able to take down individual Groups and Pages once they exceeded a violation threshold,” the report reads. “After the Capitol Insurrection [on Jan 6 2021] and a wave of Storm the Capitol events across the country, we realized that the individual delegitimizing Groups, Pages and slogans did constitute a cohesive movement.”

It was only after the violence of Jan. 6, according to the report, that Facebook teams realised they were dealing with a movement that “normalized delegitimization and hate in a way that resulted in offline harm and harm to the norms underpinning democracy.” And while the company spent months preparing for people to dispute election results, the report calls delegitimization a “new territory” in which “few policies or knowledge existed” prior to election night.

The document contradicts Zuckerberg’s statement to Congress about Facebook being “inhospitable” to harmful content about the election, and refutes chief operating officer Sheryl Sandberg’s January comment that the insurrection was “largely organized on platforms that don’t have our abilities to stop hate, don’t have our standards and don’t have our transparency.” It also shows that while Facebook said it was prepared for election destabilization and was monitoring signals for unrest, it failed to stop a movement that led to real-world harm.

«

Facebook is too big; it brings together too many people whose desires can be herded into malice. It really is classic social warming: put a lot of people together and then force them closer and watch the temperature rise. To, in this case, deadly effect.

unique link to this extract

Daily Mail owner sues Google over search results • BBC News

»

The owner of the Daily Mail newspaper and MailOnline website is suing Google over allegations the search engine manipulates search results.

Associated Newspapers accuses Google of having too much control over online advertising and of downgrading links to its stories, favouring other outlets. It alleges Google “punishes” publishers in its rankings if they don’t sell enough advertising space in its marketplace. Google called the claims “meritless”.

Associated Newspapers’ concerns stem from its assessment that its coverage of the Royal Family in 2021 has been downplayed in search results.

For example, it claims that British users searching for broadcaster Piers Morgan’s comments on the Duchess of Sussex following an interview with Oprah Winfrey were more likely to see articles about Morgan produced by smaller, regional outlets. That is despite the Daily Mail writing multiple stories a day about his comments around that time and employing him as a columnist.

Daily Mail editor emeritus Peter Wright told the BBC’s Today programme that the search engine’s alleged actions were “anti-competitive”. He suggested that the Daily Mail’s search visibility dropped after using online advertising techniques “which were allowing us to divert advertising traffic away from Google to other ad exchanges, which paid better prices – and this was their punishment. We think it’s time to call this company out,” he said.

The Daily Mail’s MailOnline site is one of the world’s most-read websites. It has 75 million unique monthly visitors in the US alone, according to the lawsuit, which was filed in New York on Tuesday.

«

Really looking forward to whatever becomes public from this. I wonder if the multiple stories just seem to Google’s algorithm like spam? (Also, Wright was never editor of the Daily Mail; he edited the Mail On Sunday.)
unique link to this extract

Apple’s AirTag tracker respects privacy and foils stalking • Fast Company

Michael Grothaus:

»

Apple designed the AirTag with one useful purpose in mind: helping people find lost objects. But the company also understands that bad actors may try to use any technology for nefarious purposes. An AirTag designed to track a backpack could also be used to track an unwitting  person. AirTags are small, after all, and one could easily be slipped into someone’s purse or coat pocket without them realizing it.

That’s why Apple has built a number of powerful anti-stalking protections into the AirTag platform. If you’re an iPhone owner running iOS 14.5 or later and someone slips an AirTag into your possession in secret in order to track your movements, your iPhone will warn you this has happened by sending you an “AirTag Found Moving With You” notification. This notification will appear only when an AirTag is following you that is not paired with your Apple ID or another iPhone that is in your vicinity. That distinction is critical so that your iPhone won’t be notified of AirTags that, for instance, belong to other people on the same bus you’re riding. Tapping the notification will take you to the Find My app, where you can tell the AirTag that has been slipped into your possession to emit a sound so you can locate it.

But what about people who don’t own an iPhone? How would Android owners—or those without a smartphone at all—know if an AirTag was slipped into their possession by a stalker?

Apple thought of that too. After an AirTag has been away from its paired device for a certain amount of time, the AirTag will automatically emit a sound notifying those around it of its presence. Right now, the AirTag needs to be out of range of its paired device for three days for the sound to emit, but Apple could lengthen or shorten this time via a software update in the future.

And if you do find a strange AirTag in your possession, you can use any NFC-capable phone to scan it. Tapping the notification that appears in the NFC reader will take you to an Apple website with instructions on how to disable the AirTag and its tracking capabilities immediately—by simply removing its battery. On that same page, you’ll see the unique serial number of the AirTag, which is also printed on the AirTag itself. Though you wouldn’t be able to find out the owner of the AirTag from this serial number, Apple could determine the owner since the AirTag’s unique serial number is associated with an Apple ID during its initial Pair Lock setup.

«

The battery removal thing means that malicious actors who steal your luggage (say) would be able to inactivate it pretty fast. Hard to be sure that this is the most robust system. (Hide them really well?) Also: each Apple ID is limited to 16 trackers, or only $396 of spending (4-pack four times). Unusual for Apple to put a ceiling on how many you can buy.
unique link to this extract

Contractor that ruined 15M doses of J&J vaccine hiked price of another by 800% • Ars Technica

Beth Mole:

»

Things are not looking good for Emergent BioSolutions, the contract manufacturer that ruined 15 million doses of Johnson & Johnson’s one-shot COVID-19 vaccine and millions more doses of AstraZeneca’s COVID-19 vaccine at its production facility in Baltimore.

The Food and Drug Administration on Wednesday released a searing inspection report of the facility, finding a slew of significant violations and failings.

Meanwhile, federal lawmakers have opened a multi-pronged investigation into whether Emergent used ties to the Trump administration to get billions of dollars in federal contracts despite a history of failing to complete contracts. The investigation is also looking into inadequate staff training, persistent quality-control issues, and the company’s “unjustified” 800% price increase for an anthrax vaccine.

In a letter sent to Emergent’s top executives Tuesday, Rep. Carolyn Maloney, chairwoman of the House Committee on Oversight and Reform, and Rep. James Clyburn, chairman of the Select Subcommittee on the Coronavirus Crisis, laid out the investigation, writing:

»

Emergent received $628m in June 2020 to establish the primary US facility for manufacturing vaccines developed by Johnson & Johnson and AstraZeneca. Dr. Robert Kadlec, who served as Assistant Secretary for Preparedness and Response under President Trump and previously worked as a consultant for Emergent, appears to have pushed for this award despite indications that Emergent did not have the ability to reliably fulfill the contract.

«

«

It’s astonishing how much cleaning up is required following the wrecking ball of Trump’s administration. (Thanks G for the link.)
unique link to this extract

Wirecard employees removed millions in cash using shopping bags • Financial Times

Olaf Storbeck:

»

Wirecard employees hauled millions of euros of cash out of the group’s Munich headquarters in plastic bags over a period of years, according to former employees, suggesting that the payments company was looted even more brazenly than previously known.

The once high-flying fintech, which at its peak was worth €24bn, went bust last summer in one of Germany’s biggest accounting frauds. It collapsed after discovering that €1.9bn of corporate cash did not exist and that parts of its business in Asia were a sham.

Former employees have told Munich police investigating the fraud that staff repeatedly removed large amounts of cash from Wirecard’s head office, people with direct knowledge of the matter told the Financial Times.

The practice started as early as 2012, and six-digit amounts of banknotes were often moved in Aldi and Lidl plastic bags, former employees told the police. The total amount, the current whereabouts of the cash and the purpose of removing it from the building are unclear.

Wirecard, whose main business was processing payments for merchants, owned its own bank but did not have branches. As demand for cash grew over time, Wirecard Bank bought a safe which was located in the group’s headquarters in a Munich suburb.

At one point in May 2017, €500,000 in cash was delivered at a time when the safe was full, according to emails seen by the FT and a person with knowledge of the transaction. Some of the cash needed to be hidden elsewhere in the offices.

“From an insurance point of view, that’s crap,” a Wirecard employee wrote in an internal email seen by the FT, urging that delivery and collection of cash needed to be organised on the same day.

«

Aldi and Lidl bags. Couldn’t they have done it in something more upscale?
unique link to this extract

Linux bans University of Minnesota for committing malicious code to kernel • Bleeping Computer

Ax Sharma:

»

a major Linux kernel developer, Greg Kroah-Hartman, has banned the University of Minnesota (UMN) from contributing to the open-source Linux kernel project.

Kroah-Hartman also decided to revert all commits submitted from any UMN email address thus far.

The developer’s justification for taking this step is: “Commits from @umn.edu addresses have been found to be submitted in ‘bad faith’ to try to test the kernel community’s ability to review ‘known malicious’ changes. Because of this, all submissions from this group must be reverted from the kernel tree and will need to be re-reviewed again to determine if they actually are a valid fix. Until that work is complete, [we are removing] this change to ensure that no problems are being introduced into the codebase,” said Kroah-Hartman in a series of published emails.

In February 2021, UMN researchers published a research paper titled, “Open Source Insecurity: Stealthily Introducing Vulnerabilities via Hypocrite Commits.” The focus of this research was to deliberately introduce known security vulnerabilities in the Linux kernel, by submitting malicious or insecure code patches.

As seen by BleepingComputer, the researchers demonstrate many examples of instances where they introduced known vulnerabilities by making these “hypocrite” patch commits.

«

UMN researcher claimed that it was part of a new static analyzer (a method of analysing code for vulnerabilities). The Linux kernel team isn’t impressed. UMN has suspended the line of research and says it takes the situation “extremely seriously”.
unique link to this extract

Introducing Menuwhere: the menu where you are • Tales of a Running Bird

Rob Griffiths:

»

Say hello to Menuwhere, Many Tricks’ newest app. This handy $3 utility puts the frontmost app’s menu bar into a pop-up menu at your mouse’s location—say goodbye to those long trips to the menu bar; the main menu is now just a hot key away:

Once onscreen, you can navigate the menus by typing letters in the names of the menu items you wish to access (then pressing Enter), or by using the arrow keys and Enter, or even via the mouse.

If you’re a long-time Mac user, you’re probably aware of similar apps from the past…which is why we wrote Menuwhere, because those apps are all in the past. Menuwhere is here now, fully supported, 64-bit and Universal—it runs natively on Apple Silicon and Intel.

«

Personally I’m more of a keyboard shortcut person, but I can imagine that this might come in handy.

unique link to this extract

Apple’s M1 positioning mocks the entire x86 business model • ExtremeTech

Joel Hruska:

»

If you want to buy a MacBook Air or MacBook Pro, Apple will sell you an M1. Want a Mac Mini? You get an M1. Interested in the iMac or the new iPad Pro? You get an M1. It’s possible that the M1 CPUs inside the iMac will have different thermal or clock behavior than those inside the systems Apple has already launched, but the company’s decision to eschew clock speed disclosures suggests that these CPUs differ only modestly. The iMac might have the same 3.2GHz base clock but hold its frequency better under load, for example.

But outside of that, Apple is selling a single CPU across a wider range of products than any competing Intel or AMD CPU is ever sold. This speaks volumes as to what Apple believes it has its hands on, namely: a CPU fast enough at the quad-core level — because, scaling-wise, the M1 is a quad-core chip, with four low-power cores to handle low-power workloads — to address a huge range of markets, while drawing so little power, it can also be sold in a laptop.

Part of the reason Apple can get away with doing this is that — and let’s be honest — it’s been selling badly underpowered systems at certain price points. The old 21.5in iMacs included a $1,099 option with a dual-core CPU and only a 3.6GHz (no turbo) quad-core at $1,299. Only the six-core iMac, at $1,499, had a CPU powerful enough to even arguably be shipping in a 2021 PC. That matters because, when these systems get reviewed, they’re going to be compared in part with the hardware they replaced. The M1 appears to be faster and more power-efficient than current x86 CPUs, regardless, but it’s going to compare particularly well when the other systems are underpowered relative to what a PC OEM would have been selling at the same price point.

But lopsided configurations are only part of the equation. Apple couldn’t position the M1 this way if it wasn’t an excellent CPU in its own right.

«

The “badly underpowered” nature of the previous systems was down to Intel, though, not Apple. As Hruska kinda-sorta acknowledges later, the reason why Apple can sell the M1 for these different machines (which have, let’s note, different thermal envelopes: the Air has no fan, while the mini, Macbook Pro and iMac do) is that its business model doesn’t rely on segmenting the market into tiny twitching pieces by using confusing nomenclature and SKUs.
unique link to this extract

Tesla’s Autopilot is ‘easily’ tricked into working without anyone in the driver’s seat • The Verge

Andrew Hawkins:

»

Consumer Reports said Thursday it was “easily” able to trick Tesla’s Autopilot system to operate without anyone in the driver’s seat. The publication’s test came amid questions about the safety of the company’s advanced driver assist system in the aftermath of a fatal crash in Texas in which authorities said there was no one behind the steering wheel.

Using a weighted chain attached to the steering wheel to simulate the pressure of the driver’s hands, two Consumer Reports researchers were able to use the steering wheel dial on a Tesla Model Y to accelerate from a full stop, and then “drive” around on a closed-course test track for several miles — all while sitting in the passenger seat and backseat. They stopped the vehicle by again using the dial to bring the speed back down to zero.

Tricking the Tesla to operate without someone behind the wheel was as simple as keeping the driver’s seatbelt buckled, not opening the driver’s side door during the test, and using the weight to simulate hands on the steering wheel.

«

If Tesla moves to weight detection on the driver’s seat, people will put weights on it (though that starts to get complicated..). What’s next, face detection? Tesla isn’t liable, of course, for what people stupidly do. But the trouble with foolproof systems is that they keep making better fools.
unique link to this extract

Errata, corrigenda and ai no corrida: none notified

How often do coders visiting Stack Overflow hit the copy keys? We can reveal. CC-licensed photo by wiredforlego on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 9 links for you. Pay up, or.. don’t. I’m @charlesarthur on Twitter. Observations and links welcome.

• Why did Facebook create business profiles for terrorists? • Why are so many people on social media so angry? • Are algorithm-free social networks like WhatsApp free of misinformation? • What did Covid change about social networks’ approach to truth? • How much do Facebook, Twitter and Google coordinate on taking accounts down? Preorder Social Warming, my forthcoming book, and find answers – and more.

Apple targeted in $50 million ransomware hack of supplier Quanta • Bloomberg

Kartikay Mehrotra:

»

The ransomware group REvil, also known as Sodinokibi, published a blog on its darkweb site early on Tuesday in which it claimed to have infiltrated the computer network of Quanta Computer Inc. The Taiwan-based company is a key supplier to Apple, manufacturing mostly Macbooks. It similarly produces goods for the likes of HP Inc., Facebook Inc. and Alphabet Inc.’s Google.

REvil’s public face on the darkweb, a user on the cyber-crime forum XSS who goes by the name ‘Unknown’, announced Sunday that the ransomware group was on the cusp of declaring its “largest attack ever,” in a post reviewed by Bloomberg News. The post was made in Russian on a channel where the REvil group recruits new affiliates, according to a person familiar with Unknown’s history on the XSS forum who sought anonymity for fear of retaliation.

By early on April 20, REvil’s ‘Happy Blog’ — a site where the cartel publicly names and shames victims in hopes of coaxing ransom payment — declared Quanta its latest victim. In their post, also reviewed by Bloomberg, the hackers claim they’d waited to disclose the Quanta compromise until the date of Apple’s latest big reveal, contending the parts supplier had expressed no interest in paying to recover the stolen data. Quanta acknowledged an attack without explaining if or how much of its data was stolen.

…By the time Apple’s product launch was over, REvil had posted schematics for a new laptop, including 15 images detailing the guts of what appears to be a Macbook designed as recently as March 2021, according to the documents reviewed by Bloomberg.

REvil is now attempting to shake-down Apple in its effort to profit off the stolen data. They’ve asked Apple to pay their ransom by May 1, as was first reported by Bleeping Computer. Until then, the hackers will continue to post new files every day, REvil said on its blog.

«

Not much use posting them on the dark web, is it? They’re assembly schematics (as you’d expect for an assembly company) which Apple Insider, among others, has published. (At least, the picture was up when I looked.) MacBook Pro: no Touch Bar, HDMI connector, SD card slot. Rejoice.
unique link to this extract

Apple’s $64 billion-a-year App Store isn’t catching the most egregious scams • The Verge

Sean Hollister:

»

Recently, I reached out to the most profitable company in the world to ask a series of basic questions. I wanted to understand: how is a single man making the entire Apple App Store review team look silly? Particularly now that Apple’s in the fight of its life, both in the courts and in Congress later today, to prove its App Store is a well-run system that keeps users safe instead of a monopoly that needs to be broken up.

That man’s name is Kosta Eleftheriou, and over the past few months, he’s made a convincing case that Apple is either uninterested or incompetent at stopping multimillion-dollar scams in its own App Store. He’s repeatedly found scam apps that prey on ordinary iPhone and iPad owners by luring them into a “free trial” of an app with seemingly thousands of fake 5-star reviews, only to charge them outrageous sums of money for a recurring subscription that many don’t understand how to cancel. “It’s a situation that most communities are blind to because of how Apple is essentially brainwashing people into believing the App Store is a trusted place,” he tells The Verge.

There’s a lot to unpack there: fake free trials, fake reviews, subscription awareness. We could write an entire story about each. Today, I’d like to focus on how one guy could find what Apple’s $64-billion-a-year App Store apparently cannot, because the answer is remarkable.

You simply look at the apps that are making the most money. Then, you find ones where the user reviews are suspicious and look for ridiculously high subscription prices.

That’s it. There’s no step four. Eleftheriou tells us this is how he started finding these scams, but you don’t need to be a coder to figure it out.

«

This continues to be a ridiculous embarrassment for Apple. Fake reviews and scummy apps with tricksy headfakes that drag people into pricey subscriptions. It has begun picking up on some apps, but nothing like as many as there are. To some extent, this is “cutting the grass”: new scams will appear as each one is removed. But that’s the point about curating an app store: you have to keep at it, and there is a lot of grass cutting.
unique link to this extract

“Fake Famous” and the tedium of influencer culture • The New Yorker

Naomi Fry:

»

Working a menial job is hard, but “Fake Famous” demonstrates that being an influencer, too, can be a tedious kind of labor. In one amusing sequence, Bilton takes us behind the scenes of a photo shoot in which Dominique and Wylie are shown partaking in one-per-cent-like activities such as sipping champagne and eating chocolates poolside at the Four Seasons, relaxing blissfully on an international flight, and receiving a luxurious spa treatment. All of this, however, is smoke and mirrors: in the pictures, which are shot in quick succession at a single location, a toilet seat held aloft mimics a plane’s window, the champagne is apple juice, the chocolates are pats of butter dipped in cocoa powder, and the rose-petal-infused spa basin is a plastic kiddie pool.

There is a kind of D.I.Y. creativity about all of this, a spirit of making do, which allows the plucky influencer some agency. “Remember, you’re the Lulu girl!” Dominique’s mom reminds her daughter, early in the film, when Dominique expresses doubts about her ability to make nice at her retail job—and, in her attempts to become an influencer, Dominique’s fealty to Lululemon is exchanged for a commitment to the new version of herself that she has decided to sell online. Dominique wants to brand her own self rather than work for someone else’s, and on the face of it, one might wonder what could be wrong with this strategy, in which, instead of allowing a corporation to harvest the surplus value of an employee’s personality, the employee is able to harvest it for herself. (Slay, kween!) Depressingly, though, as Dominique’s popularity grows—she even starts getting more auditions and acting gigs, thanks to her burgeoning Instagram profile—her success seems to depend not on any surplus of personality but, rather, on a lack thereof. She develops an audience by posting videos of herself unboxing products that she has been sent for free by other brands: a blender, energy bars, slippers, a CBD vibrator. Dominique “is like a piece of Play-Doh,” Chris says to Bilton. Like the pink wall on Melrose, she is eye-catching, but still blank enough.

«

*crosses “influencer” off list of jobs to apply for*. This isn’t even “famous for being famous”. It’s “not particularly famous for being not particularly famous”.
unique link to this extract

Herd immunity in US likely impossible, but vaccines can control Covid • USA Today

Elizabeth Weise:

»

Dr. Anthony Fauci, the nation’s top infectious disease doctor, doesn’t want to talk about herd immunity anymore. 

“Rather than concentrating on an elusive number, let’s get as many people vaccinated as quickly as we possibly can,” he said at a White House briefing last week, a sentiment he’s since repeated.

What Fauci doesn’t explicitly state, but others do, is that with about a quarter of Americans saying they might not want to be immunized, herd immunity is simply not an attainable goal.

“It’s theoretically possible but we as a society have rejected that,” said Dr. Gregory Poland, director of the Mayo Clinic’s Vaccine Research Group. “There is no eradication at this point, it’s off the table. The only thing we can talk about is control.”

After initially aiming for the kind of protection provided by the measles vaccine, officials are now focused on containment similar to the flu: acknowledging there will be regular outbreaks but hoping to limit them as much as possible. 

Americans can go through their entire lives without worrying about getting the measles because of a long-lasting effective vaccine given to more than 90% of children. Although small pockets of infection occur when vaccination rates drop, even people who can’t get the vaccine or are immunocompromised remain mostly protected.

With COVID-19, where vaccines are effective but won’t last a lifetime, vaccine hesitancy makes that kind of widespread protection unlikely, experts say.

That means people who can’t get vaccinated or whose immune systems are dampened by medication or disease will remain vulnerable. There will probably always be enough unvaccinated people to allow COVID-19 to spread once it arrives in a community. And even people who are vaccinated won’t be 100% protected in the face of such a contagious illness.

«

Perhaps it was inevitable that such a big country would fail in this way. But it is a monumental failure.

unique link to this extract

How often do people actually copy and paste from Stack Overflow? Now we know • Stack Overflow Blog

Ben Popper and David Gibson, after an April Fool’s joke that Stack Overflow (beloved by coders seeking a solution to a problem) was going to make a hardware keyboard that would simply copy and paste, they got to wondering how often people actually do Cmd-C Cmd-V:

»

One out of every four users who visits a Stack Overflow question copies something within five minutes of hitting the page. That adds up to 40,623,987 copies across 7,305,042 posts and comments between March 26th and April 9th. People copy from answers about ten times as often as they do from questions and about 35 times as often as they do from comments. People copy from code blocks more than ten times as often as they do from the surrounding text, and surprisingly, we see more copies being made on questions without accepted answers than we do on questions which are accepted. 

So, if you’ve ever felt bad about copying code from our site instead of writing it from scratch, forgive yourself! Why recreate the wheel when someone else has done the hard work? We call this knowledge reuse – you’re reusing what others have already learned, created, and proven. Knowledge reuse isn’t a bad thing – it helps you learn, get working code faster, and reduces your frustration. Our whole site runs on knowledge reuse – it’s the altruistic mentorship that makes Stack Overflow such a powerful community. 

«

unique link to this extract

Exploiting vulnerabilities in Cellebrite UFED and Physical Analyzer from an app’s perspective • Signal

Moxie Marlinspike (who, if you don’t know, is a hacker extraordinaire) got hold of a Cellebrite analyser, as used by law enforcement and others to break into phones seized from people:

»

Anyone familiar with software security will immediately recognize that the primary task of Cellebrite’s software is to parse “untrusted” data from a wide variety of formats as used by many different apps. That is to say, the data Cellebrite’s software needs to extract and display is ultimately generated and controlled by the apps on the device, not a “trusted” source, so Cellebrite can’t make any assumptions about the “correctness” of the formatted data it is receiving. This is the space in which virtually all security vulnerabilities originate.

Since almost all of Cellebrite’s code exists to parse untrusted input that could be formatted in an unexpected way to exploit memory corruption or other vulnerabilities in the parsing software, one might expect Cellebrite to have been extremely cautious. Looking at both UFED and Physical Analyzer, though, we were surprised to find that very little care seems to have been given to Cellebrite’s own software security.

…Given the number of opportunities present, we found that it’s possible to execute arbitrary code on a Cellebrite machine simply by including a specially formatted but otherwise innocuous file in any app on a device that is subsequently plugged into Cellebrite and scanned. There are virtually no limits on the code that can be executed.

For example, by including a specially formatted but otherwise innocuous file in an app on a device that is then scanned by Cellebrite, it’s possible to execute code that modifies not just the Cellebrite report being created in that scan, but also all previous and future generated Cellebrite reports from all previously scanned devices and all future scanned devices in any arbitrary way (inserting or removing text, email, photos, contacts, files, or any other data), with no detectable timestamp changes or checksum failures.

</blockquote

Something something hoist petard. Now Cellebrite has to worry about whether any phone its equipment is used to hack into might have a (kinda, sorta) malicious version of Signal.
unique link to this extract

Lina Khan, a progressive trustbuster, displays get-tough approach to tech in confirmation hearing • The New York Times

Cecilia Kang:

»

At the Senate Commerce committee hearing, Ms. Khan, 32, said she was “seeing whole range of potential risks. One that comes up across board is that the ability to dominate one market gives companies, in some instances, the ability to expand into adjacent markets.”

She also focused on the online advertising market and how the consumer data mining that fuels it poses potential harms for consumers. The business model, she said, incentivizes more and more data collection.

“In some cases, companies may think it’s worth the cost of doing business to risk violating privacy laws,” she said.

Ms. Khan is part of a progressive wing of the Democratic Party that has pushed for antitrust legal reform and the breakup of companies like Facebook and Google. In a 2017 Yale Law Journal article titled “Amazon’s Antitrust Paradox,” she questioned the bias of antitrust experts toward consumer prices as the key metric for antitrust violation. Even though Amazon offers consumers lower prices in many cases, she argued the company could harm competition by squeezing out small-business rivals who rely on its marketplace.

President Biden’s nomination of Ms. Khan to one of three Democratic seats at the FTC has been taken as a sign of how the White House plans to be tough on tech. Tim Wu, a progressive critic of Facebook and other big tech companies, was also recently named to a role in the White House.

«

Can’t imagine who she’s thinking about with the “privacy laws” stuff.
unique link to this extract

Chill Kevin Bacon vibes only today • Garbage Day

Ryan Broderick’s newsletter (which is great) looks, briefly, at what Facebook’s new Clubhouse rival is likely to do:

»

Readers of Garbage Day already know that I am extremely bearish about Clubhouse. Mainly for its increasingly toxic user base, but also I think live audio for live audio’s sake is a fad. That’s not to say that some people haven’t figured out how to do some great stuff with the medium, but I don’t see conference calls with LinkedIn dark enlightenment wizards as The Next Big Thing In Tech. I assume we’ll look back on it as a weird COVID fad. And, more worryingly, I fear that Clubhouse’s ultimate legacy will be that any app can grow a massively over-inflated valuation simply because it convinced 1000 extremely rich people in Silicon Valley to use it first. The app is already seeing a 72% drop in downloads [from 9.6m installs in February to 2.4m in March, according to Sensor Tower]. So I’m not exactly optimistic about Facebook’s foray into the space.

As for short-form audio and long-form audio, I suspect it will go exactly like all other content types supported by Facebook. At first, the algorithm will over-promote it. Because of the scale of the site and economic value of Facebook virality, this will create an audio gold rush on the platform. More than a few media companies will almost certainly get involved. If audio doesn’t stick with Facebook users, which I think is likely, the dial on audio will be turned down, any media companies that staffed up for the push will have layoffs, and there will be like a couple dozen random people who are suddenly massive podcast names with millions of listeners that you’ll probably never hear about until they come out as anti-vaxxers or something.

If audio on Facebook does work, what will happen will most likely be a subtle shifting of the medium. Content that works on Facebook and Instagram tends to slowly morph over time into content that only works on those platforms.

«

unique link to this extract

The fine print: What Apple didn’t talk about • Six Colors

Dan Moren:

»

Like Apple’s other digital stores, its new podcast marketplace allows users to pay creators directly. And, like those other stores, it has similar terms: there’s a $19.99 annual charge for the Apple Podcasters Program, which is available starting today. Subscriptions are monthly by default, with an annual option as well. And according to my brief look at the terms, Apple will take a 30% commission on the first year of a subscription, with a drop to 15% if auto-renew is enabled.

Ads and sponsorships can still be used in paid podcasts, and Apple doesn’t get a cut of those. And, from what I can tell, the deal with Apple isn’t exclusive, meaning that you can still run a membership program elsewhere as well.

Also an interesting thing that I caught: one of the rights granted to Apple by putting your podcast up is the ability for Apple to create and make available transcripts (though it looks like creators can opt out). From an accessibility point, that would be a great feature of the podcast offering, since many podcasts don’t have the resources or wherewithal to provide one currently.

«

I don’t know quite how complicated the systems for creating subscriptions used by Dithering and Accidental Tech Podcast are, but they seem feasible enough for anyone with some expertise. Plus the Podmasters team (Oh God What Now, The Bunker) manage it and use Patreon. I expect the real challenge is dealing with (in order) wrongly entered details, fraud attempts and expiring cards. Apple will do all that. Is that worth the 30% (then 15%) deduction on what might be not a huge amount of money?

Still, it indicates that Apple is getting serious – after a long, long time – about podcasts. All part of the Services narrative.
unique link to this extract

Errata, corrigenda and ai no corrida: none notified

The ice cream machines used at McDonalds, made by Taylor, have frustrated franchisees for years – but now hackers are helping them out. CC-licensed photo by King County%2C WA on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 10 links for you. I am curious – yellow? I’m @charlesarthur on Twitter. Observations and links welcome.

• Why do social networks drive us a little mad? • Why does angry content seem to dominate what we see? • How much of a role do algorithms play in affecting what we see and do online? • What can we do about it? • Did Facebook have any inkling of what was coming in Myanmar in 2016? Preorder Social Warming, my forthcoming book, and find answers – and more.

Bank of England to consider digital money plan • BBC News

»

The Bank of England and the Treasury have announced they are setting up a taskforce to explore the possibility of a central bank digital currency.

The aim is to look at the risks and opportunities involved in creating a new kind of digital money. Issued by the Bank for use by households and businesses, it would exist alongside cash and bank deposits, rather than replacing them. No decision has been taken on whether to have such a currency in the UK.

However, the government and the Bank want to “engage widely with stakeholders” on the benefits and practicalities of doing so. The taskforce will be jointly led by the Bank’s deputy governor for financial stability, Sir Jon Cunliffe, and the Treasury’s director general of financial services, Katharine Braddick.

The Bank has previously said it is interested in a central bank digital currency (CBDC) because “this is a period of significant change in money and payments”. The use of cash in financial transactions has been steadily declining in recent years, while debit card payments have been on the rise. Use of credit cards and direct debits have also been increasing.

The Bank also sees having its own digital currency as a way of “avoiding the risks of new forms of private money creation”, including crypto-currencies such as Bitcoin.

“If a CBDC were to be introduced, it would be denominated in pounds sterling, just like banknotes, so £10 of CBDC would always be worth the same as a £10 note,” the Bank said. “CBDC is sometimes thought of as equivalent to a digital banknote, although in some respects it may have as much in common with a bank deposit. Any CBDC would be introduced alongside – rather than replacing – cash and bank deposits.”

«

In an accompanying commentary, economics editor Faisal Islam calls it “Britcoin” (groan). Except it’s really not like bitcoin – it wouldn’t be a speculative asset, it would be a digital currency. But in that case, how do you prevent double-spending and other digital currency challenges without the world-burning approach of bitcoin and the other cryptos? Personally I’m starting to see NFTs and Ethereum and the rest as a sort of parallel currency – not attached to anything of value in the real world, but entertaining to those who like them.

Which would be fine if they weren’t consuming colossal amounts of energy. It’s as if we had to build power stations so children could play with Lego.
unique link to this extract

Apple announces thinner iMac with M1 chip and bright colors • The Verge

Jacob Kastrenakes:

»

The new iMac has a 24in, 4.5K display with narrower borders around the top and sides. It still has a large chin on the bottom, but the rear of the display is now flat instead of curved. Apple says the volume has been reduced by over 50%. The screen also has Apple’s True Tone tech for automatically adjusting the color temperature.

Apple is also promising a much-needed update to the iMac’s camera and mics so you’ll look better on video calls. It now has a 1080p resolution and a larger sensor.

The new iMac is 11.5mm thin thick [edited; I hate the affectation of using Apple’s marketing word – CA], but Apple says it should stay quieter and cooler than the previous model, thanks to the M1 chip. The new model has “two small fans” replacing the “bulky thermal system” of the previous-generation iMac, the company says.

There’s also a new magnetic power cable — it sounds a lot like the old MagSafe cable — that attaches to the back. Ethernet can be connected to the power brick and delivered through the same cable. The entry-level model will come with two USB-C / Thunderbolt ports on the back, and a higher-end model will add an additional two USB-C ports (without Thunderbolt support). Incredibly, there is still a headphone jack.

Alongside the new iMac, Apple is also introducing a keyboard, mouse, and trackpad in colors to match. The keyboard has a Touch ID button for logging in.

«

Going to be fun watching which colours are most popular – which the user sees at the bottom, in the (still very large) chin.

The most notable innovation is Touch ID on a Bluetooth keyboard. Lots of questions: is the secure enclave in the keyboard? If not, how is the communication kept secure for the fingerprint authentication? This is the first time that Touch ID hasn’t been built into the receiving device.

(Apple also announced AirTags. If you can think of a use for these, beyond baby buggies in buggy parks and perhaps bicycles, please let me know.)
unique link to this extract

Apple announces new Apple TV 4K • The Verge

Dan Seifert:

»

The old Apple TV 4K, which has been Apple’s flagship set-top box for four years, supports 4K streaming as well as HDR, including Dolby Vision. It also supports Dolby Atmos sound codecs. But it doesn’t support 120Hz refresh rates, which might be important should you ever want to play serious games on an Apple TV. It also has the most notoriously bad remote control.

Fortunately, Apple has completely redesigned the remote for the new Apple TV 4K with an improved, more ergonomic design and more capabilities. The new remote is thicker than the prior model, has a new five-way touch controller in place of the maligned swipe pad of the original, and a proper power button to turn off your TV. The Siri search button has been moved to the side of the remote, under your right thumb.

Apple did not redesign the Apple TV box itself; it remains a squircle-shaped puck that you have to put on a shelf or entertainment center, unlike the dongle designs that many of Apple’s competitors use now. A new feature allows the Apple TV to optimize the colors of your TV screen using the light sensor on an iPhone. Apple says it is working with a number of content providers to produce high frame rate HDR content for the new Apple TV, including Fox Sports, NBCUniversal, Paramount Plus, Red Bull TV, and Canal Plus.

«

Redesigned remote. Finally. I wonder how many people will feel like splashing out $59 (£55 in the UK!) so they have a remote that doesn’t drive them mad.
unique link to this extract

WordPress may automatically disable Google FLoC on websites • Bleeping Computer

Lawrence Abrams:

»

WordPress has announced that it is treating Google’s new FLoC tracking technology as a security concern and may block it by default on WordPress sites.

For some time, browsers have begun to increasingly block third-party browser cookies used by advertisers for interest-based advertising.

In response, Google introduced a new ad tracking technology called Federated Learning of Cohorts, or FLoC, that uses a web browser to anonymously place users into interest or behavioral buckets based on how they browse the web.

After Google began testing FLoC this month in Google Chrome, there has been a consensus among privacy advocates that Google’s FLoC implementation just replaces one privacy risk with another one.

“FLoC is meant to be a new way to make your browser do the profiling that third-party trackers used to do themselves: in this case, boiling down your recent browsing activity into a behavioral label, and then sharing it with websites and advertisers,” the EFF said in a recent blogpost. “The technology will avoid the privacy risks of third-party cookies, but it will create new ones in the process. It may also exacerbate many of the worst non-privacy problems with behavioral ads, including discrimination and predatory targeting.”

Since then, other privacy browser and search engine developers, such as Brave Browser, DuckDuckGo, and Vivaldi, have all removed FLoC from their software or created tools to block it.

In a new announcement, WordPress states that it considers Google’s FLoC technology a security concern and proposes blocking the technology in future versions of the blogging software.

“WordPress powers approximately 41% of the web – and this community can help combat racism, sexism, anti-LGBTQ+ discrimination and discrimination against those with mental illness with four lines of code,” says WordPress.

«

The four lines shown on the page would be pretty easy to add to your own WordPress install, if you’re running one (and want to).
unique link to this extract

Everyone on Facebook’s Oversight Board should resign • WIRED

Jessica J. González and Carmen Scurato:

»

The Facebook Oversight Board is on the cusp of deciding whether Donald Trump should be allowed to return to a platform he used to incite racist violence.

While the board ostensibly has the authority to make this decision, Facebook itself will make the final call. From the board’s inception in 2018, we’ve noted that its power is illusory. It provides cover for Facebook, a veneer of accountability, even as the company enables and promotes hate and disinformation.

The board is dysfunctional by design, which is why it did nothing over the past year even as Facebook amplified Trump’s lies about the Covid-19 pandemic. The board’s toothlessness became even more apparent as Facebook allowed Trump to repeat claims of election fraud, which set the stage for the deadly white-supremacist insurrection at the US Capitol on January 6. It was only after the world witnessed Trump’s incitement of this violent raid that the platform giant suspended his Facebook and Instagram accounts.

Facebook’s business model has benefited from the promotion of hate and lies far beyond those spread by Trump. No board decision will change that. If board members truly want to have an impact, they must all resign.

…Facebook has claimed that the board’s decisions will be binding, but its actions don’t instill a great deal of confidence. It narrowed the initial scope of the board’s review to content removals, and only recently expanded it to content that has been left up (and only Facebook can ask the board to review other issues). In all instances, Facebook controls the entire content-review and appeals process, and a user must exhaust all their options through Facebook before appealing to the board. And the company is very opaque about how it determines what content can or cannot be appealed.

«

The board is, very evidently, a very expensive (viewed from outside Facebook; cheap, inside it) figleaf. I suspect if anyone does resign, there will be a certain dambreaking effect. But it also means giving up a fat paycheque for doing very occasionally what content moderators do, for far less money, all day long.
unique link to this extract

Remote code execution vulnerabilities in Cosori smart air fryer • Cisco Talos Intelligence Group

Dave McDaniel and Jon Munshaw:

»

The Cosori Smart Air Fryer is a WiFi-enabled kitchen appliance that cooks food with a variety of methods and settings. Users can also use the device’s Wi-Fi features to start and stop cooking, look up recipe guides and monitor cooking status.

TALOS-2020-1216 (CVE-2020-28592) and TALOS-2020-1217 (CVE-2020-28593) are remote code execution vulnerabilities that could allow an attacker to remotely inject code into the device. This could hypothetically allow an adversary to change temperatures, cooking times and settings on the air fryer, or start it without the user’s knowledge. The adversary must have physical access to the air fryer for some of these vulnerabilities to work.

An attacker could exploit these vulnerabilities by sending a specially crafted packet to the device that contains a unique JSON object, which would allow them to execute arbitrary code.

Cisco Talos is disclosing these vulnerabilities despite no official fix available from Cosori, in adherence to Cisco’s vulnerability disclosure policy. Corosi did not respond appropriately during the 90-day period as outlined in the policy. 

Talos tested and confirmed that the Cosori Smart 5.8-Quart Air Fryer CS158-AF, version 1.1.0 could be exploited by these vulnerabilities

«

Hard to know what the real-life application of this would be, but I’m sure it’ll pop up in a screenplay soon enough.
unique link to this extract

They hacked McDonald’s ice cream machines—and started a cold war • WIRED

Andy Greenberg:

»

this menu isn’t documented in any owner’s manual for the Taylor digital ice cream machines that are standard equipment in more than 13,000 McDonald’s restaurants across the US and tens of thousands more worldwide. And this opaque user-unfriendliness is far from the only problem with the machines, which have gained a reputation for being absurdly fickle and fragile. Thanks to a multitude of questionable engineering decisions, they’re so often out of order in McDonald’s restaurants around the world that they’ve become a full-blown social media meme. (Take a moment now to search Twitter for “broken McDonald’s ice cream machine” and witness thousands of voices crying out in despair.)

But after years of studying this complex machine and its many ways of failing, [Jeremy] O’Sullivan remains most outraged at this notion: That the food-equipment giant Taylor sells the McFlurry-squirting devices to McDonald’s restaurant owners for about $18,000 each, and yet it keeps the machines’ inner workings secret from them. What’s more, Taylor maintains a network of approved distributors that charge franchisees thousands of dollars a year for pricey maintenance contracts, with technicians on call to come and tap that secret passcode into the devices sitting on their counters.

The secret menu reveals a business model that goes beyond a right-to-repair issue, O’Sullivan argues. It represents, as he describes it, nothing short of a milkshake shakedown: sell franchisees a complicated and fragile machine. Prevent them from figuring out why it constantly breaks. Take a cut of the distributors’ profit from the repairs. “It’s a huge money maker to have a customer that’s purposefully, intentionally blind and unable to make very fundamental changes to their own equipment,” O’Sullivan says. And McDonald’s presides over all of it, he says, insisting on loyalty to its longtime supplier.

«

So O’Sullivan and his partner Melissa Nelson began selling something that would let franchisees take control of the machines.
unique link to this extract

Dr. Ronald Ilg of Spokane charged with insane dark web kidnapping plot • Daily Beast

Tracy Connor:

»

recently filed a lawsuit claiming he was wrongly forced out of his medical practice over harassment claims by a former employee. He was also embroiled in a divorce and custody battle.

In February, Ilg allegedly used the moniker Scar215 on the dark web to try to hire someone to attack the former employee, putting almost $2,000 into an escrow account. “The target should be given a significant beating that is obvious. It should injure both hands significantly or break the hands,” the message read.

It’s unclear from the court documents if Ilg found someone to take his offer, but it’s well known that many murder-for-hire schemes on the dark web are scams. Regardless, the feds say, Ilg again returned to it to deal with a new target: his soon-to-be ex-wife.

She later told the FBI that she married Ilg in 2016 and had a baby less than two years later. The doctor then met a woman on the internet and “invited her into the relationship.” The wife “increasingly became uncomfortable with the relationship” and moved to end the marriage, the complaint says.

In March and April of this year, the complaint alleges, Ilg placed bitcoin in escrow and tried to hire someone to carry out a completely insane plan to make his wife drop her divorce plans and return home.

“I need a rush job for next week. I need the target kidnapped for five to seven days. While being held she is given at least daily doses of heroin. She is also strongly persuaded to do a few things within two weeks,” he allegedly wrote, using the moniker Scar215.

“1, stop ALL Court proceedings, 2, return to your husband and the chaos you created, 3. Tell absolutely no one about this. Also, the team should plant heroin and used needles with her DNA inside. After about seven days she is returned to her home,” the message continued.

«

Perhaps you thought that Fargo – which opened with the title “This is a true story”, and involved a guy hiring hitmen to kill his wife – was too ridiculous to be true. It wasn’t true, but life is sure good at catching up with art.
unique link to this extract

Overwhelming support for legal recreational or medical marijuana in US • Pew Research Center

Ted van Green:

»

As more states, including Virginia and New York, continue to legalize marijuana, an overwhelming share of U.S. adults (91%) say either that marijuana should be legal for medical and recreational use (60%) or that it should be legal for medical use only (31%). Fewer than one-in-ten (8%) say marijuana should not be legal for use by adults.

The new survey, conducted by Pew Research Center from April 5-11, 2021, comes as congressional Democrats consider legislation that would decriminalize marijuana nationally. Views of marijuana legalization have changed very little since 2019.

A separate question that asks whether the use of marijuana should be made legal – without specifying for recreational or medical uses – has shown a steep, long-term rise in support for legalization. From 2000 to 2019, the share of Americans saying marijuana should be legal more than doubled.

There have long been age and partisan differences in views about marijuana, and that remains the case today. Very few adults of any age are completely opposed to the legalization of marijuana. However, older adults are far less likely than young people to favour marijuana legalization for recreational use.

«

The only age group where there isn’t majority backing for legalisation is those over 65. Even among those voting Republican, it’s only 53-47 against.

As with same-sex marriage, this is just a matter of time, and the demonisation of weed from the past few decades is going to look bizarre – the stuff of newsreels.
unique link to this extract

Clubhouse’s (and audio’s) Feature Not A Product problem (and how it might possibly be Meerkat 2) • Ed Z’s Substack

Ed Zitron is very down on Clubhouse compared to, say, Twitch (which offers something people like – watching other people play video games), and notes:

»

There’s also the Feature Not A Product problem. Twitter Spaces and whatever Facebook builds are basically the same thing as Clubhouse, without the need to create an entire new app and do an entirely new thing. The ease in which Twitter has created an almost identical product on top of a social network people actually have a reason to use suggests that Clubhouse has a real problem – and the fact that they have to keep raising such insane amounts of money at huge valuations suggests they are spending it somewhere while making exactly zero dollars. The ability to do live audio streaming is something that has a use case, but as a company with a built-in social network I fail to see where it’s going to go.

Live entertainment needs to be really good to attract an audience long-term. Live video is interesting because there are lots of ways to keep people engaged. Podcasts have succeeded because, yes, it is interesting to hear people talk about stuff you’re interested in, but it’s much harder to make the case for people having to carve time out of their day to hear that – the content just needs to be so good, so reliably that it retains an audience that tells people that they must also carve out the time.

There’s also the medium. Livestreaming video off of your phone really lacked mainstream popularity because it was an awkward format, and I feel like live audio has the same issue – it’s not something that people will consume all day, and it’s not something that’s easy to produce en masse. It also is a challenge to get a userbase that will want to do it all the time in the same way that it’s exhausting to stream games, but it’s also more fun streaming games because, well, you’re streaming games.

The media’s excitement over Clubhouse I think is a function of how much pressure A16Z has put on their celebrity and startup founder personalities to get involved, and a situation where people are mixing up popularity with success.

«

The arguments against Clubhouse keep piling up, and the Casey Newton tweet in this article – saying installs fell by 64% in a single month from March to April – points to something serious.
unique link to this extract

Errata, corrigenda and ai no corrida: none notified

The UK government has put a temporary halt to Nvidia’s purchase of ARM. But why wait seven months to do so? CC-licensed photo by Seth Anderson on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 9 links for you. I’m listening. I’m @charlesarthur on Twitter. Observations and links welcome.

• What happened when two algorithms started fighting inside Facebook? • How does Twitter choose what to show us? • Is online conflict inevitable? • What can we do about it? • How has WhatsApp affected society in India? Preorder Social Warming, my forthcoming book, and find answers – and more.

Clubhouse buzz is already fading but Andreessen Horowitz isn’t put off • CNBC

Sam Shead:

»

The invite-only iPhone app, which celebrated its first birthday last month, allows users to find and listen to conversations between groups of people. It was quickly embraced by Silicon Valley types and it was backed by well-known venture capital firm Andreessen Horowitz (whose co-founder speaks on the app from time-to-time) in a January funding round that reportedly valued it at $1bn.

On Sunday, Clubhouse confirmed Andreessen has led a new series C funding round after The Information broke the news on Friday. The latest round of investment, which includes new backers DST Global and Tiger Global Management, reportedly values the company at $4bn. But investors appear to be more bullish than many of the app’s users.

While some people were desperate to get a Clubhouse invite, some users who are already on the platform are failing to see the long-term appeal. Clubhouse, which was founded in April 2020 by Paul Davison and Rohan Seth, did not immediately respond to a CNBC request for comment.

“I think the initial FOMO about getting a Clubhouse invite and trying it out has ebbed away,” social media analyst Matt Navarra told CNBC.

One of the main gripes with Clubhouse is that there’s a lack of relevant talks, or rooms, that users see when they open the app. “I tried to get into it for a bit, but the only rooms it was showing me were run by the kinds of people who unironically call themselves ‘growth hackers’,” one user told CNBC, adding that it felt like social media managers arrived before everyone else.

Navarra said Clubhouse’s challenge “is making sure when you open the app you discover lots of great rooms and speakers, every time.” He added: “The content quality issue is only going to get tougher as more users are added and quality content gets diluted. Much like when Meerkat users started to see endless dull live streams, Clubhouse is full of spam, scams, and snake oil salesmen.”

Timothy Armoo, chief executive of Fanbytes, a company that helps brands advertise through social video, told CNBC that “showing the right people the right things at the right time” is a “hard problem” and that it can’t scale.

“The elitists have left the building. Marc Andreessen isn’t doing stuff anymore. The allure of Clubhouse was that you could almost eavesdrop on interesting convos from interesting people. As the interesting people have left, what’s the point?”

«

Question is, has it hit a sufficiently large install base to guarantee liftoff, or is it going to run out of steam?
unique link to this extract

Here’s how to fix online harassment. No, seriously • WIRED UK

Tracy Chou:

»

I have the unfortunate personal experience of over a decade of online harassment. In this time, I’ve seen everything from dedicated hate and conspiracy pages, whack-a-mole harassers who create account after account on the same platform when they get suspended, cross-platform attacks, impersonation accounts that post abuse under my name and image, co-ordinated harassment campaigns and troll brigades, waves of abuse that come following a viral post, private messages that chastise me and tell me how I might make myself more attractive to men, invites to group chats where people I don’t know discuss murdering me  – not to mention simple garden-variety sexism and misogyny.

To build solutions for the entire space of abuse issues is no easy task. It gets harder when every new feature is also a potential vector of abuse. Platforms have a responsibility to build in basic protection mechanisms, and this is necessary  –  but not sufficient. Platform-level decisions will always be crude, hewing to a lowest common denominator, and are not contextualised or personalised. To give users more control over their individual experience, platforms must first build moderation and safety constructs such as reporting, blocking and muting. But they should also open up their trust and safety APIs, so that others can invent a full range of consumer solutions. This would allow third-party developers to build creative, sometimes specialised or maybe “niche”, services for users that need and prioritise different things.

…Opening APIs would allow consumers more choice and control over how they navigate social media. My company, Block Party, takes advantage of existing Twitter APIs to build one such service. By automatically muting accounts that don’t pass user-configurable filters  –  for example, in a mode called “I need a break”, you can choose to only hear from people you follow and people followed by people you follow  –  we let people quieten the noise in their Twitter mentions. These hidden accounts are put into a folder on Block Party for later review and action, if and when desired; access to this folder can also be shared with trusted friends to help review. It’s a simple concept. But for people who deal with harassment or just a lot of unwanted replies and mentions, having this extra layer of customisation to quarantine the mess can be a huge relief.

«

unique link to this extract

Chinese manufacturers begin production of cryptocurrency mining dedicated SSDs as Chia Coin gains popularity • WCCFTech

Hassan Mujtaba:

»

The rise in popularity of Chia Coin, a brand new cryptocurrency, is expected to cause major SSD & HDD shortages around the globe, as we reported yesterday. Given the increasing demand for SSD and high-performance storage devices, Chinese manufacturers have commenced production of mining dedicated SSDs which should be hitting retail soon.

The Chia Coin cryptocurrency was founded by the creator of BitTorrent, Bram Cohen. Unlike the traditional cryptocurrency algorithms which rely heavily on GPUs, Chia Coin relies on fast SSDs & HDDs. In short, its mining is mostly done on fast and high-capacity storage devices. Chinese retail segment is reporting that they are already facing huge shortages of high-capacity HDD and SSDs. 8 TB HDDs are already out of stock and it looks like even stock for lower capacity mainstream drives will soon be out depleted.

The mining process of Chia Coin requires a large amount of free space and runs several reading & writing operations. In this case, endurance (TBW) is equally as important as speed, so consumer SSDs aren’t the best choice for mining due to their lower endurance, and running these operations will significantly reduce the lifespan of an SSD. Hence, the target for these miners is primarily hard drives and data center SSDs.

«

At what point when cryptoassets start cornering all the useful things – energy, GPUs, hard drives – will we start treating them as social pollutants, to be taxed, like smoking, out of existence?
unique link to this extract

How fit can you get from just walking? • GQ

Graham Isador :

»

Four months ago my friend John Sharkman stepped on the scale and realized he was the heaviest he’d ever been. Sharkman—a former college football quarterback—was weighing in at 263 pounds, fifty pounds heavier than his time as an elite athlete. The realization that he’d jumped up to the size of a lineman was humbling, and he knew he needed to shed some weight. He asked me, his fitness journalist friend, to help. But the request came with quite a number of caveats: he didn’t want to cut off certain food or alcohol, he didn’t want to go to the gym, and he didn’t want the whole process to feel that hard.

In the past, I’ve undertaken a number of successful fitness and fat loss challenges. I’ve taken all the pre-workout in the world, done thousands of kettlebell swings, gone paleo. But Sharkman’s request got me thinking: What is the least amount of effort necessary for substantial weight loss? Can you get real results by just kind of messing around?

«

No. But: if you put in your 10,000 steps at a suitable pace, you’ll make a significant difference. (Though the article doesn’t point it out, consider an Olympic athlete who runs 10K – about 10,000 steps – v someone who slowly walks 10K each day. You’re going to put your money on the Olympic athlete being the fit one.)
unique link to this extract

UK opens security inquiry into Nvidia’s $40bn deal for Arm • Financial Times

Jim Pickard, Kate Beioley and Nic Fildes:

»

Oliver Dowden, the culture secretary, said he had written to the Competition and Markets Authority to inform them of his decision and had instructed them to begin a “phase one” investigation to assess the transaction, which was first announced in September.

The competition regulator will prepare a report by the end of July with advice on jurisdictional and competition issues, as well as a summary of potential national security concerns. Then Dowden could clear the acquisition, approve it with certain conditions or launch a more detailed inquiry.

The deal raises potential security concerns because semiconductors underpin defence-related technologies.

“Following careful consideration of the proposed takeover of Arm, I have today issued an intervention notice on national security grounds,” said Dowden. “We want to support our thriving UK tech industry and welcome foreign investment, but it is appropriate that we properly consider the national security implications of a transaction like this.”

However lawyers said the government’s decision to call in the deal between Arm and Nvidia was also a sign of an increasing focus on industrial strategy and the protection of British national interests.

Becket McGrath, an antitrust partner at Euclid Law, said: “What’s interesting here is that the deal is not a classic defence-orientated national security case.”

«

Pretty much the same story everywhere. Nobody is clear about precisely why the UK government has chosen now – seven months after the announcement – to speak up. Analysts now put the chance of the deal going through down to 25%.
unique link to this extract

Falun Gong, Steve Bannon and the battle over internet freedom under Trump • NPR

David Folkenflik:

»

Of all the disruptions unleashed by the Trump White House on how the federal government typically works, the saga of one small project, called the Open Technology Fund, stands out.

The fantastical tale incorporates the spiritual movement Falun Gong, former White House strategist Steve Bannon, the daughter of a late liberal congressman and a zealous appointee of former President Donald Trump.

And specifically, it involves a fierce, months-long battle over whether the US Agency for Global Media and the US State Department should subsidize software developed by adherents of Falun Gong that auditors found wanting. The decision to prioritize this software stripped money intended for critical apps from a federal fund designed to bolster technology vital to dissidents overseas, officials say.

On top of that, once the software was approved for funding, a grand total of four people abroad used it to access Voice of America and Radio Free Asia, a key purpose for its subsidy. That’s right, four.

The whole fight was, in short, bananas.

«

Like so much of that era.
unique link to this extract

Apple to reinstate Parler, the app at centre of online-speech debate • WSJ

Matt Grossman:

»

Apple removed Parler from its app store in January, citing objectionable content. In a letter to Sen. Mike Lee of Utah and Rep. Ken Buck of Colorado, Apple said Monday that a revised version of the Parler app with improved content moderation would be approved for release to Apple users.

The letter from Apple was posted on Twitter by Mr. Buck, and it was confirmed by Mr. Lee’s office. Apple declined to comment.

In the letter, Apple stood by its initial decision to remove Parler from the app store, citing posts that denigrated races and religions, promoted Nazi ideology and called for violence. Since January, Apple has had “substantial conversations” with Parler, and the app maker has proposed updates to its platform and its content-moderation policies, Apple said.

“The App Review Team has informed Parler as of April 14, 2021 that its proposed updated app will be approved for reinstatement to the App Store,” the letter said. The letter came in response to an inquiry that Messrs. Lee and Buck sent to Apple last month.

Mr. Buck said on Twitter that the decision was a “huge win for free speech.”

…Parler held itself out as a Twitter competitor that would take a hands-off approach moderating content. That policy made the platform an attractive online meeting place for the president’s supporters, who grew aggrieved at Twitter’s approach to content moderation as Mr. Trump disputed the results of the 2020 election and as Twitter eventually suspended his account.

Mr. Trump doesn’t have a Parler account, but conservative commentators such as Sean Hannity and Mark Levin have an active presence on the platform. Lawmakers who have given Mr. Trump strong support, including Rep. Devin Nunes of California and Rep. Marjorie Taylor Greene of Georgia, also have active accounts, as does Mr. Buck.

«

I love how they feel obliged to celebrate this on Twitter. An essential element of social warming 👆is bringing conflicting sides together: Parler doesn’t have any liberal users (to an adequate approximation) which means there’s nobody for the Trumpistas to rile and disagree with. So they flow back to Twitter, where confrontation is guaranteed by the algorithm.
unique link to this extract

In their own words: How different people respond to coronavirus guidance • Office for National Statistics

»

In a study, the Office for National Statistics (ONS) sought to understand what influences people to follow the guidance or not, and how this differs between social backgrounds – students, young people, ethnic minorities, parents with dependent children, high income workers and low-income workers. We commissioned IFF Research to interview 180 people between 23 December 2020 and 22 January 2021, 90 of whom also kept diaries.

On the whole, people’s compliance was high but there were some factors that led to some participants not complying, which we explore below. From fear of the virus and a desire to protect the vulnerable, to concerns about their mental health and confusion about what they should and should not do, several factors influenced how people followed the guidance. The challenge is also reflected in data from the Opinions and Lifestyle Survey (OPN) from 7 to 31 January 2021.

«

Interesting to browse. “Vaccine hesitancy” really isn’t a thing for those aged over 50 (5% at most), and hardly a thing for those aged 16-29 (17%). Very much a minority sport. People also still think it could take a year for things to get back to normal, from where we are now.
unique link to this extract

Ever think about how Asus put out 40 models of a laptop called the “Eee PC” • The Verge

Nilay Patel:

»

There were two products that arrived in 2007 that fundamentally changed computing: one, of course, was the iPhone. The second, obviously more important product was the $399 Eee PC 701. It originally ran a custom Linux operating system that reviewers loved (Laptop Mag’s Mark Spoonauer said it was “ten times simpler to use than any Windows notebook”) and was generally heralded as a new kind of computer with tremendous mass appeal. Spoonauer: “Pound for pound, the best value-priced notebook on the planet.”

Again, this was a weirdo little two-pound plastic laptop that ran a custom Linux distro that was basically a front for various websites. (We hadn’t invented the phrase “cloud services” yet.)

Windows getting shown up by Linux was not allowed, so Microsoft did some Microsoft maneuvering, and by January 2008 the Eee PC was running Windows XP instead. It was also part of a larger category called “netbooks,” and we were all made to know what netbooks were.

A little later, Microsoft created something called Windows 7 Starter, which was a hilarious cut-down version of Windows just for netbooks — you weren’t even allowed to change the desktop background! — and the netbook explosion was unstoppable. My friend (and Verge co-founder) Joanna Stern built the early part of her career obsessively covering netbooks, first at Laptop Mag, then Gizmodo, and then with me at Engadget.

And there was a lot to cover: at one point Joanna noted that Asus had put out at least 20 different models of Eee PC in 2008 alone. And that was just Asus! Dell, HP, Lenovo and others all chased after the netbook idea furiously. Do you remember when the Nokia Booklet 3G was going to reinvent Nokia? You do not, because it didn’t. It was very pretty, though. I asked Joanna about this moment in time, and this is what she sent me:

“I was basically Bono in this ‘I Still Haven’t Found What I’m Looking For’ video. Eee PC after Eee PC. MSI Wind after MSI Wind. Toshiba whatever it was called after Toshiba whatever it was called. I was constantly looking for a netbook that had a keyboard that didn’t require doll hands, a trackpad that didn’t leave a blister on my thumb, a hard drive that didn’t take three days to open Microsoft Word. It was a constant search for the perfect blend of price, portability and power.”

«

Let’s not pretend that they weren’t terrible. They were terrible. But they sufficed in a brief interregnum before the MacBook Air (Jan 2008), ultrabooks and better smartphones.
unique link to this extract

Errata, corrigenda and ai no corrida: none notified

Careful analysis shows that Mr Spock’s predictions are wrong a surprising amount of the time. Could scriptwriting be to blame? CC-licensed photo by Tom Simpson on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 11 links for you. Spaghetti for two, one plate. I’m @charlesarthur on Twitter. Observations and links welcome.

• Why do social networks drive us a little mad? • Why does angry content seem to dominate what we see? • How much of a role do algorithms play in affecting what we see and do online? • What can we do about it? • Did Facebook have any inkling of what was coming in Myanmar in 2016? Preorder Social Warming, my forthcoming book, and find answers – and more.

Facebook’s own ads reveal: not many people are using Facebook Dating • The Verge

Ashley Carman:

»

Facebook first introduced its dating product as a test in Colombia in 2018 and brought it Stateside in September 2019. Since then, the company hasn’t said much. The last time dating was talked about at length on an earnings call was right after it launched. In that call, CEO Mark Zuckerberg said he thought it was “already one of the top dating services, and we expect to continue growing.” In a release announcing its international expansion to Europe this past October, the company said it had made over 1.5 billion matches up until that point. Tinder, meanwhile, advertises “over 55 billion matches made” on its website.

But a year and a half after launch, Facebook Dating is far from a hit. The company hasn’t shared overall usage numbers, and data found by The Verge suggests the app is smaller than competing options. The company only shares data when it wants to, and because the service lives within the broader Facebook app, there’s no way to measure download numbers.

However, The Verge has found multiple screenshots that suggest the actual size of Facebook’s dating product isn’t all that large but that it’s growing. The company runs in-house ads that advertise the number of users it has in specific regions. In the country’s largest city, New York, for example, the company advertised 278,000 singles “currently dating” in the city this week. In Indianapolis last month, it advertised 43,000 people, and in Ottawa, Canada, earlier this month, it claimed to have 24,000.

Users in smaller cities also see hyper-localized data. In Bellingham, Washington, Facebook says it has 2,000 single people using it. Days after its launch in Ireland, Facebook advertised having 1,000 people on the service in Dublin. The numbers appear to be dynamic and adjusting, too. Just last week, the same in-house ad in New York City advertised around 2,000 fewer people, and a month ago, it showed 9,000 fewer, suggesting these in-feed ads are successfully signing up new users.

Census data estimates from 2019 suggest that nearly 4 million unmarried people call New York City home, meaning Facebook Dating has about 7% of the city’s singles on it.

In a statement to The Verge, a Match Group spokesperson said, “We have a number of brands with more active users than that in NYC, including Tinder and Hinge.”

«

I think Match Group is breathing quite the sigh of relief. Finally, something that Facebook just really doesn’t do well.
unique link to this extract

Am I FLoCed?

Electronic Frontier Foundation:

»

Google is running a Chrome “origin trial” to test out an experimental new tracking feature called Federated Learning of Cohorts (aka “FLoC”). According to Google, the trial currently affects 0.5% of users in selected regions, including Australia, Brazil, Canada, India, Indonesia, Japan, Mexico, New Zealand, the Philippines, and the United States. This page will try to detect whether you’ve been made a guinea pig in Google’s ad-tech experiment.

«

(I tried it on my version of Chrome: no. Statistically, at least a few Overspill readers should be, though. It could be you!)
unique link to this extract

Peloton clarifies the Apple Watch GymKit mess • The Verge

Nilay Patel:

»

Okay. Peloton sells a very famous stationary bicycle with streaming workouts, an app, and a whole fitness lifestyle situation.

Apple sells a very famous smartwatch with heart rate tracking, apps, and the ability to sync with fitness equipment over a proprietary Apple system called GymKit.

The basic Peloton bike costs $1,895 and does not work with GymKit; the fancier Bike Plus, which works with GymKit, costs $2,495.

A lot of people bought the more expensive bike to use it with their Apple Watches over GymKit! And yesterday all those people were dismayed to learn that Peloton had disabled Apple Watch integration for “bike bootcamp” classes, which combine cycling with strength training. (The integration still works just fine with regular old cycling, but you understand, again, that Peloton is an entire fitness lifestyle situation.)

…Anyhow, irritating the huge group of wealthy people who own both an Apple Watch and a Peloton Bike Plus is a bad idea, so Peloton has a new statement today clarifying what’s going on. Here it is:

»

Apple GymKit is designed to work with equipment-based cardio workouts. However, Peloton recently implemented GymKit with Bike Bootcamp, a multi-disciplinary class type that combines strength and cardio, which the feature does not support. Members can still use GymKit to sync their cycling-only workouts to their Apple Watch from the Bike+.

«

So basically, the Apple Watch does not support switching from biking to lifting weights all in one workout. Fair enough. That said, if people want to use their Apple Watch in goofy off-label ways, it’s weird that Apple is stopping them in this way, no? And certainly adding a “bike bootcamp” workout mode to the Apple Watch fitness app would be relatively easy for Apple, the company that makes the Apple Watch.

«

There’s “relatively easy” and then there’s “priority”, and I think that for Apple doing that is only one of them. Not because it wants to block Peloton (which captures a different market than Fitness+) but because it has plenty to be getting on with around the Watch, and fitness tracking.
unique link to this extract

Cosmic Ray Observer, enabled by smartphones

Thomas Andersen:

»

nSCIr runs the Cosmic Ray Observer – which is a distributed cosmic ray detector that uses smart phones to collect cosmic rays. Get the iOS app and take part in a global physics experiment. We are Canadian.

«

Quite fun: shows places where cosmic rays are hitting camera lenses of iPhones.
unique link to this extract

The real scandal of the David Cameron affair • The New European

James Ball:

»

After a series of leaks – some of which seem to originate from Number 10, leading some to wonder whether Johnson’s team briefed against their boss’s disliked former schoolmate – both now face a public inquiry into the whole affair.

It’s impossible to know what that inquiry will find. But the scary yet very real probability is it will find no rules were broken – because that’s how the British system works. The reality of the political rules of Britain are that we have numerous codes which give the appearance of propriety, while making sure these have no real teeth.

Ministers have a code, the enforcement of which lies solely with the prime minister. The PM has an ethics advisor, but he can choose who that is – and the last holder of that office resigned when Priti Patel was found to have breached the ministerial code over bullying allegations made by her former permanent secretary, but faced no sanction.

Once politicians leave office, they are supposed to request permission from a committee before taking outside jobs, which will grant permission or not. But even that committee turns out to be entirely voluntary: it will usually toothlessly approve appointments but say the ex-politician shouldn’t lobby.

It then does no enforcement, but writes a stern letter if the media find lobbying occurred. Alternatively, the politician concerned can simply not consult the committee at all – as George Osborne did – in which case an even more stern letter is written, and then ignored.

Short of being caught on camera accepting a brown envelope full of notes, UK political regulation has no sanctions. And the system has been cleverly engineered so that no-one ever need offer or accept a brown envelope. Everything is done on an ‘understanding’ – private sector advisors are brought in to help, and later hire former politicians for their knowledge. No promises are made, no quid-pro-quos offered. Everyone knows the game.

«

Worth noting how much those currently in place really dislike Cameron, and are happy to do him down. But they’re bringing themselves down with him.
unique link to this extract

What did Greensill Capital actually do? • The Guardian

Adam Leaver is a professor of accounting:

»

Greensill Capital, which entered administration last month, provided payment services including “factoring” and “supply chain financing”. Although the company represented itself as part of the “fintech” revolution, these services were not in themselves particularly noteworthy or innovative. To understand the growing appeal of Greensill and other providers, we therefore need a wider lens.

Supply chain financing (or “reverse-factoring”) solves a common payment problem. Firms traditionally supply goods or services to a customer and issue an invoice for payment. While the supplier might prefer the invoice to be paid immediately, the customer might want to delay payment. In situations where the customer is large and influential, they might insist the supplier wait two or more months. With reverse factoring, a financial institution offers to step in to pay the supplier sooner on the customer’s behalf, minus a small discount which they take as their fee, or part of their fee. The customer then settles with the financial institution at an agreed later date, often four or five months later. On paper, everyone wins and there are no risks.

But textbook definitions don’t always apply neatly to the real world. In recent years, the appeal of supply-chain finance has included the possibilities it provides for what’s euphemistically called creative accounting. Creative accounting has blossomed under the fair-value revolution – a change in the accounting rules towards a more market-based outlook.

This essentially means the business of doing one’s accounts has pivoted towards an evaluation of future cashflows rather than a valuation of past transactions. Many assets are no longer valued on the basis of the price paid for them, but on their current market values or even modelled estimates of the future cashflows they will generate. This also applies to some contracts, where profits are booked on the basis of future expectations. This approach to accounting creates the scope for discretion, subjectivity and speculation. It has arguably made it easier for firms to “recognise” profits than to generate the actual cashflows that support them. And it is here that supply chain financing can be misused.

…As Greensill pushed for growth, the collateral underlying the transactions with some of those companies appeared to be speculative. As investigative work has shown, Greensill did not just lend against the security of invoices for transactions that had already occurred, it lent against the “prospective receivables” the company might generate in the future. [Emphasis added – CA] In other words, it would lend against transactions that had not occurred and may never occur with companies that had never done business with its clients. (Representatives of Greensill have declined to comment.)

«

unique link to this extract

‘No one was driving the car’: two men dead after fiery Tesla crash in Spring, officials say • Click 2 Houston

Amanda Cochran and Deven Clarke:

»

Two men are dead after a Tesla traveling in [the town of] Spring crashed into a tree and no one was driving the vehicle, officials say.

The crash happened at 11:25 p.m. in the Carlton Woods subdivision near The Woodlands. The car burst into flames after hitting a tree near 18 Hammock Dunes Place.

Harris County Precinct 4 Constable Mark Herman told KPRC 2 that the investigation showed “no one was driving” the fully-electric 2019 Tesla when the accident happened. There was a person in the passenger seat of the front of the car and in the rear passenger seat of the car.

Herman said authorities believe no one else was in the car and that it burst into flames immediately. He said it he believes it wasn’t being driven by a human.

Harris County Constable Precinct 4 deputies said the vehicle was traveling at a high speed when it failed to negotiate a cul-de-sac turn, ran off the road and hit the tree.

«

Yet another failure for Tesla’s “self-driving” system. It’s leading to dangerous overconfidence.
unique link to this extract

What have we learnt from a year of Covid? • Tim Harford

The presenter of the BBC’s (must-listen) More Or Less and (equally good if less frequent) Cautionary Tales podcast:

»

To my mind, there were two big calls to be made [in February 2020]. The first: was this virus a deadly enough threat to merit extraordinary changes to life as we know it? The second: should those changes be voluntary or a matter for politicians, the courts and the police?

The UK wavered over the first decision — long enough to ensure that the country suffered one of the deadliest first-wave outbreaks in the world. But in the end, the decision was made: this wasn’t just like a bad flu, which we should take on the chin. It was simply too dangerous to keep calm and carry on.

…Japan’s advice — to avoid the “Three Cs” of closed spaces, crowded places and close contact — is far more memorable to me than whatever strange combination of households, settings and exemptions the authorities in my own country are currently allowing. (Let’s not even start on the excuses made for the behaviour of Dominic Cummings.)

Nowhere was this clearer than in the government’s catastrophic handling of Christmas. It issued an incomprehensible tangle of rules allowing a three-household “Christmas bubble”, basked in headlines such as “Boris Johnson battles experts to save Christmas” and finally backpedalled at the last moment. The result was that many families made dangerous plans to spend Christmas with elderly relatives on the assumption that they must be safe because they were legal, then felt resentment at the change. Much of the damage was already done; most days in January had more than 1,000 deaths.

There is every reason to believe that vaccination is making short work of the pandemic in the UK, but it is always worth learning lessons. I’ll remember to trust the competence of the government a little less, to trust mathematical models a little more and to have some respect for the decency of ordinary people.

«

unique link to this extract

Do we really still need to wear masks outside? • Slate

Shannon Palus:

»

as we’ve come to know more about the virus, as vaccinations are ramping up, and as we’re trying to figure out how to live with some level of COVID in a sustainable way, masking up outside when you’re at most briefly crossing paths with people is starting to feel barely understandable. Look: I believe masks (and even shaming) are indispensable in controlling the spread of the coronavirus. Despite early waffling, public health experts are virtually unanimously in support of them and have remained so even as our early dedication to scrubbing surfaces and Cloroxing veggies wound down.

In other words, as the pandemic has progressed, so has our understanding of what safety measures are truly most useful, and which aren’t worth the alcohol wipes. And I would like to calmly suggest that now is the time we should consider no longer wearing masks when we walk around outside.

I am not suggesting this simply because I am very sick of wearing a mask at all times outside my home. When it comes to coronavirus spread, evidence shows that being outdoors is very, very safe. A paper published in Indoor Air looked at 1,245 cases in China and found just one instance of outdoor transmission, which involved people having a conversation, which means they had to be close to one another for some period of time and face to face. According to data from the Health Protection Surveillance Centre, shared earlier this month with the Irish Times, of 232,164 cases in Ireland, just 262 were associated with “locations which are primarily associated with outdoor activities.” That is, about 0.1%.

«

I’m still surprised by the Irish cases, and wonder if there was some sharing of facilities. You only have to look at the way that in the UK the number of deaths dropped dramatically during the summer even though many facilities were open, particularly restaurants for indoor eating. Simply, more people were outside, and so at lower risk. (In the UK, there’s no mandate to wear masks outdoors, only in shops and on public transport.)
unique link to this extract

Turns out, Spock is kinda bad at logic • WIRED

»

In the [Star Trek] franchise, Spock makes confident predictions based on his superior Vulcan mind. [Julia] Galef was curious to see exactly how often these predictions pan out. “I went through all of the Star Trek episodes and movies—all of the transcripts that I could find—and searched for any instance in which Spock is using the words ‘odds,’ ‘probability,’ ‘chance,’ ‘definitely,’ ‘probably,’ etc.,” she says. “I catalogued all instances in which Spock made a prediction and that prediction either came true or didn’t.”

The results, which appear in Galef’s new book The Scout Mindset, are devastating. Not only does Spock have a terrible track record—events he describes as “impossible” happen 83% of the time—but his confidence level is actually anti-correlated with reality. “The more confident he says he is that something will happen—that the ship will crash, or that they will find survivors—the less likely it is to happen, and the less confident he is in something, the more likely it is to happen,” Galef says.

Spock’s biggest weakness is his failure to understand that other people don’t always behave “logically.” He also makes no attempt to update his approach, even when his mistakes get his crewmates killed.

“He’s not a spring chicken,” Galef says. “He’s interacted with non-Vulcans before, and so presumably he’s had lots of opportunities to see that, actually, lots of people don’t behave the way he thinks they—rationally —should behave. And yet he fails to learn from those instances of missed predictions because instead he just shrugs and says, ‘Well, the world didn’t behave the way it should have.’”

«

Galef isn’t a fool, and she knows that Spock is depicted that way because the scriptwriters want to create dramatic tension between the thing you’re told must happen, and what actually happens. But there’s plenty more in the article (and its linked podcast), especially about the question: what if the human lifespans were 170 years, and it was suggested it should be halved? (For comparison: what if someone suggested halving it from 85 years to 43?)
unique link to this extract

A case for spreadsheet wireframes • UX Collective

Clair Rock:

»

[First,] I feel like it’s important to understand what a wireframe is. I’ve heard and worked with many people who use the word “wireframe” loosely, so I want to get on the same page here. We use wireframes to understand the design layout of a website. They are a low fidelity representation of the pieces that must come together to build a website. It’s the skeleton, simple as that. The blood and guts, the visual design; that comes later.

But why are wireframes important to information architects? Simple. This is the first time in a project when you can see all the strategies behind the IA connected to some visual representation of the site. The paths through the site start to become visible with a wireframe. When used appropriately and at the right time in a project, wireframes allow amendments to structure with a lot less headache. After all resetting, a bone is easier than reconstructive surgery.

I am not a visual designer, but I will happily give a client a basic static wireframe, and I know I’m not alone here. This simple deliverable can be enough. But then the inevitable happens. Something comes up, and a change must be made. The client decides they want to go in a completely different direction. Maybe the client is confused by Lorem Ipsum and doesn’t understand the “content” that is fake Latin used to fill space.

These are genuine issues. These things happen all of the time. And usually, these issues require going back to square one, maybe square two, scraping the work, and coming up with another rendition (at least in my experience). And — well, let’s be real, that’s annoying. It adds time that may not exist to get extra work done. There is rarely an opportunity to make a “simple” change in a timely fashion. It doesn’t make sense that creating such a useful and straightforward tool should come with this unnecessarily stressful work. Not only can a simple static wireframe lead to the above issues, but it also doesn’t offer enough. It can give your client an idea of how things might work, but that can be asking a lot of someone coming from a different perspective. They require a lot more explanation. And tend to have a pretty low return, at least in my experience.

And that’s why I’ve switched to making wireframes in spreadsheets.

«

Which is quite the needle scratch moment. But, as Rock shows (with an example!), it can make perfect sense; you can even do it collaboratively using tools like Google Sheets.
unique link to this extract

Errata, corrigenda and ai no corrida: none notified

Cannabis is legal in multiple American states. Could having some help you in your workout? Let’s see! CC-licensed photo by Ivan Radic on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 10 links for you. Use them wisely. I’m @charlesarthur on Twitter. Observations and links welcome.

Intel, Nvidia, TSMC execs agree: chip shortage could last into 2023 • Ars Technica

Sam Machkovech:

»

How many years will the ongoing chip shortage affect technology firms across the world? This week, multiple tech executives offered their own dismal estimates as part of their usual public financial disclosures, with the worst one coming in at “a couple of years.”

That nasty estimate comes from Intel CEO Pat Gelsinger, who offered that vague timeframe to The Washington Post in an interview on Tuesday. He clarified that was an estimate for how long it would take the company to “build capacity” to potentially address supply shortages. The conversation came as Intel offered to step up for two supply chains particularly pinched by the silicon drought: medical supplies and in-car computer systems.

…TSMC chief executive C.C. Wei offered a similarly dire estimate to investors on Thursday, saying that the Taiwan-based company hoped to “offer more capacity” for meeting retail and manufacturing demand “in 2023.” TSMC, coincidentally, is moving forward with a manufacturing plant of its own in Arizona, which Bloomberg claims could cost “up to $12bn,” despite the company clarifying that it intends to prioritize research, development, and production in its home nation.

Graphics card and SoC producer Nvidia joined the grim estimate club this week, though Nvidia has a more optimistic belief that it will emerge with “sufficient supply to support sequential growth beyond [fiscal] Q1 [2022],” according to CFO Colette Kress. Until then, “we expect demand to continue to exceed supply for much of this year,” she added.

«

The trouble with the stop-start process is that it’s so hard to avoid overshoot, either in supply or demand – the time delay in the feedback loop from sales to production means any disturbance creates shockwaves that echo on.
unique link to this extract

A 23-year-old coder kept QAnon and the far right online when no one else would • Bloomberg

William Turton and Joshua Brustein:

»

Although small, the operation serves clients including the Daily Stormer, one of America’s most notorious online destinations for overt neo-Nazis, and 8kun, the message board at the center of the QAnon movement, whose adherents were heavily involved in the violence at the Capitol on Jan. 6.

[23-year-old Nick] Lim exists in a singularly odd corner of the business world. He says he’s not an extremist, just an entrepreneur with a maximalist view of free speech. “There needs to be a me, right?” he says, while eating pho at a Vietnamese restaurant near his headquarters. “Once you get to the point where you look at whether content is safe or unsafe, as soon as you do that, you’ve opened a can of worms.” At best, his apolitical framing comes across as naive; at worst, as preposterous gaslighting. In interviews with Bloomberg Businessweek early in 2020, Lim said he didn’t really know what QAnon was and had no opinion about Donald Trump.

…Voices from across the U.S. political spectrum have registered concerns about companies setting up litmus tests to ban groups from the internet. That said, the voices Lim supports tend to come from the same general neighborhood. He sought out Andrew Anglin, who runs the Daily Stormer, to offer the neo-Nazi free tech support. He says his largest customer is 8kun, and he has a personal relationship with Ron Watkins, the site’s former administrator and one of its key leaders since its inception.

Lim argues that the real political crisis facing the U.S. is not extremist violence but erosion of the First Amendment. He says that restrictions on online speech have already brought the U.S. to the verge of communist tyranny, that “we are one foot away from 1984.” After a moment, though, he offers a sizable qualifier: “I never actually read the book, so I don’t know all the themes of the book. But I have heard the concepts, and I’ve seen some things, and I thought, ‘Whoa! That’s sketchy as f—.’ ”

VanwaTech’s headquarters is a squat, one-story house in a sidewalkless subdivision that’s just over the state line from Portland, Ore. Lim inherited the place from his grandparents, according to state records. While he regularly talks about VanwaTech as a growing enterprise with a dedicated staff, he seems to be the only one around who’s working at the company. He rents rooms on the cheap to friends from high school who help keep the party going. The crew has nicknamed the house Vansterdam.

«

He’s clearly just a single nutcase with no clear rationale, but these days that’s all you need to keep a lot of hate onlne.
unique link to this extract

Facebook has beefed up its ‘oversight board’, but any new powers are illusory • The Guardian

Emily Bell:

»

“I’ve been told directly by leadership that I should ignore these cases because if they are impactful, we’ll eventually receive PR flak over it and motivate a change,” noted [former Facebook data scientist Sophie] Zhang at the time. “The assumption is that if a case does not receive media attention, it poses no societal risk … What is our responsibility when societal risk diverges from PR risk?”

Within these sentences lies an explanation of how Facebook is slowly and somewhat painfully re-engineering itself, and in doing so forging a template for new media gatekeeping which is not a million miles away from old media gatekeeping. Facebook has found itself repeatedly responding to a press cycle it dominates far more than it would like.

At least some of this shift can be credited to Britain’s former deputy prime minister Nick Clegg, who is now Facebook’s head of global communications. This involves a mitigation strategy that looks very familiar to anyone with a background in British journalism: one seemingly focused on the creation of a circle of trusted journalists (and non-journalists) who are drip-fed access, with favoured sources given off-the-record briefings; meanwhile, pressure is applied and access restricted to editors and journalists who disappoint.

And if you cannot beat the media, you can now at least be the media. In March, Clegg wrote an enormously long piece advancing Facebook’s PR talking points: namely that it is human behaviour, not platform design, that causes political division. To prove it, he cites numerous studies without mentioning that a number come from academics and institutions that have received either Facebook funding or privileged access to Facebook data in the past.

The post was not published on the Facebook news blog, or in a Facebook post, but on a separate platform entirely, Medium. But despite such efforts, Clegg’s separation from the platform, like the Oversight Board’s independence, is illusory. However, it demonstrates a new truth for Facebook: the company is tackling the impact problem first, because its design problem is unsolvable.

«

unique link to this extract

Missing California hiker found after mystery photo reveals location • SFGate

Katie Dowd:

»

A mystery photo and a geography enthusiast helped locate a missing California hiker who is now safely back home.

Rene Compean of Palmdale was on a hike Monday near Mount Waterman, a popular ski destination in the San Gabriel Mountains in Southern California. While the 45-year-old was on his outdoor adventure, he snapped a picture. It showed him from the knees down, dangling his bare legs from a precipice with a canyon below and slopes in the distance. Compean texted the shot to a friend. And then, he went off the map.

He was reported missing at 6 p.m. by a friend, who received one last text from Compean saying he was worried he was lost and his cell phone battery was running low. The photo was turned over to investigators at the Los Angeles County Sheriff’s Department who posted it to social media, asking if anyone recognized the spot in the photograph.

Benjamin Kuo saw the message and thought he might be able to help. As a satellite image aficionado, he was already familiar with tracking California wildfires in remote areas.

«

The photo doesn’t offer much to go on, which makes Kuo’s success all the more impressive. Though, as a suggestion, if you think you’re lost and you’re going to send a photo, perhaps screenshot your location on your map app and send that?
unique link to this extract

I got high to see if weed would help me work out • Vice

Casey Johnston:

»

Now, weed after working out is an unequivocal recommend: It makes you hungry, thirsty, and relaxed; eating, drinking water, and sleeping are incredible for recovery. But the first (reasonable) question, that the letter-writer didn’t ask but we should nonetheless address, might be “Isn’t getting high to work out at best just a waste of perfectly good weed?” How is weed, a peaceful and chill substance, not fundamentally opposed to working out, a task that requires energy and initiative?

Well, first, people who like weed find that it can make working out a better experience. A 2019 Nature survey found that about 70% of 600 cannabis users said cannabis made working out more enjoyable. Eight out of 10 cannabis users use weed before or after working out, and that it “helps them enjoy exercise more” (people who used weed worked out more for more time overall than people who didn’t) and improves their recovery.

…One big reason I wanted to try weed before working out was that I get really in my head about what an overwhelming and lengthy task working out is and all the various ways I might not do it as well as I want to. I wondered if weed might help me get over that hump of trying to bargain my way out of each individual workout, and even, as some of the people above are saying, make the more chore-like parts of it more fun. A list from The Cut suggests that weed is actually a nice pairing with lots of mundane activities: going to the grocery store, personal finance, extracting ingrown pubic hairs, as well as doing hot yoga and gymnastics (!).

«

A funny yet educational read. Her running experiment is quite something.
unique link to this extract

A grey single-pixel ‘work’ sells for $1.3m at Sotheby’s maiden NFT sale • The Art Newspaper

Kabir Jhala:

»

Yesterday, Sotheby’s achieved $16.8m for the sale of a collection of JPGs that were created within the last fortnight. That this figure seems comparatively paltry says a lot about the current, topsy-turvy state of the art market.

Within a week of Christie’s $69.3m Beeple NFT sale, Sotheby’s announced it had enlisted the digital artist and “omniscient designer/developer/wizard” Pak to collaborate on a collection of works known as The Fungible Collection, details of which were then teased out over the next week.

The sale, which ran from 12 to 14 April and was hosted on NFT platform Niftygateway, was broadly divided into two parts. The first consisted of more traditional NFT drops (something of a contradiction in terms) in which two standalone works, both one-off editions, were offered up to online bidders. The first The Switch brought in 10 bids upon its release on 12 April, but after climbing to $1.4m, received no further offers after the first day and was sold to @damien.

The second, The Pixel—which is literally a single grey pixel—made $1.3m, following a last-minute bidding war that extended its sale by an hour. It went to the digital art collector Eric Young who tweeted that The Pixel had “occupied a great deal of [his] mind over the past few days”.

The sale’s second part was less straightforward. Alongside the standalone works, Pak also dropped a series of “open edition” cube works. They were initially released at a price of one cube costing $500 and ranged up to a 1,000-cube work for $500,000. Corresponding NFTs would then be issued depending on how many cubes the bidder had purchased.

«

And they have The Pixel right there on the page. Absolutely indistinguishable from any other copy of The Pixel. Who knows which is “the one”? Nobody. This whole thing is nonsense for people with too much money, but I remember when art didn’t also consume enough energy to light a city.
unique link to this extract

Google Earth’s historical 3D time lapses show the ravages of climate change • The Verge

Jay Peters:

»

Google Earth is getting a new 3D time-lapse feature that lets you observe how Earth has changed from 1984 to 2020, allowing you to see just how much the devastating effects of climate change have already shaped the geography of the planet.

“It’s best for a landscape view of our world,” Rebecca Moore, director of Google Earth, Google Earth Engine, and Google Earth Outreach, said in a call with reporters this week. “It’s not about zooming in. It’s about zooming out. It’s about taking the big step back. We need to see how our only home is doing.”

The feature (which Google calls “Timelapse,” one word) will be available in Google Earth starting Thursday. To access it, launch Google Earth and then click or tap on the Voyager tab (which has an icon that looks like a ship’s wheel). You can search for a place of interest or check out one of Google’s five “guided tours” about forest change, urban growth, warming temperatures, mining and renewable energy sources, and “the Earth’s fragile beauty.”

To get an idea of what the feature lets you see, check out this time lapse GIF of the changing shores of Cape Cod, Massachusetts, from Google:

«

You can launch it directly here. For best effect, do a direct comparison back and forth between 1984 and 2020.
unique link to this extract

This Apple ‘Spring Loaded’ invite theory is kinda blowing our minds • Macworld

Michael Simon:

»

It wouldn’t be an Apple event without a little friendly sleuthing, and the Spring Loaded invite is no exception. But unlike the usual shot-in-the dark wild guesses, there’s one that caught our attention this time.

We’re not sure it actually means anything, but people more conspiratorially minded than us have noticed that if you rotate and resize the squiggly drawing of the rainbow Apple logo on the invitation, it looks a lot like the cursive “hello” that appeared in the original Mac advertisement. We didn’t really believe it until we overlaid the two images on top of each other, and as you can see below, they match up quite well. Even the leaf fits on the top half of the “H”. 

Considering there are rumors of new iMacs arriving soon, consider our curiosity piqued.

«

Somewhere an Apple graphic designer who thought that it would look quite fun to use the “llo” from the original Mac “Hello” campaign to look like a spring, because it’s a spring event, is laughing uproariously.
unique link to this extract

US Treasury provides missing link: Manafort’s partner gave campaign polling data to Kremlin in 2016 • Just Security

Justin Hendrix:

»

The U.S. Treasury Department said Thursday that Konstantin Kilimnik, an associate and ex-employee of Paul Manafort, “provided the Russian Intelligence Services with sensitive information on polling and campaign strategy,” during the 2016 election, an apparently definitive statement that neither Special Counsel Robert Mueller nor the Senate Intelligence Committee investigation made in their final reports. 

“This is new public information that connects the provision of internal Trump campaign data to Russian intelligence,” Andrew Weissmann, who led the prosecution of Manafort for the Special Counsel, told Just Security on Thursday. 

The eye-catching statement was included in an announcement of new sanctions related to Russian interference in U.S. elections. The Biden administration took a number of steps Thursday to punish Russia, not only for election interference, but also the SolarWinds cyberattack, its ongoing occupation of Crimea, and human rights abuses. 

Kilimnik was one of 16 individuals the Treasury Department announced it was sanctioning for attempting to influence the 2020 U.S. presidential election at the direction of the Kremlin. The Treasury Department is also imposing new sanctions on 16 entities, including several Russian disinformation outlets. 

«

This is the collusion that was denied and denied and denied by the Trump campaign. The Mueller report never made the final connection – passing the data to the Kremlin.
unique link to this extract

Verizon, AT&T, T-Mobile kill RCS plans • Light Reading

Mike Dano:

»

The biggest wireless network operators in the US announced in 2019 that they would jointly launch a Rich Communications Services (RCS) messaging app sometime in 2020.

Under the auspices of their new Cross Carrier Messaging Initiative (CCMI), the companies said in late 2019 they would use vendor Synchronoss Technologies to handle the technological logistics of the effort. And in May 2020, Synchronoss said “we continue to believe the RCS-based advanced messaging service will be launched by the CCMI joint venture in 2020.”

But it was not to be.

“While we’re not at liberty to speak on behalf of CCMI and no launch date for the service has been formally announced, Synchronoss is continuing to move forward with preparations and look forward to helping bring RCS-based messaging to US subscribers,” the company said in response to questions from Light Reading.

Verizon was a bit more blunt: “The owners of the Cross Carrier Messaging Initiative decided to end the joint venture effort. However, the owners remain committed to enhancing the messaging experience for customers including growing the availability of RCS,” the operator said in a statement to Light Reading.

The development really comes as no surprise.

“The [RCS] market has been impossibly slow for a decade now,” analyst Lynnette Luna of GlobalData told Light Reading. Luna wrote a report on RCS in the US in June 2020 and has not seen a reason to update it yet.

«

RCS, if you’d forgotten, is the SMS 2.0 (or WhatsApp-Lite) which would at least be better than SMS. The trouble for the carriers (and Google, which has been pushing RCS hard to Android) is that there’s no particular revenue in it for them, and Apple – which has 40% or more of the smartphone market in the US – doesn’t support it.

It might happen on Android, but it’s not going to be cross-platform. So the carriers don’t care.
unique link to this extract

Errata, corrigenda and ai no corrida: none notified

A crowded beach might contain a lot of people, but data shows it doesn’t pose a Covid risk.CC-licensed photo by Joe Shlabotnik on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 10 links for you. Use them wisely. I’m @charlesarthur on Twitter. Observations and links welcome.

EU set to ban surveillance, start fines under new AI rules • Bloomberg

Natalia Drozdiak:

»

The European Union is poised to ban artificial intelligence systems used for mass surveillance or for ranking social behavior, while companies developing AI could face fines as high as 4% of global revenue if they fail to comply with new rules governing the software applications.

The rules are part of legislation set to be proposed by the European Commission, the bloc’s executive body, according to a draft of the proposal obtained by Bloomberg. The details could change before the commission unveils the measure, which is expected to be as soon as next week.

The EU proposal is expected to include the following rules:

• AI systems used to manipulate human behavior, exploit information about individuals or groups of individuals, used to carry out social scoring or for indiscriminate surveillance would all be banned in the EU. Some public security exceptions would apply.
• Remote biometric identification systems used in public places, like facial recognition, would need special authorization from authorities.
• AI applications considered to be ‘high-risk’ would have to undergo inspections before deployment to ensure systems are trained on unbiased data sets, in a traceable way and with human oversight.
• High-risk AI would pertain to systems that could endanger people’s safety, lives or fundamental rights, as well as the EU’s democratic processes – such as self-driving cars and remote surgery, among others.
• Some companies will be allowed to undertake assessments themselves, whereas others will be subject to checks by third-parties. Compliance certificates issued by assessment bodies will be valid for up to five years.
• Rules would apply equally to companies based in the EU or abroad.

«

Let’s not forget it was the EU that gave us the delight of cookie approval on every site you visit. So I’m a little wary of their efforts to make everything wonderful in the world of AI. What counts as “AI systems used to manipulate human behaviour”? Surely that’s Facebook’s and Twitter’s and Instagram’s newsfeed algorithms. And, arguably, YouTube’s algorithm (using AI) which tries to make you watch more videos.
unique link to this extract

“It’s not cancel culture — it’s a platform failure.” • Galaxy Brain

Charlie Warzel (with the first of his Substack-sponsored newsletters, lured away from the NY Times):

»

Even if you don’t know the story, you probably have a sense of what happened next. Her lopsided Twitter poll answers [to the question: is Alien a horror film?] quickly indicated she’d expressed A Bad Opinion. The quote retweets started rolling in. The first few seemed like faux outrage at a particularly spicy genre opinion that kept with the spirit of her post — but that eventually shifted, too. People were mad. Hunt logged off and went to bed.

She woke up to angry emails from strangers. Overnight, friends in the U.K. sent concerned messages asking if she was doing alright. She opened Twitter and found her poll had 120,000 votes. Over 6000 people, including filmmakers like Kevin Smith, had angrily quote tweeted her, many demanding that she apologize — to Film Twitter, to prominent directors, to the medium of space itself. The reason? Once the tweet picked up steam, it was elevated into Twitter’s Trending Topics widget in the U.S and U.K.

The whole affair is a perfect example of context collapse, which generally occurs when a surfeit of different audiences occupy the same space, and a piece of information intended for one audience finds its way to another — usually an uncharitable one — which then reads said information in the worst possible faith (You can read about the origins here from scholar danah boyd).

In this case, the collapse was substantially amplified by Twitter’s Trending widget, which took an anodyne opinion by a verified Twitter user and displayed it to millions of random people as if it was some kind of significant pop cultural event. “My imagined audience when I tweeted this was, ‘oh, we’re all at the bar and having this low stakes debate,” she told me recently. “In retrospect, that was totally naive to think anyone would have taken it that way.”

The point of Twitter’s Trending Topics is ostensibly to surface significant news and Twitter commentary and invite others to ‘join the conversation.’ Left unsaid, of course, is that ‘the conversation’ at scale is complete garbage — an incomprehensible number of voices lecturing past each other.

«

unique link to this extract

Twitter will study ‘unintentional harms’ caused by its algorithms • Engadget

Karissa Bell:

»

Twitter has announced a new plan to study the fairness of its algorithms. As part of the effort, which the company has dubbed the “Responsible Machine learning Initiative,” data scientists and engineers from across the company will study potential “unintentional harms” caused by its algorithms and make the findings public.

“We’re conducting in-depth analysis and studies to assess the existence of potential harms in the algorithms we use,” the company wrote in a blog post announcing the initiative.

To start, the company will study Twitter’s image cropping algorithm, which has been criticized as being biased toward people with lighter skin. Twitter will also study its content recommendations, including a “a fairness assessment of our Home timeline recommendations across racial subgroups,” and “an analysis of content recommendations for different political ideologies across seven countries.”

It’s not clear how much of an impact this initiative will have. Twitter notes that in some cases it may change aspects of its platform based on its findings, and other studies may simply result in “important discussions around the way we build and apply ML [machine learning].” But the issue is a timely one for Twitter and other social media platforms.

«

Twitter, the company, is strange. There’s all this talk about “fairness” of the algorithms, yet they also drive all the wild engagement that causes absurd pile-ons. That’s exactly the intention of the algorithm(s). It’s as though they think they’re painting everything green, but are colour-blind and mix up red and green paints. (Yes, because it’s a male sort of thing.)
unique link to this extract

How the beach ‘super-spreader’ myth can inform UK’s future Covid response • The Guardian

Archie Bland:

»

According to Prof Mark Woolhouse, an epidemiologist at Edinburgh University who sits on the government’s SPI-M committee, the chance of a super-spreader event among the crowds that turned up from Bournemouth to Southend was minimal in theory – and nonexistent in practice.

“Over the summer we were treated to all this on the television news, pictures of crowded beaches, and there was an outcry about this,” he told MPs. “There were no outbreaks linked to public beaches. There’s never been a Covid-19 outbreak linked to a beach, ever, anywhere in the world, to the best of my knowledge.”

If that version of events seems at odds with stern warnings from the health secretary, Matt Hancock, that outdoor exercise could be banned, and an accusation that sunbathers were putting lives at risk, it is wholly consistent with the scientific evidence, other experts agree.

“We have known for some time that only about 10% of transmission events are linked to outdoor activities,” said Dr Müge Çevik, a lecturer in infectious diseases and medical virology at the University of St Andrews.

“Even those events generally involve either prolonged close contact or a mixture of indoor and outdoor time. We had a lot of existing knowledge even when the pandemic began about respiratory viruses and how they transmit in general, and everything directs us to the conditions in people’s homes and workplaces.”

«

unique link to this extract

Hygiene theatre: deep cleaning isn’t a victimless crime • The Atlantic

Derek Thompson, after the US Center for Disease Control revised its view of the threat of catching Covid from surfaces down to “less than 1 in 10,000”:

»

I’ve been writing about our misplaced obsession with surface hygiene since the summer. Like many, I spent the early months of the pandemic dunking my apples and carrots in soap. That was before I read a persuasive essay in the medical journal The Lancet by Emanuel Goldman, a microbiology professor at Rutgers New Jersey Medical School: “Exaggerated Risk of Transmission of COVID-19 by Fomites.” (In medical jargon, fomites are objects and surfaces that can transmit an infectious pathogen.)

This opinion ran contrary to the conventional wisdom of the broader scientific community, and Goldman told me that several journals rejected his essay. But he was not alone in his quest. Writers such as my colleague Zeynep Tufekci and researchers such as Jose-Luis Jimenez, an aerosol scientist at the University of Colorado Boulder, were also outspoken in their insistence that we needed to focus on ventilation rather than surfaces, windows rather than Windex. They were rebuffed, not only by loudmouths on Twitter and on TV, but by other scientists who clung stubbornly to an outdated view of viral spread.

Over the weekend, I caught up with Goldman to ask how it felt to be vindicated by the world’s most famous public-health organization. “On a personal level, I feel great,” he said. “But I’m kind of wondering what took them so long. There is so much inertia in the scientific establishment.”

These days, Goldman is extending his crusade against fomite fear from COVID-19 to other diseases. The old story is that if you make contact with a surface that a sick person touched, and then you touch your eyes or lips, you’ll infect yourself. While Goldman acknowledges that many diseases, especially bacterial diseases, spread easily from surfaces, he now suspects that most respiratory viruses spread primarily through the air, like SARS-CoV-2 does.

“For most respiratory viruses, the evidence for fomite transmission looks pretty weak,” Goldman said. “With the exception of RSV [respiratory syncytial virus], there are few other respiratory viruses where fomite transmission has been conclusively shown.”

«

Strangely, though the CDC revised guidance (which is very wishy-washy, and doesn’t say “well, treat the risk as zero” – even though 1 in 10,000 is about the risk of dying by self-inflicted accidental injury in the next year) quotes 36 papers, none of them is Goldman or Jimenez. That inertia is substantial. (Via John Naughton.)
unique link to this extract

China should fully lift the family planning policy to ease ageing trend: central bank paper • Global Times

»

In a rare move, the People’s Bank of China (PBC), the country’s central bank, published on Wednesday a working paper indicating that the country should not only fully lift the family planning policy, but also encourage couples to have more children in an effort to tackle the ageing population trend.

The main contradiction facing China at the moment has changed, from population expansion to the imminent loss of demographic dividend and the growing crisis of population ageing and fewer births. The report, “Understanding and Countermeasures on China’s Population Transition,” published by the PBC highlights that it is necessary to lift the fertility rate and allow people to have more children in a timely manner. Additionally, the pension system should also be improved, the paper noted.

Any delay would miss the valuable window of opportunity to respond to the demographic transition with fertility policies, repeating the fate of developed countries, said the paper.

The demographic transition is a new phenomenon for human beings, and so far, only developed countries have experienced this transition, with an ageing population and fewer children. 

«

Hugely significant. The formal abandonment of the One Child policy in 2015 was the first part, having got through a pinch point in food supply v demographics; now it’s looking to expand again.
unique link to this extract

Why has climate economics failed us? • Noahpinion

Noah Smith:

»

One big problem with climate economics is that there just isn’t enough of it. Climate change is going to affect every facet of our economy. Quantitatively, it’s vastly more important than any optimal tax calculation or detail of occupational licensing; it’s arguably even more important than the business cycle itself. But the number of papers at top journals dedicated to climate economics is miniscule. In a scathing 2019 article entitled “Why are economists letting the world down on climate change?”, economists Andrew Oswald and Nicholas Stern write:

»

We are sorry to say that we think academic economists are letting down the world.  Economics has contributed disturbingly little to discussions about climate change.  As one example, the Quarterly Journal of Economics, which is currently the most-cited journal in the field of economics, has never published an article on climate change…

We suspect that modern economics is stuck in a kind of Nash equilibrium.  Academic economists are obsessed with publishing per se and with pleasing potential referees.  The reason there are few economists who write climate change articles, we think, is because other economists do not write climate change articles.

«

…If there is one climate economist who is respected above all others, it’s William Nordhaus of Yale, who won the Econ Nobel in 2018 “for integrating climate change into long-run macroeconomic analysis.” The prize specifically cited Nordhaus’ creation of an “integrated assessment model” for analyzing the costs of climate change. The most famous of these is the DICE Model, used by the Environmental Protection Agency.

But the DICE Model, or at least the version we’ve been using for years, is obviously bananas. As climate writer David Roberts noted in 2018, according to the standard version of Nordhaus’ model, the economic cost of a 6°C increase in global temperatures would only be 10% of GDP. As Roberts notes, climate scientists believe that that level of temperature increase would make the Earth basically unlivable. An unlivable Earth is going to cost a lot more than 10% of GDP.

«

His point being that Biden’s administration is largely ignoring the bad advice, and going for more aggressive moves on climate economy.
unique link to this extract

China’s Xinjiang solar factories haunted by labour abuse claims • Bloomberg

Dan Murtaugh, Colum Murphy, James Mayger and Brian Eckhouse:

»

Three owners of Xinjiang’s polysilicon refineries have been linked to a state-run employment program that, according to some foreign governments and academics, may at times amount to forced labor. China denies such accusations and recently insisted that journalists and diplomats are free to go see for themselves.

That’s why two Bloomberg reporters went to Xinjiang in March, after weeks of unsuccessful requests for factory tours. Such visits aren’t unusual elsewhere in China. But this time a security apparatus sprang into action. Upon our landing in Urumqi, two police officers boarded the plane, one with an automatic weapon slung across his chest and a photo identifying one of the reporters in hand. After questioning on the tarmac, we left the airport. For the next three days agents followed us everywhere, obstructing all attempts to speak to locals and deleting our photos.

The veil over Xinjiang has made the search for answers about the links between China’s labor program and its solar industry a job for outside researchers—who, it turns out, have found potentially telling details just by combing through public records.

The owner of one polysilicon factory, GCL-Poly Energy Holdings Ltd., said in a 2019 report that it had accepted 121 poor minority workers from the Uyghur heartland in southern Xinjiang. Photos posted by the local government in June 2017 show workers, lined up in blue uniforms, about to be sent by the labor program to companies including East Hope Group Co., an aluminum smelter that in recent years also started producing polysilicon in Xinjiang. The previously unreported document was found by Adrian Zenz, a German researcher based in Minnesota who’s become a chief source of data about the labor program in Xinjiang—and thus a focus of China’s wrath.

«

Kudos to the Bloomberg pair in China (Murphy and Mayger) for trying. From experience, a confrontation with those types is immediately, viscerally concerning.
unique link to this extract

Next year’s iPhones will have 48-megapixel cameras and no mini option: Kuo • The Verge

Sam Byford:

»

The 2022 iPhone lineup will feature substantial changes to the camera system, according to analyst Ming-chi Kuo in an investor note reported on by MacRumors and AppleInsider. Kuo says the high-end iPhones — presumably the Pro range — will use a larger 48-megapixel sensor for the primary camera. Separately, the analyst suggests that 2023 iPhones may start to use Face ID sensors under the screen as a way to get rid of the notch.

48-megapixel sensors have been common in Android phones for years, but this component will reportedly be larger than most. It’ll be a 1/1.3-inch sensor with a pixel size of 1.25µm, according to Kuo. That’s smaller than the 1.7µm pixels in the iPhone 12 Pro Max, but Kuo says that the equivalent pixel size will be more like 2.5µm when the sensor is used for 12-megapixel images. Kuo also expects the higher-resolution sensor to enable 8K video capture.

The 2022 iPhone lineup is going to see a reduction in screen size options, Kuo says; there won’t be a 5.4in mini any more, and Apple will stick to the 6.1in and 6.7in displays on other models. The mini has reportedly not sold to Apple’s expectations, with the company said to have overestimated demand and cut production orders. The 2021 lineup, however, is expected to keep the same screen sizes.

«

It always puzzles me what possible use stories like this can be. Might you be holding out to not buy this year’s iPhone because of what there might be in next year’s? And it seems like, for any failings, the iPhone mini will be there this year – which is more than the 5C managed.
unique link to this extract

Suicide trends in the early months of the COVID-19 pandemic: an interrupted time-series analysis of preliminary data from 21 countries • The Lancet Psychiatry

(A huge number of authors):

»

We sourced data from 21 countries (16 high-income and five upper-middle-income countries), including whole-country data in ten countries and data for various areas in 11 countries). Rate ratios (RRs) and 95% CIs based on the observed versus expected numbers of suicides showed no evidence of a significant increase in risk of suicide since the pandemic began in any country or area. There was statistical evidence of a decrease in suicide compared with the expected number in 12 countries or areas: New South Wales, Australia (RR 0·81 [95% CI 0·72–0·91]); Alberta, Canada (0·80 [0·68–0·93]); British Columbia, Canada (0·76 [0·66–0·87]); Chile (0·85 [0·78–0·94]); Leipzig, Germany (0·49 [0·32–0·74]); Japan (0·94 [0·91–0·96]); New Zealand (0·79 [0·68–0·91]); South Korea (0·94 [0·92–0·97]); California, USA (0·90 [0·85–0·95]); Illinois (Cook County), USA (0·79 [0·67–0·93]); Texas (four counties), USA (0·82 [0·68–0·98]); and Ecuador (0·74 [0·67–0·82]).

This is the first study to examine suicides occurring in the context of the COVID-19 pandemic in multiple countries. In high-income and upper-middle-income countries, suicide numbers have remained largely unchanged or declined in the early months of the pandemic compared with the expected levels based on the pre-pandemic period.

«

Thus completely contradicting the claims made by anti-lockdown idiots… errr, police chiefs.
unique link to this extract

Errata, corrigenda and ai no corrida: none notified

A poll suggests that a lot of business-class seats might go begging on flights as travellers cut back or have video meetings. CC-licensed photo by Simply Aviation on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 10 links for you. Very infectious. I’m @charlesarthur on Twitter. Observations and links welcome.

UK variant isn’t linked to more severe disease or death, study finds • NBC News

Denise Chow:

»

People infected with the more contagious coronavirus variant first identified in the United Kingdom did not experience more severe symptoms and were not at higher risk of death, according to a new study published Monday.

Scientists are struggling to pin down the nature of the UK variant, which has become the dominant strain across Europe and, as of last week, in the United States. Chief among the questions: Is the variant more deadly?

The study, published in The Lancet Infectious Diseases, looked at data from last fall [autumn, dammit – Ed.] in the UK, shortly after the variant was first detected. It soon spread rapidly, eventually becoming the dominant strain circulating in the country.

The new findings add to scientists’ ever-evolving understanding of the UK variant, known as B.1.1.7, at a crucial time in the pandemic, as it and other variants are circulating widely in other countries.

Researchers looked at Covid-19 patients who were admitted to University College London Hospital and North Middlesex University Hospital from Nov. 9 to Dec. 20. The scientists sequenced virus samples from 341 patients, finding that 58% were positive for the UK variant and that 42% had been infected with a different strain.

«

March 10: UK variant has worse death rate – study in the BMJ. Confusing, really. (Thanks G for the link.)
unique link to this extract

Google is poisoning its reputation with AI researchers • The Verge

James Vincent:

»

The company’s decision to fire Timnit Gebru and Margaret Mitchell — two of its top AI ethics researchers, who happened to be examining the downsides of technology integral to Google’s search products — has triggered waves of protest. Academics have registered their discontent in various ways. Two backed out of a Google research workshop, a third turned down a $60,000 grant from the company, and a fourth pledged not to accept its funding in the future. Two engineers quit the company in protest of Gebru’s treatment and just last week, one of Google’s top AI employees, a research manager named Samy Bengio who oversaw hundreds of workers, resigned. (Bengio did not mention the firings in an email announcing his resignation but earlier said he was “stunned” by what happened to Gebru.)

“Not only does it make me deeply question the commitment to ethics and diversity inside the company,” Scott Niekum, an assistant professor at the University of Texas at Austin who works on robotics and machine learning, told The Verge. “But it worries me that they’ve shown a willingness to suppress science that doesn’t align with their business interests.

…It’s likely there will be more protest and more resignations, too. After Bengio left the company, Mitchell tweeted, “Resignations coming now bc people started interviewing soon after we were fired,” and that “job offers are just starting now; more resignations are likely.” When asked for comment on these and other issues highlighted in this piece, Google offered only boilerplate responses.

«

Smart reporting. Internal and external problems for Google?
unique link to this extract

Israel may have destroyed Iranian centrifuges simply by cutting power • The Intercept

Kim Zetter:

»

The explosion and blackout at the Natanz nuclear facility in Iran over the weekend raised the specter of past sabotage — including the Stuxnet cyberattack that took out some of Natanz’s centrifuges between 2007 and 2010 as well as an explosion and fire that occurred there last July — destroying about three-fourths of a newly opened plant for the assembly of centrifuges.

Government officials and news reports gave conflicting accounts of what caused the latest blasts, the extent of damage, and Iran’s capacity to quickly recover. Initial reports said there was no harm to the Natanz facility, but Iranian officials later acknowledged damage to its centrifuges.

And while media accounts have suggested saboteurs focused on taking out the facility’s electric supply, David Albright, founder and president of the Institute for Science and International Security in Washington, D.C., believes the aim was to destroy centrifuges. Power is easy to restore even when electrical equipment is damaged, allowing enrichment work to quickly resume. But an abrupt blackout that also takes out backup power would have destroyed some centrifuges, Albright says, since they need to be powered down slowly. Failure to do so leads to vibrations that can cause centrifuge rotors and bellows to become damaged and in some cases disintegrate, which is what Albright suspects occurred.

«

Rather than a cyberattack, a la Stuxnet, seems to have been a simple (but targeted) explosion. The reading of this action (by Israel) is that it’s trying to tell the US and allies that it doesn’t want the return of the JCPOA (the US-Iran agreement which limited Iran’s nuclear powers, but which others thought was used to exceed those limits).

Yet weirdly, Israel’s action probably stymied Iran and could push it back towards the JCPOA.
unique link to this extract

Siri reveals Apple Event planned for Tuesday, April 20 • MacRumors

Sami Fathi:

»

Siri has apparently prematurely revealed that Apple plans to hold an event on Tuesday, April 20, where the company is expected to reveal brand new iPad Pro models and possibly its long-awaited AirTags trackers.

Upon being asked “When is the next Apple Event,” Siri is currently responding with, “The special event is on Tuesday, April 20, at Apple Park in Cupertino, CA. You can get all the details on Apple.com.” The event will likely be a pre-recorded affair without media in attendance and should be live-streamed on Apple’s website and YouTube channel.

Siri is not providing the information in all instances and will in some cases simply refer you to Apple’s website for information on events, but multiple MacRumors editors and readers have seen the premature information across Apple devices including iPhone, iPad, Mac, and HomePod.

«

Once the event had been announced, Siri stopped doing that. Would love to know how the suggestion of “ask Siri when the next Apple event is” got going, because it’s not the sort of thing you get up in the morning and ask. Perhaps a little birdie in Apple PR said a word in someone’s ear…

As to speculation – it’s the time of year for iPads and, perhaps, AirTags (as the rival products won’t launch until June or so). Not expected: Macs.
unique link to this extract

Is content moderation a dead end? • Benedict Evans

»

I wonder how far the answers to our problems with social media are not more moderators, just as the answer to PC security was not virus scanners, but to change the model – to remove whole layers of mechanics that enable abuse. So, for example, Instagram doesn’t have links, and Clubhouse doesn’t have replies, quotes or screenshots. Email newsletters don’t seem to have virality.

Some people argue that the problem is ads, or algorithmic feeds (both of which ideas I disagree with pretty strongly – I wrote about newsfeeds here), but this gets at the same underlying point: instead of looking for bad stuff, perhaps we should change the paths that bad stuff can abuse. The wave of anonymous messaging apps that appeared a few years ago exemplify this – it turned out that bullying was such an inherent effect of the basic concept that they all had to shut down. Hogarth contrasted dystopian Gin Lane with utopian Beer Street – alcohol is good, so long as it’s the right kind. 

Of course, if the underlying problem is human nature, then you can still only channel it. No-one robs payroll trucks anymore, but I get lots of messages asking me to send my life savings to Nigeria. Moving enterprise applications to the cloud created phishing, and a sandboxed OS creates a bigger market for zero-day exploits. But, we did manage to fix cities, mostly. So I wonder how differently newsfeeds and sharing will work in five years, and how many more new social companies will shift assumptions about mechanics and abuse.

«

It’s an important topic. I have my own suggestion for how to minimise the problem, which I put forward in my forthcoming book. Available for preorder, publication in June.
unique link to this extract

Who Has Your Face? • Electronic Frontier Foundation

»

A majority of Americans are in face recognition databases in use by the government. Photos you provide for identification are often shared, without your consent, with law enforcement, the FBI, ICE, and others. Those agencies use flawed facial recognition technology to compare your face with those in mugshots, social media images, and other photos of people suspected of committing crimes, potentially putting you at risk of being misidentified and invading your privacy. Learn who has YOUR face:

«

Even if (like me) you don’t live in the US, but have visited there, you’ll be on multiple databases. Worth trying.
unique link to this extract

Clubhouse data leak – 1.3m SQL database leaked online • CyberNews

»

Days after scraped data from more than a billion Facebook and LinkedIn profiles, collectively speaking, was put for sale online, it looks like now it’s Clubhouse’s turn. The upstart platform seems to have experienced the same fate, with an SQL database containing 1.3 million scraped Clubhouse user records leaked for free on a popular hacker forum.

The leaked database contains a variety of user-related information from Clubhouse profiles, including:

• User ID
• Name
• Photo URL
• Username
• Twitter handle
• Instagram handle
• Number of followers
• Number of people followed by the user
• Account creation date
• Invited by user profile name

Clubhouse has issued a statement about the incident on social media, saying they have not experienced a breach of their systems. The company said that the data is already publicly available and that it can be accessed by “anyone” via their API.

…According to CyberNews senior information security researcher Mantas Sasnauskas, the posting of scraped Clubhouse user data reveals a potential privacy issue within the social media platform itself: “The way the Clubhouse app is built lets anyone with a token, or via an API, to query the entire body of public Clubhouse user profile information, and it seems that token does not expire.”

Sasnauskas argues that even though the Clubhouse privacy policy does not allow unauthorized data mining and data scraping, the platform should go beyond simply stating it in the rules.

«

Well, yes. It’s irresponsible. If people can scrape data, they will. Also: useful to know precisely how big Clubhouse is.
unique link to this extract

OnePlus Watch review: the worst smartwatch i’ve ever used • Gizmodo

Victoria Song:

»

It’s rare for a flagship gadget to fail on every single front, and yet the OnePlus Watch has managed to pull it off.

Every little thing went wrong when I tested this watch. It tracked every activity inaccurately. It said I was sleeping when I was awake. My step counts were off by more than 10,000 steps. I changed my measurements to the imperial system, but sometimes it showed me data using the metric system anyway, just for fun. I went to test a marquee feature that the company touted during its announcement, only to find out that actually it wouldn’t be available at launch.

When I sat down to write this review, I wondered if it was too harsh to call this the worst smartwatch ever made. After all, it could at the very least deliver notifications. My wrist then buzzed with the fury of a thousand angry bees as I simultaneously got 40 notifications for emails that were sent four hours earlier. It’s impossible to overstate how bad this smartwatch is at its job.

…I’d say it’s inoffensive on the wrist, except for the fact that it also looks like I’m wearing a dinner plate.

«

She does go into detail, but it’s mostly like someone putting a a piece of paper through a shredder again and again. She really did not like it. As a reminder, OnePlus chose not to go with Google’s Wear OS, but to write its own.
unique link to this extract

MachinePix Weekly #36: Milo Werner, former head of new product introduction, Tesla • MachinePix Weekly

»

Kane Hsieh: What are some things that people may not realize or appreciate about shipping EVs [electric vehicles], especially compared to ICE [internal combustion engines]?

[Ms] Milo Werner: One, EVs have very few moving parts. The cost of maintenance on EVs is dramatically less, which is why the cost of ownership is so different for electric cars.

They’re also much more modular than a traditional internal combustion engine (ICE) vehicle. When you import a car into Europe, you can avoid the import tariff by assembling half of the value of the vehicle in the EU. For an ICE vehicle, think about assembling the engine and transmission: getting to that dollar value is really difficult. In an EV, the dollar value of the motor and battery is about 40–50% the price of the car. So the way Tesla imported vehicles into Europe in 2015 was to install the battery and motor in the receiving country. It’s a few dozen bolts to install the battery and drive unit.

KH: I recently switched to an EV Zero and I don’t miss the gas engine or shifting at all.

MW: For a long time, I drove a biodiesel VW Golf. Moving from a Golf to a Model S was like night and day; I’ll never go back.

KH: As you look to the future, what opportunities will EVs unlock for us?

MW: One of the biggest opportunities that I see on the horizon is the integration of vehicles to grid and home. A lot of people are installing batteries in their homes—but in the US, the energy consumption of a home is so much greater than what a home battery can provide. The home battery is not a viable backup solution. Even if batteries were free, the solar power installed on a standard US residential roof cannot charge a battery that would support your home for 24 hours. Eight-plus hours maybe, but it’s just not possible for 24 hours.

If you’re driving around a 100kWh battery, that’s going to support your home for up to three days.

«

Read it all for the wildest reason why a Tesla production line was stopped: you’d never guess it.
unique link to this extract

Business travellers planning to cut future flights, poll finds • The Guardian

Damian Carrington:

»

Most business travellers in the UK will take fewer flights than they used to, according to a poll, thanks to increased use of video conferencing. Only a third expected to return to the same level of flying as before the coronavirus pandemic, once travel restrictions are lifted.

The huge reduction in air travel caused by Covid-19 had no impact on the work life or productivity of the majority of the business flyers, the poll found, with one in five saying the shutdown had had a positive impact.

Carbon emissions from aviation were growing at 5.7% a year before the pandemic, despite many countries committing to cut all emissions to net zero by 2050 to tackle the climate crisis. Green campaigners argue that the aviation shutdown provides an opportunity to put the sector on a sustainable trajectory.

Business-class seats provide most of airlines’ revenues but result in more emissions than those in the economy cabin because of the greater space occupied by each passenger.

Business fliers also fly far more frequently than most holidaygoers, with 10% of those in the poll taking more than 10 flights in the year up to the first lockdown in March 2020. Bill Gates recently estimated that more than 50% of business travel would end as companies adopted online meetings and cut costs.

«

So… lots of cut-price business-class seats? Airlines are going to be struggling for a while, seems like.
unique link to this extract

Errata, corrigenda and ai no corrida: none notified