Start up: smartphone v cars, Oracle v Android, Korea’s browser problem, flat design woes, and more

Posted on January 13, 2016 by charlesarthur

Sony’s Project Morpheus in action. But how many PCs can run this stuff? Photo by wuestenigel on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 10 links for you. Use them wisely. I’m charlesarthur on Twitter. Observations and links welcome.

Fun fun fun ’til her daddy takes the iPhone away » ROUGH TYPE

Nick Carr:

“A smartphone can get you a ride but a car can’t get you a date,” blogged venture capitalist Fred Wilson, revealing a remarkable ignorance of the entire modern history of youth culture. “The smartphone wins.”

Wilson’s words were inspired by a November 2013 interview with another prominent VC, Marc Andreessen. America’s love affair with the automobile is over, Andreessen declared. As evidence he pointed to a putative sea change in young people’s attitudes toward cars: “Today, ask kids if they’d rather have a smartphone or a car if they had to pick and 100% would say smartphones. Because smartphones represent freedom. There’s a huge social behavior reorientation that’s already happening.” I’ve never found financiers to be reliable guides to what kids are up to, but in this case Andreessen was just recycling a view that has achieved meme status in recent years: Americans are losing their taste for driving, and that trend is particularly pronounced among the young.

At about the same time Andreessen was opining about how young folks love their tech but don’t give a crap about their wheels, MTV was launching an extensive survey of the attitudes of millennials. The network interviewed nearly 4,000 people between 18 and 34. One of the topics discussed was cars and driving.

Now, guess whether the survey – of thousands of real people – backed up Wilson’s opinion.
link to this extract

Education and underemployment in the age of machine intelligence » Brookings Institution

Daniel Araya (a researcher and advisor to the US government):

what is the role of education in the age of machine intelligence? Even a cursory analysis of educational reform in the United States reveals a deep concern with transforming the education system in the face of systemic economic and social change. It has become painfully clear, for example, that our current education system is not equipped to mitigate the scale of labor dislocation we may soon face. In my view, the most obvious problem with U.S. educational reform today is a misplaced focus on mobilizing systems of measurement and conformity in an era that demands risk and experimentation. The underlying problem is that “factory schools” have evolved from older institutions designed for a different era.

Beyond the bureaucratic systems of the Industrial Age, students must be better prepared to leverage autonomous creativity to solve real-world problems. Beyond basic numeracy and literacy, advanced competencies that build on network collaboration, digital fluency, and entrepreneurial innovation are now foundational to economic mobility. The real challenge today, in other words, is to transform the institutional and pedagogical structures that constitute schooling. Rather than framing educational reform in terms of the needs of a mass industrial society, educational policies must now adapt to the needs of a highly disruptive computational economy.

Sure, but who’s going to tear Americans away from their block-rote testing?
link to this extract

Few computers are powerful enough to support virtual reality » Bloomberg Business

Ian King:

Virtual reality has a very real problem. With several technology giants preparing splashy introductions for the first VR headsets in 2016, few people own hardware capable of fully supporting Facebook’s Oculus Rift or other systems.

Just 13m PCs worldwide next year will have the graphics capabilities needed to run VR, according to an estimate by Nvidia, the largest maker of computer graphics chips. Those ultra-high-end machines account for less than 1% of the 1.43bn PCs expected to be in use globally in 2016, according to research firm Gartner.

And yet IHS estimates that 7m VR headsets will be in use by the end of this year. Seems like a high penetration of those 13m PCs. (And I don’t hold out much hope for HTC/Valve’s effort to save HTC, given its $1,500 price.)
link to this extract

Oracle sinks its claws into Android » Andreas Gal

Gal is the former CTO at Mozilla, and was involved in its efforts with Firefox OS, so he knows his stuff:

While I am no longer working directly on mobile, a curious event got my attention: A commit appeared in the Android code base that indicates that Google is abandoning its own re-implementation of Java in favor of Oracle’s original Java implementation. I’ll try to explain why I think this is a huge change and will have far-reaching implications for Android and the Android ecosystem.

This quickly gets very complicated, hinging on the variations between the GPL, LGPL, GPLv2 and Apache licences. Read alongside this piece at Venturebeat, which has comments from Google.

Upshot seems to be: Oracle gets to dictate some future direction of Android’s Java; app developers who don’t update could see more crashes.
link to this extract

Issue 693 – TrendMicro node.js HTTP server listening on localhost can execute commands » Google Security Research

Tavis Normandy, on the security mailing list:

When you install TrendMicro Antivirus on Windows, by default a component called Password Manager is also installed and automatically launched on startup.

http://www.trendmicro.com/us/home/products/software/password-manager/index.html

This product is primarily written in JavaScript with node.js, and opens multiple HTTP RPC ports for handling API requests.

It took about 30 seconds to spot one that permits arbitrary command execution, openUrlInDefaultBrowser, which eventually maps to ShellExecute().

This means any website can launch arbitrary commands, like this:

x = new XMLHttpRequest() x.open("GET", "https://localhost:49155/api/openUrlInDefaultBrowser?url=c:/windows/system32/calc.exe true); try { x.send(); } catch (e) {};

(Note that you cannot read the response due to the same origin policy, but it doesn’t matter – the command is still executed).

Trend Micro reacted quickly, but it turns out this is only the first layer of a stinky security onion.
link to this extract

Pray to Microsoft: Google, Microsoft to stop technical support for older operating systems, browsers » BusinessKorea

Cho Jin-Young:

Google announced on January 11 that it would stop providing security for the Chrome browser on the older versions of the Windows including the Windows XP and the Windows Vista. Earlier, Microsoft said that its technical support for the older versions of the Internet Explorer would be stopped soon. Under the circumstances, Web users in Korea are getting more and more nervous.

At present, more than 80% of them are using Microsoft’s PC operating systems and 30% to 40% of them are using the older versions of the Internet Explorer. Besides, a number of public organizations in Korea are still heavily dependent on the IE, which means they are very vulnerable to security threats. In order to be free from the concerns, users of the Windows 7 and above are required to upgrade their IE to IE 11 or use the other browsers including Chrome, FireFox and Safari.

Problems are complicated for Windows XP and Windows Vista users though. The Chrome browser is unavailable on these operating systems from April this year since Google is going to stop its security update from that month.

People think of South Korea as super-sophisticated because it has really fast broadband. But it relies on absolutely ancient browsers which are vulnerable to all sorts of malarkey. This is going to cause some big problems as they’re either forced to shift or get hacked to hell and back.
link to this extract

Long-term exposure to flat design: how the trend slowly makes users less efficient » Nielsen-Norman Group

Kate Meyer:

To know where they can click on a website, users need signifiers: perceptible clues that help them understand how to use interfaces. Blue underlined text is an example of a traditional signifier of a clickable link that even the least experienced web users understand.

In the old days of rampant skeuomorphism and realism in web design, users were generally able to rely on obvious — but often ugly — signifiers of clickability (such as glossy, raised effects on buttons, or inset shadows that made input fields appear empty). Even though these signifiers varied from site to site, users could usually rely upon two assumptions:

• Elements with strong signifiers were probably clickable.
• Elements without strong signifiers were probably not clickable.

Flat design increased the popularity of designing clickable elements with absent or weak signifiers. Linked text styled as static text is an example of an absent signifier. A ghost button (text with a thin border and no background color) is an example of a weak signifier — a subtler version of a traditional clickability signifier.

Younger users are better at figuring this stuff, but this doesn’t mean it’s good design.
link to this extract

A driverless car saved my life – no, really » Forbes

Joann Muller took a ride in Delphi’s model on the Vegas roads during CES:

One of the first things I noticed was how polite the self-driving car was. It always stayed under the speed limit, and always drove a safe distance behind the car in front of us. It was kind of annoying, frankly, in frenetic Las Vegas, where 170,000 heavily caffeinated tech freaks converged for CES, the big three-day consumer electronics show.

At a busy four-way intersection, the Audi navigated itself into a left-turn lane behind five or six other cars stopped at a traffic light. I thought the gap between us and the car ahead seemed excessive, but that’s how the car is programmed to behave. If I were driving, I would have inched way up behind the other guy’s bumper.

The traffic arrow turned green, and as the cars ahead started moving, so did we. Just as we approached the intersection to make the left turn, the arrow turned yellow and our car stopped abruptly. My Delphi guide, Nandita Mangal, explained that because the car detected stopped traffic on the other side of the intersection it did not feel it was safe to proceed on yellow, even though most drivers (myself included) are probably more aggressive and would have tried to make the light.

That point was driven home just a few minutes later when our car, now first in the left turn lane, got a green arrow to proceed. The Audi drove forward and started turning left, when all of a sudden, out of the corner of my eye, I saw not one, but two cars come speeding through the intersection from the right, running the red light. I wanted to yell “Look out!” but before I could even get the words out, the Audi slammed its brakes as the bad drivers swerved around us. If the self-driving car hadn’t detected what was about to happen and stopped, we likely would have been T-boned on the right side, and I might not be here to write this story.

It will only take a few cases like this for SDCs to be hailed at the best thing since sliced bread. Will the bad drivers (like those running the light) get them first, though? (Note too: this isn’t a Google car.)
link to this extract

China’s Xiaomi under pressure to prove value to investors » WSJ

Eva Dou on Xiaomi, valued at $46bn in its last round, which looks to have missed its 80m phone sales target for 2015 (revised down from 100m):

“The competition in China’s smartphone market has intensified tremendously this year,” said a Xiaomi spokeswoman, who declined to comment on the company’s valuation or say whether it met its 2015 sales target. She said Xiaomi sales were “within expectations” and its flash sales are primarily for new phones when production ramps up.

The lack of its own high-end chip technology also proved to be a competitive disadvantage for Xiaomi last year. When early versions of Qualcomm Inc.’s Snapdragon 810 processor were reported to have overheated, it dampened sales of Xiaomi’s most expensive handset yet, the 2,299 yuan ($349) Mi Note, analysts said.

Xiaomi couldn’t fall back on an in-house developed chip to get around the problem as Huawei and Samsung did.

Xiaomi and Qualcomm declined to comment on the processor. Analysts say the problems have been fixed.

Overseas growth also has been slow for Xiaomi, with the percentage of its smartphones sold overseas in the first nine months of 2015 rising to 8%, compared with 7% in the 2014 calendar year, according to Canalys. Moreover, Xiaomi’s thin patent portfolio became a hurdle as it sought to expand in markets such as India. A lack of patents led to a court ruling that crimped its access to the crucial India market.

Hard to see now how Xiaomi isn’t Just One More Android OEM.
link to this extract

Education – Preview » Apple

This is interesting: coming in iOS 9.3, Apple’s classroom efforts (which in the US are being invaded by Chromebooks) let pupils log into any iPad “and make it their own”, use a “Photo ID” where “each student’s picture appears on the iPad they’ve been using” and younger students can access via a four-digit PIN.

Teachers meanwhile can see what’s on any screen, launch apps across a class, and reset passwords “without calling IT”.

Fraser Speirs (who’s big on education and iPads) points out that it’s going to need some hefty space – a 32GB iPad will be able to cater for 3 users, 64GB for 8, and 128GB for 16.

Wouldn’t mind having some of these for a home setting. (Via former Windows guy Steve Sinofksy.)
link to this extract

Errata, corrigenda and ai no corrida:

Start up: debunking 2015’s fake pics, wearables grow, Apple’s 800 camera people, and more

Posted on December 22, 2015 by charlesarthur

The Internet of Things might help warn about this. Photo by freefotouk on Flickr.

You’re not too late to sign up to receive each day’s Start Up post by email. Think of it as a Christmas present to yourself. Actually, it’ll stop for two weeks after Christmas, but anyway.

A selection of 9 links for you. Use them wisely. I’m charlesarthur on Twitter. Observations and links welcome.

76 viral images from 2015 that were totally fake » Gizmodo

Matt Novak:

We debunked dozens of fake photos this year, covering everything from Charles Manson’s baby photos to John Lennon’s skateboarding skills, and everything in between. It was another busy year for anyone spreading fake images on the internet.

Below, we have 76 photos that you may have seen floating around the internet in 2015. Some are deliberate photoshops created by people who want to deceive. Others are just images that got mixed up in this big, weird game of Telephone we call the internet.

76! That’s more than one a week. Actually, there’s only one fake a week?
link to this extract

US probes Theranos complaints » WSJ

John Carreyrou:

U.S. health regulators are investigating complaints about laboratory and research practices at Theranos Inc. by two former employees of the blood-testing startup company, according to people familiar with the inquiries.

A complaint filed in September by a former Theranos lab employee to the Centers for Medicare and Medicaid Services alleged that management instructed lab employees to keep testing patients with the company’s blood-analysis devices despite indications of “major stability, precision and accuracy” problems with those devices.

The second complaint was sent to the Food and Drug Administration earlier this month by another ex-employee, who alleged that the study submitted by Theranos last year to win the agency’s approval for a herpes test was tainted by breaches in research protocol.

Really not going well for Theranos. All been going downhill since the WSJ article in October.

Worldwide shipments of wearables to surpass 200m in 2019, driven by strong smartwatch growth » IDC

According to the International Data Corporation (IDC ) Worldwide Quarterly Wearable Device Tracker , the worldwide wearable device market will reach a total of 111.1m units shipped in 2016, up a strong 44.4% from the 80m units expected to ship shipped in 2015. By 2019, the final year of the forecast, total shipments will reach 214.6m units, resulting in a five-year compound annual growth rate (CAGR) of 28%.

“The most common type of wearables today are fairly basic, like fitness trackers, but over the next few years we expect a proliferation of form factors and device types,” said Jitesh Ubrani , Senior Research Analyst for IDC Mobile Device Trackers. “Smarter clothing, eyewear, and even hearables (ear-worn devices) are all in their early stages of mass adoption. Though at present these may not be significantly smarter than their analog counterparts, the next generation of wearables are on track to offer vastly improved experiences and perhaps even augment human abilities.”

One of the most popular types of wearables will be smartwatches, reaching a total of 34.3m units shipped in 2016, up from the 21.3m units expected to ship in 2015. By 2019, the final year of the forecast, total shipments will reach 88.3m units, resulting in a five-year CAGR of 42.8%.

“In a short amount of time, smartwatches have evolved from being extensions of the smartphone to wearable computers capable of communications, notifications, applications, and numerous other functionalities,” noted Ramon Llamas , Research Manager for IDC’s Wearables team. “The smartwatch we have today will look nothing like the smartwatch we will see in the future. Cellular connectivity, health sensors, not to mention the explosive third-party application market all stand to change the game and will raise both the appeal and value of the market going forward.

Apple Watch forecast to continue dominating through to 2019, though Android Wear coming up strongly. Tizen not going anywhere.
link to this extract

‘Internet of Things’ technology powers an interactive flood map and sensor network » Nominet

Nominet, in association with the Flood Network, is today launching an interactive, online map which visualises river and stream levels around Oxford. The map, showing how technology can be a part of flood defence systems anywhere, has been developed following a successful pilot project with the Oxford Flood Network. The project has been focused on exploring the potential of the Internet of Things (IoT) to create an extensive, localised, early-warning system for flood-prone areas for the first time in the UK.

The Flood Network is powered by two pieces of innovative technology developed by Nominet:

• A set of IoT tools to help innovators build and scale IoT applications in real environments. The tools utilise existing internet standards, such as DNS, to provide proven scalable solutions with an existing support eco-system.

•The use of TV white space to connect a number of hard-to-reach devices in the network. Nominet’s recently qualified TV white space (TVWS) database performs complex calculations that informs devices what frequencies they can use in which area, at what power and for how long.

The map, an application built on top of the tools, is being released as a beta version today to gather feedback from local residents and encourage further community engagement.

First use I’ve seen of TV white space (analogue frequencies left over by the switch to digital TV). And, finally, the Environment Agency providing data from its sensors at river locks – after years when the EA resolutely refused to release its data to public use.

Also: an IoT application that really makes sense.
link to this extract

‘Unauthorized code’ that decrypts VPNs found in Juniper’s ScreenOS » The Register

Simon Sharwood:

Juniper Networks has admitted that “unauthorized code” has been found in ScreenOS, the operating system for its NetScreen firewalls.

The code “could allow a knowledgeable attacker to gain administrative access to NetScreen devices and to decrypt VPN connections.”

And on The Register’s reading of the situation, the unauthorised code may have been present since 2008, an assertion we make because Juniper’s notice about the problem says it impacts ScreenOS 6.2.0r15 through 6.2.0r18 and 6.3.0r12 through 6.3.0r20. ScreenOS 6.2 was released in 2008. Screen OS 6.3 came out in 2009.

We’ve asked Juniper if it has any theories about the origin of the code and have been told the company has nothing to say on the matter beyond the post we’ve linked to above and canned statements from its PR team.

Just what happened is therefore obscure for now, but the obvious scenarios aren’t good news for Juniper.

Or, indeed, its customers. Two views on this: (1) shows terrible effects of having backdoors because it means those “knowledgeable attackers” can read everything; (2) what effects has it had, exactly?
link to this extract

The iPhone’s camera is so good because 800 people are working on it » The Verge

Chris Welch writes up the CBS 60 Minutes interview with Apple, which mostly revealed nothing the tech world hasn’t obsessed over for years, but for this:

the episode did reveal one semi-interesting new detail: Apple now says there are 800 people solely dedicated to working on the iPhone’s camera. That team of “engineers and other specialists” is led by Graham Townsend, who took Rose on a tour of the camera testing lab.

“There’s over 200 separate individual parts” in the iPhone’s camera module, Townsend said. Then he demonstrated how Apple simulates various conditions to test out the camera’s performance, from sunsets to lousy indoor lighting. “We can simulate all those here,” Townsend said. Apple’s competitors certainly conduct many of those same tests, but the sheer size of Apple’s camera team shows you how high up on the priority list it’s risen. Apple has built entire ad campaigns around the iPhone’s camera, and always makes it a point to highlight improvements with each new iPhone revision.

Generally, the interview lacked anything else noteworthy.

Love to know how that 800 breaks down between software and hardware. And beyond a certain minimum, is it just sheer numbers of people beavering away that makes good? How many do Samsung and LG have on this?
link to this extract

Toshiba Revitalization Action Plan and FY2015 forecast (PDF) » Toshiba

Following its accounting scandal, the company is cutting thousands of jobs and selling off its TV business, and reorganising its PC business:

The Personal & Client Solutions Company will be split off from Toshiba Corporation and merged with a BtoB PC sales company in Japan.

• Headcount reduction of 1,300, about 30% of its global total, within FY2015.
• Close and sell Ome Complex, the Japanese development base of PC and visual products.
• A 60.0bn yen [US$490m] cost for structural reform is forecast for FY2015.
• Reduce total fixed costs by more than 30.0bn yen [US$245m] in FY2016 against FY2015.
• Downsize global sales scale to 3 million units a year, and make the business profitable.

The split will happen in January, and be effective from April. A separate PDF of the reorganisation for the PC business alone suggests that it had sales in the year to March 2015 of 97.3bn yen (US$800m) and operating profit of 209m yen (US$1.7m) – which, on 3m PCs sold, would be an average price per PC of $266 and operating profit of $0.56 each.

Toshiba was the first company to produce a mass-market laptop, in 1985. Lots can happen in 30 years.
link to this extract

How the online hate mob set its sights on me » The Guardian

Jon Ronson:

A train crashed in Philadelphia [in May 2015]. Passenger cars were ripped apart. Eight people died and 200 more were hospitalised. A survivor emerged from the wreckage and tweeted: “Thanks a lot for derailing my train. Can I please get my violin back from the 2nd car of the train?”

In the early days, Twitter was a place of curiosity and empathy. Back then, people might have responded to this woman: “Are you OK?” or “What was it like?” But that’s not how Twitter and Facebook responded in 2015. Instead, it was: “Some spoiled asshole is whining about her violin being on that Amtrak that derailed. People died on that train” and |“I hope the violin is crushed” and “I hope someone picks it up and smacks it against the train” and…

And worse. Much worse. But as Ronson asks, why are hate mobs so much quicker to form? Why are people being unpaid shaming interns for Twitter and Google too?
link to this extract

Ericsson and Apple sign patent deal, settle litigation | Reuters

Olof Swahnberg:

Ericsson did not specify how much it would earn from the deal but estimated overall revenue from intellectual property rights in 2015 would hit 13 to 14 billion crowns ($1.52-$1.64 billion), including positive effects from the settlement with Apple, up from 9.9 billion crowns in 2014.

Investment bank ABG Sundal Collier said in a note to clients it believed the deal meant Apple would be charged around 0.5 percent of its revenue on iPads and iPhones by Ericsson.

Ericsson Chief Intellectual Property Officer Kasim Alfalahi said the agreement was broad, covering the latest 4G-LTE generation of mobile technology, as well as the earlier 2G and 3G technologies.

Quick settlement for a patent row: case was filed in January 2015.
link to this extract

Errata, corrigenda and ai no corrida: in yesterday’s links it said that Linux was vulnerable to the 28-backspace hack for passwords. That should be GRUB.

Start up: talking to Barbie, BlackBerry’s criminal approach, mobile theses, tracing bitcoin, and more

Posted on December 21, 2015 by charlesarthur

I know – it’s backspace, 28 times. Photo by totumweb on Flickr.

Oh, you could get each day’s Start Up post by email. But it’s email, isn’t it? Email.

A selection of 9 links for you. Apply topically. I’m charlesarthur on Twitter. Observations and links welcome.

Talking toys are getting smarter: should we be worried? » WSJ

Geoffrey Fowler:

Maybe the best way to understand whether these toys hinder imagination is to look at their underlying technology. From an interactive standpoint, Hello Barbie is basically a voice-activated Choose-Your-Own-Adventure book, in that she gives children a limited number of choices as they go down the conversational path and has a finite, albeit vast, number of dialogue lines (8,000 in total, recorded by an actress).

Once you start talking to Hello Barbie, what you soon realize is that, although she can remember details—a child’s favorite color or whether she has a sibling—the doll is not a very good listener. Many of her questions are just setups to tell a scripted story. “If you could go on vacation anywhere in the world, where would you want to go?” she asked [test child] Riley before describing her own recent vacation. Sure, every now and then she invites Riley to chime in. (“It’s a warm day and my friends invited me to go to the beach. I’m not really sure what to wear. Um, maybe some mittens and a scarf?”) But ultimately, whatever the child says, Hello Barbie sticks to her script.

Despite Hello Barbie’s inability to participate in a child’s flights of fancy, the doll is programmed to extol the virtues of imagination. “I think it’s great to exercise your imagination and creativity!” she said to Riley. Also: “We love using our imaginations. We are so avant-garde!”

So the answer to the question posed in the headline is “not yet”. But not “not ever”. It feels very much like a slice from a Philip K Dick novella.
link to this extract

Detect and disconnect WiFi cameras in that AirBnB you’re staying in » Julian Oliver

There have been a few too many stories lately of AirBnB hosts caught spying on their guests with WiFi cameras, using DropCam cameras in particular. Here’s a quick script that will detect two popular brands of WiFi cameras during your stay and disconnect them in turn. It’s based on glasshole.sh. It should do away with the need to rummage around in other people’s stuff, racked with paranoia, looking for the things.

Thanks to Adam Harvey for giving me the push, not to mention for naming it.

May be illegal to use this script in the US (not that that will stop people). Note how the sharing, trusting economy has its limits.
link to this extract

Bypass Linux passwords by pressing backspace 28 times » Apextribune

Daniel Austin:

if certain conditions are met (mostly the proper version of the OS), pressing the backspace key 28 time in a row will cause the computer to reboot, or it will put Grub in rescue mode, Linux’s version of Safe Mode.

This will provide the would-be hacker with unauthorized access to a shell, which he can then use to rewrite the code in the Grub2 in order to gain full unauthorized access to the machine.

From this point, anything is possible, since the hacker would be able to do anything he wanted to the computer.

Vulnerable versions: ~~Linux~~ GRUB 1.98 (from 2009) through to the current 2.02 version. (Not Linux as said in earlier version of this post.)
link to this extract

Tracing the Bitcoinica theft of 40,000 btc in July 2012 » YouTube

So 10,000 bitcoins were stolen from MtGox in July 2012. You thought bitcoin were untraceable? Not at all. Watch and learn. Though this doesn’t mean the people named here are guilty of theft (he said, covering himself against any potential libel).

link to this extract

Activation lock checker » Apple

Before transferring ownership of an iPhone, iPad, iPod touch, or Apple Watch, make sure Activation Lock has been disabled and the device is ready for the next user.

The implication there is that it’s for you, the seller, to do the checking that you’ve turned it off – but the protection is really for buyers to make sure they don’t get a hot phone.
link to this extract

Competition is shifting to the high end » Tech.pinions

Jan Dawson:

Sony has abandoned PCs and continues to struggle in smartphones, HTC increasingly looks like it’s on its last legs as an Android vendor, Toshiba is considering spinning off its PC business, and Samsung’s smartphone business – once the poster child for success making Android phones – continues to slip. It sometimes seems as if the only vendors making Android phones and Windows PCs who aren’t struggling in some way are the licensors of the operating systems. And though we don’t have detailed financials for either company’s hardware business, they’ve both done it by focusing on selling premium devices at premium prices, and by tightening the integration between hardware and software.
What’s interesting is we haven’t seen any of the OEMs pursue this strategy. That likely reflects, in equal parts, a lack of capability and a lack of will, as these OEMs have neither the experience nor the desire to pursue the high end of the market. And yet it’s been clear for years that, while scale may be in the mass market, the margins are in the high end.

link to this extract

16 mobile theses » Benedict Evans

We’re now coming up to 9 years since the launch of the iPhone kicked off the smartphone revolution, and some of the first phases are over – Apple and Google both won the platform war, mostly, Facebook made the transition, mostly, and it’s now perfectly clear that mobile is the future of technology and of the internet. But within that, there’s a huge range of different themes and issues, many of which are still pretty unsettled.

In this post, I outline what I think are the 16 topics to think about within the current generation, and then link to the things I’ve written about them. In January, I’ll dig into some of the themes for the future – VR, AR, drones and AI, but this is where we are today.

I wouldn’t be surprised if the title is a subtle reference to Martin Luther (though he rambled on for 95 theses), but it’s impossible to argue against any of these; they simply state the ground where the world now stands. The point about mobile being 10x larger as an ecosystem now than the PC is an important one, though not the only important one.
link to this extract

August 2010: RIM’s Deal: Saudi Arabia Can Access BlackBerry User Data » DailyFinance

From August 2010, by Douglas McIntyre:

Saudi Arabia’s government announced it reached a deal with Research In Motion (RIMM) that will allow the Canadian maker of BlackBerry smartphones to continue operating its service there. Under the agreement, RIM will put a server in the nation that will allow the government to monitor messages to and from Blackberries. All of RIM’s servers have been in Canada until now so the company could guarantee confidentiality for its customers though the encryption process on those servers.

According to several news sources, similar deals will probably be sought by other countries that have voiced concerns about the Blackberry encryption procedures. First among these is the United Arab Emirates, which threatened to shut down RIM’s services there on Oct. 11. India and Indonesia have also said they’re concerned about the RIM confidentiality system and their inability to track information that they claim may not be in the best interests of their governments.

Everyone’s a criminal, after all – they just need to work out what they’re guilty of. Now read on.
link to this extract

The encryption debate: a way forward » Inside BlackBerry

John Chen, who is chief executive of BlackBerry, in December 2015:

For years, government officials have pleaded to the technology industry for help yet have been met with disdain. In fact, one of the world’s most powerful tech companies recently refused a lawful access request in an investigation of a known drug dealer because doing so would “substantially tarnish the brand” of the company. We are indeed in a dark place when companies put their reputations above the greater good. At BlackBerry, we understand, arguably more than any other large tech company, the importance of our privacy commitment to product success and brand value: privacy and security form the crux of everything we do. However, our privacy commitment does not extend to criminals.

BlackBerry is in a unique position to help bring the two sides of this debate together, to find common ground and a way forward. BlackBerry’s customers include not only millions of privacy-conscious consumers but also the banks, law firms, hospitals, and – yes, governments (including 16 of the G20) – that use our products and services to protect their highest value resources every single day. We stand as an existence proof that a proper balance can be struck.

We reject the notion that tech companies should refuse reasonable, lawful access requests.

The “powerful tech company” Chen is referring to there is Apple, which has refused to cooperate in unlocking an iOS 7-powered phone in a federal case (which remains under seal). There’s a search warrant for the phone, which is locked.

Chen’s stance though is really surprising. He seems to be saying “sure, we’ll cooperate with the government if it asks.” But what if it’s the Chinese government? Or the Syrian government? And what’s the mechanism that lets BlackBerry cooperate? From iOS 8 onwards, Apple simply can’t decrypt a phone, no matter what access it gets. Is BlackBerry ceding that ground?
link to this extract

Errata, corrigenda and ai no corrida:

Start up: damn internet fridges!, getting hacked, the coming phone shakeout, PGP doubts over “Satoshi”, and more

Posted on December 11, 2015 by charlesarthur

This was when the fridge calendar worked. Photo by Kaeru on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 10 links for you. Use them wisely. I’m charlesarthur on Twitter. Observations and links welcome.

The joy of getting hacked » Waxy.org

Andy Baio:

A quick ‘top’ revealed that MySQL was pegging the CPU, so I logged into the MySQL console and saw that a dump of the database was being written out to a file. This was very unusual: I never schedule database backups in the middle of the day, and it was using a different MySQL user to make the dumps.

Then I noticed where the mysqldump was being written to: the directory for a theme from a WordPress installation I’d set up the previous month, an experiment to finally migrate this blog off of MovableType.

This set off all my alarms. I immediately shut down Apache and MySQL, cutting off the culprit before they could download the dumped data or do any serious damage.

I’d recently updated to the latest WordPress beta, and saw that the functions.php file in the twentysixteen theme directory was replaced with hastily-obfuscated PHP allowing arbitrary commands to be run on my server through the browser.

I’ve had this sort of experience in the past – also with WordPress. It’s a total pain.

Baio points out though that the real weakness was probably not WordPress, but PhPMyAdmin, which is even worse in terms of security vulnerabilities. If you’re running it, delete it.
link to this extract

China’s hippest smartphone maker warns shakeout will get worse » Bloomberg Business

Shai Oster:

OnePlus, based in Shenzhen, is aiming for similar glory. After originally requiring customers to get an invitation before buying a phone, OnePlus is dropping that approach to broaden its appeal and raise its brand awareness in the U.S., Europe and India. The company says it earned $300m selling nearly 1m phones last year, but won’t reveal figures for this year.

Sales have increased to about 1.3m units worldwide in the first nine months of this year, with 57% sold in the Asia Pacific region, according to Jensen Ooi, an analyst at IDC Corp.

“2016 is the year that a lot of people will be exposed to OnePlus,” Pei said, adding that the company is spending money on promotions like a pop-up store in New York’s Times Square to advertise their brand.

The trouble is that almost no one is making money in smartphones these days except Apple. That company alone gobbles up some 90% of industry profits.

“No one is going to get rich off smartphones in the short term,” he said.

OnePlus is probably making more money than HTC.
link to this extract

November 2014: Can’t sign in to Google calendar on my Samsung refrigerator » Google Product Forums

Kris Spencer (apparently):

I have a Samsung RF4289HARS refrigerator. The Google calendar app on it has been working perfectly since I purchased the refrigerator August 2012. However, with the latest changes in Google Calendar API, I can no longer sign in to my calendar. I receive a message stating ” Please check your email in Google Calendar website”. I can sign in fine on my home PC and have no problem seeing the calendar on my phone. Perhaps this is a Samsung issue, but I thought I would try here first. Has anyone else experienced this problem and what was the solution?

Yes, other people certainly had experienced this problem. The solution? Er.. well, here’s a post from 18 November 2015:

After 2 years, I still cannot access my Calendar on my Samsung HRS4289……It says cannot connect to the server. I just got done with Samsung and they say, if it needs a software update, it will ‘come’…..that’s a freaking joke. I have software 2.550 loaded……Is there something I need to do to reestablish my calendar??…..this is so ridiculous. I’m more of a yahoo person and not really too familiar with google calendar except I did have it up and running…Ii do have a google calendar account….and it should be talking. Please be specific if there’s something I need to do. I’d really appreciate it. Very frustrating.

Anyhow, do tell me more about your plans to build an internet fridge – the ultimate zombie product.
link to this extract

Satoshi’s PGP keys are probably backdated and point to a hoax » Motherboard

Sarah Jeong:

there’s one really big problem with the case for Craig S. Wright as Satoshi: at least one of the key pieces of evidence appears to be fake. The “Satoshi” PGP keys associated with the Wired and Gizmodo stories were probably generated after 2009 and uploaded after 2011.

We say keys, because there are two entirely different keys implicated by Wired and by Gizmodo. And neither of them check out.

There is only one PGP key that is truly known to be associated with Satoshi Nakamoto. We’ll call this the Original Key.

Before we continue, we should note that the PGP keys are just one piece of the puzzle. When asked for comment, Gizmodo editor Katie Drummond said that the keys “are just one (relatively small) data point among many others, including in-person interviews and on-the-record corroboration.”

But the keys are important because they’re not just plain suspicious, there’s evidence of active, intentional deception with respect to the keys. (Wired’s Andy Greenberg pointed out that this was already in line with their article, which notes that Wright may have engaged in an elaborate, long-running deception).

Urgh. So much work, and a detail like this seems to sink it (although read on; key creation dates can be faked). The element that made me (as a journalist) wonder about the original story was that the details were leaked by someone who claimed to have “hacked Satoshi”. Really? And yet the characters in the story – far-flung, credible – equally point strongly to it being correct. That sort of detail doesn’t happen coincidentally.

Also, Leah Goodman – who wrote the original “not quite” Satoshi story – says the “hack” was being touted to journalists aggressively this autumn, apparently from a disgruntled employee of the latest “Satoshi”.
link to this extract

The dangers of setting VR expectations and valuations too high » Forbes

Anshel Sag:

One report by Juniper Research forecasts 30m head-mounted display (HMD) shipments by 2020. That expectation includes a projection that 3m HMDs will ship by 2016 driven by video and gaming use cases. My biggest problem with this projection is that there is no one combination of players that can ship 3m units. Even taking Oculus, Sony, Samsung Electronics , and HTC Valve and all their HMDs [head-mounted displays] into account, the prices and volumes simply won’t be there for 3m units in 2016.

The reality will be much closer to 1 to 2 million units in 2016, and most of those will likely be Samsung Electronics’ Gear VR headsets, since the latest version will be shipping for $99 and be compatible with all of Samsung’s latest high-end phones. Oculus doesn’t have the manufacturing capacity or the price point (around $400-$500) to drive enough volume to help reach 3m units. The same goes for the Vive; they aren’t targeting to make it a high volume product. While we don’t know the price yet, we know it’s going to be more than the Oculus Rift and that will affect volume on its own, not to mention the fact that you need quite a bit of space to set it up. Sony and Samsung are the only two companies that really have the knowhow to potentially ship enough units to hit the million mark.

link to this extract

The global village and its discomforts — Design Fictions » Medium

Fabien Girardin suggests that new technologies bring their own anxieties with them:

Social network platforms act as an extension of our social practices. Like with any technological extension we are right to be fascinated by its power and scale. However, we too frequently choose to ignore or minimize the ‘amputations’ and implications they produce.

Or as French cultural theorist Paul Virilio would argue: “The invention of the ship was also the invention of the shipwreck.”

For instance, our capacity to record every moment of our lives comes with the high vulnerability of digital data. In fact, no machine can today read a 15 years old hard drive. It is ironic that we have the technological means to record and share our social lives, yet we all might suffer one day from ‘digital amnesia’.

link to this extract

Can Theranos CEO Elizabeth Holmes fend off her critics? » Bloomberg Business

Sheelah Kolhatkar and Caroline Chen:

Theranos isn’t the only diagnostic company to provide scant details on its technology. “The process has been suboptimal across the industry, but now I think we’re at the crossroads,” [John] Ioannidis [professor of medicine at Stanford, and author of a 2005 paper “Why Most Published Research Findings Are False”] says. “Theranos caught my attention early on because they had such vibrant media stories. Other companies just don’t make such claims. Today it’s Theranos. Tomorrow it may be another company.” He adds: “If you get the wrong test result, you could go down a path that could really destroy your life.”

Holmes says the company’s era of secrecy is over, and it’s inviting outsiders, including reporters, to try the tests for themselves. (For the record, the finger prick feels like a finger prick.) In December, she says, a group of independent medical experts will spend two days in Theranos’s lab to examine the technology, the data, and the regulatory filings, and can then talk publicly about what they found.

Looking forward to that. It would be fantastic if Theranos actually does have a super-cheap blood test; it could make a vast difference to diagnosis. But are the odds in its favour?
link to this extract

Focus by Firefox: content blocking for the open web » The Mozilla Blog

Denelle Dixon-Thayer, Mozilla’s chief legal and business officer:

We want to build an Internet that respects users, puts them in control, and creates and maintains trust. Too many users have lost trust and lack meaningful controls over their digital lives. This loss of trust has impacted the ecosystem – sometimes negatively. Content blockers offer a way to rebuild that trust by empowering users. At the same time, it is important that these tools are used to create a healthy, open ecosystem that supports commercial activity, instead of being used to lock down the Web or to discriminate against certain industries or content. That’s why we articulated our three content blocking principles…

…we’ve based a portion of our product on a list provided by our partner Disconnect under the General Public License. We think Disconnect’s public list provides a good starting point that demonstrates the value of open data. It bases its list on a public definition of tracking and publicly identifies any changes it makes to that list, so users and content providers can see and understand the standards it is applying. The fact that those standards are public means that content providers – in this case those that are tracking users – have an opportunity to improve their practices. If they do so, Disconnect has a process in place for content providers to become unblocked, creating an important feedback loop between users and content providers.

Disconnect is the company whose product was banned from Google Play for “interfering with” other apps. Disconnect formally complained in the EU in June, but hasn’t apparently done so with the FTC in the US.
link to this extract

EU explores whether Google, Yahoo should pay for showing online news snippets » Reuters

Julia Fioretti:

The European Union is looking into whether services such as Google News and Yahoo News should pay to display snippets of news articles, wading into a bitter debate between the online industry and publishers.

The European Commission, the EU’s executive, said on Wednesday it will consider whether “any action specific to news aggregators is needed, including intervening on the definition of rights.”

The move came as Brussels unveiled plans to loosen copyright rules in the 28-member bloc in order to allow citizens to watch more content online.

Dubbed the “Google Tax”, making online services pay to display news snippets has sparked fierce opposition from both the tech industry and some publishers.

Can’t see it ending well for those who want payment. It’s like banning people from deep linking: sounds great to people who haven’t used the internet.
link to this extract

Samsung, Micromax planning to discontinue 2G phones » Times of India

Writankar Mukherjee & Gulveen Aulakh:

Samsung and Micromax, the leading sellers of smartphones in India, are planning to discontinue so-called 2G phones and focus on devices that run on faster 3G and 4G networks as prices have dropped sharply for such handsets in the past year. Then there’s the Reliance Jio effect.

“The focus has shifted to 4G phones with telecom operators launching such services,” said Micromax Informatics chief executive officer Vineet Taneja. “4G models already account for 30% of our portfolio with 14 models and will increase to 20 by March.”

The imminent launch of 4G services by Reliance Jio Infocomm has prompted incumbents Bharti Airtel and Vodafone to launch their own high-speed networks in anticipation of competition. That coupled with falling prices has almost wiped out demand for handsets running on 2G.

link to this extract

Errata, corrigenda and ai no corrida: none notified.

Start up: inside Apple’s A9X, Amazon unlimited?, VTech hacked, YouTube v Palestine, and more

Posted on November 30, 2015 by charlesarthur

This could be the prelude to hypothermia. But what does that feel like? Photo by Nicolas Valentin on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 10 links for you. Use them wisely. I’m charlesarthur on Twitter. Observations and links welcome.

All-in-one PC shipments to drop over 10% in 2015 » Digitimes

Aaron Lee and Joseph Tsai:

All-in-one PC shipments may drop a double-digit percentage on-year in 2015 due to weaker-than-expected demand. Shipments in 2016 are unlikely to see any major growth and may stay flat from 2015, according to sources from the upstream supply chain.

The largest all-in-one PC vendor, Lenovo, is expected to see flat shipment performance and a worldwide market share of around 30% in 2016. Despite the fact that the China government has recently lifted restrictions on opening internet cafes in the country which has boosted demand for all-in-one PCs, Lenovo will not benefit much from related demand since most Internet cafe players require customization, an area that Lenovo is having difficulties to coordinate, causing the opportunities to be mainly seen by second-tier and China white-box makers, the sources noted.

As for the second-largest, Apple, its iMac shipments are expected to grow 5% on year in 2016. iMac’s main manufacturer, Quanta Computer, reportedly has increased its personnel for the product line for 2016, but the ODM declined to comment on market speculation.

link to this extract

Inside the Apple A9X chip » The Motley Fool

Ashraf Eassa on the chip powering the iPad Pro:

Following is a die shot of the A9X, courtesy of Chipworks:

Chipworks’ Dick James tells me that he sees a 12-cluster GPU, two CPU cores, and an absence of the level-three cache memory found inside the A9 chip (I’ll explain why I think Apple didn’t include it later in this article). I agree with his assessment. The two CPU cores can be seen in the green box, and I believe that inside of each blue box are two GPU clusters, for a total of 12 clusters…

According to Chipworks, the chip measures in at approximately 147 square millimeters, a whopping 40% larger than the size of the TSMC-built variant of the A9 chip inside of the iPhone 6s/6s Plus. This is an absolutely huge increase in area (and by extension transistor count) from the A9, which no doubt means that this monster of a chip is far more difficult to manufacture, especially on a relatively new manufacturing technology.

Two CPU cores? Bah. Surely it should be at least eight to be worth talking about?
link to this extract

Is Amazon’s online storage really ‘unlimited’? Read the fine print » ZDNet

Ed Bott:

It’s a trial offer, with the price for the second and subsequent years rising to $60, and renewing automatically unless you say no.

I can tell that some of you are ready to begin migrating the 10 terabytes of data you stored in Microsoft’s OneDrive before they killed that golden goose. May I suggest you first read the Amazon Cloud Drive Terms of Use?

When you do, you will discover that that word, unlimited, does not mean what you think it means.

And you might find that if you really have a lot of data to store that you won’t be able to after all, because they ~~research~~ reserve the right to suspend or terminate “if we determine that your use violates the Agreement, is improper, substantially exceeds or differs from normal use by other users, or otherwise involves fraud or misuse of the Service…” (Emphasis added.)
link to this extract

Israel to coordinate with Google and YouTube to censor Palestinian videos of conflict » Informed Comment

Saed Bannoura:

The Israeli Deputy Foreign Minister, Member of Knesset Tzipi Hotovely, held meetings this week with representatives of YouTube and Google, to find ways of cooperating to censor Palestinian videos from occupied Palestine, videos she dubbed as “inciting violence and terrorism.”

Israeli daily Maariv said Hotovely will be working with Google and YouTube officials in a joint mechanism that will be in charge of “monitoring and preventing” any publication of materials deemed by Tel Aviv to be “inflammatory.”

Hotovely announced in a Hebrew-only press release that she met with YouTube CEO Susan Wojcicki, and Google’s Director of Public Policy, Jennifer Oztzistzki, at Google’s Silicon Valley Offices.

Hotovely said that she received a comprehensive review mechanism for companies to monitor the films that allegedly incite violence, claiming that the supposed ‘incitement videos’ drive young children to go out and stab: “The attacks daily in Israel are the result of youths and children incited by the education system and the social networks, this is a daily war of incitement.”

You can’t be a video hosting service without getting caught in the politics of an area. And of course “incitement to violence” is over the boundary of free speech pretty much everywhere.
link to this extract

As freezing persons recollect the snow: first chill, then stupor, then the letting go » Outside Online

Peter Clark with a scary description of what happens as hypothermia sets in:

When your Jeep spins lazily off the mountain road and slams backward into a snowbank, you don’t worry immediately about the cold. Your first thought is that you’ve just dented your bumper. Your second is that you’ve failed to bring a shovel. Your third is that you’ll be late for dinner. Friends are expecting you at their cabin around eight for a moonlight ski, a late dinner, a sauna. Nothing can keep you from that.

Driving out of town, defroster roaring, you barely noted the bank thermometer on the town square: minus 27 degrees at 6:36. The radio weather report warned of a deep mass of arctic air settling over the region. The man who took your money at the Conoco station shook his head at the register and said he wouldn’t be going anywhere tonight if he were you. You smiled. A little chill never hurt anybody with enough fleece and a good four-wheel-drive.

But now you’re stuck.

(Via Eugene Wei.)
link to this extract

A 59-year-old woman reviews the Apple Watch in real life » Privilege

“Lisa”:

I do think it’s important that we women and we midlifers engage in the tech cycle, if only to ensure that the Brave New World isn’t designed just for 28-year old men.

I first realized I liked the watch as I pushed a cart through Whole Foods. I’d invited my family over for dinner, and was doing the grocery shopping. I’d texted both my sister-in-law and sister to find out if their kids would be OK with the menu. The replies came as I passed the tortilla section. And I did not have to stop, block the aisle, and find my phone in my bag – just pressed the Message smile emoji. A lightweight interaction.

Besides, the Watch is very good-looking, as Mom might say.

But let us review and deconstruct. Not literally. Taking apart solid state devices is not my idea of fun.

link to this extract

100 million LTE phones shipped in China in Q3 2015 » Counterpoint Technology Market Research

Neil Shah:

This has been primarily driven by a meteoric rise in consumers adopting LTE technology as the always-on high speed mobile internet becomes the crux of Chinese consumers’ lives aided by competitive pricing by China Mobile. More than 200m 4G LTE subscribers have been added at the end of Q3 2015 compared to exactly a year ago. China’s LTE subscriber base also crossed 300m users during the quarter. It took just 20 months to cross 300m 4G subs, whereas for 3G subs it took more than 50 months.

Mature Chinese smartphone user base are upgrading their digital lives faster than any other mobile user on this planet. The growing traction of mobile-centric commerce, rise of O2O services, content consumption (video, audio and so forth) coupled with deeply integrated social and messaging communication is making high quality ubiquitous mobile internet a basic need for the Chinese consumers.

Huawei was the no 1 LTE phone supplier with slightly less than one-fifth of the market, followed by Xiaomi, Apple, Oppo and Vivo.

link to this extract

One of the largest hacks yet exposes data on hundreds of thousands of kids » Motherboard

Lorenzo Franceschi-Bicchierai:

The personal information of almost 5 million parents and more than 200,000 kids was exposed earlier this month after a hacker broke into the servers of a Chinese company that sells kids toys and gadgets, Motherboard has learned.

The hacked data includes names, email addresses, passwords, and home addresses of 4,833,678 parents who have bought products sold by VTech, which has almost $2 billion in revenue. The dump also includes the first names, genders and birthdays of more than 200,000 kids.

What’s worse, it’s possible to link the children to their parents, exposing the kids’ full identities and where they live, according to an expert who reviewed the breach for Motherboard.

That expert being Troy Hunt, who has a long writeup on how crap VTech has been. All this harvesting of personal data ahead of inevitable hacks? No way to delete your account (hardly any companies give you that option).
link to this extract

Report: Apple plans to nix 3.5mm port on iPhone 7, require Lightning for wired headphones » 9to5Mac

Citing a reliable source, a report from Japanese blog Macotakara claims that Apple plans to remove the 3.5mm headphone port from the upcoming iPhone 7, helping to achieve a “more than 1mm” reduction in thickness compared to the iPhone 6s. While the screen shape and radius will remain similar, the device will once again become Apple’s thinnest iPhone ever, albeit with a new restriction: headphones will only be able to connect over Lightning or Bluetooth…

Macotakara says that the 3.5mm port “can hardly be thinner because it is the world standard,” which is accurate, though the current-generation iPod touch is 1mm thinner than the iPhone 6s despite having a 3.5mm port inside. It should be noted that Apple actively contemplated switching to the smaller but less popular 2.5mm headphone port standard many years ago, abandoning the plan after users complained about the original iPhone’s recessed 3.5mm port.

Will be good business for Bluetooth headphone companies. Such as Beats?
link to this extract

More China firms developing own ARM-based chips » Digitimes

Monica Chen and Jessie Shen:

China-based ZTE has received a cash injection from the government enabling the company to accelerate the development of its own application processors, while Lenovo also intends to develop ARM-based chips in-house, according to industry sources.

ZTE has received CNY2.4bn (US$73.8m) from China’s National IC Industry Investment Fund, which will help it accelerate the mobile chip development, said the sources.

Huawei has its subsidiary HiSilicon provide ARM-architecture SoCs, which are found in many of the smartphone vendor’s models including high-end ones, the sources indicated. Huawei’s increasing use of HiSilicon chips is already unfavorable to the existing suppliers including MediaTek and Qualcomm.

All essentially trying to differentiate themselves from rivals. Didn’t know about Huawei’s subsidiary, but it makes sense for a network infrastructure company to have a chip designer.
link to this extract

Errata, corrigenda and ai no corrida: none notified.

Start up: the smartphone generation, OLED for iPhone?, VR’s Atari moment, and more

Posted on November 27, 2015 by charlesarthur

A new paper says this might not be enough to give an accurate measurement of your blood. Oh, hello, Theranos, didn’t see you there. Photo by biologycorner on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 10 links for you. (Ooh, are those turkey sandwiches?) I’m charlesarthur on Twitter. Observations and links welcome.

The generation that doesn’t remember life before smartphones » Popular Mechanics

Jacqueline Detwiler:

Zac [aged 18] probably started developing memories around 1999, the year Napster upended the music industry by turning songs into sharable files that nobody owned. Or maybe in 2000, the year Google became Google. Regardless, he is part of the first generation of human beings who never really lived before the whole world was connected by pocket-sized electronic devices. These kids might never read a map or stop at a gas station to ask directions, nor have they ever seen their parents do so. They will never need to remember anyone’s phone number. Their late-night dorm-room arguments over whether Peyton or Eli Manning won more Super Bowl MVPs will never go unsettled for more than a few seconds. They may never have to buy a flashlight. Zac is one of the first teenagers in the history of teenagers whose adult personality will be shaped by which apps he uses, how frequently he texts, and whether he’s on Facebook or Instagram or Twitter or Snapchat. Or whatever comes after Snapchat. Clicking like, clicking download, clicking buy, clicking send—each is an infinitesimal decision in the course of the modern American teenager’s life. They do this, collectively, millions of times a minute. But together these tiny decisions make up an alarming percentage of their lives. This generation is the first for whom the freedom to express every impulse to the entire world is as easy as it used to be to open your mouth and talk to a friend.

link to this extract

Samsung Gear VR review: virtual reality finds its Atari moment » WSJ

Geoffrey Fowler:

unlike other phone-goggle contraptions, the Gear VR headset has its own motion sensors, so it does a much better job of tracking your head movements when you’re turning or looking up. And it pushes the Samsung phone’s processor to cut motion delay to under 20 milliseconds, reducing the nausea-inducing blur. (My test Galaxy S6 Edge Plus worked so hard when mounted, it could blow through its huge battery with an hour or two of intensive VR.)

Other improvements also make Gear VR much more comfortable: The headset itself is less heavy—slimmed 19% from an experimental headset Samsung debuted last year. You can comfortably fit glasses inside, and there’s also a focus adjustment that makes the view more pleasurable for aging eyes.

Yet there’s still some discomfort. Wearing anything on your face for an hour can get old. Also, I occasionally encountered what appeared to be a flicker in the brightest parts of the screen. (Samsung says that’s rare, and has to do with the way my brain processes the screen refresh itself.)

link to this extract

Home Office meeting re IPBill » RevK’s rants

Adrian Kennard (who runs an internet service provider) went to talk to MPs about their Draft Investigatory Powers bill:

At the start of the briefing the the bill was explained, and we heard a story very similar to Theresa May’s comments along the lines of:-

“Consider the case of a teenage girl going missing. At present we can ask her mobile provider for call records before she went missing which could be invaluable to finding her. But for Internet access, all we get is that the Internet was accessed 300 times. What would be useful would be to know she accessed twitter just before she went missing in the same way as we could see she make a phone call”

Now, I am sure this is a well-practised speech, used many times before. I am sure the response has been nodding of heads and agreement with how important “Internet connection records” are, obviously.

However, I, and other ISPA members immediately pointed out the huge flaw in this argument. If the mobile provider was even able to tell that she had used Twitter at all (which is not as easy as it sounds), it would show that the phone had been connected to Twitter 24 hours a day, and probably Facebook as well. This is because the very nature of messaging and social media applications is that they stay connected so that they can quickly alert you to messages, calls, or amusing cat videos, without any delay.

This seemed to fool them somewhat and they had no real answer – we were not just nodding and agreeing, and that was unexpected 🙂

Not much wisdom on any other point either – including whether he could be compelled to lie if he were to use a “canary” over search warrants.
link to this extract

Apple to adopt OLED display for iPhone from 2018 » Nikkei Asian Review

Apple plans to introduce organic light-emitting diode displays for iPhones starting in 2018, sending suppliers racing to fine-tune the technology and invest in capacity expansion.

In light of the decision, South Korea’s LG Display is already planning capacity upgrades. But securing enough panels for the more than 200m phones Apples ships globally every year will likely prove difficult. The US company is thus likely to opt for offering OLED iPhones alongside those using LCD screens.

There are technical challenges as well. The brightness, energy-saving capacity and other functions of OLED panels tend to degrade over time. Apple has begun consulting with display makers and their suppliers of manufacturing equipment about the technology. The companies will work over the next year or so to see whether those drawbacks can be eliminated and a stable supply of screens secured…

…Apple’s shift to OLED displays will have major implications for two Japanese suppliers – Sharp, which is scrambling to rebuild its faltering operations, and Japan Display, which relies on the technology giant for 30% of its business.

2018? That’s a long way off. Why not jump to AMOLED? (Note: LG is spending $8.7bn on a new OLED plant to begin production in the first half of 2018. Coincidence?
link to this extract

New study spills doubt on some fingerprick blood tests » Ars Technica UK

Beth Mole:

Tiny blood droplets that leak successively from a pricked finger can have widely variable contents, researchers reported in the American Journal of Clinical Pathology. In some cases, test results on such finger-bled droplets had nearly eight times more variation than vein-harvested blood samples—the gold standard. Only when the authors tested upwards of five drops combined (60 to 100 microliters) were they able to get accurate results. The study raises concerns that new diagnostic tests that rely on blood drops may yield inaccurate results.

*turns slowly to look at Theranos*
link to this extract

OnePlus concedes that its USB type-C cables are out of spec, will offer refunds » Android Police

Ryan Whitwam:

Google engineer Benson Leung recently started a crusade against bad USB type-C cables, and one of the cables he warned people to stay away from is the one sold by OnePlus. Now OnePlus has responded to the uproar, saying that it will offer refunds to customers who purchased these cables. Well, you can apply for a refund. It’s not clear how long it’ll take.

The issue is that OP’s type-C cable and the type-C adapter both have a 10kΩ resistor, which as Benson Leung has been pointing out, is potentially dangerous to use with some devices. A proper type-C cable has a 56kΩ resistor, and OnePlus says it is in the process of designing a new version of its accessories that have this resistor. OnePlus’ Carl Pei stresses that the cable and adapter are safe to use with the OnePlus 2 because it only pulls 2A of current. However, a phone like the Nexus 5X or 6P draws 3A, and that can cause damage to the power source.

Seems like a big oversight to miss getting the correct resistor.
link to this extract

Reader’s Digest and other WordPress sites compromised to push Angler EK » Malwarebytes Unpacked

Jérôme Segura:

We’re seeing another uptick in WordPress compromises, using a slightly different modus operandi than the EITest campaign we recently blogged about, being responsible for a large number of infections via the Angler exploit kit.

The attack consists of a malicious script injected within compromised WordPress sites that launches another URL whose final purpose is to load the Angler exploit kit. Site owners that have been affected should keep in mind that those injected scripts/URLs will vary over time, although they are all using the same pattern (see IOCs below for some examples).

The website of popular magazine Reader’s Digest is one of the victims of this campaign and people who have visited the portal recently should make sure they have not been infected. The payload we observed at the time of capture was Bedep which loaded Necurs a backdoor Trojan, but that of course can change from day to day.

Solution: don’t read sites on desktop? (Thanks Ivan Ivanovich.)
link to this extract

Macbook charger teardown: the surprising complexity inside Apple’s power adapter » Righto

The wonderful Ken Shirriff, who does electronics teardowns of fabulous sophistication and insight:

The Macbook 85W charger costs $79 from Apple, but for $14 you can get a charger on eBay that looks identical. Do you get anything for the extra $65? I opened up an imitation Macbook charger to see how it compares with the genuine charger. From the outside, the charger looks just like an 85W Apple charger except it lacks the Apple name and logo. But looking inside reveals big differences. The photos below show the genuine Apple charger on the left and the imitation on the right.

Inside the Apple 85W Macbook charger (left) vs an imitation charger (right). The genuine charger is crammed full of components, while the imitation has fewer parts.

The imitation charger has about half the components of the genuine charger and a lot of blank space on the circuit board. While the genuine Apple charger is crammed full of components, the imitation leaves out a lot of filtering and regulation as well as the entire PFC [Power Factor Correction] circuit. The transformer in the imitation charger (big yellow rectangle) is much bulkier than in Apple’s charger; the higher frequency of Apple’s more advanced resonant converter allows a smaller transformer to be used.

Also included: a microprocessor with as much power as the original Mac.
link to this extract

The Telharmonium was the Spotify of 1906 » Atlas Obscura

Ella Morton:

Invented by lawyer Thaddeus Cahill and initially known as the dynamophone, the telharmonium made use of telephone networks to transmit music from a central hub in midtown Manhattan to restaurants, hotels, and homes around the city. Subscribers could pick up their phone, ask the operator to connect them to the telharmonium, and the wires of their phone line would be linked with the wires emerging from the telharmonium station. The electrically generated tunes would then stream from their phone receiver, which was fitted with a large paper funnel to help pump up the volume. (The electric amplifier had not yet been invented.)

The music was generated live at what Cahill called a “music plant,” which was located at Broadway and 39th Street. An entire floor of the building, which came to be known as Telharmonic Hall, was filled with the 200 tons of machinery required to generate the telharmonium’s tunes. With its banks of spinning rotors, switchboards, transformers, and alternators, the behemoth instrument gave “the impression of nothing so much as a busy machine-shop, or the center of a considerable manufacturing industry,” according to a 1906 article in McClure’s Magazine.

“Facebook, invented by Thaddeus Zuckerberg..” Why isn’t anyone called Thaddeus anymore? Notice also that this is an American publication, yet it uses “Spotify” as its shortcut for “streaming service” rather than, say, Pandora.
link to this extract

Jonathan Mayer, well-known online security expert, joins F.C.C. » The New York Times

Natasha Singer:

Among digital security experts, Mr. Mayer is known, among other things, as the Stanford computer scientist who reported in 2012 that Google was bypassing privacy settings in Apple’s Safari browser by placing bits of code in digital ads that tracked the sites users visited. Google subsequently agreed to pay a $22.5 million fine to settle charges by the Federal Trade Commission that the company had misrepresented its privacy practices.

Now Mr. Mayer, 28, has a new handle: federal regulator.

On Tuesday, the Federal Communications Commission said it had hired Mr. Mayer as chief technologist in the agency’s enforcement bureau.

Impressive hiring.
link to this extract

Errata, corrigenda and ai no corrida: none notified.

Start up: why Win10 update was pulled, Android v the law, post-iPad mini, neural nets on the move, and more

Posted on November 25, 2015 by charlesarthur

Quiet eye? Roger Federer winds up to serve. Photo by not enough megapixels on Flickr.

You can now receive each day’s Start Up post by email. You’ll need to click a confirmation link, so it ain’t spam.

A selection of 11 links for you. Hug them to your chest like your long-lost children. I’m charlesarthur on Twitter. Observations and links welcome.

Microsoft pulled the Windows 10 November Update due to privacy setting bug » Winbeta

Zac Bowden:

Microsoft has today detailed why they chose to pull the Windows 10 November Update from Windows Update and the Media Creation Tool over the weekend. Their initial comment regarding the situation claimed the company decided that all users needed to update via Windows Update, but it appears that was not the entire story.

Microsoft told WinBeta the update was pulled due to issues with privacy concerns. More specifically, upon installing the update, Windows would not remember the users set privacy settings, meaning Windows would simply default them. While not a huge bug, it did raise a few privacy concerns amongst those upgrading.

link to this extract

How the ‘quiet eye’ technique makes athletes more coordinated » The Atlantic

David Kohn:

Until recently, most researchers viewed these skills in terms of coordination and reflex, believing that those who were better at making a free-throw or suturing a wound simply had had superior physical dexterity. But in the past few years, a small group of neuroscientists have identified a new way of understanding coordination, one that focuses on visual and cognitive skills over physical prowess.

The concept, known as the quiet-eye theory, is deceptively simple: Before you perform an action, you focus your gaze on the salient aspects of your goal—the rim, the catcher’s mitt, the malignant tissue, and so on. In recent years, using eye-tracking technology, researchers have found that locking onto the relevant stimulus during the right time frame—typically the few hundred milliseconds before, during and after the movement—greatly improves your chances of success.

“When your eyes provide the data, your motor system just knows what to do,” says Joan Vickers, a cognitive psychologist at the University of Calgary and one of the originators of the quiet-eye theory. “Your brain is like a GPS system. It detects target, speed, intensity, and distance.”

link to this extract

On smartphone encryption and public safety » Manhattan District Attorney’s Office

There are a larger variety of Android devices than Apple devices. Forensic examiners are able to bypass passcodes on some of those devices using a variety of forensic techniques. For some other types of Android devices, Google can reset the passcodes when served with a search warrant and an order instructing them to assist law enforcement to extract data from the device. This process can be done by Google remotely and allows forensic examiners to view the contents of a device.

For Android devices running operating systems Lollipop 5.0 and above, however, Google plans to use default full-disk encryption, like that being used by Apple, that will make it impossible for Google to comply with search warrants and orders instructing them to assist with device data extraction.

Did not know about the remote reset.
link to this extract

Peak iPad mini » Above Avalon

Neil Cybart:

The iPad mini’s best days are behind it. Using app analytics data from Fiksu and Mixpanel, along with my own iOS device sales estimates and projections, I was able to derive iPad mini sales since launch. Over the past two years, iPad mini sales trends have deteriorated much faster than most people think. When taking into account the move to larger iPhones and iPads, the iPad mini’s value proposition has likely been weakened to such a degree that the decline in sales is permanent.

Seems that the real decline in iPad sales is of the mini – not the bigger one. So how will the giant iPad fare? Cybart’s analysis is always thoughtful.
link to this extract

You may be more exposed to the tech bubble than you think » Quartz

Allison Schrager:

First, you might have a stake in these companies if you own any actively managed mutual funds, perhaps through your retirement plan. According to Todd Rosenbluth, director of mutual fund research at Standard &Poor’s, large mutual funds have been investing in non-public companies for years. “Most people have no idea.” he says. The payoffs can be big if some of these firms successfully go public, but the risks are significant because it’s impossible to assign a consistent, accurate value to these investments, and they are hard to sell if the fund faces redemptions. However, regulation keeps mutual funds from holding large amounts of private shares, which would mitigate the impact. “It’s a tiny part of their portfolios,” Rosenbluth says. For example, only about 2% of the Fidelity Blue Chip Growth fund is made up of tech startup investments.

The second way you’re exposed is through public pensions, whether you’re a direct beneficiary or not.

Feels like a stretch, to be honest. And certainly nothing like the dot-com bust.
link to this extract

YouTube Kids app faces new complaints » The New York Times

Ceclia Kang:

Visit YouTube Kids and it typically does not take long before promotions for junk food appear. The advertisements regularly appear in the form of funny contests and animated stories.

In complaints filed to federal officials on Tuesday, two prominent consumer advocacy groups argued that those ads are deceptive, particularly for children. The two complaints, made to the Federal Trade Commission, expand on filings the groups made to the agency in April and could increase pressure on federal officials to intervene in the fast-growing online video market.

The groups, the Campaign for Commercial-Free Childhood and the Center for Digital Democracy, argue in the complaints that online video aimed at children has become too commercialized and is not held to the same standards as cable and broadcast TV. The complaints call for an investigation of food marketers, video programmers and Google, which owns YouTube, as well as a broad examination of advertising of such food to children online.

If YouTube by default becomes the new online TV, shouldn’t it be held to the same standards as broadcast TV?
link to this extract

Sony employees on the hack, one year later » Slate

Amanda Hess:

Outside Sony, it would eventually seem as if all the studio’s info had been exposed for everyone to see. But inside the studio, nobody could access anything. “Everything was so completely destroyed. It was surreal. Everything was down,” one ex-employee told me. “It wasn’t just one system or one part of the lot or one building. The network was completely chewed up by the virus.”

“It was like a bomb went off,” one staffer says. “We looked around. We were still alive. So we started doing triage.”

The telephone directory vanished. Voicemail was offline. Computers became bricks. Internet access on the lot was shuttered. The cafeteria went cash-only. Contracts—and the templates those contracts were based on—disappeared. Sony’s online database of stock footage was unsearchable. It was near impossible for Sony to communicate directly with its employees—much less ex-employees, who were also gravely affected by the hack—to inform them of what was even happening and what to do about it. “It was like moving back into an earlier time,” one employee says. The only way to reach other Sony staffers was to dial their number directly—if you could figure out what it was—or hunt them down and talk face to face.

link to this extract

NeuralTalk and Walk » Vimeo

Kyle McDonald:

NeuralTalk and Walk from Kyle McDonald on Vimeo.

Andrej Karpathy’s “NeuralTalk” code (github.com/karpathy/neuraltalk2) slightly modified to run from a webcam feed. I recorded this live while walking near the bridge at Damstraat and Oudezijds Voorburgwal in Amsterdam.

All processing is done on my 2013 MacBook Pro with the NVIDIA 750M and only 2GB of GPU memory. I’m walking around with my laptop open pointing it at things, hence the shaky footage and people staring at themselves.

Pretty smart.
link to this extract

Top Android app devs found exfiltrating mystery stealth packets » The Register

Four researchers have found two thirds of the most popular Android apps indulge in seemingly-useless covert chatter with remote servers.

Top developers including Gameloft, Unity3d, and grillgames are implicated to varying degrees.

The chatter has no use to users. About half of the traffic is related to analytics, such as that used by Twitter and Pandora, with the rest of unknown purpose.

They make the findings in the paper Covert Communication in Mobile Applications (PDF).

“…In fact, some applications start collecting analytics information even before they get activated. For example, twitter, Walmart and Pandora start their data collection as soon as the phone is booted and continue, periodically, during the phone’s entire up time, even if the applications themselves were never used. In most cases, the user cannot opt-out from such data sharing without uninstalling the application.”

Five apps died when the covert chatter was killed off after the code in question was manipulated by the research team.

link to this extract

Automated scanning of Firefox extensions is security theatre (and here’s code to prove it) » Dan Stillman

Stillman wrote a simple Javascript extension that grabs sites and passwords, yet passes Mozilla’s “scanner” which looks for “malware”:

I asked in February how the scanner would possibly catch things like this, and the response from Mozilla’s Add-ons Developer Relations Lead was that most malware authors are lazy and that he believed the scanner could be made to “block the majority of malware”. The fact that, nine months later, and a few weeks before an enforcement deadline that was already postponed by several months, someone can write a trivial extension in a few minutes that steals passwords, runs a local process, and executes arbitrary remote code, but that is still automatically signed, demonstrates just how ill-conceived this scheme is. It also destroys any argument that whitelisting would put users at greater risk for malware, and it’s infuriating that we’ve had to waste the last few months arguing about the dangers of a whitelisted Zotero. And it’s just depressing that the entire Mozilla developer community spent the last year debating extension signing and having every single counterargument be dismissed only to end up with a system that is utterly incapable of actually combating malware.

link to this extract

Android One fails to make a mark despite revamp » The Economic Times

Danish Khan:

According to Counterpoint Research, only 1.2m units of Android One [handsets] were shipped to India during its first year (September 2014 to September 2015) in the country, making up only 3.5% of the $50-$100 phone market, the segment which sells the most phones.

Only 3m devices are said to have been shipped in total across the 19 countries that Android One has launched in. Of this, 85% of sales took place in the Asia-Pacific market.

Counterpoint’s Tarun Pathak said that for Android One to succeed in India, Google and its partners need to scale down to lower price points and differentiate the product from biggest competitor which is “Android” itself, which is competing with Android One via original equipment makers (OEM) that are present across $50-$100 price band in India.

Lack of LTE turns out to be a key mistake.
link to this extract

Errata, corrigenda and ai no corrida: none notified.

Start up: hackers for hire, Chrome grows, Tinder’s CEO chats, and more

Posted on November 19, 2015 by charlesarthur

Google Timeline: law-enforcement-friendly, at least in theory. Picture by portalgda on Flickr.

Mumble mumble receive each day’s Start Up post by email. Rhubarb rhubarb confirmation link, mutter no spam.

A selection of 9 links for you. Free as in cabbage. I’m charlesarthur on Twitter. Observations and links welcome.

Hired-gun hacking played key role in JPMorgan, Fidelity breaches » Reuters

Jim Finkle and Joseph Menn:

The trio, who are accused of orchestrating massive computer breaches at JPMorgan Chase & Co and other financial firms, as well as a series of other major offences, did little if any hacking themselves, the federal indictments and a previous civil case brought by the U.S. Securities and Exchange Commission indicate.

Rather, they constructed a criminal conglomerate with activities ranging from pump-and-dump stock fraud to Internet casino break-ins and unlicensed Bitcoin trading. And just like many legitimate corporations, they outsourced much of their technology needs.

“They clearly had to recruit co-conspirators and have that type of hacker-for-hire,” said Austin Berglas, former assistant special agent in charge of the FBI’s New York cyber division, who worked the JPMorgan case before he left the agency in May. “This is the first case where it’s that clear of a connection.” Berglas, who now heads cyber investigations for private firm K2 Intelligence, said additional major cases of freelance hacking will come to light, especially as more people become familiar with online tools such as Tor that seek to conceal a user’s identity and location.

link to this extract

Living in different worlds » Benedict Evans

A few years ago, one of the big UK retailers told me an anecdote from some market research they’d done into cameras. Their customers had said they wanted a solution for storing all the camera cards they had. This puzzled the researchers, so they dug a little further, and found out that a lot of their customers had dozens and dozens of memory cards.…

[they] just took the memory card out of the camera at the end of a trip, and when they wanted to show people the photos they’d taken they retrieved the card and put it back into the camera.

I recognise this behaviour because it’s what my father-in-law does – and when he wants to print something from his computer, he takes a photo of the screen, takes out the camera’s memory card, slots it into the printer and prints out the photo (he also made quite a lot of money day-trading Imagination Tech – over the phone).

As we go from 1.5bn PCs, of which only half are consumer, to 3bn iOS and Android devices today and 4-5bn in the future, this will become ever more important.

link to this extract

Chrome’s number of monthly active users on mobile devices has doubled over the past year

Bertel King:

During the keynote address yesterday for this year’s Chrome Dev Summit, VP of Chrome Darin Fisher shared some numbers about the mobile web browser’s rate of adoption. tl;dr, people are flocking to Chrome, and fast. Over the past year, the number of 30 day active users has doubled from 400 million to 800 million.

Chrome’s adoption has been boosted by an increasing number of devices now shipping the browser by default. Chrome for Android users visit 100+ sites a month on average, showing a decent level of engagement.

The power of defaults. Once it was Internet Explorer; now it’s Chrome. That final sentence is maddening, though. Where’s the evidence that that’s a decent level of anything? What does it compare to? Three different sites per day is “decent engagement”? Seriously? There’s a new generation of people writing content who seem incapable of doing simple maths and following its thread. (1.4bn Google Android monthly active users, 800m Chrome monthly active users. Think about that too.)
link to this extract

Exclusive: Samsung Pay to launch in China, Spain, and the UK in Q1 2016 » SamMobile

As per the information that we’ve received, Samsung is planning to launch Samsung Pay in China, Spain, and the UK in the first quarter of 2016. Currently, only five Samsung devices – the Galaxy S6, the Galaxy S6 edge, the Galaxy S6 edge+, the Galaxy Note 5, and the Gear S2 – support Samsung Pay, though the Gear S2 only supports NFC payments.

Samsung uses MST technology, which mimics card swipes at regular checkout equipments to make payments, in Samsung Pay-enabled smartphones.

Card swipes are useless in the UK and Spain, as everything is chip-and-PIN. But Samsung Pay does support those too. Wonder if that will help sales of the high-end phones at all.
link to this extract

How law enforcement can use Google Timeline to track your every move » The Intercept

Jana Winter:

The recent expansion of Google’s Timeline feature can provide investigators unprecedented access to users’ location history data, allowing them in many cases to track a person’s every move over the course of years, according to a report recently circulated to law enforcement.

“The personal privacy implications are pretty clear but so are the law enforcement applications,” according to the document, titled “Google Timelines: Location Investigations Involving Android Devices,” which outlines the kind of information investigators can now obtain.

The Timeline allows users to look back at their daily movements on a map; that same information is also potentially of interest to law enforcement. “It is now possible to submit a legal demand to Google for location history greater than six months old,” the report says. “This could revitalize cold cases and potentially help solve active investigations.”

Familiar? Exactly the same realisation for iOS in 2011, which was then quickly encrypted. Android was already doing that too.

Four years later, nothing’s really changed.
link to this extract

Tinder? I’m an addict, says hook-up app’s co-creator and CEO Sean Rad » London Evening Standard

Charlotte Edwardes swipes quite a weird interview, including this:

He’s obsessed with journalists — “too many are not seeking truth but fame” — and baffled by critics because “you can’t deny Tinder is what the world wants”. His own “truth” is that Tinder is “wonderful” — “we’ve solved the biggest problem in humanity: that you’re put on this planet to meet people.”

In September Vanity Fair accused Tinder of heralding the “dawn of the dating apocalypse” in an article that interviewed twentysomethings in New York who used it solely for casual sex.

Rad is “defensive” and still “upset” about the article, muttering mysteriously that he has done his own “background research” on the writer Nancy Jo Sales, “and there’s some stuff about her as an individual that will make you think differently.” He won’t elaborate on the matter.

His argument for why the piece was “wrong” veers from “our research shows 80 per cent of users are looking for a long-term meaningful relationship” to “we believe in democracy. If society just wants to ‘hook up’, who am I to judge?”

link to this extract

WhatsApp reneges on their promise of true message encryption » Medium

Dawud Gordon:

In interviews with journalists WhatsApp stated that they would use Public Key Encryption, where only the sender and recipient can unencrypted content. Indeed they did, but they used the same key for every user. This makes the Brno hack possible, meaning anyone on the same network as your phone could gain access to the content of your messages. Also, it means that WhatsApp themselves still have access to all message content. Moreover, their parent corporation Facebook has access as well and the ability to target you with advertising based on the content of your WhatsApp messaging. While this is surprising given WhatsApp’s previous PR, it does explain the mysterious $19bn price tag that Facebook was willing to put on WhatsApp.

link to this extract

India to overtake US next month with 402 million internet users » Tech In Asia

Malavika Velayanikal:

The number of internet users in India will reach 402 million next month, nearly 50% more than what it was last year, according to a study by the Internet and Mobile Association of India (IAMAI) and IMRB International. With the latest surge, India will overtake the US to have the second-largest internet user base in the world, next only to China. This will be music to the ears of mobile and internet-based businesses targeting the fast-growing digital market in India.

It took a decade for India to move from 10 million internet users to 100 million, but only four years to quadruple that figure. The primary driver of this takeoff is the boom in affordable smartphones over the past couple of years. But two-thirds of India’s population remain outside the internet, and broadband availability is poor.

link to this extract

Google Glass successor dumps some glass » The Information

Jessica Lessin:

So much for the screen. We’ve learned that Google’s revamped Google Glass project, dubbed Project Aura, is working on a wearable with a screen—and at least one without.

People tell us there have been three versions of the head-mounted device in development, although the three may be consolidated into two. One version, targeted at enterprises, has a screen. The others, one of which is targeted at “sport” users, doesn’t and relies on audio. They use bone conduction, like the original Google Glass. In other words, headphones worn on your face.

Or even like headphones worn on your head?
link to this extract

Errata, corrigenda and ai no corrida:

Start up: the Watch drop, Tango slows, Samsung’s bug bonanza, kids and tablets, and more

Posted on November 6, 2015 by charlesarthur

Guess how much this ad cost. OK, if it were actually inside the TV. Photo by wonderferret on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 9 links for you. Use them wisely. I’m charlesarthur on Twitter. Observations and links welcome.

Popular Apple blogger stops wearing his Apple Watch every day » Fortune

Philip Elmer-DeWitt quoting John Gruber, speaking to developer Guy English on his own Talk Show podcast:

“I’ve been intrigued. And I do wear mine, but I don’t wear it every day. I foresee a bright future for it. But I just don’t think I was ever squarely in the market for it. It’s just not the sort of thing that speaks to me.”

[Here Guy English jokes about Gruber’s lack of interest in fitness — fitness tracking being one of the device’s key selling points.]

“Yeah. Right. Once I stopped wearing it every day… there is this weird motivating thing where you want to keep filling these circles everyday. And you get this streak going and you keep going. And I’m sure people are more fit. But then once you stop wearing it every day you definitely by definition have days where you didn’t fill all the circles. [It] just ruins it. It means you don’t care anymore. I don’t know. It just doesn’t excite me that much.”

Personally, still wearing mine each day; does so many things I need (such as, on Thursday evening while driving, starting navigation home via Siri because my normal route was blocked. Would have been tough and distracting with the phone).
link to this extract

Google is cutting the cost of its Project Tango depth-sensing tablets in half » VentureBeat

Harrison Weber:

The deal, effective “in the coming weeks,” Google said, follows the company’s $20,000 contest that tasked developers with creating “unique augmented reality (AR) experiences” for Tango devices. The winning submissions require a Project Tango device to work, but you can get a taste of the ideas here (and here).

Google told us it doesn’t have a set duration for the discount, but the company apparently has “a limited, but sizable number of promotional codes. We haven’t finalized the exact number yet,” a spokesperson told us…

…Project Tango’s future remains unclear: Google originally aimed to launch a “consumer-scale” Project Tango device with LG in 2015. Then in January, the company spun Tango out of its Advanced Technology and Projects group without sharing much information on the initiative’s next steps.

When asked if the discount was designed to get rid of developer units ahead of a new release, a spokesperson replied, “This is very much to get kits in the hands of developers and shore up the ecosystem. We still don’t have a timetable on consumer-ready units.”

Suggested headline tweak: “Google is halving the cost of…”
link to this extract

Can I annoy you for a penny a minute? » Medium

Rob Leathern:

US TV advertising revenue is expected to reach $78.8bn this year. The average person over 2 years of age in the United States still watches an amazing 29 hours and 47 minutes of TV per week. Which means, when you work it out, that’s just $0.18 in ad revenue per hour of TV watched.

TV Networks are even speeding up their programming in order to fit in more ads as prices fall and viewership dwindles. The average hour of cable television now has 15.8 minutes of ads compared with 14.5 minutes five years ago. The Wall Street Journal reported that “TBS used compression technology to speed up [movies and TV shows]” — this video on YouTube shows an example of this tactic with a Seinfeld rerun. For reruns and movies especially, cable networks have long rolled credits very quickly or cut TV opening sequences out entirely.

I find Leathern a must-follow: he has so much inside knowledge of the online ad business, both good and bad. Meanwhile, I find TV in the US unwatchable because of the volume (in both senses) of ads.
link to this extract

Open Data Institute summit 2015: Matt Hancock speech » GOV.UK

Hancock is an MP and the Paymaster General (a role within the Treasury):

One local authority is using this [LIDAR] data to make the case for new flood defences. Council staff 3D printed the local area and fashioned blocks to show where the flood defences might go. Then they poured water on the model, to show local residents exactly which areas would flood, depending on where they put the defences.

Nor is it just local engagement. Precision farming, archaeological digs, urban planning, even uploading England to the game Minecraft: these are just some of the applications we’ve heard about since the data was published.

Let’s take another example. Two years ago Land Registry released the Price Paid Dataset (PPD), tracking residential property sales in England and Wales. The PPD is used by sites like RightMove and Zoopla to bring up-to-date sales data to an audience of millions.

Now we’re enriching it. As of last week, this dataset will also include sales through repossession, those purchased by companies and by-to-lets. It will also allow users to see the sales of non-residential property for the first time.

The applications include developing valuation software, improving planning policy, building apps that analyse market trends, and for academic research.

And the point is this. No minister, even armed with the best policy advice, could possibly conceive of all the things that government data can do.

The only way to find out is to open it up.

Great to see a Treasury minister advocating free government data – which is exactly what the Free Our Data campaign was about, almost ten years ago. Less heartening to see Hancock not pushing for the same from the Freedom of Information Commission.
link to this extract

Hack the Galaxy: hunting bugs in the Samsung Galaxy S6 Edge » Project Zero blog

Natalie Silvanovich, of Google’s Project Zero team, which tries to find bugs in all sorts of software, on a sustained effort to see what weaknesses Samsung’s TouchWiz and other customisations brought to Android:

A week of investigation showed that there are a number of weak points in the Samsung Galaxy S6 Edge. Over the course of a week, we found a total of 11 issues with a serious security impact. Several issues were found in device drivers and image processing, and there were also some logic issues in the device that were high impact and easy-to-exploit.

The majority of these issues were fixed on the device we tested via an OTA [over the air] update within 90 days, though three lower-severity issues remain unfixed. It is promising that the highest severity issues were fixed and updated on-device in a reasonable time frame.

So only a few hundred other devices to work through then. How different are the other Samsung devices? And then there’s the LG, Sony, and everyone else..
link to this extract

Toddlers are already pros with tablets and smartphones, study finds » NBC News

Maggie Fox:

Toddlers and preschoolers are often left to their own mobile devices, with half enjoying their very own TV by the tender age of 4 and more than three-quarters regularly using their own mobile devices, researchers said Monday.

Most are starting before they are even a year old — and by age 3, they’re using the devices all by themselves, the team reports in the journal Pediatrics.

The survey was done in a single urban pediatric clinic in Philadelphia, and the researchers note that the findings do not necessarily extend to the whole country.

But they paint a troubling picture of populations of low-income and minority babies, and toddlers being kept quiet with televisions or tablet devices streaming cartoons.

I’m much more worried about the idea of sitting the children in front of US TV, which spews up to 20 minutes of ads per hour at them, than of them using tablets – where at least they might have some agency. (Could we wish for better software for kids though?)
link to this extract

Apple and sapphire supplier reach new accord on $439m loan » WSJ

Peg Brickley:

GT Advanced Technologies Inc. has reached an accord with Apple that will get it out from under $439m in debt it picked up in a failed effort to qualify as a supplier of smartphone-screen material.

The settlement provides for an auction by Nov. 23 of equipment that GT provided in the effort, the proceeds of which will be divided, GT said in papers filed on Monday in the U.S. Bankruptcy Court in New Hampshire. While GT intends to hang on to some of the equipment—as many as 600 sapphire-making furnaces—it is prepared to auction what it can and abandon what it can’t cart off, court papers say.

Anything not sold will be handed over to Apple, which has agreed to scrap the equipment and extinguish the loan it made to transform GT from an equipment manufacturer into a supplier of smartphone-screen material.

End to a long saga. I wrote about it a year ago.
link to this extract

The No.1 mistake people I interview [for jobs] are making these days » Business Insider

Jessica Liebman is managing editor of Business Insider:

Lately, the majority of people I interview have one thing in common.

They’re all messing up on something that I think is very important when trying to get a job: the Thank You Email.

Did not know this was A Thing.
link to this extract

FBI official: It’s America’s choice whether we want to be spied on » Ars Technica

Jon Brodkin:

While technology companies have resisted government attempts to access customer data, [FBI general counsel James] Baker said [at the Advanced Cyber Security Center conference] law enforcement has more success with some companies than others.

In some cases, a company will tell law enforcement that it can only provide metadata or a “snapshot of the account once a day” instead of the real-time surveillance authorities want, he said.

The FBI has an easier time getting data from companies whose business models depend on viewing customer data, he said.

Some companies “want to monetize the analysis of communications of their customers, for example those companies that actually look at e-mail and analyze it and send you targeted ads,” Baker said.

Baker didn’t mention any specific companies, but this is a practice in place at Google.

“None of that is encrypted, so we can go there and get the order and have the order be effective, and that’s good,” Baker said.

Well, good-ish. (Thanks @papanic for the link.)
link to this extract

Errata, corrigenda and ai no corrida: After yesterday’s item on GPS errors compared to a marathon: they measure marathons (PDF) using “a calibrated bicycle fitted with a Jones counter” which is “the only approved method of measuring road race courses” (which includes marathons).

Start up: payday search predators, the natural nuclear reactor, Facebook’s code problem and more

Posted on November 4, 2015 by charlesarthur

Shh! Don’t tell Facebook! Photo by The Keenes on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 11 links for you. Please note: the “link to this extract” link doesn’t work if you’re using it from the email. Who shall we blame? Meanwhile, I’m charlesarthur on Twitter. Observations and links welcome.

People’s deepest, darkest Google searches are being used against them » The Atlantic

Adrienne Lafrance:

Consider, for example, a person who googles “need rent money fast” or “can’t pay rent.” Among the search results that Google returns, there may be ads that promise to help provide payday loans — ads designed to circumvent Google’s policies against predatory financial advertising. They’re placed by companies called lead generators, and they work by collecting and distributing personal information about consumers online. So while Google says it bans ads that guarantee foreclosure prevention or promise short-term loans without conveying accurate loan terms, lead generators may direct consumers to a landing page where they’re asked to input sensitive identifiable information. Then, payday lenders buy that information from the lead generators and, in some cases, target those consumers—online, via phone, and by mail—for the very sorts of short-term loans that Google prohibits.

But look, if Google bans those ads, then it’s taking a position. Shouldn’t it only accept ads from organisations that it has vetted? Or just not accept ads on those searches?
link to this extract

In the 1970s, scientists discovered a two billion-year-old nuclear reactor in west Africa » Medium

The Physics ArXiv blog explains:

When the ore in Gabon was laid down some 2 billion years ago, the concentration of uranium-235 would have been about 4%, more than enough for a self-sustaining nuclear reaction.

The idea is that when a neutrons hits an atom of uranium-235, the atom splits producing two smaller nuclei and several neutrons. These neutrons go on to split other atoms in an ongoing chain reaction.

However, the liberated neutrons are high-energy particles that tend to fly away rapidly. So nuclear reactors usually contain a moderating material that slows down the neutrons so that they can interact with other uranium atoms.

It turns out that water is a reasonable neutron moderator. So an important component of this natural reactor was the presence of water seeping through the uranium ore. And this had an interesting impact on the way the reactors operated.

Nuclear scientists believe that the Oklo reactors operated in pulses. As water flowed into the rock, it moderated the neutrons, allowing a chain reaction to occur. But this increased the temperature of the rock, boiling the water into steam which escaped.

Kept running for 300,000 years. More useful than that is what it taught scientists about how fission waste products migrate from burial sites. Turns out the answer is: not that much.
link to this extract

Facebook’s code quality problem » Graham King

Facebook has a software quality problem. I’m going to try to convince you with three examples. This is important because it demonstrates the time-honored principle that quality matters. In demonstrates it, as Facebook engineers like to say, at scale. I don’t work at Facebook or any competitor, I’m just an observer.

The three examples – 18,000 Objective-C classes in the iOS app with 429 people working on it (note: delete the app), database restarts and the fact that the site works better when its engineers aren’t there, all speak to a classic problem.
link to this extract

Hackers claim million-dollar bounty for iOS zero-day attack » WIRED

Andy Greenberg:

On Monday, the security startup Zerodium announced that it’s agreed to pay out that seven-figure sum to a team of hackers who have successfully developed a technique that can hack any iPhone or iPad that can be tricked into visiting a carefully crafted web site. Zerodium describes that technique as a “jailbreak”—a term used by iPhone owners to hack their own phones to install unauthorized apps. But make no mistake: Zerodium and its founder Chaouki Bekrar have made clear that its customers include governments who no doubt use such “zero-day” hacking techniques on unwitting surveillance targets.

In fact, Bekrar tells WIRED that two teams of hackers had attempted to claim the bounty, which was announced in September with an October 31st deadline. Only one proved to have developed a complete, working iOS attack. “Two teams have been actively working on the challenge but only one has made a full and remote jailbreak,” Bekrar writes. “The other team made a partial jailbreak and they may qualify for a partial bounty (unconfirmed at this time).”

I’d like to see documentary proof of the hack before I take this at face value. Zerodium is clearly seeking publicity; and the incentive to, um, bend the truth around seven-figure annoucements is high.
link to this extract

Ranking Digital Rights – Ranking ICT sector companies on respect for free expression and privacy

For the inaugural Index, Ranking Digital Rights analyzed a representative group of 16 companies that collectively hold the power to shape the digital lives of billions of people across the globe. Leading global ESG research and ratings provider, Sustainalytics, co-developed the methodology.

Eight publicly listed Internet companies and eight publicly listed telecommunications companies were selected based on factors including geographic reach and diversity, user base, company size, and market share. These companies were assessed on 31 indicators across three categories – commitment, freedom of expression, and privacy – drawn heavily from international human rights frameworks, as well as emerging and established global principles for privacy and freedom of expression.

The research revealed a deep need for improvement:

Only six companies scored at least 50% of the total possible points;
The overall highest score was only 65%;
Nearly half the companies in the Index scored less than 25%, showing a serious deficit of respect for users’ freedom of expression and privacy.

Google came top in internet companies. List at https://rankingdigitalrights.org/index2015/. Apple isn’t there – doesn’t it have any impact?

Anyhow, speaking of digital rights and freedom of expression…
link to this extract

A surprisingly difficult question for Facebook: do I have boobs now? » The Guardian

Hannah Jane Parkinson talks to Courtney Demone, a trans woman (ie born male) who asks the question that Facebook apparently finds exceptionally hard to answer:

Demone says that Facebook likes to present itself as a liberal and progressive organisation, but that most of its actions in this regard are decidedly low-risk. She mentions Facebook’s introduction of a widget allowing users to overlay their profile pictures with a rainbow flag and notes that it was to celebrate a gay marriage law which had been passed by the US supreme court – not before, in support of it.

Demone says that [Facebook’s] allowing users to define their gender in a free-form field, and offering a choice of pronouns, is progressive, but it is decidedly lower risk rather than, say, challenging the paradigm that female nipples should be covered up. This, of course, would run the risk of offending advertisers and in the case of Instagram, result in a 17+ user rating in app stores.

This gets to such a deep question: why should American organisations get to decide the mores of the countries that they export their business to? Mark Zuckerberg once said he hoped Facebook could solve the Arab-Israeli conflict by making people friends. But topics such as this shows why it can be seen as more like an enemy of social change.
link to this extract

India LTE smartphone shipments grew 2400% annually climbing to 10m units in Q3 2015 » Counterpoint Technology Market Research

Tarun Pathak has the details. Here’s one of the more interesting pullouts (from lots) about a local OEM:

Micromax maintained the second position in both overall mobile phone market and the smartphone segment with a market share of 13.7% and 17.7% respectively.

The brand’s share from online channel increased during the quarter. However, it is now facing pressure competition in $50-$100 price segment from Intex, Lava and others.

Micromax’s Cyanogen based online only brand ‘Yu’ launched its cheapest LTE model ‘Yunique’ during the quarter and the brand has been growing steadily ever since its launch.

Micromax Yu brand alone is now selling more smartphones than Xiaomi online, depicting it’s going to be challenging even for popular brands such as Xiaomi to scale in Indian market

If Xiaomi can’t succeed in India, it’s going to have a real problem.
link to this extract

Google abandons plan for a retail store in New York City » Crain’s New York Business

Daniel Geiger:

Google has abandoned plans to open its first-ever retail store in New York City.

The company is trying to sublease a 5,442-square-foot SoHo space it leased last year, and wants $2.25m annually in rent for it, according to sources.

The decision to abandon its retail store came after the Internet giant spent $6m renovating the 131 Greene St. location. The outpost was supposed to be one of Google’s first stand-alone stores in the U.S., putting it in direct competition with Apple, which has a host of brick-and-mortar shops that showcase and sell its products in the city, as well as other tech firms with a retail presence. Just last week, Microsoft opened its flagship store on Fifth Avenue.

A spokeswoman for Google didn’t immediately respond to a request for comment.

According to reports, Google planned to begin opening stores to sell products such as the Chromebook, a line of laptops and desktop computers made by several manufacturers that operate on Google software, and smartphones that run its Android operating system. Because Google is subleasing the Greene Street location, it would appear that the company has changed its mind and is pulling back on its plan to open physical stores. However, Google reportedly recently opened a kiosk within a larger electronics store in London earlier this year.

Even so. Why would you have a Google store? It doesn’t make sense.
link to this extract

Over 40% of China’s online sales counterfeit, shoddy: Xinhua » Reuters

Adam Jourdan:

More than 40% of goods sold online in China last year were either counterfeits or of bad quality, the official Xinhua news agency said, illustrating the extent of a problem that has bogged down the fast-growing online sector.

According to the report, which was delivered to China’s top lawmakers on Monday, just under 59 percent of items sold online last year were “genuine or of good quality”, Xinhua said.

China has been trying to shake off a notoriety for pirated and counterfeit goods, long a major headache for global brands targeting the Chinese market from iPhone maker Apple to luxury retailer LVMH.

Chinese e-commerce giant Alibaba Group Holding Ltd has been lobbying to stay off a US blacklist for fakes after coming under renewed pressure this year over suspected counterfeits sold on its shopping platforms.

link to this extract

It’s official: Amazon is opening its first-ever bookstore in Seattle » GeekWire

Taylor Soper:

Internet giant Amazon.com, which got its start selling books online, confirmed this afternoon that it will open its first-ever brick-and-mortar bookstore at Seattle’s University Village on Tuesday morning.

The company sent a letter to customers on Monday with details about the store, which is called “Amazon Books.” In the letter, Amazon Books VP Jennifer Cast calls the store a “physical extension of Amazon.com.”

Someone should disrupt that thing…
link to this extract

Microsoft reneges on ‘unlimited’ OneDrive storage promise for Office 365 subscribers » ZDNet

Ed Bott:

Here’s the key part of tonight’s announcement:

We’re no longer planning to offer unlimited storage to Office 365 Home, Personal, or University subscribers. Starting now, those subscriptions will include 1 TB of OneDrive storage.
100 GB and 200 GB paid plans are going away as an option for new users and will be replaced with a 50 GB plan for $1.99 per month in early 2016.

Free OneDrive storage will decrease from 15 GB to 5 GB for all users, current and new. The 15 GB camera roll storage bonus will also be discontinued. These changes will start rolling out in early 2016.

Microsoft blames a few greedy storage users for the change in heart. “A small number of users,” they wrote, “backed up numerous PCs and stored entire movie collections and DVR recordings. In some instances, this exceeded 75 TB per user or 14,000 times the average.”

That shouldn’t be surprising. If you advertise “unlimited” cloud storage, perhaps you should expect that some people will take you at your word and move large collections to the storage space you so generously offered?

Bott also portrays a division in some upheaval, which doesn’t quite fit the calm exterior Microsoft has been trying to put forward over its cloud work.

That “14,000 times the average” suggests that the average person was storing 5GB of data. Though that probably amounts to 10 Microsoft Word documents, given how the format has bloated. (Thanks @pedrostephano.)
link to this extract