Start Up: the Android (and iOS?) trackers, faking neutrality, getting deregulation wrong, and more


Yup, you just need to learn how to merge in traffic. Photo by wiccked on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 10 links for you, Man (Person) Of The Year. I’m @charlesarthur on Twitter. Observations and links welcome.

Staggering variety of clandestine trackers found in popular Android apps • The Intercept

Yael Grauer:

»

Researchers at Yale Privacy Lab and French nonprofit Exodus Privacy have documented the proliferation of tracking software on smartphones, finding that weather, flashlight, rideshare, and dating apps, among others, are infested with dozens of different types of trackers collecting vast amounts of information to better target advertising.

Exodus security researchers identified 44 trackers in more than 300 apps for Google’s Android smartphone operating system. The apps, collectively, have been downloaded billions of times. Yale Privacy Lab, within the university’s law school, is working to replicate the Exodus findings and has already released reports on 25 of the trackers.

Yale Privacy Lab researchers have only been able to analyze Android apps, but believe many of the trackers also exist on iOS, since companies often distribute for both platforms. To find trackers, the Exodus researchers built a custom auditing platform for Android apps, which searched through the apps for digital “signatures” distilled from known trackers. A signature might be a tell-tale set of keywords or string of bytes found in an app file, or a mathematically-derived “hash” summary of the file itself.

The findings underscore the pervasiveness of tracking despite a permissions system on Android that supposedly puts users in control of their own data. They also highlight how a large and varied set of firms are working to enable tracking…

…Among the Android apps identified by the researchers were, with six or seven trackers each, dating apps Tinder and OkCupid, the Weather Channel app, and Superbright LED Flashlight; the app for digital music service Spotify, which embedded four trackers, including two from Google; ridesharing service Uber, with three trackers; and Skype, Lyft, Accuweather, and Microsoft Outlook.

«

BoingBoing is not pleased about the lack of availability for iOS:

»

As Exodus and Yale note, these trackers are almost certainly also present in iOS: the companies that make them advertise their iOS compatibility, for one thing. But iOS is DRM-locked and it’s a felony – punishable by a 5-year prison sentence and a $500,000 fine for a first offense in the USA under DMCA 1201, and similar provisions of Article 6 of the EUCD in France where Exodus is located – to distribute tools that bypass this DRM, even for the essential work of discovering whether billions of people are at risk due to covert spying from the platform.

«

Would be good to get some info about the Android apps, and then make some suppositions about the iOS ones. (Though I think many more Android apps are ad-supported than iOS ones: people pay for the latter.) Also, “digital signatures for known trackers” is a bit weak. The Exodus page suggests it analyses network traffic on a simulated device.
link to this extract


More than a million pro-repeal net neutrality comments were likely faked • Hackernoon

Jeff Kao:

»

NY Attorney General Schneiderman estimated that hundreds of thousands of Americans’ identities were stolen and used in spam campaigns that support repealing net neutrality. My research found at least 1.3 million fake pro-repeal comments, with suspicions about many more. In fact, the sum of fake pro-repeal comments in the proceeding may number in the millions. In this post, I will point out one particularly egregious spambot submission, make the case that there are likely many more pro-repeal spambots yet to be confirmed, and estimate the public position on net neutrality in the “organic” public submissions.¹

Key Findings:
• One pro-repeal spam campaign used mail-merge to disguise 1.3 million comments as unique grassroots submissions.
• There were likely multiple other campaigns aimed at injecting what may total several million pro-repeal comments into the system.
• It’s highly likely that more than 99% of the truly unique comments³ were in favor of keeping net neutrality.

«

Less than 800,000 of the 22m comments (ie about 3%) estimated to be unique. Out of 1,000 sampled, only three were pro-repeal.
link to this extract


Drivers who merge at the last minute may be annoying … but they’re right • HowStuffWorks

Jesslyn Shields:

»

If you’re old enough to drive, you’re old enough to have some thoughts about the best way to merge into highway traffic when your lane is ending or closing due to a wreck or road work. When you see the big, orange “LANE CLOSED IN 1000 FT” sign, you’ve got a couple of options:

• Immediately turn on your blinker and wait until somebody in the next lane lets you in.
• Just stay in your lane and wait for all the polite people to get out of your way before zooming to the front of the line and merging when the lane closes. Watch as people who merged early rage in your general direction.

To most people, the first option seems more courteous and patient — less selfish. But study upon study proves the upstanding early-mergers among us are just creating a single long, slow line of traffic that’s not only frustrating for drivers, it’s inefficient because it minimizes the amount of usable road — and it even causes accidents.

What we all should be doing is called the “zipper merge,” or Reißverschlusssystem, as the Germans call it. In this system, every car in the lane that’s ending drives all the way up to the front of the line and takes turns merging with the other lane of traffic. (From above, it looks a bit like teeth on a zipper coming together.) Because the system uses all the available road space for as long as possible, it cuts congestion by 40%.

«

Just putting this aside to read out to my wife for the next time we’re on a motorway. That 40% figure is quite something. Given how bad tailbacks can be from this, why aren’t there signs about it at such merge points?
link to this extract


FBI gave heads-up to fraction of Russian hackers’ US targets • Associated Press

Raphael Satter, Jeff Donn and Desmond Butler:

»

In the absence of any official warning, some of those contacted by AP brushed off the idea that they were taken in by a foreign power’s intelligence service.

“I don’t open anything I don’t recognize,” said Joseph Barnard, who headed the personnel recovery branch of the Air Force’s Air Combat Command.

That may well be true of Barnard; Secureworks’ data suggests he never clicked the malicious link sent to him in June 2015. But it isn’t true of everyone.

An AP analysis of the data suggests that out of 312 U.S. military and government figures targeted by Fancy Bear, 131 clicked the links sent to them. That could mean that as many as 2 in 5 came perilously close to handing over their passwords.

It’s not clear how many gave up their credentials in the end or what the hackers may have acquired.

Some of those accounts hold emails that go back years, when even many of the retired officials still occupied sensitive posts.

Overwhelmingly, interviewees told AP they kept classified material out of their Gmail inboxes, but intelligence experts said Russian spies could use personal correspondence as a springboard for further hacking, recruitment or even blackmail.

«

link to this extract


Inside the X moonshot factory: Where Google’s ideas fly high (or fizzle) • GeekWire

Alan Boyle:

»

“We’re very bullish about Loon, and they have significant work still to do — call it two or three minor miracles that they still need in order to be a thriving business,” [Google X chief Astro] Teller said. “But unlike some projects, they have about 10 different levers that they can pull, so they can spread that need for two or three small miracles across a lot of different things. … We have great confidence that they’re going to do it.”

Teller voiced great confidence in X’s future as well. More than a year ago, there were rumblings that the moonshot factory was getting bogged down in organizational inertia, but the emergence of Waymo and other graduates seems to have turned the tide.

Idea factories are turning into a growth industry — thanks in part to new entrants in the Seattle area such as BlueDot, Intellectual Ventures’ ISF Incubator and the Allen Institute for Artificial Intelligence’s startup incubator. The way Teller sees it, all that interest validates the approach that he’s been pioneering for years.

“I feel like we’re in competition with the problems, not in competition with other people trying to solve problems,” he told GeekWire. “I’m so happy to see other groups trying to solve some of humanity’s problems.”

«

Because there’s nothing new to say about Google X (it’s been written up scores of times), whenever you see a profile of it and/or Astro Teller, the question to ask is “what perceived problem does Google PR want this article to solve?” The answer’s in that “organisational inertia” quote: make it seem zippy again.
link to this extract


Australian coalition could allow firms to buy access to facial recognition data • The Guardian

Elise Thomas:

»

The Australian federal government is considering allowing private companies to use its national facial recognition database for a fee, documents released under Freedom of Information laws reveal.

The partially redacted documents show that the Attorney General’s Department is in discussions with major telecommunications companies about pilot programs for private sector use of the Facial Verification Service in 2018. The documents also indicate strong interest from financial institutions in using the database.

The government has argued that the use of facial recognition is necessary for national security and to cut down on crimes such as identity fraud. The Attorney General’s Department says private companies could only use the service with the person’s consent.

But experts and civil society advocates have expressed concerns over lack of transparency and oversight of facial recognition programs.

Monique Mann, a director of the Australian Privacy Foundation and a lecturer at the faculty of law at the Queensland University of Technology, said that requiring companies to ask for consent may not be enough to protect consumers’ rights or mitigate the risks involved with biometric data, and would encourage firms to store more data.

«

Where have Australians voted for this?
link to this extract


ZTE Axon M review: double trouble – The Verge

Chaim Gartenberg on ZTE’s phone which gives you two side-by-side portrait screens, so basically a small Android tablet with a fold (or you can run two phone apps side-by-side):

»

The Axon M isn’t the first attempt at a dual-screen Android phone. The benefit of time and more powerful hardware means that the Axon M can actually follow through on some of the promises, like running multiple apps and full-screen integration, that precursors like the Kyocera Echo simply weren’t able to do.

But if the Axon M is the first dual-screen phone that can actually execute the idea of a two-screened device, using it in practice has me doubting whether the idea actually has practical merit. It is cool, on a purely technical level, to be able to unfold your phone and run a giant version of Alto’s Adventure or two apps side by side. But between the hacked-together software execution and the overall lack of productive application for it, it’s hard to look at the Axon M as anything more than a fun gimmick. And with the hefty $725 price tag and a plethora of more powerful, better-designed, and cheaper Android flagships out there, it’s probably worth sticking to one screen for now.

«

link to this extract


Security advice for Congressional campaigns • Tech Solidarity

Maciej Ceglowski (who runs Pinboard) is advising Congressional teams on how to avoid being hacked, or leaving private information where it will become public:

»

Thank you for attending a training session! We covered a lot of ground, so these notes are meant to serve as a reference and reminder of the advice we gave you.

Remember that as a Congressional campaign, you are at exceptionally high risk. The guidelines below are intended to protect you against the kind of threats we saw in 2016. They are ranked in rough descending order of priority.

The good news is, if you follow these guidelines, you will have a high level of protection against being ‘Podesta-ed’. The easiest way to get this protection is to form good security habits before you need them.

«

The main thrust: trust Google for the content and software, iPhones and iPads for the hardware, two-factor everything. “The least safe way to open an attachment is to double-click it on your laptop. Never do this.” Advice for the ages.
link to this extract


Fixing the MacBook Pro • Marco.org

Marco Arment:

»

Despite my love for the previous Retina MacBook Pro, I won’t be able to use it forever. The best laptop to ever exist should be in the future, not the past.

There’s a lot to like about the new MacBook Pros, but they need some changes to be truly great and up to Apple’s standards.

Here’s what I’m hoping to see in the next MacBook Pro that I believe is technically possible, reasonable, widely agreeable, and likely for Apple to actually do, in descending order of importance:

1) Magic Keyboard

Butterfly keyswitches are a design failure that should be abandoned. They’ve been controversial, fatally unreliable, and expensive to repair since their introduction on the first 12” MacBook in early 2015. Their flaws were evident immediately, yet Apple brought them to the entire MacBook Pro lineup in late 2016.

After three significant revisions, Apple’s butterfly keyswitches remain as controversial and unreliable as ever. At best, they’re a compromise acceptable only on the ultra-thin 12” MacBook, and only if nothing else fits. They have no place in Apple’s mainstream or pro computers.

The MacBook Pro must return to scissor keyswitches. If Apple only changes one thing about the next MacBook Pro, it should be this. It’s far more important than anything else on this list.

«

And it’s quite a long list. I really like the butterfly keys when they’re covered in fabric, on the iPad Pro keyboard – it’s one of the nicest keyboards I’ve ever used: pretty quiet, lovely feel.

But on a MacBook pro, they’re really noisy, as in spouse-pointed-remark noisy, and that is never good.
link to this extract


Unfriendly skies • American Prospect

David Dayen on how deregulating airlines in the US after 1978 (they used to be guaranteed 12% profit on a flight that was 55% full) has had unintended consequences, for flyers and airlines:

»

After deregulation, the system of delivering air travel also changed, from nonstop point-to-point service to a hub-and-spoke setup, with more connections from airports dominated by a single carrier. “It’s an efficient way to market their product because it allowed a larger array of destinations,” said Dempsey. “But it’s an inefficient way to provide the product.” Centralizing activity in hubs maximized pricing power and added airport congestion. The environment suffered from extra takeoffs and landings and out-of-the-way detours to hub cities. Startup airlines gradually found open slots at hub airports hard to come by. Even the hub cities did not benefit greatly from becoming hubs; passengers just changed planes at the airport rather than experiencing the city.

As the old CAB guarantee of a national network ended, airlines dropped unprofitable routes and smaller cities became virtually frozen out of air service. A hundred cities fell off the commercial aviation map in just the first two years of deregulation. By the 1980s, the only way to fly into state capitals like Dover, Delaware, or Salem, Oregon, was by private plane. Inaccessibility made these outposts less attractive to business, with jarring effects to local economies.

Before long, the burst of competition led to a washout. Just in the 1980s, 200 airlines went bankrupt, including majors like Eastern and Braniff. Competition turned destructive, as price wars quickly crippled businesses with large fixed costs like airplanes. CAB had denied additional city routes; critics liked to bring up the horror story of Continental waiting eight years to get approval to fly from Denver to San Diego. But CAB based its determinations on customer demand. Without bureaucrats holding the reins, competitors rushed into unprofitable routes and imploded…

…Today we’re down to three legacy carriers: United, American, and Delta. Southwest maintains its reputation as a “low-cost” disruptor but has begun to control certain airports as well. “When they dominate, they don’t leave money on the table either,” says economics professor John Kwoka. Four out of every five passengers in America flies with one of these four companies. And in 93 of the top 100 airports, either one or two airlines control a majority of all seats.

«

This is before we get to the effects on airline staff, repair crews, and pensions. Guess how that went.
link to this extract


Errata, corrigenda and ai no corrida: none notified

Start Up: Uber in hot water, sugar’s secret studies, net neutrality considered, vanishing bikers and more


Make you think of a song? Now read about its genesis. Photo by jnthorp on Flickr.

A selection of 9 links for you. To American readers: Happy Antacid day! I’m @charlesarthur on Twitter. Observations and links welcome.

Uber breach and response draw global government scrutiny • WSJ

Stu Woo:

»

Government officials world-wide said they would look at Uber Technologies Inc.’s handling of a major data breach last year.

Uber said Tuesday that it paid hackers $100,000 in an effort to conceal a data breach that affected 57 million accounts. In addition to the names, emails and phone numbers of riders, about 600,000 U.S. drivers’ license numbers were accessed, Uber said.

A Federal Trade Commission spokesman said the agency is “closely evaluating the serious issues raised,” while Sen. Richard Blumenthal (D., Conn) said on Twitter that the Senate Commerce Committee should hold a hearing to “demand Uber explain their outrageous breach—and inexplicable delay in informing its consumers and drivers.”

San Francisco-based Uber said it would notify owners of the affected accounts in coming days. It fired its chief security officer and a deputy for their role in the breach and covering it up, and Chief Executive Dara Khosrowshahi apologized.

At least three European government agencies are looking into Uber’s handling of the breach, and the New York State Attorney General’s office has opened an investigation.

«

So screwed. But just as with privacy infringements by big companies, the convenience of just ordering a cheap taxi means people will overlook it.
link to this extract


Further thoughts on why the end of [US] net neutrality will be fine • Marginal REVOLUTION

Tyler Cowen:

»

In the current debate, there is a common presumption that paying for slots hurts “the little guy.” During the payola debates for radio, it turned out that payola favored the independent labels over the majors; see my book In Praise of Commercial Culture. It doesn’t have to work out that way, but refusing to price scarce resources often helps the big established players, who can invest $$ to get what they want through bigger brand names or other means. Note:

»

Pai says that one of the major mistakes of Net Neutrality is its pre-emptive nature. Rather than allowing different practices to develop and then having regulators intervene when problems or harms to customer arise, Net Neutrality is prescriptive and thus likely to serve the interests of existing companies in maintaining a status quo that’s good for them.

«

Furthermore, are there external benefits from small web upstarts? Or are the external benefits from the big superstar internet companies? If you are a Progressive who loves stable jobs and decent wages, you might think the more significant externalities are from the superstar companies. Yet when it comes to net neutrality, all of a sudden the smaller companies are glorified and we need an ecosystem to foster them. Overall, I don’t trust the regulators to make these decisions well, so I would rather take my chances with the market, even with some monopoly power at the cable end.

As Megan McArdle points out, over the last ten years consumers have opted overwhelmingly for the non-neutral private garden of Facebook. That’s the real “threat” to net neutrality. Personally, both as internet writer and user, I much preferred the older, semi-open, more neutral architecture of RSS and related systems. The masses have spoken, however, and quite decisively in favor of less open systems and apps.

«

Cowen’s argument seems hopeful more than pragmatic. It’s the small companies – Google was one once – which change the landscape and unseat monopolies. (Meanwhile, the UK does have net neutrality enshrined in law – EU law.)
link to this extract


FCC ignored your net neutrality comment, unless you made a ‘serious’ legal argument • The Verge

Jacob Kastrenakes:

»

The FCC received a record-breaking 22 million comments chiming in on the net neutrality debate, but from the sound of it, it’s ignoring the vast majority of them. In a call with reporters yesterday discussing its plan to end net neutrality, a senior FCC official said that 7.5 million of those comments were the exact same letter, which was submitted using 45,000 fake email addresses.

But even ignoring the potential spam, the commission said it didn’t really care about the public’s opinion on net neutrality unless it was phrased in unique legal terms. The vast majority of the 22 million comments were form letters, the official said, and unless those letters introduced new facts into the record or made serious legal arguments, they didn’t have much bearing on the decision. The commission didn’t care about comments that were only stating opinion.

The FCC has been clear all year that it’s focused on “quality” over “quantity” when it comes to comments on net neutrality. In fairness to the commission, this isn’t an open vote. It’s a deliberative process that weighs a lot of different factors to create policy that balances the interests of many stakeholders. But it still feels brazen hearing the commission staff repeatedly discount Americans’ preference for consumer protections, simply because they aren’t phrased in legal terms.

«

I think I’m with the FCC, at least in terms of weighing up the submissions. What’s the use of counting a ton of spam saying “YAY NET NEUTRALITY”? And equally, lots of people saying “I don’t like it” isn’t much use. It’s a legal argument, so you need legal arguments.

That said, the competitive failure of internet provision in the US (due, as Benedict Evans points out, to failing to unbundle the local loop) means that things are likely to get worse before they get better – if that happens at all. The number of ways in which the US has skewed uncompetitive markets – health provision, mobile service, internet service, banks – is remarkable for a place built on capitalism.
link to this extract


Sugar industry long downplayed potential harms • The New York Times

Anahad O’Connor:

»

The sugar industry funded animal research in the 1960s that looked into the effects of sugar consumption on cardiovascular health — and then buried the data when it suggested that sugar could be harmful, according to newly released historical documents.

The internal industry documents were uncovered by researchers at the University of California, San Francisco, and described in a new report in the journal PLOS Biology on Tuesday. The report’s authors say it builds on evidence that the sugar industry has long tried to mislead the public and protect its economic interests by suppressing worrisome research, a tactic used by the tobacco industry.

The documents show that in 1968 a trade group called the Sugar Research Foundation, known today as the Sugar Association, funded a research project on animals to shed light on the connection between sugar and heart health. But when the research pointed to a mechanism by which sugar might promote not only heart disease but also bladder cancer, the industry group ended the study and never published the results.

The sugar industry has long insisted that sugar has no unique role in promoting obesity, diabetes or heart disease, though numerous studies by independent researchers have concluded otherwise.

«

I wonder if in 30 years’ time we’ll look at sugar added to food in the way that we look at tobacco smoking now.
link to this extract


Founder of Chinese bike sharing firm Bluegogo fled, millions of user deposits at risk • China Money Network

Nina Xiang:

»

A year after its foundation and having raised RMB400m (US$58m) in venture funding at a RMB1bn (US$140m) valuation, Chinese bike sharing start-up Bluegogo has collapsed, with its founder nowhere to be found and perhaps up to RMB1bn worth of user deposits unaccounted for.

After months of reports that the Beijing-based start-up was having liquidity problems and unable to repay user deposits, new pictures and reports surfaced today showing an empty Bluegogo office and personal accounts of overdue payment to vendors. Bluegogo’s founder Li Gang has reportedly been in a unspecified foreign country for “some time”, according to local media reports.

The episode highlights the risks of investing in Chinese start-ups, as well as the massive social impact of a deposit-taking “sharing economy” business. Bluegogo claims to have 20 million cumulative users. If only 10 million users paid a RMB99 deposit, it would mean the company has collected around RMB990m in deposits.

«

He missed a trick not doing it with an ICO. That way people might have thought it was OK.
link to this extract


No end in sight to the Brexit madness • The New Yorker

John Cassidy, getting non-British readers up to speed:

»

May and Hammond are still trying to pursue a so-called soft Brexit, which would preserve as much market access as possible. But, at every turn, they and their allies are being undermined and vilified by the Little Englanders and the conservative Fleet Street newspapers. Last week, the Daily Telegraph published photographs on its front page of fifteen Conservative M.P.s who have had the temerity to suggest that the parliament should have the right to sign off on the final Brexit deal. The paper labelled them “The Brexit mutineers.” Some of these M.P.s subsequently received threats.

“How can this be happening in a country known for its pragmatism?” the Oxford economist Simon Wren-Lewis asked in a blog post. How indeed? With opinion polls suggesting that most Britons, if given a chance, would now vote to remain in the E.U., a second referendum seems like a good idea. But the opposition Labour Party, for reasons of its own, has already committed to accepting the first Brexit vote. About the only people calling for a do-over are the Liberal Democrats, who have just twelve seats in the Commons, and a few figures who are even less popular, such as Tony Blair and Lloyd Blankfein, the chief executive of Goldman.

«

link to this extract


‘The Lion Sleeps Tonight’ genealogy: what you don’t know • Rolling Stone

Rian Malan:

»

Navajo Indians sing it at powwows. Japanese teenagers know it as ライオンは寝ている. The French have a version sung in Congolese. Phish perform it live. It has been recorded by artists as diverse as R.E.M. and Glen Campbell, Brian Eno and Chet Atkins, the Nylons and Muzak schlockmeister Bert Kaempfert. The New Zealand army band turned it into a march. England’s 1986 World Cup soccer squad turned it into a joke. Hollywood put it in Ace Ventura: Pet Detective. It has logged nearly three decades of continuous radio airplay in the U.S. alone. It is the most famous melody ever to emerge from Africa, a tune that has penetrated so deep into the human consciousness over so many generations that one can truly say, here is a song the whole world knows.

Its epic transcultural saga is also, in a way, the story of popular music, which limped pale-skinned and anemic into the twentieth century but danced out the other side vastly invigorated by transfusions of ragtime and rap, jazz, blues and soul, all of whose bloodlines run back to Africa via slave ships and plantations and ghettos. It was in the nature of this transaction that black men gave more than they got and often ended up with nothing. This one’s for Solomon Linda, then, a Zulu who wrote a melody that earned untold millions for white men but died so poor that his widow couldn’t afford a stone for his grave. Let’s take it from the top, as they say in the trade.

«

This article is 17 years old. Who cares – it’s a great story. Your long read for today.
link to this extract


Is Mic’s pivot to video spinning out of control? • Splinter News 

David Uberti:

»

Mic.com’s traffic slipped further in September, to just 4.6 million unique visitors, according to comScore, down from a peak of more than 21 million in December 2015. The more specific traffic targets instituted in response to the recent dip seemed to contradict management’s defiant stance: They reached as high as a few million visitors per month for the largest of Mic’s nine topically themed verticals, staffers said. After the October editorial meeting, it also remained unclear whether such “goals” were in fact quotas that would be used on employees’ performance reviews. Lauerman could not be reached this week. A Mic spokesperson declined to comment.

“It was stressed that this was not a panic move,” one current staffer told Splinter. “So why would you issue these insane traffic goals and make the newsroom feel the pressure?”

Such tension was perhaps inevitable after the social justice-oriented news outlet unveiled its new plan in August, becoming the latest publisher to pursue video as means for survival. Interviews with eight current and former staffers, all of whom spoke on the condition of anonymity for fear of professional repercussions, suggest the newsroom was ill-prepared to execute the proverbial pivot. The shift in direction has been slowed by steady staff turnover—including on the video team—and confusion among rank-and-file employees as seen in the October editorial meeting.

As another staffer summed it up bluntly to Splinter last week: “I truly don’t know what we are supposed to be doing.”

«

Giving journalists crazy pageview targets is a guarantee that quality will collapse; big stories that make your reputation don’t come from hurrying. (Well, they can, but in a bad way.)
link to this extract


Facebook still lets landlords discriminate by race and disability in apartment ads • Gizmodo

Matt Novak:

»

ProPublica purchased a number of different housing ads last week, but asked that they be unavailable to certain segments of the population. Ads that would exclude Jews, black people, and Americans originally from Argentina were reportedly all approved within minutes. Facebook’s targeting also allows advertisers to exclude other groups, such as people interested in wheelchair access and parents with high school-aged kids. These ads were approved quickly thanks to Facebook’s algorithmic approval process.

According to ProPublica, just one type of ad took longer than mere minutes for approval and that was a test ad excluding people who were interested in Islam. That ad was ultimately approved in just 22 minutes.

Obviously, all of these ads are in direct violation of US Fair Housing laws. But Facebook appears to have done nothing to ensure that it’s in compliance, despite swearing that it would set up safeguards. ProPublica asked Facebook about the ads and the company blamed it on a “technical failure,” rather than a systematic and inexcusable disinterest in adhering to US law.

«

OK, and now wait for Facebook’s response. What do you think it will be?

»

“This was a failure in our enforcement and we’re disappointed that we fell short of our commitments,” a Facebook spokesperson told Gizmodo. “…The rental housing ads purchased by ProPublica should have but did not trigger the extra review and certifications we put in place due to a technical failure,” the spokesperson said.

«

link to this extract


Errata, corrigenda and ai no corrida: none notified

You can sign up to receive each day’s Start Up post by email, starting next Monday. You’ll need to click a confirmation link, so no spam.

Start Up: Facebook’s Russian pointers, bitcoin’s electric ranking, stop Excel!, a new iPhone SE?, and more


LED streetlights might not be reducing light output after all. Photo by meltedplastic on Flickr.

A selection of 11 links for you. Suntory time. I’m @charlesarthur on Twitter. Observations and links welcome.

Facebook to show users which Russian propaganda they followed • Bloomberg

Sarah Frier:

»

Facebook Inc. will show people which Russian propaganda pages or accounts they’ve followed and liked on the social network, responding to a request from Congress to address manipulation and meddling during the 2016 presidential election.

The tool will appear by the end of the year in Facebook’s online support center, the company said in a blog post Wednesday. It will answer the user question, “How can I see if I’ve liked or followed a Facebook page or Instagram account created by the Internet Research Agency?” That’s the Russian firm that created thousands of incendiary posts from fake accounts posing as U.S. citizens. People will see a list of the accounts they followed, if any, from January 2015 through August 2017.

It’s Facebook’s most direct effort to explain to users how they may have been affected by the IRA’s postings, which reached an estimated 150 million people and stirred up controversy over gun rights, immigration, race relations and religion in the U.S., sometimes prompting real-world protests on both sides of a debate. 

«

I bet this won’t make the slightest bit of difference to those who’ve been persuaded by said propaganda.
link to this extract


The switch to outdoor LED lighting has completely backfired • Gizmodo

George Dvorsky:

»

Using satellite-based sensors, an international team of scientists sought to understand if our planet’s surface is getting brighter or darker at night, and to determine if LEDs are saving energy at the global scale. With the introduction of solid-state lighting—such as LEDs, OLEDs, and PLEDs—it was thought (and hoped) that the transition to it from conventional lighting—like electrical filaments, gas, and plasma—would result in big energy savings. According to the latest research, however, the use of LEDs has resulted in a “rebound” effect whereby many jurisdictions have opted to use even more light owing to the associated energy savings.

Indeed, as the new results show, the amount of outdoor lighting around the world has increased during the past several years. “As a result, the world has experienced widespread ‘loss of the night,’ with half of Europe and a quarter of North America experiencing substantially modified light-dark cycles,” write the researchers in the new study, which was published today in Scientific Advances.

«

Well huh.
link to this extract


Bitcoin mining now consuming more electricity than 159 countries including Ireland and most countries in Africa • Powercompare

»

Bitcoin’s ongoing meteoric price rise has received the bulk of recent press attention with a lot of discussion around whether or not it’s a bubble waiting to burst.

However, most the coverage has missed out one of the more interesting and unintended consequences of this price increase. That is the surge in global electricity consumption used to “mine” more Bitcoins.

According to Digiconomist’s Bitcoin Energy Consumption Index, as of Monday November 20th, 2017 Bitcoin’s current estimated annual electricity consumption stands at 29.05TWh.

That’s the equivalent of 0.13% of total global electricity consumption. While that may not sound like a lot, it means Bitcoin mining is now using more electricity than 159 individual countries (as you can see from the map above). More than Ireland or Nigeria.

«

link to this extract


Apple research paper details LiDAR-based 3D object recognition for autonomous vehicle navigation • Apple Insider

Mikey Campbell on the article published by Apple researchers on ArXiv:

»

LiDAR point clouds, generated by emitting laser pulses and logging the time it takes for the light to return after bouncing off a solid surface, are sparse and have highly variable point density, thus causing a host of problems.

Current state-of-the-art techniques designed to manage data interpretation involve manually creating feature representations for said point clouds. Some methods project point clouds into a bird’s eye perspective view, while others transform the data into 3D voxel grids and encode each voxel with certain features. Manually crafting feature representations introduce an “information bottleneck” that restricts such systems from efficiently leveraging 3D shape information, according to Apple.

Instead, Zhou and Tuzel propose the implementation of a trainable deep architecture for point cloud based 3D detection. The framework, called VoxelNet, uses voxel feature encoding (VFE) layers to learn complex features for characterizing 3D shapes. In particular, the technique breaks down the point cloud into 3D voxels, encodes the voxels via stacked VFE layers and renders a volumetric representation.

In tests, Apple’s methodology showed promise, outperforming current LiDAR based detection algorithms and image-based approaches “by a large margin.” This is according to evaluations run through the KITTI 3D object detection benchmark, which Apple used to assess its process. VoxelNet was trained to detect three basic objects — car, pedestrian and cyclist — in a variety of tests.

«

Publishing this seems more like a statement of intent than anything: pointing out that it could do this if it wanted.
link to this extract


iPhone SE 2 again rumoured to launch in first half of 2018 • Mac Rumors

»

Joe Rossignol: The rumored release date window lines up with an earlier report from Focus Taiwan claiming a new iPhone SE will ship in the first quarter of 2018, which encompasses January through March of next year.

Apple introduced the current iPhone SE at a media event on March 21, 2016, and the device launched later that month. Given the rumored launch dates, the iPhone SE 2 could certainly be unveiled in March too.

Indian website Tekz24 previously reported that the next-generation iPhone SE will be powered by Apple’s A10 Fusion chip, with 2GB of RAM, 32GB and 128GB storage capacities, a 12-megapixel rear camera, a five-megapixel front camera, and a slightly larger 1,700 mAh battery.

Tekz24 isn’t a website we’re familiar with, and it doesn’t have an established track record of reporting on Apple rumors, so don’t place too much faith in those tech specs until if and when they are confirmed by other sources.

«

Makes sense. The SE has a solid demand, even if it isn’t large; nothing really needs to be done to update it except change the internals.
link to this extract


Stop using Excel, finance chiefs tell staffs • WSJ

Tatyana Shumsky:

»

Finance chiefs say the ubiquitous spreadsheet software that revolutionized accounting in the 1980s hasn’t kept up with the demands of contemporary corporate finance units. Errors can bloom because data in Excel is separated from other systems and isn’t automatically updated.

Older versions of Excel don’t allow multiple users to work together in one document, hampering collaboration. There is also a limit to how much data can be pulled into a single document, which can slow down analysis.

“Excel just wasn’t designed to do some of the heavy lifting that companies need to do in finance,” said Paul Hammerman, a business applications analyst at Forrester Research Inc.

Instead, companies are turning to new, cloud-based technologies from Anaplan Inc., Workiva Inc., Adaptive Insights and their competitors.

The newer software connects with existing accounting and enterprise resource management systems, including those made by Oracle Corp. or SAP SE . This lets accountants aggregate, analyze and report data on one unified platform, often without additional training.

Adobe switched to Anaplan early last year and many of the tasks previously performed in spreadsheets are now done in the system, maintaining “one source of truth,” Mr. Garrett said.

Reports, including about head count, are compiled faster, he said.

«

If this really happens at any scale, it will be a serious problem for Microsoft. Next, people might wonder whether they need all those formatting options in Word.
link to this extract


HDR mindshare: As awareness grows, so does confusion • FierceCable

Kendra Chamberlain:

»

“This is really the first major year of promotional activities for HDR,” said David Mercer, VP and principal analyst at Strategy Analytics.

Mercer estimates HDR-capable sets are available in nearly 5% of North American homes this year. “It’s very early days, in terms of adoption of TVs that can actually show HDR,” Mercer said. “We’re still very much at the beginning of the adoption curve.”

And despite its industry support—which is markedly more widespread than 4K—there are still plenty of obstacles to overcome before we see ecosystem-wide support and deployments for HDR.

As consumer awareness of HDR grows, so too does the complexity of offerings. From marketing messaging around HDR used by TV makers, to the growing pool of proprietary end-to-end solutions offered by vendors, to the at times confusing certification taxonomy, consumer confusion abounds.

“There are more pieces to the value chain puzzle for consumers to have to figure out,” said Paul Gagnon, director of TV sets research at IHS Markit’s technology, media and telecom division. “If you have an HDR television, and HDR source device, like a Blu-ray player or the new Apple TV 4K, and you have HDR content from Netflix or Blu-ray—well that doesn’t necessarily mean that you still get HDR.”

«

I wonder if I can even see the difference.
link to this extract


Twitter, it’s time to end your anything-goes paradise • The New York Times

Farhad Manjoo:

»

As I’ve argued before, Twitter has become the small bowel of the American news landscape — the place where the narratives you see on prime-time cable are first digested and readied for wider consumption. It’s no accident that it is President Trump’s social network of choice. And it’s also no accident that foreign powers are attracted to Twitter. According to its recent congressional testimony, Twitter was a primary target of Russian trolls who sought to influence last year’s presidential election; collectively, trolls created millions of election-related tweets, according to the company, some of which were widely cited across the media.

It is precisely because of Twitter’s wider social importance that even nonusers should demand fixes to how it works. Besides the propaganda problem, at the moment — as Jack Dorsey, Twitter’s co-founder and chief executive, recently acknowledged — Twitter is a hostile place for women, minorities and many others, who are routinely barraged by threats and hate speech.

Twitter now concedes that its system for mitigating some of these problems, the verification badge, has been badly mismanaged. The blue check system started out as a simple way to verify a person’s identity — a kind of trademark for ensuring that a tweet from an account with the name Donald J. Trump had come from the real Donald J. Trump.

But Twitter’s system for giving out the checks was never very transparent or logical.

«

“The small bowel of the internet”. There’s a way to think of it.
link to this extract


Apple acquired augmented reality headset startup Vrvana for $30M • TechCrunch

Lucas Matney:

»

As Apple reportedly ramps up work to ship an augmented reality headset in 2020, it has acquired a startup from Montreal, Canada that could help it get there. TechCrunch has learned that Apple has acquired Vrvana, maker of the Totem headset — which had rave reviews but never shipped. The deal was for around $30 million, two sources tell TechCrunch.

We contacted Apple, and the company declined to comment, but also did not deny the story. Vrvana did not reply to our request for comment. Sources close to the deal have confirmed the acquisition to us.

The deal is significant because while we have seen reports and rumors about Apple’s interest in AR hardware, the company has been very tight-lipped and generally is very secretive about completely new, future products. This acquisition is perhaps the clearest indicator yet of what the company is hoping to develop.

A number of the startup’s employees have joined Apple in California. The Vrvana site is currently still up, but it stopped updating social accounts and news in August of this year.

It’s not clear what of Vrvana’s existing products, product roadmap or current business — it worked with Valve, Tesla, Audi and others under NDA — will be making its way to Apple.

«

Give it a few years.
link to this extract


Star Wars Battlefront 2 loot boxes investigated by Belgian Gaming Commission • Eurogamer.net

Vic Hood:

»

ORIGINAL STORY 3:00PM: The Belgian Gaming Commission is investigating whether loot box systems used in Star Wars Battlefront 2 and Overwatch qualify as gambling.

Originally reported by VTM (via Gamasutra), the general director of the the Belgian Gaming Commission, Peter Naessens, told the local news outlet the commission is investigating whether the loot box mechanisms used in Battlefront 2 and Overwatch should be branded as gambling.

The debate over loot boxes, and whether they should be considered gambling, feels like it has reached breaking point. Star Wars Battlefront 2 has been at the forefront of the controversial topic in recent weeks with EA receiving a huge amount of backlash over its use of loot crates in Battlefront 2.

UPDATE 4:15PM: According to Dutch news outlet NU.nl, the Dutch Gambling Authority has now launched an investigation into whether games with loot boxes are games of chance.

In the Netherlands, games of chance are subject to licencing laws – however there is currently no licencing system for online games. The investigation is still in the research phase however could result in games containing gambling to be banned from sale until new laws are brought in.

UPDATE 4:45PM: In response to Eurogamer’s request for comment, EA has issued the following statement: “Creating a fair and fun game experience is of critical importance to EA. The crate mechanics of Star Wars Battlefront 2 are not gambling. A player’s ability to succeed in the game is not dependent on purchasing crates. Players can also earn crates through playing the game and not spending any money at all. Once obtained, players are always guaranteed to receive content that can be used in game.”

«

Seems simple enough to me: if you’re paying money for something where the reward is governed by chance, that’s gambling.

link to this extract


Apple and Samsung dominate UK smartphone market in 3Q17 • Counterpoint Research

»

Research director Peter Richardson added, “The Apple iPhone 7 was the bestselling smartphone and contributed to 15% of the total smartphones sold in Q3 2017. Samsung’s Galaxy S8 and S8 Plus were second and third. Samsung also has a strong range across all price bands and it, together with Huawei, provided a strong volume platform that was resilient to attack from most other brands.”

Speaking about UK distribution channels, Peter Richardson said, “The UK operators and retailers have developed one of the best multi-channel distribution systems worldwide; few other countries offer quite the same level of sophistication. However, the limited range of brands offered in volume by the main operators means that market share is concentrated among just a few players. We don’t see this changing any time soon as distribution power is, if anything, being increasingly focused among the main operators.”

UK Bestselling Smartphone Rankings – Q3 2017 UK Smartphone Sales Ranking and Market Share – Q3 2017

Market Summary
• UK handset market declined 8% YOY in Q3 2017.
• Smartphone penetration reached 93% of all the mobile phones sold in the quarter.
• Top 5 brands account for almost 90% of the smartphone sales in Q3 2017.
• Apple continues to be the bestselling brand followed by Samsung. Chinese vendors Huawei, Alcatel and Motorola capture the next position in the UK smartphone market.
• In the premium segment Apple led the smartphone market followed by Samsung.

«

That’s some concentration. Five brands doing 90% of business. Apple and Samsung capturing more than 80% of the value.
link to this extract


Errata, corrigenda and ai no corrida: none notified

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

Start Up: Uber covered up hack, HomePod’s slow lane, Google’s location tracking, the new AI jobs, and more


Don’t say you eat Sweetgreens salad if you work for HQ! Photo by monicamüller on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 13 links for you. Yes, two Bloomberg links at the top, it’s how it goes. I’m @charlesarthur on Twitter. Observations and links welcome.

Uber paid hackers to delete stolen data on 57 million people • Bloomberg

Eric Newcomer:

»

Hackers stole the personal data of 57 million customers and drivers from Uber Technologies Inc., a massive breach that the company concealed for more than a year. This week, the ride-hailing company ousted Joe Sullivan, chief security officer, and one of his deputies for their roles in keeping the hack under wraps.

Compromised data from the October 2016 attack included names, email addresses and phone numbers of 50 million Uber riders around the world, the company told Bloomberg on Tuesday. The personal information of about 7 million drivers were accessed as well, including some 600,000 U.S. driver’s license numbers. No Social Security numbers, credit card details, trip location info or other data were taken, Uber said.

At the time of the incident, Uber was negotiating with U.S. regulators investigating separate claims of privacy violations. Uber now says it had a legal obligation to report the hack to regulators and to drivers whose license numbers were taken. Instead, the company paid hackers $100,000 to delete the data and keep the breach quiet. Uber said it believes the information was never used but declined to disclose the identities of the attackers.

«

Github to AWS processing of rider data. Uber broke all sorts of rules in keeping this quiet.

»

In January 2016, the New York attorney general fined Uber $20,000 for failing to promptly disclose an earlier data breach in 2014. After last year’s cyberattack, the company was negotiating with the FTC on a privacy settlement even as it haggled with the hackers on containing the breach, Uber said. The company finally agreed to the FTC settlement three months ago, without admitting wrongdoing and before telling the agency about last year’s attack.

«

And how do you really know that the hackers haven’t just kept a copy?
link to this extract


Why Apple’s HomePod is three years behind Amazon’s Echo • Bloomberg

Mark Gurman and Alex Webb:

»

Apple audio engineers had been working on an early version of the HomePod speaker for about two years in 2014 when they were blindsided by the Echo, a smart speaker from Amazon.com Inc. with a voice-activated assistant named Alexa. The Apple engineers jokingly accused one another of leaking details of their project to Amazon, then bought Echos so they could take them apart and see how they were put together. They quickly deemed the Echo’s sound quality inferior and got back to work building a better speaker.

More than two years passed. In that time Amazon’s Echo became a hit with consumers impressed by Alexa’s ability to answer questions, order pizzas and turn lights on and off. Meanwhile, Apple dithered over its own speaker, according to people familiar with the situation. The project was cancelled and revived several times, they said, and the device went through multiple permutations (at one point it stood 3 feet tall) as executives struggled to figure out how it would fit into the home and Apple’s ecosystem of products and services.

In the end, the company plowed ahead, figuring that creating a speaker would give customers another reason to stay loyal.

«

This is pretty much all the original (or useful) reporting in the piece. There’s a lot of filler.
link to this extract


Apple’s iPhone X assembled by illegal student labour • FT

Yuan Yang:

»

Apple’s main supplier in Asia has been employing students illegally working overtime to assemble the iPhone X, as it struggles to catch up with demand after production delays. 

Six high school students told the Financial Times they routinely work 11-hour days assembling the iPhone X at a factory in Zhengzhou, China, which constitutes illegal overtime for student interns under Chinese law.

The six said they were among a group of 3,000 students from Zhengzhou Urban Rail Transit School sent in September to work at the local facility run by Taiwan-based Apple supplier Hon Hai Precision Industry, better known as Foxconn.

The students, aged 17 to 19, said they were told that a three-month stint at the factory was required “work experience” that they had to complete in order to graduate…

…“We are being forced by our school to work here,” said Ms Yang, an 18-year-old student training to be a train attendant who declined to use her first name for fear of punishment. “The work has nothing to do with our studies.” She said she assembled up to 1,200 iPhone X cameras a day.

The school declined to comment.

When contacted about the students’ complaints, Apple and Foxconn acknowledged they had discovered cases of student interns working overtime and said they were taking remedial action. But both companies said the students were working voluntarily.

«

link to this extract


Google collects Android users’ locations even when location services are disabled • Quartz

Keith Collins:

»

Since the beginning of 2017, Android phones have been collecting the addresses of nearby cellular towers—even when location services are disabled—and sending that data back to Google. The result is that Google, the unit of Alphabet behind Android, has access to data about individuals’ locations and their movements that go far beyond a reasonable consumer expectation of privacy.

Quartz observed the data collection occur and contacted Google, which confirmed the practice.
The cell tower addresses have been included in information sent to the system Google uses to manage push notifications and messages on Android phones for the past 11 months, according to a Google spokesperson. They were never used or stored, the spokesperson said, and the company is now taking steps to end the practice after being contacted by Quartz. By the end of November, the company said, Android phones will no longer send cell-tower location data to Google, at least as part of this particular service, which consumers cannot disable.

“In January of this year, we began looking into using Cell ID codes as an additional signal to further improve the speed and performance of message delivery,” the Google spokesperson said in an email. “However, we never incorporated Cell ID into our network sync system, so that data was immediately discarded, and we updated it to no longer request Cell ID.”

It is not clear how cell-tower addresses, transmitted as a data string that identifies a specific cell tower, could have been used to improve message delivery. But the privacy implications of the covert location-sharing practice are plain.

«

Happens even if you use an Android device without a SIM card. Very reminiscent of the collection of Wi-Fi network data by Google Street View in 2010. That was blamed on a rogue engineer, even though the system had to be approved by a manager.
link to this extract


Intel Management Engine flaws leave millions of PCs exposed • WIRED

Lily Hay Newman:

»

Security researchers have raised the alarm for years about the Intel remote administration feature known as the Management Engine. The platform has a lot of useful features for IT managers, but it requires deep system access that offers a tempting target for attackers; compromising the Management Engine could lead to full control of a given computer. Now, after several research groups have uncovered ME bugs, Intel has confirmed that those worst-case fears may be possible.

On Monday, the chipmaker released a security advisory that lists new vulnerabilities in ME, as well as bugs in the remote server management tool Server Platform Services, and Intel’s hardware authentication tool Trusted Execution Engine. Intel found the vulnerabilities after conducting a security audit spurred by recent research. It has also published a Detection Tool so Windows and Linux administrators can check their systems to see if they’re exposed.

«

Don’t worry, it’s only PCs, servers, and IoT devices. Demonstrated by researchers who found it can “run unsigned, unverified code”.
link to this extract


CEO of HQ, the hottest app going: if you run this profile, we’ll fire our host • Daily Beast

Taylor Lorenz:

»

Because of his status as a rising celeb, The Daily Beast reached out to [Scott] Rogowsky on Monday to write a lighthearted profile on his career and how his life has changed post-HQ fame.

Scott agreed to the interview and chatted with The Daily Beast on Monday afternoon. The Daily Beast simultaneously reached out to the HQ public relations email account and Yusupov, one of HQ’s founders, letting him know of our plans to write a story about the show’s host.

Several hours later, we received an email from Yusupov stating that HQ was “not making Scott available to discuss his involvement with HQ with the media/press.” The reporter informed Yusupov that we had already interviewed Scott and that the story was nearing publication, but encouraged him to call us with any concerns.

That’s when things went off the rails.

Yusupov, the CEO of HQ, called the reporter’s cell phone and immediately raised his voice. He said that we were “completely unauthorized” to write about Scott or HQ without his approval and that if we wrote any type of piece about Scott, he would lose his job.

Yusupov continued to threaten Scott’s job, even after The Daily Beast explained that the story was framed around Scott’s daily life and that he revealed no corporate information.

“You’re putting Scott’s job in jeopardy. Is that what you want?” Yusupov said. “Scott could lose his job.”

“Please read me your story word for word,” Yusupov said. “Or you can email it to me.” Although The Daily Beast does not typically share the contents of our pieces, the reporter shared quotes from Rogowsky, which were non-confrontational and shared no company secrets.

Yusupov’s objections began with the line, “Scott said that despite the attention, he’s still able to walk down the street and order his favorite salad from Sweetgreen without being accosted.”

“He cannot say that!” Yusupov shouted. “We do not have a brand deal with Sweetgreen! Under no circumstances can he say that.”

When asked to confirm that Rogowsky can’t say he personally enjoys eating at Sweetgreen, Yusupov said “he cannot say that,” inaccurately claiming that Scott had disclosed private company information by revealing his preference for a salad chain.

«

It’s as though he took himself hostage and threatened to shoot.
link to this extract


What I learned visiting my first live eSports tournament • Ars Technica UK

Kyle Orland:

»

At this point, I don’t have much patience for the argument that eSports fans should stop watching other people play video games and just play those games themselves.
For one, it’s an argument that few people make about spectator sports like basketball and football, where the skill difference between a pro and a novice is roughly the same as in eSports. For another, the thrill of watching a competitor at the top of his or her game is entirely distinct (and better in some ways) from competing yourself.

What I’ve never quite understood, though, is the concept of paying money for a ticket to watch a live eSports competition in person.

The appeal of the live experience for most sports is obvious. For all the convenience of a televised game, it can’t compare to the sense of scale and 3D perspective you get actually seeing professional sports in person, watching plays develop and players perform nearly superhuman feats right in front of you.

None of that really applies in eSports, where you’re basically going to a large room to watch a big screen that has the exact same game content you could see at home on Twitch, down to the pixel. Watching the eSports competitors themselves as they sit like statues and become part of the machine during a match hardly seems worth the price of admission, either.

Yet plenty of people pay that admission. The League of Legends World Finals alone filled 80 to 90,000 seats in the Beijing National Stadium this year. What were these people seeing that I wasn’t?

«

link to this extract


Kagan releases third quarter u.s. multichannel subscriber report • PR Newswire

»

Legacy multichannel customer defections accelerated in the quarter ended Sept. 30, 2017, coming in just shy of the 1.2-million mark to bring year-to-date losses to 2.9 million according to data compiled by Kagan, a group within S&P Global Market Intelligence.

The combined cable, Direct Broadcast Satellite (DBS) and telecommunications multichannel subscriptions fell to 94.9 million at the end of the period, including 91.7 million residential customers, for a 74.8% residential multichannel penetration.

«

These are “cable cutters”. It might not sound significant, but the figure is accelerating. Weirdly, people can end up paying more to drop cable because they then sign up for monthly TV packages from related companies.

Even so, there are long-term implications for the US TV industry. What happens if it accelerates to 5m per quarter or more?
link to this extract


Why blocking the AT&T-Time Warner merger might be right • The New York Times

Tim Wu (author of “The Kill Switch”, about the way that companies inevitably want to monopolise spaces, and that competition prevents that):

»

Time Warner, meanwhile, is threatened by the past decade’s shake-up of the TV and film industries, when new competitors, especially independent programmers like Netflix, Amazon and YouTube, leapt into the market. Facebook may soon join the field. Mergers that marry companies that produce content with those that distribute it create new ways to keep newcomers at bay. AT&T’s use of Time Warner content to defeat wireless competitors could force companies like Verizon to acquire their own content empires. The result might be a media industry like the film studios of the 1950s, which were vertically integrated and jointly resisted competition. (The studios were broken up by the Justice Department.)

There are numerous political and free speech concerns that come when those who control “the pipes” that distribute content also control the programming and news operations. Companies that controlled both the distribution and production of news programs could have enough power to influence elections. In theory, the F.C.C. should intervene to prevent such abuses, but the current commission has shown zero interest in what was once called “the public interest.”

In short, there are good reasons for the Justice Department to be concerned about this merger. Yes, the department over the past two decades has allowed many mega-mergers or taken tepid steps to restrict them through consent decrees. But the department is capable of learning from its mistakes, and the consensus now is that consent decrees don’t work.

«

You can read the DOJ complaint on its site.
link to this extract


Who’s hiring AI talent in America? • Glassdoor Economic Research

Andrew Chamberlain:

»

Aside from the top 15 most common open AI jobs [listed earlier in the post], we also found many surprising, albeit less common, AI roles that highlight the diversity of jobs being created by today’s booming AI industry. Here are few examples:

• AI copywriters, who are writing the copy used by AI customer service chatbots;
• Attorneys for AI groups, who are managing valuable AI intellectual property and legal issues;
• Technical sales directors; who are carrying AI innovations out into the field to connect these services with potential customers;
• AI analysts and strategy consultants, who are providing consulting and strategic advice for employers using and building AI technology;
• Marketing managers for AI groups, who are building awareness and a top-of-funnel customer base for companies offering AI technology as a product or service;
• User experience or “UX” designers for AI, who are creative talent tasked with building elegant and easy-to-use AI interfaces for customers; and
• AI journalists, covering news in the fast-moving deep learning and AI industry.

What this diverse set of jobs illustrates is that even today, growing AI is giving rise to unexpected new roles in non-tech sectors. These are jobs that would not likely have existed without the recent growth of AI. Just as AI is making some older jobs obsolete by automating things previously done by a person, AI is also opening up new business channels and creating new jobs along the way.

«

link to this extract


F.C.C. announces plan to repeal net neutrality • The New York Times

Cecilia Kang:

»

The Federal Communications Commission announced on Tuesday that it planned to dismantle landmark regulations that ensure equal access to the internet, clearing the way for companies to charge more and block access to some websites.

The proposal, put forward by the F.C.C. chairman, Ajit Pai, is a sweeping repeal of rules put in place by the Obama administration. The rules prohibited high-speed internet service providers from blocking or slowing down the delivery of websites, or charging extra fees for the best quality of streaming and other internet services for their subscribers. Those limits are central to the concept called net neutrality.

The action immediately reignited a loud and furious fight over free speech and the control of the internet, pitting telecom giants like AT&T against internet giants like Google and Amazon, who warn against powerful telecom gatekeepers. Both sides are expected to lobby hard in Washington to push their agendas, as they did when the existing rules were adopted.

“Under my proposal, the federal government will stop micromanaging the internet,” Mr. Pai said in a statement. “Instead, the F.C.C. would simply require internet service providers to be transparent about their practices so that consumers can buy the service plan that’s best for them and entrepreneurs and other small businesses can have the technical information they need to innovate.”

«

Just when you think they can’t do something more stupid than the last thing they did, they find a new layer in the barrel. However, there are already suggestions such a move would be challenged in the courts, and thus blocked for ages, because “conditions have not changed sufficiently” since the last rules were made.
link to this extract


US prosecutors charge Iranian in ‘Game of Thrones’ hack • Reuters

Jim Finkle:

»

US prosecutors have charged an Iranian national with hacking into cable TV network HBO and stealing episodes and plot summaries for unaired programs including “Game of Thrones,” then threatening to release the data unless he was paid $6m (£4.53m).

Behzad Mesri, also known as “Skote Vahshat,” was charged with the hack in a sealed indictment that was released on Tuesday by the U.S. Attorney’s office in Manhattan.

Acting US Attorney Joon Kim said at a news conference that Mesri was in Iran. He said Mesri would face consequences even though U.S. authorities could not immediately arrest him.

“He will never be able to travel outside of Iran without fear of being arrested and brought here,” Kim said.

Kim described Mesri as an “experienced and sophisticated hacker who has been wreaking havoc on computer systems around the world for some time.”

Prosecutors said Mesri had worked on behalf of Iran’s military to attack military systems, nuclear software systems and Israeli infrastructure.

They also alleged that he helped an Iranian hacking group, Turk Black Hat Security Team, deface hundreds of websites in the United States and other countries.

«

So was he moonlighting from his busy work on behalf of the military when he hacked HBO?
link to this extract


Keyboard shortcuts in Windows • Windows Help

I asked, and reader Richard responded. There’s a good number of them.
link to this extract


Errata, corrigenda and ai no corrida: none notified

Start Up: spot that asteroid!, China’s foreign phone giant, earthquakes in 2018?, and more


The actor Paul Walker died in a car crash. He’s far from alone in the US, which is now an outlier in road deaths. Photo by dfirecop on Flickr.

A selection of 10 links for you. Try that for size. I’m @charlesarthur on Twitter. Observations and links welcome.

ESO observations show first interstellar asteroid is like nothing seen before • ESO

»

For the first time ever astronomers have studied an asteroid that has entered the Solar System from interstellar space. Observations from ESO’s Very Large Telescope in Chile and other observatories around the world show that this unique object was traveling through space for millions of years before its chance encounter with our star system. It appears to be a dark, reddish, highly-elongated rocky or high-metal-content object. The new results appear in the journal Nature on 20 November 2017.

On 19 October 2017, the Pan-STARRS 1 telescope in Hawai`i picked up a faint point of light moving across the sky. It initially looked like a typical fast-moving small asteroid, but additional observations over the next couple of days allowed its orbit to be computed fairly accurately. The orbit calculations revealed beyond any doubt that this body did not originate from inside the Solar System, like all other asteroids or comets ever observed, but instead had come from interstellar space. Although originally classified as a comet, observations from ESO and elsewhere revealed no signs of cometary activity after it passed closest to the Sun in September 2017. The object was reclassified as an interstellar asteroid and named 1I/2017 U1 (`Oumuamua) [1].

“We had to act quickly,” explains team member Olivier Hainaut from ESO in Garching, Germany. “`Oumuamua had already passed its closest point to the Sun and was heading back into interstellar space.”

«

Long, rocket-shaped, from outside the solar system, high metal content? Best left alone, I think.
link to this extract


Surface Book 2 review: monster performance, but lightning hasn’t struck twice • Ars Technica UK

Peter Bright:

»

I’m no artist, and I’m not much of a tablet user. While I love the hybrid form factor, I love it for the same reason that I love the 360-degree hinge; I like to make the system an inverted V for watching movies and similar activities when flying, and I like to wrap the screen around all the way (to turn the thing into a chunky tablet) for watching movies in bed. As such, I don’t have any particularly strong feelings about this 15-inch tablet. It’s an engineering marvel, without a doubt. But is it useful? For me, no. I would flip the screen around, but I can’t imagine ever using it detached from the base.

When introducing the Surface Book 2, Microsoft spoke extensively about the appeal the flexible machine had for creative, artistic users, and, in particular, users for whom the pen is not merely an optional extra but a core part of the value proposition. For them, the 15-inch tablet represents a member of a continuum; it’s one of a family of tablets: 12.3 inches in the Surface Pro, 13.5 and 15 inches in the Surface Book 2, and 28 inches for the Surface Studio. Those all support the same pens, and they all support Microsoft’s Surface Dial accessory. If you want that larger workspace that the 15-inch tablet offers, then the Surface Book 2 is likely to appeal.

Otherwise, the Surface Book 2 is really very similar to its predecessor. That’s good in lots of ways but disappointing in others.

«

He likes the build quality, lightness of its tablet, keyboard and touchpad. Doesn’t like: the connectivity – still doesn’t have Thunderbolt 3, whereas the MacBook Pro (which it’s priced against) does. That means it can’t drive dual 4K displays:

»

Microsoft has undoubtedly built a better Surface Book. What it hasn’t done, I think, is look at the rest of the market to ensure that it has built a better laptop.

I just can’t get over the lack of Thunderbolt 3. The 15-inch MacBook Pro has Thunderbolt 3. Dell’s XPS 15 has Thunderbolt 3. The 15-inch HP Spectre x360 has Thunderbolt 3. The Lenovo ThinkPad P51s has Thunderbolt 3. The (14-inch) Razer Blade has Thunderbolt 3. These are all systems operating in more or less the same space as the Surface Book 2…

«

link to this extract


Samsung reportedly orders 3D components for Galaxy S9 facial recognition • SamMobile

“Adnan F”:

»

It has previously been reported that the Galaxy S9 facial recognition will be improved with a 3D sensor-equipped front camera. According to a new report, Samsung has already placed significant orders for 3D components that will power the improved facial recognition system. The new system is expected to be more accurate, fast and safer than the one on the Galaxy S8.

A report out of South Korea suggests that even though Samsung will opt for 3D hardware, it’s going to stick with 2D software for facial recognition. Perhaps Samsung wants to keep iris recognition onboard as it’s believed to be even safer.

The 3D sensor-equipped front camera might be useful for augmented and virtual reality experiences. It may also be used to power innovative new features like animated emojis.

«

So it wants to copy animoji, but not FaceID? That seems unambitious.
link to this extract


How Vizag is putting land records on blockchain • Tech In Asia

Sumit Chakraberty:

»

Property fraud is rampant in India and takes many forms. It’s one of the biggest avenues for investing black money. One way is to hold property in other people’s names, and this practice is called benami, which means ‘false name.’

In this murky scene, the government does not only lose revenue, but buyers can also be duped when the same property is sold to multiple entities. What exacerbates it is rampant corruption. The Indian government introduced a new law and have seized benami properties worth US$282 million since November last year.

We have already given up a lot of our black boxes. We will lead this transformation.
Sprawled across 160,000 sq km on the east coast with a population of over 50 million, the state of Andhra Pradesh wants to use blockchain technology to tackle the problem. Blockchain’s immutability can make land records tamper-proof. Its visibility to multiple entities also makes the system transparent.

The state is running a pilot by Swedish startup ChromaWay to put land records on a blockchain in fintech hub Vizag.

«

Neat idea. Finally a real-world use for blockchain. Land registry is an important topic in developing countries.
link to this extract


This dog sits on seven editorial boards • Atlas Obscura

Kelsey Kennedy:

»

An associate editor for the Global Journal of Addiction & Rehabilitation Medicine, Olivia Doll, lists some very unusual research interests, such as “avian propinquity to canines in metropolitan suburbs” and “the benefits of abdominal massage for medium-sized canines.” That’s probably because Olivia Doll is a Staffordshire terrier named Ollie who enjoys chasing birds and getting belly rubs. In all her spare time, Ollie also has sat on the editorial boards of not one, but seven, medical journals.

Ollie’s owner, Mike Daube, is a professor of health policy at Australia’s Curtin University. He initially signed his dog up for the positions as a joke, with credentials such as an affiliation at the Subiaco College of Veterinary Science. But soon, he told Perth Now in a video, he realized it was a chance to show just how predatory some journals can be.

“Every academic gets several of these emails a day, from sham journals,” he said. “They’re trying to take advantage of gullible younger academics, gullible researchers” who want more publications to add to their CVs. These journals may look prestigious, but they charge researchers to publish and don’t check credentials or peer review articles. And this is precisely how a dog could make it onto their editorial boards.”

«

link to this extract


America is now an outlier on driving deaths • The New York Times

David Leonhardt:

»

This week, millions of Americans will climb into their cars to visit family. Unfortunately, they will have to travel on the most dangerous roads in the industrialized world.

It didn’t used to be this way. A generation ago, driving in the United States was relatively safe. Fatality rates here in 1990 were roughly 10% lower than in Canada and Australia, two other affluent nations with a lot of open road.

Over the last few decades, however, other countries have embarked on evidence-based campaigns to reduce vehicle crashes. The United States has not. The fatality rate has still fallen here, thanks partly to safer vehicles, but it’s fallen far less than anywhere else.

As a result, this country has turned into a disturbing outlier. Our vehicle fatality rate is about 40% higher than Canada’s or Australia’s. The comparison with Slovenia is embarrassing. In 1990, its death rate was more than five times as high as ours. Today, the Slovenians have safer roads.

«

The main cause? Excessive speed and failure to use seatbelts (one in seven Americans doesn’t).
link to this extract


China’s Transsion dominates African mobile phone market • FT

Tom Hancock:

»

Globally, Transsion is number four in terms of units sold after Samsung, Apple and China’s Huawei, according to IDC, though low prices mean it is only the 13th largest phone manufacturer by sales value.

Since launching in 2016, Itel phones have also captured an 8% share of India’s handset market, making it the third largest brand, according to Counterpoint Research, a consultancy. This success has been thanks to cheap prices and good distribution, said Tarun Pathak, an analyst at Counterpoint Research.

Transsion took an unusual route of ignoring the Chinese market to build its sales in sub-Saharan Africa, adapting low-cost phones to local tastes. For instance, its handsets feature multiple sim-card slots, camera software adapted to better-capture darker skin tones, and speakers with enhanced bass. 

Sales in Africa could top 100m units this year, helping the company generate more than Rmb20bn ($3bn) in revenue, said founder and chief executive Zhu Zhaojiang. “I don’t target the highest-income consumers who would buy Apple or Samsung,” he added.

The company will export 120m handsets this year, according to Mr Zhu — making it China’s largest phone exporter by volume, though margins are lower than rivals due to the lower-cost of Transsion phones, which can sell for as little as $10.

«

Nokia gave up too soon.
link to this extract


Greenify also among those accused of misusing accessibility services, weighs in on the matter • AndroidAuthority

Williams Pelegrin:

»

Greenify developer Oasis Feng… took to Google+ to share that he received a 30-day notice from Google about the potential “misuse” of accessibility services in Greenify. In the post, Feng acknowledged that there are negatives to the use of accessibility services, such as performance lag and becoming a target of malware.

On the flip side, Feng equates accessibility services to Android’s version of Pandora’s box, since they let you set up automation of certain tasks, trigger global actions, and overlay your screen. As we’ve seen with apps like LastPass, which has also been targeted by Google’s changes, accessibility services also allow for functions like autofill passwords, so Feng’s metaphor is not far from the truth.

With that being said, Feng’s biggest concern is concerned that Google will use its standing to “judge the ‘proper use’ of Android API,” even if that use is not for malware:

»

“I understand the complexity and historical reasons that lead [sic] to the current situation, but feel sorry and sad about how Google deals with this situation, by banishing popular tool apps.”

«

«

It seems a bit weird to tell Google what it can and can’t allow in the Play Store based on how something uses the Android API. That’s really Google’s choice. There are other app stores, and also sideloading. LastPass, meanwhile, seems to have received a golden ticket.
link to this extract


Upsurge in big earthquakes predicted for 2018 as Earth rotation slows • The Guardian

Robin McKie:

»

Scientists have warned there could be a big increase in numbers of devastating earthquakes around the world next year. They believe variations in the speed of Earth’s rotation could trigger intense seismic activity, particularly in heavily populated tropical regions.

Although such fluctuations in rotation are small – changing the length of the day by a millisecond – they could still be implicated in the release of vast amounts of underground energy, it is argued.

The link between Earth’s rotation and seismic activity was highlighted last month in a paper by Roger Bilham of the University of Colorado in Boulder and Rebecca Bendick of the University of Montana in Missoula presented at the annual meeting of the Geological Society of America.

“The correlation between Earth’s rotation and earthquake activity is strong and suggests there is going to be an increase in numbers of intense earthquakes next year,” Bilham told the Observer last week.

In their study, Bilham and Bendick looked at earthquakes of magnitude 7 and greater that had occurred since 1900. “Major earthquakes have been well recorded for more than a century and that gives us a good record to study,” said Bilham.

«

Well there’s something to look forward to. Anyone read The Age of Miracles? Splendid book in which the slowing of the Earth’s rotation is just the beginning.
link to this extract


More China entry-level VR, smartphone vendors to exit markets • Digitimes

Max Wang and Willis Ke:

»

many China firms were rushing to join the retail market for simple VR headsets and boxes after Google Cardboard was launched in 2014. As of January 2016, there were as many as 350 China-based brand vendors engaged in retail sales of such products, particularly VR boxes.

Although China now still commands nearly 50% of the global market supply of VR boxes, the sources continued, the number of China’s brand vendors of budget-priced VR boxes and headsets has sharply shrunk to 190 now for failing to survive the changing market scenarios, in that all-in-one VR devices boast a growing variety of functions and ever-improving performance while the prices of high-end VR products have also been on the decline.

The withdrawal of those players without core competitiveness from the VR market will make the VR industry get on a healthy development track, as it will help to balance the market supply and demand to enhance market stability, industry insiders said, adding that the VR industry is marching toward a stable growth stage with continuous declines in VR headset prices, increasing VR experiences by consumers and the availability of more VR titles.

On another front, China’s brand vendors of lower-end smartphones are also plagued by the same woes facing those of budget-priced VR devices. As cost/performance ratio and brand image are key consumer concerns in buying smartphones, and first-tier vendors as Huawei, Oppo, Vivo and Xiaomi Technology boast strong cost competitiveness for volume production, the market leeway left for vendors of entry-level models has suffered a drastic shrinkage. Statistics showed that the number of online smartphone brand vendors has decreased to around 120 for the moment from over 200 seen in September 2016, according to industry sources.

«

The exit of smaller players will inevitably lead to higher prices: although the bigger companies will get economies of scale, the chunk of the market that was essentially venture- or bank-funded (and hence happy to work at negative margin) will vanish.
link to this extract


Errata, corrigenda and ai no corrida: none notified

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

Start Up: what Facebook knows, no no Lenovo!, why clocks go clockwise, Amazon hacking!, and more


DJI (makers of this drone) seems to have reneged on a bug bounty deal after flaws in its server setup were exposed. Photo by GTimofey on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 12 links for you. Use them wisely. I’m @charlesarthur on Twitter. Observations and links welcome.

How to find out what Facebook knows about you • CNBC

Todd Haselton:

»

I recently quit Facebook, but decided to return for one final task: To find out exactly what Facebook knows about me.

After some quick digging, I found out that Facebook knows:

Where I’m logged in and on what computer
I like smartphones and am an early tech adopter
I’ve clicked ads for laptop briefcases
I am most likely to interact with ads from Lyft and Nike over others
I’m liberal but prefer to read about Republican news stories
I’m married
My birthday is in March
I work for CNBC
I tend to access the social network from a tablet or smartphone.

I provided some of this information to Facebook, while other info Facebook gathered based on my interactions.

I’m going to deactivate my account again, but before I do I wanted to walk you through how to find out what Facebook knows about you, too.

Before we get started, know that you can click any image below to see a larger version. Let’s go.

First, open your Facebook page and tap “Settings” then “Ads”…

«

Recommended.
link to this extract


A war of words puts Facebook at the centre of Myanmar’s Rohingya crisis • The New York Times

Megan Specia and Paul Mozur:

»

Myanmar’s government has barred Ashin Wirathu, an ultranationalist Buddhist monk, from public preaching for the past year, saying his speeches helped fuel the violence against the country’s Rohingya ethnic group that the United Nations calls ethnic cleansing.

So he has turned to an even more powerful and ubiquitous platform to get his message out — Facebook.

Every day he posts updates, often containing false information, that spread a narrative of the Rohingya as aggressive outsiders. And posts like these have put Facebook at the center of a fierce information war that is contributing to the crisis involving the minority group. International human rights groups say Facebook should be doing more to prevent the hateful speech, focusing as much on global human rights as on its business.

“Facebook is quick on taking down swastikas, but then they don’t get to Wirathu’s hate speech where he’s saying Muslims are dogs,” said Phil Robertson, deputy director of Human Rights Watch’s Asia division.

«

This is from the end of October, but the trajectory it describes is disturbing. Myanmar is the country which adopted smartphones more quickly than any other; it also adopted Facebook pretty fast, going from about 4.7m users (10% of the population) in July 2015 to 9.7m (20%) in May 2016, and an estimated 11m by June 2017. (I’d expect the latter figure is too low.)
link to this extract


Le-no-no-vo • Bloomberg Gadfly

Tim Culpan:

»

the Chinese company is considering purchasing the PC business of Toshiba, pitting itself [ie bidding] against Taiwan’s Asustek Computer, according to Nikkei. The Japanese company stopped short of denying any spinoff plans, saying that reports of a sale “are not grounded in fact, nor is it in discussion with any individual company.”

Just two weeks ago, I argued that Lenovo needs to shift focus away from personal computers. It’s in this business mostly out of habit and shouldn’t be throwing more money into such an anemic sector without solid signs that the market, or Lenovo’s strategy, are about to undergo drastic improvement. 

Even the mere hint that Lenovo may be entertaining another deal should have shareholders worried.

To date, the company has failed to make good on its hefty purchases of Motorola Mobility’s smartphone unit and IBM’s server business. An investment of 20 billion yen to 31 billion yen ($178m to $276m) to take 51% of Fujitsu Ltd.’s client computing division, announced earlier this month, will add to the indigestion. Buying Toshiba’s computer business would risk turning that into nausea.

Lenovo is very proud of its rising PC market share and crows about it constantly. Those gains over the past six years have been largely organic instead of being juiced by acquiring other brands. At the same time, they didn’t result in huge revenue increases, since we’re in a declining market.

«

Lenovo and Acer fighting for Toshiba’s business is a bit like the proverbial bald men fighting over a comb, except in this case they’ve both got hair and the comb has no teeth. Toshiba’s PC business is a mess.
link to this extract


In-depth: why clocks run clockwise (and some watches and clocks that don’t) • Hodinkee

Jack Forster:

»

The explanation for the overwhelming preference for clockwise movement of clock hands is somewhat obscure, but a likely explanation (and one often cited) is that if you happen to be in the northern hemisphere, and you stand facing the Sun’s path across the sky, you’ll see it describe a clockwise arc as it travels from the east, to the southern sky overhead, and finally to the west, where it sets. If you make a sundial, the shadow the sundial throws will likewise follow a clockwise course, going from west to north to east (in opposition to the path of the Sun).  Early clocks, so the thinking goes, simply reflected the apparent motion of the Sun, and of the gnomon (pointer) of a sundial. 

«

There’s more, but you’ve got your pub quiz answer now.
link to this extract


Man gets threats—not bug bounty—after finding DJI customer data in public view • Ars Technica UK

Sean Gallagher:

»

DJI, the Chinese company that manufactures the popular Phantom brand of consumer quadcopter drones, was informed in September that developers had left the private keys for both the “wildcard” certificate for all the company’s Web domains and the keys to cloud storage accounts on Amazon Web Services exposed publicly in code posted to GitHub. Using the data, researcher Kevin Finisterre was able to access flight log data and images uploaded by DJI customers, including photos of government IDs, drivers licenses, and passports. Some of the data included flight logs from accounts associated with government and military domains.

Finisterre found the security error after beginning to probe DJI’s systems under DJI’s bug bounty program, which was announced in August. But as Finisterre worked to document the bug with the company, he got increasing pushback — including a threat of charges under the Computer Fraud and Abuse Act (CFAA). DJI refused to offer any protection against legal action in the company’s “final offer” for the data. So Finisterre dropped out of the program and published his findings publicly on 16 November, along with a narrative entitled, “Why I walked away from $30,000 of DJI bounty money.”

DJI launched its bug bounty this fall shortly after the US Army issued a ban on using DJI drones for any military purpose due to “operational security” concerns. There were also spreading reports of people hacking the firmware of DJI drones—some have even posted hacks to GitHub by Finisterre. But according to Finisterre, the program was clearly rushed out. The company did not, and has yet to, define the scope of the bounty program publicly. So when Finisterre discovered that DJI’s SSL certificates and firmware AES encryption keys had been exposed through searches on GitHub—in some cases for as long as four years — he contacted the company to see if its servers were within the scope of the bug bounty program. He was told they were — a statement that would later be walked back from by DJI officials.

«

Finisterre didn’t do anything that DJI wasn’t in effect inviting through its bug bounty program. It was also amazingly slow to respond to his early requests.

And you were wondering why the US military banned the use of DJI kit back in August over “cyber vulnerabilities? DJI’s bug bounty program seems to have been set up in response – but as Finisterre (who has been acknowledged by other companies, including Apple, for finding bugs) discovered, it couldn’t distinguish between people trying to help, and people trying to hack.
link to this extract


There’s a digital media crash. but no one will say it • Talking Points Memo

Josh Marshall:

»

Let’s try a very simple visualization of what I’m describing. Remember, there are too many publications relative to advertising revenue. So let’s imagine there are 30 publications and 25 revenue seats. The publications fight like hell to secure one of the seats. Then the platform monopolies came along and sat down in maybe 5 or 10 of the 25 seats. You can see the problem. The competition of 30 publications competing for 15 seats gets insane. A bunch of the publications are going to die or be forced to find another way to fund themselves.

Now, here’s the too little discussed part of the equation. A huge, huge, huge amount of digital media is funded by venture capital. That’s not just to say they had investors at the start but in effect a key revenue stream of many digital publications has been on-going infusions of new investment.

Much of that investment has been premised on the assumption that scale – being huge – would allow publications to create stable and defensible business models. There are a lot of moving parts to the strategies. But it essentially comes down to this idea: get big enough and you can solve the chronic problem of over-supply of publications in your favor through sales at volume and being able to command stable, premium advertising rates. But that hasn’t happened…

… The point is that investors are realizing that scale cannot replicate the kind of business model lock-in, price premiums and revenue stability people thought it would. Another way of putting that is that the future that VCs and other investors were investing hundreds of millions of dollars in probably doesn’t exist. That means that they’re much less likely to invest more money at anything like the valuations these companies have been claiming.

The big picture is that Problem #1 (too many publications) and Problem #2 (platform monopolies) have catalyzed together to create Problem #3 (investors realize they were investing in a mirage and don’t want to invest any more). Each is compounding each other and leading to something like the crash effect you see in other bubbles.

«

One thing that might alleviate this: getting rid of rampant online ad fraud, where huge amounts of money sloshes through third-party ad networks which don’t check that it is spent showing stuff to humans rather than bots.
link to this extract


Amazon Key delivery driver could knock out in-home service’s security camera, researchers show • The Seattle Times

Matt Day:

»

Amazon Key, which became available to customers last week, gives Amazon delivery drivers one-time access to a residence to drop off a package. The program, designed to eliminate the theft of packages left outside a home and to open up the potential for remote authorization of other home services, is a test of whether consumers trust Amazon enough to give the online retailer access to the front door.

It relies on two pieces of hardware: a smart lock, and Cloud Cam, which communicates with Amazon’s servers to authorize the driver to unlock the door, and then records the delivery, beaming live or recorded video to a smartphone app to give the homeowner peace of mind.

Rhino Security Labs, a security research outfit based in Capitol Hill, showed that it could exploit a weakness in the Wi-Fi protocol that Cloud Cam and many other devices use to communicate with their router. A savvy hacker within Wi-Fi range can send a series of “deauthorization” commands to a specific device, temporarily severing its link to the internet.

In the case of Amazon’s Cloud Cam, that means the camera would stop recording and sending images to Amazon’s servers. A delivery driver who had already received approval to unlock the front door could, before exiting and locking the door, roam inside without being recorded. Or, as demonstrated in a video posted by Rhino, leave the home and re-enter undetected.

«

Please tell me you’re not surprised.
link to this extract


Google has picked an answer for you—too bad it’s often wrong • WSJ

Jack Nicas:

»

“Who are the worst CEOs of all time?” Google answered with the names and photos of 11 chief executives, including Gordon Bethune of Continental Airlines and Robert Nardelli of Home Depot Inc.

Sometimes, Google’s response depends on how the question is asked. For “Should abortion be legal?” Google cited a South African news site saying, “It is not the place of government to legislate against woman’s choices.”

When asked, “Should abortion be illegal?” it promoted an answer from obscure clickbait site listland.com stating, “Abortion is murder.”

The promoted answers, called featured snippets, are outlined in boxes above other results and presented in larger type, often with images. Google’s voice assistant sometimes reads them aloud. They give Google’s secret algorithms even greater power to shape public opinion, given that surveys show people consider search engines their most-trusted source of information, over traditional media or social media.

Google typically lists the source below the answer—or credits the source first when reading an answer aloud—but not always. The worst-CEOs list was unsourced. “That’s the dumbest bunch of shit I’ve ever seen,” Mr. Bethune said in an interview. Mr. Nardelli declined to comment.

«

It’s a nice idea, but it’s fatally flawed. Google cleaves to the idea that the most popular result is the canonically correct one. That has long since ceased to be the case.
link to this extract


HomePod delay suggests Siri integration is harder than expected • Loup Ventures

Gene Munster:

»

Déjà vu. This isn’t the first time Apple has delayed a product release. Today’s announcement brings us back to April of 2007. Apple is working on the iPhone, set to launch in June, and planning on releasing Mac OS X 10.5 Leopard around the same time. On April 12 Apple released a statement saying, “iPhone contains the most sophisticated software ever shipped on a mobile device, and finishing it on time has not come without a price. We had to borrow some key software engineering and QA resources from our Mac OS X team. As a result, we will not be able to release Leopard at our Worldwide Developers Conference in early June as planned. We think it will be well worth the wait. Life often presents tradeoffs, and in this case, we’re sure we’ve made the right ones.”

Did Apple make the right tradeoffs with HomePod? We think so – the damage to the brand as a result of shipping a half-baked product is greater than the potential benefit of pushing it out in time to capture holiday sales. The level of connectivity in Apple’s device ecosystem leads us to believe that HomePod will deliver a superior experience, and loyal Apple consumers will be rewarded for waiting. And the loyal Apple user base would have made up the vast majority of 2017 HomePod sales anyway. In the same Bloomberg interview post-WWDC, Cook added, “For us, it’s not about being first, it’s about being the best.”

«

OK, it’s Gene Munster, but on this he’s probably right: people who were going to buy a HomePod will likely hold on.
link to this extract


FaceID is brilliant because it’s subtraction instead of addition • Daniel Miessler

»

The goal for mobile device security shouldn’t be just making security better, but also making it less visible and explicit.

FaceID is an upgrade not just because it’s more accurate than TouchID, or because it’s a faster way to authenticate—it’s an upgrade because you are basically removing the authentication step entirely.

A great way to visualize this point is to imagine a similar handheld device from a superior alien race. Assuming they needed such an interface or display at all, they would simply handle their device normally and it would still allow them to perform sensitive actions.

To an unfamiliar observer it might seem like no authentication took place, like one could just pick up any device and start taking sensitive actions on their behalf. But in reality all of that functionality had just been removed from the workflow and done automatically. It’s security made invisible and effortless.

That’s what FaceID is, and why it represents such an improvement: it adds security while removing friction.

«

This is absolutely right. But as he points out, if you add the convenience but lower security, you’re taking the easy path which doesn’t actually help the customer. (FaceID’s claimed security is equivalent to a random six-digit passcode; some of the facial recognition systems out there are as secure as a two-digit code.)
link to this extract


You’ll probably never read the iPhone X review that would be most useful to you • Subtraction.com

Khoi Vinh:

»

You could argue that three years is an unrealistically long time to expect a smartphone to be able to keep up with the rapidly changing—and almost exponentially increasing—demands that we as users put on these devices. Personally, I would argue the opposite, that these things should be built to last at least three years, if for no other reason than as a society we shouldn’t be throwing these devices away so quickly.

But even if you disagree with me, even if you’re the kind of person who upgrades to a new phone every year, I think you’d still agree that it would be useful to know how well these devices hold up after one or even two years.

Now, I know it sounds kind of counter-intuitive to read a review of a product a year or more after everyone who would consider buying it has already bought it. But imagine if the sites and publications that review these products did make it a habit to revisit them down the road. Imagine if twelve months from now you could read about how well today’s iPhone X holds up with iOS 12, and also with whatever slate of third-party apps that can reasonably be understood as essential—the 2018 versions of Instagram, Spotify, Twitter or whatever. Imagine that at regular intervals we could see benchmarks on a freshly restored iPhone X running the latest software and getting a quantified and qualified idea of how well that piece of hardware has aged over time.

If reviewers revisited these products in this way, it would give us a whole new dimension of understanding. It would tell us how well-designed these phones really are, whether the manufacturers really understand how technology—and the world—changes within a two or three year time frame. And it would help us judge for ourselves how much effort the companies are investing into ensuring the quality of their products over the lifetime in which they’re used. Basically, it would give us, as customers, a richer track record for these companies, so that we can hold them accountable in a way that tends to go unnoticed today.

«

Agree.
link to this extract


Mac keyboard shortcuts • Apple Support

»

By pressing a combination of keys, you can do things that normally need a mouse, trackpad, or other input device.

To use a keyboard shortcut, hold down one or more modifier keys while pressing the last key of the shortcut. For example, to use the shortcut Command-C (copy), hold down Command, press C, then release both keys.

«

This is a long and comprehensive (obviously) list. You might find some you didn’t know about here, if you use a Mac. Windows version welcomed.
link to this extract


Errata, corrigenda and ai no corrida: none notified

Start Up: Berners-Lee fears web’s future, time for Watch sales?, Pixel Buds review, tracking your web typing, and more


Amazon is the place to learn how to turn out tons of really good graphs. Photo by nate_marsh on Flickr.

You can sign up to receive each day’s Start Up post by email, beginning next week. You’ll need to click a confirmation link, so no spam.

A selection of 12 links for you. Fresh, free, fair. I’m @charlesarthur on Twitter. Observations and links welcome.

Remove the legend to become one • Remains of the Day

Eugene Wei with an elegaic post on his time at the early days of Amazon, where he was in charge of the Analytics Package – which sounds a bit like Chandler’s non-job in Friends, except that the company (and Jeff Bezos) relied on the monthly 100-page printed set of charts explaining how the business was faring:

»

I rarely use copy machines these days, but that year of my life I used them more than I will all the days that came before and all the days still to come, and so I can say with some confidence that they are among the least reliable machines ever made by mankind.

It was a game, one whose only goal was to minimize pain. A hundred copies of a hundred page document. The machine will break down at some point. A sheet will jam somewhere. The ink cartridge will go dry. How many collated copies do you risk printing at once? Too few and you have to go through the setup process again. Too many and you risk a mid-job error, which then might cascade into a series of ever more complex tasks, like trying to collate just the pages still remaining and then merging them with the pages that were already completed…

…One of the only times I cried at work was late one night, a short time after my mom had passed away from cancer, my left leg in a cast from an ACL/MCL rupture, when I could not understand why my workbooks weren’t checking out, and I lost the will, for a moment, to wrestle it and the universe into submission. This wasn’t a circular reference, which I knew could be fixed once I pursued it to the ends of the earth, or at least the bounds of the workbook. No, this inherent fragility in linked workbooks in Excel 97 was a random flaw in a godless program, and I felt I was likely the person in the entire universe most fated to suffer its arbitrary punishment.

I wanted to leave the office, but I was too tired to go far on my crutches. No one was around the that section of the office at at that hour. I turned off the computer, turned out the lights, put my head down on my desk for a while until the moment passed. Then I booted the PC back up, opened the two workbooks, and looked at the two cells in question. They still differed. I pressed F9. They matched. 

Most months, after I had finished collating all the copies of the Analytics Package, clipping each with a small, then later medium, and finally a large binder clip, I’d deliver most copies by hand, dropping them on each recipient’s empty desk late at night. It was a welcome break to get up from my desk and stroll through the offices, maybe stop to chat with whoever was burning the midnight oil. I felt like a paper boy on his route, and often we’d be up at the same hour.

«

That’s only the prelude to his wonderful demonstration of how to make better graphs.
link to this extract


Compuserve forums set to close after two decades of service • Digital Trends

Joy Martindale:

»

If you want to step back in time and give the Compuserve forums one more read, you have until December 15 to do it, as the company has announced that it’s closing the discussion boards after two decades of use. Fans have lamented the move, with particular consternation over the loss of some of the more niche communities which have lasted despite the growth of much more modern social networking platforms.

As the first major commercial online service provider in the U.S., launching its services back in the 1980s, Compuserve is one of the true old-guard of the internet. Now part of the same collective as fellow companies synonymous with the web’s early days, AOL and Yahoo, it appears as if the owners are keen to trim some of the fat and unfortunately, that means the forums have got to go.

The announcement heralding the end of the Compuserve forums was posted at the top of every discussion board and reads: “We regret to inform you that the Forums will be removed from the CompuServe service effective December 15, 2017. For more than two decades, the CompuServe Forums paved the way for online discussions on a wide variety of topics and we appreciate all of the participation and comments you have provided over the years.”

«

Compuserve forums were still going?! Some of my stuff is somewhere in there. I’ve seen flamewars you people wouldn’t believe…
link to this extract


Tim Berners-Lee on the future of the web: ‘The system is failing’ • The Guardian

Olivia Solon:

»

The inventor of the world wide web always maintained his creation was a reflection of humanity – the good, the bad and the ugly. But Berners-Lee’s vision for an “open platform that allows anyone to share information, access opportunities and collaborate across geographical boundaries” has been challenged by increasingly powerful digital gatekeepers whose algorithms can be weaponised by master manipulators.

“I’m still an optimist, but an optimist standing at the top of the hill with a nasty storm blowing in my face, hanging on to a fence,” said the British computer scientist…

“The system is failing. The way ad revenue works with clickbait is not fulfilling the goal of helping humanity promote truth and democracy. So I am concerned,” said Berners-Lee, who in March called for the regulation of online political advertising to prevent it from being used in “unethical ways”.

Since then, it has been revealed that Russian operatives bought micro-targeted political ads aimed at US voters on Facebook, Google and Twitter. Data analytics firms such as Cambridge Analytica, which builds personality profiles of millions of individuals so they can be manipulated through “behavioural micro-targeting”, have also been criticised for creating “weaponised AI propaganda”.

“We have these dark ads that target and manipulate me and then vanish because I can’t bookmark them. This is not democracy – this is putting who gets selected into the hands of the most manipulative companies out there,” said Berners-Lee.

It is not too late to turn things around, he said, provided people challenge the status quo.

“We are so used to these systems being manipulated that people just think that’s how the internet works. We need to think about what it should be like,” he said.

“One of the problems with climate change is getting people to realise it was anthropogenic – created by people. It’s the same problem with social networks – they are manmade. If they are not serving humanity, they can and should be changed,” he said.

«

Berners-Lee and I think alike on this.
link to this extract


Here’s how people in India are manipulating Twitter trends to spread political propaganda • Buzzfeed

»

Twitter is facing serious scrutiny in the United States over revelations that Russian state-linked trolls exploited its platform in an attempt to sow discord in American politics, and it’s making attempts to be more transparent about promoted tweets. But in India, the company’s fastest-growing market, politicians and their supporters have discovered an effective way to spread propaganda without paying Twitter a dime: hijacking the trending column with targeted hashtag campaigns.

A BuzzFeed News analysis found that at least 10 political hashtags that appeared in the top 10 in Twitter’s trends column in India during the last two months were the result of organized campaigns that gave people tweet templates and urged them to post duplicate tweets to promote the hashtags. More than 50% of the tweets containing these 10 trending hashtags had duplicates, and many seemed to be copy-pasted from these tweet templates. There were nearly two dozen other political hashtags that trended in this timeframe — but their popularity doesn’t seem to have been the result of orchestrated campaigns.

Spamming Twitter with duplicate tweets is a violation of Twitter’s rules, which say users aren’t permitted to “post multiple updates to a trending or popular topic with an intent to subvert or manipulate the topic to drive traffic or attention to unrelated accounts, products, services, or initiatives.” A Twitter spokesperson told BuzzFeed News, “Any use of automation to game Trending Topics is in violation of the Twitter Rules, and we have had measures in place to address this since the spring of 2014.” Still, that isn’t stopping these campaigns that make political propaganda trend on the platform in India.

«

Social media v democracy: seconds out.
link to this extract


11 million people in the UK are not “just about managing” at all, new research shows • Buzzfeed

James Ball:

»

There are 3.4 million more households in the UK struggling to live on their income than there were in 2008/09, a new report by the respected anti-poverty group the Joseph Rowntree Foundation has revealed, a week before chancellor Philip Hammond unveils his Budget.

The JRF said 30% of families in the UK – 18.9 million people – were living on an income below the “minimum income standard”, an amount of cash that’s defined by the charity as “having enough to make ends meet”.

Theresa May has spoken of her desire to help families who are “just about managing”, a term that a researcher told BuzzFeed News roughly tallied with those whose income was just below the minimum standard. But more than 11 million people were well below the line, the report shows, suggesting they’re struggling to buy essentials and meet their bill repayments.

The report showed that some groups, such as single parents who aren’t working, and couples where one partner is working full-time while the other is not, are significantly worse off under current policies, often to the sum of thousands of pounds a year. These groups are projected to remain that way in future too.

«

That the number is greater than during/after the bank crash is appalling: the effect of “austerity” and no wage growth.
link to this extract


It’s time for Apple to disclose Apple Watch sales • Above Avalon

Neil Cybart:

»

Four major changes have swung the disclosure debate in favor of Apple providing Apple Watch data on a quarterly basis.

• There is no smartwatch market. After more than two-and-a-half years of competition, it is clear that Apple Watch doesn’t have much genuine competition. Instead of there being a smartwatch market, there is just an Apple Watch market. In the beginning, some thought low-cost, dedicated health and fitness trackers would pose a major long-term sales risk to higher-priced, multipurpose wearable devices like Apple Watch. This has proven to be incorrect. Apple Watch is seeing growing sales momentum while dedicated fitness trackers are quickly fading in the marketplace. Samsung, Garmin, Fossil are the only companies selling at least 100,000 smartwatches per quarter on a regular basis. The rationale for withholding Apple Watch sales data “due to competitive reasons” is getting weaker as time goes on. In addition, competitors already have a very good idea of how Apple Watch is performing in the marketplace thanks to the sales clues provided by Apple. (In addition, I have been providing Apple Watch sales estimates to Above Avalon members for years.)

• Additional Apple Watch sales data. Apple has a much better handle on Apple Watch demand trends given 10 quarters of Apple Watch sales data. Management is well aware of the seasonality found with Apple Watch sales. In addition, much of the unknown found with the quarterly swings in Apple Watch sales has been removed. Year-over-year growth projections for Apple Watch now serve as a more reliable way of forecasting sales. 

• Low Apple Watch expectations. Wall Street no longer has high expectations for Apple Watch sales. Accordingly, Apple is no longer facing the same level of risk of missing Apple Watch sales expectations.

• New Wall Street focus. There is evidence of Wall Street focusing much less on Apple’s unit sales growth. Instead, Wall Street is increasingly focused on Apple’s balance sheet. The result is an environment in which Apple doesn’t have to worry as much about slowing Apple Watch unit sales posing a threat on Wall Street. 

«

link to this extract


Report: Samsung sold one smartwatch for every 23 smartphones shipped in Q3 2017 • SamMobile

Abhijeet M:

»

Samsung makes among the best smartwatches available on the market, but the Korean company isn’t selling as many smartwatches as it should be, according to data released by analysts at Canalys. In the third quarter of this year, Samsung sold one smartwatch for every 23 smartphones shipped, falling behind Apple and also selling fewer units than Xiaomi, Fitbit, and Huawei.

Apple sold one watch for every seven smartphones, while Huawei sold one for every 14 smartphones shipped. Samsung is currently holding on to 5% of the market share and managed to ship 0.5m units of the Gear S3. It does seem like the Gear Sport wasn’t included in this data, although that wouldn’t have made much of a difference given the Gear Sport’s limited availability right now. The data for next quarter might improve, however, even if Samsung may not manage to match the competition in terms of overall sales.

According to Canalys, the cellular-enabled Apple Watch 3 was a major reason for the Tim Cook led company’s increased sales, suggesting that consumers are interested in smartwatches that can make calls and connect to a data network without a phone. That might be an obstacle for the Gear Sport, which doesn’t offer cellular functionality by virtue of being more focused on fitness than any previous Samsung smartwatch. As for Fitbit and Xiaomi, it’s unlikely Samsung will ever catch up, not unless it starts focusing on affordable fitness trackers, or at least those that cater to a wide variety of price points. At upwards of €200, the Gear Fit2 Pro may not be enough.

«

At first this seems like a weird way to measure sales, but then again it makes sense of sorts: you’d expect sales might track together with phones. The “obstacle” for the Gear Sport overlooks the fact that Samsung had a smartwatch with phone capability ages ago – except it didn’t use the same number as your own phone, which complicated matters a lot, since you couldn’t leave your phone behind.
link to this extract


Google Pixel Buds review: pass • Android Police

David Ruddock:

»

I’m pretty disappointed with the Pixel Buds, because they do so little to actually make the wireless headphone experience better. Sure, the Assistant integration is cool, but we’ll be getting other headphones with that functionality soon, so buying the Pixel Buds just for that seems kind of silly. Quick pairing is nice when it works, but again, other headphones are getting (or already have) this.

They also don’t sound especially great, they aren’t very comfortable, the charging case design is terrible, battery life is unremarkable, and it’s clear that fully wireless earbuds are the way forward – not fabric cables. Picking up the Pixel Buds instead of Airpods for the same money seems crazy to me. And if you don’t want Airpods or fully wireless earbuds, Jaybird’s excellent X3s offer much better battery life and a more comfortable fit at a far lower price.

Meanwhile, at the other end of the spectrum, companies like Bose are beating Google on features and audio. My Soundsport Free can simultaneously be connected to my Pixel 2 XL and Pixelbook, are fully wireless (and last just as long), sound leagues better, and are more comfortable, to boot. Sure, they cost $250, but I’m clearly getting something out of that extra money. It remains wholly unclear to me why I’d spend $160 on the Pixel Buds.

The Pixel Buds need to go back to the drawing board, sadly. I feel like we ended up with them not because Google genuinely thought they were a compelling product, but because the Pixel 2s don’t have a headphone jack and Google needed something to go up against the Airpods.

«

I do like the idea of a swipe to change volume: it seems the most obvious missing gesture on Airpods. (Swipe up to increase volume, swipe down to decrease?) I honestly don’t see many people having a use for the translation feature, but if you were Google you’d want to have something unique to Google, and machine translation is the obvious one.
link to this extract


Inside Internet Archive: 10PB+ of storage in a church… oh, and a little fight to preserve truth • The Register

Thomas Claburn:

»

To underscore the Internet Archive’s civic purpose, Kahle recounted how on May 1, 2003, the White House issued a statement about the Iraq war: “President Bush Announces Combat Operations in Iraq Have Ended.” That declaration was subsequently modified without notice to read: “President Bush Announces Major Combat Operations in Iraq Have Ended.”

Later, Bush’s statement was removed from the web, but remained preserved in the Internet Archive. It would be December 2011 before combat operations in Iraq actually ended, at least from the perspective of the Obama Administration.

“We want to make it so you can’t just take things off the net and put them down the memory hole,” said Kahle.

Kahle and others made it clear that today’s political climate has added a sense of urgency to digital preservation efforts. Following the 2016 election, the Internet Archive and its community of concerned archivists worked to capture 100TB of information from government websites and databases out of concern it might vanish. It’s a job with no end in sight.

“Things are very dangerous right now for internet content,” said Art Pasquinelli, LOCKSS partnership manager at Stanford University.

Information on the internet is being filtered and fractured through social networks, Pasquinelli suggested. It’s often presented without useful context. Data sets may become inaccessible.

If there’s any good news, it’s that the Internet Archive itself hasn’t been attacked directly, at least in a major way, to stop it from what it’s doing. “We don’t see people trying to modify the records that we’ve stored,” Kahle told The Register. “We haven’t felt like we’ve been attacked. We’ve been used mostly for the purpose that we’ve been designed for.”

The Internet Archive isn’t so much concerned with preventing the spread of misinformation as with making sure information of all sorts remains accessible.

«

The Internet Archive is an invaluable resource if you’re trying to research something more than a few years old. Linkrot is so endemic.
link to this extract


No boundaries: Exfiltration of personal data by session-replay scripts • Freedom To Tinker

Steven Englehardt:

»

You may know that most websites have third-party analytics scripts that record which pages you visit and the searches you make. But lately, more and more sites use “session replay” scripts. These scripts record your keystrokes, mouse movements, and scrolling behavior, along with the entire contents of the pages you visit, and send them to third-party servers. Unlike typical analytics services that provide aggregate statistics, these scripts are intended for the recording and playback of individual browsing sessions, as if someone is looking over your shoulder.

The stated purpose of this data collection includes gathering insights into how users interact with websites and discovering broken or confusing pages. However the extent of data collected by these services far exceeds user expectations; text typed into forms is collected before the user submits the form, and precise mouse movements are saved, all without any visual indication to the user. This data can’t reasonably be expected to be kept anonymous. In fact, some companies allow publishers to explicitly link recordings to a user’s real identity.
For this study we analyzed seven of the top session replay companies (based on their relative popularity in our measurements). The services studied are Yandex, FullStory, Hotjar, UserReplay, Smartlook, Clicktale, and SessionCam. We found these services in use on 482 of the Alexa top 50,000 sites.

What can go wrong? In short, a lot.

Collection of page content by third-party replay scripts may cause sensitive information such as medical conditions, credit card details and other personal information displayed on a page to leak to the third-party as part of the recording. This may expose users to identity theft, online scams, and other unwanted behavior. The same is true for the collection of user inputs during checkout and registration processes.

«

Javascript considered harmful.
link to this extract


May 2014: Software is forever • net.wars

Wendy Grossman, writing in May 2014, when Windows XP was about to be wiped from the face of the earth, because nobody would want to keep using an OS that wasn’t supported, surely?

»

The end of official support for Windows XP has occasioned a lot of unsympathetic comments like: Windows 7 (and 8) has fundamentally better built-in security, you should have switched long ago anyway; they gave you years of notice; sheesh, they supported it for 13 years; nothing lasts forever.

The notable dissenter, whom I encountered at the event launching Trustwave’s 2014 report, was Matt Palmer, chair of the Channel Islands Information Security Forum, who argued instead that the industry needs a fundamental rethink: “Very few organizations, small or large, can afford to turn over their software estate on a three-to-five-year basis,” he said, going on to ask: “Why are they manufacturing software and only supporting it for a short period?”

In other words, as he put it more succinctly afterwards: we need to stop thinking of software as temporary.

This resonates strongly to anyone who remembers that this exact short-term attitude that software was temporary was the precise cause of the Y2K problem. For those who came in late or believe that the moon landings were faked: despite much media silliness (I remember being asked if irons might be affected), Y2K was a genuine problem. It affected many types of both visible and invisible software in some trivial, some serious ways. The root cause was that throughout most of the second half of the 20th century coders saved on precious memory resources by coding two-digit fields to indicate the year. Come 2000, such software couldn’t distinguish 1935 from 2035: disambiguation required four-digit fields. “Nothing happened” because coder-millennia were spent fixing code. Remediating Y2K cost $100 billion was spent in the US alone, and all because coders in the 1950s, 1960s, 1970s, 1980s, and even some of the 1990s did not believe their software would still be in use come January 1, 2000. The date of the earliest warning not to think like that? A 1979 paper by Bob Bemer…

…People expect to measure the lives of refrigerators, thermostats, cars, or industrial systems in decades, not months or years. Even if you want to say it’s unreasonable and stupid that people and companies still have old XP boxes running specialized, irreplaceable applications today, one day soon it’s your attitude that will be unreasonable. Software has a much longer lifespan than its coders like to think about, and this will be increasingly true.

«

Still true: parts of the NHS and, I think, some bits of the UK Armed Forces are still using XP.
link to this extract


Hey, Mark Zuckerberg: my democracy isn’t your laboratory • The New York Times

Stevan Dojcinovic is editor-in-chief of KRIK:

»

My country, Serbia, has become an unwilling laboratory for Facebook’s experiments on user behavior — and the independent, nonprofit investigative journalism organization where I am the editor in chief is one of the unfortunate lab rats.

Last month, I noticed that our stories had stopped appearing on Facebook as usual. I was stunned. Our largest single source of traffic, accounting for more than half of our monthly page views, had been crippled.

Surely, I thought, it was a glitch. It wasn’t.

Facebook had made a small but devastating change. Posts made by “pages” — including those of organizations like mine — had been removed from the regular News Feed, the default screen users see when they log on to the social media site. They were now segregated into a separate section called Explore Feed that users have to select before they can see our stories. (Unsurprisingly, this didn’t apply to paid posts.)

It wasn’t just in Serbia that Facebook decided to try this experiment with keeping pages off the News Feed. Other small countries that seldom appear in Western headlines — Guatemala, Slovakia, Bolivia and Cambodia — were also chosen by Facebook for the trial.

Some tech sites have reported that this feature might eventually be rolled out to Facebook users in the rest of the world, too. But of course no one really has any way of knowing what the social media company is up to. And we don’t have any way to hold it accountable, either, aside from calling it out publicly. Maybe that’s why it has chosen to experiment with this new feature in small countries far removed from the concerns of most Americans.

«

Serbia really isn’t the place to be tooling around with this sort of stuff. But then Facebook’s supra-national influence is increasingly worrying, and its pull-the-wings-off-flies approach to media even more so.

link to this extract


Errata, corrigenda and ai no corrida: none notified

Start Up: ageing Android, charging iOS, US guns by numbers, the nearest “Earth”, bitcoin bumps in Zimbabwe, and more


We can find out who owns this, but what do corporations own in England? Photo by Jonathan Rolande on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 11 links for you. Unsupported by pastors. I’m @charlesarthur on Twitter. Observations and links welcome.

How out of date are android devices? • Dan Luu

Luu is an ex-Googler:

»

People sometimes compare Android to Windows XP because there are a large number of both in the wild and in both cases, most devices will not get security updates. However, this is tremendously unfair to Windows XP, which was released on 10/2001 and got security updates until 4/2014, twelve and a half years later. Additionally, Microsoft has released at least one security update after the official support period (there was an update in 5/2017 in response to the WannaCry ransomware). It’s unfortunate that Microsoft decided to end support for XP while there are still so many XP boxes in the wild, but supporting an old OS for over twelve years and then issuing an emergency security patch after more fifteen years puts Microsoft into a completely different league than Google and Apple when it comes to device support.

Another difference between Android and Windows is that Android’s scale is unprecedented in the desktop world. The were roughly 200 million PCs sold in 2017. Samsung alone has been selling that many mobile devices per year since 2008. Of course, those weren’t Android devices in 2008, but Android’s dominance in the non-iOS mobile space means that, overall, those have mostly been Android devices. Today, we still see nearly 50 year old PDP-11 devices in use. There are few enough PDPs around that running into one is a cute, quaint, surprise (0.6 million PDP-11s were sold). Desktops boxes age out of service more quickly than PDPs and mobile devices age out of service even more quickly, but the sheer difference in number of devices caused by the ubiquity of modern computing devices means that we’re going to see many more XP-era PCs in use 50 years after the release of XP and it’s plausible we’ll see even more mobile devices around 50 years from now. Many of these ancient PDP, VAX, DOS, etc. boxes are basically safe because they’re run in non-networked configurations, but it looks like the same thing is not going to be true for many of these old XP and Android boxes that are going to stay in service for decades.

We’ve seen that Android devices appear to be getting more out of date over time. This makes it difficult for developers to target “new” Android API features, where new means anything introduced in the past few years. It also means that there are a lot of Android devices out there that are behind in terms of security. This is true both in absolute terms and also relative to iOS.

«

link to this extract


Just how fast is “faster wireless charging” in iOS 11.2? • BirchTree

Matt Birchler:

»

iOS 11.2 is currently in beta, and will be released to all iPhone and iPad users in the coming weeks, and one of the key features for iPhone 8/8 Plus/X owners is accelerated wireless charging. Previously, all wireless charging was limited to 5W, but this update will raise that limit to 7.5W. That’s a 50% increase in power on paper, but I had to know what the real world difference was.

As you can see from the graph above, the difference between wireless charging on my “fast charge” Samsung charging pad was slight. There is definitely a difference here, and if you’re already using wireless charging (and your pad supports it), then this is an undeniable win. However, if you were hoping that this would make wireless charging catch up to wired then you’re going to be very disappointed…

…Wired charging remains the fastest way to charge the iPhone in 2017, and it’s not even close. It’s popular to hate on the charger in the box, butthe stock iPhone charger gets the iPhone 8 Plus to 79% in 2 hours (68% faster) and up to 21% at the 30 minute mark (91% faster). That’s a pretty striking difference, and if speed is of the essence, it’s a much better way to get topped up fast.

«

Wonder if Apple’s AirPower will do any better.
link to this extract


The gun numbers: just 3% of American adults own a collective 133m firearms • The Guardian

Lois Beckett:

»

surveys show that gun ownership in America is actually highly concentrated. Only 22 to 31% of Americans adults say they personally own a gun.

Rates of personal and household gun ownership appear to have declined over the past decades – roughly two-thirds of Americans today say they live in a gun-free household. By contrast, in the late 1970s, the majority of Americans said they lived in a household with guns.

Most of America’s gun owners have relatively modest collections, with the majority of gun owners having an average of just three guns, and nearly half owning just one or two, according to a 2015 survey by Harvard and Northeastern researchers, which gave the most in-depth estimate of Americans’ current patterns of gun ownerships.

But America’s gun super-owners, have amassed huge collections. Just 3% of American adults own a collective 133m firearms – half of America’s total gun stock. These owners have collections that range from eight to 140 guns, the 2015 study found. Their average collection: 17 guns each.

After the Las Vegas shooting, officials said the killer had 23 guns in his hotel room, and another 19 at home. Some Americans asked, shocked, why one person purchasing so many guns had not set off any red flags.

Part of the answer is that owning more than 40 guns is actually fairly common in the United States: there are an estimated 7.7 million super-owners, which might make it difficult to flag a mass shooter building an arsenal from enthusiastic collectors and gun enthusiasts piling up different kinds of guns for hunting different kinds of game, a selection of handguns for self-defense, and various accessories for the popular, customisable military-style rifles that enthusiasts have compared to lethal Lego sets for grown men.

«

Easily overlooked that ownership isn’t evenly distributed.
link to this extract


The companies and corporate bodies who own a third of England & Wales • Who owns England?

Anna Powell-Smith:

»

On 7 November 2017, the Land Registry for England & Wales for the first time released details of 3.5 million land titles owned by UK corporate bodies – councils, UK companies, housing associations and more. Going by separate Land Registry figures we’ve seen for the acreages these bodies own, we can safely say that companies and the public sector own around a third of England and Wales.

And now, for the first time, I’ve mapped them.

To be precise, I’ve mapped 1.8 million of the 3.5 million land titles released by the Land Registry – all the ones that include postcode locations. The remaining 1.7 million are rather trickier to map – their land titles are somewhat vaguer in their descriptions, like “Land north of Stansfield Road, Wigan”. But I’m having a crack at mapping approximate locations for these, using an OpenStreetMap-based geocoder (it takes time). Watch this space!

We’ll also be analysing the complete dataset in the weeks and months to come, so check back for more blogs assessing things like land owned by housing developers, councils and airports.

«

Powell-Smith does amazing things with data.
link to this extract


The brutal fight to mine your data and sell it to your boss • Bloomberg

Drake Bennett on the legal fight between LinkedIn and HiQ, which used LinkedIn’s API to build its business:

»

The easier it gets to harvest and analyze information, the more actively that information has to be protected. That, Verrilli argues, is what LinkedIn is trying to do.

It’s LinkedIn, after all, not HiQ, that has the relationship with the members who have posted the information. “We’ve made promises in our privacy policy, and we have to work with regulators worldwide who hold us to our promises,” says Blake Lawit, LinkedIn’s vice president for legal. “We’re not under the radar, right? If we do something creepy with privacy, we’re going to hear about it from the FTC and the Irish Data Protection Commissioner and et cetera.” In other words, LinkedIn might be big and know lots about us, but with great power comes regulatory scrutiny, and with that comes a kind of responsibility.

If that argument is only somewhat reassuring, HiQ’s argument is effectively that we’re on our own, and that this is the price we pay for today’s internet. “There’s probably lots and lots of applications that might make someone feel a little queasy, right?” Gupta told Judge Chen. “But the thing is, we can’t sit here today and police every possible business model that some entrepreneur in Silicon Valley might come up with. It’s public information. It’s the marketplace of ideas. It’s the engine of our country’s growth.” The reason Google can put the entire internet at our fingertips is because, like HiQ, it scrapes public data. That includes LinkedIn pages, which is why they tend to be among the top results if you Google a noncelebrity (unlike HiQ, Google has LinkedIn’s explicit permission to collect data).

«

link to this extract


Closest temperate world orbiting quiet star discovered • European Space Observatory

»

A temperate Earth-sized planet has been discovered only 11 light-years from the Solar System by a team using ESO’s unique planet-hunting HARPS instrument. The new world has the designation Ross 128 b and is now the second-closest temperate planet to be detected after Proxima b. It is also the closest planet to be discovered orbiting an inactive red dwarf star, which may increase the likelihood that this planet could potentially sustain life. Ross 128 b will be a prime target for ESO’s Extremely Large Telescope, which will be able to search for biomarkers in the planet’s atmosphere.

A team working with ESO’s High Accuracy Radial velocity Planet Searcher (HARPS) at the La Silla Observatory in Chile has found that the red dwarf star Ross 128 is orbited by a low-mass exoplanet every 9.9 days. This Earth-sized world is expected to be temperate, with a surface temperature that may also be close to that of the Earth. Ross 128 is the “quietest” nearby star to host such a temperate exoplanet.

“This discovery is based on more than a decade of HARPS intensive monitoring together with state-of-the-art data reduction and analysis techniques. Only HARPS has demonstrated such a precision and it remains the best planet hunter of its kind, 15 years after it began operations,” explains Nicola Astudillo-Defru (Geneva Observatory – University of Geneva, Switzerland), who co-authored the discovery paper.

«

Red dwarf stars are dead, surely? But this is close-ish, astronomically.
link to this extract


Bitcoin surges in Zimbabwe after military seize power • South Africa Times

Robert Brand, Brian Latham and Godfrey Marawanyika:

»

Bitcoin climbed as much as 10% on Zimbabwe’s Golix exchange on Wednesday after the country’s armed forces seized power.

The price of the cryptocurrency in the Southern African nation jumped as high as $13,499, almost double the rate at which it trades in international markets, according to prices cited on Golix’s website.

Demand for Bitcoin in Zimbabwe has surged amid a shortage of hard currency. Golix processed more than $1m of transactions in the past 30 days, compared with turnover of $100,000 for the whole of 2016, according to data on the exchange’s website. Zimbabwe doesn’t have its own currency, with the government adopting the US dollar and South African rand, among others, as legal tender in 2009 after hyperinflation rendered the local dollar worthless.

Golix, an unregulated platform that also trades other cryptocurrencies, has been in operation since 2014. Prices for Bitcoin are set by supply and demand, according to Taurai Chinyamakobvu, co-owner of the exchange. Sellers are paid in US dollars deposited electronically, which can only be converted at a steep discount on the black market.

«

link to this extract


We knew Julian Assange hated Clinton. We didn’t know he was secretly advising Trump • The Intercept

Robert Mackey:

»

[Barrett Brown, who went to prison for posting a link to a Wikileaks dump of Stratfor documents because those included credit card details] was particularly outraged by an Oct. 26, 2016 message, in which Assange had appealed to Trump Jr. to let WikiLeaks publish one or more of his father’s tax returns in order to make his group’s attacks on Hillary Clinton seem less biased. “If we publish them it will dramatically improve the perception of our impartiality,” the Assange-controlled @Wikileaks account suggested. “That means that the vast amount of stuff that we are publishing on Clinton will have much higher impact, because it won’t be perceived as coming from a ‘pro-Trump’ ‘pro-Russia’ source, which the Clinton campaign is constantly slandering us with.”

As Brown pointed out in another tweet, it was all-caps exasperating that Assange was in this case “complaining about ‘slander’ of being pro-Trump IN THE ACTUAL COURSE OF COLLABORATING WITH TRUMP.”

The journalist, an Intercept contributor, whose work had been championed by WikiLeaks, also shared a link to a Reddit AMA conducted two days after the election in which WikiLeaks staff, including Assange’s longtime collaborator Sarah Harrison, had denied point-blank that they had collaborated with the Trump campaign.

“The allegations that we have colluded with Trump, or any other candidate for that matter, or with Russia, are just groundless and false,” the staffers wrote then. “We were not publishing with a goal to get any specific candidate elected.”

It is not surprising that Brown felt personally betrayed by Assange, since, as he explained on Facebook Tuesday night, “I went to prison because of my support for WikiLeaks.” Specifically, Brown said, the charges against him were related to his role in “operations to identify and punish members of the government and members of private companies that had been exposed by Anonymous hackers of my acquaintance, via email hacks, as having conspired to go after Assange, to go after WikiLeaks.”

That sort of activism, dedicated to making public secret wrongdoing, Brown argued, is very different from “colluding with an authoritarian presidential campaign backed by actual Nazis while publicly denying it.”

«

link to this extract


Russian Twitter accounts promoted Brexit ahead of EU referendum: Times newspaper • Reuters

»

The Times cited research from an upcoming paper by data scientists at Swansea University and the University of California, Berkeley, which it said showed accounts based in Russia had tweeted about Brexit in the days leading up to the June 23 vote.

The Times said most of the tweets seen by the newspaper encouraged people to vote for Brexit, although a number advocated remaining in the EU. It quoted Tho Pham, one of the paper’s authors, as saying “the main conclusion is that bots were used on purpose and had influence”.

The research tracked 156,252 Russian accounts that mentioned #Brexit, including one, Svetal1972 which posted 92 tweets between June 20 and 24, including one calling for Britain to “make June the 23rd our Independence Day”.

It said many of the messages appear to have come from automated accounts known as bots or from cyborg accounts which are heavily automated but have some human involvement.

In the June 23, 2016 referendum, 17.4 million votes, or 51.9% of votes cast, backed leaving the EU while 16.1 million votes, or 48.1% of votes cast, backed staying.

«

Did it make all the difference? Unlikely. Did it make no difference? Also unlikely. So how much difference did it make?
link to this extract


The best laptop ever made • Marco.org

Marco Arment:

»

Apple has made many great laptops, but the 15-inch Retina MacBook Pro (2012–2015) is the epitome of usefulness, elegance, practicality, and power for an overall package that still hasn’t been (and may never be) surpassed.

Introduced in 2012, less than a year after Steve Jobs died, I see it as the peak of Jobs’ vision for the Mac.

It was the debut of high-DPI Macs, starting down the long road (which we still haven’t finished) to an all-Retina lineup. And with all-SSD storage, quad-core i7 processors, and a healthy amount of RAM all standard, every configuration was fast, capable, and pleasant to use…

…I recently returned to the 2015 15-inch MacBook Pro after a year away.

Apple still sells this model, brand new, just limited to the integrated-only GPU option (which I prefer as a non-gamer for its battery, heat, and longevity advantages), but I got mine lightly used for over $1000 less.

I thought it would feel like a downgrade, or like going back in time. I feared that it would feel thick, heavy, and cumbersome. I expected it to just look impossibly old. It didn’t.

It feels as delightful as when I first got one in 2012. It’s fast, capable, and reliable. It gracefully does what I need it to do. It’s barely heavier or thicker, and I got to remove so many accessories from my travel bag that I think I’m actually coming out ahead.

It feels like a professional tool, made by people who love and need computers, at the top of their game. It’s designed for us, rather than asking us to adapt ourselves to it. It helps us perform our work, rather than adding to our workload.

This is the peak. This is the best laptop that has ever existed.

«

I’m typing this on a 2012 model. Recently got the battery replaced; Apple cleaned the whole thing. Like having a brand new machine.
link to this extract


‘Unsafe and just plain dirty’: women accuse Vice of ‘toxic’ sexual-harassment culture • Daily Beast

Brandy Zadrozny:

»

In the summer of 2015, Phoebe Barghouty was 23 years old and had a new master’s degree in journalism from Stanford—but little other experience—when she landed what most of her peers would consider a dream job: associate producer at Vice’s Los Angeles bureau.

Though her job hadn’t technically started yet, her boss, then-Editor in Chief Jason Mojica, invited her to join the team at the L.A. Press Club Awards. After accepting an award for public service in journalism, the team from Vice—including Mojica and Kaj Larsen, the bureau chief who had hired Barghouty—celebrated with drinks. By the end of the night, Barghouty says a very drunk Larsen had brought up sex (musing about his chances with a group of “black girls” at the bar), asked her for a ride home, then passed out in her car.

“I had not even started work and he was being so inappropriate,” she remembers.

Things just got weirder.

Barghouty says within her first few weeks on the job, Larsen was asking her to meet him at his home in Venice Beach. She thought it was strange, but he was her boss so she complied. As she waited outside his house, she texted a friend her location—“like how you tell a friend before a Tinder date in case you get murdered”—when a shirtless Larsen walked up and told her to come wait inside his bungalow while he took a shower.

«

Got weirder still. Or creepy. Also shows this stuff is not limited to particular industries.
link to this extract


Errata, corrigenda and ai no corrida: none notified

Start Up: the fabulist smearing Moore’s accusers, Google back on Firefox, FaceID faces its fears, and more


On Twitter, nonsense about vaccines was a harbinger of what happened in 2016. Photo by VCU CNS on Flickr. (It’s an HPV vaccination.)

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 9 links for you. Use them wisely. I’m @charlesarthur on Twitter. Observations and links welcome.

Troll smearing Roy Moore’s accuser stole dead SEAL’s identity • Daily Beast

Betsy Woodruff, Ben Collins, Spencer Ackerman and Joseph Cox:

»

Umpire43, also known as Doug Lewis or DJ Lewis, has repeatedly invented stories in the past—particularly about his own background. Lewis said he was a 22-year veteran of the Navy, a pollster at Ipsos/Reuters, an expert on rigging voting machines, a source who was feet away from Reince Preibus, a man who speaks six languages, a beleaguered soul who needed time off after 9/11 when he saw Muslims “dancing on rooftops,” the owner of a polling company who claimed Trump had a sustained lead in California, and an actual baseball umpire with 50 years experience. Oh, and he worked at the American consulate in Calgary, where he claimed to obtain proof of a forged birth certificate for Ted Cruz’s father.

The Daily Beast spoke with each of the institutions and companies at which he claimed to be affiliated or employed. None of Umpire43’s employment or service claims are true, these organizations said.

Umpire43’s now-infamous allegation that “A family friend in Alabama just told my wife that a WAPO reporter named Beth offered her 1000$ to accuse Roy Moore,” posted last week, was deleted with the rest of his Twitter account Tuesday morning.

«

Wow. This is a big takedown; that account was responsible for all sorts of lies – always pro-Trump, anti-Democrat. They were picked up by idiot conservative sites which haven’t heard of fact-checking.

That the account is gone is a hell of a thing, but it won’t stop the idiot sites, and you can guess it will pop up again soon.
link to this extract


Google pays to put search engine back on Firefox browser in US • Bloomberg

Mark Bergen:

»

In a blog post, Mozilla said Firefox’s default search engine will be Google in the US, Canada, Hong Kong and Taiwan. The agreement recalls a similar, older deal that was scuttled when Firefox and Google’s Chrome web browser became bitter rivals. Three years ago, Mozilla switched from Google to Yahoo! Inc. as the default Firefox search provider in the US after Yahoo agreed to pay more than $300m a year over five years — more than Google was willing to pay.

The new Firefox deal could boost Google’s already massive share of the web-search market. When people use Firefox, Google’s search box will be on the launch page, prompting users to type in valuable queries that Google can sell ads against. But the agreement also adds another payment that Alphabet Inc.’s Google must make to partners that send online traffic to its search engine, a worrisome cost for shareholders.

It’s unclear how much Google paid to reclaim this prized digital spot. A Google spokeswoman confirmed the deal but declined to comment further, and Mozilla didn’t disclose financial details.

«

Bet it’s less than Yahoo paid. That was a stunning overbid.
link to this extract


Loot boxes, never-ending games and always-paying players • Rolling Stone

Jared Newman:

»

Years before Bioware added loot boxes to Mass Effect 3, the model gained steam in emerging markets like China, where lower disposable income and rampant piracy of full-priced software caused the free-to-play model to flourish.

“[Players] weren’t able to buy top-end PCs, they weren’t able to afford all these $50 or $60 games, and that’s why internet cafes were huge back then, and still are, in terms of just being able to sign on and play an online game,” says Daniel Ahmad, an analyst with Niko Partners. “Piracy was also huge back in the day, and the way around that was just releasing games for free, and then putting in content that people want to buy.”

Loot boxes proved especially lucrative, emerging for instance in a massive multiplayer game called ZT Online. A 2007 story in China’s Southern Weekly describes how players could purchase treasure chests, which promised a chance to earn the game’s best gear without grinding. It also rewarded the players who purchased the most chests, setting up a system where some players flushed their money away.

“It was effectively free-to-play with gambling mechanics in there,” Ahmad says.

While free-to-play PC games flourished in Asia, similar concepts started to take root in western markets, fueled by the rise of gaming on social media sites like MySpace and Facebook, and eventually on smartphones. A VentureBeat story from early 2009 said that Zynga was making at least $50 million per year, mostly from sales of virtual goods.

«

Loot boxes are basically gambling; they should be banned for any children’s game for the under 18s. But they aren’t. (If you like games, by the way, Ahmad is a worthwhile follow on Twitter.)
link to this extract


You probably don’t need to worry about someone hacking your iPhone X’s Face ID with a mask • TechCrunch

Taylor Hatmaker:

»

Just a week after the device’s release, Vietnamese research team Bkav claims to have cracked Apple’s facial recognition system using a replica face mask that combines printed 2D images with three-dimensional features. The group has published a video demonstrating its proof of concept, but enough questions remain that no one really knows how legitimate this purported hack is.

As shown in the video below, Bkav claims to have pulled this off using a consumer-level 3D printer, a hand-sculpted nose, normal 2D printing and a custom skin surface designed to trick the system, all for a total cost of US$150.

For its part, in speaking with TechCrunch, Apple appears to be pretty skeptical of the purported hack. Bkav has yet to respond to our questions, including why, if its efforts are legitimate, the group has not shared its research with Apple (we’ll update this story if and when we hear back). There are at least a few ways the video could have been faked, the most obvious of which would be to just train Face ID on the mask itself before presenting it with the actual face likeness. And it’s not like Apple never considered that hackers might try this methodology.

«

So people who are famous enough to feature in Madame Tussauds should worry? This is pretty daft. 3D printers and hand-sculpted noses. This is Mission Impossible territory.
link to this extract


Datasette: instantly create and publish an API for your SQLite databases • Simon Willison

»

I just shipped the first public version of datasette, a new tool for creating and publishing JSON APIs for SQLite databases.

You can try out out right now at fivethirtyeight.datasettes.com, where you can explore SQLite databases I built from Creative Commons licensed CSV files published by FiveThirtyEight. Or you can check out parlgov.datasettes.com, derived from the parlgov.org database of world political parties which illustrates some advanced features such as SQLite views.

«

Read-only, so people can’t hack into your system. Willison is very smart – in 2009 he was in charge of the systems crowdsourcing MPs’ expenses at The Guardian, and made it happen in lightning time.
link to this extract


Liberal arts and tech • Tech.pinions

Bob O’Donnell (who is a “liberal arts” graduate):

»

while no two liberal arts programs are the same, the one consistent thread across them is that they teach people to think critically, ask these essential why questions, and work through the implications and longer-term impact of ideas and concepts, particularly as they relate to people. Applying these kinds of human-centric principles to tech could make a profoundly important impact.

Consider, for example, where social media has brought us as a society. From a scientific and programming perspective, it’s clearly impressive to be able to not only link billions of people around the world and let them communicate with one another, but to use advanced computer science to create algorithms that can continuously feed each one of us with the kind of information that specifically interests each one of us (in theory, at least).

However, a liberal arts major familiar with works like Alexis de Tocqueville’s “Democracy in America,” John Mill’s “On Liberty” essay, or even the work of ancient Greek historians, might have been able to recognize much sooner the potential for the “tyranny of the majority” or other disconcerting sociological phenomena that are embedded into the very nature of today’s social media platforms. While seemingly democratic at a superficial level, a system in which the lack of structure means that all voices carry equal weight, and yet popularity, not experience or intelligence, actually drives influence, is clearly in need of more refinement and thought than it was first given.

Beyond these more philosophical debates, there are an increasing number of very practical concerns around the ethical application of technology in fields ranging from medicine to transportation to basic data analysis. Toss in the mind-numbing array of questions that arise from technologies like artificial intelligence (AI) and machine learning, and it’s clear that there’s a lot more discussion that needs to happen around how technologies get applied, rather than just how to build them.

«

link to this extract


June 2015: anti-vaxxers are using Twitter to manipulate a vaccine bill • WIRED

Renee DiResta and Gilad Lotan, writing in June 2015:

»

As early as Tuesday, the California State Assembly will vote on SB-277, a law that would ban the so-called personal belief exemption. School boards, medical associations, and community leaders support the law.

But a small group of vocal anti-vaxxers is fighting hard to keep it from passing. This group, which leverages the power of social media, has launched a full-scale attack on the bill as it travels through the legislature. Each day, leaders craft tweets and instruct followers to disseminate them. Several senators who voted in favor of the California legislation have found themselves receiving extensive attention from the group—one, Senator Hannah Beth Jackson, has been @-mentioned (often unfavorably) in a particular Twitter hashtag more than 2,000 times since casting her vote in favor of the legislation.

This anti-vax activity might seem like low-stakes, juvenile propaganda. But social networking has the potential to significantly impact public perception of events—and the power to influence opinions increasingly lies with those who can most widely and effectively disseminate a message. One small, vocal group can have a disproportionate impact on public sentiment and legislation. Welcome to “Anti-Vax Twitter.”

«

A harbinger, of course, for what would come in the future. One wonders now whether this was all ways to test how propaganda efforts might work on social media, or whether it was just spontaneous, led by idiots.
link to this extract


How the iPhone earned its security record • FT

Tim Bradshaw:

»

Apple’s security team, led by Ivan Krstić, has won increasing respect from researchers in the field over the past few years. Typically, as the volume and variety of a company’s devices on the market increases, the security can often deteriorate. With Apple, even after more than 1.2bn iPhones have been sold over 10 years, its security has been improving. 

iPhones and iPads “are legitimately the most secure phones and tablets out there”, says Rich Mogull, chief executive of Securosis, an independent security research and advisory firm. “I don’t know if I can put a timeline on when Apple’s culture changed, but it did,” he says. “They take security and privacy very seriously now and they are getting a little better with every release of hardware and software.”

One key ingredient is the Secure Enclave, an encrypted “coprocessor” in the iPhone’s A-series chips that was first introduced with the iPhone 5s in 2013. 

This was the “underpinning for a significant step forward in their security model”, says Pepijn Bruienne, research and development engineer at Duo Security. “They can embed the security architecture in at the silicon layer.”

…As well as requiring every new app submitted to the store to be reviewed by Apple’s staff before consumers are allowed to download it, the iOS operating system is much more restrictive than Google’s rival, Android, in what apps are able to do. 

“The app can’t just go on your phone and start requesting access to your location or contacts” without the user granting their permission, says Andrew Blaich, a researcher at mobile security specialist Lookout. There are also restrictions on reading text messages, overlaying ads and running in the background. “Apple have insulated themselves from a lot of the common attacks that we see on the Android platform day to day,” he says. 

As a result, in the fourth quarter of 2016 and first quarter of 2017, 47 in 1,000 of Android enterprise devices protected by Lookout encountered app-based threats, compared with only 1 in 1,000 iOS devices. 

«

link to this extract


Apple supplier eyes smart speakers with facial recognition • Nikkei Asian Review

Cheng Ting-Fang:

»

Apple HomePod maker Inventec Appliances said on Friday that it expects future voice assistant products to offer 3-D sensing features, including facial and image recognition.

“We see trends that engineers are designing smart speakers that will not only come with voice recognition but also incorporate features such as facial and image recognition,” President David Ho told reporters after the company’s earnings conference. “Such AI-related features are set to make people’s lives more convenient and to make the product easier to use.” He added, however, that he was unsure at the moment whether smart speakers with more AI features in the future would become a hit in the market.

Ho did not specify which product he was talking about, but analysts said he is likely referring to the next generation of Apple’s HomePod, the $349 voice-activated speaker that will compete with Amazon Echo and Google Home.

Inventec Appliances, a subsidiary of Taiwanese electronic contract manufacturer Inventec, currently monopolizes orders for the HomePod as well as AirPods, Apple’s wireless earbuds, according to analysts. It also makes smartphones for China-based Xiaomi, wearable products for America’s Fitbit and smart speakers for US-based Sonos and others.

Jeff Pu, an analyst at Yuanta Investment Consulting, said Apple could roll out HomePods with 3D-sensing cameras in 2019.

«

It’s nice to see the conception of bullshit rumours set out in so few paragraphs. Man speculates about the possibility of face and image recognition in “smart home assistants”. (Amazon already does this, by the way, in the Amazon Show.) Analyst suggests Apple could do it. Rumours take wing that next HomePod will do FaceID.

Nonsense on stilts which never asks quite how FaceID on a HomePod would (a) work (b) be useful.
link to this extract


Errata, corrigenda and ai no corrida: none notified

Start Up: the Android view of iPhone X (and bigger?), Facebook’s fake profile business, is Huawei stiffing Qualcomm?, and more


Let the machines do the translation. We might benefit. Or not. Photo by earlynovelsdatabase on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 12 links for you. Use them wisely. I’m @charlesarthur on Twitter. Observations and links welcome.

iPhone X: the Android Central review • Android Central

Daniel Bader really likes FaceID (Samsung’s versions don’t come close, he shows), but finds much of the rest in the hardware side a wash. But then you come to responsiveness – iOS is way ahead, he says – and apps:

»

I want to believe, now that we’re in 2017 and not 2012, that developers care as deeply about feature parity on Android, but they don’t: the best indie apps still don’t come to Android (although one can argue, and I’d agree in some cases, that the indie app scene is extremely vibrant on Android — just in a way that doesn’t make them much money); games arrive months late, if at all; and beloved products, especially camera-based networks like Instagram and Snapchat, lack specific features or optimizations that drive me crazy.

My banking app, for instance, brought Touch ID (and, thanks to transferrable APIs, Face ID) support to its iOS app two years ago; the Android version forces me to enter my password like a chump every time. My favorite writing app, Bear, has no intention of building an Android version, and my formerly favorite meal-planning app, Grocery King, hasn’t updated its Android app in over two years.

Of course, given that I spent the vast majority of my year with Android, I have come up with viable cross-platform alternatives — Google Docs is pretty good, and Mealime is great, too — but it still feels like Android apps play second fiddle to their iOS counterparts…

«

But he finds things he still prefers on Android:

»

…After spending any length of time with iOS, a few things really stand out to me: notifications are still much better on Android; the typing experience is more enjoyable on Android; using Android is much more flexible; and the variety of Android hardware is breathtaking.

Notifications are among the most critical details in any operating system today, and Android nailed it years ago and only continues to get better with every iteration. Google’s lead in this regard is so absolute it might as well as insurmountable. In contrast, I loathe dealing with notifications on the iPhone.

«

(Thanks Papanic for the pointer.)
link to this extract


KGI: Apple to launch 6.5in ‘iPhone X Plus’ and lower-priced 6.1in full-screen LCD model next year • Mac Rumors

Joe Rossignol:

»

Apple will launch a trio of new iPhone models in 2018, including 5.8-inch and 6.5-inch models with OLED displays and a 6.1-inch model with an LCD display, according to respected KGI Securities analyst Ming-Chi Kuo.

Kuo believes all three models will be equipped with a full-screen notched design and TrueDepth camera system like the iPhone X.

Kuo expects the 5.8-inch model to have 458 pixels per inch, suggesting the second-generation iPhone X’s display will likely continue to have a resolution of 1,125×2,436. He said the 6.5-inch model will have roughly 480 to 500 PPI, while the 6.1-inch model is estimated to have between 320 and 330 PPI.

In his latest research note, obtained by MacRumors, Kuo said the 6.1-inch model will have a lower-resolution LCD display and target the low-end and mid-range markets with an estimated $649 to $749 starting price in the United States.

«

So the tweener model is the LCD? One assumes the smaller SE will live on. Apple’s in no hurry to phase out LCD: the screens are way cheaper, with a better profit margin for it.

(Also, one notes that the rumour mill is well underway when most people haven’t decided about buying this year’s model. This is the point in the year when Apple is locking down designs for next year, so Kuo may be optimistic here.)
link to this extract


Inside the fake Facebook profile industry • Radio-Canada.ca

Jeff Yates:

»

There’s more than one way to lie in order to achieve success on social media. I’ve been covering fake news and online disinformation for three years now, and I thought I’d seen it all. But a Facebook profile by the name of Béatrice Boistard really gave me pause.

She was gorgeous, she was mysterious and she had created an online audience of several hundred thousand followers. The thing is, she also stole the identities of handicapped or sick people to get it.

So began the strangest investigation of my career, which catapulted me into the kaleidoscopic world of fake Facebook profiles, where nothing is real.

I first got acquainted with Béatrice’s profile in February 2016. She would regularly share pictures of amputated or bald people, asking her followers to write “amen” in the comments section. Why? Because “no one loves me since I got cancer”, or “my husband left me because I lost my legs.”

These posts invariably got thousands of likes, comments and shares on Facebook. It’s no surprise, then, that Béatrice’s page has over 671,000 followers. That’s significantly more than major Canadian news outlets such as the National Post and the Toronto Star and almost as many as the Globe and Mail…

…Surely, this must be about money, I thought. In fact, certain posts within the network send links to fraudulent websites, where you are asked to enter your credit card information. But I also believed that these fake accounts were used in sextortion schemes. The report by Corde sensible confirmed this.

This all suggests that this massive network is used primarily to attract men online and send them careening towards different fraudulent schemes. But by analyzing the network, I was able to determine that different accounts play different roles. All of them co-operate to create a huge trap that filters potential victims in order to find the most vulnerable targets.

«

This gets very weird. But it’s a rewarding read.
link to this extract


She warned of ‘peer-to-peer misinformation’; Congress listened • The New York Times

Sheera Frankel:

»

“We were monitoring closely to see when the [social media] companies gave misleading or partial answers [to the US Congress] so that we could follow up,” said Renee DiResta, 36, who became immersed in disinformation campaigns in her spare time outside of her job as a founder and head of marketing at Haven, a shipping technology company.

How a small group of self-made experts came to advise Congress on disinformation campaigns is a testament to just how long tech companies have failed to find a solution to the problem. For years, the informal group — about a dozen or so people — have meticulously logged data and published reports on how easy it was to manipulate social media platforms.

In 2016, they monitored thousands of Twitter accounts that suddenly started using bots, or automated accounts, to spread salacious stories about the Clinton family. They watched as multiple Facebook pages, appearing out of nowhere, organized to simultaneously create anti-immigrant events. Nearly all of those watching were hobbyists, logging countless hours outside their day jobs.

“When I put it all together and started mapping it out, I saw how big the scale of it was,” said Jonathan Albright, who met Ms. DiResta through Twitter. Mr. Albright published a widely read report that mapped, for the first time, connections between conservative sites putting out fake news. He did the research as a “second job” outside his position as research director at the Tow Center for Digital Journalism at Columbia University.

Senate and House staff members, who knew of Ms. DiResta’s expertise through her public reports and her previous work advising the Obama administration on disinformation campaigns, had contacted her and others to help them prepare for the hearings.

«

Diresta and Albright are two people to really watch: their outputs on this topic are always useful.
link to this extract


Missouri Attorney-general Josh Hawley launches investigation of Google • The Kansas City Star

»

Missouri Attorney General Josh Hawley’s office on Monday issued a subpoena to Google as part of an investigation into whether the tech giant is violating Missouri’s consumer protection and anti-trust laws.

The investigation delves into Google’s collection of data on users and whether Google, the world’s most popular search engine, has manipulated search results at the expense of competitors, according to a release from Hawley’s office.

“When a company has access to as much consumer information as Google does, it’s my duty to ensure they are using it appropriately,” said Hawley, a Republican who is mounting a campaign for U.S. Senate. “I will not let Missouri consumers and businesses be exploited by industry giants.”

Patrick Lenihan, Google’s spokesman, said in an email that the company has not yet received the subpoena. Lenihan said Google has “strong privacy protections in place for our users and continue to operate in a highly competitive and dynamic environment.”

«

He’s also looking at whether Google “misappopriated content from competitors”. The FTC looked into all this back in 2010 and dropped the case. I wonder how much Hawley fits into the Bannonite wing of the party, given that the latter wants Google declared a utility. But quite why he thinks it would be an electoral asset to run a campaign against a search engine that pretty much everyone uses is hard to know.
link to this extract


The offline solution to online hate • Demos Quarterly

Jamie Bartlett:

»

Social media platforms are right to get rid of content that’s illegal when they are informed about it – and perhaps they could streamline it a little more. But they cannot reasonably be expected to find every case of hate crime, nor proactively seek it all out. And there are some sorts of hateful content that do deserve the full weight of the law. But the truth is neither law nor tech will rid us of the problem.

Both of these approaches are in some sense lazy: a superficial effort to deal with a human problem through technocratic means. The only answer is a long-term, hard slog: the task of teaching society to be decent. The task of educating young people about the responsibilities of life online and what it’s like to get bullied. The task of parents raising their children to understand the value of civility – or in some cases, children teaching their parents.

After all, if offline and online crime is the same, perhaps the root causes are similar too: decades of research has found that anti-social behaviour offline is driven by complicated and overlapping causes, including poor parental supervision, low school achievement, anti-social parents, low family income, antisocial peers. In other words, deep rooted social problems that are far more complex than even the most sophisticated algorithm or CPS guidelines could ever fix. Until we deal with any of these issues, online bullying, hate and cruelty will continue to exist, and even the best intentioned law or tech-led approach will not solve it.

«

This feels a bit like “solve society, because social networks are fine”. That’s not exactly what he’s saying, but it does matter that social networks as presently set up try to generate feedback loops in behaviour; they don’t care what behaviour as long as there’s more of it, on their platform, where they can show ads in the meantime. (I know Jamie a little, from having shared a platform; he’s very knowledgeable and experienced on deep dark web stuff and what people get up to online.)
link to this extract


Android camp reportedly seeking to renegotiate royalties with Qualcomm • Digitimes

Cage Chao and Steve Shen:

»

The Android camp could follow the steps of Apple to temporarily suspend royalty payments to Qualcomm aiming to force the US-based chip vendors back to the negotiating table to work out “fairer” royalty schemes, according to industry sources.

In fact, Qualcomm revealed at its latest investors conference that a China-based smartphone brand has already discontinued royalty payments for the use of Qualcomm’s patented technologies. Qualcommm did not identify the China client, but it is believed it is Huawei as the vendor, according to the sources.

With Huawei’s smartphone shipments reaching about 150m units a year and with an ASP of US$300, Hauwei’s royalty payments could account for 5-10% of Qualcomm’s annual royalty income, the source noted.

Leveraging on its own base station technology and many related patents, Huawei has the bargianing chip to suspend payments to Qualcomm, the sources added.

Meanwhile, Samsung, possessing a wide range of mobile technologies and patents of its own, could also suspend its payments to Qualcomm, the sources said.

«

If Huawei and Samsung suspended payments, Qualcomm would be in big trouble. That would be the three largest smartphone makers, all in dispute with it.

Also: quite a burial of the lede, as they say. Huawei has stopped paying Qualcomm?! Huge if true.
link to this extract


Qualcomm rejects Broadcom’s takeover bid • WSJ

Ted Greenwald:

»

Qualcomm rejected Broadcom Ltd.’s unsolicited $105 billion offer, setting up a potentially hostile showdown between two giants of the chip industry over what would be the biggest technology takeover ever.

A combination of the two would create a huge company whose chips manage communications for consumer devices and appliances, phone-service providers and data centers.

In a statement Monday, Qualcomm’s board said the offer, which Broadcom submitted last week, dramatically undervalues the company and comes with significant regulatory uncertainty.

Broadcom said Monday it remains committed to the deal. “We continue to believe our proposal represents the most attractive, value-enhancing alternative available to Qualcomm stockholders,” Broadcom CEO Hock Tan said in a prepared statement.

«

Wonder how the Huawei/Apple/Samsung stuff feeds into this. Though generally, the feeling in the industry is that this would be a bad transaction. Qualcomm’s better off on its own.
link to this extract


Finding the right color palettes for data visualizations • Graphiq

Samantha Zhang:

»

Rather than diving in head first and creating our own color palette, we started by conducting some research on existing color palettes around the web. Surprisingly, we found that few are actually designed for complex charts and data visualizations. We identified several reasons as to why we couldn’t use existing color palettes:

Problem 1: Low Accessibility

Many of the color palettes we looked at were not designed for visualizations. Not only do they not vary enough in brightness, but they were often not created with accessibility in mind. Flat UI Colors is one of the most widely used color palettes out there, and it’s easy to see why: it looks great. But, as its name indicates, it’s designed for user interfaces. Those who are color blind may find it difficult to interpret a data visualization that uses the Flat UI palette:

«

Useful. I struggle to find good palettes for graph colours with the knowledge that colour-blind people will also want to look at them. (Via Sophie Warnes’s Fair Warning newsletter.)
link to this extract


Google will remove Play Store apps that use Accessibility Services for anything except helping disabled users • Android Police

Corbin Davenport:

»

For years, Android has allowed apps to modify the behavior of other applications, using Accessibility Services. While the intended purpose is for developers to create apps for users with disabilities, the API is often used for other functionality (to overlay content, fill in text fields, etc.). LastPass, Universal Copy, Clipboard Actions, Cerberus, Tasker, and Network Monitor Mini are just a few examples of applications heavily using this API.

While Accessibility Services can greatly extend the functionality of applications, they can potentially create a security risk. Once granted the right permissions, the API can be used to read data from other apps. Likely for this reason, Google has sent emails to app developers regarding the usage of Accessibility Services. The developer of BatterySaver received this message [telling him to explain to users how it was using Accessibility Services to help users with disabilities, on pain of removal from the Play Store]…

…Several other developers have told us they received this email, and there is a Reddit thread full of additional reports. This means many apps will have to severely degrade their functionality if they wish to remain on the Play Store, unless they can convince Google that users with disabilities benefit from them. Some applications, like LastPass, entirely rely on this API and can’t function without it.

«

Closing a security loophole, but could be a problem for apps like LastPass.
link to this extract


Software 2.0 • Medium

Andrej Karpathy on how data-taught self-coding networks will write software of the future:

»

Software 2.0 is not going to replace 1.0 (indeed, a large amount of 1.0 infrastructure is needed for training and inference to “compile” 2.0 code), but it is going to take over increasingly large portions of what Software 1.0 is responsible for today. Let’s examine some examples of the ongoing transition to make this more concrete:

Visual Recognition used to consist of engineered features with a bit of machine learning sprinkled on top at the end (e.g., SVM). Since then, we developed the machinery to discover much more powerful image analysis programs (in the family of ConvNet architectures), and more recently we’ve begun searching over architectures.

Speech recognition used to involve a lot of preprocessing, gaussian mixture models and hidden markov models, but today consist almost entirely of neural net stuff.

Speech synthesis has historically been approached with various stitching mechanisms, but today the state of the art models are large convnets (e.g. WaveNet) that produce raw audio signal outputs.

Machine Translation has usually been approaches with phrase-based statistical techniques, but neural networks are quickly becoming dominant. My favorite architectures are trained in the multilingual setting, where a single model translates from any source language to any target language, and in weakly supervised (or entirely unsupervised) settings.

Robotics has a long tradition of breaking down the problem into blocks of sensing, pose estimation, planning, control, uncertainty modeling etc., using explicit representations and algorithms over intermediate representations. We’re not quite there yet, but research at UC Berkeley and Google hint at the fact that Software 2.0 may be able to do a much better job of representing all of this code.

Games: Go playing programs have existed for a long while, but AlphaGo Zero (a ConvNet that looks at the raw state of the board and plays a move) has now become by far the strongest player of the game. I expect we’re going to see very similar results in other areas, e.g. DOTA 2, or StarCraft.

«

link to this extract


Fujitsu offloads PC division in joint venture with Lenovo • Canalys

Fujitsu is selling a 51% share in its PC division to Lenovo for US$224m, and another 5% to Development Bank of Japan for $22m:

»

Fujitsu insists it is not quitting the PC market, but instead sees this partnership as a way to strengthen its competitive position against larger rivals. With a focus on enterprise PCs only (apart from in Japan), Fujitsu’s global PC market share, excluding tablets, has fallen from around 1.9% in 2013 to 1.3% in 2016. The primary benefit for Fujitsu is the combined purchasing power that Lenovo brings with Intel, Microsoft and other component vendors, which will bring substantial pricing advantages.

For Lenovo, the attraction is different. Fujitsu brings some size benefits – combining Q2 shipment volumes would have given Lenovo a 21% market share (excluding tablets). But the real appeal lies in Fujitsu’s sizeable consumer business in Japan. Lenovo is already Japan’s PC leader through its joint venture with NEC, so adding Fujitsu significantly extends its leadership (assuming no objections from competition authorities) as Japan’s PC market struggles with growth. Fujitsu’s notebook manufacturing and R+D operations in Japan will move into the joint venture, improving efficiencies for Lenovo, which the company hopes will boost profitability. Unlike in the rest of the world, FCCL will own the sales and support organization and go-to-market operation in Japan. This means it will be responsible for large retail relationships and direct sales in Japan.

«

Fujitsu will still make servers and storage. But what a capitulation. It values the whole PC business at $439m; given that it’s probably loss-making, that will be “going concern” pricing.

link to this extract


Errata, corrigenda and ai no corrida: none notified