Start up: the iPhone crackers, tick-tock dies, the Instagram trojan returns, Microsoft’s AI bot, and more

Life was simpler in some ways when you could just feed these to get your parking time. Photo by PeterJBellis on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 11 links for you. Use them wisely. I’m charlesarthur on Twitter. Observations and links welcome.

Israeli mobile forensics firm helping FBI unlock seized iPhone, report says » Ars Technica UK

David Kravets:

»On Sunday [as it also withdrew its court request against Apple], according to public records, the FBI committed to a $15,278 “action obligation” with Cellebrite. An “action obligation” is the lowest amount the government has agreed to pay. No other details of the contract were available, and the Justice Department declined comment. Cellebrite, however, has reportedly assisted US authorities in accessing an iPhone.

For now, US-based security experts believe that Cellebrite does have the wherewithal to perform the task.

“I’m really not at liberty to confirm the third party, but based on the techniques I’ve described in my blog on the subject, I think Cellebrite, as well as many large forensics firms like it, have the capability to perform such tasks,” forensic scientist Jonathan Zdziarski told Ars in an e-mail. “DriveSavers, for example, has released statements yesterday suggesting they’re almost there. I think the techniques are pretty straight forward for firms like these now that the tech community has had a chance to comment.”

«

link to this extract


They made him a moron » The Baffler

Evgeny Morozov was invited to the State Department in October 2009 to meet Alec Ross, then innovation adviser to Hillary Clinton:

»Out of courtesy, I did share some thoughts with Ross, but it wasn’t long before our paths diverged.[*] I soon became a critic of the U.S. government’s “Internet freedom agenda,” while Ross and his colleague and friend Jared Cohen (then on the policy planning staff of the State Department and now the head of Google Ideas) embarked on adventures so reckless and ridiculous, so obsequious to the interests of Silicon Valley and offensive to anyone well-versed in the diplomatic trade, that some career staffers at the State Department began to ridicule, anonymously, of course, their cluelessness on social media.

Ross’s tenure at the State Department was, by and large, a failure. His efforts to promote “twenty-first-century statecraft”—Clinton’s lofty vision for American power that would put “Internet freedom” and digital technologies at its core—floundered after the State Department was confronted by Cablegate, the release of a massive library of leaked diplomatic cables that began in late 2010 and was coordinated by WikiLeaks. Ross, who claimed the twenty-first-century-statecraft concept as his own and hoped that it would become “a major part of [Clinton’s] legacy,” was suddenly forced into damage control. Few would find his pronouncements on “Internet freedom” credible after the State Department’s reaction to WikiLeaks.

«

Morozov reviews Ross’s book “The Industries of the Future”: it’s like watching a master sushi chef at work. And the footnote attached to that [*] above is worth the clickthrough on its own.

link to this extract


Notes on Apple’s refresh – cheaper iPhones and iPads for real work » Benedict Evans

His observation:

»what Apple has really done is moved from selling older models at discounts with the ‘proper’ iPhone starting at $600, to starting the iPhone range at $400 and scaling up on screen size and price.

There are a bunch of interesting second-order implications for this. By launching six months after the actual iPhone 6S Apple smooths out the supply chain and reduces cannibalization from people who really want the ‘newest one’, and probably gets better component prices. But it’s still selling premium components instead of 2-year-old components at $400 instead of $600, so I’d expect a long discussion of margin implications at the next quarterly call. And this also points to how misguided it is to poke around in earnings releases from Apple’s supply chain to work out iPhone sales. One can also wonder what happens in the next product cycle – presumably the iPhone 6 disappears, the 6S goes to $500 and the SE is refreshed, perhaps without a new name. Or does it go to $300? Certainly it’ll be on the second-hand market at $200.

But the key thing is that after 8 years, the iPhone range really now starts at $400, not $600 or more.

«

link to this extract


​Cashless parking was meant to make life easier for drivers but our phones are awash with competing apps » The Independent

Rhodri Marsden:

»When I was prompted by a roadside sign to download yet another cashless parking app, my patience finally snapped. I now had four of them on my phone – PayByPhone, RingGo, Parkmobile and ParkRight, all of which required me to undergo a laborious sign-up procedure, keying credit-card details and registration numbers into my phone while I sat on the bonnet, accruing parking charges.

The competitive marketplace for cashless parking has resulted in a fragmented and rather irritating experience for motorists who don’t have a handy stash of pound coins; as well as the aforementioned apps, there are others such as Phoneandpay, MiPermit and Whoosh, all promising to liberate us from the tyranny of the parking meter but ignoring the fact that we don’t care who we pay: we just want to park.

«

85% of cashless parking controlled by two apps, the other 15% by a sprawl of others. Really good research by Marsden, but there’s no solution in sight. One point he didn’t make, but which I notice: paying by app is often more expensive than paying for a physical ticket.
link to this extract


Intel officially kills “tick-tock” » The Motley Fool

Ashraf Eassa:

»back in mid-2015, Intel admitted that its 10-nanometer technology was in rough shape and wouldn’t go into production at the end of the year as expected. In the company’s most recent form 10-K filing, it went ahead and officially declared “Tick-Tock” [by which it reduces the die size in one year, and in the next year improves the microarchitecture] dead.

Intel’s wording in the form 10-K filing is as following:

“We expect to lengthen the amount of time we will utilize out 14 [nanometer] and out next-generation 10 [nanometer] process technologies, further optimizing out products and process technologies while meeting the yearly market cadence for product introductions.”

The company even includes an interesting visual aid to contrast the differences between the previous methodology and the current one:

Intel says that its third 14-nanometer product, known as Kaby Lake, will have “key performance advancements as compared to [its] 6th generation Core processor family.” The extent of these enhancements is clear, but leaks to the Web suggest enhancements to graphics and media.

«

Along with Moore’s Law fading, this is an epochal moment. And the other one is…
link to this extract


Andy Grove and the iPhone SE » Stratechery

A terrific piece on Andy Grove, the legendary Intel chief executive, by Ben Thompson; rather than just a recap, he puts Grove’s contribution into useful perspective:

»Beyond Grove’s personal background, the importance of Intel to the technology industry — and, by extension, to the world — cannot be overstated. While Moore is immortalized for having created “Moore’s Law”, the truth is that the word “Law” is a misnomer: the fact that the number of transistors in an integrated circuit doubles approximately every two years is the result of a choice made first and foremost by Intel to spend the amount of time and money necessary to make Moore’s Law a reality. This choice, by extension, made everything else in technology possible: the PC, the Internet, the mobile phone. And, the person most responsible for making this choice was Grove (and, I’d add, his presence in management was the biggest differentiator between Intel and its predecessors, both of which included Noyce and Moore).

That wasn’t Intel and Grove’s only contribution to Silicon Valley, either: Grove created a culture predicated on a lack of hierarchy, vigorous debate, and buy-in to the cause (compensated with stock). In other words, Intel not only made future tech companies possible, it also provided the template for how they should be run, and how knowledge workers broadly should be managed.

«

Thompson’s daily Stratechery newsletter is well worth the (inexpensive) subscription. Talking of which..
link to this extract


Blendle launches its ‘iTunes for News’ in the US » Fortune

Mathew Ingram interviewed Alexander Klopping of the “pay-for-articles-you-read” service:

»Q: Why would someone sign up for Blendle?

Klopping: Whenever you ask people “would you like to pay for journalism?” most people shrug. Why would they? But then most people responded the same way 10 years ago when asked about paying for music. I never thought I would pay $10 a month for Spotify, but I do. It’s not just about access to music, but also the app is really nice, my friends are on it, it helps me find music with Discover. When you think about journalism, having one account for everything, a service that helps you find and pay for the best stuff—that doesn’t exist. And it didn’t exist for music, but then it happened.

Fortune: So it’s not just about payment, but also curation?

Klopping: Yes. We hire editors, and those editors read everything on the platform, and they figure out staff picks. They choose the most interesting stories and they also choose stories that fit into categories or sections, and when a user shows interest in articles from a section we show them more. So there’s human curation plus a layer on top that is algorithmic. And on top of that there’s a social graph, so when your Twitter friends have shared an article that’s a good indication you might like it.

«

The point about whether hard news monetises well (it doesn’t) is notable. My question is, does paying free you from seeing ads?
link to this extract


Password-stealing Instagram app ‘InstaAgent’ reappears in App Store under new name » Mac Rumors

Juli Clover:

»Last November, a malicious app called InstaAgent was caught storing the usernames and passwords of Instagram users, sending them to a suspicious remote server. After the app’s activities came to light, Apple removed it from the App Store, but it now appears Turker Bayram, the developer behind the app has managed to get two new apps approved by Apple, (and Google) both of which are stealing Instagram account info.

Peppersoft developer David L-R, who discovered the insidious password-sniffing feature in the first InstaAgent app, last week wrote a post outlining new password stealing apps created by Bayram. Called “Who Cares With Me – InstaDetector” and “InstaCare – Who Cares With Me,” the apps are available on Android and iOS devices.

The original InstaAgent app attracted Instagram users by promising to track the people who visited their Instagram account, and the two new apps make similar promises. Both apps say they display a list of users who interact most often with an Instagram account, asking users to log in with an Instagram username and password.

David L-R investigated Bayram’s new apps and discovered a suspicious HTTPS packet, leading him to uncover a complex encryption process used to covertly send usernames and passwords to a third-party server and hide the evidence.

«

OK, this is bad; but as a user, why would you trust a third-party app from a no-name developer with your login details? Or is that too obvious a question?
link to this extract


Meet Tay – Microsoft A.I. chatbot with zero chill » Microsoft

»Tay is an artificial intelligent chat bot developed by Microsoft’s Technology and Research and Bing teams to experiment with and conduct research on conversational understanding. Tay is designed to engage and entertain people where they connect with each other online through casual and playful conversation. The more you chat with Tay the smarter she gets, so the experience can be more personalized for you.

Tay is targeted at 18 to 24 year old in the US.

Tay may use the data that you provide to search on your behalf. Tay may also use information you share with her to create a simple profile to personalize your experience. Data and conversations you provide to Tay are anonymized and may be retained for up to one year to help improve the service.

«

The bath continues to warm.
link to this extract


“Just have a look at this graph…” – BBC Newsnight » YouTube

How Newsnight bills it: “The Secretary of State for Education, Nicky Morgan, on the Conservative welfare row after the former Secretary of State for Work and Pensions, Iain Duncan Smith, resigns.”

What it really is: a Tory (right-wing) minister who was the only one willing to go on TV programmes to defend the government’s budget. She’s ambushed by a data visualisation showing the impact of the planned tax changes on the incomes of the different population deciles. (You can find the original graph on page 4 of this Institute of Fiscal Studies publication. The IFS is generally regarded as politically central/neutral.)

(Via Andy Cotgreave of dataviz company Tableau.)
link to this extract


Google is making a keyboard for the iPhone » The Verge

A veritable scoop from Casey Newton:

»The Google keyboard incorporates a number of features meant to distinguish it from the stock iOS keyboard. Like its Android counterpart, the Google keyboard for iOS employs gesture-based typing, so you can slide your finger from one letter to the next and let Google guess your intended word. Tap the Google logo and you can access traditional web search. It also appears to have distinct buttons for pictures and GIF searches, both presumably powered by Google image search. The keyboard is visually distinct from the standard Android keyboard, which incorporates voice search but no text or image-based searching.

The keyboard, which has been in circulation among employees for months, is designed to boost the number of Google searches on iOS. While the company all but holds a monopoly on the global search market, there’s evidence that mobile search is proving much less lucrative for Google than the desktop. Using publicly available numbers, journalist Charles Arthur argued in October that half of smartphone users perform zero searches per day. (Using the same math, Arthur said desktop users perform an average of 1.23 searches per day.)… The problem for Google — and for Alphabet, its parent company — is that search is where Google shows users its most expensive ads. Any sign of decline in search would be an existential threat to the company.

«

Logically, I’d expect that searches begun from this keyboard don’t count as part of the Google-Apple Safari search deal (reckoned to be very lucrative for Apple). Apple pares away at Google’s income in one place, Google drags it back in another. However, I’d expect this to be a comparatively small number, though. It’s not as if this is Maps, after all.
link to this extract


Errata, corrigenda and ai no corrida:

Start up: Spotify hits 30m, Google’s Syria wish, Apple’s iPhone aim, the truth behind Powa, and more

Is it really a good idea to do a charity parachute jump? Photo by puritani35 on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 11 links for you. Use them wisely. I’m charlesarthur on Twitter. Observations and links welcome.

Spotify hits 30 million subscribers » The Verge

Micah Singleton:

»Spotify has 30 million paid subscribers, CEO Daniel Ek announced today in a tweet. This is the first subscriber update Spotify has given out since it announced it had 20m subscribers days before Apple Music hit the market last June, and shows the increased competition has had little to no effect on Spotify’s growth.

In the nine months that Apple Music has been available, the service has picked up 11 million subscribers. Spotify has added 10m paid subscribers in the same time.

The Swedish streaming service is now adding an average of 10m paid customers a year — it only had 10m subscribers total in 2014— a growth rate it will need to maintain as it goes up against Apple Music and its substantial marketing war chest.

What’s also notable is the flood of exclusive content put out by Apple Music and Tidal over the past few months seemingly hasn’t harmed Spotify’s user retention.

«

It was going so well until that last sentence. Singleton has no idea what has happened to Spotify’s user retention; it might be seeing colossal churn (people joining while others leave) or be rock steady. The raw numbers don’t tell you. It’s a reasonable guess, but that’s all it is – a guess.

That might seem like nitpicking, but it matters: it’s key to knowing whether Spotify really does have loyal users, or just fly-by-nights. And it’s also a bad idea to state things as fact that you don’t know directly.
link to this extract

 


Apple: the mother of all iPhone installed base models, via Stifel » Barrons.com

Tiernan Ray:

»After combining the installed base numbers, churn, new sales, upgrade rates, and such, Rakers arrives at a “guesstimate model” for how the Apple installed base may expand, and how that trickles down to potential iPhone sales.

That results in numbers that would be above his own estimates. For example, Rakers figures if Apple’s installed base total 625m units in 2015, if Apple maintains an 18.8% share of the global smartphone market this year, which is projected to be 3.958bn units, and it if gets 19.6% of the expansion of that total smartphone market, it would bring Apple’s installed base to 744m units.

Rakers then backs out of that an “implied gross change” of 144m units, backs out of that refurbished sales of 95 million, and comes up with 49 million “implied net new iPhone installed base shipments.” He then combines that with “new iPhone shipments into prior year installed base,” and comes up with a potential sales level of 239m iPhones this year.

That’s above Rakers’s own estimate for 217.4m units, and above what he deems Street consensus of 208m units. It would also be growth from last year, versus the decline everyone’s expecting this year.

«

The pricing for the new iPhone SE, lower than any new iPhone, could make a difference there.
link to this extract

 


US top court agrees to hear Samsung-Apple patent fight » Reuters

Lawrence Hurley and Andrew Chung:

»The US Supreme Court on Monday stepped into the high-profile patent fight between the world’s two fiercest smartphone rivals, Apple and Samsung, agreeing to hear Samsung’s appeal of what it contends were excessive penalties for copying the patented designs of the iPhone.

Samsung Electronics paid Apple more than $548m in December related to a jury verdict from 2012. It is seeking to pare back the $399m of that amount that was awarded for infringing on the designs of the iPhone’s rounded-corner front face, bezel and colorful grid of icons, saying they contributed only marginally to a complex device.

Apple sued in 2011, claiming the South Korean electronics company stole its technology and ripped off the look of the iPhone.

«

The Jarndyce and Jarndyce of the digital world. But it also matters (notes Neil Cybart) because it affects how one values design. Google and Facebook wanted the Supreme Court to hear it; Apple didn’t, he says.
link to this extract

 


Trump supporters aren’t stupid » Medium

Emma Lindsay with a terrific insight:

»Normally, when liberals talk about racism, they use “racist” as an end point. “Trump is racist” is, by itself, a reason not to vote for him, and “being racist” is an indicator of a person who is morally deficient.

But, if you don’t take this as an end point — if you instead ask “what do people get out of being racist?” — you’ll start to unravel the emotional motivations behind it. One of the best unpacking of this I have read is Matt Bruenig’s piece Last Place Avoidance and Poor White Racism. To summarize, no one wants to occupy the “last” place in society. No one wants to be the most despised. As long as racism remains intact, poor white people are guaranteed not to be “the worst.” If racism is ever truly dismantled, then poor white people will occupy the lowest rung of society, and the shame of occupying this position is very painful. This shame is so painful, that the people at risk of feeling it will vote on it above all other issues.

«

And as she also points out, “America is terrible at giving its citizens dignity and meaning.” This should be required reading in many places.
link to this extract

 


Parachuting for charity: is it worth the money? » PubMed

»All parachute injuries from two local parachute centres over a 5-year period were analysed. Of 174 patients with injuries of varying severity, 94% were first-time charity-parachutists. The injury rate in charity-parachutists was 11% at an average cost of 3751 Pounds per casualty. 63% of casualties who were charity-parachutists required hospital admission, representing a serious injury rate of 7%, at an average cost of £5,781 per patient. The amount raised per person for charity was £30. Each pound raised for charity cost the NHS £13.75 in return.

«

Caveat: it’s from 1999. Even so, you can’t be too careful. (You can read the paper in full for $31.50. Perhaps raise the money through a sponsored parachu..? OK then.)
link to this extract

 


Why we should fear a cashless world » The Guardian

Dominic Frisby:

»We already live in a world that is, as far as the distribution of wealth is concerned, about as unequal as it gets. It may even be as unequal as it’s ever been. My worry is that a cashless society may exacerbate inequality even further.

It will hand yet more power to the financial sector in that banks and related fintech companies will oversee all transactions. The crash of 2008 showed that, when push comes to shove, banks have already been exempted from the very effective regulation that is bankruptcy – one by which the rest of us must all operate. Do we want this sector to have yet more power and influence?

In a world without cash, every payment you make will be traceable. Do you want governments (which are not always benevolent), banks or payment processors to have potential access to that information? The power this would hand them is enormous and the potential scope for Orwellian levels of surveillance is terrifying.

Cash, on the other hand, empowers its users. It enables them to buy and sell, and store their wealth, without being dependent on anyone else. They can stay outside the financial system, if so desired.

«

The two opposing viewpoints are: in a world where corporations try to avoid tax and there might be a dwindling workforce, it’s important to have visibility of every transaction so that the taxable ones are visible. Alternatively, as Frisby argues, the ability to spend shouldn’t depend on access to technology which can be denied, or surveilled at will.
link to this extract

 


Clinton email reveals: Google sought overthrow of Syria’s Assad » Washington Examiner

Rudy Takala:

»Google in 2012 sought to help insurgents overthrow Syrian President Bashar Assad, according to State Department emails receiving fresh scrutiny this week.

Messages between former secretary of state Hillary Clinton’s team and one of the company’s executives detailed the plan for Google to get involved in the region.

“Please keep close hold, but my team is planning to launch a tool … that will publicly track and map the defections in Syria and which parts of the government they are coming from,” Jared Cohen, the head of what was then the company’s “Google Ideas” division, wrote in a July 2012 email to several top Clinton officials.

“Our logic behind this is that while many people are tracking the atrocities, nobody is visually representing and mapping the defections, which we believe are important in encouraging more to defect and giving confidence to the opposition,” Cohen said, adding that the plan was for Google to surreptitiously give the tool to Middle Eastern media.

«

The headline is overwritten: Google wasn’t seeking Assad’s overthrow. It was seeking to provide help to those inside Syria who wondered how many were really defecting. As the story points out, though, the anti-Assad movement helped create the conditions for ISIS to become strong.

And it’s really not good for Google to be visible as having tried to influence the internal affairs of a Middle Eastern state – even in this roundabout way. Now one begins to wonder where else it might have tried to be “helpful”.
link to this extract

 


Powa: The start-up that fell to earth » BBC News

Rory Cellan-Jones spoke to multiple people who had worked for Powa, a British company run by Dan Wagner which once claimed a $2.7bn valuation but collapsed into administration in February:

»What those people have told me is that Powa was an almost textbook case of how not to run a company – no clear strategy, directionless management, overblown claims about the technology and a reckless attitude to money.

For the last couple of years, I’ve been receiving emails from Powa’s PR agency urging me to cover the company’s ground breaking technology the PowaTag which “allows users to purchase anytime, anywhere in just three seconds by simply scanning an item or advertisement with their smartphone”.

Eventually, the company claimed that it had 1,200 businesses signed up to use the PowaTag.

I was not particularly impressed. I saw little evidence that the technology was being used, but one investor did bite. A Boston-based firm Wellington Management invested a sizeable sum in Mr Wagner’s venture. Eventually they along with other investors poured more than $200m into Powa.

It seems likely they were told the same story that was peddled to journalists – that the PowaTag was going to be used by some of the world’s leading brands including L’Oreal and Carrefour.

But what’s emerged since the collapse of the business is that none of those companies had signed contracts, merely “letters of intent”, which did not commit them to anything. One senior figure in the company told me that young inexperienced sales staff were rewarded with a £2,000 bonus every time one of these letters was signed “so they weren’t particularly concerned about the quality of the deal”.

«

Textbook piece of investigative journalism where you talk to people and gather facts and talk to more people. (The headline is also clever – read all the way to the article’s end to find out why.) I bet there’s plenty more that Cellan-Jones couldn’t include because the BBC’s lawyers wouldn’t let it past. (Notably, FT Alphaville puts Powa’s real value at $106m, based on court documents filed in the US.) None of it looks good for Dan Wagner. Speaking of whom..
link to this extract

 


Talk:Dan Wagner » Wikipedia

From the Talk (discussion about editing/content) page relating to Wagner:

»Wikipedia definition of Vandalism = Vandalism is any addition, removal, or change of content, in a deliberate attempt to compromise the integrity of Wikipedia. [[2]]

The amends I made that Techtrek has reverted as being “vandalism” were externally sourced, and links provided. I ask Techtrek to explain on what basis they consider them to be vandalism? It has been requested that any changes are raised and can be discussed on here so that we can get consensus.

It is my belief that by reverting any negative and independantly verified and sourced updates Techtrek is responsible for vandalism as they are deliberately attempting to compromise Wikipedias integrity. They have made a number of unsourced claims to the re-write and repeatedly used language that is not in keeping with Wikipedias guidelines [3]. It has been claimed on User talk:Techtrektalk page the they are Flame PR [[4]] if so then this must be disclosed. I ask Techtrek to please respond otherwise I will revert the change. Ol king col (talk) 09:26, 21 June 2014 (UTC)

«

That’s a busy PR company if it’s burnishing a client’s personal Wikipedia page. Wonder how much of the VC money went to Flame PR? Though the fact that the Wikipedia user only edits Wagner’s page is… notable.
link to this extract

 


An iCloud scam that may be worse than ransomware » Malwarebytes Labs

Thomas Reed was contacted by a woman who said her iMac was hit by “ransomware”:

»From the screenshots she sent me, it soon became clear what had happened. The hacker had somehow gotten access to Ericka’s iCloud account.

Using this, he was able to remotely lock her computer using iCloud’s Find My Mac feature, with a ransom message displayed on the screen. (For some reason, the iPhone did not actually end up locked, but displayed the same message.)

The message read: “Contact me: hblackhat(at)mail.ru All your conversation sms+mail, bank, computer files, contacts, photos. I will public + send to your contacts.”

She also received an e-mail message, in similarly broken English, from her own iCloud address. The message said he had access to all her bank accounts, personal information, etc, and would publish it if she didn’t respond within 24 hours.

This is a pretty serious threat, and quite different from the typical Windows malware. Unfortunately, the story doesn’t end there. Apple designed Find My Mac/iPhone as an anti-theft feature. It is intended to allow you to take a number of actions on a lost or stolen device, including displaying a message, locking it, locating it physically and even remotely erasing it.

«

As Reed points out, the same happened previously in Australia in 2014. Perils of the connected world: do you want to be able to find your machine if it’s stolen? But then, how secure is your cloud account?
link to this extract

 


What Americans don’t understand about Nordic countries » Business Insider

Anu Partanen moved to the US seven years ago:

»Americans are not wrong to abhor the specters of socialism and big government. In fact, as a proud Finn, I often like to remind my American friends that my countrymen in Finland fought two brutal wars against the Soviet Union to preserve Finland’s freedom and independence against socialism. No one wants to live in a society that doesn’t support individual liberty, entrepreneurship, and open markets.

But the truth is that free-market capitalism and universal social policies go well together—this isn’t about big government, it’s about smart government. I suspect that despite Hillary Clinton’s efforts to distance herself from Sanders, she probably knows this. After all, Clinton is also endorsing policies that sound an awful lot like what the Nordics have done: paid family leave, better public schools, and affordable day care, health care and college for all.

The United States is its own country, and no one expects it to become a Nordic utopia. But Nordic countries aren’t utopias either. What they’ve done has little to do with culture, size, or homogeneity, and everything to do with figuring out how to flourish and compete in the 21st century.

«

The article originally appeared at The Atlantic, but the comments at BusinessInsider show how incredibly difficult Americans find it to grasp the idea of everyone benefiting from everyone paying more general taxes. While they defend their terrible healthcare system. And overlook the products that the Nordics have produced, such as Ikea and Lego and Linux.
link to this extract

 


Errata, corrigenda and ai no corrida: none notified.

Start up: Apple on software, 1970 reporting, Microsoft leaves ICOMP?, cycling’s new doping scandal, and more

Voters at the Iowa caucus were profiled and tracked via their phones – perhaps without knowing. Photo by ellenmac11 on Flickr.

»You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.«

A selection of 13 links for you. Use them wisely. I’m charlesarthur on Twitter. Observations and links welcome.

(To help formatting on the email, I’ve added » and « on the blockquotes to make it clearer what is quoted, and what is my commentary.)

The Talk Show ✪: Ep. 146, with very special guests Eddy Cue and Craig Federighi » Daring Fireball

John Gruber:

»
Very special guests Eddy Cue and Craig Federighi join the show. Topics include: the new features in Apple’s upcoming OS releases (iOS 9.3 and tvOS 9.2); why Apple is expanding its public beta program for OS releases; iTunes’s monolithic design; how personally involved Eddy and Craig are in using, testing, and installing beta software; the sad decline of Duke’s men’s basketball team; and more.
«

This is, what, the second or third time I’ve recommended a podcast? This is an hour, and fascinating (with data points: iMessage peaked at 200,000 per second, there are 782m iCloud users – v 1bn devices in use, so do the maths – and 11m Apple Music subscribers, up from 10m in December).

Federighi’s point about how they tracked Bluetooth keyboard use for the Apple TV, and which calendar week it dwindled to zero, made me laugh aloud.

You can consider *why* Apple made Cue and Federighi available to Gruber, and it’s pretty obvious: they’re aiming to get their message out about Apple’s software and services quality, after all sorts of criticism lately. And that performance turns out to be pretty impressive – hundreds of millions of users who turn them on straight away that it goes live, such as iOS 9.0, iCloud Drive, and so on. Are they perfect? No. But they iterate to improvement pretty fast, given their scale.
link to this extract

 


Cycling’s mechanical-doping scandal » Business Insider

Daniel McMahon:

»
In the days that followed, the UCI said it had tested more than a hundred bikes at the world championships — and that it would be testing a lot more going forward:

»
The Union Cycliste Internationale (UCI) has taken the issue of technological fraud extremely seriously for many years. It has been clear for some time that the equipment exists to enable people determined to cheat to do so by installing devices hidden in bikes. That is why we’ve invested considerable time and financial resources in organising unannounced tests at races and have recently been trialing new methods of detection. We’ve also been using intelligence gathered from the industry and other information given to us. We tested over 100 bikes at the 2016 UCI Cyclo-cross World Championships in Heusden-Zolder and will continue to test large numbers of bikes at races throughout the season.
«

And sure enough, on Friday, February 12, the UCI announced it had tested another 90 bikes for motors, but this time at a road race in France.
«

This is weird. Motors in bicycles is A Thing. A Doping Thing.
link to this extract

 


64-bit iPhones and iPads get stuck in a loop when set to January 1, 1970 » Ars Technica

Peter Bright:

»
Take a 64-bit iOS device—iPhone 5S or newer, iPad Air or newer, iPad Mini 2 or newer, sixth generation iPod touch or newer—laboriously set its date to January 1, 1970, and reboot. Congratulations: you now have a shiny piece of high-tech hardware that’s stuck at the boot screen, showing nothing more than the Apple logo… forever.
«

From the highest-rated comment on the comments below the story:

»
It appears to solve itself when the internal clock is allowed to advance normally to a point when «current time» minus time zone is greater than zero.

(This may be why people are seeing a battery drain fix it or see it fixed when inserting a SIM card that supports carrier time information)
«

Versions of Bright’s story, all written from the same YouTube video, are all over the web. More informed (and stupider) comments can be found beneath them (where they allow comments). The more informed ones point out the errors.

It’s quite the problem for journalists: news editors clamour for the story now, but it’s hard to check all the details, and especially the causes. This isn’t a “forever” bug. But you need to get the story written. That lack of time to research and check erodes trust in outlets which have been quick to follow a YouTube video. It’s not “permanent”, it’s not “bricked”, it’s not “forever”.

Though they then get a second bite of the cherry with “how to fix” articles. (Answer: let the battery run down.)
link to this extract

 


This company tracked Iowa caucusgoers through their phones » Fusion

Kashmir Hill:

»
What really happened is that Dstillery gets information from people’s phones via ad networks. When you open an app or look at a browser page, there’s a very fast auction that happens where different advertisers bid to get to show you an ad. Their bid is based on how valuable they think you are, and to decide that, your phone sends them information about you, including, in many cases, an identifying code (that they’ve built a profile around) and your location information, down to your latitude and longitude.

Yes, for the vast majority of people, ad networks are doing far more information collection about them than the NSA–but they don’t explicitly link it to their names.

So on the night of the Iowa caucus, Dstillery flagged all the auctions that took place on phones in latitudes and longitudes near caucus locations. It wound up spotting 16,000 devices on caucus night, as those people had granted location privileges to the apps or devices that served them ads. It captured those mobile ID’s and then looked up the characteristics associated with those IDs in order to make observations about the kind of people that went to Republican caucus locations (young parents) versus Democrat caucus locations. It drilled down farther (e.g., ‘people who like NASCAR voted for Trump and Clinton’) by looking at which candidate won at a particular caucus location.
«

Deeply disturbing. You can bet that tons of those people had no idea that they were being profiled, or that their data was even being shared in that way.
link to this extract

 


Douglas Rushkoff: ‘I’m thinking it may be good to be off social media altogether’ » The Guardian

»
Ian Tucker: What do you find most objectionable about the kind of economy that technology appears to create?

Douglas Rushkoff: What’s most pernicious about it is that we are developing companies that are designed to do little more than take money out of the system – they are all extractive. There’s this universal assumption that we have to turn working currency into share price.
«

link to this extract

 


Microsoft looks to be retreating from EU antitrust fight against Google » Ars Technica

Quite a scoop from Kelly Fiveash:

»
Ars has learned that members including UK-based price comparison site Foundem—the original complainant in the antitrust case against Google—resigned from ICOMP after Microsoft backed away from what had been a dogged campaign against its search rival in Europe. ICOMP was founded in 2008 to fight for an “online competitive marketplace.”

One source told us that Microsoft had agreed to prop up ICOMP’s food, travel, and accommodation expenses without having any active involvement in the group.

In a letter from Foundem to ICOMP—seen by Ars—the company said: “In our view, an ICOMP that is prohibited from commenting on Google’s immensely damaging business practices is an ICOMP working against, rather than for, the interests of a fair, competitive online marketplace.”

Foundem added in its December 2 missive: “As a leading complainant in the European Commission’s ongoing competition investigation into Google’s search manipulation practices, Foundem cannot be a member of an organisation that has turned its back on such an important issue.”

Ars asked Microsoft to comment on this issue to confirm claims that its fight against Google on search in the EU was effectively over. It did not respond directly to that question, however. Instead we were told that Microsoft’s complaint against Google in the European Commission had not been withdrawn.
«

Fiveash has been covering the Google/Microsoft proxy battle for years since she was at The Register. But it sounds as though Satya Nadella, having gotten rid of the vicious ex-political lobbyist Mark Penn, is dialing down the quiet lobbying.
link to this extract

 


How to gain unauthorized fingerprint access to an LG V10 » AndroidAuthority

John Dye:

»
If this person isn’t running Nova Launcher, the game’s up here. This vulnerability is only known to work on this particular launcher so far, so if your quarry is operating Google Now then they are safe from your malicious intent. However, if they are running Nova Launcher, you can tap the Home button while on the main home screen, then tap the Widgets option. Add a Nova Action widget to the home screen, and then choose the activity “com.lge.fingerprintsettings.”

Pause here for a second, because this is where the vulnerability exists. Through the normal Settings menu, it’s impossible to access this particular activity before going through a security checkpoint and confirming either a fingerprint or PIN. However, since Nova is able to ignore the normal menu flow that leads to this screen, it creates a situation where a user can add their own fingerprint to the list of allowed fingerprints without ever proving that they have authorized access to the device.

The widget on the homescreen will now lead directly to fingerprint settings, and you can add your own fingerprint before deleting the widget, leaving little trace of your actions.
«

Nova Launcher presently has more than 10m downloads, so it’s possible you’d find it on a high-end phone. Commenters suggest it can be done on a Samsung Galaxy S5 and S6 too.

Sure that this will be all over news sites in a day or so of course with hundreds of comments. No?
link to this extract

 


Researcher illegally shares millions of science papers free online to spread knowledge » ScienceAlert

»
A researcher in Russia has made more than 48 million journal articles – almost every single peer-reviewed paper every published – freely available online. And she’s now refusing to shut the site down, despite a court injunction and a lawsuit from Elsevier, one of the world’s biggest publishers.

For those of you who aren’t already using it, the site in question is Sci-Hub, and it’s sort of like a Pirate Bay of the science world. It was established in 2011 by neuroscientist Alexandra Elbakyan, who was frustrated that she couldn’t afford to access the articles needed for her research, and it’s since gone viral, with hundreds of thousands of papers being downloaded daily. But at the end of last year, the site was ordered to be taken down by a New York district court – a ruling that Elbakyan has decided to fight, triggering a debate over who really owns science.

“Payment of $32 is just insane when you need to skim or read tens or hundreds of these papers to do research. I obtained these papers by pirating them,” Elbakyan told Torrent Freak last year. “Everyone should have access to knowledge regardless of their income or affiliation. And that’s absolutely legal.”…

… She also explains that the academic publishing situation is different to the music or film industry, where pirating is ripping off creators. “All papers on their website are written by researchers, and researchers do not receive money from what Elsevier collects. That is very different from the music or movie industry, where creators receive money from each copy sold,” she said.
«

The journals’ argument is that they add value by getting papers peer-reviewed, and edited, and choosing the important ones to publish. The existence of free unpeered sites such as Arxiv hasn’t noticeably dented their business.

But it always feels wrong when publicly funded research in particular ends up behind giant paywalls. If the public pays for the research, the public should be able to see its fruits.
link to this extract

 


Evidence suggests the Sony hackers are alive and well and still hacking » WIRED

Kim Zetter:

»
According to new data released this week by Juan Andrés Guerrero-Saade, senior security researcher with Kaspersky Lab’s Global Research and Analysis Team, and Jaime Blasco who heads the Lab Intelligence and Research team at AlienVault Labs, the hackers behind the Sony breach are alive and well…and still hacking. Or at least evidence uncovered from hacks of various entities after the Sony breach, including South Korea’s nuclear power plant operator, suggests this later activity has ties to the Sony case.

“[T]hey didn’t disappear…not at all,” Guerrero-Saade said during a presentation with Blasco this week at the Kaspersky Security Analyst Summit in Spain.

If true, it would mean the hackers who demonstrated an “extremely high” level of sophistication in the Sony attack have been dropping digital breadcrumbs for at least the last year, crumbs that researchers can now use to map their activity and see where they’ve been. The clues include—to name a few—re-used code, passwords, and obfuscation methods, as well as a hardcoded user agent list that showed up repeatedly in attacks, always with Mozilla consistently misspelled as “Mozillar.”
«

link to this extract

 


So who’s going to buy Pandora? » Music Business Worldwide

Tim Ingham:

»
the US public company has reportedly begun talking to Morgan Stanley about finding a potential buyer.

As we stand, Pandora, for all its historical global licensing issues and growing annual net losses, looks a little like a bargain.

The company has lost $7bn in market cap valuation over the past two years. It’s currently sitting at $1.9bn – less than a quarter of Spotify’s latest private valuation.

However, there are other reasons why possible acquirers may cool their jets on Pandora – not least the fact that its active listener base is dropping, down year-on-year in Q4 2015 to 81.1m.

In addition, the firm’s acquisition of Rdio’s assets means an entry into the hugely competitive space of interactive music streaming is an inevitability, while it paid a scary $450m to buy Ticketfly last year – a sister operation that contributed just $10m to the bottom line in Q4.

So who might cough up and buy Pandora if (and it’s a big if) its shareholders agree to push for a sale?
«

Suggestions: Google, Apple, IHeartMedia, Samsung. Can’t honestly see any of them wanting it, rather than just waiting for it to vanish.
link to this extract

 


Why mobile is different » The Economist

Anonymous, as ever with The Economist:

»
the combination of personalisation, location and a willingness to pay makes all kinds of new business models possible. Tomi Ahonen, head of 3G Business Consulting at Nokia, gives the example of someone waiting at a bus stop who pulls out his Internet-capable phone to find out when the next bus will arrive. The information sent to the phone can be personalised, reflecting the fact that the user’s location is known, and perhaps his home address too; so bus routes that run from one to the other can appear at the top of the list, saving the user from having to scroll and click through lots of pages and menus. A very similar service, which allows users to find out when the next bus is due by sending a text message from a bus stop, is already available in Italy.

Would-be providers of mobile Internet services cannot simply set up their servers and wait for the money to roll in, however, because the network operators—who know who and where the users are, and control the billing system—hold all the cards. This has changed the balance of power between users, network operators and content providers. On the fixed Internet, the network access provider acts as a “dumb pipe” between the user’s PC and, say, an online bookstore or travel agent. The access provider will not know how the connection has been used, and there is no question of claiming a commission. Mobile network operators, on the other hand, are in a far more powerful position. “Wireless is a smarter pipe,” says Chris Matthiasson of BT Cellnet. This means that operators are much less likely to be disintermediated.
«

The sharp-eyed will have started in the second sentence; others, in the second paragraph. That’s because this piece is from October 2001. It took a while, but the operators are pretty thoroughly disintermediated now.
link to this extract

 


TfL social media: adapting to Twitter’s changes » TfL Digital blog

Steven Gutierrez of Transport for London, which runs London’s buses and underground services:

»
in the last few years, Twitter has introduced various changes to the way it serves content to its users, and these have impacted upon our ability to reliably deliver these real-time status updates to our followers.

Now selected content on Twitter is shown out of sequence, we will reduce the amount of minor alerts and focus on providing up-to-the-minute alerts for major issues, as well as a renewed focus on customer service across our various accounts.

Our teams will continue to work day and night to support customers including First Contact who take care of the Tube line Twitter feeds as well as CentreComm and LSTCC who have access to everything from iBus (our system for tracking London Buses) to police helicopters monitoring London from above.
«

Wow: you think Twitter is a static thing, but these changes really do affect what happens. The point about image search shows it’s not trivial either.
link to this extract

 


Artificial intelligence offers a better way to diagnose malaria » Technology Review

Anna Nowogrodzki:

»
For all our efforts to control malaria, diagnosing it in many parts of the world still requires counting malaria parasites under the microscope on a glass slide smeared with blood. Now an artificial intelligence program can do it more reliably than most humans.

That AI comes inside an automated microscope called the Autoscope, which is 90 percent accurate and specific at detecting malaria parasites. Charles Delahunt and colleagues at Intellectual Ventures Laboratory—the research arm of Nathan Myhrvold’s patent licensing company Intellectual Ventures in Seattle—built the system with support from Bill and Melinda Gates through the Global Good Fund. The Autoscope was tested in the field at the Shoklo Malaria Research Unit on the Thailand-Myanmar border during malaria season in December 2014 and January 2015. The results were published in December.
«

If I’m reading the results correctly, it got about 95% accuracy. (Correct me if I’m wrong.)

My own forecast is that “an [AI] algorithm for..” will be the “listen to this!” phrase of 2016, and utterly commonplace in 2017.
link to this extract

 


Errata, corrigenda and ai no corrida: None noted.

Start up: broadband targets, Wired’s adblock plans, Facebook app v iOS, Ted Cruz v reality, and more


VTech got hacked – but was it open to hacking in any case? Photo by remediate.this on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 8 links for you. Use them wisely. I’m charlesarthur on Twitter. Observations and links welcome.

UK within 0.8% of the original BDUK phase 1 superfast broadband goal » thinkbroadband

Andrew Ferguson:

The UK is edging closer to its original BDUK target of 90% superfast broadband across the UK every week and it is looking like the 24 Mbps or faster target will be crossed in March and the EU figure of 30 Mbps another couple of months later. Given the political ambition is 95% superfast coverage by the end of 2017 and as individual projects push on and they are getting to ever more sparsely populated areas in the main the 95% figure may look easy but we are seeing roll-outs slowing in some areas as the premises per cabinet ratio gets worse.

What is interesting is observing the complaints about broadband which are not diminishing even though more people can get superfast broadband but are actually increasing, and this is even allowing for the lobbying that is underway over what Ofcom should and will do with Openreach. We believe that complaints are going to get worse as coverage levels improve, this is because those missed out will be increasingly worried they are in the final 5% which has no firm delivery promises yet.

I’m in the 5%.
link to this extract

 


As Flint fought to be heard, Virginia Tech team sounded alarm » The New York Times

Mitch Smith:

as government officials were ignoring and ridiculing residents’ concerns about the safety of their tap water, a small circle of people was setting off alarms. Among them was the team from Virginia Tech.

The team began looking into Flint’s water after its professor, Marc Edwards, spoke with LeeAnne Walters, a resident whose tap water contained alarming amounts of lead. Dr. Edwards, who years earlier had helped expose lead contamination in Washington, D.C., had his students send testing kits to homes in Flint to find out if the problem was widespread. Lead exposure can lead to health and developmental problems, particularly in children, and its toxic effects can be irreversible.

Their persistence helped force official to acknowledge the crisis and prompted warnings to residents not to drink or cook with tap water.

link to this extract

 


The utter nastiness of Ted Cruz » The Washington Post

Dana Milbank:

I followed both Cruz and Trump this week at multiple campaign events across New Hampshire. It was, in a sense, a pleasure to see them use their prodigious skills of character assassination against each other. It was demagogue against demagogue: lie vs. lie. Both men riled their supporters with fantasies and straw men.

But there were discernible differences. Trump owned anger. Cruz, by contrast, had a lock on nastiness. Trump is belligerent and hyperbolic, with an authoritarian style. But while Trump fires up the masses with his nonstop epithets, Cruz has Joe McCarthy’s knack for false insinuation and underhandedness. What sets Cruz apart is the malice he exudes.

Cruz jokes that “the whole point of the campaign” is that “the Washington elites despise” him. But Cruz’s problem is that going back to his college days at Princeton, those who know him best seem to despise him most.

Read on for the most amazing lies spread by Cruz’s team during the Iowa primaries; expect more through the next few months, until and unless Marco Rubio takes the lead. Or maybe it will get even worse then.
link to this extract

 


Russian group accused of online ad fraud through Twitter service » FT.com

Robert Cookson:

[Online security company] Sentrant has claimed to have identified more than 200 apps in the Google Play store that, after being installed on a mobile device, loaded “invisible” ads in the background. Its researchers estimated that these rogue apps generated at least $250,000 in advertising revenues each day — from companies paying for views — even though the ad placements could not actually be seen by people.

“This is as bad as any financial crime going on worldwide,” said Allen Dillon, chief executive of Sentrant. “It’s going to cost the consumer at the end of the day, because someone has to pay for the losses.”

Sentrant said that apps containing “fraud code” linked to Academ Media included Frozen Flame, a free game for children that has been downloaded more than 100,000 times.

Academ Media said that the allegations were unfounded. It claimed that, a year ago, its systems were hacked by an unknown attacker, who stole data and modified the company’s apps to commit advertising fraud.

ಠ_ಠ
link to this extract

 


India’s regulator effectively bans Facebook’s free basics service » WSJ

Sean McLain, Joanna Sugden and Deepa Seetharaman:

Facebook’s efforts to expand Internet access in the developing world suffered a blow Monday when India’s telecommunications regulator ruled that the social-media company’s plan to offer free access to a limited number of websites undercut the purpose of the Internet.

The regulator said Facebook’s Free Basics service violated the principles of net neutrality, which call for equal treatment of all traffic on the Internet. The new regulations ban all programs in India that offer free access to a limited set of online services.

This means Reliance Communications Ltd., the mobile-phone service provider that is Facebook’s partner in India, can’t offer Free Basics or free access to Facebook’s social-media site.

Net neutrality wins, connectivity loses?
link to this extract

 


Uninstalling Facebook app saves up to 15% of iPhone battery life » The Guardian

Samuel Gibbs:

concerns about Facebook’s Android app led to the discovery that deleting the app saves up to 20% of a phone’s battery. After that revelation, I set about seeing if the same was true for iPhone users. I discovered that uninstalling Facebook’s iOS app and switching to Safari can save up to 15% of iPhone battery life.

Using an iPhone 6S Plus for a week without the main Facebook app installed, I recorded the battery life at 10.30pm each day for a week comparing it to a daily average taken from a week with the app. I charged the phone overnight, taking it off the charger at 7.30am, and used it normally. I accessed Facebook for the same amount of time, and for the same purposes, using the social network’s excellent mobile site within Safari, as I had done using the app. I also left the Facebook Messenger app installed.

On average I had 15% more battery left by 10.30pm each day. I had also saved space, because at the point I had deleted the Facebook app it had consumed around 500MB in total combining the 111MB of the app itself and its cache on the iPhone.

His iPhone 6S review in October 2015:

Battery life is the iPhone 6S’s biggest problem. During the week the phone failed to make it past 11pm after leaving the charger at 7.30am in the morning.

I used the iPhone as my primary device, receiving hundreds of emails and push notifications, conducting 2.5 hours of browsing, three hours of music playback via Bluetooth headphones, taking a couple of pictures and playing the odd game of Angry Birds 2 on the train home.

At the weekend it spent most of the day sitting on a table untouched, but I still went to bed with only 30% charge left. Apple’s new Low Power Mode made little appreciable difference in real-world use.

The photo on the review shows Facebook installed, though that for battery life doesn’t show Facebook figuring. And yet… could there be a connection?
link to this extract

 


Wired Is Launching an Ad-Free Website to Appease Ad Blockers – Bloomberg Business

Joshua Brustein:

More than 1 in 5 people who visit Wired Magazine’s website use ad-blocking software. Starting in the next few weeks, the magazine will give those readers a choice: stop blocking ads, pay to look at a version of the site that is unsullied by advertisements, or go away. It’s the kind of move that was widely predicted last fall after Apple allowed ad-blocking in the new version of its mobile software, but most publishers have shied away from it so far.

Wired plans to charge $3.99 for four weeks of ad-free access to its website. In many places where ads appear, the site will simply feature more articles, said Mark McClusky, the magazine’s head of product and business development. The portion of his readership that uses ad blockers are likely to be receptive to a discussion about their  responsibility to support the businesses they rely on for  information online, McClusky said.

I’d like to see McClusky’s spreadsheet where it shows that every user who accesses the Wired site is worth $1 per week. Then we can talk. I’d guess the real number is perhaps one-fiftieth that size.
link to this extract

 


No, VTech cannot simply absolve itself of security responsibility » Troy Hunt

A few months ago, the Hong Kong based toy maker VTech allowed itself to be hacked and millions of accounts exposed including hundreds of thousands of kids complete with names, ages, genders, photos and their relationships to their parents replete with where they (and assumedly their children) could be located.

I chose this term deliberately – “allowed itself to be hacked” – because that’s precisely what happened. In an era where major incidents such as Ashley Madison and TalkTalk were front page news in the mainstream press, VTech continued to run a service with such egregious security flaws as the SQL injection risk the hacker originally exploited, unsalted MD5 password hashes, no SSL encryption anywhere, SQL statements returned in API calls (it’s actually in the JSON response body of my post above) and massively outdated web frameworks.

What I didn’t write about at the time but reported privately was that they also had multiple serious direct object reference risks; the API that returned information on both kids and parents could be easily exploited just by manipulating an ID.

Ugh. Terrible, terrible security. And these people want access to childrens’ data? Oh, but it gets worse: see how they’ve updated their Ts and Cs.
link to this extract

 


Errata, corrigenda and ai no corrida: ICYMI, I wrote about iPhone third-party repairs, #error53 and its likely causes, and what it tells us about Apple and some of the media.

Explaining the iPhone’s #error53, and why it puts Apple between conspiracy and rock-hard security (updated)


The TouchID system on the iPhone 6 is difficult to fix because it’s linked to Apple Pay. Photo by Janitors on Flickr.

There’s been a huge amount of coverage on the topic of “error 53”, which is a message thrown up by iTunes when it detects a particular fault on newer iPhones. But of course the rewriting hasn’t actually tried to add any value or understanding, for the most part. (Oh, internet journalism, if you only knew how crap you are.)

Techmeme coverage of "error 53"

Techmeme coverage of “error 53”: did any of it add any detail?

 

So here’s my attempt to explain it, starting from what we know, and what we can find out, and what we can deduce. On with the show!

What is #error53?

It’s the error shown in iTunes for an iPhone 6, 6 Plus, 6S or 6S Plus after an operating software upgrade (eg upgrading from iOS 8.1 to iOS 8.2, or 8.1 to 9.0, or 9.2 to 9.2.1) if the phone has had its TouchID sensor replaced or its cable interfered with since the last software upgrade.

Error 53 (almost) bricks the device: it tells you to plug it in to iTunes and recover it, but in the instance above it won’t work. There is a way to bring the phone back to life if you’ve had Error 53, which we’ll come to presently.

Update: Apple has now (February 18, ten days later) released an iOS update for those using 9.2.1 and updating via iTunes which fixes this. Read the support document.

This is just Apple trying to stop third-party repairs, isn’t it?

That’s the conspiracy version of the explanation, but it isn’t self-consistent. Third-party repairers say they can still replace batteries, screens, and various other bits. What they’ve learnt though is that doing anything with TouchID on the iPhone 6/etc can kill the phone. So they avoid doing those repairs, and tell people to take affected phones to Apple repair shops.

Note that third-party repair shops have known about the home button problem for a long time. However, it’s only just come to media attention.

Why doesn’t it happen to the iPhone 5S?

The fact that this only began happening with the iPhone 6/Plus sharpened the conspiracy that this is Apple trying to shut down third-party repairs. (But it also weakens the conspiracy theory, because wouldn’t Apple seek to block it on all devices?) The reason is down to the key difference between the 5S and the 6/Plus: the 5S doesn’t have NFC, and so can’t do Apple Pay.

Why does Apple Pay matter in this?

Apple Pay means the phone contains Secure Elements, which are cryptographic stores with credit card and payment data – including (I surmise) how to turn a credit card number into an NFC payment mechanism, which is not the sort of information that banks want to be leaked everywhere.

Why does it only happen after an OS upgrade, rather than right after a replacement?

To understand this, we have to go to Apple’s security documents about iOS 9, and how security works with TouchID (the fingerprint reader), the Secure Enclave (which stores a hashed version of your fingerprint) and the Secure Elements, which store key financial data in an encrypted form.

Here’s a diagram from Apple’s security document, showing the direction of trust as the device boots up: it travels from the bottom to the top. We’re only interested in the stuff at the bottom of this stack at present (from “Apple root certificate” upward to the top of the “hardware/firmware” part).

iPhone security system begins with the hardware

Apple’s explanation of how the security system works in the iPhone: booting starts from the bottom and progresses upwards.

On bootup, the system goes through various hardware checks to ensure that everything is tickety-boo, cryptographically speaking. If it finds something wrong, then it gives you the “Connect to iTunes” screen, and if you’re lucky, throws up an error message. Note that if something is wrong at this bootup stage, you don’t reach the higher level of the file system and OS partition; you’re stuck at the hardware/firmware level.

If you replace the TouchID system on a device, the system doesn’t throw an error at this point. Why not? I’m not completely sure, but I think that the TouchID subsystem doesn’t have an entry in the device’s own hardware/firmware listing, so the device can’t tell whether the TouchID system that’s installed is the same one it originally had at manufacture.

Update: on thinking some more about it, I think this is why. The security model is one which doesn’t trust values that are stored on-device but not burnt into hardware. So any value in a firmware register could have been changed. Now, if the TouchID serial were stored on hardware, it could be checked on boot to see if it’s trusted – but you’d never be able to replace the TouchID sensor, because the old serial is burnt into the chip. A firmware value on startup can’t be trusted because it might have been changed.

Therefore the device doesn’t brick when it’s first turned on after repair. It has to rely on something external which has stored the TouchID serial – that is, Apple’s installation authorisation server./Update

What happens on a software upgrade is subtly different from simply booting. From Apple’s document, on p6:

During an iOS upgrade, iTunes (or the device itself, in the case of OTA [over-the-air] software updates) connects to the Apple installation authorization server and sends it a list of cryptographic measurements for each part of the installation bundle to be installed [emphasis added] (for example, LLB, iBoot, the kernel, and OS image), a random anti-replay value (nonce), and the device’s unique ID (ECID).

The authorization server checks the presented list of measurements against versions for which installation is permitted and, if it finds a match, adds the ECID to the measurement and signs the result. The server passes a complete set of signed data to the device as part of the upgrade process.

Adding the ECID “personalizes” the authorization for the requesting device. By authorizing and signing only for known measurements, the server ensures that the update takes place exactly as provided by Apple. The boot-time chain-of-trust evaluation verifies that the signature comes from Apple and that the measurement of the item loaded from disk, combined with the device’s ECID, matches what was covered by the signature.

These steps ensure that the authorization is for a specific device and that an old iOS version from one device can’t be copied to another. The nonce prevents an attacker from saving the server’s response and using it to tamper with a device or otherwise alter the system software.

What I think is happening is that the new TouchID system’s serial number is in included in the cryptographic data sent to the authorisation server, and when that is compared against what it should be for the given ECID, the numbers don’t match.

At that point, the authorisation server decides that Something Bad is going on, and blocks the update. The device now fails the low-level boot – it can’t get past the kernel level to the OS boot – and so the device is bricked.

And that is why it bricks on a software update.

Why doesn’t it check with the authorisation server after the repair?

The phone doesn’t have any way of “knowing” whether it’s restarting after a repair, or after it ran out of battery, or you just turned it off for the night. If every phone were to check in with the authorisation server on being powered on, three things would happen: (1) the authorisation server would die (2) people would be furious because their phone wouldn’t boot because it would need connectivity to check the details for its ECID, and you don’t always have connectivity when you turn your phone on (3) Apple would get majorly dinged for “snooping on when people turn their phone on.”

That doesn’t explain why it doesn’t happen on the 5S, though.

Damn right. At which point we have to consider that the “cryptographic measurements” sent back for an iPhone 6/etc differ from those of an iPhone 5S, specifically because of the Apple Pay-related Secure Elements.

Why does the device still work after the third-party replacement?

Let’s qualify this: it does work, but TouchID (and so Apple Pay and others) don’t work after a third-party fix that affects TouchID. The pairing there between the Secure Element/Secure Enclave/TouchID, which was set up when the device was manufactured, is lost. It carries on not working; then at some point, you get a software upgrade notification. And then – disaster.

Considering this, I think what is stored for communication with the server is the TouchID pairing status. If it’s unpaired, the update can’t go ahead.

Update: the fix issued by Apple must tell it to go ahead if the TouchID pairing status is changed, but leaving TouchID disabled.

What if you’ve never set up Apple Pay?

Doesn’t matter. The issue is not the data you’ve stored in the device, but the data that’s built into the device – cryptographic keys used for creating payment authorisation for credit cards. Those are in the Secure Elements.

What are the Secure Elements, and what do they contain?

Here’s a definition:

An SE is a tamper resistant hardware platform, capable of securely hosting applications and storing confidential and cryptographic data. For example, in the finance industry SEs are used to host personalized card applications and cryptographic keys required to perform financial (EMV) transactions at a point-of-sale terminal. SEs used in the identity market may hold biometric data or certificates which can be used for signing documents. Whichever purpose, the secure environment provided by the SE protects the user’s credentials ensuring the safety of the user’s data.

The reason why Error 53 happens when you change or interfere with the TouchID sensor on a more-recent-than-5S phone is that the system detects – during the software upgrade – that something has changed, and that the embedded trust system has been broken. And so the device doesn’t get authorisation to update.

Why does the Secure Elements stuff matter, though?

The banks/financial institutions specify that the operating system must not be able to directly access the data in the “trusted zone” (the Secure Elements).

How can you recover from Error 53?

Quite simple: replace the new TouchID processor with the old one. (People say they have successfully done this.) However, saying it is a lot easier than doing it. Some people don’t have the old one. Or the old one might just be broken.

How does Apple replace TouchID systems?

We don’t know, but we know it can, because it does. There must be a method for updating the cryptographic measurement list held by the authorisation server for a particular ECID. I’d imagine that involves logging into a server, entering an ECID (or connecting the phone) and letting the two talk to each other.

Note that when you have your screen repaired by Apple, it will tell you to disable TouchID first. And afterwards, you’ll have to recalibrate it. So there might be something there.

Why can’t Apple do that to devices which have failed on Error 53?

We don’t know. (Possibly it can.)

Could Apple change things so that in future it just disables TouchID and software updates still work?

Perhaps. I suspect it would need some sort of adjustment to what gets sent to the authorisation server, or what the server considers OK to approve. But if Apple is tied here by what the financial institutions demand around the Secure Elements, it might not have the choice.

Why hasn’t Apple explained that this is a risk of third-party replacement?

Ah, now we come to the challenge of Being Apple. Its mystique (for that’s what a lot of it is) lies in saying very little about how it does things, and asking people to take this stuff on trust, or for granted.

Thus when it comes to repairs, Apple’s implied assumption is that everyone will bring their device to an Authorised Apple Dealer, or Apple, to get it fixed. This ignores the fact that it now sells phones in countries where you’d have to travel for hours and hours to reach either of those – if you were lucky.

Naturally, people go to third-party repair shops to get these things done. And then problems start, because you’re talking about a pocket supercomputer with embedded cryptographic systems that are sensitive to being fiddled with.

But Apple has done a bad job here in communicating the risks of getting anything around the TouchID system replaced. It really needed to get the message out there.

Why didn’t Apple get the message out there?

Probably it’s been difficult to separate the signal from the noise on this. If someone comes in to an Apple Store with an Error 53 phone, it’s hard to know at first why it has done it. The device gets replaced, and the old one sent back to Apple, but that’s barely half of the feedback loop: it has to reach Apple, someone has to figure out why it doesn’t work, and then inform stores, and also inform the marketing people that this can be a problem which needs to be communicated.

Very likely there are people in Apple Engineering, Apple Retail and Apple Marketing who are right now looking at an email trail and smacking their foreheads as they realise what the problem they missed was. Those phones sent back from the stores marked as “will not boot”… ohhh.

That’s the problem with big organisations, though: that sort of feedback loop is really, really hard to organise well. Alternatively, perhaps it has been noticed, but it hasn’t affected a large number of people, and so isn’t as high a priority as.. something else. (We don’t know what.) Of course, to the affected people, it’s a bloody high priority.

Shouldn’t Apple allow third-party TouchID repairs, though? After all, the phone is your property.

The “property” argument isn’t a great one, to be honest. Apple sells you a device, but it doesn’t give you untrammelled rights to it; you aren’t legally allowed to (try to) decompile the software, or the firmware, or to dig into things like the Secure Elements. You don’t own the entire thing.

That’s how things are these days; the open-software absolutists run into a problem with mobile phones, because even if you can download and compile the operating system (a la Andy Rubin) you won’t be able to do that on the baseband software which actually provides the mobile functions. So it’s never completely “your” phone. That’s the case with PCs too these days – there’s stuff on the motherboard you don’t get to mess with.

None of this proves it isn’t Apple just shutting out third-party repairs, though.

Ah, proof. It’s so hard to prove the imaginary, or to refute it. However the scenario where some Apple executives gather round a table and say “You know what? We’re losing valuable revenues and profits from people using third-party repairs! We need to brick those phones!” fails both Occam’s Razor and Hanlon’s Razor, the two logical tests that help you filter through a lot of modern crap.

Occam’s, you’ll recall, is “don’t let entities multiply unnecessarily – aka “the simplest explanation is probably the right one.” Hanlon’s, meanwhile, is “never ascribe to conspiracy what can more easily be ascribed to cockup.”

Why does “shutting out third party repairs” fail Occam’s? Because it requires a lot of people putting in varying amounts of effort to make it happen.

For the malicious version: Apple has to have decided (1) it doesn’t like third-party repairs; (2) it wants people to have a bad experience when they try to upgrade their software (is it certain people will connect the third-party repair with the bricking, given that the events might be weeks or months apart? They might even have had an Apple fix of some sort in the meantime) (3) to set in motion an internal program whereby third-party replacements using correctly-sourced parts will fail, but its own repairs using the same parts won’t (quite risky) (4) to keep all this secret while also instructing its repair shops how to do this.

For the accidental explanation: the new TouchID system on the iPhone 6/etc now pairs with the Secure Elements and its cryptographic signature is sent to the update server on device activation. If the signature doesn’t match on subsequent update requests, the device isn’t authorised.

See how much simpler the latter one is? It doesn’t require any executives, or nefarious planning; just some work by the engineers updating the TouchID/Secure Elements systems. That satisfies Occam.

But equally, the second also satisfies Hanlon’s Razor. Nobody has been malicious; if anything, they’ve been trying to safeguard customers by making sure that sensitive (to financial groups) information can’t get hacked off your phone. However, in doing that, they’ve created a situation where customers get a bad experience and Apple gets bad publicity over something it would have hoped would give it kudos.

The shibboleth

In all the coverage of this topic, it is quite amazing how ready people are to assume the worst. Apple is uniquely capable of polarising people, who find it exceptionally hard to be indifferent about what it does. Either it’s a sort of wellspring of ideas and direction in all sorts of markets, from PCs to mobile phones to smart watches; or it’s a malicious money-grabbing marketing machine seeking ever more ways to rip people and governments off, while foisting commodity products on people at sky-high prices.

For instance, where do you think Cory Doctorow stands on it?

Punish. There’s a verb.

Or Dan Gillmor?

(Both links in those tweets are to the same Guardian article that kicked this all off on Saturday.)

Yet if you look on Hacker News, you’ll find the tenor of the discussion is much more like “oh, that makes sense from a security point of view”. And security experts on Twitter such as Steve Bellovin and Matthew Green could discuss the matter without invoking conspiracy theories.

I find it odd that people who write publicly for money seem more willing to go for the conspiracy theory than those who don’t. Doesn’t exposure to enough organisations teach you that the bigger they get, the more easily screwups happen, and the less communication there is between their many arms?

And Apple really is big these days, stretching across an incredibly broad area of the computing market – from Macs to mobile phones to tablets to smart watches to iPods, from desktop operating systems to mobile operating systems (tweaked differently for the tablet and the phone), to smartwatch and TV set-top box operating systems, to desktop and mobile applications, to cross-platform music programs (iTunes is on Mac OSX and Windows; Apple Music is on iOS, Windows, Mac OSX and Android), to web services (CloudKit) and even chip design.

I’m pretty confident in saying that no other company is doing as many things across as many hardware and software platforms. Google is huge, but doesn’t make hardware in anything like that volume; Microsoft is huge too, but doesn’t make hardware in any appreciable volume. Apple does the whole thing, including chip design. The combination of hardware and software challenge in adding just one new feature to any individual device line is mind-boggling, because you have to consider how it’s going to affect everything else.

In that context, an engineering team working away on an improved TouchID system which authenticates against tampering probably thought they were doing just the right thing. Instead, they were throwing their retail and PR people into a media storm. The size of the teacup is yet to be determined.

Quite how Apple is going to get its explanation across will be educative to watch. (I haven’t spoken to Apple in writing this.) The more interesting question though is: what will happen once lots of Android devices start using Android Pay (which has pretty much the same trust requirements) and those start breaking? Will third-party repairers be able to fix them, or will they have to be sent back to the manufacturer? And if it’s the latter (or if people try the former) how much hell is there going to be to pay?

Though you suspect you know the answer already. It won’t arise, because not that many OEMs will implement Android Pay, and the people who get inconvenienced won’t make as much noise about it. Who cares if someone with an HTC phone has to swap it and loses their data? You’d struggle to get most newsdesks to know what an HTC phone was. Say “iPhone”, though…

Start up: hedge funds like AI, Facebook’s close separation, what if Twitter died?, BlackBerry cuts, and more

A break like this, affecting the home button, is probably going to lead in time to an #error53 fault if you don’t get it repaired by Apple. But what causes it, exactly? Photo by wZa HK on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 12 links for you. Use them wisely. I’m charlesarthur on Twitter. Observations and links welcome.

Will AI-powered hedge funds outsmart the market? » MIT Tech Review

Will Knight:

Anthony Ledford, chief scientist of MAN AHL, explains that the company is exploring whether techniques like deep learning might lend themselves to finance. “It’s at an early stage,” Ledford says. “We have set aside a pot of money for test trading. With deep learning, if all goes well, it will go into test trading, as other machine-learning approaches have.”

Trading might seem like an obvious place to apply deep learning, but actually it isn’t clear how comparable the challenge of finding subtle patterns in real-time trading data is to, say, spotting faces in digital photographs. “It’s a very different problem,” Ledford admits.

Academic experts also sound a note of caution. Stephen Roberts, a professor of machine learning at Oxford University, says deep learning could be good “for extracting hidden trends, information, and relationships,” but adds that it “is still too brittle with regard to handling of high uncertainty and noise, which are prevalent in finance.”

You just know that this isn’t really going to work, but also that it’s going to be used by a ton of funds to try to get ahead of the market – a market composed of other funds also trying to use the same processes.
link to this extract

 


iOS security – iOS 9 or later » Apple

Let’s try to get on top of this #error53 stuff:

During an iOS upgrade, iTunes (or the device itself, in the case of OTA software updates) connects to the Apple installation authorization server and sends it a list of cryptographic measurements for each part of the installation bundle to be installed (for example, LLB, iBoot, the kernel, and OS image), a random anti-replay value (nonce), and the device’s unique ID (ECID).

The authorization server checks the presented list of measurements against versions for which installation is permitted and, if it finds a match, adds the ECID to the measurement and signs the result. The server passes a complete set of signed data to the device as part of the upgrade process. Adding the ECID “personalizes” the authorization for the requesting device. By authorizing and signing only for known measurements, the server ensures that the update takes place exactly as provided by Apple.

The boot-time chain-of-trust evaluation verifies that the signature comes from Apple and that the measurement of the item loaded from disk, combined with the device’s ECID, matches what was covered by the signature.

These steps ensure that the authorization is for a specific device and that an old iOS version from one device can’t be copied to another. The nonce prevents an attacker from saving the server’s response and using it to tamper with a device or otherwise alter the system software.

To recap, with #error53, people who have had third-party replacements of screens and/or home buttons on the iPhone 6/Plus and 6S/Plus (but not the 5S) find that it works fine – though they can’t use TouchID (it’s greyed out as an option). But when they do an OS update, the phone bricks: can’t get data, can’t restore.

So my understanding of this is: the reason why devices which have had third-party replacement parts only brick after an OS update, yet work fine before it, is this: on trying to install the update they connect to the auth server. The server decides that the cryptographic measurements no longer match what it has on record. So it decides the chain of trust is broken, and effectively shuts down the device.

But it’s poor decision-making by Apple, and equally poor communication. Why doesn’t it happen on the 5S? Update: because the 5S doesn’t have NFC for Apple Pay. (Thanks, Andy.) What’s the process that Apple uses when it does the repair to revalidate the TouchID system (which fails even with valid parts)? Why can’t the system tell that it’s just TouchID that’s affected? The safety process has overshot its requirements. Every part of what happens makes sense from a security perspective  – but not if considering that many people will get third-party repairs.
link to this extract

 


Three and a half degrees of separation » Research at Facebook

How connected is the world? Playwrights, poets, and scientists have proposed that everyone on the planet is connected to everyone else by six other people. In honor of Friends Day, we’ve crunched the Facebook friend graph and determined that the number is 3.57. Each person in the world (at least among the 1.59 billion people active on Facebook) is connected to every other person by an average of three and a half other people. The average distance we observe is 4.57, corresponding to 3.57 intermediaries or “degrees of separation.” Within the US, people are connected to each other by an average of 3.46 degrees.

Our collective “degrees of separation” have shrunk over the past five years. In 2011, researchers at Cornell, the Università degli Studi di Milano, and Facebook computed the average across the 721 million people using the site then, and found that it was 3.74 [4,5]. Now, with twice as many people using the site, we’ve grown more interconnected, thus shortening the distance between any two people in the world.

Apparently my average is 3.26 so ya boo. Zuckerberg is 3.17. Sheryl Sandberg is 2.92 – blimey.
link to this extract

 


On your cute release notes » The Brooks Review

Ben Brooks:

We’ve all seen them. Notes about a fictional engineer who was hired and then fired. A cute story about something completely irrelevant to the matter at hand. Recipe for ‘squash bug soup’ or something along those lines.

With disturbingly increasing frequency, companies are deciding to let their marketing departments handle their release notes instead of the engineering team or product manager.

And we are all worse off for it.

As a user I mostly look at release notes to find out about one (or more) of three things:

• Have you added something new to the app which will make it better for me? That is: what are the new features, what do those features do, and perhaps how do I get to them.
• Have you fixed that bug which was making the app hard for me to use, perhaps even impossible for me to use? Aka: What bugs did you fix?
• How active is development on this app? Before I invest or move to most apps I look at recent release notes to get a sense of whether they are in maintenance mode (just major bug fixes), or under some kind of active development (minor bug fixes and feature releases, optimized for current version of iOS, etc).

link to this extract

 


BlackBerry cuts 200 jobs in Ontario and Florida to trim costs » Reuters

Alastair Sharp:

The layoffs will affect 75 manufacturing jobs in Sunrise, Florida, a state government website showed.

The company also confirmed that Gary Klassen is one of the people who has departed in the latest round of cuts. Klassen was one of its longest-tenured employees and the inventor of its BBM messaging service.

One source familiar with the matter, who declined to be identified due to the sensitivity of the issue, said many of the Canadian cuts were people working on its BB10 handset software at its Waterloo, Ontario, headquarters.

A spokeswoman for BlackBerry declined to comment on which divisions will be affected by the cuts, but said the company stood by its commitment to release further updates on its BB10 software.

BB10 is so, so dead.
link to this extract

 


“Dangerous ramifications” » Medium

Rohin Dharmakumar, with some examples of things that didn’t happen:

In January 2015, users of Microsoft’s Office in India were suddenly greeted with a pop-up asking them to “Support Microsoft Office”. The Indian government under PM Narendra Modi was said to be formulating an “Open Source Policy” under which all government offices were to either mandate or prefer open-source software for official work.

Clicking the “Support Office” button caused Microsoft to send the PMO and the Ministry of IT a letter from the user’s name with a pre-determined format. It said the user’s loved Microsoft’s products and wanted their government interactions to be based on the same. “I urge you not to ban Microsoft Office,” it ended.

The same message popped up on users of various Microsoft products in India – Windows, XBox, Windows Phone, Skype etc.

Within a few weeks, over 7 million emails had been sent in support to Microsoft.

“Support Monsanto”

In January 2014, farmers in the southern Indian state of Karnataka were surprised to see a notice attached to every bag of seed they bought from Mahyco, the market leader.

“Tell the Karnataka Govt. not to ban MMB”, said the notice. MMB was Monsanto-Mahyco Biotech, the joint-venture that licensed Monsanto’s crop technologies in India.

He has some more examples of things that didn’t happen – and then one which did.
link to this extract

 


Why most A/B tests give you bullshit results » Mixpanel

We’ve all seen the articles. Company X increases conversions 38% with this simple trick. Hell, I’ve written some of them.

But those success stories have hidden the grey underbelly of testing and experimentation.

AppSumo revealed that only 1 out of 8 tests produce results. Kaiser Fung estimates that 80 to 90 percent of the A/B tests he’s run yield statistically insignificant results.

Yet many new testers walk into A/B testing thinking it’ll be quick and easy to get results. After running a handful of simple tests, they think they’ll find the right color for this button or the right tweak to that subject line, and conversions will, poof, increase by 38% like magic.

Then they start running tests on their apps or sites, and reality suddenly sets in. Tests are inconclusive. They yield “statistically insignificant” results and no valuable insights about the product or users. What’s happening? Where’s that 38% bump and subsequent pat on the back?

Don’t get frustrated. If you’re going to be running A/B tests, you’re going to have some tests that fail to produce meaningful results you can learn from. But if you run good tests, you’ll have fewer failures and more successes.

link to this extract

 


Advice for companies with less than one year of runway » The Macro

Dalton Caldwell:

Let’s imagine that you are the founder of a company that has successfully raised an angel or institutional round and are currently in a situation where you have 12 months or less of runway.

The hardest part of dealing with a low runway situation is managing your own psychology. You have to simultaneously manage your own anxiety to not be overly negative about your prospects, but also not be irrationally positive. It’s a delicate balance.

Watch companies do the various things in this post over the next year or so.
link to this extract

 


Technology: the rift with reality » FT.com

Tim Bradshaw:

With so many [virtual reality] headsets hitting the market this year, the challenge may be figuring out what people will do with them. Video games are seen as the first popular application, and some are experimenting with VR versions of films including The Martian. Futuresource Consulting believes the VR content market could be worth $8.3bn within four years.

Beyond entertainment, advocates say these headsets could transform education, travel, real estate and architecture, not to mention videoconferencing and social networking. Some inside Uber are worried that Oculus could one day prove disruptive to their business by removing the need for people to travel. Why hail a taxi when you can teleport?

“Whenever a market is this early, you have to have strong convictions loosely held,” says Nabeel Hyatt, a venture partner at Spark Capital, which also backed Oculus. “We don’t know what’s going to happen.”
That uncertainty provides fertile ground for entrepreneurs. “There will be billion-dollar companies started by college students because someone gave them a Rift as a present and they solved a very specific problem,” says Anjney Midha, a partner at KPCB Edge.

However, as any sci-fi reader knows, new technologies have inherent risks, too. The futures depicted in Ready Player One and Snow Crash are dystopian and chaotic.

In December, academics led by Christian Sandor of the Nara Institute, Japan, wrote that “true augmented reality”, where the digital is indistinguishable from the physical, “will be the most powerful medium that humanity ever had at its disposal”.

link to this extract

 


What if Twitter Died? » Tech.pinions

Bob O’Donnell:

this seems to be one of the fundamental problems of Twitter. It’s appealing to Hollywood, TV, music and sports celebrities as a means to interact more intimately with their fans and share the kinds of details they’d never provide to traditional celebrity media. It’s appealing to the tech industry as a mouthpiece for those who want to determine the course of what is or isn’t important. The digital taste-setters, so to speak.

But for mainstream business and consumer users? Not so much. Arguably, this is the biggest problem with Twitter—it can’t seem to stretch beyond its celebrity, celebrity follower, and tech roots. If you aren’t into celebrities or the tech industry, Twitter just isn’t that appealing, especially given all the other options for online social interactions.

Despite these points, I think the navel gazing value of Twitter to the tech industry is so high, I seriously doubt they’ll let Twitter actually die. Someone with enough money and enough self-interest will likely make sure that, no matter what, Twitter will continue in some shape or form. Eventually, it’s value may start to fade, as some have already started to argue, but at least the Twittersphere will have a few years to adapt and find new alternatives.

The fundamental challenge is a publishing service that’s essentially based on self-promotion, self-aggrandizement, and self-importance at some point is going to run into the wall of indifference. Not everyone cares to read about what the self-elected are all doing all the time.

link to this extract

 


Yahoo loses mobile entrepreneur Arjun Sethi to venture firm » WSJ

Douglas MacMillan:

Mr. Sethi helped lead Yahoo’s effort to compete with Facebook Inc.FB -2.29% and Snapchat Inc. in the emerging area of mobile chat apps. Last July, his team released Livetext, a mobile app that lets users send live video and text without any sound.

Livetext failed to take off with users. In its first month, the program dropped out of the ranking of the 1,000 most popular apps in Apple Inc.’s app store and never returned, according to data from App Annie.

Yahoo’s struggles to produce a hit mobile app has hurt Ms. Mayer’s chances at turning around the 20-year-old Internet icon. This week, Yahoo said its board is weighing “strategic alternatives” to the turnaround which likely include a sale of its core Web business…

…Mr. Sethi is one of dozens of startup founders Ms. Mayer brought into Yahoo through a series of small acquisitions. In her three-and-a-half years as CEO, Yahoo has spent more than $2.3bn on at least 53 acquisitions, largely for small mobile-software developers whose apps were shuttered and whose founders were enticed to work on new projects at the company. At least 26, or over one-third, of the more than 70 startup founders and CEOs who joined Yahoo through an acquisition during Ms. Mayer’s tenure have left the company, according to their profiles on LinkedIn Corp.

As has also been pointed out, Yahoo last week wrote down the value of those acquisitions by $1.2bn. The idea of a video app without sound appears dumb, but then again lots are like that; but Instagram, Facebook and Vine were all there ages earlier. Yahoo’s problem is that it’s late and has no traction in mobile, not that the ideas are of themselves bad.
link to this extract

 


Sacked in Dublin by a boss in… London » Private Eye

Private Eye is always anonymous:

Google’s claim that all its real business is handled through its European HQ in Dublin while its multiple UK offices exist merely to count the paperclips, organise staff leaving collections and do the morning coffee run is further undermined by evidence it gave to an employment appeals tribunal in the Irish capital in 2013.
Rachel Berthold had been sacked in May 2011 from a position as a “level six” manager, which the tribunal heard put her in the top 7% of employees in Google’s Dublin office.

Anne-Catrin Sallaba, her former boss as Google Europe’s Head of Publisher Services, gave evidence to the tribunal that Berthold had failed to meet performance targets – but Sallaba had to cross the Irish sea to do so, given that as Berthold’s line manager she was employed in, er, London.

Berthold was eventually awarded €100,000 for unfair dismissal. Sallaba has in the meantime been promoted twice, and now rejoices in the job title “Senior People Development Manager, Head of Global Onboarding” – still in London!

As it happens, Matt Brittin of Google UK will be testifying before the UK Parliament this week.
link to this extract

 


Errata, corrigenda and ai no corrida:

Start up: Google’s search rejig, adblockers can’t Play, Sony to exit tablets?, Magic Leap’s big step, and more

No longer can you seek him here or there. Photo by abrinsky on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 10 links for you. Use them wisely. I’m charlesarthur on Twitter. Observations and links welcome.

Google search chief [Amit] Singhal to retire, replaced by AI exec » Bloomberg Business

Jack Clark:

“When I started [at Google in 2000], who would have imagined that in a short period of fifteen years, we would tap a button, ask Google anything and get the answer,” Singhal wrote in a Google+ post announcing his retirement. “My dream Star Trek computer is becoming a reality, and it is far better than what I ever imagined.”

With Giannandrea’s appointment, the technology may get smarter. The executive has overseen recent artificial intelligence efforts, including RankBrain, which saw Google plug an AI technology called a neural network into its search engine to boost the accuracy of results and an e-mail service called Smart Reply that automatically writes responses. Other work he has managed include efforts in image recognition and technologies that fetch information based on what users are doing with their devices, rather than what they’re explicitly searching for.

[John] Giannandrea joined Google in 2010 when it acquired a company he co-founded called Metaweb Technologies. Those assets became the basis for Google’s knowledge graph, a vast store of information on hundreds of millions of entities that helps the search engine present factual data in response to certain queries. Singhal’s last day is scheduled to be Feb. 26.
The elevation of Giannandrea represents a further emphasis on the importance of artificial intelligence to Google, a unit of Alphabet Inc. Chief executive officer Sundar Pichai said the technology has been key to recent efforts in search on mobile devices and personal assistant technologies.

Speaking of search..
link to this extract

 


Garth Gibbs: ‘The archetypal diary writer’ » Press Gazette

An obituary from August 2011:

Garth also managed to spend much of his time chasing various ‘sightings’ of ‘Lucky’ Lord Lucan, who was thought to have fled abroad after apparently mistaking his nanny for his wife and bludgeoning the ‘wrong’ woman to death. Of this colourful period in an almost continually helter-skelter career, Garth himself wrote: ‘As that brilliantly bigoted and crusty old columnist John Junor once cannily observed: ‘Laddie, you don’t ever want to shoot the fox. Once the fox is dead there is nothing left to chase.'”

With a wonderfully fertile imagination – a prerequisite of any good tabloid journalist – plus a good deal of chutzpah, Garth relished the challenge of keeping Lord Lucan alive, but never finding him.

‘I regard not finding Lord Lucan as my most spectacular success in journalism,’he said. ‘Of course, many of my colleagues have also been fairly successful in not finding Lord Lucan. But I have successfully not found him in more exotic spots than anybody else.

‘I spent three glorious weeks not finding him in Cape Town, magical days and nights not finding him in the Black Mountains of Wales, and wonderful and successful short breaks not finding him in Macau either, or in Hong Kong or even in Green Turtle Cay in the Bahamas where you can find anyone.”

Lucan was finally declared dead – though never found – on Wednesday. Not finding him was indeed a splendid task allotted to many journalists down the years. Speaking of search…
link to this extract

 


#SEO for sale?! Exposing Google loopholes in light of FTC native guidelines » aimClear® Blog

Marty Weintraub:

Mashable, a respected global media company focused on informing and entertaining “the digital generation,” was our inspiration.  Mashable has joined the swelling ranks of websites selling native content articles to advertisers.  Initially we were interested in participating in the program and reached out to Mashable regarding their native post advertising, which is called BrandSpeak or BrandLab.

As the conversation progressed, we were curious as to how Mashable native posts show up in Google search results and disclosure verbiage in light of new FTC native advertising guidelines. After we corresponded with a Mashable sales associate and researched BrandSpeak/BrandLab in detail, we were motivated to share our findings with the community as a point of learning about native content.

Those findings surprised (and astonished) us. Aimclear analysts identified a Google SEO loophole, which is perhaps the greatest ranking algorithm gap in years, allowing marketers to literally buy their way into Google search results with paid content…

…At best, allowing paid SEO tilts the playing field, making it even harder for smaller, perhaps more relevant players to compete for free Web Search results.

Google’s Webmaster Guidelines governing native content and Web Search are firmly rooted in 2013.

Tricky; this stuff is low-quality, but sites are desperate to generate revenue somehow. Speaking of revenue…
link to this extract

 


Google boots ad blockers from Google Play » TechCrunch

Sarah Perez:

According to Rockship Apps founder and CEO Brian Kennish, maker of Adblock Fast, Google’s app reviews team informed him the app was being removed for violating “Section 4.4” of the Android Developer Distribution Agreement.

This is the section that informs developers they can’t release apps that interfere with “the devices, servers, networks, or other properties or services of any third-party including, but not limited to, Android users, Google or any mobile network operator.”

If that text sounds a little broad-reaching and vague, that’s because it is. It’s also what allows Google to react to changes in the industry, like this one, on the fly.

Kennish says that Google’s app reviews team informed him that he could resubmit after modifying his app so it didn’t “interfere with another app, service or product in an unauthorized manner.”

“We’ve been trying to contact Google through their public channels since Monday, and I tried through private ones all day yesterday…but we haven’t gotten any official response from a human – just autoresponders,” notes Kennish.

He suspects that Adblock Fast was the first to be pulled from Google’s app store because it had climbed the charts so quickly and had achieved a 4.25 rating. Kennish says that the app had around 50,000 installs at the time of its removal.

In addition, the company could have gotten on Google’s radar by pushing out an update that offered a better user experience. (Some people didn’t realize it only worked on Samsung’s 4.0 browser and left 1-star reviews. The update was meant to better highlight the app’s requirements.)

Meanwhile, as of the time of writing, other ad blockers are still live, including Crystal and Adblock Plus (Samsung Browser). However, that may not be the case for long.

Crystal’s developer Dean Murphy also just submitted an update that’s just been declined by Google’s app review team for the same reason cited above. Again, Google references section 4.4 of the Developer Agreement as the reason for stopping the update from going live.

“I have appealed the update rejection, as I assume that I am rejected for ‘interfering’ with Samsung Internet Browser, citing the developer documentation that Samsung have for the content blocking feature,” explains Murphy. “I’m still awaiting their reply.”

Wow, that was fast. Crystal was still there on Wednesday. This is going to ratchet up tensions between Google and Samsung (again); in the comments on the Verge article on this topic (which has less detail) there are people who switched to iOS because of adblocking, or are considering moving back because they can’t get it on Android. A small but possibly significant group.

Google has clearly set its face against adblocking on mobile, but the pressure is starting to build up behind the dam.
link to this extract

 


About » DeepDetect

DeepDetect (http://www.deepdetect.com/) is a machine learning API and server written in C++11. It makes state of the art machine learning (such as deep learning) easy to work with and integrate into existing applications. Its goal is to simplify and secure both the development and production phases by using possibly different servers and passing models from one to the other.

It originates from the need for industries, businesses and researchers to quickly fit a machine learning pipeline into existing applications, starting with well-known models, and moving toward more targeted ones while measuring accuracy.

DeepDetect allows this by coupling a generic API and a server with high performance machine learning libraries. At the moment it has support for the deep learning library Caffe. More libraries are to be supported in order to span over a larger set of common use cases.

There are free (even for commercial use) models that are downloadable from the site. This lies just over my event horizon for understanding – but reading the details about “getting started” puts me in mind of people feeding a giant brain, or disembodied intelligence, and that gives me pause.

But this stuff is going to be everywhere in two years.
link to this extract

 


Would you be sad to see Sony withdraw from the tablet market? » Xperia Blog

The mysterious “XB”:

given the challenging smartphone market, as evidenced by last week’s results there is no guarantee that Sony will continue to cater for the tablet market. A recent Japanese blog post by a Sony store manager speculated that the company may withdraw from the tablet market after receiving marketing material suggesting so.

The news would not surprise us, after all, we know that tablets made just 5% of Sony Mobile’s revenues back in 2013 and that was expected to shrink even further. Given the R&D costs of developing and supporting new devices, Sony may feel that producing another tablet for 2016 might not be commercially viable.

I didn’t know that about the tablet revenues; apparently they’re meant to be down to 3-4% now. The question is whether they generate more than 0% in profit – because they must be eating up R+D time and money, which is opportunity cost that Sony probably can’t afford.
link to this extract

 


The joy of shortcuts » Allen Pike

Next January, Parse is shutting down. The successful Parse apps will get moved to a custom backend like ours was, perhaps using Parse’s excellent open-source server and migration tool. The unsuccessful Parse apps will die. Hundreds of thousands of unsuccessful Parse apps will perish. Like links to long-dead Geocities pages, dead mobile apps that relied on Parse will linger in the App Stores for years, slowly accumulating one-star reviews.

As much as Parse will try to get the word out that they’re shutting down, many apps’ owners don’t even know that they’re reliant on Parse. Parse’s overly generous free plan made them popular with freelancers and consultants building quick app backends for their clients. Many of those clients don’t know what Parse is, let alone that the little app they commissioned a couple years ago is a ticking time bomb.

How many iOS apps, how many Android apps relied on Parse? There needs to be an enumeration.
link to this extract

 


How the iPhone 6 ruined Apple » All this

Dr Drang:

While it’s certainly possible that the great days of iPhone sales growth are over, I wouldn’t make that prediction just yet. In fact, I was surprised to learn that iPhone sales were merely flat. I was expecting a decline—not because the iPhone is losing popularity, but because the iPhone 6’s first quarter of sales was such a gigantic leap upward. The pent-up demand for a larger iPhone caused sales to increase nearly 50% year over year, to 74.47m from 51.03m the year before. This was the biggest percentage jump in year-over-year sales since the introduction of the 4S (which was goosed a bit because the 4S was delayed). I just didn’t think the 6S could keep up with that. And maybe it won’t.

But look at how things were going before the iPhone 6. Had the trend of 2012–2014 continued through 2015, iPhone sales last quarter would have been 65–70 million. Instead they were just under 75m. It’s only in comparison to the huge holiday quarter of 2014 that last quarter looks dull.

I’m reminded of the devotion climate change deniers had to the year 1998. Because of an intense El Niño that year, global temperatures rose well above the trend line, and it remained the hottest year on record for several years. Deniers hit upon this fact, and claimed that global warming had stopped, even though the overall warming trend had continued. The iPhone 6 was Apple’s El Niño.

link to this extract

 


Magic Leap Just Landed an Astounding Amount of VC Money » WIRED

Jessi Hempel on the company which has just raised $793.5m in a C round from Alibaba and others (Google and Qualcomm were already on board):

Many believe Magic Leap’s technology—along with a handful of competing virtual and augmented reality products—will usher in a sea change in how we use computers. By placing sensors everywhere and processing the volumes of data they produce, it’s possible to create better immersive environments and believable layers of digital images on top of the physical world. Facebook, Samsung, and Microsoft are creating competing technology and have chosen to make their headsets available even as they’re engineering the products. Google is also beefing up its virtual reality team, and Apple is also reportedly getting into the action. Magic Leap claims to be using a different technology to achieve its effect, and it’s keeping its efforts mostly secret.

The company has made converts out of many of those who have seen demos. New Zealand design studio Weta Workshops has teamed up with Magic Leap to build games. Science fiction writer Neal Stephenson joined the company as its chief futurist. Last fall, Google led a $542m investment, bringing its previous funding total to $592m. But so far, it hasn’t been clear when Magic Leap’s tech will be available for consumers.

Expectations around this are going to be huge, which usually leads to disappointments of the same size. Shipping product matters; having that much of a cash pillow can’t be good, because it won’t help the financial discipline needed to make things (of whatever sort) to a price, for a user, to a specification. Don’t forget the lesson of Leap Motion – big hype, big letdown.
link to this extract

 


​Startup lands $100m to challenge smartphone superpowers Apple and Google » CNET

Stephen Shankland:

Acadine, which CNET previously reported was initially known by the placeholder name Gone Fishing, plans to build an operating system for smartphones, tablets, wearable devicess and the Internet of Things.

That’ll be a tough challenge. But [fouder Li] Gong believes Acadine’s generous funding [from a Chinese state-controlled company], fast development and international reach will mean consumers finally will see the alternative to Apple and Google that so many other companies have failed to build.

And of course that means his startup and its investors will reap the rewards. “Owning an OS is extremely important if you can do it,” Gong said. “It’s very profitable if you can do it.”

Potential sources of money, Gong said, include being paid to promote services like search, storage, music streaming and e-commerce; revenue sharing from those services when customers pay to use them; and fees generated by advertising and game sales. All of those, though, depend on Acadine succeeding in finding and exploiting gaps where existing OSes are weak then expanding from there to a large user base.

The list of mobile operating systems that have struggled to compete against Android and iOS and gain that large population of users is long: Microsoft’s Windows Phone, Samsung’s Tizen, Jolla’s Sailfish OS, Canonical’s Ubuntu, Hewlett-Packard’s WebOS, BlackBerry’s BlackBerry OS and Mozilla’s Firefox OS. This last project is the one Gong led at Mozilla until he left in April, and it’s the starting point for H5OS.

One hates to say “a fool and his $100m are soon parted”, but it’ll do.
link to this extract

 


Errata, corrigenda and ai no corrida: I was going to include a link to a video of a male cyclist who was suspected of having a motor in his bicycle (and man, it looked fishy) but realised it is a rabbit hole one would never emerge from.

Start up: Ireland’s judgement day, Yahoo crumbles, a new iPhone?, Swiftkey sold, and more


Modern motors in bikes are better concealed than this. Photo by rich701 on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 8 links for you. Use them wisely. I’m charlesarthur on Twitter. Observations and links welcome.

Ireland braces for blizzard of tech rulings » Politico

Chris Spillane:

Gavin Kearney has a telescopic view of the threat facing Dublin’s Silicon Docks, the watery frontier of Ireland’s tech sector. He is braced this week for the first of three verdicts that will have sweeping repercussions on both sides of the Atlantic.

Since Kearney founded the encryption business Jumble two years ago, he has watched Ireland come under fire from the European Court of Justice, the European Union and the U.S. Department of Justice.

The cases involve Facebook, Apple and Microsoft and will decide critical issues confronting the tech industry: data protection and privacy, and corporate tax strategies. The results could spoil Ireland’s reputation as a tech hub, spark an exodus of jobs and investment, and force some to pay hundreds of millions in back taxes.

“If somehow Ireland’s data protection was eroded to be more American and less EU, those entities affected may have to relocate some of the operations to restore the balance,” said Kearney, the chief executive of Jumble. “There’s a bit of a perfect storm in terms of the timing of these issues hitting, but it’s a continent-wide problem and not just a standalone country, so we can shore up against it.”

link to this extract


Microsoft steps up AI push with Swiftkey deal – FT.com

Tim Bradshaw and Murad Ahmed:

Microsoft is paying around $250m to acquire London-based Swiftkey, maker of a predictive keyboard powered by artificial intelligence that is installed on hundreds of millions of smartphones, according to people familiar with the deal.

Jon Reynolds and Ben Medlock, who founded the company in 2008 when both were in their 20s, will each make upwards of $30m from the buyout, which is set to be announced this week.

The pair together own a substantial minority stake in the company after raising a relatively small amount of venture capital, just over $20m, from backers including Accel Partners, Index Ventures and Octopus Investments.

Swiftkey is the latest in a string of UK start-ups with advanced artificial-intelligence capabilities to be snapped up by the biggest names in Silicon Valley.

Great for Swiftkey, though it’s another example of a British firm being gobbled up by an American one. The broader question – why does Microsoft want a smartphone keyboard company? – is more important; the AI element must be really relevant to something it’s doing.
link to this extract


Yahoo to cut 15% of workforce, explore strategic options » WSJ

Douglas MacMillan and Dana Mattioli:

Yahoo Inc. on Tuesday announced plans to eliminate roughly 15% of its workforce and explore “strategic alternatives” for its struggling Internet business, in the strongest indication yet that the company’s board is considering a sale of its Web properties.

The announcement accompanied Yahoo’s fourth-quarter report in which the company reported a loss of $4.4bn, hurt by write downs on Tumblr and other assets, as revenue grew 1.6% to $1.27bn.

But advertising is the way that all sites can thrive, surely? Maybe Yahoo will turn out to be the biggest ad-supported web failure.
link to this extract


Hidden motors for road bikes exist — here’s how they work » CyclingTips

Matt de Neef:

The motor is connected to a battery pack via the electronic control unit housed in the seatpost provided. By default the battery lives in a saddlebag, but it can also be concealed in a bidon seated in the seatpost bidon cage (more on that in a moment).

A simple button to start and stop the motor is then mounted on the underside of the handlebars and routed to the control unit in the seat post.

The Vivax assist motor is rated at 200 watts (the maximum for e-bikes in Australia is 250W, beyond which they are classified as motorbikes) but in reality, we were told, the unit provides somewhere in the vicinity of 110W to the driveshaft. This is in addition to whatever the rider is pushing through the pedals.

After yesterday’s article about the secret motor in a competing rider’s bike. (Thanks Mark Gould for the link.)
link to this extract


Breaking down Alphabet’s Other Bets » Beyond Devices

Jan Dawson:

We’ve taken a look at several aspects of Alphabet’s Other Bets segment, but we’ve only touched on perhaps the most important element: trajectory. In other words, which direction are these numbers heading in? In brief, using Ruth Porat’s suggestion to look at annual results:

• Revenue is growing, at about 37% year on year from 2014 to 2015
• Operating losses are growing faster, from $1.9 billion in 2014 to $3.6 billion in 2015
• Margins are worsening too, from (and these numbers are a bit ridiculous) -488% in 2014 to -685% in 2015
• Capex is growing faster than revenues on an annual basis, and capital intensity rose from 150% in 2014 to almost 200% in 2015.

None of those is moving in a happy direction as far as the future financial performance of Alphabet is concerned.

Google’s ad business is still going strong (principally through growth in ads on YouTube), making up 90% of its revenues, and more of its profit.
link to this extract


Apple eyes March 15 event for iPhone 5se, iPad Air 3 & Apple Watch updates » 9to5Mac

Mark Gurman (who has a strong track record on these things):

As we revealed last month, Apple is planning to reinvigorate the 4-inch iPhone screen size by replacing the iPhone 5s with an iPhone 5se that includes an A9 chip, improved cameras, support for taking Live Photos, and Apple Pay. While the internals are revamped, the 5se’s externals nearly mirror the 5s’s save for “less shiny” and possibly slightly curved edges. The 5se will be priced the same as the 5s, according to sources, starting at $450 for 16GB. A 64GB model will also be offered.

The launch of the new iPad Air 3 will mark the first significant upgrade to Apple’s 9.7-inch tablet line since the Air 2 debuted in October 2014. The Air 3 is expected to include iPad Pro features like enhanced speakers and a Smart Connector, which could mean that a smaller Smart Keyboard is on the way.

Basically brings the iPhone 5S into iPhone 6 capability, apart from the screen. Will the iPad update get the line selling again, though? Other outlets with good track records have confirmed the date of 15 March.
link to this extract


Apple developing wireless-charged iPhone for as soon as 2017 » Bloomberg Business

Tim Culpan:

In 2010 Apple made a patent application outlining a concept of using an iMac personal computer as a hub for wirelessly recharging at a distance of about 1 meter using a technique called near-field magnetic resonance. Apple currently uses a similar technique, called induction, to charge its Watch within millimeters of the power source.

Another Apple patent outlined a method for making aluminum phone casings that allow radio waves to pass through, a technique that would minimize the problem of metal interfering with transmitted signals.

Apple has previously played down its interest in any charging technology that still needs to be plugged into a wall socket because such methods would add little convenience.

Semiconductor makers Broadcom and Qualcomm are among those who have developed or are developing technology and standards for wireless charging.

How much demand is there for wireless charging?
link to this extract


DailyMail Online results: even at huge scale, online news is hard to monetise » Medium

Frank Meehan:

The DailyMail Online is the biggest English language site in the world with 220m unique monthly actives, high engagement and virality of content. It’s a machine.

Yet, in its recent quarterly results announced today, the MailOnline reported advertising revenues of £23m on those 220m.

As the FT’s Lex column points out – that is just 10c of revenue per user [per month].

Not much return for the huge amount of effort put into the content (same may argue that it’s doesn’t take much effort to generate more gossip on the Kardashians, but actually the MailOnline has gossip down to an art form, which is why they are the biggest).

Compare my estimate of The Guardian’s revenue per browser per month of 6.16p.
link to this extract


Errata, corrigenda and ai no corrida:

Start up: Apple’s conundrum, watch birds migrate!, the 5am startup, and more

A Go endgame: where would you play next? DeepMind’s systems would know. Photo by chadmiller on Flickr.

Only humans can sign up to receive each day’s Start Up post by email. They need to click a confirmation link, so no spam.

A selection of 9 links for you. Use them wisely. I’m charlesarthur on Twitter. Observations and links welcome.

Apple wants to be a services company » Business Insider

Jay Yarow with a neat summary of Apple’s conundrum:

So, Apple is in this weird cycle: It wants to grow services revenue, but services revenue depends on iPhone sales. Currencies are falling because the global economy is weak relative to the US economy, which is leading Apple to raise prices on the iPhone, which is hurting iPhone sales, which will limit services revenues.

Apple could lower prices of the iPhone to sell more units and then grow services, but it doesn’t seem to want to do that.

Cook said Apple already had a variety of price points, from the low-tier iPhone 5s to the high-end iPhone 6s Plus.

“I don’t see us deviating from that approach,” Cook said.

This makes sense since Apple is a hardware company. If it were a services company, it would lower prices, go for smartphone unit volume, then get more money from that. But it is not a services company.

It is not principally a services company. The money it does make from services is actually pretty substantial, and threatens to overtake iPad revenue. Poor iPad.
link to this extract

 


iPhone Headwinds » Tech-Thoughts

Sameer Singh:

Apple also increased iPhone channel inventory by 3.3m over the quarter compared to a decline of 0.2m in the same quarter last year. Keeping in mind that Apple reports sell-in (shipments), not sales to end users, this implies that iPhone sell-through actually declined by 4.3% YoY, from 74.7m to 71.5m units. This is the first such decline in the history of the product.

In addition to this sell-through decline, Apple’s revenue guidance for the next quarter implies a steeper YoY decline in unit sales. And finally, this was accompanied with a YoY increase in average selling price (ASP) which suggests that the iPhone mix is shifting towards higher end models…

…As Clay Christensen is fond of saying, “Disruption is a process, not an event”. The mechanics of low-end disruption have been working ever since the first Android smartphone was unveiled in 2008. The key test for the iPhone will be the iPhone 7 cycle, starting in fiscal Q1 [Oct-Dec] 2017. In a “redesign year”, it will be easier to gauge whether meaningful product improvements can continue to generate increased demand or if today’s smartphones have already reached “good enough” territory.

The sell-through point is valid (only BlackBerry also gives the same data). The odd thing is that rising ASP: it points to people having the disposable income to buy the pricier models, which argues against the “low-end disruption” thesis.

But the gap between the average selling price of an Android handset and the average selling price of an iPhone has never been larger. That must have knock-on effects. But what?
link to this extract

 


Google AI algorithm masters ancient game of Go » Nature

Elizabeth Gibney:

DeepMind’s program AlphaGo beat Fan Hui, the European Go champion, five times out of five in tournament conditions, the firm reveals in research published in Nature on 27 January. It also defeated its silicon-based rivals, winning 99.8% of games against the current best programs. The program has yet to play the Go equivalent of a world champion, but a match against South Korean professional Lee Sedol, considered by many to be the world’s strongest player, is scheduled for March. “We’re pretty confident,” says DeepMind co-founder Demis Hassabis.

“This is a really big result, it’s huge,” says Rémi Coulom, a programmer in Lille, France, who designed a commercial Go program called Crazy Stone. He had thought computer mastery of the game was a decade away.

The IBM chess computer Deep Blue, which famously beat grandmaster Garry Kasparov in 1997, was explicitly programmed to win at the game. But AlphaGo was not preprogrammed to play Go: rather, it learned using a general-purpose algorithm that allowed it to interpret the game’s patterns, in a similar way to how a DeepMind program learned to play 49 different arcade games.

This means that similar techniques could be applied to other AI domains that require recognition of complex patterns, long-term planning and decision-making, says Hassabis. “A lot of the things we’re trying to do in the world come under that rubric.” Examples are using medical images to make diagnoses or treatment plans, and improving climate-change models.

This is a gigantic result; being good at Go requires a subtle intuition and feel for space. (At least, for a human.) It’s far, far more complex than chess. And that this was done by a non-specific program has colossal implications.

As Nature’s leader on the topic comments, as these systems spread into our lives, “The machine becomes an oracle; its pronouncements have to be believed… Intuitive machines will need more than trust: they will demand faith.”

As a side note, DeepMind looks like one of Google’s smartest purchases – perhaps after YouTube.
link to this extract

 


Nest thermostat goes from ‘Internet Of Things’ darling to cautionary tale » Techdirt

Karl Bode:

[Tech writer Stacey Higginbotham’s] Nest device began trying to cook her family in the middle of the night, something Nest first tried to blame on her smart garage door opener, then tried to blame on her Jawbone fitness tracker (Nest never did seem to pinpoint the cause). Her report suggests that an overall culture of “arrogance” at Nest shockingly isn’t helping pinpoint and resolve bugs:

“One Nest partner, who declined to be named to preserve his business relationship with the company, said that Nest being quick with the blame didn’t surprise him, citing a culture of arrogance at the company. When something went wrong during integration testing between his device and Nest’s, problems were first blamed on his servers and team.”

And fast-forward to last week, when researchers putting various internet of thing devices through tests found that the Nest thermostat was one of many IOT devices happily leaking subscriber location data in cleartext (with Nest, it’s only the zip code, something the company quickly fixed in a patch). Granted Nest’s not alone in being an inadvertent advertisement for a product’s “dumb” alternatives. In 2016, smart tea kettles, refrigerators, televisions and automobiles are all busy leaking your private information and exposing you to malicious intrusion (or worse).

It’s a fascinating, in-progress lesson about how our lust for the sexy ideal of the connected home appears to be taking a brief pit stop in reality.

link to this extract

 


Vigilant solutions and the spread of police surveillance » The Atlantic

Conor Friedersdorf:

Throughout the United States—outside private houses, apartment complexes, shopping centers, and businesses with large employee parking lots—a private corporation, Vigilant Solutions, is taking photos of cars and trucks with its vast network of unobtrusive cameras. It retains location data on each of those pictures, and sells it.

It’s happening right now in nearly every major American city.

The company has taken roughly 2.2bn license-plate photos to date. Each month, it captures and permanently stores about 80m additional geotagged images. They may well have photographed your license plate. As a result, your whereabouts at given moments in the past are permanently stored. Vigilant Solutions profits by selling access to this data (and tries to safeguard it against hackers). Your diminished privacy is their product. And the police are their customers.

Sounds a bit similar to the UK police’s Automatic Number Plate Reader network, which extends around the UK, except this is historic too. (Then again, the UK’s ANPR system probably is too.)
link to this extract

 


How to wake up at 5am and build your startup » Medium

Patrick Park (once he’s got past the stuff about how to, you know, get up at 5am, and gets on to the stuff about building your startup):

It’s hard to admit, but no one really knows what they’re doing at first. Even the largest startup unicorns in the world, took a long time to find their footing. AirBnb survived by selling political themed cereal Obama O’s and Cap’n McCain’s. #Slack came out of a failed game “Glitch.” Even YouTube began as a video dating service “Tune in Hook Up.”

Micro-startups work well with the Lean Startup methodology. Not only are micro-startups easier to implement, but provide a shorter feedback loop that keeps you more in touch with your audience. With 75% of all startups failing, would you rather spend 100 days in a basement building a product your customers “might” like or connect with your audience everyday “while” you adapt your startup to address your customer’s pain-points? Don’t build another Blockbuster.

Start with the assumption that you’re wrong. Constantly validate your theories through micro-experiments. When I first started “Krown.io”. I explained the service as an “Annotation Blogging Platform.” That was, until I found out the majority of people have no idea what “Annotations” are. We tried a variation of “Smart Blogging,” “Highlight Blogging,” “Feedback Blogs,” and “Contextual Blogging Platform.” Which surprise, surprise. People still had no idea what we were talking about. So we added a bare-to-the-bones explanation, “Highlight a text and add comments directly on the highlighted text.” Validate your hypothesis.

The startup advice is fine. Waking up at 5am isn’t that hard, but he makes it sound like one of the 12 tasks of Hercules.
link to this extract

 


Lenovo used 12345678 as hard-coded password in SHAREit for Windows » Graham Cluley

Cluley is amazed – as you will be:

The first vulnerability [of four, all of which could be exploited remotely] (CVE-2016-1491) is perhaps the most infuriating. CoreLabs discovered that whenever SHAREit for Windows is configured to receive files, this process creates a Wi-Fi hotspot that is ‘protected’ by the password “12345678”.

Not surprisingly, this password just recently earned a top spot on the latest list of worst passwords you could possibly choose.

What is surprising is the fact that Lenovo would incorporate such an insecure password into its application — and one that does not change, no less!

Then again, I suppose the issue could be worse. In the second vulnerability (CVE-2016-1492), which applied only to SHAREit for Android, there is no password set up to protect the Wi-Fi hotspot when the app is configured to receive files.

To be sure, it doesn’t say much when Lenovo could have mitigated two separate vulnerabilities by adhering to the most basic principles of password security.

But moving right along. The third vulnerability (CVE-2016-1490) discovered by CoreLabs builds upon the insecure Windows password issue discussed above

When elephants do software while dancing. Yes, it was Lenovo which preinstalled Superfish.
link to this extract

 


Mesmerizing migration: watch 118 bird species migrate across a map of the western hemisphere » All About Birds

Pat Leonard:

For the first time, scientists at the Cornell Lab of Ornithology have documented migratory movements of bird populations spanning the entire year for 118 species throughout the Western Hemisphere. The study finds broad similarity in the routes used by specific groups of species—vividly demonstrated by animated maps showing patterns of movement across the annual cycle.

There’s also a version showing which species is which.
link to this extract

 


Apple India enterprise head Sharad Mehrotra quits, starts up with Hyve Mobility » timesofindia-economictimes

Muntazir Abbas:

Sharad Mehrotra, iPhone maker Apple’s enterprise mobility head in India, has quit and set up a handset company to compete in the world’s fastest-growing smartphone market. Mehrotra, who was with Apple India since October 2007, has cofounded Hyve Mobility , which will launch smartphones using Android, the operating system that rivals Apple’s iOS, by March.

“While consumers today have a lot of options to choose a smartphone, the element of customer delight is seriously missing,” he told ET, adding that it was high time to get into the smartphone market…

…”In the current Android scenario, no brand enjoys customer loyalty and we want to bring the change with our path-breaking products portfolio and service offerings,” said [Aditya] Agarwal, MD of Hyve Mobility.

link to this extract

 


Errata, corrigenda and ai no corrida: none noted.

Start up: Apple stalls, Japan’s zombies, Samsung on iOS?, the truth about terror, and more

But what are your respective ratings? Photo by ChrisGoldNY on Flickr

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 10 links for you. Use them wisely. I’m charlesarthur on Twitter. Observations and links welcome.

Apple’s iPhone growth era comes to an end » FT.com

Tim Bradshaw:

Total revenues for Apple’s fiscal first quarter ending in December rose by just 2% to $75.9bn, a marked slowdown compared with 30% growth in the same period a year earlier, as iPhone sales in the US and Japan declined.

Apple increased net profits to $18.4bn, beating its own record set a year ago for the most profitable quarter in US corporate history, with earnings per share up 7% to $3.28, in line with expectations.

However, iPhone unit sales for the holiday quarter were less than 0.5% higher than the same period a year ago at 74.8m, despite chief executive Tim Cook’s firm insistence three months ago that the iPhone “will grow” in the most important period in the Apple calendar.

Wall Street’s fears that the March quarter would see iPhone sales drop for the first time since its 2007 debut were confirmed by Apple’s revenue guidance, which was below analysts’ consensus of around $55bn.

According to a note by RBC Capital Markets before the release of the results, $50bn in sales would imply iPhone unit shipments of 45m, down 26% on the same period a year earlier.

Sic transit gloria mundi. Like many premium smartphone makers, Apple is now hitting the point where the slowing market, combined with the slowing economy, creates a ceiling for sales. Apple legitimately blamed currency, but that’s hurting everyone.
link to this extract

 


Japan must let zombie companies die » Bloomberg View

Noah Smith:

Imagine that you’re a Japanese 26-year-old with big dreams. You graduated from Waseda University, an elite private school, with a degree in electrical engineering. You and your college buddies used to hang around your apartment, watching anime on your LCD television, which was made by Sharp Corp. — the world’s 10th-largest LCD TV manufacturer. Even then, you had ideas about how to improve the product.

Now, after graduating and working for four years in the research division of an LCD manufacturer, you’re sure that you have figured out how to make LCD panels more cheaply, at higher quality. You also believe that you could market these TVs more effectively to young people with cool, fun designs. Instead of giving the idea to the higher-ups in your giant corporation — which, knowing Japan, might get you little more than a pat on the head — you decide to leave your job and start a business with your college buddies. You just know that you can beat lumbering, struggling incumbents like Sharp.

Sharp, which is perennially struggling. But is to be bailed out by the Japanese government. Which makes it a zombie which is blocking progress.
link to this extract

 


I found out my secret internal Tinder rating and now I wish I hadn’t » Fast Company

Austin Carr:

Referred to inside the company as an “Elo score,” a term the chess world uses to rank player skill levels, Tinder’s rating system helps it parse its user base in order to facilitate better matches…

…Tinder CEO Sean Rad confirmed the scoring system to me while I was reporting Fast Company’s recent profile of the company. Rad, who tells me his Elo score is “above average,” stresses that the rating is technically not a measure of attractiveness, but a measure of “desirability,” in part because it’s not determined simply by your profile photo. “It’s not just how many people swipe right on you,” Rad explains. “It’s very complicated. It took us two and a half months just to build the algorithm because a lot of factors go into it.”…

…Rad teased me about it several times over dinner one evening, gauging what my score might be as he swiped through a slew of Tinder profiles on my phone. It was one thing to know my Uber rating, but did I really want to know my Elo score on Tinder? When I asked whether he could look up my rating, Rad responded, “Do you want me to do it now?” All he needed was my email address.

But of course Sean Rad is above average. And that’s not a worrying security hole. Is it?
link to this extract

 


Exclusive: Samsung plans to bring almost all its apps to iOS » SamMobile

Asif S:

We’ve recently received information from our trusted insiders that Samsung is planning to bring most of its apps (if not all) to Apple’s iOS platform later this year.

According to the information that we’ve received, Samsung is working on Gear Fit Manager for iOS. This will allow people who own the Gear Fit to pair it with an iPhone. To compliment the Gear Fit Manager and Gear Manager apps, Samsung will also release the S Health app for iPhone. S Health app can be used to log daily activity, workouts, food intake, and sleep.

In terms of home entertainment, Samsung is bringing iOS support for the Galaxy View. The company is developing the Remote Control and Family Square apps for the iOS, which can be used to remotely control the Galaxy View using an iPhone and allow different users to stream content to the movable display. There are plans to release the Level app for Samsung’s Level audio devices as well, which will enable iPhone users to use these devices and make use of various effects and an official way of control.

Looks like a way of expanding the total addressable market (TAM) for its peripherals and other products to iPhone users. Sensible.
link to this extract

 


The Google Pixel C Review » Anandtech

Brandon Chester and Joshua Ho were really, really unimpressed:

On top of the issues with this specific Android build, Android itself is simply too far behind the competition as far as functionality and apps are concerned. I have commented on this in several Android tablet reviews, but the fact that Google is shipping their own tablet makes it important to go over it once again. Quite frankly, I still have yet to see a single app that has an UI that is both optimized for tablets and is as fluid as its iPad counterpart, and with the iPad offering multitasking while Windows offers an entire windowing system, there’s absolutely no way for the Pixel C and other Android tablets to be competitive. This applies just as much to Google’s own apps as it does to third party ones, and it’s really not a stretch to say that they behave like you’re using a blown up smartphone. In the past few years both Apple and Microsoft have stepped up their games with their respective tablet OSes go, but it feels like Android has never really advanced past the first generation of tablet OSes, which leaves Android badly lagging the competition.

Statements from Google engineers make it clear that Google has some changes coming to Android in the future to bring features like multitasking, but at this point it seems to me that either nobody Google really understands what a tablet should be, or they are unable to come to a consensus to get something developed. Adding multitasking doesn’t do anything to fix the fundamental issue with application quality, and Google doesn’t want to take the first step in making proper applications so that other developers can follow.

Note too that Chester points to terrible graphics transitions – and yet in the GPU benchmarks, the Pixel C beats everything else. Another case where benchmarks don’t tell the whole story.
link to this extract

 


Unpacked: global ad blocker usage on smartphones » Tech.pinions

Ben Bajarin (on a paywalled piece, hence no diagram below) has data much the same as Global Web Index:

over 20% of the global internet audience is already using an ad blocker on their smartphone. 16.1% have not begun using an ad blocker but are interested in doing so. Just over 30% haven’t used an ad blocker and aren’t interested in going through the trouble to install one.

In light of what Matt and I discovered, I decided to slice the answers by demographic to see how different age groups answered the same question.

In line with the discovery Matt [Richman] and I made, ad blocking is most common among the millennial demographic. I can’t stress enough how valuable this demographic is from an advertising standpoint. As ad blocking becomes more the norm with this group, on smartphones and on PCs, it will require significant adjustment. What is also interesting is many of these ad blocking services are not free. Currently over 25% of millennials using an ad blocker paid for it. This has massive consequences for this with advertising-supported business models.

I’ve articulated before my conviction that free-with-ads business models may become things of the past. They certainly are no longer viable in emerging markets.

The point about emerging markets is important: India is a big source of adblocking on mobile, for example.
link to this extract

 


OPPO sold 50m smartphones in 2015 » Gizmochina

OPPO’s R7, R7S and R7 Plus constituted 15m units in sales alone which is an incredible figure. Specifically speaking the smartphones priced between 2000 Yuan [£210,$300] to 3000 Yuan [£320,$450] segment were highest selling smartphones.

That’s up 67% year-on-year. That would put it around fifth in the world, nudging LG and Sony and behind Xiaomi, Huawei, Apple and Samsung. The big Chinese name nobody in the west has heard of.
link to this extract

 


The threat is already inside » Foreign Policy

Rosa Brooks (formerly a senior advisor at the US State Department):

By now, the script is familiar: Terrorists attack a Western target, and politicians compete to offer stunned and condemnatory adjectives. British, Chinese, and Japanese leaders thus proclaimed themselves “shocked” by the Paris attacks, which were described variously as “outrageous” and “horrific” by U.S. President Barack Obama; “terrible” and “cowardly” by French President François Hollande; “barbaric” by Indian Prime Minister Narendra Modi; “despicable” by U.N. Secretary-General Ban Ki-moon; and “heinous, evil, vile” by U.S. Secretary of State John Kerry, who possesses a superior thesaurus.

The Paris attacks were all these things. One thing they were not, however, was surprising.

Occasional terrorist attacks in the West are virtually inevitable, and odds are, we’ll see more attacks in the coming decades, not fewer. If we want to reduce the long-term risk of terrorism — and reduce its ability to twist Western societies into unrecognizable caricatures of themselves — we need to stop viewing terrorism as shocking and aberrational, and instead recognize it as an ongoing problem to be managed, rather than “defeated.”

Politicians don’t like to say any of this. But we’re not politicians, so let’s look at 10 painful truths.

Essential reading, really.
link to this extract

 


Xavier Niel explores move to enter UK mobile market » FT.com

Niel set up Free, a French mobile network which has been a great hit, as Daniel Thomas explains:

Interest from Mr Niel’s telecoms group in the British market will worry rivals, given its record of offering low prices that deeply undercut existing offers.

The launch four years ago of Free, Iliad’s mobile offering in France, disrupted the market, leading to an intense price war that slashed profits among the existing three operators. Orange’s proposed acquisition of Bouygues Telecom is an attempt to reverse the effects of the introduction of the low-cost rival.

A similar deal is being proposed in the UK with the purchase of O2 by Three, the UK’s smallest mobile group, which is owned by Hong Kong’s CK Hutchison. If the deal were to go through, it would reduce the number of competitors from four to three.

However, the deal is set to be challenged in the next week by the European competition regulator, which will set out a range of objections given the potential loss of competition for customers as well as third-party mobile providers that use the two networks under wholesale contracts.

The UK mobile market really is very competitive. Adding Free would shake it up even further.
link to this extract

 


Internet of Things security is so bad, there’s a search engine for sleeping kids » Ars Technica

JM Porup:

Shodan, a search engine for the Internet of Things (IoT), recently launched a new section that lets users easily browse vulnerable webcams.

The feed includes images of marijuana plantations, back rooms of banks, children, kitchens, living rooms, garages, front gardens, back gardens, ski slopes, swimming pools, colleges and schools, laboratories, and cash register cameras in retail stores, according to Dan Tentler, a security researcher who has spent several years investigating webcam security.

“It’s all over the place,” he told Ars Technica UK. “Practically everything you can think of.”

We did a quick search and turned up some alarming results [of a sleeping baby in Canada, kitchen in Spain, classroom in China, someone’s house].

The cameras are vulnerable because they use the Real Time Streaming Protocol (RTSP, port 554) to share video but have no password authentication in place. The image feed is available to paid Shodan members at images.shodan.io. Free Shodan accounts can also search using the filter port:554 has_screenshot:true.

Shodan crawls the Internet at random looking for IP addresses with open ports. If an open port lacks authentication and streams a video feed, the new script takes a snap and moves on.

link to this extract

 


Errata, corrigenda and ai no corrida: