Start up: evaluating ebooks, EU’s tax quiz, no more Here on Windows, two cameras on iPhone 7?, and more

Posted on March 16, 2016 by charlesarthur

Hey, what if you put them in the back? Wouldn’t that get readership up? Photo by San Antonio Food Bank on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 11 links for you. Use them wisely. I’m charlesarthur on Twitter. Observations and links welcome.

Moneyball for book publishers, for a detailed look at how we read » The New York Times

Alexandra Alter and Karl Russell:

»Andrew Rhomberg wants to be the Billy Beane of the book world.

Mr. Beane used analytics to transform baseball, famously recounted in “Moneyball,” a book by Michael Lewis. Now Mr. Rhomberg wants to use data about people’s reading habits to radically reshape how publishers acquire, edit and market books.

“We still know almost nothing about readers, especially in trade publishing,” said Mr. Rhomberg, the founder of Jellybooks, a reader analytics company based in London.

While e-books retailers like Amazon, Apple and Barnes & Noble can collect troves of data on their customers’ reading behavior, publishers and writers are still in the dark about what actually happens when readers pick up a book. Do most people devour it in a single sitting, or do half of readers give up after Chapter 2? Are women over 50 more likely to finish the book than young men? Which passages do they highlight, and which do they skip?

Mr. Rhomberg’s company is offering publishers the tantalizing prospect of peering over readers’ shoulders. Jellybooks tracks reading behavior the same way Netflix knows what shows you binge-watch and Spotify knows what songs you skip…

…On average, fewer than half of the books tested were finished by a majority of readers. Most readers typically give up on a book in the early chapters. Women tend to quit after 50 to 100 pages, men after 30 to 50. Only 5% of the books Jellybooks tested were completed by more than 75% of readers. Sixty percent of books fell into a range where 25% to 50% of test readers finished them. Business books have surprisingly low completion rates.

«

link to this extract

Amazon comments on “table of contents” crackdown, inadvertently confirms Kindle Unlimited page count scam » The Digital Reader

Nate Hoffelder:

»As David Gaughran explained, and as was laid out in detail over on KBoards, scammers were using tricks “such as adding unnecessary or confusing hyperlinks, misplacing the TOC, or adding distracting content” to artificially inflate the number of pages read by Kindle Unlimited subscribers.

This statistic matters because in July of last year Amazon started paying authors and publishers with ebooks in Kindle Unlimited by the number of pages read, rather than the number of times an ebook is borrowed. This was generally viewed as a response to authors who were cheating the system by uploading really short works and getting paid each time one was borrowed, and it was supposed to level the playing field by making sure that longer works are valued the same as a short story.

That’s the way things were supposed to work, but alas, the scammers are smarter than that.

«

They always are.
link to this extract

Apple, McDonald’s, Google and IKEA to face EU lawmakers over tax deals » Reuters

Foo Yun Chee:

»Apple, Google, McDonald’s and IKEA will be asked about their European tax deals on Wednesday as EU lawmakers ratchet up the pressure on multinationals to pay more tax on their profits locally.

The hearing, organized by the European Parliament’s tax committee, follows a similar event in November last year when Anheuser-Busch InBev, HSBC, Google and eight other companies were quizzed on the same subject.

While the committee has no power to order changes, the hearing reflects the political concerns over multinationals avoiding local tax liabilities.

«

link to this extract

Schell: Nintendo probably working on VR gaming device » GamesIndustry.biz

James Brightman:

»Here’s a quick overview of [Carnegie Mellon professor and game designer Jesse Schell’s] predictions:

1. This isn’t some fad, it’s going to stay. VR headsets in the market permanently starting this year.

2. By the end of 2017, 8m gamer headsets (meaning console/PC) will be sold. Schell adds it up as follows: 4m PlayStation VR headsets, 3m Oculus Rifts, and 1m Vives.

3. Schell said that “it’s like all of us have entered into a great conspiracy to bore gamers to death” and they are ready to buy new stuff. In general, there will be four mobile headsets for each gamer headset, he said.

4. Headset sales are going to double each year until saturation is reached, so by 2022 there will be 512m gamer headsets and 2bn mobile VR headsets.

«

Note that the HTC Vive won’t be setting the world on fire. And some people think that those are ambitious forecasts.
link to this extract

Here Maps drops support for Windows Phone and Windows 10 » The Verge

Tom Warren:

»[Nokia-owned] Here is announcing today that it plans to pull its mapping apps for Windows 10 on March 29th, and “will limit the development of the apps for Windows Phone 8 to critical bug fixes.” If you own one of the latest Lumia 950 handsets then Here maps will stop working after June 30th. If you’re still on a Windows Phone 8.1 device then Here maps will keep working, unless you upgrade to Windows 10 Mobile once it’s available in the coming weeks.

“We made the Here apps compatible with Windows 10 by using a workaround that will no longer be effective after June 30, 2016,” explains Here spokesperson Pino Bonetti. “To continue offering the HERE apps for Windows 10 would require us to redevelop the apps from the ground up, a scenario that led to the business decision to remove our apps from the Windows 10 store.”

Here is the latest in a line of high-profile apps that have started disappearing from Microsoft’s Windows Phone store. American Airlines, Chase Bank, Bank of America, NBC, Pinterest, and Kabam have all discontinued their Windows Phone apps in the past year. These huge apps have simply disappeared or will no longer be updated.

«

I remember when people were telling me here that Windows 10’s compatibility mode would solve everything in mobile, especially the app gap.
link to this extract

Explaining the struggles of Apple Pay and mobile payments » Tech-Thoughts

Sameer Singh:

»From the perspective of mainstream consumers, mobile payments are no more “mobile” than a credit card or cash. Security and privacy have never been a draw except for a vocal minority. The only benefit left is transaction processing time or “convenience”. Last year, most early adopters (and some analysts) argued that mobile payments were so much more convenient than existing payment solutions that it was only a matter of time until adoption exploded. Except, it hasn’t. And the longer you think about it, the more superficial this “convenience” argument seems.

If a “normal” iPhone user has to make a trip to the closest big box retailer, say Walmart, would Apple Pay improve his experience? Does saving ten seconds at the checkout counter matter when he has to wait ten minutes for his groceries to be scanned and bagged anyway? Even if the wait is a few minutes for other types of in-store purchases, the added convenience is minimal. At the very least, it isn’t enough of an experience boost to change the deeply-ingrained habit of pulling out a credit card. Now, if the credit card itself could save a few seconds, it would be actively utilized. And that’s a selling point for contactless payments, not for mobile payments.

«

True, but that’s only applicable in the US (where the survey comes from), where amazingly insecure but fast-to-use credit cards have been in use for decades; in Europe chip-and-PIN has been in use for much longer. Singh points out that in-app purchases are a better use, but I’d love to know how much Apple Pay is used for travel in London, where it’s accepted on the underground.
link to this extract

Egypt’s dirty wheat problem » Reuters

Eric Knecht, with an excellent investigation:

»President Abdel Fattah al-Sisi has made ending corruption – including graft in the wheat industry – one of his government’s priorities. In 2014, his government rolled out a system of smart cards designed to stop unscrupulous bakeries selling government-subsidised flour on the black market.

Cairo says the system has been a big success, saving millions of dollars in bread subsidies, reducing imports, and ending shortages that once prompted long queues outside bakeries across the country. Supplies Minister Khaled Hanafi told Egyptian reporters in late 2014 that roughly 50 percent of the country’s flour supply was stolen. In December last year he told Reuters that the new system had saved more than 6 billion Egyptian pounds ($766 million) worth of flour.

But industry officials, traders and bakers say those reforms have failed – and even made abuse of the system worse.

Eight sources in the wheat industry said the smart card system could be hacked, allowing some bakers to falsify receipts and request far more subsidised flour than they officially sold. Instead of reducing the amount of flour the state paid for, the critics said, the smart card system actually increased it. That triggered a wave of fraud higher up the supply chain that the sources say cost the country hundreds of millions of dollars last year.

«

Bread (or the lack of it) was one of the principal causes of the Arab spring, in Egypt and elsewhere. So this matters.
link to this extract

Google faces challenges in encrypting Android phones » WSJ

Jack Nicas:

»“There is a push and pull with what Google wants to mandate and what the [manufacturers] are going to do,” said Andrew Blaich, lead security analyst at Bluebox Security Inc., which helps secure mobile apps. In some ways, Google is “at the mercy of the larger (manufacturers) like Samsung and LG that are driving the ecosystem.”

When phones aren’t encrypted, law enforcement can more easily view their contents. Authorities use specialized software to crack passcodes on locked—but unencrypted—Android devices in about an hour, said an investigator for France’s Gendarmerie Nationale.

The Manhattan district attorney said in November that investigators can bypass passcodes on some older Android devices, while Google can remotely reset passcodes on others. His office said encryption “will make it impossible for Google to…assist with device data extraction.”

Google said it complied with 63% of 65,500 government requests for user data in the 12 months ending in June 2015.

«

link to this extract

Apple iPhone 7 Plus dual camera module leak suggests advanced AR and 3D scanning capabilities » Pocket-lint

Luke Edwards:

»Sources of Pocket Now based in Taiwan have leaked the dual-lens camera module that they claim will appear in the iPhone 7 Plus. There is no word on it being in the standard iPhone 7 though. The source claims that the camera will be a first for the way it works.
The dual-camera will shoot one 12-megapixel standard focal length photo while the other lens will shoot a 12-megapixel shot in telephoto with up to three times zoom. That helps to explain the varying lens sizes shown in the module.

Apple recently bought Israeli start-up LinX which specialises in gathering camera depth information. This can allow for tricks like removing the subject from the background by gauging depth. It could conceivably also allow the phone the ability to scan real world objects into a virtual representation, or help to offer better depth for augmented reality applications.

«

Set a baseline, build on it. Suggests built-in VR/AR capabilities would be about three years out.
link to this extract

Radio Times: 6,000 readers’ views on BBC ignored by government » The Guardian

John Plunkett:

»The government has rebuffed a request to reopen its consultation into the future of the BBC after the Radio Times claimed 6,000 of its readers’ responses had been ignored.

The magazine said the government had never asked for the password to open an encrypted memory stick on which the responses were sent.

The culture secretary, John Whittingdale, said earlier this month that “every response we received matters. Every response we received has been read”, but the Radio Times said it had “serious concerns” that the “important voice” of its readers on the future of the BBC had been ignored.

Radio Times editor Ben Preston, writing under the headline “A broken promise”, in the new issue of the Radio Times published on Tuesday, said: “Is this shameful mess the result of a conspiracy or a cock-up? Or both?”

«

A very neat way to expose lying by the government. But this sort of action by Whittingdale’s dogma-crazed team is exactly what leads to people first becoming indifferent to politicians (“it won’t make any difference”), and then angry when it’s about something that does affect them. And then you get Donald Trump. (Don’t think the anger exposed by Trump will go away if he doesn’t win. It will continue boiling underneath.)

That’s why Whittingdale should apologise, admit the error, and read the submissions. He should also have a TV tuned to any of the main American networks on in a corner of his office, so he discovers what life without the BBC, and with a million adverts per hour, is like.
link to this extract

The snooper’s charter is flying through parliament. Don’t think it’s irrelevant to you » The Guardian

Scarlet Kim:

»Should the British bill pass in its current form, the UK government will have the power to force Apple and other technology companies to undermine the security of their products and services. The bill permits the agencies to hack – the government calls this “equipment interference” – to obtain “communications” or “any other information”, including through surveillance techniques, such as remotely “monitoring, observing or listening to a person’s communications or other activities”.

The bill authorises agencies to compel “telecommunications providers” to assist them in effecting a hacking warrant, unless “not reasonably practicable”. Apple has pointed out that the term “telecommunications provider” is so broadly defined as to expand the government’s “reach beyond UK borders to … any service provider with a connection to UK customers”. Apple and other technology companies have spoken against many provisions of the investigatory powers bill. In particular, they have noted that the bill “seems to threaten to extend responsibility for hacking from government to the private sector” and rejected “any proposals that would require companies to deliberately weaken the security of their products”.

«

And yet it is just barrelling through Parliament, without any reflection. The result is obvious – Apple will build a phone that even it cannot hack. (Software updates are something the user has to agree to.)
link to this extract

Errata, corrigenda and ai no corrida:

Start up: USB-C in brief, understanding CES, jobs that vanished (in pictures), Apple Pay’s next step, and more

Posted on January 12, 2015 by charlesarthur

There was a time when these were new and “USB” was too. Photo by raneko on Flickr.

A selection of 9 links for you. Test on non-visible part of material. I’m charlesarthur on Twitter. Observations and links welcome.

Reversible USB Type-C finally on its way, alongside USB 3.1’s 10Gbit performance » ExtremeTech

The near-universal frustration over attempts to connect USB devices to computers has been a staple of nerd humor and lampooned in various ways until Intel finally found a way to take the joke quantum.

USB Type-C promises to solve this problem with a universal connector that’s also capableof twice the theoretical throughput of USB 3.0 and can provide far more power. Type-C connectors will not be the only type of connector that’s produced, but apparently hybrid cabling won’t be allowed. There will be USB 3.1 cables that are backwards compatible with existing USB 3.0 ports, but no Type-C adapters with conventional USB at one end and the new connector at the other.

Can carry 100W and can also act as a DisplayPort connector. But is it chainable, like FireWire? Still, lots of opportunities for the cable industry to sell us new USB cables.. in time.

Anonymous claims first victim in ‘Operation Charlie Hebdo’ » Mashable

The group claimed on Saturday to have hacked the website ansar-alhaqq.net on Saturday afternoon. In 2013, French newspapers described it as a French jihadist website.

Ansar-alhaqq.net was down for more than an hour after Anonymous’ announcement, but had returned online at the time of this writing.

It’s unclear how the hackers were able to take down the site, but Anonymous’ usual weapon of choice is a cyberattack known as Distributed Denial of Service (DDoS), which consists of flooding a website with traffic. This kind of attack is not particularly sophisticated, and there are even off-the-shelf tools that allow almost anyone to mount something similar, according to security experts.

Amorphous group attacks amorphous group. Bound to go well and produce a clear outcome.

CES: ingredients not just products » Learning by Shipping

Steve Sinofsky (you know, the used-to-be-at-Microsoft-running-Windows guy):

CES is best viewed not as a display of new products to run out and buy but as a display of ingredients for future products. It is great to go to CES and see the latest TVs, displays, or in-car systems. By and large there is little news in these in-market products and categories. It is also great to see the forward-looking vision presentations from the big companies. Similarly, these are good directionally but often don’t represent what you can act on reliably.

Taking an ingredients view, one (along with 140,000 others) can look across the over 2 million feet of 3,600 exhibitors for where things are heading (CES is one of the top trade shows globally, with CeBIT, Photokina, and Computex all vying for top ranking depending on how you count).

If you take a product view, CES can get repetitive or boring rather quickly. I probably saw a dozen selfie-sticks. After a while, every curved 4K TV looks the same. And certainly, there’s a limit to how many IP cameras the market can support. After a few decades you learn to quickly spot the me-too and not dwell on the repetition.

It is worth a brief description of why CES is filled with so many me-too (and often poorly executed) products…

…An astute observer can pick out the me-too products and get a sense for what ingredients will be available and where they are on the price / maturity curve. One can also gauge the suppliers who are doing the most innovative integrations and manufacturing.

Sometimes the whole industry gets it wrong. The most recent example of this would be 3D TV, which just doesn’t seem to be catching on.

Really fascinating post.

Jobs that no longer exist » Imgur

Bowling alley pinsetter, human alarm clock, ice cutter, aircraft listener, rat catcher, lamplighter, milkman, log driver, switchboard operator, factory reader… a great collection of old photos of lost jobs, driven out by automation.

Wait, rat catcher?

Thunderstrike 31c3 » Trammell Hudson’s Projects

Hudson outlined an attack – given physical access – whereby you could install a rootkit in a Mac through a weakness in its Thunderbolt connector that couldn’t be detected. All terrifying if you think the NSA (or similar) might be after you and your computer’s content; mostly unconcerning otherwise. But here are the amelioration measures:

Apple has a partial fix that they have started shipping in the new Mac Mini’s and iMac Retinas, and they plan to release it for older Macs soon as a firmware update. Their fix is to not load Option ROMs during firmware updates, which is effective against the current proof-of-concept.

However… it is not a complete fix. Option ROMs are still loaded on normal boots, allowing snare’s 2012 attack to continue working. Older Macs are subject to downgrade attacks by “updating” to a vulnerable firmware version.

And a Thunderstrike v2 could use the new “Dark Jedi Sleep” attack.

What is the Dark Jedi attack? I just learned about it last night at Rafal and Corey’s excellent talk here at CCC. Folllowing a S3 sleep, the system restarts with the FLOCKDN register that we discussed earlier and all the other BIOS protection registers unlocked. This means that the Option ROM can arrange for arbitrary code can be run in PEI before anything is locked, allowing trivial rewrites to the flash. Thunderbolt Option ROMs can do all this without having to mess around with SCAP files and signatures or anything.

If Apple revised their hardware to include Trusted Boot hardware again — they used to have TPM chips, but never used them and removed them in more recent models, they could at least detect this sort of error. It’s not perfect, as we can tell from all of the presentations into circumventing the various forms of secure boot, but it is a good first step.

Logitech looking to mobile peripherals for growth » WSJ

John Revill:

The company, whose PC mouse devices could be found on desks the world over in the first wave of the IT revolution, is now focusing on accessories for mobile devices and gaming in an effort to reignite double-digit growth, chief executive Bracken Darrell said.

Logitech will also soon release a low-cost video device for collaboration between individuals or small groups.

The company also has a string of research projects which are working on “logical but surprising” new areas of digital technology which tap into key trends including mobile, although Mr. Darrell declined to give further details.

Possibly the most engaging thing about this piece is how the WSJ struggles with the plural of mouse (as in, the computer accessory). A front-page headline called them “mouses”. In the story, it hands off to “mouse devices”. Can’t we just say “mice”?

Consumer Monitor Study » Iowa State University department of Kinesiology

It tested a number of fitness trackers to see how they fared in assessing peoples’ exercise after some sedentary time (rather like your average office person):

Four of the monitors produced error rates between 15 and 18% (BodyMedia Core, Fitbit Flex, Jawbone Up24 and Nike Fuelband SE). The two most accurate monitors were the BodyMedia Core followed by the Fitbit Flex in second. This was the same pattern observed in the previously published paper. The overall error rates were lower in the original study (~12-16% for the top monitors) but the BodyMedia Core and the Fitbit Flex were similarly ranked as the two most accurate monitors.

ApplePay in browser by summer 2015 » Starpoint Blog

Tom Noyes:

Today ApplePay is limited to in-App purchase and at the POS (using NFC). Per my blog last week, mCommerce is one of the fastest growing trends in the industry right now. Apple will be extending the “touch ID” payment experience to all Safari browsers (with merchant support). Contrary to the poor POS/NFC uptake.. this will be a MASSIVE SUCCESS!!

Pre-requisite/Set Up

1) Merchant implements new ApplePay API that looks for supporting browser/device. Similar to what Google Checkout, Stripe, Braintree have done for accepting a token in lieu of card and cardholder data
2) There is likely some other device/browser information going to merchant (like ApplePay plug-in on browser)
3) Consumer has at least one touch ID compliant device (iphone 5s or 6)

User case 1 – ApplePay on MacBook – Easiest one to explain

1) Consumer Checks Out
2) Merchant checkout page finds supporting device/plug-in and displays “pay with Applepay”
3) Consumer selects pay with Apple Pay
4) Consumer’s iPhone 6 comes up with Touch ID prompt (Touch ID to complete purchase with Merchant X). Side note somehow Apple Keychain management is involved in exchange between devices
5) Merchant receives token(s) for user ID and for card. User ID token is resolved through Apple service, Token is routed as current token is today.

In case you’re wondering who Tom Noyes is, he’s the guy who in April 2014 was telling the world (which wasn’t listening) that Apple would introduce a contactless payment system in the iPhone 6. So worth listening to.

Samsung, LG, Panasonic bent on competing against Android TV » Digitimes Research

Tom Lo:

Observing major LCD TV brand vendors’ strategies for 2015, Google’s Android TV has become the official platform for Sony’s and Sharp’s smart TVs, but vendors such as Samsung Electronics, LG Electronics and Panasonic are still resisting Android, and bent on using their in-house developed platforms to carve out their own territories in the market.

During their pre-show press conferences for CES 2015, Sony and Sharp have respectively noted that Android TV will be fully adopted into their mid-range and high-end product lines in 2015, a strong advance for Google as its previous-generation Google TV platform was only available in Sony and LG Electronics’ entry-level TVs.

Their move also indicates that the two Japan-based TV vendors, whose market shares have been declining in the past few years, have formed a strategic alliance over their smart TV platform’s development, which is expected to help strengthen the Android TV camp.

This is the point about Android TV. Its backers (so far) are struggling players: Sony’s TV division is spun off from the main company, and Sharp has been hurting for years and only recently returned to profit. Samsung and LG have about 40% share of smart TVs, and when you add in Panasonic, it’s up to 50% or so. Sony and Sharp aren’t the big players.

Start up: India blocks Xiaomi, Chinese app habits, Office gets Bing, hacking smartwatches, and more

Posted on December 11, 2014 by charlesarthur

Refuelling a Toyota Prius. By the time he’s grown up, it might have paid for itself. Photo by Chris Yarzab on Flickr.

A selection of 9 links for you. Slippery when wet. I’m charlesarthur on Twitter. Observations and links welcome.

Breaking News: Delhi High Court grants injunction against Xiaomi >> Spicy IP

[On Monday] the Delhi High Court granted an ex parte injunction order against Chinese operator Xiaomi for infringement of Ericsson’s patents. The patents in question are Standards-Essential Patents (SEPs) which are subject to FRAND (Fair, Reasonable and Non-Discriminatory) terms. However, they may also be the same patents which are the subject matters of litigation Ericsson has mounted against Micromax, Gionee and Intex. As Shamnad Sir noted earlier today, while Ericsson has largely favourable orders against Micromax and Gionee, the same cannot be said for its case against Intex. Therefore, when the same patents are potentially in question under other cases as well, there was no need for the Courts to rush to grant an injunction against a new defendant, namely Xiaomi.

At this juncture, it is more interesting to note the reasons provided for granting the said injunction. One factor that the Court found persuasive was that Xiaomi had not responded to Ericsson’s repeated communications (6 in number from July 2014). However, it must be questioned whether Xiaomi’s purported laxity in this matter is a sufficient reason to grant an injunction against them. More so, when an alternative remedy in the form of damages is available which is one of the cardinal principles that goes against the granting of injunctions.

This ex parte order injuncts Xiaomi from selling, advertising, manufacturing or importing devices that infringe the SEPs in question. The judge also directed the Customs officials to stop the imports under the IPR Rules, 2007. Moreover, local commissioners have been appointed to visit Xiaomi officers to ensure the implementation of these orders.

This is going to put a whole new complexion on Xiaomi’s expansion – and profitability – outside China, and probably means it won’t be coming to the US any time soon.

Chinese mobile app UI trends >> Dan Grover

Slightly to his surprise, San Francisco native Grover finds himself a product manager on Chinese messaging app WeChat, in Guangzhou; from the photo, it’s Shenzhen, as that’s where WeChat is headquartered. This isn’t the cheesy opener to a TV series, unless you make it so:

Moving to a new country has meant learning how to do lots of things differently: speaking a new language, eating, shopping, getting around. In a few months, I’m surprised at how acclimated I’ve become to what, at first, seemed such an overwhelmingly alien place.

This has applied to my digital life too. I’ve replaced all my apps with those used here, owning both to my keen interest as someone in the tech industry, and to “go native” to the extent I can. Since then, I’ve similarly become blind to the adaptations required there, too.

One day, for the fun of it, I started writing a list in my notebook of all the things that are different between apps here and those I’m accustomed to using and creating back in the US. When I finished, I was surprised by how long the list was, so it seemed fitting to flesh it out into a post.

You’ll look at it and say “oh, that’s why feature X that I never use is in iOS 8”. Plus much more. China may be like Japan – a harbinger of some of the mobile future, but not all. The trouble is figuring out which bits are which.

How the Prisoner’s Dilemma explains the lack of forked Android phones outside China >> Tech-Thoughts

I’ve taken liberties with the headline on Sameer Singh’s article, but that’s basically what he’s doing:

[in the classic minimax game] the best payoff for both prisoners will be achieved if both remain silent. But the best individual payoff requires each to betray the other. So the only rational course for any self-interested party (like profit-generating enterprises) is to betray each other. In the case of Android OEMs, it may benefit the whole industry (from a differentiation and profit standpoint) to fork Android and exclude Google services. But the threat of selling a non-competitive forked device, while others sell devices with Google services is too great for this to ever happen.

The rest is insightful too. Sameer’s been quiet for a while; pieces like this contribute greatly to our understanding of ecosystems:

There are close to 2 billion smartphone users today and that will grow to roughly 4 billion over the next few years. However, the purchasing power of these users will be far lower than that of the existing user base, i.e. they will probably buy $25-$50 devices and not $600 or even $200 devices. How do you monetize a user who can only afford to pay $25-$50 for a phone?

The answer: services, dear boy, services.

PC makers may beat Apple to the punch with new ‘fingerprint ID’ sensors built into notebook touchpads >> Apple Insider

Calling it the “first solution to integrate fingerprint ID technology into the TouchPad,” the Synaptics SecurePad is a 4-by-10-millimeter sensor on the surface of a notebook’s cursor controls. The SecurePad activates with the touch of a finger, and like Apple’s Touch ID, it supports fingerprint detection at any angle.

The Synaptics SecurePad is a Fast Identity Online-ready authenticator supporting the use of password-free security. It will allow PC makers to implement fingerprint scanning technology without the need to duplicate hardware components, allowing for simpler integration into existing notebook designs.

Once a user scans their fingerprint when prompted for a password, SecurePad initiates a cryptographically secure challenge and response with an online service provider. The Synaptics solution does away with storing password databases in the cloud, further improving security with FIDO-compliant partners.

Useful for enterprise PCs; unclear whether there will be much demand for it from consumers (though users of iOS devices with TouchID might like the idea). It all rests on the execution.

Microsoft begins integrating Bing search into Office >> ZDNet

Microsoft is beginning to integrate its Bing search technology into Office, starting with Word Online, company officials announced on December 10.

Microsoft is calling the new embedded search capability “Insights for Office”. Microsoft is rolling out the capability worldwide (everywhere where Bing is available) starting today, December 10. The rollout should be complete within the next few days, officials said.

Users don’t need to do anything to get the new capability; it will just be added to Word Online automatically. The new “intelligent search experience,” as Microsoft officials are calling this, isn’t ad supported. It’s free.

Bill Gates wanted to include Microsoft’s search solution in Office back in 2003, but antitrust concerns, and the Office team’s refusal to help the search team, killed it. (Source: my book, Digital Wars – US version. Just the present for you or someone like you.)

With $2 Gas, the Toyota Prius Is for drivers who stink at math >> Businessweek

It would take almost 30 years of fuel savings from the hybrid Prius to cover its price premium over the little Chevy Cruze, although that doesn’t account for the Chevy buyer marking savvy investments with her savings in the meantime. It doesn’t matter since we will all be flying around in futuristic Teslas before the Prius pays off. The all-electric Nissan gets a lot closer: The all-electric Nissan Leaf, without any gas stops, take just 3.8 years on the road to beat the cheaper sticker price of the Cruze.

The Cruze gets a respectable 30 miles per gallon of combined highway and city driving, but its real strength is relative affordability. Without a second engine and a massive battery, the average Cruze had a $21,322 sticker price last month, compared with almost $31,973 for a Prius and $32,933 for a Leaf. Even after federal tax breaks, Cruze buyers start with an advantage of $8,151 over the Prius and $4,111 over the Leaf. That’s a lot of gas money.

For the 13 states with no hybrid incentives, this is where the equation stops.

This is the real reason why the US hasn’t made any progress on electric cars: the lack of tax incentive. True, the idea that carbon emissions are a problem is relatively new, but the US’s dependence on foreign oil (and hence oil) was seen as a problem as far back as Jimmy Carter’s time in the 1970s.

Eric Young on Twitter: “”I work for 1 of largest credit issuers n world…”

Eric Young quoting a source at “a major [US] bank: “I work for 1 of [the] largest credit issuers n [in the] world. We processed way more Apple Pay transactions than all of Google Wallet since its beginning”.

I’ve calculated there have been 20m Google Wallet downloads (it’s US-only), and people who should know have subsequently suggested that perhaps one-tenth of those are active. Apple Pay is very likely far past Google Wallet for number of active users in the US, even though Google Wallet came out in 2011 – and Apple Pay in September.

Mobile Enterprise Apps >> Apple

The first fruits of the collaboration with IBM, yielding what Apple calls “a new class of apps — entirely reimagined for the mobile enterprise, made for iOS, and designed to empower employees wherever their work takes them”. I was struck by the one for pilots, and this one for law enforcement officers:

With the Incident Aware app, police officers can know each other’s whereabouts with greater insights in emergency situations. When law enforcement officials receive an emergency call, responders can go in with a bird’s-eye view of the scene’s perimeter that includes GPS map data, the location of those involved in the incident, and live video feeds updated in real time on their iPhone devices. This powerful and intuitive app can even access police records to calculate risk, letting other law enforcement stakeholders know where and when other responders will appear.

It relies of course on Apple Maps, which will really up the stakes on getting that right and up-to-date.

Data sent between phones and smartwatches wide open to hackers >> Ars Technica

The growing number of smart devices that interoperates with smartphones could leave text messages, calendar entries, biometric data, and other sensitive user information wide open to hackers, security researchers warn.

That’s because most smart watches rely on a six-digit PIN to secure information traveling to and from connected Android smartphones. With only one million possible keys securing the Bluetooth connection between the handset and the smart device, the PINs are susceptible to brute-force attacks, in which a nearby hacker attempts every possible combination until finding the right one.

Researchers from security firm Bitdefender mounted a proof-of-concept hack against a Samsung Gear Live smartwatch that was paired with a Google Nexus 4 running Android L Preview. Using readily available hacking tools, they found that the PIN obfuscating the Bluetooth connection between the two devices was easily brute forced. From that point on, they were able to monitor the information passing between the watch and the phone.

Trying to feel anxious. Somehow can’t summon up the necessary level of worry about someone seeing a calendar alert.

Facebook ad pranking, Samsung’s design wars, Wirelurker arrests, web: alive or dead?, and more

Posted on November 18, 2014 by charlesarthur

1952 Illustrated Food Ad. This is not targeted to you at all. Honest.

A selection of 11 links for you. Do not spray on pets. I’m on Twitter as @charlesarthur. Do ping me links, opinions, etc.

Pranking my roommate with eerily targeted Facebook ads >> My Social Sherpa

Brian Swichkow:

I don’t do anything half-assed and he knew that. So about two months later I was experimenting with different ways to use Facebook’s Custom Audience targeting and having quite a bit of success. I was using a list of about 10,000 people and getting some of the highest click-throughs I had seen in a long time. Being a fan of the Mythbusters where they believe that anything worth doing is worth overdoing – I asked myself how I could take this to the next level. I realized that stepping things up a notch was actually stepping them down a notch in this case and I asked how targeted I could make my audience. I said to myself, “What if I only had like five people in an audience? What if I only had one person in an audience? … I should test this … I should test this on my roommate.”

The amazing thing here is the cost of doing it. You’ll have to read the article. Try guessing how much first though.

Pearl: the Compact Mirror Battery Project that started on Kickstarter but ended with Indiegogo >> Daniel Chin

Pearl™: Compact Mirror + USB Rechargeable Battery Pack was originally a Kickstarter project that was supposed to run from November 10 to December 3, 2014. In less than 48 hours since the project launched, it raised over $41,000, surpassing its $30,000 funding goal.

Then all of a sudden, we were informed by Kickstarter that our project was suspended due to a DMCA copyright infringement claim. It is a ridiculous, unfounded and fraudulent claim which Kickstarter did not bother to verify with us.

The allegations in the blog post are serious. One wonders how much of this goes on and simply never surfaces. Kickstarter doesn’t come out of it looking much good.

Alleged creators of WireLurker malware arrested in China >> SecurityWeek.Com

Three individuals suspected of being involved in the creation and distribution of a recently uncovered piece of malware referred to as “WireLurker” have been arrested and charged, the Beijing Municipal Bureau of Public Security said on Friday.

The suspects, identified by their surnames as Wang, Lee and Chen, were taken into custody on Thursday based on information provided to law enforcement authorities by the China-based security company Qihoo 360 Technology.

WireLurker, a threat designed to target devices running Mac OS X, iOS and Windows, was recently uncovered by Palo Alto Networks. The network security firm’s researchers identified a total of 467 malicious OS X apps which by mid-October had been downloaded by Chinese users over 350,000 times from an app store called Maiyadi. Cybercriminals distributed the threat by packaging it with popular games and applications.

Ditto creator says Samsung phones are “crammed with complexity and redundant features” >> PhoneArena

Parallel to the launch process of Ditto, the simplest notifications wearable device there is, its product designer Bob Olodort opened up about his small-time gig as a consulting designer at Samsung. He told VentureBeat that he’d pay the Korean chaebol a visit four times a year and show them “elegant, innovative phone designs” – each one “optimized to provide an ideal set of features for a […] target customer” and an example of “simplicity and elegance”. So why are our faithful Samsung phones the exact feature-stuffed opposite of this fine concept?

Olodort has the blunt answer: “They would louse it up by putting in everything — that’s their style at Samsung. A few young Samsung engineering managers would each add their own pet features. Later, the carriers Samsung sold to would insist on another set of features. Pretty soon the phones would be crammed with complexity and redundant features.” Unsurprisingly, the simplicity-obsessed Oledorf left to do his own thing.

This is hardly news to anyone who’s tried a Samsung smartphone. It sounds much like LG’s approach to Smart TV – every manager is desperate to get their own pet project in.

What happens when pirates play a game development simulator and then go bankrupt because of piracy? >> Greenheart Games

Old (well, from April 2013) but good. Greenheart Games intentionally uploaded a cracked version of their game to torrent sites:

The cracked version is nearly identical to the real thing except for one detail… Initially we thought about telling them their copy is an illegal copy, but instead we didn’t want to pass up the unique opportunity of holding a mirror in front of them and showing them what piracy can do to game developers. So, as players spend a few hours playing and growing their own game dev company, they will start to see the following message, styled like any other in-game message:

“Boss, it seems that while many players play our new game, they steal it by downloading a cracked version rather than buying it legally. If players don’t buy the games they like, we will sooner or later go bankrupt.”

Slowly their in-game funds dwindle, and new games they create have a high chance to be pirated until their virtual game development company goes bankrupt.

The online responses are predictably hilarious as pirating players complain without irony that piracy is hurting the profitability of the pirated game they’re playing.

Apposite today with PCalc developer James Thomson noting that around 70% of the copies of his app in use on iOS are pirated. (The suggestions for how to fix that – read the tweet replies – are quite fun.)

How Apple creates leverage, and the future of Apple Pay >> stratechery by Ben Thompson

I hadn’t come across BATNA – Best Alternative To a Negotiated Agreement – before, which Thompson uses earlier in this piece to explain how Apple uses what it has to succeed in negotiations, and then in new spaces such as Apple Pay:

Presuming this works out as well for Apple as I expect it to, there are two key lessons to be drawn. First, all of Apple’s leverage ultimately – either directly or indirectly – stems from consumer loyalty, which itself is based on Apple’s focus on the user experience. Second, the reason why Tim Cook so confidently called out Apple Pay as a new category is that he knew it was an area where Apple could bring that leverage to bear, just as they did in music and telephony. This is in marked contrast to the Apple TV, which is still a hobby: TV remains a much stronger business that is far more resistant to disruption than most people in tech appreciate, and until Apple has a means of obtaining leverage it will only ever remain so.

Welcome to the “Million Smartphone Club” of India >> Counterpoint Technology

Looking at India’s burgeoning smartphone market in Q3 2014:

The growing need for consumers flocking to the internet using mobile phones coupled with rapidly declining average selling price (ASP) of smartphones has been the key drivers of uptake of smartphones in India. The declining smartphone ASPs is as a result of proliferation of firstly not only local brands entering a price-war but also the highly price-competitive Chinese brands such as Xiaomi or Lenovo entering the Indian market. These brands are employing cost-effective distribution strategies such as online e-commerce channels to keep the costs fairly low in order to gain price competitiveness which is a boon to consumers

India smartphone market still has a room for vendors to grow exponentially as it expands deeper beyond urban India. However going forward only the vendors need to find faster and innovative ways to reach out to the end consumer. We estimate that going forward three out of four smartphones in the country will be 3G smartphones.

The idea that American icon Motorola would effectively be saved by selling into India would have seemed weird even a couple of years ago. Now it’s a major player there.

The web is dying; apps are killing it >> Wall Street Journal

Christopher Mims:

even the Web of documents and news items could go away. Facebook has announced plans to host publishers’ work within Facebook itself, leaving the Web nothing but a curiosity, a relic haunted by hobbyists.

I think the Web was a historical accident, an anomalous instance of a powerful new technology going almost directly from a publicly funded research lab to the public. It caught existing juggernauts like Microsoft flat-footed, and it led to the kind of disruption today’s most powerful tech companies would prefer to avoid.

It isn’t that today’s kings of the app world want to quash innovation, per se. It is that in the transition to a world in which services are delivered through apps, rather than the Web, we are graduating to a system that makes innovation, serendipity and experimentation that much harder for those who build things that rely on the Internet. And today, that is pretty much everyone.

Mims’s article has come in for a lot of rejoinders and rebuttals – such as this one on Quartz. But just because an app has a web view, does that mean you’re using “the web”? The navigation idea is all different. And in the end, you almost always end up still inside the app.

Twist: A ultra-portable universal adapter for your MacBook by Oneadaptr >> Kickstarter

What is Twist?

Twist is a universal adapter with four optional USB ports designed to work with the MacBook adapter. It offers much more functions than the Apple World Travel Adapter Kit and makes charging your mobile devices much easier.

Note that this Kickstarter isn’t live yet; I was sent the link over the weekend (but tried at once to order some). I like the idea of it. I’m hoping to get some to test, but I’d have already put my money in if that hadn’t happened. I particularly like the idea of not having to scoop up multiple plugs and cables when leaving a hotel room; and the bright yellow model would be hard to miss as you check you’ve got everything.

10 cities visualized by how cleanly their streets are laid out >> Co.Exist

Artist Steve Von Worley plots cities according to their orderliness.

One can guess, without seeing them, that younger cities (such as those in the US) will score highly because they are so new, so that they existed when horse-drawn traffic already did. London and especially Tokyo look like a mess, but you also have to consider geography – particularly height and rivers.

That said, what would a city developed now look like in these terms?

Samsung hunts next hit with internet push as phones fade >> Yahoo Finance

To demonstrate the Internet of things, the company is using its Samsung Innovation Museum, a glass-walled building across from its headquarters, about 30 miles south of Seoul. The five-story, 11,000 square-meter structure looks a bit like New York’s Guggenheim museum, painted almost entirely in white with words carved into the walls: ‘smart living’ and ‘inspiring others.’

In an open space on the second floor, booths stand side by side. Each is decorated with different interiors to show off connected life in hotels, planes, shopping malls or living rooms.

In the hotel booth, you can check in by pressing a key-patterned button on an Android smartphone without having to wait in line. Upon entering the room, the window blinds automatically roll up and the television turns on.

In the booth for home technology, lights, appliances and a robot vacuum cleaner are all connected online to mobile phone app. The idea is you can flick on the lights, warm the oven or even clean your living room from your phone before you come home. Samsung has started offering a rudimentary version of the service in Korea and will expand it globally.

This might be me being stupid, but why would you want to turn the lights on before you get home? Isn’t that what we have switches for? As to turning on the TV when you go into the room, what if you don’t want the TV on and the blinds rolled up? So many assumptions and so much effort that is more easily solved through simple human action.

Links: MCX’s ever-downward spiral, Apple nixes PCalc widget, ID theft site was sold credit data (and more)

Posted on October 30, 2014 by charlesarthur

A selection of 10 links for you. Use them wisely.

MCX says merchants doing what’s best for customers, being attacked for ‘challenging the status quo’ >> Mac Rumors

MCX certainly appears to be placing the blame for its member retailers’ refusal to accept Apple Pay on the merchants themselves. Asked whether Apple Pay and MCX’s CurrentC solution should be able to exist side-by-side, the executives noted that believe they will in the future and that it will take two or three major players in mobile payments to allow the entire market to thrive.

But pressed as to why some retailers such as CVS and Rite Aid have shut down NFC entirely rather than allow unofficial Apple Pay payments in their stores, Davidson argued that merchants know their customers best and are making the choices they believe are right for their customers. He said the merchants believe customers want more than just mobile payments, and CurrentC’s integration of payments with loyalty cards and coupons will in his opinion prove to be the best solution.

“Merchants know their customers best.” That’s why you stop them paying in one way and make them wait for another that will come at some unspecified time next year and require them to enter all sorts of other stuff.

The narrative around MCX/CurrentC has its own fascinating momentum – hacks, press conferences – which suggests that it’s already heading towards some sort of crisis.

Drupal Core – Highly Critical – Public Service announcement >> Drupal.org

Automated attacks began compromising Drupal 7 websites that were not patched or updated to Drupal 7.32 within hours of the announcement of SA-CORE-2014-005 – Drupal core – SQL injection. You should proceed under the assumption that every Drupal 7 website was compromised unless updated or patched before Oct 15th, 11pm UTC, that is 7 hours after the announcement…

Attackers may have copied all data out of your site and could use it maliciously. There may be no trace of the attack.

The vulnerability was notified (highly critical) on 15 October; every version of version 7 from before that is vulnerable if you didn’t update.

James Thomson on Twitter: “Apple has told me that Notification Center widgets on iOS cannot perform any calculations, and the current PCalc widget must be removed.”

Apple has told me that Notification Center widgets on iOS cannot perform any calculations, and the current PCalc widget must be removed.

This was bad – but I understand Apple will reverse course and approve it today, Thursday. Especially in light of this.

Apple eyes new uses for NFC beyond iPhone payments >> The Information

Amir Efrati:

For instance, the “Clipper” card that’s used in California’s Bay Area Rapid Transit system uses a near-field communication (NFC) chip made by the same company that built the NFC chip that powers Apple Pay. And the Clipper card transmits data using the same standard and frequency as the iPhone 6 (ISO 14443 at 13.56 MHz), says Mr. Rosenberg of Creating Revolutions.

That means Apple could easily allow for Clipper cards to be uploaded into the phone, with key information stored in the phone’s “secure element,” along with bank cards used through Apple Pay, and let people tap their phones at the BART turnstiles to transmit the information to the card reader using the iPhone’s NFC chip.

Such a scenario would require a formal deal with Apple. For now, Apple restricts access to the iPhone’s NFC chip, meaning software developers can’t build apps that use it. But observers expect the company to open up access to developers in the future, just as it did for the iPhone’s Touch ID fingerprint sensor. Developers are already building apps that use the NFC chips in many Android phones like the Samsung Galaxy.

You can imagine software updates enabling new features on old iPhones, though Apple’s never done it before. Is it feasible on the NFC elements in the iPhone 6 range?

Experian sold consumer data to ID theft service >> Krebs on Security

An identity theft service that sold Social Security and drivers license numbers — as well as bank account and credit card data on millions of Americans — purchased much of its data from Experian, one of the three major credit bureaus, according to a lengthy investigation by KrebsOnSecurity.

In November 2011, this publication ran a story about an underground service called Superget.info, a fraudster-friendly site that marketed the ability to look up full Social Security numbers, birthdays, drivers license records and financial information on millions of Americans. Registration was free, and accounts were funded via WebMoney and other virtual currencies that are popular in the cybercriminal underground.

Answers to Your Questions >> MCX

MCX sets out how wonderful it is for everyone.

On the data security side, the technology choices we’ve made take consumers’ security into account at every aspect of their core functionality. We want to assure you, MCX does not store sensitive customer information in the app. Users’ payment information is instead stored in our secure cloud-hosted network. Removing this sensitive information from the mobile device significantly lowers the risk of it being inappropriately disclosed in a case that the mobile device is hacked, stolen or otherwise compromised.

In the cloud? I’m so.. not reassured. Also enjoyable:

When merchants choose to work with MCX, they choose to do so exclusively and we’re proud of the long list of merchants who have partnered with us. Importantly, if a merchant decides to stop working with MCX, there are no fines.

(MCX emphasis.)

72 Hours of #Gamergate >> Medium

Andy Baio did a fantastic analysis of three days’ tweets around Gamergate, and then (with help) drew up a Delphi graphic showing how the pro- and anti- camps look:

This network visualization is as good a metaphor as any for #Gamergate. Two massive, impenetrable hairballs of people that want little to do with one another, only listening to their side and firing volleys across the chasm.

Much the same as any political divide, and as unlikely to be closed.

Sprout >> HP® Official Site

It’s a PC that has inbuilt cameras that look down onto a tabletop mat, which connects the cameras to what appears on the screen.

Hard to categorise. If this had come from Apple everyone would be raving about it; as it’s HP it’s had a collective “hmm”. The difference, perhaps, is that Apple knows how to drive the interest – and use – for such a product. Still, could find some eager buyers in particular segments. (Bonus point for the “Sprout” name, though.)

Anita Sarkeesian on video games’ great future >> NYTimes.com

Anita Sarkeesian:

The Wii reignited my interest in gaming, offering play experiences I found engaging and rewarding, like Mario Kart, de Blob and The Beatles: Rockband. From there, I immersed myself in zany PC games like Plants vs. Zombies, World of Goo and Spore, and eventually became a fan of mainstream first-person titles like Mirror’s Edge, Portal and Half-Life 2.

Even though I was playing lots of games, I still didn’t call myself a “gamer” because I had associated that term with the games I wasn’t playing — instead of all the ones I was playing. This was largely because I’d bought into the myth that to be a “real gamer,” you had to be playing testosterone-infused blockbuster franchises like Grand Theft Auto, God of War or Call of Duty.

And that’s the crux of what’s going on. It’s like “cracker” v “hacker” (“hackers aren’t crackers, maaaan!”) and “what does ‘troll’ actually mean?” (“You see, ‘troll’ actually means humorously annoying people…”). Language is fluid, but the latter meaning above of “gamer” is – ironically – becoming a carapace that won’t let its participants out, because they’re building it around themselves.

Note also how the cracker/hacker, “define troll” and “actually, a ‘gamer’ is…” lends itself to mansplaining.

Getting chipped: Why I will live with an NFC chip implant for a year | Network World

René Schoemaker lives in Holland:

I’ve been living with an NFC chip in my left hand since Sept. 25. It was implanted between my thumb and index finger, and I can tell you that it hurt quite a bit. But that was mainly because of all the TV camera people trying to film it, which dragged the process out from the normal five seconds to about 30 seconds.

I got chipped together with nine other volunteers during the IT Innovation Day organized by IDG Netherlands. The other volunteers and I will spend the next 12 months testing the use of an NFC chip in our daily lives to see whether having the chip implanted in our bodies is more useful than using a chip embedded on a card or in a smartphone.

So far, it has been pretty useless though. We are still in the process of coming up with possible applications such as using the chip to pay for public transportation or in shops and restaurants.

Isn’t that the sort of thing you’d think about before getting the implant? Perhaps he’ll meet Kevin Warwick.

Leave a comment. Be informative. Add to the conversation.