Bitcoin: a failed experiment, or still going strong? Photo by portalgda on Flickr.
You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.
A selection of 12 links for you. Use them wisely. I’m charlesarthur on Twitter. Observations and links welcome.
The resolution of the Bitcoin experiment » Medium
Why has Bitcoin failed? It has failed because the community has failed. What was meant to be a new, decentralised form of money that lacked “systemically important institutions” and “too big to fail” has become something even worse: a system completely controlled by just a handful of people. Worse still, the network is on the brink of technical collapse. The mechanisms that should have prevented this outcome have broken down, and as a result there’s no longer much reason to think Bitcoin can actually be better than the existing financial system.
Hearn’s article – in which he describes how he has gone from being an enthusiast and believer who left a safe job at Google to work on bitcoin – points to a looming problem: Chinese miners control over 50% of mining capability (the level where fakery becomes possible) and new proposals on fee payments could lead to transaction reversals.
I haven’t seen any adequate rebuttals of Hearn’s post (there are lots of ad hominem “don’t let the door hit you on the way out” responses, or others saying “everything’s GREAT, shuddup”), though this by “Bit Credit” makes a vague attempt. It also contains this passage:
from an economic interest it makes no sense to undermine bitcoin by fracturing it. And so surprise, suprise, bitcoin participants are making rational economic decisions. Bitcoin is not a democracy where 51% rules. In fact that is Bitcoin in a state of attack.
Bitcoin isn’t a democracy, in that its rules are determined by the core developers. But it is a democracy in that if 51% of miners start mucking about, bad things happen. And “attack”? Odd choice of word.
link to this extract
How Peach onboards new users » User Onboarding
Peach is the darling of the app world right now, and their onboarding has been heralded as one of the best ever from a newcomer. Care to see why?
Without further ado, here is…
How Peach Onboards New Users
Well, it has sort of fallen out of “darling” status, but any app designer will learn from this – especially the “what is this? What does that word mean? Am I saying this to the whole world? HELLPPP!” It is 120 slides, but easy to click through.
link to this extract
‘Shocking celebrity nip slips’: secrets I learned writing clickbait journalism » Broadly
Laura, another celebrity journalist who has worked online for popular tabloids, explains there are other times when she has had to sex up stories about celebrity women who weren’t even trying to be especially provocative. “You could do a red carpet round-up of ‘all these women look great in these dresses’ but you’d change it to ‘plunging necklines’ or ‘high splits,'” she explains. “Marriage announcements would be sexed up with ‘cleavage enhancing’ or ‘revealing’ outfit descriptions. You’d add in words like ‘nip slip’ even if nipples are nowhere near having a slip because that’s what people are searching for. It was literally just for SEO, and it was soul destroying.”
One journalist told me she worked on a site where every picture of a female celebrity — including those in full coverage outfits — was tagged with the word ‘panties.’
While you’re groaning at clickbait “shows her ex what he’s missing in tiny bikini” headlines, there’s a whole new level of trickery that lurks behind them. For example, a female celebrity recently posed for a tasteful set of nude photos with a glossy magazine, who published the story with an empowering, “you go girl!” headline. The page’s URL, however, was a chain of sexy keywords that simply ended with “nude-photos.” Things get especially murky once you delve even deeper into the behind-the-scenes sorcery. One tabloid journalist told me she worked on a site where every picture of a female celebrity—including those in full coverage outfits—was tagged with the word “panties.” I’ll also admit to using the phrase “nearly-naked” in headlines just to hit the search term “naked”.
And just when you’re wondering what the world would look like if women were in charge of search engine algorithms:
…Tabloid journalist Laura explains that while the amount of sexualized content about women isn’t decreasing, she’s starting to produce more sexualized content about men.
A few keystrokes could solve the crime. Would you press enter? » Just Security
Suppose a laptop were found at the apartment of one of the perpetrators of last year’s Paris attacks. It’s searched by the authorities pursuant to a warrant, and they find a file on the laptop that’s a set of instructions for carrying out the attacks.
The discovery would surely help in the prosecution of the laptop’s owner, tying him to the crime. But a junior prosecutor has a further idea. The private document was likely shared among other conspirators, some of whom are still on the run or unknown entirely. Surely Google has the ability to run a search of all Gmail inboxes, outboxes, and message drafts folders, plus Google Drive cloud storage, to see if any of its 900 million users are currently in possession of that exact document. If Google could be persuaded or ordered to run the search, it could generate a list of only those Google accounts possessing the precise file — and all other Google users would remain undisturbed, except for the briefest of computerized “touches” on their accounts to see if the file reposed there.
A list of users with the document would spark further investigation of those accounts to help identify whether their owners had a role in the attacks — all according to the law, with a round of warrants obtained from the probable cause arising from possessing the suspect document.
So, if you’re the person receiving the search request at Google, should you run it? Zittrain takes you around the back-and-forth, which is subtle.
link to this extract
The Long Goodbye » Anne Wheaton dot Com
I chose to be on Twitter. I am not a celebrity. I am a middle-aged woman who’s a retired hairdresser who now runs a non-profit, is on the Board of Directors at Pasadena Humane Society, has a house FULL of rescue animals, and has two wonderful boys. I do not have a job I need to promote, nor am I looking for a job to take on. I have a full life with an amazing husband and family, wonderful friends, and a successful business I run. If something I choose to do on the side isn’t fun, I need to walk away from it because my free time is pretty scarce. Twitter used to be the fun thing I did on the side, and for the most part, it just isn’t fun anymore, so I need to walk away from it and that’s okay.
I deleted my Twitter account last night and immediately felt relieved.
She’s married to Wil Wheaton, who has been anti-Gamergate, on the basis that reasonable people don’t abuse women and other people pointlessly and unceasingly. Increasingly, Gamergate strikes me as Twitter’s id; untrammelled raging male idiocy, which is never reined in by any form of superego (such as “is this really a good idea?”). And the concern is that that superego will never arrive. (Another thought is that with American politics becoming increasingly polarised, Gamergate backers are more aligned with the extreme Republican line of thinking, and certainly with its refusal to engage with any other viewpoint.)
Read her post from April on how quickly just “being a woman on Twitter” turned into “being someone at whom people post random, vicious, worrying things for no other reason than to be vicious and worrying.”
link to this extract
Web-based OAuth is a security nightmare for apps » Terence Eden’s Blog
You know those apps where you go in and it asks you to authorise it using Twitter or whatever? Eden doesn’t like them:
In Periscope’s case, the user has to trust that the app hasn’t just ripped-off the Twitter website. There’s absolutely no way to verify that it is a genuine and secure login page.
Even if you have 2-Factor Authentication (where Twitter texts you a login code) you’re not safe. Why? Because if the app is intercepting your username and password, it can also intercept your 2FA code. Sure, it can only use it for a minute or so (with some restrictions) – but that’s enough time to completely take over your account.
As software developers, we have to stop encouraging this anti-pattern. Periscope is teaching users that it’s OK to type their password into any box which looks like it’s authentic.
IAB dis-invites us, disses compromise and buries dissent » Adblock Plus
Adblock Plus has some very good relationships within the IAB (Interactive Advertising Bureau), which is the trade organization that represents advertisers and publishers. We coach many IAB members about our Acceptable Ads guidelines for reasonable, nonintrusive ads, and we have spoken on some IAB panel discussions (especially in the UK).
Unfortunately, the top brass at the US IAB don’t want us coming to their Leadership Summit next week in Palm Desert, California. We attended last year, and we signed up again for their 2016 meeting … including paying the hefty entrance fee. We were fully confirmed and they even listed us on their website as a participant.
Then this week we got one of those sudden emails that land in your inbox innocently, then floor you with something weird, unbelievable or ridiculous when you click on them. This one came from an unfamiliar IAB address, and it informed us that our registration for the summit was canceled and our fee refunded.
The IAB hasn’t said anything about why, as of the time of this post. Apart from a statement which said that “The IAB Annual Leadership Meeting is for serious conversation among important digital industry stakeholders.” Does it think adblocking isn’t serious, or isn’t important?
link to this extract
There are no secure smartphones » Devever
There are no secure smartphones.
This is a simple fact which is overlooked remarkably often.
Modern smartphones have a CPU chip, and a baseband chip which handles radio network communications (GSM/UMTS/LTE/etc.) This chip is connected to the CPU via DMA. Thus, unless an IOMMU [input-output memory management unit] is used, the baseband has full access to main memory, and can compromise it arbitrarily.
It can be safely assumed that this baseband is highly insecure. It is closed source and probably not audited at all. My understanding is that the genesis of modern baseband firmware is a development effort for GSM basebands dating back to the 1990s during which the importance of secure software development practices were not apparent. In other words, and my understanding is that this is borne out by research, this firmware tends to be extremely insecure and probably has numerous remote code execution vulnerabilities.
Thus, no smartphone can be considered secure against an adversary capable of compromising the radio link (called the Um link). This includes any entity capable of deploying Stingray-like devices, or any entity capable of obtaining control of a base station, whether by hacking or legal or other coercion.
It would, in my view, be abject insanity not to assume that half a dozen or more nation-states (or their associated contractors) have code execution exploits against popular basebands in stock.
Question then is how far up the stack you can get from the baseband.
link to this extract
August 2010: Android’s pursuit of the biggest losers » Asymco
Horace Dediu, writing back in the days when Nokia and Sony Ericsson made handsets, and BlackBerry was big, noting that LG and Motorola and Sony Ericsson had lost money, though Samsung was doing OK:
how likely are these disrupted ex-giants to recover and take Android forward? My bet: slim to none. Android does not offer more than a lifeline. It is not a foundation for long-term profitability as it presumes the profits accrue to the network and possibly to Google. Profit evaporation out of devices to Google may be a possibility at some time in the future, but only if the devices don’t need too much attention to remain competitive. But because they’re still not good enough (and they won’t be for years to come), it’s certain that attention to detail is what will be most important to stay abreast of Apple.
So here we have the real challenge to Android: partnership with defeated incumbents whose ability to build profitable and differentiated products is hamstrung by the licensing model and whose incentives to move up the steep trajectory of necessary improvements are limited.
In other words, Android’s licensees won’t have the profits or the motivation to spend on R&D so as to make exceptionally competitive products at a time when being competitive is what matters most.
He also points out that Windows Mobile had the same problem, seven years earlier.
Five years later, the point about long-term profitability and R+D is being borne out. Only Samsung has managed to stay profitable – because of its components businesses.
link to this extract
Xiaomi finally releases 2015 sales stats » Tech in Asia
The case of the missing phone statistics has finally been solved – today, Xiaomi revealed that it sold 70m smartphones in 2015, a number below even their most modest predictions.
It’s been apparent for a while that something went wrong for Xiaomi in 2015. In 2014, the company predicted that they would sell 100m phones in the coming year – an estimate that was promptly bumped down to 80m last March.
When late 2015 rolled around, and China’s techies eagerly awaited the company’s sales report, they were met with silence. CEO Lei Jun talked in December about how the company “does not emphasize goals such as smartphone sales anymore,” which certainly didn’t build anyone’s confidence that the company had met its targets.
As Crouch notes, 2016 could be make or break. With China’s smartphone market slowing down, it really needs to find something fresh.
link to this extract
Delicious changes » The Official Delicious Blog
Delicious was the original bookmarking service (admit it, you thought it had just vanished):
My name is Tony Aly, and I’m the CEO of Delicious Media, a new company formed in alliance between my company, Domainersuite, and Science, the company that has managed Delicious since 2013. Science has transitioned control of Delicious to our new entity so that my team and I can dedicate ourselves to the long-term success and stability of this wonderful, useful, trailblazing site.
As part of this transition, over the next few weeks, we will be a making a few fairly prominent changes to the site.
The first big change you’ll notice is our transition from the javascript front-end framework that has been powering the content at https://www.delicious.com. The engineers who crafted this version of the site are incredibly talented, and their code is amazing. It’s beautiful and powerful, but it has posed several significant challenges for us. For example, the search engines have a real problem reading our content, hindering users’ efforts to use Google or Bing to find what they’re looking for on Delicious.
Translation: “damn engineers.” Except what’s the point of search engines indexing a bookmarking site? Delicious has been through so many changes of ownership – bought by Yahoo in 2005, then sold to YouTube’s founders, then sold on and on. Never quite manages to regain momentum. I use Pinboard – reliable, cheap, doesn’t mess about. And has a terrific Twitter feed.
For what might have been, read Bobbie Johnson’s article from 2005 about Yahoo buying Delicious.
link to this extract
Wikipedia: an old-fashioned corner of truth on the internet » Telegraph
I wrote about Wikipedia’s 15th birthday (on Friday), and largely I have nothing but applause for its approach that anyone could write or edit, and its pursuit of the “neutral point of view”, and (especially) its ad-free ethos. Though:
That’s not to say it’s without faults. There are plenty, some deeply ingrained. Most of its editors are male, meaning topics relevant to women are underrepresented. As the site (and each editor) ages, it becomes harder to attract new editors as the existing clique becomes embedded. With no overall editor determining its direction or content, the topics and content can vary enormously. The world probably doesn’t need zillions of explanatory articles about the Japanese video game franchise Pokemon – but perhaps could do with some of the articles about less-simple concepts being rewritten to a more novice-friendly standard. That’s what the Encyclopaedia Britannica had that Wikipedia doesn’t: consistency.
But that’s also the web revealing our real character. Those who can be bothered to create are more interested in Pokemon than explaining maths or science. We peer into Wikipedia, and see ourselves peering back.
Errata, corrigenda and ai no corrida: none noted.
The Overspill: when there's more that I want to say 